Get blog site for free with AWS, Blogifier, and Custom Domain
This post is a step-by-step on how to get your own personal blog using Blogifier (a self-hosted open-source publishing platform) using Nginx and dotnet kestrel. We are going to host it on our own custom domain with an SSL certificate using Let’s Encrypt.
What is Blogifier?
If you don’t know already, Blogifier is a self-hosted open-source publishing platform written in ASP.NET and Blazor WebAssembly. This means that anyone can use their code to spin up their own personal blog. If this sounds like you, continue reading to see how to do so.
We will be using AWS free tier for hosting, you will get access to several features including an Ubuntu instance on EC2 and more for a year.
To follow this tutorial you’ll need to be comfortable with the command line. Don’t meet this requirement? Not to worry! You won’t need to know what each command does just run it.
In this post you’ll learn how to:
- Launch an AWS Ubuntu instance
- Install .net 6 and Nginx
- set up an Nginx reverse proxy to our application
- add a custom domain using google domains
- add HTTPS (SSL certificate) using Let’s Encrypt
Launch an AWS Ubuntu instance
First, we need to get an AWS account if you haven’t already. Head over to https://aws.amazon.com/ to create your free account. You may be asked to input payment information but don’t worry, you won’t get charged unless you go above the free tier.
Once you create an account, you should see a screen like below:
In the search bar, input “ec2” and then click on the EC2 under services.
On the side navigation bar click on “Instances”
then at the top right click on “Launch Instances”.
We can search for ubuntu and select the first option. Currently, the version is 20.04 LTS but you can select a newer if you wish.
On the next screen, since you are sticking to the free tier we will keep the default selected
We will again keep the default for the next few steps until you are on the Configure Security Group.
Click on the “Add Rule” button twice and select HTTP and HTTPS for the type. We will leave ssh as an option as well so we can remotely connect to our instance.
Let’s move to the next screen and Launch our instance.
Creating a key pair
To ssh into our AWS instance, we need to set up a public-private (RSA) key. This is to ensure that the person who holds the key can ssh into the instance. This means it is important that when you download the key you store it somewhere safe. Additionally, we can configure the AWS security group so that only our IP can ssh into the instance.
Finally, click on the Launch Instance button and then click on View Instance.
On the next screen, you will see a list of your instances. If you previously created an instance you will see it there otherwise you should only see one.
Click on the pencil icon to rename your instance (hover over the name column)
To the left of the name column, select the check box, and at the top right click on the connect button.
We will copy the ssh command listed on the screen. Yours will be slightly different with your own domain name and the .pem used should be blogifier.pem instead.
SSH into the EC2 instance.
If you are on windows, go to start and type in “cmd” to launch the command prompt. If you are on Mac/Linux you can CTRL + T to open up the terminal or open the terminal from the list of your apps.
I have downloaded my keys in my documents folder in a folder called “amazon aws”. Type in a similar command or change it to where you have saved your .pem file.
cd documents/amazon awsLet us check to see if we can see our .pem file. If on windows type in the “dir” command and if on Linux/Mac type in “ls” to list all files in the current directory.
Finally to ssh into our ubuntu, paste the command you copied earlier into the terminal and then type enter.
If this is your first-time ssh into that host you will be prompted to add it to the list of known host. Type in yes and press enter.
Installing Nginx
Type in the following command to install Nginx.
sudo apt update
sudo apt install nginxOnce Nginx is installed, you should be able to view the default website. Let’s head over to AWS, select our instance, and click on the “open address” under the “Public IPv4 address”.
Installing .net 6
Blogifier uses .net 6 so the first thing we want to do is install the .net 6 SDK and runtime. If you are using ubuntu 20.04 LTS continue reading otherwise follow the installation on the Microsoft site to find the correct version. Below is a step-by-step on how to find the 20.04 for Ubuntu LTS.
I have the ubuntu 20.04 LTS version so I will scroll down until I see Ubuntu and click on the version type. Select 20.04 and you will now be navigated to the site to install Dotnet 6 for your particular version.
Copy and paste each of the below commands and run it in your terminal.
If installed successfully the terminal should say something like the below:
Get a custom domain name
I will be using google domains, you can use whatever domain provider but domains usually cost money (for mine it is 12 dollars per year). A custom domain isn’t required, if you wish you can access your site via the public IP address.
Click on the DNS tab and scroll down to the Resource Records sections and add an A record. I will be using a subdomain but you can leave the Hostname blank if you wish to not do subdomains.
Downloading Blogifier code from GitHub
Let’s navigate to Blogifier’s GitHub site and download the published code. You can download their latest release and save the zip to your downloads. We will now use the following command to securely copy the zip file from our computer to the AWS instance using Powershell.
