什么是 Halo?
一款现代化的博客/CMS系统。官网地址:Halo官网
那么我自己的博客也就是基于 Halo 搭建的。
下面我来带大家从头开始在云服务器上面搭建一个这样的博客
初始化Linux环境
1.首先我们需要有一台云服务器哈,然后我们安装一下 Linux系统用centos7的
2.我们用工具连接上这台云服务器
3.然后我们新建一个os7init.sh文件 将如下 脚本代码复制进去(必须是centos7 64位系统的 还要在root权限下运行)
#!/bin/bash
# init centos7 ./centos7-init.sh 主机名
# 检查是否为root用户,脚本必须在root权限下运行
if [[ "$(whoami)" != "root" ]]; then
echo "please run this script as root !" >&2
exit 1
fi
echo -e "\033[31m the script only Support CentOS_7 x86_64 \033[0m"
echo -e "\033[31m system initialization script, Please Seriously. press ctrl+C to cancel \033[0m"
# 检查是否为64位系统,这个脚本只支持64位脚本
platform=`uname -i`
if [ $platform != "x86_64" ];then
echo "this script is only for 64bit Operating System !"
exit 1
fi
if [ "$1" == "" ];then
echo "The host name is empty."
exit 1
else
hostnamectl --static set-hostname $1
hostnamectl set-hostname $1
fi
cat << EOF
+---------------------------------------+
| your system is CentOS 7 x86_64 |
| start optimizing |
+---------------------------------------+
EOF
sleep 1
# 安装必要支持工具及软件工具
yum_update(){
yum update -y
yum install -y nmap unzip wget vim lsof xz net-tools iptables-services ntpdate ntp-doc psmisc
}
# 设置时间同步 set time
zone_time(){
timedatectl set-timezone Asia/Shanghai
/usr/sbin/ntpdate 0.cn.pool.ntp.org > /dev/null 2>&1
/usr/sbin/hwclock --systohc
/usr/sbin/hwclock -w
cat > /var/spool/cron/root << EOF
10 0 * * * /usr/sbin/ntpdate 0.cn.pool.ntp.org > /dev/null 2>&1
* * * * */1 /usr/sbin/hwclock -w > /dev/null 2>&1
EOF
chmod 600 /var/spool/cron/root
/sbin/service crond restart
sleep 1
}
# 修改文件打开数 set the file limit
limits_config(){
cat > /etc/rc.d/rc.local << EOF
#!/bin/bash
touch /var/lock/subsys/local
ulimit -SHn 1024000
EOF
sed -i "/^ulimit -SHn.*/d" /etc/rc.d/rc.local
echo "ulimit -SHn 1024000" >> /etc/rc.d/rc.local
sed -i "/^ulimit -s.*/d" /etc/profile
sed -i "/^ulimit -c.*/d" /etc/profile
sed -i "/^ulimit -SHn.*/d" /etc/profile
cat >> /etc/profile << EOF
ulimit -c unlimited
ulimit -s unlimited
ulimit -SHn 1024000
EOF
source /etc/profile
ulimit -a
cat /etc/profile | grep ulimit
if [ ! -f "/etc/security/limits.conf.bak" ]; then
cp /etc/security/limits.conf /etc/security/limits.conf.bak
fi
cat > /etc/security/limits.conf << EOF
* soft nofile 1024000
* hard nofile 1024000
* soft nproc 1024000
* hard nproc 1024000
hive - nofile 1024000
hive - nproc 1024000
EOF
if [ ! -f "/etc/security/limits.d/20-nproc.conf.bak" ]; then
cp /etc/security/limits.d/20-nproc.conf /etc/security/limits.d/20-nproc.conf.bak
fi
cat > /etc/security/limits.d/20-nproc.conf << EOF
* soft nproc 409600
root soft nproc unlimited
EOF
sleep 1
}
# 优化内核参数 tune kernel parametres
sysctl_config(){
if [ ! -f "/etc/sysctl.conf.bak" ]; then
cp /etc/sysctl.conf /etc/sysctl.conf.bak
fi
#add
cat > /etc/sysctl.conf << EOF
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl =15
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 5
net.ipv4.tcp_fin_timeout = 10
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_max_tw_buckets = 60000
net.ipv4.tcp_max_orphans = 32768
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_wmem = 4096 16384 13107200
net.ipv4.tcp_rmem = 4096 87380 17476000
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.ip_forward = 1
