wsgi nginx error: permission denied while connecting to upstream

Question

There seem to be many questions on StackOverflow about this but unfortunately nothing has worked for me.

I'm getting a 502 bad gateway on nginx, and the following on the logs: connect() to ...myproject.sock failed (13: Permission denied) while connecting to upstream

I'm running wsgi and nginx on ubuntu, and I've been following this guide from Digital Ocean. I apparently configured wsgi correctly since uwsgi -s myproject.sock --http 0.0.0.0:8000 --module app --callable app worked, but I keep getting the nginx permission denied error and I have no idea why:

After coming across this question and this other one, I changed the .ini file and added the chown-socket, chmod-socket, uid and gid parameters (also tried just setting the first two, either or, and a couple of different permission settings --and even the most permissive didn't work).

This one seemed promising, but I don't believe selinux is installed on my Ubuntu (running sudo apt-get remove selinux gives "Package 'selinux' is not installed, so not removed" and find / -name "selinux" doesn't show anything). Just in case, though, I tried what this post recommended as well. Uninstalling apparmor (sudo apt-get install apparmor) didn't work either.

Every time I make a change, I run sudo service nginx restart, but I only see the 502 Gateway Error (and the permission denied error when I read the logs).

This is is my nginx configuration file:

server {
    listen 80;
    server_name 104.131.110.156;

    location / {
        include uwsgi_params;
        uwsgi_pass unix:/home/user/myproject/web_server/myproject.sock;
    }
}

.conf file:

description "uWSGI server instance configured to serve myproject"

start on runlevel [2345]
stop on runlevel [!2345]

setuid user
setgid www-data

env PATH=/root/.virtualenvs/my-env/bin
chdir /home/user/myproject/web_server
exec uwsgi --ini /home/user/myproject/web_server/myproject.ini

.ini file:

[uwsgi]
module = wsgi

master = true
processes = 5

socket = /home/user/myproject/web_server/myproject.sock
chown-socket=www-data:www-data
chmod-socket = 664
uid = www-data
gid = www-data

vacuum = true
die-on-term = true

(If it helps, these are the specs of my Digital Ocean machine: Linux 3.13.0-43-generic #72-Ubuntu SMP Mon Dec 8 19:35:06 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux)

Please let me know if there's anything I can do, and thank you very much.

Answer 1

After following all the advice in this thread I was still getting permission errors. The finally missing piece was to correct the nginx user in the /etc/nginx/nginx.conf file:

# old: user  nginx;
user  www-data;

Answer 2

I also followed that tutorial and ran into the same issue. After quite a bit of trial and error, the following steps allowed me to run uWSGI and nginx successfully:

My nginx.config file:

server {
    listen 80;
    server_name localhost;

    location / { try_files @yourapplication; }
    location @yourapplication; {
        include uwsgi_params;
        uwsgi_pass unix:/PATH_TO_PROJECT/PROJECT.sock;
    }
}

My .ini file wasn't working very well, so I decided to take advantage of uWSGI's extensive arguments that are available. Here's what I used:

uwsgi -s /PATH_TO_PROJECT/PROJECT.sock -w wsgi:app -H /PATH_TO_PROJECT/venv --http-processes=4 --chmod-socket=666 --master &

Where:

-s /PATH_TO_PROJECT/PROJECT.sock = the location of my .sock file

-w wsgi:app = the location of my wsgi.py file and app being the name of my Flask object

-H /PATH_TO_PROJECT/venv = the location of my virtual environment

--http-processes=4 = the number of http processes for uWSGI to create

--chmod-socket=666 = the permissions to set on the socket

--master = allow uWSGI to run with its master process manager

& = run uWSGI in the background