Ruby 2.5.1 Rails 5.2.4.3
I finished the process of deploying to AWS by referring to the article here, but when I accessed it from a browser, it failed with "Cannot connect to this site". I will ...
(Note) The article I referred to is very easy to understand and is not the fault of the article.
Let's check the log referring to the article to see what is wrong.
Server environment(/var/www/rails/app name/)
cd log
tail -n 30 production.log
For some reason, I can't find anything like an error in the log. It didn't make sense at first, but after a while I thought I might not be able to access it from my browser.
So I will try to access http directly using curl.
$ curl -IXGET http://IP address/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.2
Date: Sat, 27 Jun 2020 05:09:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://IP address/
301 is returned. Apparently, access to http has been redirected to https without permission. I dared to access https with curl.
$ curl -IXGET https://IP address/
curl: (7)Failed to connect to IP address port 443: Connection refused
I was angry that 433 ports were not available. Certainly, the security group has not set 433, so it is natural.
So I added 433 to the inbound rule of the security group, and when I accessed it with http from a browser, the page opened with https! (Impressive)
However, the original goal now is to open it with http instead of https ...
The cause of the redirect from http to https was the following description in /config/environments/production.rb.
/config/environments/production.rb
config.force_ssl = true
It seems that this was written when it was made ssl with heroku deployment before ... With this, it seems to redirect to https for ssl conversion.
So you can fix it locally, but it is troublesome to push or clone, so for the time being, rewrite the description in the server and just check it.
$ cd /var/www/rails/Ticket-Rec/config/environments/
$ vi production.rb
Changed as follows
/config/environments/production.rb
config.force_ssl = false
Restart unicorn
$ ps -ef | grep unicorn | grep -v grep
hiroki 2031 1 0 June 26? 00:00:02 unicorn_rails master -c /var/www/rails/Ticket-Rec/config/unicorn.conf.rb -D -E production
hiroki 2036 2031 0 June 26? 00:00:00 unicorn_rails worker[0] -c /var/www/rails/Ticket-Rec/config/unicorn.conf.rb -D -E production
hiroki 2038 2031 0 June 26? 00:00:00 unicorn_rails worker[1] -c /var/www/rails/Ticket-Rec/config/unicorn.conf.rb -D -E production
$ kill 2031
$ bundle exec unicorn_rails -c /var/www/rails/Ticket-Rec/config/unicorn.conf.rb -D -E production
Restart nginx
$ sudo service nginx restart
When I accessed http with curl again, 200 was returned!
$ curl -IXGET http://IP address/
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 27 Jun 2020 05:27:46 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"03411acbf679047381b99fd0eda2307c"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: _myapp_session=%2Fj%2FMy4fzeeSRY3imIh%2FCkJg94SzoshjfdaYZhZcEzF4i%2BxXXUZiYY8M%2Flre%2F6TAAvXqfyrr5sJ8ke2aOlhh4o8i6xsMfO7Ubp7LvUQnAxB9gm%2FbQ8Gc%2BLPzZAxcL9OgDLvQaocLN1MTSz6XKaDM%3D--1h9%2FJNHiHiktaWNU--CJuK9RUucx3dkTVkQpjYLg%3D%3D; path=/; HttpOnly
X-Request-Id: 9d2ee01e-fa05-40ae-8959-6e9b40f9b3e1
X-Runtime: 0.005877
Actually open it in the browser
browser
http://IP address/
I was able to access the app safely! Congratulations!
However, if you make it ssl after this, after all
/config/environments/production.rb
config.force_ssl = true
It seems to be set to lol
However, I found out the reason why it was not connected.