Nginx - directory index of "/var/fruby/current/public/" is forbidden

Question

Okay, so this question must have been asked a couple of dozen of times already but I honestly went through all similiar question and none of these questions relate to my issue.

So a little bit of history and configuration Rails 3 app, Passenger + Nginx 3 as production server

I am currently deploying my production Rails 3 app via bash script, that basically clones git repo every time and does some magic, it had its issues so we decided to migrate to Capistrano.

Wrote the deploy.rb script, specified shared folders, started it all up on a test server first and managed to get it all up and running smoothly.

Now I do same for production server, deployed it via Capistrano to separate from my manual bash script folder so they wont conflict in any way, changed nginx root from

root /var/www/public;

to

root /var/fruby/current/public;

restarting nginx and I get a 403 error and the following record in logs.

2014/06/08 18:28:32 [error] 5239#0: *1 directory index of "/var/fruby/current/public/" is forbidden, client: 109.187.177.116, server: example.com, request: "GET / HTTP/1.1", host: "example.com", referrer: ""

Since passenger configuration didn't change, its safe to assume that the problem is somewhere with folder permissions but I honestly can't seem to identify what the issue is in. Permissions so does owner really seem the same for me, perhaps you can point me in the right direction?

It has to be something to do with passenger, because if I manually start application with rails s, it starts up beautifully.

/opt/nginx/conf/nginx.conf

Inside http block:

passenger_root /usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.18;
passenger_ruby /usr/local/bin/ruby;
proxy_read_timeout 640;

server block:

server {
    listen   443;
    server_name  example.com;

    ssl on;
    ssl_certificate /opt/nginx/conf/certs/example.com.crt;
    ssl_certificate_key /opt/nginx/conf/certs/example.com.key.nopass;

    charset utf-8;
    #root /var/www/public; # Old directory my bash script deployed to
    root /var/fruby/current/public; # New directory, capistrano deploys to
    passenger_enabled on;
    rails_env production;

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }
}

Now fruby folder has these permissions:

drwxr-xr-x  5 root root   4096 Jun  8 18:56 fruby/

Inside fruby folder

drwxr-xr-x  5 root root 4096 Jun  8 18:56 ./
drwxr-xr-x 17 root root 4096 Jun  8 17:31 ../
lrwxrwxrwx  1 root root   34 Jun  8 18:56 current -> /var/fruby/releases/20140608145412/
drwxr-xr-x  4 root root 4096 Jun  8 18:54 releases/
drwxr-xr-x  7 root root 4096 Jun  8 17:46 repo/
-rw-r--r--  1 root root  170 Jun  8 18:56 revisions.log
drwxr-xr-x  7 root root 4096 Jun  8 17:47 shared/

Inside shared folder

drwxr-xr-x  7 root   root    4096 Jun  8 17:47 ./
drwxr-xr-x  5 root   root    4096 Jun  8 18:56 ../
drwxr-xr-x  2 root   root    4096 Jun  8 17:49 bin/
drwxr-xr-x  3 root   root    4096 Jun  8 17:47 bundle/
drwxr-xr-x  2 root   root    4096 Jun  8 17:51 log/
drwxr-xr-x 10 root   root    4096 Jun  8 17:24 public/
drwxr-xr-x  6 nobody nogroup 4096 Jun  8 18:56 tmp/

Everything seems to be fine and pretty much the same permissions, there are on production server.

Let me know if you need any more output.

Any help is very much appreciated!

Answer 1

Managed to resolve this issue by updating Passenger to 4.0.44 and recompiling nginx (running passenger-install-nginx-module again), apparently this was the only difference with the test server I was testing with at first.

Commands I ran to resolve the issue:

user@host-$: chmod 777 -R /tmp
user@host-$: chmod o+t -R /tmp
user@host-$: gem install passenger
user@host-$: passenger-install-nginx-module

The first 2 commands are the corteusy of this answer (Getting remove_entry_secure error while using ruby application)