how to make a blog

I’m going to start with a meta-post. I’ve been meaning to do this for quite some time.

Since this is a blog about devops, I’m going to share some useful tidbits on how to set up a blog on GCE (Google Compute Engine) for cheap.

Google Cloud Platform has a marketplace of pre-baked VM images that you can launch with the click of a button. I found one called “WordPress”. When you click “Launch on Compute Engine”, it spins up an instance of a size and region of your choosing, and provides you with temporary credentials with which you can log in to your installation.

Nifty.

Next, I needed a DNS record to point to my instance’s public IP address.

My go-to domain provider is Duck DNS. But badgateway.duckdns.org was already taken. Next up: FreeDNS. I browsed through the list of available domains and found something nice and short. Register, wait a couple minutes, and voila! Free domain name.

Step 3: Encryption. Nobody likes to see this warning:

So let’s get some SSL with Certbot. Since my VM is running Debian, we have the ultimate Swiss-army knife of package management available to us - apt.

EFF gives us a nice little howto for most common webserver installations. Indeed, Debian Buster + Apache was included.

Install Certbot and the Apache plugin:

$ sudo apt-get install certbot python-certbot-apache

And now we can install the cert:

$ sudo certbot --apache

You’ll have to enter in some details like your domain and e-mail for the certificate to be properly generated. If all goes well, you’ll have a certificate installed at /etc/letsencrypt/live/<YOUR_DOMAIN>.

Okay, so now when someone visits http:// badgateway.qc.to, how are they redirected to https:// badgateway.qc.to?

We could get our hands dirty in Apache config files, or take advantage of someone who already did the work for us. Install the plugin, enable it, and you should be flying high.

Oh! I almost forgot. Permalink redirects didn’t work out-of-the-box for me because of a restrictive Apache setting.

The fix: Open up /etc/apache2/apache2.conf and tweak this part:

<Directory /var/www/>
     Options Indexes FollowSymLinks
-    AllowOverride None
+    AllowOverride All 
     Require all granted
</Directory>

Now just restart Apache with

$ sudo systemctl restart apache2

And that should do it.