0

I am setting up a django web app using Nginx + Gunicorn. I am using also an Amazon linux instance that is based on CentOS distro. Assuming that Nginx is running with a nginx user what's the best practice for the document root folder? Now I created /var/www/myapp folder that is owned by root. But I think that file uploads will not work for example because nginx cant create files in that folder. Is it enough to give the owning to nginx user?

carlo.polisini
  • 335
  • 1
  • 3
  • 7

2 Answers2

0

The real question is with what user is running Gunicorn .
To simplify everything you could make the whole /var/www/myapp folder (and files+childes) owned by the gunicorn user.
Or everything could be owned by a 3rd user, and only specific folders be owned by 'gunicorn'. These folder will be used for upload,cache, etc. The developer should know what folders needs to be writable .

Sandor Marton
  • 1,564
  • 9
  • 12
  • Yes, indeed I need a user to run Gunicorn to avoid to run it with root privileges. I could use this user also to create a service startup script. – carlo.polisini May 09 '13 at 15:18
0

I normally use the "www-data" user in Debian but I think CentOS has an "apache" user. You could always use that user, or create "www-data" or "nginx".

(Note: in the examples below www-user could be any user you choose to setup).

  1. In nginx conf set the user

    user www-user www-user; ## Default: nobody

  2. Update owner for the www root to your www-user (and make sure the www-user has read/write permissions as required by your website).

Drew Khoury
  • 4,637
  • 8
  • 27
  • 28