Want your very own server? Get our 1GB memory, Xeon V4, 25GB SSD VPS for £10.00 / month.

Jekyll is a free and open source flat file CMS written in Ruby. It converts your text in Markdown format into static web pages. It contains all the blog type features like permalinks, categories, pages, posts, and custom layouts.

Requirements

Jekyll does not have any minimum hardware requirement. To follow this tutorial you will need a server with CentOS 7 installed. You will also need root access to the server, if you are logged in as non-root user, run sudo -i to login in as root user. A domain pointing to your server is also required.

Installing Jekyll

Before installing any package it is recommended to update the server and available packages. Run the following command to do so.

yum -y update

Jekyll requires Ruby to work. We can install Ruby using RVM. Run the following command to download the RVM installer script.

gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
curl -sSL https://get.rvm.io | bash -s stable

Once the RVM has installed, you can run the following command to install latest version of Ruby.

rvm install ruby
rvm --default use ruby

If you get an error saying , logout of your current user account and login again or run exec $SHELL. The above commands will take some time to execute as they download the dependencies, compile and install the packages. Once done, you can run the following command to check if Ruby is installed successfully.

ruby -v

You should get following output.

[root@liptan-pc ~]# ruby -v
ruby 2.3.3p222 (2016-11-21 revision 56859) [x86_64-linux]

Now you can install Jekyll and bundler gems using the following command.

gem install jekyll bundler

Once the gems are installed, you can proceed further to create a new user for your Jekyll’s site. Run the following command for same.

useradd jekyll

Run the following command to switch to Jekyll home directory.

cd /home/jekyll

Now run the following command to build Jekyll.

jekyll build

To create a new Jekyll blog, run the following command.

jekyll new .

The above command will automatically invoke bundle install to install the required dependencies. It will install the new blog on the current directory, which is the home folder of jekyll user in example. Provide the ownership of the application to the Jekyll user using the following command.

chown -R jekyll:jekyll /home/jekyll

Now you can run the following command to run the application.

bundle exec jekyll serve --detach

You should see following output that the server is running.

[root@liptan-pc jekyll]# bundle exec jekyll serve --detach
Configuration file: /home/jekyll/_config.yml
Configuration file: /home/jekyll/_config.yml
            Source: /home/jekyll
       Destination: /home/jekyll/_site
 Incremental build: disabled. Enable with --incremental
      Generating...
                    done in 0.401 seconds.
 Auto-regeneration: disabled when running server detached.
Configuration file: /home/jekyll/_config.yml
    Server address: http://127.0.0.1:4000/
Server detached with pid '7442'. Run `pkill -f jekyll' or `kill -9 7442' to stop the server.

The site will be now accessible on local system only as it is bound to localhost only. It will also listen to port 4000. You can configure it to listen to all the IP address as well as port number 80, you can run the following command.

bundle exec jekyll serve --host 0.0.0.0 --port 80 --detach

Although it is best practice to run the Jekyll server on localhost listening to port 4000, and create a reverse proxy with nginx or nginx to serve the site on internet. Also instead of running Jekyll server using commands, it is recommended to create a systemd service so that the application can be started automatically on crashes and boot time. To create a systemd service for jekyll you will need to create a new service file using the following command.

nano /etc/systemd/system/jekyll.service

If you do not have nano installed, you can run yum -y install nano. Now paste the following text into the nano editor.

[Unit]
Description=Jekyll service
After=syslog.target
After=network.target

[Service]
User=jekyll
Type=simple
ExecStart=/usr/local/rvm/gems/ruby-2.3.3/bin/jekyll serve --source "/home/jekyll/"
Restart=always
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=jekyll

[Install] 
WantedBy=multi-user.target

Now you can start Jekyll server and configure it to automatically start at boot time using following commands.

systemctl start jekyll
systemctl enable jekyll

To check if Jekyll service is started correctly, you can run the following command to check the status of the Jekyll service.

systemctl status jekyll

Configuring Nginx as a Reverse Proxy with Let’s Encrypt SSL

Instead of using the application on Port 4000, you can use nginx to run on port 80 or 443 in the case of using SSL. This way the main application will run on port 4000, and nginx will work as a reverse proxy. nginx is not available in default YUM repository, hence you will need to install EPEL repository also.

yum -y install epel-release
yum -y update

Install nginx web server the following command.

yum -y install nginx

Now we will need to generate SSL certificates from the Let’s Encrypt client. If you can want to use commercial SSL certificates instead, you can purchase SSL certificates from HostPresto.

