Synchronize the back garden of my personal blog Moyu , please give me more advice.
In this blog post of Simple Steps to Build a Blog I wrote two years ago, I briefly introduced how to build a Github-based Hexo blog, and now I will introduce some other usage and deployment methods.
plugin
One of the main reasons for using Hexo instead of Wordpress to build a blog in the past is that you can build a blog on a service like Github without having to build a server yourself, which reduces the investment in money. If it were now, I would still invest in these aspects. In the past, Hexo's plugins were not particularly numerous, especially the domestic plugins and themes, so I have always used Next as the theme of my website. .
In fact, this theme has a lot of domestic support management, I feel very convenient, if you need other plugins, you can go to the official website to see the category of plugins, there are many directories below that are worth using.
deploy
There are many ways to deploy Hexo on your own server. You can package the server's files into a Docker image for use, or you can use various static forwarding servers, such as http-server and httpd. What I will cover here is deploying with Nginx and generating SSL certificates with cerbot.
Below I will demonstrate the deployment of my blog, and the server is using Ubuntu 17.10
Nginx
We first clone the data from our GitHub or other code management services and save it to the /var/www/mosdev.xyz directory of the server. Then create a new configuration file in /etc/nginx/sites-available, such as blog, and write the following configuration content in it:
server {
root /var/www/mosdev.xyz;
index index.html index.htm index.nginx-debian.html;
server_name www.mosdev.xyz;
location / {
try_files $uri $uri/ =404;
}
}
This configuration will listen to port 80 by default. If you want to listen to other ports, you can add the listen field to the configuration file to listen. If your configuration is correct, delete the original default configuration in /etc/nginx/sites-enabled at this time, and then re-establish the soft connection ln -sf ../sites-available/mosdev ./, if the configuration is correct , you will access your domain name after entering the nginx -s reload signal and you will see your deployed blog.
Now https has become the mainstream of website deployment, so we also consider deploying the website with an SSL certificate, enabling https, and finally converting all access that is not https into http access.
Cerbot
One problem with deploying https is that we have to have an SSL certificate. The previous SSL certificates were more expensive, and individuals should not be willing to buy such a certificate to deploy https, but since 2016, Let's Encrypt has provided free At this time, we can use such a free service to deploy an SSL certificate.
Install
First of all, of course, first install cerbot on the server. The main installation methods are using Docker or installing directly from the official source:
- Install from the official source, this is without the Nginx plugin: sudo apt-get update sudo apt-get install software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install certbot
- Docker installation, the premise of this is of course that you have to install Dockers on the server: sudo docker run -it --rm -p 443:443 -p 80:80 --name certbot
-v "/etc/letsencrypt: /etc/letsencrypt"
-v "/var/lib/letsencrypt:/var/lib/letsencrypt"
certbot/certbot certonly
Although I prefer to use Docker for deployment, I still use the official source for installation on cerbot, so that it can be updated automatically when I update the system, and this time we use Nginx for deployment, so I need this time The installation is cerbot with Nginx plug-in. The specific installation steps are as follows:
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx
use
Because this time we use cerbot with Nginx plugin, we first have to make sure that our configuration file is the correct nginx -t, and then we can execute the following command to generate a new certificate and switch http traffic to https:
# 可以自动的修改原有的配置文件,并且在选项中有自动跳转
sudo certbot --nginx
# 如果只是想生成证书,不修改Nginx的配置,可以用如下代码
sudo certbot --nginx certonly
# 配置自动获取证书
sudo certbot renew --dry-run
If using cerbot without the Nginx plugin, we have to run the following code to generate the certificate:
sudo certbot certonly --webroot -w /var/www/mosdev.xyz -d www.mosdev.xyz
Then modify the configuration file as follows, which is also the final configuration file:
server {
root /var/www/mosdev.xyz;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name www.mosdev.xyz;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.mosdev.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.mosdev.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.mosdev.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name www.mosdev.xyz;
return 404; # managed by Certbot
}
So far, your website has been deployed on your VPS, using Nginx as the server, and deploying HTTPS on the server, thus achieving our goal.
Reference article
- How To Set Up Let's Encrypt with Nginx Server Blocks on Ubuntu 16.04
- Cerbot Document