From 2be43cc479dfd4cfb621f14381330c708291e324 Mon Sep 17 00:00:00 2001 From: Christian Cleberg Date: Sun, 28 Jul 2024 19:46:20 -0500 Subject: conversion from Zola to Weblorg --- content/blog/2022-11-11-nginx-tmp-errors.md | 77 ----------------------------- 1 file changed, 77 deletions(-) delete mode 100644 content/blog/2022-11-11-nginx-tmp-errors.md (limited to 'content/blog/2022-11-11-nginx-tmp-errors.md') diff --git a/content/blog/2022-11-11-nginx-tmp-errors.md b/content/blog/2022-11-11-nginx-tmp-errors.md deleted file mode 100644 index 32a1913..0000000 --- a/content/blog/2022-11-11-nginx-tmp-errors.md +++ /dev/null @@ -1,77 +0,0 @@ -+++ -date = 2022-11-11 -title = "Fixing Permission Errors in /var/lib/nginx" -description = "" -draft = false -+++ - -_This is a brief post so that I personally remember the solution as it has -occurred multiple times for me._ - -# The Problem - -After migrating to a new server OS, I started receiving quite a few permission -errors like the one below. These popped up for various different websites I'm -serving via Nginx on this server, but did not prevent the website from loading. - -I found the errors in the standard log file: - -```sh -cat /var/log/nginx/error.log -``` - -```sh -2022/11/11 11:30:34 [crit] 8970#8970: *10 open() "/var/lib/nginx/tmp/proxy/3/00/0000000003" failed (13: Permission denied) while reading upstream, client: 169.150.203.10, server: cyberchef.example.com, request: "GET /assets/main.css HTTP/2.0", upstream: "http://127.0.0.1:8111/assets/main.css", host: "cyberchef.example.com", referrer: "https://cyberchef.example.com/" -``` - -You can see that the error is `13: Permission denied` and it occurs in the -`/var/lib/nginx/tmp/` directory. In my case, I had thousands of errors where -Nginx was denied permission to read/write files in this directory. - -So how do I fix it? - -# The Solution - -In order to resolve the issue, I had to ensure the `/var/lib/nginx` directory is -owned by Nginx. Mine was owned by the `www` user and Nginx was not able to read -or write files within that directory. This prevented Nginx from caching -temporary files. - -```sh -# Alpine Linux -doas chown -R nginx:nginx /var/lib/nginx - -# Other Distros -sudo chown -R nginx:nginx /var/lib/nginx -``` - -You _may_ also be able to change the `proxy_temp_path` in your Nginx config, but -I did not try this. Here's a suggestion I found online that may work if the -above solution does not: - -```sh -nano /etc/nginx/http.d/example.com.conf -``` - -```conf -server { - ... - - # Set the proxy_temp_path to your preference, make sure it's owned by the - # `nginx` user - proxy_temp_path /tmp; - - ... -} -``` - -Finally, restart Nginx and your server should be able to cache temporary files -again. - -```sh -# Alpine Linux (OpenRC) -doas rc-service nginx restart - -# Other Distros (systemd) -sudo systemctl restart nginx -``` -- cgit v1.2.3-70-g09d2