我正在 rocky linux 上使用 nginx 部署 wagtail 站点,但是我无法获取 nginx 提供的静态文件。
我的nginx站点配置如下:
server {
listen 80;
server_name 10.4.0.189;
root /home/wagtail/apps/my_site;
charset UTF-8;
error_log /home/wagtail/apps/my_site/nginx-error.log;
location = /favicon.ico {access_log off; log_not_found off;}
location static/ {
root /home/wagtail/apps/my_site/;
}
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://unix:/run/gunicorn.sock;
}
}
我尝试了多种块位置配置,包括别名。
我已检查应用程序所在目录的读/写权限:
drwxrwxr-x. 6 wagtail nginx 4096 Nov 7 08:27 .
drwxrwxr-x. 4 wagtail nginx 4096 Nov 6 14:41 ..
-rwxrwxr-x. 1 wagtail nginx 2029 Nov 6 14:41 Dockerfile
-rwxrwxr-x. 1 wagtail nginx 376 Nov 6 14:41 .dockerignore
drwxrwxr-x. 6 wagtail nginx 4096 Nov 6 14:44 home
drwxrwxr-x. 6 wagtail nginx 4096 Nov 7 08:34 my_site
-rwxrwxr-x. 1 wagtail nginx 256 Nov 6 14:41 manage.py
-rwxrwxr-x. 1 wagtail nginx 56199 Nov 7 13:31 nginx-error.log
-rwxrwxr-x. 1 wagtail nginx 35 Nov 6 14:41 requirements.txt
drwxrwxr-x. 4 wagtail nginx 4096 Nov 6 14:44 search
drwxrwxr-x. 11 wagtail nginx 4096 Nov 7 13:07 static
wagtail : wagtail nginx
Nginx 是组所有者,我也将 wagtail 用户加入了 nginx 组。
我使用以下命令对 selinux 进行了一些修改:
journalctl -t setroubleshoot
这似乎消除了所有 selinux 错误,但静态内容仍然显示为 403 禁止。
检查 nginx-error.log 我发现这仍然是一个与权限相关的问题:
2024/11/07 13:30:11 [error] 3142#3142: *9 open() "/home/wagtail/apps/my_site/static/js/my_site.d41d8cd98f00.js" failed (13: Permission denied), client: 10.20.0.22, server: 10.4.0.189, request: "GET /static/js/my_site.d41d8cd98f00.js HTTP/1.1", host: "10.4.0.189", referrer: "http://10.4.0.189/"
2024/11/07 13:30:11 [error] 3142#3142: *8 open() "/home/wagtail/apps/my_site/static/css/welcome_page.85e6f9d19e42.css" failed (13: Permission denied), client: 10.20.0.22, server: 10.4.0.189, request: "GET /static/css/welcome_page.85e6f9d19e42.css HTTP/1.1", host: "10.4.0.189", referrer: "http://10.4.0.189/"
2024/11/07 13:30:11 [error] 3142#3142: *6 open() "/home/wagtail/apps/my_site/favicon.ico" failed (13: Permission denied), client: 10.20.0.22, server: 10.4.0.189, request: "GET /favicon.ico HTTP/1.1", host: "10.4.0.189", referrer: "http://10.4.0.189/"
2024/11/07 13:31:00 [error] 3176#3176: *1 open() "/home/wagtail/apps/my_site/favicon.ico" failed (13: Permission denied), client: 10.20.0.22, server: 10.4.0.189, request: "GET /favicon.ico HTTP/1.1", host: "10.4.0.189", referrer: "http://10.4.0.189/"
出现未授权错误的原因是因为 nginx 使用了名为
www-data也可以在不更改用户名的情况下添加权限,但是 还有一种简单的方法可以更改 nginx 使用的用户名。
如何更改 nginx 用户名:
$ sudo nano /etc/nginx/nginx.conf
# change user www-data to ubuntu
$ sudo systemctl restart nginx
由于只添加权限比较复杂,所以用链接代替。