refactor: 将目录结构从 www 重命名为 nginx

- 将 default、git、note 目录下的 README.md 文件从 www目录移动到 nginx 目录 - 更新文件内容中的下载路径，从 www 改为 nginx- 修改 note 目录下的 deploy.sh 脚本执行路径
2025-03-15 19:47:07 +08:00
parent 3e73ce4891
commit 40e62f975b
6 changed files with 4 additions and 37 deletions
--- a/nginx/note.sugarscat.cn/README.md
+++ b/nginx/note.sugarscat.cn/README.md
@@ -0,0 +1,57 @@
+# note.sugarscat.cn
+
+## 下载部署脚本
+
+```bash
+mkdir -p /opt/www/note && cd /opt/www/note
+```
+
+```bash
+curl -fsSL https://git.sugarscat.cn/me/bash/-/raw/main/nginx/note/deploy.sh > deploy.sh && chmod +x deploy.sh
+```
+
+## 定时执行脚本
+
+```bash
+crontab -e
+```
+
+每天天 0 点 执行一次：
+
+```bash
+0 0 * * * /opt/nginx/note/deploy.sh >> /opt/www/note/deploy.log 2>&1
+```
+
+查看定时器列表
+
+```bash
+crontab -l
+```
+
+## Nginx 配置
+
+> 该配置需要在 `/etc/nginx/ssl/` 目录下创建 `fullchain.pem` 和 `privkey.pem` 证书文件。
+
+下载配置
+
+```bash
+curl -fsSL https://git.sugarscat.cn/me/bash/-/raw/main/nginx/note.sugarscat.cn/nginx.conf > /etc/nginx/sites-available/note.sugarscat.cn
+```
+
+启用配置
+
+```bash
+ln -s /etc/nginx/sites-available/note.sugarscat.cn /etc/nginx/sites-enabled/
+```
+
+测试配置
+
+```bash
+nginx -t
+```
+
+重启 nginx
+
+```bash
+systemctl restart nginx
+```
--- a/nginx/note.sugarscat.cn/deploy.sh
+++ b/nginx/note.sugarscat.cn/deploy.sh
@@ -0,0 +1,53 @@
+#!/bin/bash
+
+# 开启严格模式
+set -e
+
+# 定义变量
+REPO_URL="https://git.sugarscat.cn/me/note"
+TARGET_DIR="/var/www/note"
+DIST_DIR=".vitepress/dist"
+TEMP_DIR=$(mktemp -d)  # 生成临时目录
+
+# 清理临时目录的函数（在脚本退出时执行）
+cleanup() {
+  rm -rf "$TEMP_DIR"
+}
+trap cleanup EXIT
+
+echo "开始下载最新构建产物..."
+curl -L -o "$TEMP_DIR/artifact.zip" "$REPO_URL/-/jobs/artifacts/main/download?job=build"
+
+# shellcheck disable=SC2181
+if [ $? -ne 0 ]; then
+  echo "下载失败，请检查网络连接或重新尝试。"
+  exit 1
+fi
+
+# 检查 unzip 是否可用，不可用时自动安装
+if ! command -v unzip &> /dev/null; then
+  echo "unzip 未安装，开始安装 ···"
+  if command -v apt-get &> /dev/null; then
+    sudo apt-get update
+    sudo apt-get install -y unzip
+  elif command -v yum &> /dev/null; then
+    sudo yum install -y unzip
+  else
+    echo "无法安装 unzip，请手动安装。"
+    exit 1
+  fi
+fi
+
+echo "解压文件..."
+unzip -q "$TEMP_DIR/artifact.zip" -d "$TEMP_DIR"
+
+# 确保目标目录存在
+sudo mkdir -p "$TARGET_DIR"
+
+echo "清空目标目录..."
+sudo rm -rf "$TARGET_DIR"/*
+
+echo "移动文件到目标目录..."
+sudo mv "$TEMP_DIR/$DIST_DIR"/* "$TARGET_DIR"
+
+echo "部署完成！"
--- a/nginx/note.sugarscat.cn/nginx.conf
+++ b/nginx/note.sugarscat.cn/nginx.conf
@@ -0,0 +1,43 @@
+server {
+    listen 80 ;
+    listen 443 ssl http2 ;
+    server_name note.sugarscat.cn;
+
+    # acme.sh
+    location ^~ /.well-known/acme-challenge {
+        allow all;
+        root /var/www/html;
+    }
+    # 重定向
+    if ($scheme = http) {
+        return 301 https://$host$request_uri;
+    }
+
+    # ssl 设置
+    ssl_certificate /etc/nginx/ssl/fullchain.pem;
+    ssl_certificate_key /etc/nginx/ssl/privkey.pem;
+
+    ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
+    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+    add_header Strict-Transport-Security "max-age=31536000";
+    error_page 497 https://$host$request_uri;
+    proxy_set_header X-Forwarded-Proto https;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+    root /var/www/note;
+    index index.html;
+    
+    try_files $uri $uri.html $uri/ =404;
+
+    error_page 404 /404.html;
+    error_page 403 /404.html;
+
+    location ~* ^/assets/ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+    }
+}