Introduction

I figure a good place to start here would be documenting some lessons learned in setting up this website that others may benefit from.

DISCLAIMER: I AM NOT AN IT OR CYBERSECURITY EXPERT. DO NOT FOLLOW THIS ADVICE BLINDLY AS I ALMOST CERTAINLY HAVE MADE SOME SORT OF MISTAKE. USE THIS INFORMATION AS A STARTING POINT AND BUILD OFF IT (Please share anything you find back with me :))

The main target of this post would be someone asking the question: “How did you do that?”. I am sure any experts with website design or IT infrastructure would have way better advice. I will assume some basic knowledge, so I won’t get into building new computers, setting up ssh keys, etc.

I have several websites that I run supporting a number of small businesses that various members of my family run. These are mostly Wordpress websites marketing basic services and information and are fairly low risk. That being said, I have been working these sites now for going on 5+ years and I feel like I have a reasonable understanding of how to get these running and enable the basic reasonable security measures.

That being said, I was asked by one family member to setup a basic contact information site for their business (no longer in operation now) a few years back. Looking at their requirements, I realized that Wordpress was WAY overkill and I needed to build more of a static webpage that was a bit more server friendly. Now, I could drag my knuckles across the concrete driveway and build a page from scratch via HTML and CSS, but I actually had a bit of a deadline to work from (and little interest in this option). After many hours searching, I stumbled upon Hugo as a decent site generator tool with a large community supporting it.

After some limited success with that page, I felt to take on a bit more of a challenge this time around. I decided to use Hugo for this site instead of Wordpress. So… here we go.

A quick outline of what steps I will cover and my approach to each:

  • Web hosting
  • SSL
  • The site

Web Hosting

While it is certainly possible to host a website from most internet connections now-a-days (and I have done it in the past), I decided to put this site up in the cloud. I do have a static IP address for my home internet (more on that another day), but cloud connectivity is way better and more reliable. I host most of our business sites on Linode, so I figured I could just add this site to my existing VPS.

I use Linode for my cloud stuff. A couple reasons:

  • Linux friendly - I have full control
  • Price - $5 a month for a server that is running >5 websites for me… crazy cheap
  • Support - Their support is awesome

I setup a machine running Centos 8 and Apache for the web server. I am mostly familiar with the Red Hat linux flavors due to using it as part of my day job. Thus, I tend to gravitate to Centos/Fedora/etc. for my distros of choice.

SSL

For most of the sites I run, I find that getting an SSL certificate from my domain name provider is the easiest choice and well worth the $10/yr I pay. But, for this site, I really didn’t want to pay even more money…

I chose to run with Let’s Encrypt. They suggest running a command line tool called certbot. Certbot’s website suggests installing the tool via snaps, but I am trying to keep the software baseline as minimal as possible on this VPS system. Since I am running on Centos, I just had to enable the EPEL repository and run dnf install certbot to get the tool installed and ready to go. One interesting issue I ran into is that certbot sets up a quick web server as part of the generation process, so I actually had to stop apache, run certbot, then start apache back up. A bit of a pain, but not a huge issue for most of my sites. The end command I ran was

sudo certbot certonly --standalone -d example.com

Obviously replace example.com with your domain. From there, I could point my ssl.conf file for apache (in /etc/httpd/conf.d/ssl.conf) to the certificate locations and, after a restart of apache, I was up and running. Certbot even set the default permissions correctly (lock down the private key).

The Site

Finally, I setup this site via Hugo. My main desktop is Fedora, thus I downloaded the Linux binary from Github (v0.100 as of this post). Install was just unpacking and linking the binary to my /usr/bin directory so that anyone on my machine can run it easily. I then created a directory for building the site, changed into it, then ran hugo new site nuthouseblog which sets up the blank site.

A great tool to get started with Hugo are the large number of themes/templates available to build from. Take a look: https://themes.gohugo.io/

I chose the “Hello-Friend-ng” theme to start with. These are easy to install. Simply download the theme’s .zip/.tar file, put it in the /themes directory that hugo created, unpack it, then you can copy the files in the /themes/hello-friend-ng/exampleSite directory into your root website directory. To preview what you have, run hugo serve which will startup a local web server that you can browse to with your web browser and see your creation. Play with the files to customize to your needs. Most configurations will be in the config.toml file at the root directory. Each of the other posts and pages are in the /content folder. Most content is contained via Markdown files (my latest favorite).

I ran across a good Youtube series on Hugo that I enjoyed when I first started playing around with the tool: https://www.youtube.com/watch?v=u53xfby0EYI

To deploy the site, simply run hugo at the root directory of your website working location to essentially compile everything into something you can copy up to the VPS machine. Hugo creates a /public directory that you can move into /var/www/html (by default) on your webserver.

Conclusion

And that is it! Honestly, I have setup a few websites now and it has been very rewarding to be able to sit down and set this all up in just a couple hours (including internet searches of various issues I ran into along the way).

Start playing!

-Russ