To install Let’s Encrypt client also called Certbot run the following command.

yum -y install certbot

Once the installation finishes, run the following command to obtain the SSL certificates from Let’s Encrypt. Make sure that your domain is pointed to the server, the Let’s Encrypt will check the domain authority before providing the certificates. Make sure that you do not have nginx running at this moment.

certbot certonly --standalone -d yourdomain.com -d www.yourdomain.com

This command will run Let’s Encrypt client to obtain the certificates only but will not install it. --standalone tells the client to use the standalone web server for authentication of domain authority. -d yourdomain.com tells the domain name for which the certificates needs to be obtained. Provide your email address and accept the terms and condition.

Once the certificates are generated, they are likely to be stored in the following directory.

/etc/letsencrypt/live/yourdomain.com

Where yourdomain.com is your actual domain. In the directory, you will find cert.pem which is your domains certificate and privkey.pem which is your certificate’s private key.

Let’s Encrypt SSL expires in 90 days, so it is recommended to set an automatic renewal for your certificates. Run the following command to open your crontab file.

crontab -e

Enter the following line into the crontab file.

30 1 * * 1 /usr/bin/certbot renew >> /var/log/le-renew.log

The above cron job will automatically run every Monday at 1:30 AM and if your certificates are due for expiry, it will automatically renew them.

As the SSL certificates are now generated, we can proceed further to configure nginx configuration file. Now create a new server block for nginx configuration file using the following command.

nano /etc/nginx/conf.d/ssl-yourdomain.com.conf

Replace yourdomain.com with your actual domain. Now copy and paste the following lines into the file.

server {
    listen 80;
    return 301 https://$host$request_uri;
}

server {
        listen 443 http2 ssl;

        server_name yourdomain.com www.yourdomain.com;

        ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;


        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
        ssl_ecdh_curve secp384r1;
        ssl_session_cache shared:SSL:10m;
        ssl_session_tickets off;
        ssl_stapling on;
        ssl_stapling_verify on;
        resolver 8.8.8.8 8.8.4.4 valid=300s;
        resolver_timeout 5s;
        add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
        add_header X-Frame-Options DENY;
        add_header X-Content-Type-Options nosniff;
        location / {
                 proxy_set_header        Host $host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header        X-Forwarded-Proto $scheme;
      proxy_pass          http://localhost:4000;
      proxy_read_timeout  90;
      proxy_redirect      http://localhost:400 https://yourdomain.com;
        }
}

In the above configuration change yourdomain.com to your actual domain. Also, make sure that the path to your SSL certificate and private key are correct.Now start nginx web server and enable it to automatically start at boot time using the following commands.

systemctl start nginx
systemctl enable nginx

Now you will need to disable your SELinux because Jekyll does not work with SELinux policies. To temporary disable SELinux without restarting the server, run the following command.

setenforce 0

To completely disable the SELinux you will need to edit /etc/selinux/config file.

nano /etc/selinux/config

If you don’t have nano installed, you can install it using yum -y install nano Find the following line:

SELINUX=enforcing

Change it to:

SELINUX=disabled

Now you will need to reboot your server so that the new configuration can take effect. Now you can start the Jekyll service if not started already using the following command.

systemctl start jekyll

You can now browse the following URL in your favorite browser.

https://YourDomain.com

You will see the following screen.

HP_NO_IMG/data/uploads/users/e840080c-7322-4497-85c0-150182bd4c02/2026360922.png” alt=”” />

Your site is now ready. To write a post in your website, run the following commands.

su jekyll
cd ~/_posts

Now create a new file in the following format.

YEAR-MONTH-DAY-title.MARKUP

For example,

nano 2017-02-01-Welcome-to-your-new-Jekyll-site.md

Now enter the content of the web page in Markdown format.