Blog Setup using Gitlab Pages and Pelican

Posted on Mon 03 September 2018 in Development


Blog Setup.

The current blogpost highlights, the setup of my blog.

Gitlab Pages.

There was nothing specific i chose gitlab pages, you could use github pages as well. Gitlab gives you a CI/CD runner that you could use autobuild your static site and push it to its pages eveytime a change is detected, rather than in github where you need to update and push the gh-pages(default branch where github looks for content)

Setup

  • Pelican as the framework for the static generator for the blog.
  • Gitlab pages as the host provider.
  • DNS is currently being managed by digitalocean (Cloudflare is also an option).
  • Letsencrypt for SSL certificates.
  • Gitlab CI/CD runners (refer .gitlab_ci.yml) which takes care of the build of static content.
# This file is a template, and might need editing before it works on your project.
# Full project: https://gitlab.com/pages/pelican
image: python:2.7-alpine

pages:
  stage: deploy
  script:
  - pip install -r requirements.txt
  - pelican -s publishconf.py
  artifacts:
    paths:
    - public/
  only:
    - master

There are a bunch of tutorials regarding this on how to setup the pelican framework, point it to gitlab and use letsencrypt as well, im highlighting couple of them here.

  • https://gitlab.com/pages/pelican
  • https://fedoramagazine.org/gitlab-pelican-lets-encrypt-secure-blog/

Couple of key things here:

  • Use public as the write directory for output for pelican, because that is where gitlab looks for.
  • Lets Encrypt certs and private key needs to be uploaded to gitlab, unlike github which gives free and working ssl out of the box.
  • Lets encrypt cert needs to renewed every 90 days.
  • Gitlab offers api for Gitlab pages and you could use the api to write a cronjob which would do the renewing. (https://docs.gitlab.com/ee/api/pages_domains.html)

Caveats

Gitlab is improving, hope they bring something to the CI/CD runner where we could use the letsencrypt certbot to renew the certificates using the api.