lht/blog
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Site updated: 2022-10-27 14:21:36

Browse Source
This commit is contained in:
qinglong
2022-10-27 14:21:37 +08:00
parent ca0bf0b0fa
commit f8bdf5d67a
92 changed files with 400 additions and 365 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
feed.json
View File

@ -6,6 +6,22 @@
"description": "hito的博客",
"home_page_url": "https://blog.jingxiyuan.cn",
"items": [
{
"id": "https://blog.jingxiyuan.cn/2022/10/27/%E6%9E%81%E7%A9%BA%E9%97%B4web%E7%AB%AFhttps%E7%9B%B4%E8%BF%9Enginx%E9%85%8D%E7%BD%AE/",
"url": "https://blog.jingxiyuan.cn/2022/10/27/%E6%9E%81%E7%A9%BA%E9%97%B4web%E7%AB%AFhttps%E7%9B%B4%E8%BF%9Enginx%E9%85%8D%E7%BD%AE/",
"title": "极空间web端https直连nginx配置",
"date_published": "2022-10-27T05:34:00.000Z",
"content_html": "<ul>\n<li>ip 直连一般都映射了 5055, 但是直接访问 5055 极空间只提供了 http 协议,如果希望使用 https 协议则必须使用其它端口进行访问。以下方案采用 nginx 反向代理实现,端口使用 10000 举例。</li>\n</ul>\n<ol>\n<li>需要先把 10000 端口在路由器上做好映射。</li>\n<li>证书生成好并放置到 nginx 上。(证书生成方法不做介绍请自行百度)</li>\n<li>http 跳转 https 配置</li>\n</ol>\n<pre><code class=\"language-conf\">server &#123;\n\t\tif ($scheme = http) &#123;\n\t\t\trewrite ^(.*)$ https://$host$1 permanent;\n\t\t&#125;\n&#125;\n</code></pre>\n<ol start=\"4\">\n<li>web 端口监听配置</li>\n</ol>\n<pre><code class=\"language-conf\">#极空间-web\nserver &#123;\n\tlisten 10000 ssl http2; #ipv4\n\tlisten [::]:10000 ssl http2; #ipv6\n\tserver_name xxx.xxx.com; #填写自己的域名,主域名或者子域名\n\n\t#include /etc/nginx/conf.d/ssl/ssl_common.conf;\n\tssl_certificate_key /etc/nginx/conf.d/ssl/xxx.key; #加密证书\n\tssl_certificate /etc/nginx/conf.d/ssl/xxx.pem; #加密证书\n\tssl_session_timeout 1d;\n\tssl_session_cache shared:MozSSL:10m;\n\tssl_session_tickets off;\n\tssl_protocols TLSv1.2 TLSv1.3;\n\tssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;\n\tssl_prefer_server_ciphers on;\n \n\t# 开启OCSP stapling\n\tssl_stapling on;\n\tssl_stapling_verify on;\n \n\tclient_max_body_size 128M;\n \n\tadd_header Strict-Transport-Security &quot;max-age=31536000; includeSubdomains; preload&quot;;\n \n\tproxy_send_timeout 180s; #设置发送超时时间\n proxy_read_timeout 180s; #设置读取超时时间\n\n\t# Prevent Information leaks\n\tproxy_hide_header X-Powered-By;\n\tproxy_hide_header Server;\n\tproxy_hide_header X-AspNetMvc-Version;\n\tproxy_hide_header X-AspNet-Version;\n \n\t# http security headers\n\tadd_header X-Content-Type-Options nosniff;\n\tadd_header Pragma no-cache;\n\tadd_header Cache-Control no-store;\n\tadd_header X-XSS-Protection &quot;1; mode=block&quot;;\n\tadd_header Referrer-Policy origin-when-cross-origin;\n\tadd_header X-Permitted-Cross-Domain-Policies none;\n add_header X-Frame-Options SAMEORIGIN; #允许同域嵌套\n\n\t# Add Security cookie flags\n\tproxy_cookie_path ~(.