diff options
| author | Christian Cleberg <hello@cleberg.net> | 2024-03-04 22:34:28 -0600 |
|---|---|---|
| committer | Christian Cleberg <hello@cleberg.net> | 2024-03-04 22:34:28 -0600 |
| commit | 797a1404213173791a5f4126a77ad383ceb00064 (patch) | |
| tree | fcbb56dc023c1e490df70478e696041c566e58b4 /blog/nginx-tmp-errors | |
| parent | 3db79e7bb6a34ee94935c22d7f0e18cf227c7813 (diff) | |
| download | cleberg.net-797a1404213173791a5f4126a77ad383ceb00064.tar.gz cleberg.net-797a1404213173791a5f4126a77ad383ceb00064.tar.bz2 cleberg.net-797a1404213173791a5f4126a77ad383ceb00064.zip | |
initial migration to test org-mode
Diffstat (limited to 'blog/nginx-tmp-errors')
| -rw-r--r-- | blog/nginx-tmp-errors/index.org | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/blog/nginx-tmp-errors/index.org b/blog/nginx-tmp-errors/index.org new file mode 100644 index 0000000..092b146 --- /dev/null +++ b/blog/nginx-tmp-errors/index.org @@ -0,0 +1,75 @@ +#+title: Fixing Permission Errors in /var/lib/nginx +#+date: 2022-11-11 +#+description: Learn how to fix permission errors related to the Nginx temporary file storage. +#+filetags: :nginx: + +/This is a brief post so that I personally remember the solution as it +has occurred multiple times for me./ + +* The Problem +After migrating to a new server OS, I started receiving quite a few +permission errors like the one below. These popped up for various +different websites I'm serving via Nginx on this server, but did not +prevent the website from loading. + +I found the errors in the standard log file: + +#+begin_src sh +cat /var/log/nginx/error.log +#+end_src + +#+begin_src sh +2022/11/11 11:30:34 [crit] 8970#8970: *10 open() "/var/lib/nginx/tmp/proxy/3/00/0000000003" failed (13: Permission denied) while reading upstream, client: 169.150.203.10, server: cyberchef.example.com, request: "GET /assets/main.css HTTP/2.0", upstream: "http://127.0.0.1:8111/assets/main.css", host: "cyberchef.example.com", referrer: "https://cyberchef.example.com/" +#+end_src + +You can see that the error is =13: Permission denied= and it occurs in +the =/var/lib/nginx/tmp/= directory. In my case, I had thousands of +errors where Nginx was denied permission to read/write files in this +directory. + +So how do I fix it? + +* The Solution +In order to resolve the issue, I had to ensure the =/var/lib/nginx= +directory is owned by Nginx. Mine was owned by the =www= user and Nginx +was not able to read or write files within that directory. This +prevented Nginx from caching temporary files. + +#+begin_src sh +# Alpine Linux +doas chown -R nginx:nginx /var/lib/nginx + +# Other Distros +sudo chown -R nginx:nginx /var/lib/nginx +#+end_src + +You /may/ also be able to change the =proxy_temp_path= in your Nginx +config, but I did not try this. Here's a suggestion I found online that +may work if the above solution does not: + +#+begin_src sh +nano /etc/nginx/http.d/example.com.conf +#+end_src + +#+begin_src conf +server { + ... + + # Set the proxy_temp_path to your preference, make sure it's owned by the + # `nginx` user + proxy_temp_path /tmp; + + ... +} +#+end_src + +Finally, restart Nginx and your server should be able to cache temporary +files again. + +#+begin_src sh +# Alpine Linux (OpenRC) +doas rc-service nginx restart + +# Other Distros (systemd) +sudo systemctl restart nginx +#+end_src |