Skip to content

Commit

Permalink
chore: actions deploy
Browse files Browse the repository at this point in the history
  • Loading branch information
ReturnTmp committed Oct 14, 2023
1 parent cdd98bf commit c71bf6c
Show file tree
Hide file tree
Showing 4 changed files with 199 additions and 30 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -36,5 +36,5 @@ jobs:
SOURCE: "docs/.vuepress/dist"
REMOTE_HOST: ${{ secrets.IP }} #服务器ip
REMOTE_USER: "root"
TARGET: "/root/app/blog-vuepress-vdoing/"
TARGET: "/usr/share/nginx/blog/"
EXCLUDE: "/node_modules/"
85 changes: 56 additions & 29 deletions docs/04.运维笔记/73.GitHub Action 部署静态博客.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ author:

**博客地址**[ReturnTmp/blog-vuepress-vdoing](https://github.com/ReturnTmp/blog-vuepress-vdoing)

> 系统配置:CentOS 7.9


## 步骤
Expand All @@ -47,7 +49,7 @@ ssh-keygen -t rsa -f action -C "[email protected]"

之后打开上面我们提供的博客仓库地址,找到 Settings 中的 Actinons ,然后点击 `New repository secret`,然后自定义密钥名称,然后填入上面的 `id_rsa`,然后即可生成成功

![image-20231014151411628](C:\Users\86150\AppData\Roaming\Typora\typora-user-images\image-20231014151411628.png)
![image-20231014151411628](https://cdn.jsdelivr.net/gh/Returntmp/blog-image@main/blog/202310141934939.png)

![image-20231014152823844](https://cdn.jsdelivr.net/gh/Returntmp/blog-image@main/blog/202310141528242.png)

Expand All @@ -68,49 +70,50 @@ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
我们需要在博客项目的根目录下创建`.github/workflows`文件夹,创建文件`deploy.yml`,填写如下内容

```yaml
name: Build app and deploy
name: Deploy My Server

on:
#监听push操作
push:
branches:
# main分支,你也可以改成其他分支
- main

jobs:
build:
# runs-on 指定job任务运行所需要的虚拟机环境(必填字段)
runs-on: ubuntu-latest
steps:
# 获取源码
- name: Checkout
# 使用action库 actions/checkout获取源码
uses: actions/checkout@master
# 安装 Node
- name: use Node.js 18.17.0
# 使用action库 actions/setup-node安装node
deploy:
runs-on: ubuntu-latest # 使用ubuntu系统镜像运行自动化脚本

steps: # 自动化步骤
#下载代码仓库
- uses: actions/checkout@v1

# 使用action库,安装node
- name: use Node.js # 使用action库 actions/setup-node安装node
uses: actions/setup-node@v1
with:
node-version: 18.17.0
node-version: 18.17.0 # 指定node版本
# 安装依赖
- name: npm install
run: npm install
# 打包
- name: npm run build

#打包项目
- name: Build
run: npm run build
# 部署到云服务器
- name: Deploy to Server # 第二步,rsync推文件
uses: AEnterprise/[email protected] # 使用别人包装好的步骤镜像

#部署到服务器
- name: Deploy to Staging My server
uses: easingthemes/[email protected]
env:
DEPLOY_KEY: ${{ secrets.MY_SERVER_PRIVATE_KEY }} # 引用配置,SSH私钥
ARGS: -avz --delete --exclude='*.pyc' # rsync参数,排除.pyc文件
SERVER_PORT: "22" # SSH端口
FOLDER: ./docs/.vuepress/dist # 要推送的文件夹,路径相对于代码仓库的根目录,视情况替换为自己的文件夹路径
SERVER_IP: ${{ secrets.IP }} # 引用配置,服务器的host名(IP或者域名domain.com)
USERNAME: root # 引用配置,服务器登录名
SERVER_DESTINATION: /root/app # 部署到目标文件夹
#私钥
SSH_PRIVATE_KEY: ${{ secrets.MY_SERVER_PRIVATE_KEY }}
ARGS: "-rltgoDzvO"
SOURCE: "docs/.vuepress/dist"
REMOTE_HOST: ${{ secrets.IP }} #服务器ip
REMOTE_USER: "root"
TARGET: "/root/app/blog-vuepress-vdoing/"
EXCLUDE: "/node_modules/"