net.ipv4.route.gc_timeout = 100
net.core.somaxconn = 32768
net.core.netdev_max_backlog = 32768
net.nf_conntrack_max = 6553500
net.netfilter.nf_conntrack_max = 6553500
net.netfilter.nf_conntrack_tcp_timeout_established = 180
vm.overcommit_memory = 1
vm.swappiness = 1
fs.file-max = 1024000
EOF
#reload sysctl
/sbin/sysctl -p
sleep 1
}
# 设置UTF-8 LANG="zh_CN.UTF-8"
LANG_config(){
echo "LANG=\"en_US.UTF-8\"">/etc/locale.conf
source /etc/locale.conf
}
#关闭SELINUX disable selinux
selinux_config(){
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
sleep 1
}
#日志处理
log_config(){
setenforce 0
systemctl start systemd-journald
systemctl status systemd-journald
}
# 关闭防火墙
firewalld_config(){
/usr/bin/systemctl stop firewalld.service
/usr/bin/systemctl disable firewalld.service
}
# SSH配置优化 set sshd_config
sshd_config(){
if [ ! -f "/etc/ssh/sshd_config.bak" ]; then
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
fi
cat >/etc/ssh/sshd_config<<EOF
Port 22
AddressFamily inet
ListenAddress 0.0.0.0
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
SyslogFacility AUTHPRIV
PermitRootLogin yes
MaxAuthTries 6
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication yes
ChallengeResponseAuthentication no
UsePAM yes
UseDNS no
X11Forwarding yes
UsePrivilegeSeparation sandbox
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
Subsystem sftp /usr/libexec/openssh/sftp-server
EOF
/sbin/service sshd restart
}
# 关闭ipv6 disable the ipv6
ipv6_config(){
echo "NETWORKING_IPV6=no">/etc/sysconfig/network
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6
echo "127.0.0.1 localhost localhost.localdomain">/etc/hosts
#sed -i 's/IPV6INIT=yes/IPV6INIT=no/g' /etc/sysconfig/network-scripts/ifcfg-enp0s8
for line in $(ls -lh /etc/sysconfig/network-scripts/ifcfg-* | awk -F '[ ]+' '{print $9}')
do
if [ -f $line ]
then
sed -i 's/IPV6INIT=yes/IPV6INIT=no/g' $line
echo $i
fi
done
}
# 设置历史命令记录格式 history
history_config(){
export HISTFILESIZE=10000000
export HISTSIZE=1000000
export PROMPT_COMMAND="history -a"
export HISTTIMEFORMAT="%Y-%m-%d_%H:%M:%S "
##export HISTTIMEFORMAT="{\"TIME\":\"%F %T\",\"HOSTNAME\":\"\$HOSTNAME\",\"LI\":\"\$(who -u am i 2>/dev/null| awk '{print \$NF}'|sed -e 's/[()]//g')\",\"LU\":\"\$(who am i|awk '{print \$1}')\",\"NU\":\"\${USER}\",\"CMD\":\""
cat >>/etc/bashrc<<EOF
alias vi='vim'
HISTDIR='/var/log/command.log'
if [ ! -f \$HISTDIR ];then
touch \$HISTDIR
chmod 666 \$HISTDIR
fi
export HISTTIMEFORMAT="{\"TIME\":\"%F %T\",\"IP\":\"\$(ip a | grep -E '192.168|172' | head -1 | awk '{print \$2}' | cut -d/ -f1)\",\"LI\":\"\$(who -u am i 2>/dev/null| awk '{print \$NF}'|sed -e 's/[()]//g')\",\"LU\":\"\$(who am i|awk '{print \$1}')\",\"NU\":\"\${USER}\",\"CMD\":\""
export PROMPT_COMMAND='history 1|tail -1|sed "s/^[ ]\+[0-9]\+ //"|sed "s/$/\"}/">> /var/log/command.log'
EOF
source /etc/bashrc
}
# 服务优化设置
service_config(){
/usr/bin/systemctl enable NetworkManager-wait-online.service
/usr/bin/systemctl start NetworkManager-wait-online.service
/usr/bin/systemctl stop postfix.service
/usr/bin/systemctl disable postfix.service
chmod +x /etc/rc.local
chmod +x /etc/rc.d/rc.local
#ls -l /etc/rc.d/rc.local
}
# VIM设置
vim_config(){
cat > /root/.vimrc << EOF
