ArgumentError: directory for pid=/.../unicorn.pid not writable

Here is the tail of my unicorn.stderr.log for what it’s worth

I, [2023-08-22T04:18:52.795267 #81]  INFO -- : Refreshing Gem list
fatal: detected dubious ownership in repository at '/var/www/discourse'
To add an exception for this directory, call:

	git config --global --add safe.directory /var/www/discourse
I, [2023-08-22T04:18:57.742262 #81]  INFO -- : listening on addr=127.0.0.1:3000 fd=10
fatal: detected dubious ownership in repository at '/var/www/discourse'
To add an exception for this directory, call:

	git config --global --add safe.directory /var/www/discourse
I, [2023-08-22T04:19:04.916798 #81]  INFO -- : starting 1 supervised sidekiqs
I, [2023-08-22T04:19:04.927971 #81]  INFO -- : starting up EmailSync demon
I, [2023-08-22T04:19:07.993280 #81]  INFO -- : master process ready
I, [2023-08-22T04:19:11.010040 #174]  INFO -- : worker=0 ready
I, [2023-08-22T04:19:11.994849 #188]  INFO -- : worker=1 ready
I, [2023-08-22T04:19:12.524936 #203]  INFO -- : worker=2 ready

Ubuntu 22.04 (Server)

Freshly set up from a cloud hoster. Did nothing but update system, install docker, zsh, nginx and run the setup for discourse, which failed

Edit:

I rebuild the cloud server with Fedora, just installed docker, and then tried the fresh install again.

Another different error

[Tue 22 Aug 2023 05:51:02 PM UTC] Run reload cmd: sv reload nginx
warning: nginx: unable to open supervise/ok: file does not exist
[Tue 22 Aug 2023 05:51:02 PM UTC] Reload error for :
Started runsvdir, PID is 2941
ok: run: redis: (pid 2953) 0s
ok: run: postgres: (pid 2954) 0s
supervisor pid: 2949 unicorn pid: 2981

the internal nginx doesn’t want to run

Wait, why did you install nginx? Default install will fail if there is something on the host using port 80 already.

On a new Digital Ocean droplet I did nothing that wasn’t in the official install guide, and it did work fine. Letting Discourse installer install docker for me and everything.

Trying to reproduce this is proving tricky.

Yeah, it seems so. It definitely seems to be a thing since I’ve seen multiple people report it (@DarthLasciel , @Godmar_Back and maybe @kdambekalns ).

Let me know if there is anything you want to see from my install.

Does the issue still happens if you try to provision under a new subdomain in a brand new server and strictly following our official install guide, refraining from installing any extra packages in the host?

Also can you please share your [redacted] app.yml ?

Specifically, please be sure to redact the DISCOURSE_SMTP_PASSWORD environment variable and any other sensitive bits.

Also:

Can you try adding this to the URL? ?safe_mode=no_plugins

If it succeeds, it might point to plugin bugs.

Except for the subdomain part i did exactly that.
New Fedora Server, install docker, install discourse, setup without nginx being installed on the server. Results in the error posted above.

## this is the all-in-one, standalone Discourse Docker container template
##
## After making changes to this file, you MUST rebuild
## /var/discourse/launcher rebuild app
##
## BE *VERY* CAREFUL WHEN EDITING!
## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
## visit http://www.yamllint.com/ to validate this file as needed

templates:
  - "templates/postgres.template.yml"
  - "templates/redis.template.yml"
  - "templates/web.template.yml"
  ## Uncomment the next line to enable the IPv6 listener
  #- "templates/web.ipv6.template.yml"
  - "templates/web.ratelimited.template.yml"
  ## Uncomment these two lines if you wish to add Lets Encrypt (https)
  #- "templates/web.ssl.template.yml"
  #- "templates/web.letsencrypt.ssl.template.yml"

## which TCP/IP ports should this container expose?
## If you want Discourse to share a port with another webserver like Apache or nginx,
## see https://meta.discourse.org/t/17247 for details
expose:
  - "9980:80"   # http
#  - "443:443" # https

params:
  db_default_text_search_config: "pg_catalog.english"

  ## Set db_shared_buffers to a max of 25% of the total memory.
  ## will be set automatically by bootstrap based on detected RAM, or you can override
  #db_shared_buffers: "256MB"

