-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
199 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -23,6 +23,8 @@ author: | |
|
||
**博客地址**:[ReturnTmp/blog-vuepress-vdoing](https://github.com/ReturnTmp/blog-vuepress-vdoing) | ||
|
||
> 系统配置:CentOS 7.9 | ||
|
||
|
||
## 步骤 | ||
|
@@ -47,7 +49,7 @@ ssh-keygen -t rsa -f action -C "[email protected]" | |
|
||
之后打开上面我们提供的博客仓库地址,找到 Settings 中的 Actinons ,然后点击 `New repository secret`,然后自定义密钥名称,然后填入上面的 `id_rsa`,然后即可生成成功 | ||
|
||
![image-20231014151411628](C:\Users\86150\AppData\Roaming\Typora\typora-user-images\image-20231014151411628.png) | ||
![image-20231014151411628](https://cdn.jsdelivr.net/gh/Returntmp/blog-image@main/blog/202310141934939.png) | ||
|
||
![image-20231014152823844](https://cdn.jsdelivr.net/gh/Returntmp/blog-image@main/blog/202310141528242.png) | ||
|
||
|
@@ -68,49 +70,50 @@ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys | |
我们需要在博客项目的根目录下创建`.github/workflows`文件夹,创建文件`deploy.yml`,填写如下内容 | ||
|
||
```yaml | ||
name: Build app and deploy | ||
name: Deploy My Server | ||
|
||
on: | ||
#监听push操作 | ||
push: | ||
branches: | ||
# main分支,你也可以改成其他分支 | ||
- main | ||
|
||
jobs: | ||
build: | ||
# runs-on 指定job任务运行所需要的虚拟机环境(必填字段) | ||
runs-on: ubuntu-latest | ||
steps: | ||
# 获取源码 | ||
- name: Checkout | ||
# 使用action库 actions/checkout获取源码 | ||
uses: actions/checkout@master | ||
# 安装 Node | ||
- name: use Node.js 18.17.0 | ||
# 使用action库 actions/setup-node安装node | ||
deploy: | ||
runs-on: ubuntu-latest # 使用ubuntu系统镜像运行自动化脚本 | ||
|
||
steps: # 自动化步骤 | ||
#下载代码仓库 | ||
- uses: actions/checkout@v1 | ||
|
||
# 使用action库,安装node | ||
- name: use Node.js # 使用action库 actions/setup-node安装node | ||
uses: actions/setup-node@v1 | ||
with: | ||
node-version: 18.17.0 | ||
node-version: 18.17.0 # 指定node版本 | ||
# 安装依赖 | ||
- name: npm install | ||
run: npm install | ||
# 打包 | ||
- name: npm run build | ||
|
||
#打包项目 | ||
- name: Build | ||
run: npm run build | ||
# 部署到云服务器 | ||
- name: Deploy to Server # 第二步,rsync推文件 | ||
uses: AEnterprise/[email protected] # 使用别人包装好的步骤镜像 | ||
|
||
#部署到服务器 | ||
- name: Deploy to Staging My server | ||
uses: easingthemes/[email protected] | ||
env: | ||
DEPLOY_KEY: ${{ secrets.MY_SERVER_PRIVATE_KEY }} # 引用配置,SSH私钥 | ||
ARGS: -avz --delete --exclude='*.pyc' # rsync参数,排除.pyc文件 | ||
SERVER_PORT: "22" # SSH端口 | ||
FOLDER: ./docs/.vuepress/dist # 要推送的文件夹,路径相对于代码仓库的根目录,视情况替换为自己的文件夹路径 | ||
SERVER_IP: ${{ secrets.IP }} # 引用配置,服务器的host名(IP或者域名domain.com) | ||
USERNAME: root # 引用配置,服务器登录名 | ||
SERVER_DESTINATION: /root/app # 部署到目标文件夹 | ||
#私钥 | ||
SSH_PRIVATE_KEY: ${{ secrets.MY_SERVER_PRIVATE_KEY }} | ||
ARGS: "-rltgoDzvO" | ||
SOURCE: "docs/.vuepress/dist" | ||
REMOTE_HOST: ${{ secrets.IP }} #服务器ip | ||
REMOTE_USER: "root" | ||
TARGET: "/root/app/blog-vuepress-vdoing/" | ||
EXCLUDE: "/node_modules/" | ||
|
||
``` | ||
|
||
其中 `/root/app` 是我们需要部署博客的目标文件夹,需要提前创建 | ||
其中 `/root/app` 是我们需要部署博客的目标文件夹,尽量提前创建文件夹 | ||
|
||
> 注:其中 action 详细配置可以自行查找对应仓库,例如 actions/checkout action ,仓库位于:https://github.com/actions/checkout | ||
|
@@ -127,12 +130,30 @@ jobs: | |
try_files $uri $uri/ /index.html; | ||
} | ||
} | ||
同时需要更改 Nginx 启动用户,修改 `/etc/nginx/nginx.conf` | ||
|
||
```bash | ||
user root; | ||
``` | ||
|
||
重启 nginx | ||
|
||
```bash | ||
systemctl restart nginx | ||
``` | ||
|
||
这里需要注意,后面我们推送工作流之后,拉取下来的 dist 文件夹所属用户和用户组不是 root,nginx 会有 403 错误 | ||
|
||
![image-20231014193340180](https://cdn.jsdelivr.net/gh/Returntmp/blog-image@main/blog/202310141934940.png) | ||
|
||
需要执行如下命令 | ||
|
||
```bash | ||
chown -R root:root /root/app/blog-vuepress-vdoing/dist | ||
``` | ||
|
||
|
||
|
||
|
||
|
||
### 工作流推送 | ||
|
@@ -143,6 +164,12 @@ systemctl restart nginx | |
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
## 参考链接 | ||
|
||
- [GitHub Actions 入门教程 - 阮一峰的网络日志 (ruanyifeng.com)](http://www.ruanyifeng.com/blog/2019/09/getting-started-with-github-actions.html) | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
--- | ||
title: Nginx 配置路径解析 | ||
date: 2023-10-14 18:55:23 | ||
permalink: /pages/82554b/ | ||
categories: | ||
- 运维笔记 | ||
tags: | ||
- | ||
author: | ||
name: ReturnTmp | ||
link: https://github.com/ReturnTmp | ||
--- | ||
|
||
|
||
|
||
## 前言 | ||
|
||
本章仅为记录 Nginx 的路径配置 cheat sheet | ||
|
||
|
||
|
||
## 配置 | ||
|
||
在nginx中配置proxy_pass代理转发时,如果在proxy_pass后面的url加/,表示绝对根路径;如果没有/,表示相对路径,把匹配的路径部分也给代理走。 | ||
|
||
假设下面四种情况分别用 http://192.168.1.1/proxy/test.html 进行访问。 | ||
|
||
第一种: | ||
location /proxy/ { | ||
proxy_pass http://127.0.0.1/; | ||
} | ||
代理到URL:http://127.0.0.1/test.html | ||
|
||
第二种(相对于第一种,最后少一个 / ) | ||
location /proxy/ { | ||
proxy_pass http://127.0.0.1; | ||
} | ||
代理到URL:http://127.0.0.1/proxy/test.html | ||
|
||
第三种: | ||
location /proxy/ { | ||
proxy_pass http://127.0.0.1/aaa/; | ||
} | ||
代理到URL:http://127.0.0.1/aaa/test.html | ||
|
||
第四种(相对于第三种,最后少一个 / ) | ||
location /proxy/ { | ||
proxy_pass http://127.0.0.1/aaa; | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
--- | ||
title: Nginx 403 forbidden 问题 | ||
date: 2023-10-14 18:54:15 | ||
permalink: /pages/d53b24/ | ||
categories: | ||
- 运维笔记 | ||
tags: | ||
- | ||
author: | ||
name: ReturnTmp | ||
link: https://github.com/ReturnTmp | ||
--- | ||
|
||
|
||
|
||
## 前言 | ||
|
||
本文将会记录 Nginx 出现 403 forbidden (13: Permission denied)报错的四种方法 | ||
|
||
## 方案 | ||
|
||
### 启动用户 | ||
|
||
可能是因为 Nginx 启动用户不一致,我们可以使用下面命令分别查看 nginx 启动用户和实际启动用户 | ||
|
||
```bash | ||
ps aux | grep "nginx: worker process" | awk '{print $1}' | ||
``` | ||
|
||
然后我们修改 nginx.conf 即可 | ||
|
||
```bash | ||
vim /etc/nginx/nginx.conf | ||
|
||
# 修改启动用户 | ||
user root; | ||
``` | ||
|
||
|
||
|
||
### 缺少文件 | ||
|
||
如果是 `/usr/share/nginx/html` 文件夹下缺少 `index.html` 文件也会出现 403 错误 | ||
|
||
```bash | ||
location / { | ||
root /usr/share/nginx/html; | ||
index index.html index.htm; | ||
try_files $uri $uri/ /index.html; | ||
} | ||
``` | ||
|
||
|
||
|
||
### 缺少权限 | ||
|
||
我们可以修改目录的读写权限(一般来说不需要) | ||
|
||
```bash | ||
chmod -R 755 /data | ||
``` | ||
|
||
修改目录的所属用户为 Nginx 启动用户(当然可以直接修改 conf 文件,改动 Nginx 启动用户) | ||
|
||
```bash | ||
chown -R root:root /data | ||
``` | ||
|
||
但是可能仍旧爆出 403 错误,这是因为 | ||
|
||
|
||
|
||
### selinux | ||
|
||
我们可能设置为 SELinux 开启状态(enabled)的原因 | ||
|
||
查看 selinux 状态 | ||
|
||
```bash | ||
/usr/sbin/sestatus | ||
``` | ||
|
||
然后将SELINUX=enforcing 修改为 SELINUX=disabled 状态 | ||
|
||
```bash | ||
vi /etc/selinux/config | ||
#SELINUX=enforcing | ||
SELINUX=disabled | ||
``` | ||
|
||
最后重启服务器即可 | ||
|