Build My Own Nest

Every ostrich needs a nest. So do I.

There are many posts that illustrate how to create a Hexo-driven blog hosted on Github. However, when it comes to personal VPS, such step-to-step tutorial vanishes. Since I need to use shadowsocks to access the outside world beyond the wall, I happen to own a VPS provided by Bandwagon. So I do not need to(also not willing to) use Github to store the static webpages. As a result, this website is deployed on my personal VPS(Ubuntu 16.04). And here are some of the crucial procedures I have taken to build this website(my own nest):

Deployment Workflow

Hexo provides multiple deployment strategies. And I choose to use git together with post-receive hook to deploy my website to the remote server.

The general workflow of my blog is pretty simple. After the static webpages are generated on my local machine, they will go through the following procedures to reach the working directory of the remote Nginx web server:

• local computer → push → git repository on remote server
• post-receive git hook script → copy → Nginx directory

Hexo Local Configuration

First of all, I need to edit the deployment settings in _config.yml on my local machine.

deploy:
  type: git
  repo: ssh://git@my.server's.ip.address:ssh_port/home/git/hexo.git
  branch: master

Create Remote Git Repository

Then I need to add the corresponding git user on the remote server.

adduser git

Copy the SSH key to the server.

ssh-copy-id -p ssh_port git@my.server's.ip.address

Create a git repository named hexo-git.

# login with git user
cd ~
mkdir hexo-git
cd hexo-git
git init --bare

Add Post-receive Git Hook

cd ~/hexo-git/hooks
touch post-receive
vim post-receive
chmod +x post-receive

Edit the post-receive git hook script.

#!/bin/bash
GIT_REPO=/home/git/hexo-git
TMP_GIT_CLONE=/home/git/tmp/hexo
PUBLIC_WWW=/var/www/blog
rm -rf ${TMP_GIT_CLONE}
git clone $GIT_REPO $TMP_GIT_CLONE
rm -rf ${PUBLIC_WWW}/*
cp -rf ${TMP_GIT_CLONE}/* ${PUBLIC_WWW}

Set Permissions

To ensure that the git user holds sufficient permissions to perform write operations in the web server directory, I decided to add git user to www-data group.

sudo usermod git -aG www-data

Then I set the permissions to make sure that all the members in the www-data group can read and write all files in /var/www directory.

sudo chown -R www-data:www-data /var/www
sudo chmod g+s /var/www
sudo chmod -R g+rwx,o-rwx /var/www

Create Subdomains with Nginx

Maintaining subdomains using Nginx is pretty simple. Just create/edit the configuration files in sites-available folder. Each subdomain should be assigned an independent root directory. Then, create the corresponding symlinks of configuration files in the sites-enabled folder to enable the subdomains.

Since I only have a homepage zzhou612.com and a subdomain blog.zzhou612.com, the structure of my web server directory looks like this:

/var/www
├── blog
└── html

Secure Nginx with Let’s Encrypt

Just use certbot, which can “automatically enable HTTPS on your website, deploying Let’s Encrypt certificates”.

Detailed instructions can be checked on the official website of certbot.