1

Environment:

  • Laravel Version: 5.8.29
  • PHP Version $ php --version: PHP 7.2.24 (cli)
  • NGINX Version $ nginx -v: nginx version: nginx/1.14.0 (Ubuntu)

Problem Statement:

Everything works fine, except for one particular API where I include in the header some token (typical bearer token) and it's returning a 502 error from Chrome (in the network tab)

However, when I try to call this from Postman or using curl cli request from server, it's returning the data correctly.

What could be possibly wrong here?


Error

NGINX 502 Bad Gateway

Logs

$ sudo tail -30 /var/log/nginx/error.log
[error] 4713#4713: *705118 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 111.11.11.111, server: domain.com, request: "POST /action/api/path HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php7.2-fpm.sock:", host: "domain.com", referrer: "domain.com/path"

$ sudo tail /var/log/php7.2-fpm.log
WARNING: [pool www] child 28524 exited on signal 11 (SIGSEGV - core dumped) after 
NOTICE: [pool www] child 8033 started

Files & Configuration:

/etc/nginx/nginx.conf

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
    worker_connections 768;
    # multi_accept on;
}

http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;

    # max post size
    client_max_body_size 100M;
}


#mail {
#   # See sample authentication script at:
#   # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#   # auth_http localhost/auth.php;
#   # pop3_capabilities "TOP" "USER";
#   # imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#   server {
#       listen     localhost:110;
#       protocol   pop3;
#       proxy      on;
#   }
# 
#   server {
#       listen     localhost:143;
#       protocol   imap;
#       proxy      on;
#   }
#}

/etc/nginx/sites-available/domain.com

server {
    listen 443;
    server_name domain.com;
    root /path/public;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-Content-Type-Options "nosniff";

    index index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\.(?!well-known).* {
        deny all;
    }

    ssl on;
    ssl_certificate /etc/nginx/ssl/domain.com.chained.crt;
    ssl_certificate_key /etc/nginx/ssl/domain.com.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

}

server {
    listen 80;
    server_name domain.com;
    rewrite ^/(.*) https :// domain.com/$1 permanent;
}

/etc/php/7.2/fpm/pool.d/www.conf Pool directives

[www]

user = www-data
group = www-data

listen = /run/php/php7.2-fpm.sock

listen.owner = www-data
listen.group = www-data

pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

PHP cURL request

private $headers = [
    'Accept: application/json',
    'Content-Type: application/json',
];

private $baseURL = 'http://otherdomain.in/api/v1/';


private function postRequest($data, $endpoint) {

    if ( !is_null($this->apiToken) ) {

        $authorization = "Authorization: Bearer {$this->apiToken}";
        array_push($this->headers, $authorization);
    }

    $url = "{$this->baseURL}/{$endpoint}";

    $ch = curl_init();

    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HTTPHEADER, json_encode($this->headers) );
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

    $responseJSON = curl_exec($ch);

    $response = json_decode($responseJSON, TRUE);

    return $response
}

EDIT 1:

I've restarted fastcgi process using following query

$ sudo service php7.2-fpm restart

$ sudo tail /var/log/php7.2-fpm.log
[13-Nov-2021 05:32:03] NOTICE: systemd monitor interval set to 10000ms
[13-Nov-2021 05:32:56] WARNING: [pool www] child 28870 exited on signal 11 (SIGSEGV - core dumped) after 53.229996 seconds from start
[13-Nov-2021 05:32:56] NOTICE: [pool www] child 28879 started
[13-Nov-2021 05:42:47] NOTICE: Terminating ...
[13-Nov-2021 05:42:47] NOTICE: exiting, bye-bye!
[13-Nov-2021 05:42:47] NOTICE: fpm is running, pid 29564
[13-Nov-2021 05:42:47] NOTICE: ready to handle connections
[13-Nov-2021 05:42:47] NOTICE: systemd monitor interval set to 10000ms
[13-Nov-2021 05:43:04] WARNING: [pool www] child 29592 exited on signal 11 (SIGSEGV - core dumped) after 17.115362 seconds from start
[13-Nov-2021 05:43:04] NOTICE: [pool www] child 29596 started

EDIT 2:

I've found that my opcache is already comment. So there is no point of disabling or increasing its memory limit as per following answer

/etc/php/7.2/fpm/php.ini

[opcache]
; Determines if Zend OPCache is enabled
;opcache.enable=0

; Determines if Zend OPCache is enabled for the CLI version of PHP
;opcache.enable_cli=0

; The OPcache shared memory storage size.
;opcache.memory_consumption=196

Maqsud
  • 111
  • 2

0 Answers0