Question

How to fix 502 bad gateway error with nginx/uwsgi for flask app?

Hi,

I was following the tutorial to deploy a flask app with uwsgi and nginx. Everything is working correctly until the last part (where basically you have your app online).

I read and read again the tutorial to see if I was missing something, but no success so far.

I have this app.ini:

[wsgi]
module = wsgi
master = true
callable = app
processes = 5
socket = jeremydagorn.sock
chmod-socket = 666
vacuum = true
die-on-term = true 

It matches the working command to have my app available on port 8000:

uwsgi --socket 0.0.0.0:8000 --protocol=http -w wsgi --callable app

I have the following nginx conf file in /etc/init/:

jrm2k6@jeremydagorn:~$ sudo cat /etc/init/jeremydagorn.conf
description "uWSGI server instance configured to serve jeremydagorn.com"

start on runlevel [2345]
stop on runlevel [!2345]

setuid jrm2k6
setgid www-data

env PATH=/home/jrm2k6/jeremydagorn-blog/env/bin
chdir /home/jrm2k6/jeremydagorn-blog
exec uwsgi --ini app.ini

My user name on the server is jrm2k6 so I think setting the uid to jrm2k6 is correct

My /etc/nginx/sites-available/jeremydagorn contains the following:

jrm2k6@jeremydagorn:~$ sudo cat /etc/nginx/sites-available/jeremydagorn
server {
    listen 80;
    server_name 104.131.120.200;

    location / {
        include uwsgi_params;
        uwsgi_pass unix:/home/jrm2k6/jeremydagorn-blog/jeremydagorn.sock;
    }
}

I have a symlink to enable the site:

jrm2k6@jeremydagorn:~$ ls -l /etc/nginx/sites-enabled/jeremydagorn
lrwxrwxrwx 1 root root 39 Apr 19 11:13 /etc/nginx/sites-enabled/jeremydagorn -> /etc/nginx/sites-available/jeremydagorn

Everything seems to be ok:

jrm2k6@jeremydagorn:~$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

But when trying to access the webapp:

2015/05/01 10:15:17 [crit] 4689#0: *2 connect() to unix:/home/jrm2k6/jeremydagorn-blog/jeremydagorn.sock failed (13: Permission denied) while connecting to upstream, client: 216.84.176.230, server: 104.131.120.200, request: "GET /favicon.ico HTTP/1.1", upstream: "uwsgi://unix:/home/jrm2k6/jeremydagorn-blog/jeremydagorn.sock:", host: "104.131.120.200", referrer: "http://104.131.120.200/"
2015/05/01 10:15:17 [crit] 4689#0: *2 connect() to unix:/home/jrm2k6/jeremydagorn-blog/jeremydagorn.sock failed (13: Permission denied) while connecting to upstream, client: 216.84.176.230, server: 104.131.120.200, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/home/jrm2k6/jeremydagorn-blog/jeremydagorn.sock:", host: "104.131.120.200"
2015/05/01 10:15:18 [crit] 4689#0: *2 connect() to unix:/home/jrm2k6/jeremydagorn-blog/jeremydagorn.sock failed (13: Permission denied) while connecting to upstream, client: 216.84.176.230, server: 104.131.120.200, request: "GET /favicon.ico HTTP/1.1", upstream: "uwsgi://unix:/home/jrm2k6/jeremydagorn-blog/jeremydagorn.sock:", host: "104.131.120.200", referrer: "http://104.131.120.200/"

I tried to modify the rights of the sock file in my app.ini, no success so far. The only difference I can see is that in local, after enabling my virtualenv, I run ```export PYTHONPATH=`pwd```` so I also tried to specify that in my app.ini, but it didn’t change anything. I am kind of getting desperate at this point, as the support is not able to help me, and looking around and trying different solutions does not work at all.

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

One thing that burned me for a bit was I accidentally put myproject.socket instead of myproject.sock in the .ini file. It took me half an hour before I realized the typo.

It looks like the socket has proper permissions (666), but nginx is still not able to access it. What are the permissions on the parent directories? Can you post the output of the following command?

ls -ld /home/jrm2k6/jeremydagorn-blog /home/jrm2k6 /home

What do you see when you run ps faux | grep nginx? Do you get root at the top and then jrm2k6 for the others?

I tried to make all of nginx run as root (just to see if that works) by adding user root; to the beginning of /etc/nginx/nginx.conf.

When I restart it, I no longer get the permission denied errors (still a connection refused error --111 as opposed to 13: “Permission denied”— because of the .sock, though).