I'm experiencing 502 gateway errors when accessing my site on 127.0.0.1:8000
Working with Vagrant and ubuntu with nginx, trying to install Magento 2.0. After a lot of bugfixxing I still have this 502 error.
Config:
Ubuntu 14.04 (ubuntu/trusty64 box)
Php 5.6.18 from ppa
Nginx 1.8.1
Error log:
connect() failed (111: Connection refused) while connecting to upstream, client: 10.0.2.2, server: localhost, request: "GET /favicon.ico HTTP/1.1", upstream: "fastcgi://127.0.0.1:7777", host: "127.0.0.1:8000", referrer: "http://127.0.0.1:8000/"
VagrantFile config: http://pastebin.com/rMSTmwJn
my /etc/php5/pool.d/vagrant.conf (and www.conf) file: http://pastebin.com/hHnFrf55
my /etc/nginx/sites-available/default file: http://pastebin.com/0mwR7CxY
which includes this magento nginx config file: https://github.com/magento/magento2/blob/develop/nginx.conf.sample (no edits)
Also have I edited the user and group in www.conf to 'vagrant'
I'm really stuck on this one. Hope you guys can help! If you need more information, please let me know.
I think the problem is occur in your nginx config. It only serves your localhost, but you are trying to access from physical, or another virtual machine. Try to add public domain name.
also add 10.0.2.2 public.domain to client's /etc/hosts file. And change below config's related line as server_name localhost public.domain;
server {
listen 80;
server_name localhost public.domain;
set $MAGE_ROOT /var/www/magento2;
set $MAGE_MODE developer;
include /vagrant/magento2/nginx.conf.sample;
}
After some more struggling I found out with php5-fpm -t and nginx -t I had an error in my /etc/php5/pool.d/vagrant.conf file rule 1 (:1). I change vagrant to [vagrant].
Next I got the following error from php5-fpm -t: Both www.conf and vagrant.conf serve on port :7777. Makes sense, so I changed www.conf to listen :9000 and everything is working! Thanks for the effort.
These answers got me close, but weren't my exact problem.
For those interested I'm using Windows 10 with Vagrant - 1.9.3 (laravel/homestead) box.
I was using this in my nginx config:
fastcgi_pass 127.0.0.1:9000;
I recently changed it to this:
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
Related
After update nginx to version 1.19 my web server stop to work.
I am getting 502 gateway timeout error in browser when i was sending the request through browser
when i checked the nginx error log, i got this error
2021/03/24 06:25:50 [error] 56837#56837: *7775 connect() failed (111: Connection refused) while connecting to upstream, client: 85.208.98.19, server: bienestarmutuo.org, request: "GET /ten-principles-of-the-new-education/ HTTP/1.1", upstream: "fastcgi://10.64.10.43:8050", host: "mutualwelfare.org"
After many hours trying to find the source of the problem (many install and purge)
The problem was, for me, the use of different port "name" in nginx and php.
in php (/etc/php/8.0/fpm/pool.d/bienestarmutuo-org8050.conf) i have
listen = localhost:8050
in nginx (/etc/nginx/sites-available/bienestarmutuo.org.conf) i have
fastcgi_pass 10.64.10.43:8050;
This was changed to:
in nginx
fastcgi_pass 127.0.0.1:8050;
in php
listen = 127.0.0.1:8050
restart php and nginx, everything Work again.
note: use of 127.0.0.1 instead of localhost, save an DNS lookup.
the solution for me, was use the same reference for the ip:port in both php and nginx -> 127.0.0.1
Please excuse lengthy write up - I would really appreciate any help in following regard.
I am trying to setup multi tenant subdomain + custom domain with SSL using LetsEncrypt:
(some will use subdomain some will use custom domain)
https://customer1.myapp.com
https://customer2.myapp.com
https://customer1.com (customer sets up A/CNAME recoreds at his DNS provider)
I am on EC2 instance using Ubuntu OS with username 'ubuntu'.
