diff options
| author | Christian Cleberg <hello@cleberg.net> | 2024-01-08 20:11:17 -0600 |
|---|---|---|
| committer | Christian Cleberg <hello@cleberg.net> | 2024-01-08 20:11:17 -0600 |
| commit | 25945b8fead989cca09a23983623b63ce36dcc0c (patch) | |
| tree | 0dfc869ce8b028e04ce9da196af08779780915ce /content/blog/2022-11-11-nginx-tmp-errors.md | |
| parent | 22b526be60bf4257c2a1d58a5fad59cf6b044375 (diff) | |
| download | cleberg.net-25945b8fead989cca09a23983623b63ce36dcc0c.tar.gz cleberg.net-25945b8fead989cca09a23983623b63ce36dcc0c.tar.bz2 cleberg.net-25945b8fead989cca09a23983623b63ce36dcc0c.zip | |
feat: total re-write from Emacs org-mode to Zola markdown
Diffstat (limited to 'content/blog/2022-11-11-nginx-tmp-errors.md')
| -rw-r--r-- | content/blog/2022-11-11-nginx-tmp-errors.md | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/content/blog/2022-11-11-nginx-tmp-errors.md b/content/blog/2022-11-11-nginx-tmp-errors.md new file mode 100644 index 0000000..e1a3f36 --- /dev/null +++ b/content/blog/2022-11-11-nginx-tmp-errors.md @@ -0,0 +1,79 @@ ++++ +date = 2022-11-11 +title = "Fixing Permission Errors in /var/lib/nginx" +description = "Learn how to fix permission errors related to the Nginx temporary file storage." ++++ + +*This is a brief post so that I personally remember the solution as it +has occurred multiple times for me.* + +## The Problem + +After migrating to a new server OS, I started receiving quite a few +permission errors like the one below. These popped up for various +different websites I'm serving via Nginx on this server, but did not +prevent the website from loading. + +I found the errors in the standard log file: + +```sh +cat /var/log/nginx/error.log +``` + +```sh +2022/11/11 11:30:34 [crit] 8970#8970: *10 open() "/var/lib/nginx/tmp/proxy/3/00/0000000003" failed (13: Permission denied) while reading upstream, client: 169.150.203.10, server: cyberchef.example.com, request: "GET /assets/main.css HTTP/2.0", upstream: "http://127.0.0.1:8111/assets/main.css", host: "cyberchef.example.com", referrer: "https://cyberchef.example.com/" +``` + +You can see that the error is `13: Permission denied` and it +occurs in the `/var/lib/nginx/tmp/` directory. In my case, I +had thousands of errors where Nginx was denied permission to read/write +files in this directory. + +So how do I fix it? + +## The Solution + +In order to resolve the issue, I had to ensure the +`/var/lib/nginx` directory is owned by Nginx. Mine was owned +by the `www` user and Nginx was not able to read or write +files within that directory. This prevented Nginx from caching temporary +files. + +```sh +# Alpine Linux +doas chown -R nginx:nginx /var/lib/nginx + +# Other Distros +sudo chown -R nginx:nginx /var/lib/nginx +``` + +You *may* also be able to change the `proxy_temp_path` in +your Nginx config, but I did not try this. Here's a suggestion I found +online that may work if the above solution does not: + +```sh +nano /etc/nginx/http.d/example.com.conf +``` + +```conf +server { + ... + + # Set the proxy_temp_path to your preference, make sure it's owned by the + # `nginx` user + proxy_temp_path /tmp; + + ... +} +``` + +Finally, restart Nginx and your server should be able to cache temporary +files again. + +```sh +# Alpine Linux (OpenRC) +doas rc-service nginx restart + +# Other Distros (systemd) +sudo systemctl restart nginx +``` |