Featured image of post Hugo Stack Theme Blog Building Guide
WebSite

Hugo Stack Theme Blog Building Guide

A brief introduction to the construction and configuration of this site

Preface

This article is the first article of this blog. It mainly focuses on my construction process. It may not be universal and is not the best solution. For more detailed configuration content, please refer to the official documentation or other articles on the same theme site

Getting Started

1. Environment Preparation

It is divided into two parts: local development environment and server working environment

Local Development Environment (Windows Platform)

1. Install Hugo Framework

Go to Hugo Github Releases page to download the latest version of Hugo extended version

hugo_extended_{version id}_windows-amd64.zip

After downloading, directly unzip the hugo.exe program inside it to the C:\Windows\System32 folder and use it globally

(In fact, this is not a safe approach, but there is no hidden danger for the time being, so just be lazy~, a better approach is to unzip to a suitable directory and add the PATH variable)

2. Install PowerShell - Command Line Environment

(Note: This is not the Windows PowerShell installed by default in Windows, but PowerShell 7, which is a newer version)

Right-click the Windows logo on the taskbar, open the terminal (Administrator), and type the following command to install PowerShell 7

winget install --id Microsoft.PowerShell --source winget

After waiting for the installation to complete, click the folding bar on the top right of the terminal window –> Enter Settings –> Change the default profile to PowerShell

powershell

3. Install Git - Pull the theme

Go to Git Official Page to download and install the latest version of Git

4. Install WinSCP - Upload the build file

Go to WinSCP Download Page to download and install the latest version of WinSCP

Server working environment (Debian as an example)

Connect to your server remotely via SSH and obtain root user privileges, then type the following code to install Nginx

echo "deb http://nginx.org/packages/$(lsb_release -is | tr '[:upper:]' '[:lower:]') $(lsb_release -cs) nginx" | sudo tee /etc/apt/sources.list.d/nginx.list
curl -fsSL https://nginx.org/keys/nginx_signing.key | sudo tee /etc/apt/trusted.gpg.d/nginx.asc
apt update
apt install nginx -y
chown -R www-data:www-data /var/www/html

2. Site construction

Open PowerShell in the local folder and type the following code to create a new site and pull the Stack theme

hugo new site mysite
cd mysite
git clone https://github.com/CaiJimmy/hugo-theme-stack/ themes/hugo-theme-stack

Add the following content to hugo.toml in the editing directory

theme = 'hugo-theme-stack'

Then you can run the following command in PowerShell to run the local development server for preview, and visit http//:localhost:1313 in the browser

hugo server -buildDrafts

example

Use the following command to build the site file, which is saved in the public folder of the directory by default

hugo --cleanDestinationDir

The above are the initial settings. The configuration file for the theme is in theme\hugo-theme-stack\config.yaml

**Note: The theme configuration file format is yaml, which is different from hugo’s toml. Please pay attention when modifying it! **

3. Site deployment

1. Upload the built files to the server

Create an upload.txt and upload.bat in your project directory (at the same level as the mysite folder)

Add the following content to upload.txt

open sftp://root@yourserveripordomain -hostkey="*" -password=your_password
synchronize remote mysite\public /var/www/html
exit

Note that the server IP, account password, and some file directory paths should be changed to your own

Add the following content to upload.bat

@echo off
"C:\Program Files (x86)\WinSCP\WinSCP.com" /script=upload.txt
pause

The installation location of WinSCP here is the default installation directory

Run the BAT file to automatically upload to the server site directory

2. Nginx configuration

The following is only a sample configuration file. Please configure the specific content and security measures yourself

server {
listen 80;
server_name yourdomain.com www.yourdomain.com;

# Force HTTPS redirection
return 301 https://$host$request_uri;
}

server {
listen 443 ssl;
server_name yourdomain.com www.yourdomain.com;

http2 on;

root /var/www/html;
index index.html index.htm;

# Certificate path (example: Let’s Encrypt)
ssl_certificate /cert/yourdomain.com/fullchain.pem;
ssl_certificate_key /cert/yourdomain.com/privkey.pem;

# SSL configuration (security hardening)
ssl_protocols TLSv1.2 TLSv1.3; 
ssl_prefer_server_ciphers on; 
ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1 305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305"; 

#HSTS (HTTP Strict Transport Security) 
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; 

# Other security HTTP headers 
add_header X-Frame-Options DENY; # Prevent Clickjacking 
add_header X-Content-Type-Options nosniff; # Prevent MIME type spoofing
add_header X-XSS-Protection "1; mode=block"; # Prevent XSS
add_header Referrer-Policy "strict-origin-when-cross-origin"; # Limit Referer header information
add_header Permissions-Policy "geolocation=(), microphone=(), camera=()"; # Limit permissions

# Hide Nginx version information
server_tokens off;

# Limit request methods (only GET, HEAD, POST are allowed)
if ($request_method !~ ^(GET|HEAD|POST)$) {
return 444;
}

# Prohibit access to hidden files (files starting with ., such as .htaccess)
location ~ /\.(?!well-known) {
deny all;
}

# Log
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log warn;
}

Note: This configuration file is theoretically for reference only and is not recommended for direct use. Please modify the SSL certificate path, your domain name, and the TCP protocol firewall to open ports 80 and 443

If there is an error in the SSL protocol, please make sure that the server OpenSSL version is a newer version and can be correctly called by Nginx

Then use the following command to verify whether the Nginx configuration file is correct

nginx -t

If there is no problem, use the following command to reload Nginx to enable the site, and then you can use https://your domain name to access the site

nginx -s reload

Conclusion

This article briefly introduces my general construction process. It is very casual and messy. All configurations are still default. I should write a separate article about the specific configuration of the Stack theme.

The content is not very detailed. Many basic operations are directly ignored, such as SSH connection, some Linux commands, etc. There are also many security measures that are lacking. These are left to the readers to configure by themselves.

This article belongs to DDverse and follows the © CC BY-NC-SA 4.0 agreement. If you need to reprint, please keep the source and inform me when necessary.