I learned from following tutorials:
https://sandeep.dev/how-we-generate-and-renew-ssl-certs-for-arbitrary-custom-domains-using-letsencrypt-cjtk0utui000c1cs1f7y9ua5n
https://www.digitalocean.com/community/tutorials/how-to-use-the-openresty-web-framework-for-nginx-on-ubuntu-16-04
https://sandro-keil.de/blog/openresty-nginx-with-auto-generated-ssl-certificate-from-lets-encrypt/
I have successfully done following:
Installed build-essential on server
Install OpenResty (Comes with its own Nginx & OpenSSL)
Install LuaRocks
Install lua-resty-auto-ssl
Created directory for resty auto ssl
sudo mkdir /etc/resty-auto-ssl
sudo chown -R ubuntu /etc/resty-auto-ssl
sudo chown -R www-data /etc/resty-auto-ssl
chmod -R 777 /etc/resty-auto-ssl/
Created Fallback Self-signed Certificate which expires in 3600 days
This is my starter conf file (/usr/local/openresty/nginx/conf/nginx.conf)
(I would refine it further to suite my redirect & security needs)
#user nginx;
error_log /usr/local/openresty/nginx/logs/error.log warn;
events {
worker_connections 1024;
}
http {
lua_shared_dict auto_ssl 1m;
lua_shared_dict auto_ssl_settings 64k;
init_by_lua_block {
auto_ssl = (require "resty.auto-ssl").new()
auto_ssl:set("allow_domain", function(domain)
return true
end)
auto_ssl:set("dir", "/etc/resty-auto-ssl")
auto_ssl:init()
}
init_worker_by_lua_block {
auto_ssl:init_worker()
}
# access_log /usr/local/openresty/nginx/logs/access.log main;
server {
listen 443 ssl;
ssl_certificate_by_lua_block {
auto_ssl:ssl_certificate()
}
ssl_certificate /etc/ssl/resty-auto-ssl-fallback.crt;
ssl_certificate_key /etc/ssl/resty-auto-ssl-fallback.key;
root /var/www/myapp.com/public;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
# location ~ \.php$ {
# include snippets/fastcgi-php.conf;
# fastcgi_pass unix:/run/php/php7.4-fpm.sock;
# fastcgi_read_timeout 600;
# }
location ~ /\.ht {
deny all;
}
}
server {
listen 80;
server_name *.myapp.com myapp.com;
location /.well-known/acme-challenge/ {
content_by_lua_block {
auto_ssl:challenge_server()
}
}
location / {
return 301 https://myapp.com$request_uri;
}
}
server {
listen 8999;
location / {
content_by_lua_block {
auto_ssl:hook_server()
}
}
}
}
I am facing multiple issues like:
Cant mention user in nginx config - still works without it also
Trying to mention user in 1st line of config files gives me error.
So i commented it out and tried to caryy on anyways
Dehydrated Failure but certificate is created
keep getting following error in my log:
lets_encrypt.lua:40: issue_cert(): auto-ssl: dehydrated failed: env HOOK_SECRET=XXXX HOOK_SERVER_PORT=8999 /usr/local/openresty/luajit/bin/resty-auto-ssl/dehydrated --cron --accept-terms --no-lock --domain myapp.com --challenge http-01 --config /etc/resty-auto-ssl/letsencrypt/config --hook /usr/local/openresty/luajit/bin/resty-auto-ssl/letsencrypt_hooks status: 256 out: # INFO: Using main config file /etc/resty-auto-ssl/letsencrypt/config
But it still goes on & does create a certificate after which it gives random number generator error.
Sometimes, if I delete everything inside /etc/resty-auto-ssl - it dosent give me such errors.
Can't find OpenSSL random number generator
I keep getting following error in my log:
Can't load ./.rnd into RNG
random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:98:Filename=./.rnd
curl: (22) The requested URL returned error: 500 Internal Server Error
PHP-FPM on nginx provided with OpenResty
I have properly installed php-fpm and have tested it when using nginx standalone.