  ## can improve sorting performance, but adds memory usage per-connection
  #db_work_mem: "40MB"

  ## Which Git revision should this container use? (default: tests-passed)
  #version: tests-passed

env:
  LC_ALL: de_DE.UTF-8
  LANG: de_DE.UTF-8
  LANGUAGE: de_DE.UTF-8
  # DISCOURSE_DEFAULT_LOCALE: en

  ## How many concurrent web requests are supported? Depends on memory and CPU cores.
  ## will be set automatically by bootstrap based on detected CPUs, or you can override
  #UNICORN_WORKERS: 3

  ## TODO: The domain name this Discourse instance will respond to
  ## Required. Discourse will not work with a bare IP number.
  DISCOURSE_HOSTNAME: 'redacted.de'

  ## Uncomment if you want the container to be started with the same
  ## hostname (-h option) as specified above (default "$hostname-$config")
  #DOCKER_USE_HOSTNAME: true

  ## TODO: List of comma delimited emails that will be made admin and developer
  ## on initial signup example 'user1@example.com,user2@example.com'
  DISCOURSE_DEVELOPER_EMAILS: 'me@example.com,you@example.com'

  ## TODO: The SMTP mail server used to validate new accounts and send notifications
  # SMTP ADDRESS, username, and password are required
  # WARNING the char '#' in SMTP password can cause problems!
  DISCOURSE_SMTP_ADDRESS: none.com
  #DISCOURSE_SMTP_PORT: 587
  DISCOURSE_SMTP_USER_NAME: user@none.com
  DISCOURSE_SMTP_PASSWORD: none
  #DISCOURSE_SMTP_ENABLE_START_TLS: true           # (optional, default true)
  #DISCOURSE_SMTP_DOMAIN: discourse.example.com    # (required by some providers)
  #DISCOURSE_NOTIFICATION_EMAIL: noreply@discourse.example.com    # (address to send notifications from)

  ## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate
  #LETSENCRYPT_ACCOUNT_EMAIL: me@example.com

  ## The http or https CDN address for this Discourse instance (configured to pull)
  ## see https://meta.discourse.org/t/14857 for details
  #DISCOURSE_CDN_URL: https://discourse-cdn.example.com
  
  ## The maxmind geolocation IP address key for IP address lookup
  ## see https://meta.discourse.org/t/-/137387/23 for details
  #DISCOURSE_MAXMIND_LICENSE_KEY: 1234567890123456

## The Docker container is stateless; all data is stored in /shared
volumes:
  - volume:
      host: /var/discourse/shared/standalone
      guest: /shared
  - volume:
      host: /var/discourse/shared/standalone/log/var-log
      guest: /var/log

## Plugins go here
## see https://meta.discourse.org/t/19157 for details
hooks:
  after_code:
    - exec:
        cd: $home/plugins
        cmd:
          - git clone https://github.com/discourse/docker_manager.git

## Any custom commands to run after building
run:
  - exec: echo "Beginning of custom commands"
  ## If you want to set the 'From' email address for your first registration, uncomment and change:
  ## After getting the first signup email, re-comment the line. It only needs to run once.
  #- exec: rails r "SiteSetting.notification_email='info@unconfigured.discourse.org'"
  - exec: echo "End of custom commands"

I’ve got the same permission problem where unicorn.pid isn’t writable. I wanted to get you some more info by seeing if it reproduces with the official install guide, but that doesn’t fit my system. First it complained because ports 80/443 are already in use, and then it did some e-mail checks that failed. Do you have an app.yml that just makes a docker image that doesn’t require anything external? Presumably this same issue should reproduce with that just as well.

I “fixed” the issue, and i feel incredibly stupid.

Instead of installing docker “the right way” i just entered “sudo apt install docker-compose” and ran with it. Docker “seemed” to work… seemed…

I reinstalled it the way the docker guide tells me to, adding another repository, keyrings, all that stuff… And discourse runs!

So a botched docker install was to blame. I really don’t understand how it’s still so hard to install an up-to-date and functional Docker. And it seems that they finally rolled docker-compose into docker (so you can do docker compose ... ), though I still haven’t paid close attention to that.

@rtwfroody and @StanD does this solve your problem too?