*) &quot;$1; SameSite=strict; secure; httponly&quot;;\n\n\t# Path to the root of your installation\n\tlocation / &#123;\n\t\tproxy_intercept_errors on;\n\t\tproxy_max_temp_file_size 0;\n\t\tproxy_set_header Host $host;\n\t\tproxy_set_header X-Real-IP $remote_addr;\n\t\tproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n\t\tproxy_set_header X-Forwarded-Proto $scheme;\n \n\t\tproxy_pass http://极空间内网ip:5055; #这里设置你自己要跳转的局域网应用;\n\t\tproxy_redirect http://域名:5055/home https://域名:10000/home; #极空间在登陆后会跳转到http协议的5055端口所以要在此替换为https协议的10000端口\n\t&#125;\n\t\n\terror_page 500 502 503 504 /500.html;\n\terror_page 400 404 /500.html;\n\tlocation = /500.html &#123;\n\t\troot /usr/share/nginx/html/; #错误html\n\t&#125;\n&#125;\n</code></pre>\n<ol start=\"5\">\n<li>问题</li>\n</ol>\n<ul>\n<li>需要开启允许嵌套否则登陆后所有应用都是拒绝访问</li>\n<li>需要配置 proxy_redirect 替换响应 url否则会跳转到默认 http 协议的 5055 端口</li>\n<li>如果配置 proxy_redirect 后无效可能需要清楚浏览器缓存F12 - 网络 - 右键点击 url 区域 - 清除浏览器缓存)</li>\n</ul>\n",
"tags": [
"极空间",
"Docker",
"技术分享",
"nginx",
"极空间",
"https",
"web"
]
},
{
"id": "https://blog.jingxiyuan.cn/2022/10/22/%E6%9E%81%E7%A9%BA%E9%97%B4Docker%E7%89%88%E9%9D%92%E9%BE%99%E9%9D%A2%E6%9D%BF%E5%AE%89%E8%A3%85%E4%B8%8E%E9%85%8D%E7%BD%AE/",
"url": "https://blog.jingxiyuan.cn/2022/10/22/%E6%9E%81%E7%A9%BA%E9%97%B4Docker%E7%89%88%E9%9D%92%E9%BE%99%E9%9D%A2%E6%9D%BF%E5%AE%89%E8%A3%85%E4%B8%8E%E9%85%8D%E7%BD%AE/",
@ -173,8 +189,8 @@
"tags": [
"生活",
"心情",
"郁闷",
"心情"
"心情",
"郁闷"
]
},
{
@ -281,21 +297,6 @@
"图床",
"图片上传"
]
},
{
"id": "https://blog.jingxiyuan.cn/2022/09/14/Hexo%E5%AE%89%E8%A3%85%E6%91%B8%E7%B4%A2/",
"url": "https://blog.jingxiyuan.cn/2022/09/14/Hexo%E5%AE%89%E8%A3%85%E6%91%B8%E7%B4%A2/",
"title": "Hexo安装摸索",
"date_published": "2022-09-14T04:23:00.000Z",
"content_html": "<h1 id=\"hexo博客安装\"><a class=\"anchor\" href=\"#hexo博客安装\">#</a> hexo 博客安装</h1>\n<ol>\n<li>\n<p><span class=\"exturl\" data-url=\"aHR0cHM6Ly9ub2RlanMub3JnL2VuLw==\">安装 nodejs</span></p>\n</li>\n<li>\n<p><span class=\"exturl\" data-url=\"aHR0cHM6Ly9naXQtc2NtLmNvbS8=\">安装 git</span></p>\n</li>\n<li>\n<p>安装 hexowindows 需进入 git bash</p>\n<p><code>npm install -g hexo-cli</code></p>\n</li>\n<li>\n<p>初始化博客目录</p>\n<p><code>hexo init blog</code></p>\n</li>\n<li>\n<p>进入博客目录</p>\n<p><code>cd blog</code></p>\n</li>\n<li>\n<p>初始化 hexo 到博客目录</p>\n<p><code>npm install</code></p>\n</li>\n</ol>\n<h1 id=\"shoka主题安装\"><a