Setting up a Jekyll server with Apache reverse proxy
OK, this site runs as a Jekyll blog, so how do we do that?
First, we install Jekyll at the intended server, for Ubuntu:
sudo apt-get install ruby-full build-essential zlib1g-dev
Then, we add a designated user to run the blog:
sudo useradd jekyll
After that, we export some necessary variables for the next step:
sudo -i
su - jekyll
export GEM_HOME="/home/jekyll/gems"
export PATH="home/jekyll/gems/bin:$PATH"
To complete the Jekyll installation, we install the necessary Ruby components. Be sure that you are user jekyll
and inside the /home/jekyll
directory:
gem install jekyll bundler
Then, we create a new blog:
jekyll new blog
Finally, we have to create the service unit file as /lib/systemd/system/jekyll.service
:
[Unit]
Description=Jekyll service
After=syslog.target
After=network.target
[Service]
# Added solution -- add WorkingDirectory to directory where you clone your markdown files for Jekyll to render
WorkingDirectory=/home/jekyll/blog
# Name of the user account that is running the Jekyll server
User=jekyll
Type=simple
# Location (source) of the markdown files to be rendered
ExecStart=/usr/bin/bash /home/jekyll/start.sh
Restart=always
StandardOutput=journal
StandardError=journal
SyslogIdentifier=jekyll
[Install]
WantedBy=multi-user.target
where the start.sh
script reads as
export GEM_HOME='/home/jekyll/gems'
export PATH='/home/jekyll/gems/bin:$PATH'
cd /home/jekyll/blog
export BUNDLE_GEMFILE='/home/jekyll/blog/Gemfile'
bundle exec jekyll serve --host 127.0.0.1 --port 4000
For automated start on boot, we have to link this service under /etc/systemd/system/multi-user.target.wants
:
cd /etc/systemd/system/multi-user.target.wants
sudo ln -s /lib/systemd/system/jekyll.service .
sudo systemctl daemon-reload
For now, we can start the service manually by sudo service jekyll start
.
For the proxy configuration to work, we want to be sure to have proxy functionality enabled:
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo systemctl restart apache2
So, our Jekyll blog server is at present running at port 4000 localhost.
To publish it, we have to amend the Apache configuration as follows.
/etc/apache2/sites-available/blog.example.com.conf
:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName blog.example.com
ServerAlias blog.example.com
ProxyPass / http://127.0.0.1:4000/
ProxyPassReverse / http://127.0.0.1:4000/
ErrorLog ${APACHE_LOG_DIR}/blog.example.com.error.log
CustomLog ${APACHE_LOG_DIR}/access.log vhost_combined
</VirtualHost>
Now it’s time to restart the web server:
sudo service apache2 restart
Then, given that certbot
is installed, run
certbot --apache -d blog.example.com
in order to create a SSL-encrypted site.
That’s it! Now we have a Jekyll blog running SSL encrypted behind an Apache reverse proxy.
This post was updated 2023-11-19 to fix/clarify some service related details.