Environment:
- Laravel Version: 5.8.29
- PHP Version
$ php --version
: PHP 7.2.24 (cli) - NGINX Version
$ nginx -v
: nginx version: nginx/1.14.0 (Ubuntu)
Problem Statement:
Everything works fine, except for one particular API where I include in the header some token (typical bearer token) and it's returning a 502 error from Chrome (in the network tab)
However, when I try to call this from Postman or using curl
cli request from server, it's returning the data correctly.
What could be possibly wrong here?
Error
NGINX 502 Bad Gateway
Logs
$ sudo tail -30 /var/log/nginx/error.log
[error] 4713#4713: *705118 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 111.11.11.111, server: domain.com, request: "POST /action/api/path HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php7.2-fpm.sock:", host: "domain.com", referrer: "domain.com/path"
$ sudo tail /var/log/php7.2-fpm.log
WARNING: [pool www] child 28524 exited on signal 11 (SIGSEGV - core dumped) after
NOTICE: [pool www] child 8033 started
Files & Configuration:
/etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
# max post size
client_max_body_size 100M;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
/etc/nginx/sites-available/domain.com
server {
listen 443;
server_name domain.com;
root /path/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
ssl on;
ssl_certificate /etc/nginx/ssl/domain.com.chained.crt;
ssl_certificate_key /etc/nginx/ssl/domain.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
}
server {
listen 80;
server_name domain.com;
rewrite ^/(.*) https :// domain.com/$1 permanent;
}
/etc/php/7.2/fpm/pool.d/www.conf
Pool directives
[www]
user = www-data
group = www-data
listen = /run/php/php7.2-fpm.sock
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
PHP cURL request
private $headers = [
'Accept: application/json',
'Content-Type: application/json',
];
private $baseURL = 'http://otherdomain.in/api/v1/';
private function postRequest($data, $endpoint) {
if ( !is_null($this->apiToken) ) {
$authorization = "Authorization: Bearer {$this->apiToken}";
array_push($this->headers, $authorization);
}
$url = "{$this->baseURL}/{$endpoint}";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, json_encode($this->headers) );
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$responseJSON = curl_exec($ch);
$response = json_decode($responseJSON, TRUE);
return $response
}
EDIT 1:
I've restarted fastcgi
process using following query
$ sudo service php7.2-fpm restart
$ sudo tail /var/log/php7.2-fpm.log
[13-Nov-2021 05:32:03] NOTICE: systemd monitor interval set to 10000ms
[13-Nov-2021 05:32:56] WARNING: [pool www] child 28870 exited on signal 11 (SIGSEGV - core dumped) after 53.229996 seconds from start
[13-Nov-2021 05:32:56] NOTICE: [pool www] child 28879 started
[13-Nov-2021 05:42:47] NOTICE: Terminating ...
[13-Nov-2021 05:42:47] NOTICE: exiting, bye-bye!
[13-Nov-2021 05:42:47] NOTICE: fpm is running, pid 29564
[13-Nov-2021 05:42:47] NOTICE: ready to handle connections
[13-Nov-2021 05:42:47] NOTICE: systemd monitor interval set to 10000ms
[13-Nov-2021 05:43:04] WARNING: [pool www] child 29592 exited on signal 11 (SIGSEGV - core dumped) after 17.115362 seconds from start
[13-Nov-2021 05:43:04] NOTICE: [pool www] child 29596 started
EDIT 2:
I've found that my opcache
is already comment. So there is no point of disabling or increasing its memory limit as per following answer
/etc/php/7.2/fpm/php.ini
[opcache]
; Determines if Zend OPCache is enabled
;opcache.enable=0
; Determines if Zend OPCache is enabled for the CLI version of PHP
;opcache.enable_cli=0
; The OPcache shared memory storage size.
;opcache.memory_consumption=196