Rails 4 + nginx + 独角兽 + ssl = 502 错误网关

Question

浏览器显示 502 Bad Gateway - nginx。唯一的好消息是我的 SSL https 和绿色锁出现了。

下面的 Nginx 日志错误

nginx/error.log

*1 connect() failed (111: Connection refused) while connecting to upstream, client: xx.xxx.xx.xx, server: mysite.com, request: "GET / HTTP/1.1", upstream: "http://xxx.xxx.xx.xxx:80/maintenance.html", host: "mysite.com"

home/unicorn/log/unicorn.log（好像在等待nginx）：

I, [2014-01-28T17:18:37.176299 #31858]  INFO -- : listening on addr=127.0.0.1:8080 fd=10
I, [2014-01-28T17:18:37.176619 #31858]  INFO -- : worker=0 spawning...
I, [2014-01-28T17:18:37.177379 #31858]  INFO -- : worker=1 spawning...
I, [2014-01-28T17:18:37.178118 #31858]  INFO -- : master process ready
I, [2014-01-28T17:18:37.182850 #31861]  INFO -- : worker=0 spawned pid=31861
I, [2014-01-28T17:18:37.185475 #31863]  INFO -- : worker=1 spawned pid=31863
I, [2014-01-28T17:18:37.186023 #31861]  INFO -- : Refreshing Gem list
I, [2014-01-28T17:18:37.194198 #31863]  INFO -- : Refreshing Gem list
I, [2014-01-28T17:18:38.484772 #31861]  INFO -- : worker=0 ready
I, [2014-01-28T17:18:38.501165 #31863]  INFO -- : worker=1 ready

这是我的一些相关文件：

/etc/nginx/sites-available/default

server {
    listen 443 default;

    ssl on;
    ssl_certificate    /etc/ssl/certs/ssl-bundle.crt;
    ssl_certificate_key     /etc/ssl/private/server.key;

    server_name mysite.com;

    root /home/username/mysite.com/current/public;
    try_files $uri/index.html $uri @unicorn;

    location @unicorn {
      proxy_redirect off;
      proxy_set_header X-Forwarded-Proto https;
      proxy_pass mysite.com;
    }

    error_page 502 503 /maintenance.html;
    error_page 500 504 /500.html;
    keepalive_timeout 5;
}

/etc/nginx/nginx.conf

user www-data;
worker_processes 4;
pid /var/run/nginx.pid;

events { worker_connections 1024; }

http {
        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        server_tokens off;

        # server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        gzip on;
        gzip_disable "msie6";
        gzip_types text/plain text/xml text/css text/comma-separated-values;
        upstream app_server { server 127.0.0.1:8080 fail_timeout=0; }

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}

/home/unicorn/unicorn.conf

listen "127.0.0.1:8080"
worker_processes 2
user "username"
working_directory "/home/username/mysite.com/current/"
pid "/home/unicorn/pids/unicorn.pid"
stderr_path "/home/unicorn/log/unicorn.log"
stdout_path "/home/unicorn/log/unicorn.log"

/etc/default/unicorn

# Change paramentres below to appropriate values and set CONFIGURED to yes.
CONFIGURED=yes

# Default timeout until child process is killed during server upgrade,
# it has *no* relation to option "timeout" in server's config.rb.
TIMEOUT=60

# Path to your web application, sh'ld be also set in server's config.rb,
# option "working_directory". Rack's config.ru is located here.
APP_ROOT=/home/username/mysite.com/current

# Server's config.rb, it's not a rack's config.ru
CONFIG_RB=/home/unicorn/unicorn.conf

# Where to store PID, sh'ld be also set in server's config.rb, option "pid".
PID=/home/unicorn/pids/unicorn.pid
UNICORN_OPTS="-D -c $CONFIG_RB -E production"

PATH=/usr/local/rvm/rubies/ruby-2.0.0-p353/bin:/usr/local/rvm/gems/ruby-2.0.0-p353/bin:/home/unicorn/.rvm/bin:/usr/local/sbin:/usr/bin:/b$

config/unicorn.rb

application     = "mysite.com"
remote_user     = "username"
env = ENV["RAILS_ENV"] || "production"
RAILS_ROOT = File.join("/home", remote_user, application, "current")

worker_processes 8
timeout 30
preload_app true

working_directory RAILS_ROOT
listen File.join(RAILS_ROOT, "tmp/unicorn.sock"), :backlog => 64
pid_path = File.join(RAILS_ROOT, "tmp/pids/unicorn.pid")
pid pid_path

stderr_path File.join(RAILS_ROOT, "log/unicorn-err.log")
stdout_path File.join(RAILS_ROOT, "log/unicorn-err.log")

before_fork do |server, worker|
  if defined?(ActiveRecord::Base)
    ActiveRecord::Base.connection.disconnect!
  end
  old_pid_path = "#{pid_path}.oldbin"
  if File.exists?(old_pid_path) && server.pid != old_pid_path
    begin
      Process.kill("QUIT", File.read(old_pid_path).to_i)
    rescue Errno::ENOENT, Errno::ESRCH
      # someone else did our job for us
    end
  end
end

after_fork do |server, worker|
  if defined?(ActiveRecord::Base)
    ActiveRecord::Base.establish_connection
  end

  # worker processes http://devmull.net/articles/unicorn-resque-bluepill
  # rails_env = ENV['RAILS_ENV'] || 'production'
  # worker.user('app', 'app') if Process.euid == 0 && rails_env == 'production'
end

如果您希望我发布任何其他文件，请告诉我。 提前感谢任何回复的人。

Answer 1

我遇到了同样的问题，我通过更改 nginx.conf 和 unicorn.conf 文件中的套接字名称解决了问题，设置为“unicorn.sock”而不是我使用的那个“unicorn.rails_app .sock”在两个文件中都是这样的：

/etc/nginx/nginx.conf

upstream unicorn {
  server unix:/tmp/unicorn.sock fail_timeout=0;
}

/home/unicorn/unicorn.conf

listen "/tmp/unicorn.sock"

改变它对我来说很有效，这很奇怪，因为在它们出现在像“unicorn.rails_app.sock”这样的两个文件中之前，我不知道为什么当我有其他服务器运行时会出现 502 错误这没有问题。

希望对你有帮助！

Answer 2

问题是 Unicorn 和 Nginx 不同意共享套接字。此外，在您发布的文件中，upstream 和 proxy_pass 不匹配。怎么样：

在server 上下文中：

location @unicorn {
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto https;
  proxy_set_header Host $http_host;
  proxy_redirect off;
  proxy_pass http://unicorn_server; # This name must match the upstream
}

在http 上下文中：

upstream unicorn_server {
  server unix:/var/run/my_site/unicorn.sock;
}

在独角兽配置文件​​中（这里是/home/unicorn/unicorn.conf）：

listen '/var/run/my_site/unicorn.sock', :backlog => 64

注意 Unicorn 监听 Nginx 发布请求的套接字。

Answer 3

我在 Rails 4 中也是这样，但我在 /confirg/secrets.yml 中添加了一个“SECRETKEYBASE”

production:
secretkeybase: # add yours here