But, now that I am using nginx provided with openresty, it dosent seem to work
Error (Shown when tested config using: nginx -t command):
"/usr/local/openresty/nginx/conf/snippets/fastcgi-php.conf" failed (2: No such file or directory)
Failed to create certificate
Sometimes this error is followed by error in above point number 2:
auto-ssl: could not get certificate for myapp.com - using fallback - failed to get or issue certificate, context: ssl_certificate_by_lua*, client: 123.201.226.209, server: 0.0.0.0:443
set_response_cert(): auto-ssl: failed to set ocsp stapling for xxxx.myapp.com - continuing anyway - failed to get ocsp response: OCSP responder query failed (http://ocsp.int-x3.letsencrypt.org): no resolver defined to resolve "ocsp.int-x3.letsencrypt.org", context: ssl_certificate_by_lua*, client: 123.201.226.209, server: 0.0.0.0:443
connect() to unix:/run/php/php7.4-fpm.sock failed (13: Permission denied) while connecting to upstream, client: 123.201.226.209, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.4-fpm.sock:", host: "xxxx.myapp.com"
When trying to access customer1.com whoes A record points to myapp.com server IP
"Error creating new order :: Cannot issue for \"X.X.X.X\": The ACME server can not issue a certificate for an IP address"
ssl_certificate.lua:281: auto-ssl: could not determine domain for request (SNI not supported?) - using fallback - , context: ssl_certificate_by_lua*, client: 45.148.10.72, server: 0.0.0.0:443
... where x.x.x.x is A recored for customer1.com whch was opened from browser
I have following confusions:
Should I get one proper (paid) wildcard positive ssl certificate for myapp.com ? (And use it as fallback)
This covers all my subdomain and I won't have to deal with limits on subdomain by letsencrypt.
This way I only have to use lets encrypt for custom domains like customer1.com
I am not sure if my users & permission are properly set up - any pointers would help
I would wish my final nginx config to fulfill following needs
Redirect http://myapp.com & http://www.myapp.com to -> https://myapp.com
Redirect https://www.myapp.com to -> https://myapp.com
Redirect http://customer1.com & http://www.customer1.com to -> https://customer1.com
And then on my acutal ssl server block - write all logic for auto ssl generation
It is somewhat hard to answer all these question, so I'll attempt to answer part of 5 & 6. I have setup open resty myself in a prod environment, see link.
I ran into this OCSP stapling issue. I found that it was resolved by adding this to my NGINX config:
# A DNS resolver must be defined for OSCP stapling to function.
resolver 172.20.0.10 ipv6=off;
Regarding question 6, I would suggest that customer1.com should be a CNAME to myapp.com.
I would also recommend using as a base the openresty docker image, or at least a reverse engineered version of the docker image into an EC2 instance. Here is my dockerfile:
FROM openresty/openresty:latest-xenial
RUN /usr/local/openresty/luajit/bin/luarocks install lua-resty-auto-ssl
RUN /usr/local/openresty/luajit/bin/luarocks install lua-resty-http
RUN apt-get update
RUN apt-get install -y dnsutils
RUN openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj '/CN=sni-support-required-for-valid-ssl' -keyout /etc/ssl/resty-auto-ssl-fallback.key -out /etc/ssl/resty-auto-ssl-fallback.crt
ADD nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
Hopefully this is helpful.
I installed locally php71 with fpm on a mac.
Then got valet working when going to 'ping anyting.dev'.
Then went into directory 'PHP_Apps' where I have all my php apps installed and ran 'valet park' in that directory. Inside it I created a 'test' directory containing an index.php file.
