1

I'm having a very frustrating time deploying a Laravel webapp to Amazon Web Services Elastic Beanstalk. Some times it's fine, but about 50% of the time I get the following crash:

The stream or file "/var/app/current/storage/logs/laravel-2019-10-18.log" could not be opened: failed to open stream: Permission denied

(Where the date is the current date.)

Sure enough, when I SSH into the server I can see the permissions for that particular log file are set to root:root.

-rw-r--r-- 1 root   root   3400 Oct 18 13:39 laravel-2019-10-18.log
-rw-rw-r-- 1 webapp webapp    0 Oct 18 13:39 laravel.log

If I change the owner to webapp:webapp then the app works fine again. Likewise if I delete the log file the site works fine again... until the next deployment.

My question is how I can prevent this from happening. Disable all logs? Change the permissions during deployment? Is it only because debug is set to "true"?

Here's my deploy.config. Is something wrong or missing?

container_commands:
  01-migrations:
    command: "php artisan migrate --force"
  02-import:
    command: "php artisan import:initial-data"

files:
  "/opt/elasticbeanstalk/hooks/appdeploy/post/99_make_storage_writable.sh":
    mode: "000755"
    owner: root
    group: root
    content: |
      #!/usr/bin/env bash
      echo "Making /storage writeable..."
      chmod -R 755 /var/app/current/storage

      if [ ! -f /var/app/current/storage/logs/laravel.log ]; then
          echo "Creating /storage/logs/laravel.log..."
          touch /var/app/current/storage/logs/laravel.log
          sudo chown -R webapp:webapp /var/app/current/storage/logs
          sudo chmod -R ug+w /var/app/current/storage/logs

      fi


#https://serverfault.com/a/669547/24863
  "/opt/elasticbeanstalk/hooks/appdeploy/post/99_restart_workers.sh":
    mode: "000755"
    owner: root
    group: root
    content: |
      #!/usr/bin/env bash
      echo "Spawn worker..."
      nohup php /var/app/current/artisan queue:work >/dev/null 2>&1 &

  "/opt/elasticbeanstalk/tasks/publishlogs.d/laravel-logs.conf":
    mode: "000755"
    owner: root
    group: root
    content: |
      /var/app/current/storage/logs/*.log

#https://stackoverflow.com/a/38751749/199700
  "/etc/httpd/conf.d/https_redirect.conf":
    mode: "000644"
    owner: root
    group: root
    content: |
      RewriteEngine on
      <If "-n '%{HTTP:X-Forwarded-Proto}' && %{HTTP:X-Forwarded-Proto} != 'https'">
      RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
      </If>

#https://stackoverflow.com/a/38600025/199700
  "/etc/php.d/project.ini" :
    mode: "000644"
    owner: root
    group: root
    content: |
      upload_max_filesize=10M
      post_max_size=32M
Chuck Le Butt
  • 47,570
  • 62
  • 203
  • 289

1 Answers1

0

This typically happens because you're running a php artisan command that writes to the logs as root. Taking a look at the initial contents of laravel-2019-10-18.log should give a clue as to which command is involved.

ceejayoz
  • 176,543
  • 40
  • 303
  • 368