SetupHexoBlogOnCentos7.5

1.Let’s setup our brand new CentOS7.5 server supplied by TencentCloud to host our hexo blog! Contains : nginx, node.js, Git, hexo, https: !

1.Install nginx

yum install nginx -i
nginx
vi /etc/nginx/nginx.conf
#modify:
root /home/hexoBlog;
nginx -s reload

3.Https: SSL Certification

3.1.Apply for free SSL Certification

3.2.Download Certification at Local

3.3.Make dir for nginx cert on Server

mkdir /etc/nginx/cert

3.4.Copy .Crt and .Key to Server at Local

scp ourCrt.crt root@ourDomain:/etc/nginx/cert/
scp ourKey.key root@ourDomain:/etc/nginx/cert/

##3.5.Configure nginx to supply https: listen to 443 on Server

vi /etc/nginx/nginx.conf
#in nginx.conf-----
server {
        listen       443 ssl http2 default_server;
        listen       [::]:443 ssl http2 default_server;
        server_name  OurDomain;
        root            /home/hexoBlog;
        ssl_certificate "cert/1_ourDomain_bundle.crt";
        ssl_certificate_key "cert/2_ourDomain.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
#
        location / {
        }
#
#        error_page 404 /404.html;
            location = /40x.html {
        }
#
#        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
   }
}
#out nginx.conf-----
nginx -s reload

3.6.Redirect http: to https:

#add to nginx.conf
server {
        listen 80;
        server_name www.heavenyu.com;
        return 301 https://$server_name$request_uri;
}

4.Authorization for visitors 2018-12-09 22:15:08

gpg --gen-random -armor 1 $ourPasswdLenth
printf "$UserName=:$(openssl passwd -crypt $Passwd)\n" >> /etc/nginx/conf.d/htpasswd
vi /etc/nginx/nginx.conf
#add two lines
------
		location / {
                auth_basic "nginx basic http test for ";
                auth_basic_user_file conf.d/htpasswd;
        }
-----
nginx -s reload

5.Install node.js

5.1.find the latest version address

https://nodejs.org/en/download/
#choose sourcs code
cd /usr/local/src
wget https://nodejs.org/dist/v10.14.1/node-v10.14.1.tar.gz
tar -zxvf node-v10.14.1.tar.gz

vim ~/.bash_profile
# PATH=$PATH:$HOME/bin
PATH=$PATH:$HOME/bin:/usr/local/src/node/bin
source ~/.bash_profile

6.Setup Git

6.1.Setup Server

useradd git
passwd git
cd /home
mkdir hexoBlog
chown -R git:git hexoBlog
chmod -R 755 hexoBlog
cd git
#Initialized empty Git repository in /home/git/hexo_static.git/
git init --bare hexoBlog.git
chown -R git:git hexoBlog.git

6.2.Local setup git SSH

//generate ssh key
ssh-keygen -t rsa -C "ourMail@xxx.com"

4.3.Server set allow passwd login

vi /etc/ssh/sshd_config
PasswordAuthentication yes
service sshd restart

4.4.Local copy ssh key to server

ssh-copy-id -i ~/.ssh/id_rsa.pub  git@serverIp
ssh git@serverIp

4.5.Server forbid passwd login

vi /etc/ssh/sshd_config
#set forbid passwd login
PasswordAuthentication no
service sshd restart

4.6.Server setup Auto Deploy

cd /home/git/hexoBlog.git/hooks
vim post-receive
#add lines between ---
----
#!/bin/bash
git --work-tree=/home/hexoBlog --git-dir=/home/git/hexoBlog.git checkout -f
----
chmod +x post-receive

5.Local setup hexo deploy

#Edit _config.yml in hexo project root dir
url: ourDomain(https://xxx.xxx.xxx)
deploy:
  type: git
  repo: git@ourServerIpOrourDomain:/home/git/hexoBlog
  branch: master

6.Server setup ngnix

nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
vi /etc/nginx/nginx.conf
##
	server_name  #OurServerIp/Domain;
	root     /home/hexoBlog;
    location / {
    }
##

7.Local deploy hexo

hexo d -g

8.Https: SSL Certification

8.1.Apply for free SSL Certification

8.2.Download Certification at Local

8.3.Make dir for nginx cert on Server

mkdir /etc/nginx/cert

8.4.Copy .Crt and .Key to Server at Local

scp ourCrt.crt root@ourDomain:/etc/nginx/cert/
scp ourKey.key root@ourDomain:/etc/nginx/cert/

##8.5.Configure nginx to supply https: listen to 443 on Server

vi /etc/nginx/nginx.conf
#in nginx.conf-----
server {
        listen       443 ssl http2 default_server;
        listen       [::]:443 ssl http2 default_server;
        server_name  OurDomain;
        root            /home/hexoBlog;
        ssl_certificate "cert/1_ourDomain_bundle.crt";
        ssl_certificate_key "cert/2_ourDomain.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
#
        location / {
        }
#
#        error_page 404 /404.html;
            location = /40x.html {
        }
#
#        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
   }
}
#out nginx.conf-----
nginx -s reload

8.6.Redirect http: to https:

#add to nginx.conf
server {
        listen 80;
        server_name www.heavenyu.com;
        return 301 https://$server_name$request_uri;
}

9.Authorization for visitors 2018-12-09 22:15:08

gpg --gen-random -armor 1 $ourPasswdLenth
printf "$UserName=:$(openssl passwd -crypt $Passwd)\n" >> /etc/nginx/conf.d/htpasswd
vi /etc/nginx/nginx.conf
#add two lines
------
		location / {
                auth_basic "nginx basic http test for ";
                auth_basic_user_file conf.d/htpasswd;
        }
-----
nginx -s reload

10.Install Python

mkdir Download
cd Download
sudo yum -y groupinstall "Development tools"
sudo yum -y install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel libffi-devel
#check current version on https://www.python.org
wget https://www.python.org/ftp/python/3.7.1/Python-3.7.1.tar.xz
tar -xvJf  Python-3.7.0a1.tar.xz
sudo make
sudo make install