Going in the browser to index.dev displays:
502 Bad Gateway nginx/1.10.2
Also the log file records:
2017/01/31 16:58:48 [crit] 285#0: *16 connect() to
unix:/Users/ME/.valet/valet.sock failed (2: No such file or directory)
while connecting to upstream, client: 127.0.0.1, server: , request:
"GET /favicon.ico HTTP/1.1", upstream:
"fastcgi://unix:/Users/ME/.valet/valet.sock:", host: "test.dev",
referrer: "http://test.dev/"
Does the same when pointing to laravel install dirs.
I'm unfamiliar with nginx. What is the file it doesn't find exactly ?
And how to resolve this problem ?
EDIT: I don't have a valet.sock file, that might be the problem but I don't know what to put inside.
Try to run valet install again, it might have something wrong with the configuration.
I am using a Raspberry pi to host a owncloud server. It uses nginx, and when I configured the pi with this tutorial, the page came up with a 502 Bad Gateway error. I checked the logs and found this:
2015/10/22 05:18:03 [error] 2667#0: *4 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.1.101, server: 192.168.1.102, request: "GET /favicon.ico HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "192.168.1.102", referrer: "https://192.168.1.102/"
EDIT: Nevermind this question anymore, I have moved on to using a different platform. However, I am still urious as to what this problem is.
I tried to fix it with several other solutions found in posts on this site like here and here, as well as ensuring that php was installed, but none worked. I am stumped as I am a relative newbie to linux and know nothing about nginx. Any help is appreciated. Thanks in advance.
The php-fpm is not running. You should run the php-fpm.
If you has add the php-fpm as a service : service php-fpm restart
Or {PHP_PATH}/sbin/php-fpm {PHP_PATH} is the --with-prefix=/path/ when you ./configure the php
Trying to deploy my first portal .
I am getting 502 gateway timeout error in browser when i was sending the request through browser
when i checked the logs , i got this error
2014/02/03 09:00:32 [error] 16607#0: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 14.159.131.19, server: foo.com, request: "GET HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "22.11.180.154"
is there any problem related to permissions
I don't think that solution would work anyways because you will see some error message in your error log file.
The solution was a lot easier than what I thought.
simply, open the following path to your php5-fpm
sudo nano /etc/php5/fpm/pool.d/www.conf
or if you're the admin 'root'
nano /etc/php5/fpm/pool.d/www.conf
Then find this line and uncomment it:
listen.allowed_clients = 127.0.0.1
This solution will make you be able to use listen = 127.0.0.1:9000 in your vhost blocks
like this: fastcgi_pass 127.0.0.1:9000;
after you make the modifications, all you need is to restart or reload both Nginx and Php5-fpm
Php5-fpm
sudo service php5-fpm restart
or
sudo service php5-fpm reload
Nginx
sudo service nginx restart
or
sudo service nginx reload
From the comments:
Also comment
;listen = /var/run/php5-fpm.sock
and add
listen = 9000
I had the same problem when I wrote two upstreams in NGINX conf
upstream php_upstream {
server unix:/var/run/php/my.site.sock;
server 127.0.0.1:9000;
}
...
fastcgi_pass php_upstream;
but in /etc/php/7.3/fpm/pool.d/www.conf I listened the socket only
listen = /var/run/php/my.site.sock
So I need just socket, no any 127.0.0.1:9000, and I just removed IP+port upstream
upstream php_upstream {
server unix:/var/run/php/my.site.sock;
}
This could be rewritten without an upstream
fastcgi_pass unix:/var/run/php/my.site.sock;
I faced the same issue in Centos 8.
In this file /etc/nginx/default.d/php.conf I just replaced the below line, and it works perfectly.
#orignal line
fastcgi_pass 127.0.0.1:9000;
#replaced with
fastcgi_pass unix:/run/php-fpm/www.sock;
This may be useful for someone:
If you have multiple versions of PHP installed e.g 8.0 and 7.4 on your mac, and you have tried several options and still gets a 502 Gateway error, trying check how your valet connects with your PHP version and Nginx.
from terminal run valet use php#7.4 if that's the version you use.
The current version will be unlinked and the new version linked then Nginx and php#7.4 will be restarted.