install hugo
hugo is not available from the default repos. you can install it via dnf (better then snap; I ran into permission problems using snap)
cd /etc/yum.repos.d
sudo vim hugo.repo
#copy paste from https://copr.fedorainfracloud.org/coprs/daftaupe/hugo/ then save
#you should see the hugo repo here
sudo dnf repolist enabled
#ready to install hugo
sudo dnf install hugo
setup nginx
install and enable nginx
sudo dnf install -y nginx
sudo systemctl enable --now nginx.service
sudo systemctl status nginx
#visit http://<IP_address>/ as a test
run nginx
#--prefix is the default root folder
#default root on oracle linux: /usr/share/nginx
nginx -V
#test nginx configs
sudo nginx -t
#restart
sudo service nginx restart
sudo systemctl restart nginx
#view log
sudo tail /var/log/nginx/access.log
sudo tail /var/log/nginx/error.log
#configure how much log to keep
sudo vim /etc/logrotate.d/nginx
#list all ips from china
sudo tail -n 2000 /var/log/nginx/access.log | awk '{print $1}' | sort | uniq | xargs -I{} sh -c 'geoiplookup {} | grep "China" && echo {}'
hugo quickstart
https://gohugo.io/getting-started/quick-start/
there is no need to use sudo if the root directory is in your home dir; if you put the hugo directory in /usr/share/nginx then you need to use sudo
hugo new site blog
cd blog
git init
git submodule add https://github.com/theNewDynamic/gohugo-theme-ananke themes/ananke
#edit config
vim hugo.toml
#ADD: theme = 'ananke'
hugo new posts/my-first-post.md
#change the draft status to false
#remove stale files
rm -r public
#build
hugo
deploy hugo with nginx
cd /etc/nginx/
sudo mkdir /etc/nginx/sites-available
sudo mkdir /etc/nginx/sites-enabled
sudo vim /etc/nginx/nginx.conf
#ADD the following line in the http section: include /etc/nginx/sites-enabled/*;
#create the config file for your blog
cd /etc/nginx/sites-available
sudo touch default
sudo ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
config for using default nginx path
edit default config (using usr/share/nginx as root parent)
sudo vim /etc/nginx/sites-enabled/default
#
server {
listen 80;
listen [::]:80;
root /usr/share/nginx/blog/public;
# Add index.php to the list if you are using PHP
index index.html;
server_name xxx.xxx.xxx.xxx;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
}
config for using home dir
if you want to use the home dir, in addition to modify root in the conf file, you also need to grant execution permission to all the path leading to the folder.
the folder does not have to be owned by root. it could be owned by the user as well.
sudo setsebool -P httpd_read_user_content 1
sudo chmod +x /home/
sudo chmod +x /home/opc
sudo chmod +x -R /home/opc/blog
google domains setup
blog.konomama.dev A 1 hour xxx.xxx.xxx.xxx
check DNS at https://www.whatsmydns.net/
enable SSL
sudo dnf install certbot
sudo dnf install python3-certbot-nginx
sudo certbot --nginx -d blog.konomama.dev --email yourname@youremaildomain.tld
the certbot will take care of rewriting the ports in the config file.
ban ips
Edit the nginx global config file
sudo vim /etc/nginx/nginx.conf
Add to the http section
## Block spammers and other unwanted visitors ##
include blockips.conf;
Create the ip blacklist
sudo vim /etc/nginx/blockips.conf
Add lines like
deny 36.99.136.0/24;
deny 111.7.100.0/24;
logging
# set up log schedules
sudo vim /etc/logrotate.d/nginx
example schedule: daily, 180 days
/var/log/nginx/*log {
create 0664 nginx root
daily
rotate 180
missingok
notifempty
compress
sharedscripts
postrotate
/bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true
endscript
}
# check the total size of logs
ls -lh /var/log/nginx/