class=\"anchor\" href=\"#shoka主题安装\">#</a> shoka 主题安装</h1>\n<ol>\n<li>\n<p>下载主题 </p>\n<p><code>git clone </code> <span class=\"exturl\" data-url=\"aHR0cHM6Ly9naXRodWIuY29tL2FtZWhpbWUvaGV4by10aGVtZS1zaG9rYS5naXQ=\">https://github.com/amehime/hexo-theme-shoka.git</span> <code> ./themes/shoka</code></p>\n</li>\n<li>\n<p>卸载 hexo-renderer-marked 以及别的 markdown 文件渲染器 </p>\n<p><code>npm un hexo-renderer-marked --save</code></p>\n</li>\n<li>\n<p>安装md 文件渲染器,压缩 css/js/html</p>\n<p><code>npm i hexo-renderer-multi-markdown-it --save</code></p>\n</li>\n<li>\n<p>安装(给生成的 css 文件们添加浏览器前缀)</p>\n<p><code>npm i hexo-autoprefixer --save</code></p>\n</li>\n<li>\n<p>安装(站内搜索功能) </p>\n<p><code>npm i hexo-algoliasearch --save</code></p>\n</li>\n<li>\n<p>安装(文章或站点字数及阅读时间统计)</p>\n<p><code>npm i hexo-symbols-count-time --save</code></p>\n</li>\n<li>\n<p>安装(生成 Feed 文件)</p>\n<p><code>npm i hexo-feed --save</code></p>\n</li>\n</ol>\n<h1 id=\"hexo部分常用命令\"><a class=\"anchor\" href=\"#hexo部分常用命令\">#</a> Hexo 部分常用命令</h1>\n<ul>\n<li>\n<p>清除静态文件</p>\n<p><code>hexo clean</code></p>\n</li>\n<li>\n<p>生成静态文件</p>\n<p><code>hexo g</code></p>\n</li>\n<li>\n<p>安装 git 推送插件 </p>\n<p><code>npm install hexo-deployer-git --save</code></p>\n</li>\n<li>\n<p>推送静态文件到 git </p>\n<p><code>hexo d</code></p>\n</li>\n</ul>\n<h1 id=\"安装hexo-admin编写博客插件\"><a class=\"anchor\" href=\"#安装hexo-admin编写博客插件\">#</a> 安装 hexo-admin编写博客插件</h1>\n<ul>\n<li>\n<p><code>npm install hexo-admin --save</code></p>\n</li>\n<li>\n<p>hexo-admin 编辑 url</p>\n<p><a href=\"http://localhost:4000/admin\"> <code>http://localhost:4000/admin</code> </a></p>\n</li>\n<li>\n<p>settings 设置用户名、密码、Secret</p>\n<p><a href=\"http://localhost:4000/admin/#/settings\"> <code>http://localhost:4000/admin/#/settings</code> </a></p>\n</li>\n<li>\n<p>把底部生成的配置拷入 hexo 配合文件中 (_config.yml)</p>\n</li>\n</ul>\n<pre><code class=\"language-yml\">admin:\nusername: username\npassword_hash: xxxxxx\nsecret: 'my super secret phrase' #用单引号包裹\ndeployCommand: 'hexo_publish.sh' #windows用hexo_publish.batlinux用hexo_publish.sh\n</code></pre>\n<h4 id=\"hexo_publishsh\"><a class=\"anchor\" href=\"#hexo_publishsh\">#</a> hexo_publish.sh</h4>\n<pre><code class=\"language-bash\">#!/bin/bash\n\nhexo clean\nhexo g\nhexo d\n</code></pre>\n<h4 id=\"hexo_publishbat\"><a class=\"anchor\" href=\"#hexo_publishbat\">#</a> hexo_publish.bat</h4>\n<pre><code class=\"language-bash\">@echo off\ncd D:\\blog\nd:\n@cmd /c &quot;hexo clean&amp;&amp; hexo g&amp;&amp;hexo d&amp;&amp;echo success&quot;\n</code></pre>\n",
"tags": [
"Linux",
"服务",
"经验分享",
"博客",
"Hexo",
"Hexo-admin"
]
}
]
}