基于docker-compose+Halo部署Blog

Prerequisites

#1.An virtual server is needed,you can buy it from any VPS Provider

#2.Set up DNS resolution
#setup a  A record from CloudFlare, mapping your vps's IP

#3.install docker and docker-compose
#you can get installation guide from docker offical website

#4.get certificate from Let's encrypt
#[ubuntu]
sudo apt update
sudo apt install certbot python3-certbot-dns-cloudflare -y

#DNS method to apply for certification
certbot certonly --manual --preferred-challenges dns -d www.tariklau.top

output hints that you should add a txt record on cloudflare

for auto renew certification, create an apitoken or apikey and touch a new file: credentials.ini

dns_cloudflare_api_token = your-api-token

configure auto renew certificates

certbot certonly --dns-cloudflare  --dns-cloudflare-credentials /root/halo/credentials.ini   -d www.tariklau.top

test auto renew certificates

certbot renew --dry-run

docker-compose.yaml

version: '2'

services:
  halo:
    image: halohub/halo:latest
    container_name: halo
    restart: always
    environment:
      - HALO_SITE_URL=https://www.tariklau.top  # 替换为你的域名
    ports:
      - "8090:8090"
    volumes:
      - halo_data:/data
    networks:
      - halo_net

  nginx:
    image: nginx:latest
    container_name: nginx
    restart: always
    ports:
      - "443:443"  # 暴露 443 端口以处理 HTTPS 请求
    volumes:
      - /root/halo/nginx.conf:/etc/nginx/nginx.conf  # 挂载 Nginx 配置文件
      - halo_data:/usr/share/nginx/html  # 挂载 Halo 数据
      - /etc/letsencrypt:/etc/letsencrypt  # 持久化证书
    networks:
      - halo_net

volumes:
  halo_data:

networks:
  halo_net:

nginx.conf

worker_processes 1;

events {
    worker_connections 1024;
}

http {
    server {
        listen 443 ssl;  # 监听 443 端口
        server_name example.com www.example.com;  # 替换为你的域名


        ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem;  # 证书路径
        ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem;  # 密钥路径

        location / {
            proxy_pass http://halo:8090;  # 将请求代理到 Halo 容器
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        }
    }
}

startup project

docker-compose up -d
#after it ,you can access the Blog and do more settings

cloudflare Rules

1.Due to not listen to port 80, we could also set rules of http redirect to https on CloudFlare

2.define a rule for example.com rewrite to www.example.com