Django/Nginx 403 Error on new static files

Multi tool use
Multi tool useThe name of the picture


Django/Nginx 403 Error on new static files



Can't figure out why, but after collecting new static files (collectstatic), nginx throws 403 Error.


collectstatic



New files have different permissions from old static files.


-rw-rw-r-- 1 django django 115206 Jul 9 15:23 dom.jpg
-rw-r----- 1 django django 884 Jul 23 20:42 error.svg
-rw-rw-r-- 1 django django 308934 Mar 11 16:30 header.bmp
-rw-rw-r-- 1 django django 20188 Mar 11 16:30 header.jpg
-rw-r----- 1 django django 910 Jul 23 20:42 success.svg
-rw-rw-r-- 1 django django 1826 Jul 9 15:23 user.svg



As you can see - error.svg and success.svg have different permissions, that's why nginx throws 403.


error.svg


success.svg


nginx



Do you know how to fix this? I don't want just change permission for existing files, I want universal solution so this never happens again.



top



returns this:


9143 django 20 0 59124 6580 4904 S 0.0 1.3 0:07.44 gunicorn
9149 django 20 0 213640 67600 8692 S 0.0 13.5 0:07.91 gunicorn
9150 django 20 0 215224 68680 8520 S 0.0 13.7 0:08.95 gunicorn
9151 django 20 0 215056 68420 8512 S 0.0 13.7 0:09.32 gunicorn
32386 root 20 0 126132 1168 684 S 0.0 0.2 0:00.00 nginx
32387 www-data 20 0 127076 4580 3308 S 0.0 0.9 0:03.43 nginx





Do you run your webserver with the django user?
– Willem Van Onsem
4 hours ago


django





Can you let your server run the command whoami and print this to a logfile (or something similar). I have the idea that the server is not running as django.
– Willem Van Onsem
3 hours ago


whoami


django





@WillemVanOnsem I'm not sure which server - nginx or gunicorn, I've added results of top command at the bottom of the question.
– Milano Slesarik
3 hours ago





Well the top nginx is - if I recall correctly - the one you invoke, that will obtain the port (since ports below 1024 require root access), but then it passes control to a child running with another user, to reduce the risk. What if you add www-data to the django group?
– Willem Van Onsem
3 hours ago


nginx


1024


www-data


django





For example with sudo usermod -a -G django www-data
– Willem Van Onsem
3 hours ago


sudo usermod -a -G django www-data




1 Answer
1



Did you tried chmod 644 on this files ?





I think that if I read the question correctly, this was actually what the OP wanted to avoid. Furthermore since the owner is the django user, if the server is configured correctly, it should work.
– Willem Van Onsem
3 hours ago


django





I read too fast
– Philoow
3 hours ago






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

xZOyQFK1ENxClJnAf,drSu,r7a b1UC3nNqLa
-
O5Yy 0JthH ZVEF qXJk6m

Popular posts from this blog

Keycloak server returning user_not_found error when user is already imported with LDAP

Keycloak server returning user_not_found error when user is already imported with LDAP I am currently running a keycloak server as a service in a kubernetes cluster. I can access it perfectly with the initial keycloak admin account and used it to setup a new realm using LDAP for User Federation. The connection and queries seem to work fine as a I can search for Users and they pop up with their correct username, first name, last name and e-mail so all seemed fine. When I then log out and try to log in with a normal user account that exists in the AD and has been imported I just find get the following error: WARN [org.keycloak.events] (default task-8) type=LOGIN_ERROR, realmId=master, clientId=security-admin-console, userId=null, ipAddress=<my ip>, error=user_not_found, auth_method=openid-connect, auth_type=code, redirect_uri=http://myserver.com/auth/admin/master/console/#/realms/MyRealm, code_id=a8ca7f06-dfec-4e6e-8f6b-74eb871f71da, username=myUser So it seems that in some way wh...
Read more

PHP parse/syntax errors; and how to solve them?

Image
PHP parse/syntax errors; and how to solve them? Everyone runs into syntax errors. Even experienced programmers make typos. For newcomers it's just part of the learning process. However, it's often easy to interpret error messages such as: PHP Parse error: syntax error, unexpected '{' in index.php on line 20 The unexpected symbol isn't always the real culprit. But the line number gives a rough idea where to start looking. Always look at the code context . The syntax mistake often hides in the mentioned or in previous code lines . Compare your code against syntax examples from the manual. While not every case matches the other. Yet there are some general steps to solve syntax mistakes . This references summarized the common pitfalls: Unexpected T_STRING Unexpected T_VARIABLE Unexpected '$varname' (T_VARIABLE) Unexpected T_CONSTANT_ENCAPSED_STRING Unexpected T_ENCAPSED_AND_WHITESPACE Unexpected $end Unexpected T_FUNCTION… Unexpected { { Unexpected } } Unexpe...
Read more

Using generate_series in ecto and passing a value

Using generate_series in ecto and passing a value I am trying to use generate_series in this query to get the number of sales in a time period even with the days that have no sales. I got it working with a hard-coded value but now I need to get all the sales since the contract was created. What I have so far: query = from( c in Contract, join: v in Voucher, on: v.contract_id == c.id, join: s in Sale, on: s.voucher_id == v.id and c.id == ^contract_id, right_join: day in fragment( "select generate_series(current_date - interval '60 day', current_date, '1 day')::date AS d" ), on: day.d == fragment("date(?)", s.date), group_by: day.d, select: %{ number_sales: count(s.id), total_value: sum(s.value), date: day.d }, order_by: [asc: day.d] ) Repo.all(query) |> Enum.map(fn entry -> Map.put(entry, :date, Date.from_erl!(entry.date)) end) With this query I get all the s...
Read more