OK, this site runs as a Jekyll blog, so how do we do that?

First, we install Jekyll at the intended server, for Ubuntu:

sudo apt-get install ruby-full build-essential zlib1g-dev

Then, we add a designated user to run the blog:

sudo useradd jekyll

After that, we export some necessary variables for the next step:

sudo -i
su - jekyll
export GEM_HOME="/home/jekyll/gems"
export PATH="home/jekyll/gems/bin:$PATH"

To complete the Jekyll installation, we install the necessary Ruby components. Be sure that you are user jekyll and inside the /home/jekyll directory:

gem install jekyll bundler

Then, we create a new blog:

jekyll new blog

Finally, we have to create the service unit file as /lib/systemd/system/jekyll.service:

Description=Jekyll service

# Added solution -- add WorkingDirectory to directory where you clone your markdown files for Jekyll to render
# Name of the user account that is running the Jekyll server
# Location (source) of the markdown files to be rendered
ExecStart=/usr/bin/bash /home/jekyll/start.sh


where the start.sh script reads as

export GEM_HOME='/home/jekyll/gems' 
export PATH='/home/jekyll/gems/bin:$PATH'

cd /home/jekyll/blog 
export BUNDLE_GEMFILE='/home/jekyll/blog/Gemfile' 
bundle exec jekyll serve --host --port 4000 

For automated start on boot, we have to link this service under /etc/systemd/system/multi-user.target.wants:

cd /etc/systemd/system/multi-user.target.wants
sudo ln -s /lib/systemd/system/jekyll.service .
sudo systemctl daemon-reload

For now, we can start the service manually by sudo service jekyll start.

For the proxy configuration to work, we want to be sure to have proxy functionality enabled:

sudo a2enmod proxy
sudo a2enmod proxy_http
sudo systemctl restart apache2

So, our Jekyll blog server is at present running at port 4000 localhost.
To publish it, we have to amend the Apache configuration as follows.


<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName blog.example.com
    ServerAlias blog.example.com

    ProxyPass /
    ProxyPassReverse /

    ErrorLog ${APACHE_LOG_DIR}/blog.example.com.error.log
    CustomLog ${APACHE_LOG_DIR}/access.log vhost_combined

Now it’s time to restart the web server:

sudo service apache2 restart

Then, given that certbot is installed, run

certbot --apache -d blog.example.com

in order to create a SSL-encrypted site.

That’s it! Now we have a Jekyll blog running SSL encrypted behind an Apache reverse proxy.

This post was updated 2023-11-19 to fix/clarify some service related details.