nginx gives 502 error with uwsgi for running django on ubuntu 18.04 LTS

Question

Note: I am new to django and its deployment.

Deployed django through uwsgi and nginx according to the steps mentioned in this guide - except the emperor-vassal configuration and without any virtual environment.

Side note: The site comes up using python3 manage.py 0.0.0.0:8800

But, it seems that nginx is facing permission issues in the socket and giving a 502 bad gateway error in the browser.

The nginx error log shows the following error:

2020/07/08 21:05:40 [crit] 3943#3943: *3 connect() to unix:///home/ubuntu/deploymenttst/MySite/MySite.sock failed (13: Permission denied) while connecting to upstream, client: 192.168.12.12, server: 192.168.12.12, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:///home/ubuntu/deploymenttst/MySite/MySite.sock:", host: "192.168.12.12:8400"

The configuration are as follows:

1. In settings.py file of the project, the configuration are set as (apart from the default wsgi):

   DEBUG = False
   ALLOWED_HOSTS = [ "192.168.12.12" ]
   STATIC_URL = '/static/'
   STATICFILES_DIRS = (
       os.path.join(BASE_DIR, 'static'),
   )
   STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles')
   

2. The MySite_nginx.conf file inside /etc/nginx/sites-available/MySite_nginx.conf has the following configuration entries:

   # MySite_nginx.conf
   
   # the upstream component nginx needs to connect to
   upstream django {
       server unix:///home/ubuntu/deploymenttst/MySite/MySite.sock; # for a file socket
       #server 127.0.0.1:8008;
   }
   
   # configuration of the server
   server {
       # the port your site will be served on
       listen      8400;
       # the domain name it will serve for
       server_name 192.168.12.12; # substitute your machine's IP address or FQDN
       charset     utf-8;
   
       # max upload size
       client_max_body_size 75M;   # adjust to taste
   
   #    # Django media
       location /media  {
           alias /home/ubuntu/deploymenttst/MySite/media;  # your Django project's media files - amend as required
       }
   
       location /static {
           #alias /home/ubuntu/deploymenttst/MySite/main/static; # your Django project's static files - amend as required
           #alias /home/ubuntu/deploymenttst/MySite/register/static; # your Django project's static files - amend as required
           alias /home/ubuntu/deploymenttst/MySite/static; # your Django project's static files - amend as required
       }
   
       # Finally, send all non-media requests to the Django server.
       location / {
           uwsgi_pass  django;
           include     /home/ubuntu/deploymenttst/MySite/uwsgi_params; # the uwsgi_params file you installed
       }
   }
   

   It has been sym linked to /etc/nginx/sites-enabled/MySite_nginx.conf.

3. The uwsgi_params file is made inside the project directory containing the following entries:

   uwsgi_param  QUERY_STRING       $query_string;
   uwsgi_param  REQUEST_METHOD     $request_method;
   uwsgi_param  CONTENT_TYPE       $content_type;
   uwsgi_param  CONTENT_LENGTH     $content_length;
   
   uwsgi_param  REQUEST_URI        $request_uri;
   uwsgi_param  PATH_INFO          $document_uri;
   uwsgi_param  DOCUMENT_ROOT      $document_root;
   uwsgi_param  SERVER_PROTOCOL    $server_protocol;
   uwsgi_param  REQUEST_SCHEME     $scheme;
   uwsgi_param  HTTPS              $https if_not_empty;
   
   uwsgi_param  REMOTE_ADDR        $remote_addr;
   uwsgi_param  REMOTE_PORT        $remote_port;
   uwsgi_param  SERVER_PORT        $server_port;
   uwsgi_param  SERVER_NAME        $server_name;
   

4. The content inside the MySite_uwsgi.ini file is as follows:

   [uwsgi]
   
   # Django-related settings
   # the base directory (full path)
   chdir           = /home/ubuntu/deploymenttst/MySite
   # Django's wsgi file
   module          = MySite.wsgi
   # the virtualenv (full path)
   #home            = /home/ubuntu/deploymenttst/MySite/
   
   # process-related settings
   # master
   master          = true
   # maximum number of worker processes
   processes       = 20
   # the socket (use the full path to be safe
   socket          = /home/ubuntu/deploymenttst/MySite/MySite.sock
   # ... with appropriate permissions - may be needed
   chmod-socket    = 666
   uid = www-data
   gid = www-data
   # clear environment on exit
   vacuum          = true
   

5. Static files have been collected inside a static directory inside the project directory using python3 manage.py collectstatic

6. In one of the terminal windows, the uwsgi process is started successfully using: uwsgi --ini MySite_uwsgi.ini

7. nginx has been stopped and started and restarted multiple time upon each configuration change and otherwise as well.

8. The uid:gid of the MySite project directory has been set to www-data:www:data using sudo chown -R www-data:www:data *

Why am I still getting that bad gateway 502 error wherein upstream django application cannot be contacted due to permission issues?

Answer 1

Solved the issue by placing the project to /tmp directory.

nginx being run from www-data user was not able to access the internal directory MySite and thus the socket or the files placed there, despite being assigned to the user www-data.

Now, my other question is regarding the cause of permission issue for nginx, despite providing the the uid and gid of the directory to www-data, what could have been the issue?

Note: My user named ubuntu is a sudoer.