New site fails with 403 to javascript files

Hi all, I’m trying to set up a new site and everything looks fine in the journal, but the site itself is failing with 403 on the application javascript and other files. I checked the file permissions against a working site that I have and the permissions look fine. The only difference that I can see in the network calls, is that the site that is failing is getting a 304 temporary redirect from the company that I regsitered the domain with.

I see these errors in the peertube.error.log:

« GET /client/en-US/runtime.637c05f29d591f9a.js HTTP/2.0 » 403 564 « https://flashist.studio/ » « Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 »

« GET /client/en-US/polyfills.49fdee6c496b7b63.js HTTP/2.0 » 403 564 « https://flashist.studio/ » « Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 »

An update - I checked the nginx.conf files in both systems and while they are different, I didn’t see anything that looked suspicious in the site that doesn’t work. However, I checked with nginx -T and noticed that there were several packages missing from the list

STANDARD HTTP MODULES: Core, Proxy, Rewrite, Access, Gzip, Headers, HTTP/2, Log, Real IP, SSL, Thread Pool, Upstream, AIO Multithreading.

Does anyone know if I can add these packages to the current nginx or do I have to rebuild from scratch to include those?

Your Peertube seems running.

If I try to display a page that is served by Peertube, it works. For example with https://flashist.studio/api/v1/config.

I think it is a permission issue on static files on the server (403 means forbidden).

Can you check the owner and the rights of the files in /var/www/peertube/peertube-latest/client/dist/?

The owner should be peertube, but I think that the files must be world-readable so that nginx can access them.

Or perhaps you setup your Peertube in a directory where nginx has no access.
Check your nginx error logs, there might be some clues.

the /dist library is:

drwxr-xr-x 5 peertube peertube 4096 Jan 5 10:27 dist

I checked the permissions all the way down and everything is world readable. One weird thing is that no peertube entries are in the nginx access or error logs! I see plenty of scans and probes from unknown IP’s in the error logs though.

Here is a screenshot of my 2 peertube sites. The top half is the working site (flashist.art), the bottom half is the broken site (flashist.studio). Thanks again for any ideas.

Screenshot 2023-02-14 at 07.43.501920×912 245 KB

Perhaps a typo in your nginx config file?
Have you reloaded nginx after configuring it?

I finally got it to work. Your comment about file permissions gave me the idea to check up the directory structure. The /var/www/peertube-latest directory was owned by root, and the files there were not readable or executable by nginx. When I changed the directory owner and file permissions, the site came up. Thaniks for your help!

Note: I am trying to learn to use Ansible to build fediverse applications, and I started with the playbook at ansibleislife / ansible-role-peertube · GitLab - That playbook is 4 years old, but it got me about 75% of the way there. I had to re-write the production.yaml logic and a few other bits, but that was the basis for my work.

Great!

You can mark the thread as solved.

How do i do that?