Deploy to czserver

This project is a Jekyll static site. The production domain is https://zhuochen.space.

One-time server setup

1. Install system packages:

   sudo apt update
   sudo apt install -y nginx ruby-full build-essential zlib1g-dev rsync
   

2. Install Bundler:

   sudo gem install bundler:2.2.19
   

3. Install Jekyll dependencies on the server:

   mkdir -p /opt/homepage-src
   cd /opt/homepage-src
   bundle config set path vendor/bundle
   bundle install
   

4. Install the nginx site config:

   sudo cp deploy/nginx/zhuochen.space.conf /etc/nginx/sites-available/zhuochen.space.conf
   sudo ln -sf /etc/nginx/sites-available/zhuochen.space.conf /etc/nginx/sites-enabled/zhuochen.space.conf
   sudo rm -f /etc/nginx/sites-enabled/default
   sudo mkdir -p /var/www/zhuochen.space/current
   sudo nginx -t
   sudo systemctl enable --now nginx
   sudo systemctl reload nginx
   

5. Request the HTTPS certificate:

   curl https://get.acme.sh | sh
   export Ali_Key="your-access-key-id"
   export Ali_Secret="your-access-key-secret"
   ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt
   ~/.acme.sh/acme.sh --issue --dns dns_ali -d zhuochen.space
   sudo mkdir -p /etc/nginx/ssl/zhuochen.space
   sudo touch /etc/nginx/ssl/zhuochen.space/fullchain.pem /etc/nginx/ssl/zhuochen.space/privkey.pem
   sudo chown $USER:$USER /etc/nginx/ssl/zhuochen.space/fullchain.pem /etc/nginx/ssl/zhuochen.space/privkey.pem
   ~/.acme.sh/acme.sh --install-cert -d zhuochen.space \
     --key-file /etc/nginx/ssl/zhuochen.space/privkey.pem \
     --fullchain-file /etc/nginx/ssl/zhuochen.space/fullchain.pem \
     --reloadcmd "sudo systemctl reload nginx"
   

Deploy

Run this from the repository root:

bash deploy/deploy_czserver.sh

Required cloud firewall rules

Make sure the cloud firewall/security group allows:

• TCP 22
• TCP 80
• TCP 443