【2017-09-05】博客大事记

“厦庇五洲客,门纳万顷涛”,托“金砖”的福放假几天,终于有时间整整博客。

之前博客放在1块钱腾讯云学生机(1核 1GB 1Mbps),内存太小了,compser的时候会报错,现在换到了阿里云10块钱的学生机(1核 2GB 1Mbps)。

1. 从腾讯云迁移到阿里云,同时更新到xblog v 3.0 版本

阿里云系统:ubuntu 16.04

  • 安装PHP 7.1环境
1
2
3
4
5
6
7
sudo apt-get install python-software-properties
apt-get install software-properties-common
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update
sudo apt-get install -y php7.1
apt-get install -y php7.1-fpm
sudo apt-get install php7.1-mysql php7.1-gd php7.1-curl php7.1-json php7.1-cgi
  • 下载最新版的xblog

    git clone https://github.com/lufficc/Xblog.git

    迁移数据库,添加.env文件(具体参考:http://mind.lufficc.com/Xblog/docs/

  • 添加storage权限,清缓存

1
2
3
chmod -R 777 storage/
php artisan cache:clear
composer dump-autoload
  • 安装nginx
1
2
apt-get update
apt-get install nginx
  • 配置nginx

    /etc/nginx/sites-available文件夹下添加default文件,内容如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /var/www/Xblog/public;
index index.php index.html index.htm;
server_name weiweiblog.cn;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$query_string;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}

location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
  • 最后重启ngnix

    /etc/init.d/nginx restart

    如此即可通过ip访问到网站

  • 接下来把域名解析到该ip

    file

  • 至此,即可通过weiweiblog.cn访问到博客。

2.添加不蒜子的浏览量显示插件

xblog用着挺舒服的,有个遗憾就是无法看到网站到目前为止的所有用户访问量,于是就自己来添加一个。

懒得自己写,刚好发现不蒜子提供了这个功能,两行代码即可搞定。

  1. xblog/resourse/view/layout/app.blade.php<head>中引入js文件<script async src="//dn-lbstatics.qbox.me/busuanzi/2.3/busuanzi.pure.mini.js"></script>

  2. xblog/resourse/view/layout/footer.blade.php里面添加<span id="busuanzi_container_site_pv">本站总访问量<span id="busuanzi_value_site_pv"></span>次</span>即可显示。

3. 启动https安全访问

如今https已经成为主流,没有https的网站给人感觉就是钓鱼网站。跟一波潮流,咱也把https搞起来。

调研一翻发现阿里云刚好提供了一年的云盾证书服务,不用白不用

file

申请教程:免费申请阿里云DV SSL证书

很快就申请到了证书,下载证书上传到服务器的/etc/nginx/cert目录下,配置/etc/nginx/sites-available/default文件:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
server {
listen 443 http2;
ssl on;
ssl_certificate /etc/nginx/cert/214215565380063.pem;
ssl_certificate_key /etc/nginx/cert/214215565380063.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
root /var/www/Xblog/public;
index index.php index.html index.htm;
server_name weiweiblog.cn;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$query_string;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}

location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index index.php;
fastcgi_param HTTPS on; #attention!#
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /var/www/Xblog/public;
index index.php index.html index.htm;
server_name weiweiblog.cn;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$query_string;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
rewrite ^/(.*) https://$server_name$1 permanent; #跳转到Https
}

重启nginx:/etc/init.d/nginx restart即可~

今后咱也是有安全的小绿锁的人了!

踩坑

之前配置完后,https并不能正常访问,原来是阿里云的安全策略没有开启443端口,服务器防火墙也要开启443端口。

参考:如何在 Ubuntu 16.04 配置 iptables 防火牆