Question
How to access remote DigitalOcean Managed Database with Rails+Nginx+Postgresql+DigitalOcean?
- Posted on February 19, 2019
- NginxRuby on RailsPostgreSQLDigitalOceanUbuntu 18.04
Asked by Motash
My Rails config/database.yml is:
production: url: <%= ENV[“DO_DATABASE”] %>
Url is based on provided by DO connection details (connection string). I’ve made rails db:migrate and db:seed. And it worked. When I check database content then everything is inside as it should. So I have a connection to db.
But, after my app restart, when I go to my web page I receive:
502 Bad Gateway nginx/1.14.0 (Ubuntu)
After a while it changes to: 503 Service Unavailable No server is available to handle this request.
My server error log looks like: 2019/02/18 23:33:06 [error] 32636#32636: *1267 connect() failed (111: Connection refused) while connecting to upstream, client: some_IP_which_doesnt_matter, server: _, request: “GET / HTTP/1.0”, upstream: “http://127.0.0.1:3000/”, host: “cloud.digitalocean.com”
So: even if I could connect to remote db to migrate and seed it, I cannot access it by webpage. When I come back (for a while) to internal database then page works.
I don’t know if it is about server configuration or it’s database configuration (in DigitalOcean database cluster I cannot reach configuration files, I have only an direct access to postgresql).
At database DigitalOcean level settings are regular, so: There is my droplet added to “ALLOWED INBOUND SOURCES”.
I was trying a lot of with NGINX ‘server block’ for my app of my droplet. Now the file /etc/nginx/sites-available/rails looks like that:
server { listen 80; listen [::]:80; listen 443 ssl http2; listen [::]:443 ssl http2; root /home/rails/model_app/public; server_name _; index index.htm index.html;
location ~ /.well-known {
allow all;
}
# From https://object.io/site/2015/rails-nginx-easy-assets
#
# Cache forever publicly: files for generated assets
# /assets/application-2565b50fc38a0b3a44882faa3e936262.css
#
# This setup means a CDN may cache these files
location ~ "^/assets/.+-[0-9a-f]{32}.*" {
gzip_static on;
expires max;
add_header Cache-Control public;
}
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Client-Verify SUCCESS;
proxy_set_header X-Client-DN $ssl_client_s_dn;
proxy_set_header X-SSL-Subject $ssl_client_s_dn;
proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
proxy_read_timeout 1800;
proxy_connect_timeout 1800;
}
}
My firewall setup:
Status: active
To Action From
-- ------ ----
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
22/tcp LIMIT Anywhere
3000 ALLOW Anywhere
Nginx HTTP ALLOW Anywhere
Nginx Full ALLOW Anywhere
OpenSSH ALLOW Anywhere
25060 ALLOW Anywhere
25061 ALLOW Anywhere
25060/tcp ALLOW Anywhere
25061/tcp ALLOW Anywhere
53 ALLOW Anywhere
53/tcp ALLOW Anywhere
53/udp ALLOW Anywhere
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
22/tcp (v6) LIMIT Anywhere (v6)
3000 (v6) ALLOW Anywhere (v6)
Nginx HTTP (v6) ALLOW Anywhere (v6)
Nginx Full (v6) ALLOW Anywhere (v6)
OpenSSH (v6) ALLOW Anywhere (v6)
25060 (v6) ALLOW Anywhere (v6)
25061 (v6) ALLOW Anywhere (v6)
25060/tcp (v6) ALLOW Anywhere (v6)
25061/tcp (v6) ALLOW Anywhere (v6)
53 (v6) ALLOW Anywhere (v6)
53/tcp (v6) ALLOW Anywhere (v6)
53/udp (v6) ALLOW Anywhere (v6)
So it seems to me that it is a matter of NGINX configuration, but right now I have no idea where to look for. Or maybe it is something with this SSL mode of a database? Any ideas?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi, thanks, it helped. After investigation I figured out that my env variable
<%= ENV["DO_DATABASE"] %>was seen by system while doing migration, but it wasn’t seen while doing server restart bysystemctl restart rails.service. Basically I have no idea why. So I decided to insert exceptionally data to my code. Then server restart works correctly (app starts running). Thanks once again.Hey friend,
Thanks for posting this question, it can help others who experience similar. In this case I’d like to narrow it down to this:
While you have port 3000 open, Nginx is receiving a “Connection refused” error when connecting locally to port 3000. This most likely means that your application is not currently running/listening on port 3000. You can use “netstat -tulpn | grep 3000” to confirm. If you get no return, then the app isn’t listening. Check the output when you start your application, it may be failing to start.
Jarland