set history=1000
EOF
#autocmd InsertLeave * se cul
#autocmd InsertLeave * se nocul
#set nu
#set bs=2
#syntax on
#set laststatus=2
#set tabstop=4
#set go=
#set ruler
#set showcmd
#set cmdheight=1
#hi CursorLine cterm=NONE ctermbg=blue ctermfg=white guibg=blue guifg=white
#set hls
#set cursorline
#set ignorecase
#set hlsearch
#set incsearch
#set helplang=cn
}
# done
done_ok(){
cat << EOF
+-------------------------------------------------+
| optimizer is done |
| it's recommond to restart this server ! |
| Please Reboot system |
+-------------------------------------------------+
EOF
}
# main
main(){
yum_update
zone_time
limits_config
sysctl_config
LANG_config
selinux_config
log_config
firewalld_config
sshd_config
ipv6_config
history_config
service_config
vim_config
done_ok
}
main
4.然后 我们执行以下命令
sh os7init.sh tuanzi
(后面的 tuanzi 名 随便写)
5.等待脚本运行结束。运行完事之后如下图,我们需要重启一下,执行一下
reboot system
命令
2.安装jdk
因为 halo也是基于Java语言开发的,所以我们需要下载一个jdk, 那么最新版的halo需要 jdk版本 在11以上。我们进入已经初始化好的Linux云服务器上面。
1.直接运行
sudo yum install java-11-openjdk -y
命令 安装jdk11
2.安装完成后 执行
java -version
来查看一下 如下图
至此已经安装成功了
3.安装MySQL
1.MySQL下载地址:MySQL下载地址
2.然后我们把下载好的文件上传到服务器上面,执行
rpm -ivh mysql80-community-release-el7-3.noarch.rpm
命令
3.安装MySQL服务 执行
yum install -y mysql mysql-server
4.执行
vi /etc/my.cnf
在最后面添加如下
lower_case_table_names=1
5.重启MySQL
systemctl restart mysqld
6.查看MySQL密码
grep password /var/log/mysqld.log
7.登录MySQL
mysql -uroot -p
输入刚才的 密码
8.登录成功之后,我们需要改一下mysql的配置
修改MySQL密码
set global validate_password.check_user_name=0;
set global validate_password.policy=0;
set global validate_password.length=1;
alter user 'root'@'localhost' identified by '你设置的密码';
9.开启MySQL远程连接
use mysql;
update user set host = '%' where user = 'root';
10.刷新MySQL系统权限相关表
FLUSH PRIVILEGES;
到此MySQL就已经安装好了
11.我们用Navicat工具连接上MySQL数据库(云服务器 需要开放 3306端口)
创建一个数据库名为halodb后续我们需要
4.下载 halo 并运行
1.我们去halo 的github上面去下载 地址:halo代码下载地址
直接下载最新版的jar包(当然也可以下载源码包,来自己定制。halo后台是用gradle构建的并不是maven。前端是vue)
2.当然也可以在Linux上面通过命令行来下载(对网络要求高一点)创建一个自己的文件夹用来存放,执行
wget https://dl.halo.run/release/halo-1.4.8.jar -O halo.jar
命令
3.我们还需要下载一下配置文件 和上面的下载类似
github地址:halo配置文件地址
下载完事后 我们 重命名为 application.yaml文件
4.如果是 在Linux上直接执行
wget https://dl.halo.run/config/application-template.yaml -O ./application.yaml
命令
5.修改application.yaml文件的参数如下
6.我们执行以下命令来运行测试一下halo
java -jar halo.jar
出现如下图所示 则证明我们运行成功了
7.打开浏览器 输入 http://ip:端口号(默认是8090) 即可看到安装引导界面。(记得云服务器开放相应的端口)
自己设置即可。
5.将Halo作为服务运行
1.下载 Halo 官方的 halo.service 模板
wget https://dl.halo.run/config/halo.service -O /etc/systemd/system/halo.service
2.修改 halo.service
vim /etc/systemd/system/halo.service
3.修改配置
[Unit]
Description=Halo Service
Documentation=https://halo.run
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
User=USER
ExecStart=/usr/bin/java -server -Xms256m -Xmx256m -jar YOUR_JAR_PATH
ExecStop=/bin/kill -s QUIT $MAINPID
Restart=always
StandOutput=syslog
StandError=inherit
[Install]
WantedBy=multi-user.target
其中
YOUR_JAR_PATH:Halo 运行包的绝对路径,例如 /home/halo/app/halo.jar,注意:此路径不支持 ~ 符号。
USER:运行 Halo 的系统用户,如果没有用root用户来运行 Halo,修改为你创建的用户名称即可。反之请删除 User=USER。
4.重新加载 systemd
systemctl daemon-reload
5.运行服务
systemctl start halo
6.在系统启动时启动服务
systemctl enable halo
7.您可以查看服务日志检查启动状态
journalctl -n 20 -u halo
Q.E.D.
