• Home
  • Articles
    • 日志
    • 妍小言
    • 舒小书
    • 浩然说
    • 生活日记
  • All Tags

Jekyll博客自动部署

18 Aug 2017

Reading time ~1 minute

  1. 配置GitHub webhook
  2. 使用python搭建简单的http服务
  3. 调用脚本重新部署Jekyll博客
  4. 配置python服务开机启动
  5. 通过nginx转发,限制域名访问,可以简单做到防刷
  • 配置webhook
    • 在github项目设置页面新增webhook
    • 最简单的webhook仅需配置回调url即可,我下面的例子中增加了安全性校验,你需要在配置webhook的时候设置一个安全密钥,GitHub会根据密钥和请求体使用hmac算法生成一串摘要,放到请求头里,供我们进行安全性校验

  • python服务脚本

        
  import BaseHTTPServer
  import os
  import hmac
  import hashlib
    
  class MyHttpHandler(BaseHTTPServer.BaseHTTPRequestHandler):
      def do_GET(self):
          print self.path        
          return self.hand("get", False)
    
      def do_POST(self):
          secret = "*****"
          event = "push"
          script = "file"
    
          print self.path
            
    
          # verify key
          if not self.headers.has_key("X-Hub-Signature"):
              return self.hand("post", False)
          # elif secret != self.headers["X-Hub-Signature"]:
          #     return self.hand("post", False) 
          payload = self.rfile.read(int(self.headers['content-length']))
          signature = 'sha1=' + hmac.new(secret, payload, hashlib.sha1).hexdigest()
          print signature
          if signature != self.headers["X-Hub-Signature"]:
              self.hand("post", False)
    
          #veryfy event
          if not self.headers.has_key("X-GitHub-Event"):
              return self.hand("post", False)
          elif event != self.headers["X-GitHub-Event"]:
              return self.hand("post", True) 
    
          os.system(script)
          print "jekyll deploy"
          return self.hand("post", True)
    
      def hand(self, method, allow):
          ''' hand request '''
    
          self.protocal_version = "HTTP/1.1"
            
          if allow:
              self.send_header("SUCCESS", "SUCCESS")           
          self.send_response(200)
            
          self.end_headers()
    
          print method
          if not allow:
              self.wfile.write("not allow")
              
    
  def httpServer():
      port = 8091
      http_server = BaseHTTPServer.HTTPServer(('', port), MyHttpHandler)
      http_server.serve_forever()
        
        
  # log module
  LOG_FILE = filePath
    
  handler = logging.handlers.RotatingFileHandler(LOG_FILE, maxBytes = 1024*1024, backupCount = 5)
  fmt = '%(asctime)s - %(filename)s:%(lineno)s - %(name)s - %(message)s'  
    
  formatter = logging.Formatter(fmt)
  handler.setFormatter(formatter)
    
  logger = logging.getLogger('serverLog')
  logger.addHandler(handler)
  logger.setLevel(logging.DEBUG) 
    
  httpServer()

  • 重新部署脚本

        
  #!/bin/bash
  GITHUB=github
  BRANCH=master
  TEMP_CLONE=path
  jekyll=to_path
    
  if [ -d $TEMP_CLONE ]
      then
        echo "git pull and jekyll rebuild"
        cd $TEMP_CLONE
        git pull
        jekyll build -s $TEMP_CLONE -d $jekyll
        exit
      else
        echo "git clone and jekyll rebuild"
        git clone $GITHUB -b $BRANCH $TEMP_CLONE
        jekyll build -s $TEMP_CLONE -d $jekyll
        exit
  fi

  • 配置python服务开机启动

        
  [Unit]
  Description=pythonServer
    
  [Service]
  TimeoutStartSec=0
  ExecStart=/usr/bin/python /opt/pages/www/script/server.py
    
  [Install]
  WantedBy=multi-user.target

    或者:nohup /usr/bin/python /opt/pages/www/script/server.py &


GitHubwebhookpython