(13: Permission denied) while connecting to upstream:[nginx]
Disclaimer
Make sure there are no security implications for your use-case before running this.
Answer
I had a similar issue getting Fedora 20, Nginx, Node.js, and Ghost (blog) to work. It turns out my issue was due to SELinux.
This should solve the problem:
setsebool -P httpd_can_network_connect 1
Details
I checked for errors in the SELinux logs:
sudo cat /var/log/audit/audit.log | grep nginx | grep denied
And found that running the following commands fixed my issue:
sudo cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M mynginx
sudo semodule -i mynginx.pp
Option #2 (untested, but probably more secure)
setsebool -P httpd_can_network_relay 1
https://security.stackexchange.com/questions/152358/difference-between-selinux-booleans-httpd-can-network-relay-and-httpd-can-net
References
http://blog.frag-gustav.de/2013/07/21/nginx-selinux-me-mad/
https://wiki.gentoo.org/wiki/SELinux/Tutorials/Where_to_find_SELinux_permission_denial_details
http://wiki.gentoo.org/wiki/SELinux/Tutorials/Managing_network_port_labels
http://www.linuxproblems.org/wiki/Selinux
I’ve run into this problem too. Another solution is to toggle the SELinux boolean value for httpd network connect to on
(Nginx uses the httpd label).
setsebool httpd_can_network_connect on
To make the change persist use the -P flag.
setsebool httpd_can_network_connect on -P
You can see a list of all available SELinux booleans for httpd using
getsebool -a | grep httpd
I have solved my problem by running my Nginx as the user I'm currently logged in with, mulagala.
By default the user as nginx is defined at the very top section of the nginx.conf
file as seen below;
user nginx; # Default Nginx user
Change nginx to the name of your current user - here, mulagala.
user mulagala; # Custom Nginx user (as username of the current logged in user)
However, this may not address the actual problem and may actually have casual side effect(s).
For an effective solution, please refer to Joseph Barbere's solution.