hexo博客部署在云服务器

[toc]

默认在root用户下执行命令

docker部署nginx

自己去安装docker，我相信你会的

创建目录

1	mkdir /hexo_nginx

拉取nginx镜像

1	docker pull amd64/nginx

运行nginx

1	docker run --name hexo_nginx --network=host -v /hexo_nginx/www/html:/usr/share/nginx/html -d nginx

设置权限

1	chmod -R 777 /hexo_nginx

git

自己安装git，我还是相信你会的

1	useradd -m -s /bin/bash git

-m 参数表示创建用户的同时创建用户的家目录
-s /bin/bash 参数表示将用户的默认 shell 设置为 Bash

更改密码

1	passwd git

切换git用户

su - git

创建Git文件夹

1	[git@archlinux ~]$ mkdir Git

进入Git文件夹

1 2	[git@archlinux ~]$ cd Git/ [git@archlinux Git]$

创建一个裸仓库

[git@archlinux Git]$ git init --bare hexo_nginx.git
hint: Using 'master' as the name for the initial branch. This default branch name
hint: is subject to change. To configure the initial branch name to use in all
hint: of your new repositories, which will suppress this warning, call:
hint: 
hint:   git config --global init.defaultBranch <name>
hint: 
hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
hint: 'development'. The just-created branch can be renamed via this command:
hint: 
hint:   git branch -m <name>

创建钩子脚本

cat >hexo_nginx.git/hooks/post-receive<<EOF
#!/bin/bash
git --work-tree=/hexo_nginx/www/html --git-dir=/home/git/Git/hexo_nginx.git checkout -f
EOF

赋予执行权限

1	chmod +x hexo_nginx.git/hooks/post-receive

hexo本地博客配置

编辑_config.yml配置文件

deploy:
  - type: git
    repo: git@github.com:julintongxue/julintongxue.github.io.git
    branch: master
# 加下面这个
  - type: git
    repo: git@your_server_ip:/home/git/Git/hexo_nginx.git
    branch: master

推送

1
2
3

hexo g
hexo d
# 要输入密码

免密推送

把本地的ssh公钥粘给服务器端的git用户

创建.ssh文件夹

1	[git@archlinux ~]$ mkdir .ssh

创建authorized_keys文本

1	[git@archlinux .ssh]$ touch authorized_keys

把公钥粘贴进去得了

部署ssl实现https访问

首先，得先申请证书！然后下载到certs文件夹里面，欸！太简单了，我不想写

然后修改default.conf配置文件

server {
    listen       80;
    listen  [::]:80;
    #写你的域名
    server_name  www.xxx.com;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }
}

server {
    listen 443 ssl;
    #写你的域名
    server_name www.xxx.com;
    # 绝对路径指定证书的位置和证书名字
    ssl_certificate /etc/ssl/certs/www.xxx.com.pem;
    ssl_certificate_key /etc/ssl/certs/www.xxx.com.key;
    
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:1m;
    fastcgi_param  HTTPS        on;
    fastcgi_param  HTTP_SCHEME     https;

    location / {
        proxy_set_header   X-Real-IP         $remote_addr;
        proxy_set_header   Host              $http_host;
        proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
        root   /usr/share/nginx/html;
        try_files $uri $uri/ /index.html;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

然后docker数据卷映射就行了

把上一个docker容器删了,部署新的

1	docker rm -f hexo_nginx

我是在hexo_nginx创建了certs证书文件夹和default.conf文本文件

docker run --name hexo_nginx --network=host --restart always -v /hexo_nginx/www/html:/usr/share/nginx/html -v /hexo_nginx/certs:/etc/ssl/certs -v /hexo_nginx/default.conf:/etc/nginx/conf.d/default.conf:ro -d nginx

访问就可以看到可爱的小锁了，而且80端口也可以正常访问的，就是没有ssl而已