Coffee and Computers

Moving to Pelican

Motivations

For a While now I have been using Jekyll to generate a Static website. I have found that a static website generator has met my needs so was not looking to replace this. But I was looking to try out a new method. This with my preference to Python over Ruby took me to looking at Pelican.

Install Pelican

For Referance the Pelican install site goes much more in depth. But the following is how I setup and configured Pelican.

First I needed to create an new Virutal enviroment for this

virtualenv ~/virtualenvs/www
cd ~/virtualenvs/www
source bin/activate

pip3 install pelican

I am planning to use Markdown so also needed ot install this.

pip install Markdown

Now I kickstarted the new site with pelican-quickstart

➜  www pelican-quickstart
Welcome to pelican-quickstart v4.2.0.

This script will help you create a new Pelican-based website.

Please answer the following questions so this script can generate the files
needed by Pelican.


> Where do you want to create your new web site? [.]
> What will be the title of this web site? coffe and computers
> Who will be the author of this web site? Andrew G
> What will be the default language of this web site? [en]
> Do you want to specify a URL prefix? e.g., https://example.com   (Y/n) y
> What is your URL prefix? (see above example; no trailing slash) https://www.invoke.coffee/
> Do you want to enable article pagination? (Y/n) y
> How many articles per page do you want? [10]
> What is your time zone? [Europe/Paris] America/Los_Angeles
> Do you want to generate a tasks.py/Makefile to automate generation and publishing? (Y/n) y
> Do you want to upload your website using FTP? (y/N) n
> Do you want to upload your website using SSH? (y/N) n
> Do you want to upload your website using Dropbox? (y/N) n
> Do you want to upload your website using S3? (y/N) n
> Do you want to upload your website using Rackspace Cloud Files? (y/N) n
> Do you want to upload your website using GitHub Pages? (y/N) n
Done. Your new project is available at /home/andrew/ws/www
➜  www

Now to tested that I was able to see the new site with pelican --autoreload --listen

Setting up the server

For this I turned to DigitalOcean for a VPS.

I am using a droplet with 1vCpu 1GB of ram and the new Ubuntu 20.04 LTS

SSH in to host (If you have any issues you can follow this guide)

sudo apt update; sudo apt upgrade -y

Change the root password

root@Pelican:~# passwd
New password:
Retype new password:
passwd: password updated successfully
root@Pelican:~#

Create a new user (so we can disable root SSH access)

root@Pelican:~# sudo adduser andrew
Adding user `andrew' ...
Adding new group `andrew' (1000) ...
Adding new user `andrew' (1000) with group `andrew' ...
Creating home directory `/home/andrew' ...
Copying files from `/etc/skel' ...
New password:
Retype new password:
passwd: password updated successfully
Changing the user information for andrew
Enter the new value, or press ENTER for the default
    Full Name []: Andrew
    Room Number []:
    Work Phone []:
    Home Phone []:
    Other []:
Is the information correct? [Y/n] y
root@Pelican:~#

Next I needed to add this new user into the sudoers group

usermod -aG sudo andrew

I also prefer to use NOPASSWD so next edited the /etc/sudoers file with visudo and modified the sudo group line

From %sudo ALL=(ALL:ALL) ALL to %sudo ALL=(ALL:ALL) NOPASSWD:ALL

To set up SSH I created a /home/andrew/.ssh/ directory and an authorized_keys file in the same.

root@Pelican:~# cd /home/andrew/
root@Pelican:/home/andrew# mkdir .ssh/
root@Pelican:/home/andrew# cd .ssh/
root@Pelican:/home/andrew/.ssh# touch authorized_keys
root@Pelican:/home/andrew/.ssh#

I then added my Public SSH keys to this file.

After SSHing into the host with my new user I edited `/etc/ssh/sshd_conf

Changing PermitRootLogin yes to PermitRootLogin no

And that concludes setting up this server. This will vary depending on the Hosting provider and OC you chose. But most Linux based options will be similar.

Installing the static site

sudo apt install nginx

I was able to check that nginx is rungin with systemctl status nginx

systemctl status nginx

I also checked with curl.

andrew@Pelican:~$ curl 'http://localhost:80' -I
HTTP/1.1 200 OK
Server: nginx/1.17.10 (Ubuntu)
Date: Sun, 26 Apr 2020 22:39:24 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Sun, 26 Apr 2020 22:29:42 GMT
Connection: keep-alive
ETag: "5ea60b56-264"
Accept-Ranges: bytes

andrew@Pelican:~$

Next I needed to set up LetsEncrypt. So started with installing certbot.

sudo apt install python3-certbot-nginx certbot

The next bit is more tricky, Lets Encrypt supports multiple types of challenges. HTTP-01 is the most common by creating a file in http://<YOUR_DOMAIN>/.well-known/acme-challenge/<TOKEN>. So for this I chose to use a different domain name www2.invoke.coffee

I also ran into an erorr due to a issue in Ubuntu 20.04 acme.challenges' has no attribute 'TLSSNI01'

So I fixed this by editing the /usr/lib/python3/dist-packages/certbot_nginx/configurator.py file and replacing.

return [challenges.HTTP01, challenges.TLSSNI01]

with

return [challenges.HTTP01]

As stated in the post this is very fragile. But as it should be fixed soon. I didn't worry to much on this.

Deploying the new site is as easy as copying the files from the output directory to /var/www/html/ on my server.

i