But we do not use docker-compose at all

Good to know, but our guide doesn’t ask for any of that, you run discourse-setup and it will install docker for you.

I’m pretty sure my docker install is fine and I am not using docker compose. Honestly, all I did was remove a plugin (the no longer needed discourse-checklist plugin) and run a rebuild on a self-hosted, up-to-date instance that has been running fine for years.

Unfortunately, my day job has kept me from looking into this for the last 24 hours. I should pick it up again this evening. I’ll see if I can provide more info.

I had the same issue when I was doing a fresh install on an EC2 (Ubuntu 22.04.3 LTS).
I had previous experience in setting up discourse (around 2-3 times).

Initially, I thought it was a build issue and ran ./launcher rebuild app multiple times because of which I exhausted the SSL certificate weekly limit offered by Let’s Encrypt which is why the website was giving site cant be reached error.

Later, I tried ./launcher logs app. It was showing the following errors:

1. directory for pid=/var/www/discourse/tmp/pids/unicorn.pid not writable (ArgumentError).
2. "detail": "Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours - Let’s Encrypt Rate-limit issue

The only thing that I did different from the official guide was the docker installation.

I installed docker using sudo apt install docker.io. I uninstalled this completely and let the docker installation happen with ./discourse-setup.

And it worked!!

As @pfaffman said, it was an issue with the docker installation.

PS: I moved forward with a new subdomain during the 2nd time of installation as I had to set up the discourse server on priority.

Thirding what @pfaffman and @csgeek said, the following worked for me:

1. apt remove docker.io, removing docker.io (20.10.25-0ubuntu1~22.04.1)
2. Run ./discourse-setup until it has installed docker, then exit out of it.
3. systemctl start docker
4. ./launcher rebuild app

This is on a system running Ubuntu 22.04.3 LTS.

Hey @jeanas. This looks like the thing to try. Could you do this:

And if that works for you, mark his post as the solution?

[Note: My case isn’t really an installation issue but the error produced is the same as in this topic and my fix (below) may be helpful to others. Moderators (@pfaffman?), feel free to categorize this more appropriately.]

The ArgumentError message appears after I run a ./launcher rebuild app on my self-hosted, docker instance (installed and working for many years). It happens because unicorn is unable to write a pid file to the /var/www/discourse/tmp/pids directory (inside the container). The log shows a loop of ArgumentError messages as it attempts to write that file every few seconds.

I log into the container from the host machine via

docker exec -it app bash

From inside the container I run

find /var/www/discourse -printf '%u:%g\n'  | sort -t: -u

This shows me a list of the owner:groups in that directory

root:root
discourse:discourse

I then make the /var/www/discourse/tmp/pids directory world readable via

chmod +r /var/www/discourse/tmp/pids

At this point a unicorn.pid file gets written to that directory. The file has an owner:group of discourse:www-data.

My fix was to recursively change the ownership of /var/www/discourse to discourse:www-data.

chown -R discourse:www-data /var/www/discourse

This takes a long time since there are over 100,000 files. It’s probably not necessary to do the entire directory but that’s what I did.

Lastly, I made the /etc/postgres/13/main/pb_hba.conf file world-readable

chmod +r /etc/postgres/13/main/pg_hba.conf

Restart the container and everything works.

It seems like the file ownership setup isn’t quite right but I am not well-versed enough with the art of setting permissions to figure out a simpler fix. The fact that the unicorn.pid file has a group of www-data seems key.

It does appear that I would need to run through this procedure each time I do a rebuild (i.e. anytime I change the app.yml file). Note also that it does not appear to be an issue with a particular plugin.

Hopefully, that’s enough information for one of the devs to take a look and say, “Of course! I just have to change x to fix it.”

Perhaps your problem is different from everyone else’s. What version of docker are you running and how did you install it?

I agree it doesn’t make sense that your long-working docker could be a problem

Running docker --version on my server returns

Docker version 20.10.25, build 20.10.25-0ubuntu1~22.04.1

Looks like I might not be up to date?

This version of docker worked for me @StanD.

Docker version 24.0.5, build ced0996.

You can try this.

YES! That worked for me.

Based on my experience and @Stand’s, it would appear that Discourse does not work anymore on older Docker versions.