cannot upload more than 8-9KB in production
120 views
Skip to first unread message
Walther Diechmann
Jun 13, 2019, 4:24:57 AM6/13/19
to Ruby on Rails: Talk
I've added this issue on rails/rails https://github.com/rails/rails/issues/36464 but was redirected here - fair enough (as I was not able to point to any malfunc)
Does anyone know of issues with NGINX in front of PUMA serving ActionCable and ActiveStorage?
My experience is that either I can have ActiveStorage working perfectly or I can have ActiveStorage working perfectly?!?
I have the code in this repo: https://github.com/wdiechmann/sucker.git and a demo here: https://sucker.alco.dk/messages
Sampson Crowley
Jun 13, 2019, 11:46:56 AM6/13/19
to rubyonra...@googlegroups.com
Can't help without your Nginx config. Nginx is just a reverse proxy. There's nothing you can do in rails that you can't do with Nginx in front of it. There's a problem with how you have Nginx set up, not with rails
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-ta...@googlegroups.com.
To post to this group, send email to rubyonra...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/ab5964f5-1e40-495c-8399-a7d1c72c0be7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Sampson Crowley
Jun 13, 2019, 11:52:05 AM6/13/19
to rubyonra...@googlegroups.com
Have you tested your app in production mode without Nginx in front of it?
Walther Privat
Jun 13, 2019, 12:45:21 PM6/13/19
to rubyonra...@googlegroups.com
Hi Sampson Crowley,
Good of you to answer :)
Entire project on github and nginx confit in config/sucker.nginx.conf (gets linked on deploys)
Med venlig hilsen
Walther
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAM5L8qP%3DC5vkhcLRRVFyJ0ZLxgzww1HH7aSKqK0wqWSeQea%3Dsw%40mail.gmail.com.
Walther Privat
Jun 13, 2019, 12:48:55 PM6/13/19
to rubyonra...@googlegroups.com
No?!
But in dev all is good - and I am not sure I can run it in production without (lots of other sites bound to 80/443 :(
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAM5L8qP%3DC5vkhcLRRVFyJ0ZLxgzww1HH7aSKqK0wqWSeQea%3Dsw%40mail.gmail.com.
Walther Privat
Jun 13, 2019, 12:51:22 PM6/13/19
to rubyonra...@googlegroups.com
- and it’s behind a firewall exclusively offering 80/443 for this CentOS VM :(
Med venlig hilsen
Walther
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/5CA10B7B-E6DC-4E5C-91FA-109598E5298F%40diechmann.net.
Walther Diechmann
Jun 13, 2019, 12:55:19 PM6/13/19
to Ruby on Rails: Talk
but I suspect that somehow I cannot POST more than 8-10KB to this config - so I am totally with you on the "rails is innoncent" trail :)
torsdag den 13. juni 2019 kl. 18.51.22 UTC+2 skrev Walther Diechmann:
- and it’s behind a firewall exclusively offering 80/443 for this CentOS VM :(Med venlig hilsenWalther
No?!But in dev all is good - and I am not sure I can run it in production without (lots of other sites bound to 80/443 :(
Have you tested your app in production mode without Nginx in front of it?
On Thu, Jun 13, 2019, 09:46 Sampson Crowley <sampsons...@gmail.com> wrote:
Can't help without your Nginx config. Nginx is just a reverse proxy. There's nothing you can do in rails that you can't do with Nginx in front of it. There's a problem with how you have Nginx set up, not with rails
On Thu, Jun 13, 2019, 02:25 Walther Diechmann <wal...@diechmann.net> wrote:
I've added this issue on rails/rails https://github.com/rails/rails/issues/36464 but was redirected here - fair enough (as I was not able to point to any malfunc)--Does anyone know of issues with NGINX in front of PUMA serving ActionCable and ActiveStorage?My experience is that either I can have ActiveStorage working perfectly or I can have ActiveStorage working perfectly?!?I have the code in this repo: https://github.com/wdiechmann/sucker.git and a demo here: https://sucker.alco.dk/messages
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/ab5964f5-1e40-495c-8399-a7d1c72c0be7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAM5L8qP%3DC5vkhcLRRVFyJ0ZLxgzww1HH7aSKqK0wqWSeQea%3Dsw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
Walther Diechmann
Jun 13, 2019, 1:09:56 PM6/13/19
to Ruby on Rails: Talk
I looked in /var/log/nginx/sucker.error.log and see this:
/var/lib/nginx/tmp/client_body/0000000004" failed (13: Permission denied)
hmmm
This is how those folders are 'permissioned' (running my NGINX as user oxenserver)
[root@ruby2019 current]# ls -la /var/lib/nginx/tmp
totalt 0
drwx------. 7 oxenserver nginx 78 24 maj 20:23 .
