CentOS 7 + Nginx + Google Compute Engine (permission forbidden error)

Question

I'm fairly new to Nginx. I configured Nginx to use virtualhosts (server blocks) and restarted nginx but I am getting two errors that make no sense to me...

This is what my vhost server block looks like

server {
listen 80 default_server;
listen [::]:80 default_server;

root /custom/path/to/public_html;
index index.html index.htm index.php;
server_name _;
#access_log /custom/path/to/log/oq.default.access.log combined buffer=1024k;
#error_log /custom/path/to/log/oq.default.error.log;

location / {
    try_files $uri $uri/ =404;
}

error_page   500 502 503 504  /50x.html;
location = /50x.html {
    root   html;
}

}

Error number #1: prior to commenting out the access_log line, nginx would fail to start, with the following error 2017/01/23 02:10:23 [emerg] 26984#0: open() "/custom/path/to/log/oq.default.access.log" failed (13: Permission denied)

Error number #2: after commenting out the access_log line, restart nginx (successfully) and that's when I get error 403 Forbidden on my site, when I go to the error log what it shows me

2017/01/23 11:32:10 [error] 5812#0: *3 "/custom/path/to/public_html/index.html" is forbidden (13: Permission denied), client: xxx.xxx.xxx.xxx, server: _, request: "GET / HTTP/1.1", host: "xxx.xxx.xxx.xxx"

I set 777 to BOTH "public_html" and "log" folders and I change the owner to "nginx:nginx" and restart nginx and still the same errors still comes out

What am I missing?

Answer 1

It's SELinux:

grep nginx /var/log/audit/audit.log | audit2allow -m nginx > nginx.te
cat nginx.te
grep nginx /var/log/audit/audit.log | audit2allow -M nginx
semodule -i nginx.pp