orangeの博客

hexo博客部署在云服务器

发表于 更新于 分类于 Valine:
本文字数: 2.8k 阅读时长 ≈ 3 分钟

[toc]

默认在root用户下执行命令

docker部署nginx

自己去安装docker,我相信你会的

创建目录

1
mkdir /hexo_nginx

拉取nginx镜像

1
docker pull amd64/nginx

运行nginx

1
docker run --name hexo_nginx --network=host -v /hexo_nginx/www/html:/usr/share/nginx/html -d nginx

设置权限

1
chmod -R 777 /hexo_nginx

git

自己安装git,我还是相信你会的

1
useradd -m -s /bin/bash git
  • -m 参数表示创建用户的同时创建用户的家目录
  • -s /bin/bash 参数表示将用户的默认 shell 设置为 Bash

更改密码

1
passwd git

切换git用户

1
su - git

创建Git文件夹

1
[git@archlinux ~]$ mkdir Git

进入Git文件夹

1
2
[git@archlinux ~]$ cd Git/
[git@archlinux Git]$

创建一个裸仓库

1
2
3
4
5
6
7
8
9
10
11
[git@archlinux Git]$ git init --bare hexo_nginx.git
hint: Using 'master' as the name for the initial branch. This default branch name
hint: is subject to change. To configure the initial branch name to use in all
hint: of your new repositories, which will suppress this warning, call:
hint: 
hint:   git config --global init.defaultBranch <name>
hint: 
hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
hint: 'development'. The just-created branch can be renamed via this command:
hint: 
hint:   git branch -m <name>

创建钩子脚本

1
2
3
4
cat >hexo_nginx.git/hooks/post-receive<<EOF
#!/bin/bash
git --work-tree=/hexo_nginx/www/html --git-dir=/home/git/Git/hexo_nginx.git checkout -f
EOF

赋予执行权限

1
chmod +x hexo_nginx.git/hooks/post-receive

hexo本地博客配置

编辑_config.yml配置文件

1
2
3
4
5
6
7
8
deploy:
  - type: git
    repo: git@github.com:julintongxue/julintongxue.github.io.git
    branch: master
# 加下面这个
  - type: git
    repo: git@your_server_ip:/home/git/Git/hexo_nginx.git
    branch: master

推送

1
2
3
hexo g
hexo d
# 要输入密码

免密推送

把本地的ssh公钥粘给服务器端的git用户

创建.ssh文件夹

1
[git@archlinux ~]$ mkdir .ssh && cd .ssh

创建authorized_keys文本

1
[git@archlinux .ssh]$ touch authorized_keys

把公钥粘贴进去得了

部署ssl实现https访问

首先,得先申请证书!然后下载到certs文件夹里面,欸!太简单了,我不想写

然后修改default.conf配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
server {
    listen       80;
    listen  [::]:80;
    #写你的域名
    server_name  www.xxx.com;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }
}

server {
    listen 443 ssl;
    #写你的域名
    server_name www.xxx.com;
    # 绝对路径指定证书的位置和证书名字
    ssl_certificate /etc/ssl/certs/1.pem;
    ssl_certificate_key /etc/ssl/1.key;
    
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:1m;
    fastcgi_param  HTTPS        on;
    fastcgi_param  HTTP_SCHEME     https;

    location / {
        proxy_set_header   X-Real-IP         $remote_addr;
        proxy_set_header   Host              $http_host;
        proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
        root   /usr/share/nginx/html;
        try_files $uri $uri/ /index.html;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

然后docker数据卷映射就行了

把上一个docker容器删了,部署新的

1
docker rm -f hexo_nginx

我是在hexo_nginx创建了certs证书文件夹和default.conf文本文件

1
docker run --name hexo_nginx --network=host --restart always -v /hexo_nginx/www/html:/usr/share/nginx/html -v /hexo_nginx/certs:/etc/ssl/certs -v /hexo_nginx/default.conf:/etc/nginx/conf.d/default.conf:ro -d nginx

image-20240105003320649

访问就可以看到可爱的小锁了

image-20240105003423943