```

其中 `/root/app` 是我们需要部署博客的目标文件夹,需要提前创建
其中 `/root/app` 是我们需要部署博客的目标文件夹,尽量提前创建文件夹

> 注:其中 action 详细配置可以自行查找对应仓库,例如 actions/checkout action ,仓库位于:https://github.com/actions/checkout
Expand All @@ -127,12 +130,30 @@ jobs:
try_files $uri $uri/ /index.html;
}
}
同时需要更改 Nginx 启动用户,修改 `/etc/nginx/nginx.conf`

```bash
user root;
```

重启 nginx

```bash
systemctl restart nginx
```

这里需要注意,后面我们推送工作流之后,拉取下来的 dist 文件夹所属用户和用户组不是 root,nginx 会有 403 错误

![image-20231014193340180](https://cdn.jsdelivr.net/gh/Returntmp/blog-image@main/blog/202310141934940.png)

需要执行如下命令

```bash
chown -R root:root /root/app/blog-vuepress-vdoing/dist
```





### 工作流推送
Expand All @@ -143,6 +164,12 @@ systemctl restart nginx









## 参考链接

- [GitHub Actions 入门教程 - 阮一峰的网络日志 (ruanyifeng.com)](http://www.ruanyifeng.com/blog/2019/09/getting-started-with-github-actions.html)
Expand Down
50 changes: 50 additions & 0 deletions docs/04.运维笔记/74.Nginx 配置路径解析.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
---
title: Nginx 配置路径解析
date: 2023-10-14 18:55:23
permalink: /pages/82554b/
categories:
- 运维笔记
tags:
-
author:
name: ReturnTmp
link: https://github.com/ReturnTmp
---



## 前言

本章仅为记录 Nginx 的路径配置 cheat sheet



## 配置

在nginx中配置proxy_pass代理转发时,如果在proxy_pass后面的url加/,表示绝对根路径;如果没有/,表示相对路径,把匹配的路径部分也给代理走。

假设下面四种情况分别用 http://192.168.1.1/proxy/test.html 进行访问。

第一种:
location /proxy/ {
proxy_pass http://127.0.0.1/;
}
代理到URL:http://127.0.0.1/test.html

第二种(相对于第一种,最后少一个 / )
location /proxy/ {
proxy_pass http://127.0.0.1;
}
代理到URL:http://127.0.0.1/proxy/test.html

第三种:
location /proxy/ {
proxy_pass http://127.0.0.1/aaa/;
}
代理到URL:http://127.0.0.1/aaa/test.html

第四种(相对于第三种,最后少一个 / )
location /proxy/ {
proxy_pass http://127.0.0.1/aaa;
}

92 changes: 92 additions & 0 deletions docs/04.运维笔记/76.Nginx 403 forbidden 问题.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
---
title: Nginx 403 forbidden 问题
date: 2023-10-14 18:54:15
permalink: /pages/d53b24/
categories:
- 运维笔记
tags:
-
author:
name: ReturnTmp
link: https://github.com/ReturnTmp
---



## 前言

本文将会记录 Nginx 出现 403 forbidden (13: Permission denied)报错的四种方法

## 方案

### 启动用户

可能是因为 Nginx 启动用户不一致,我们可以使用下面命令分别查看 nginx 启动用户和实际启动用户

```bash
ps aux | grep "nginx: worker process" | awk '{print $1}'
```

然后我们修改 nginx.conf 即可

```bash
vim /etc/nginx/nginx.conf

# 修改启动用户
user root;
```



### 缺少文件

如果是 `/usr/share/nginx/html` 文件夹下缺少 `index.html` 文件也会出现 403 错误

```bash
location / {
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
```



### 缺少权限

我们可以修改目录的读写权限(一般来说不需要)

```bash
chmod -R 755 /data
```

修改目录的所属用户为 Nginx 启动用户(当然可以直接修改 conf 文件,改动 Nginx 启动用户)

```bash
chown -R root:root /data
```

但是可能仍旧爆出 403 错误,这是因为



### selinux

我们可能设置为 SELinux 开启状态(enabled)的原因

查看 selinux 状态

```bash
/usr/sbin/sestatus
```

然后将SELINUX=enforcing 修改为 SELINUX=disabled 状态

```bash
vi /etc/selinux/config
#SELINUX=enforcing
SELINUX=disabled
```

最后重启服务器即可

0 comments on commit c71bf6c

Please sign in to comment.