I am having issues with apache 2 airflow's webserver.
Here's the error I get:
[2023-06-27 02:09:34 +0000] [1710631] [ERROR] Socket error processing request.
Traceback (most recent call last):
File "/home/airflow/.local/lib/python3.10/site-packages/gunicorn/workers/sync.py", line 131, in handle
client = ssl.wrap_socket(client, server_side=True,
File "/usr/lib/python3.10/ssl.py", line 1439, in wrap_socket
context.load_cert_chain(certfile, keyfile)
PermissionError: [Errno 13] Permission denied
airflow is installed natively onto the OS and not in docker.
The schedular and workers are still working in place without the webserver, but I cannot get onto the portal.
I have verified the location of my SSL Certs.
airflow.cfg
# Paths to the SSL certificate and key for the web server. When both are
# provided SSL will be enabled. This does not change the web server port.
web_server_ssl_cert = /etc/letsencrypt/live/mysite.com/cert.pem
# Paths to the SSL certificate and key for the web server. When both are
# provided SSL will be enabled. This does not change the web server port.
web_server_ssl_key = /etc/letsencrypt/live/mysite.com/privkey.pem
SSL key location
airflow@etl:/etc/letsencrypt/live/mysite.com$ ls -al
total 12
drwxrw-rw- 2 airflow root 4096 May 13 09:27 .
drwxrw-rw- 3 airflow root 4096 Nov 14 2022 ..
-rwxrw-rw- 1 airflow root 692 Nov 14 2022 README
lrwxrwxrwx 1 root root 36 May 13 09:27 cert.pem -> ../../archive/mysite.com/cert4.pem
lrwxrwxrwx 1 root root 37 May 13 09:27 chain.pem -> ../../archive/mysite.com/chain4.pem
lrwxrwxrwx 1 root root 41 May 13 09:27 fullchain.pem -> ../../archive/mysite.com/fullchain4.pem
lrwxrwxrwx 1 root root 39 May 13 09:27 privkey.pem -> ../../archive/mysite.com/privkey4.pem
home location of pem files
airflow@etl:/etc/letsencrypt/archive/mysite.com$ ls -al
total 88
drwxr-xr-x 2 airflow root 4096 May 13 09:27 .
drwx------ 3 airflow root 4096 Nov 14 2022 ..
-rw-r--r-- 1 airflow root 1838 Nov 14 2022 cert1.pem
-rw-r--r-- 1 airflow root 1834 Jan 13 03:31 cert2.pem
-rw-r--r-- 1 root root 1838 Mar 14 03:59 cert3.pem
-rw-r--r-- 1 root root 1834 May 13 09:27 cert4.pem
-rw-r--r-- 1 airflow root 3749 Nov 14 2022 chain1.pem
-rw-r--r-- 1 airflow root 3749 Jan 13 03:31 chain2.pem
-rw-r--r-- 1 root root 3749 Mar 14 03:59 chain3.pem
-rw-r--r-- 1 root root 3749 May 13 09:27 chain4.pem
-rw-r--r-- 1 airflow root 5587 Nov 14 2022 fullchain1.pem
-rw-r--r-- 1 airflow root 5583 Jan 13 03:31 fullchain2.pem
-rw-r--r-- 1 root root 5587 Mar 14 03:59 fullchain3.pem
-rw-r--r-- 1 root root 5583 May 13 09:27 fullchain4.pem
-rw------- 1 airflow root 1704 Nov 14 2022 privkey1.pem
-rw------- 1 airflow root 1704 Jan 13 03:31 privkey2.pem
-rw------- 1 root root 1704 Mar 14 03:59 privkey3.pem
-rw------- 1 root root 1704 May 13 09:27 privkey4.pem
deamon config
airflow@etl:/etc$ more /usr/lib/systemd/system/airflow-webserver.service
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
[Unit]
Description=Airflow webserver daemon
After=network.target postgresql.service rabbitmq-server.service
Wants=postgresql.service mysql.service rabbitmq-server.service
[Service]
EnvironmentFile=/home/airflow/airflow/airflow.conf
User=airflow
Group=airflow
Type=simple
ExecStart=/home/airflow/.local/bin/airflow webserver --pid /run/airflow/webserver.pid
Restart=on-failure
RestartSec=5s
PrivateTmp=true
[Install]
WantedBy=multi-user.target