drwx------. 3 nginx nginx 17 24 maj 20:22 ..
drwx------. 2 oxenserver root 6 24 maj 20:23 client_body
drwx------. 2 oxenserver root 6 24 maj 20:23 fastcgi
drwx------. 2 oxenserver root 6 24 maj 20:23 proxy
drwx------. 2 oxenserver root 6 24 maj 20:23 scgi
drwx------. 2 oxenserver root 6 24 maj 20:23 uwsgi
Walther Diechmann
Jun 13, 2019, 1:26:15 PM6/13/19
to Ruby on Rails: Talk
further I should mention probably, that SELinux is disabled -
Hassan Schroeder
Jun 13, 2019, 1:54:33 PM6/13/19
to rubyonrails-talk
On Thu, Jun 13, 2019 at 9:48 AM Walther Privat <wal...@diechmann.net> wrote:
> But in dev all is good - and I am not sure I can run it in production without (lots of other sites bound to 80/443 :(
You can test in production *mode* locally, or on another system,
> But in dev all is good - and I am not sure I can run it in production without (lots of other sites bound to 80/443 :(
and try with and without Nginx in front. Or compare using another
proxy entirely, e.g. Squid or an AWS ELB.
--
Hassan Schroeder ------------------------ hassan.s...@gmail.com
twitter: @hassan
Consulting Availability : Silicon Valley or remote
Walther Diechmann
Jun 13, 2019, 2:17:14 PM6/13/19
to Ruby on Rails: Talk
Paul Makepeace
Jun 13, 2019, 2:24:37 PM6/13/19
to rubyonra...@googlegroups.com
One thing to check in these situations is whether there's an MTU
(https://en.wikipedia.org/wiki/Maximum_transmission_unit) mismatch
with the don't-fragment bit set. This is lower level than your app
stack but often just mentioning those words can be enough to get other
folks to fix the issue :-)
> To post to this group, send email to rubyonra...@googlegroups.com.
(https://en.wikipedia.org/wiki/Maximum_transmission_unit) mismatch
with the don't-fragment bit set. This is lower level than your app
stack but often just mentioning those words can be enough to get other
folks to fix the issue :-)
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-ta...@googlegroups.com.
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To post to this group, send email to rubyonra...@googlegroups.com.
Walther Diechmann
Jun 13, 2019, 2:26:12 PM6/13/19
to Ruby on Rails: Talk
So, finally -- enjoying all the positive suggestions and wishful thinking, like a caring push by the wind on my bike -- I cracked it!
:D
The giveaways were
- /var/lib/nginx/tmp/client_body/0000000004" failed (13: Permission denied) in /var/log/nginx/sucker.error.log
- the 'dot' after the files!
I knew I had disabled SELinux already but little did I know that files are protected even with SELinux disabled (makes a lot of sense)
So I had to do this
# yum install attr
# find /var/lib/nginx -exec sudo setfattr -h -x security.selinux {} \;
# cd /var/lib/nginx
# chown -R oxenserver.nginx tmp
# chmod 766 -R tmp
# service nginx reload
(on my CentOS box with the /etc/nginx.conf user set to oxenserver)
Thank you for your attention and interest!
Walther
Sampson Crowley
Jun 13, 2019, 2:29:33 PM6/13/19
to rubyonra...@googlegroups.com
https://stackoverflow.com/a/35794955/9196467
you only have max body size set on https, but it in both blocks. also where is you main http block config? you can set the max body size there as well
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/5C04D328-906E-4ADF-8598-020F0328416A%40diechmann.net.
Sampson Crowley
Jun 13, 2019, 2:30:45 PM6/13/19
to rubyonra...@googlegroups.com
*put it in both blocks
Walther Diechmann
Jun 13, 2019, 3:29:19 PM6/13/19
to Ruby
Thx Sampson - as it turned out it was SELinux and extended file attributes playing me :/
Added an update and how to to the repo and the thread in this group
Thx,
Walther
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAM5L8qOwy6G332C4672pCBwFO_wouA5tu36RjmYtQ9ETufX8NQ%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages