labi的blog上线了

blog上线了,在此记录一下上线的过程

#ip访问
dig www.yourdomain.com

#ssl
sudo apt install certbot python3-certbot-nginx
#ssl校验
sudo certbot --nginx --agree-tos --email xxx@xxx.com -d yourdomain.com -d www.yourdomain.com

#测试
sudo nginx -t
#重启
sudo systemctl restart nginx
#查看
systemctl status nginx

nginx的配置:

位置

适用场景

优点

注意事项

sites-available/

​管理多个网站(虚拟主机)​

结构清晰,易于管理多个站点

需在 sites-enabled/创建软链接才能生效

conf.d/

​存放全局配置片段或单个指令块​

加载简单,文件会自动被引入

需确保配置不冲突

nginx.conf

​修改全局核心配置​

直接有效

修改前建议备份,避免影响主配置

#创建软链接
sudo ln -s /etc/nginx/sites-available/my-site /etc/nginx/sites-enabled/my-site
upstream halo {
  server 127.0.0.1:xxxx;
}
server {
  server_name xxx.com www.xxx.com;
  client_max_body_size 1024m;
  location / {
    proxy_pass http://yourdomain;
    proxy_set_header HOST $host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/labiblog.site/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/labiblog.site/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
    if ($host = www.xxx.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = xxx.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


  listen 80;
  listen [::]:80;
  server_name xxx.com www.xxx.com;
    return 404; # managed by Certbot
}