Open up Powershell or another terminal instance (if on Mac/Linux) and input the below command:
scp -i "<path to your .pem file>" .\Blogifier.3.0.zip ubuntu@<your ubuntu public DNS>:Input the path to where your .pem file is stored. And locate your public DNS from AWS and paste it in there. You can find the public DNS below:
Your final command should be similar to the below:
scp -i "C:\Users\David Randoll\Documents\Amazon AWS/blogifier.pem" .\Blogifier.3.0.zip ubuntu@ec2-3-21-166-234.us-east-2.compute.amazonaws.com:A successful copy will look like the below:
Let’s head over back to the terminal and verify that the file did transfer.
lsafter inputting the above command you should see the zip file that we copy from our local computer.
Extracting the blogifier zip file
input the below command to install a package to unzip:
sudo apt update
sudo apt install unzipunzipping blogifier zip
cd ~
sudo unzip Blogifier.3.0.zip -d /var/www/<your domain name>for this post, I will be using “demo.davidrandoll.com” that we added earlier using google domains but you can give the directory any name you wish.
change the permission on the blogifier directory
Later we will create a background service to run the app so that when we close the terminal it will continue running. For now, we will change the permission to 777 (you can restrict this further if you wish).
cd /var/www
sudo chmod 777 <your domain name>/
sudo chmod 744 <your domain name>/Blogifier.dll
Configure Nginx reverse proxy
We will set up a configuration file for our file and place it in the sites-available folder.
cd /etc/nginx/sites-availableIn the nano editor, paste the following:
server {
listen 80;
server_name demo.davidrandoll.com;
location / {
proxy_pass http://dotnet;
proxy_set_header Host $host;
}
}
upstream dotnet {
zone dotnet 64k;
server 127.0.0.1:5000;
}when Nginx gets an incoming request from demo.davidrandoll.com it will pass the request to http:dotnet; this is the next block (upstream dotnet). This will then look at the site that is running locally on port 5000 and serve this to the user that made the request.
press CTRL + X followed by Y then finally hit Enter to save.
We now need to update the main nginx.conf file to tell it to look for the “sites-enables” directory.
cd ..
sudo nano nginx.confScroll to the bottom of the file and verify that the include statement is there (add it if it isn’t).
Let’s enable our site by creating a soft link from the sites-enabled directory to the site available. Run the below command:
sudo ln -s /etc/nginx/sites-available/<your domain name> /etc/nginx/sites-enabled/modify the above for your domain name
We need to remove the default config file that is in the sites-enabled folder.
cd /etc/nginx/sites-enabled/
sudo rm default
cd /etc/nginx/sites-available
sudo rm defaultLets check the configuration by running the following command. This will tell us if there is any error.
sudo nginx -tIf you see a success message like below, we can move forward. If you get an error its likely you’ve made a typo in one of the nano editor or missed a command.
Let’s reload to tell Nginx about our new config.
sudo nginx -s reloadtemporarily running our app
Before we run Blogifier in the background let’s run it temporarily so that we can test our configuration.
cd /var/www/demo.davidrandoll.com/
dotnet Blogifier.dllrunning the dotnet command will run the app using Kestrel.
You should now be able to type in your domain in the browser to access the site:
http://<your domain name>/Note: it is currently HTTP, we will make it HTTPS later on. If you were to exit the terminal your app will stop running. We need to make this a service to have it running in the background. Let’s stop the application by pressing CTRL + C.
Setup app in the background
If we were to exit the terminal, our application will stop working so we will need to create a service to run our app in the background.
Creating the service
sudo nano /etc/systemd/system/kestrel-blogifier.serviceThis is going to open up a nano text editor for us to put the code in for the service.
[Unit]
Description=Blogifier[Service]
WorkingDirectory=/var/www/<your domain name>
ExecStart=/usr/bin/dotnet /var/www/<your domain name>/Blogifier.dll
Restart=always
# Restart service after 10 seconds if the dotnet service crashes:
RestartSec=10
KillSignal=SIGINT
SyslogIdentifier=dotnet-example
User=www-data
Environment=ASPNETCORE_ENVIRONMENT=Production
Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false[Install]
WantedBy=multi-user.target
Modify the <your domain name> to your actual domain.
Once again press CTRL + X follow by Y then finally hit Enter to save.
enable the service and start it
sudo systemctl enable kestrel-blogifier.servicesudo systemctl start kestrel-blogifier.serviceafter a minute or two the service should start up, then run the below command to check the status:
sudo systemctl status kestrel-blogifier.serviceOur service is up and running if we see green active (running).
Let’s go back to our browser to check to see if we can still access it. You should see the below page in the browser.
SSL Certificate using Let’s Encrypt
By now, you should see that the browser gives us a warning if we try to view our site. In the address bar, it will say it is as not secured. Let’s fix this!
Installing Certbot to add a certificate to our site.
We will use snapd to install certbot; lets install snapd.
installing snapd
sudo apt update
sudo apt install snapd
sudo snap install core; sudo snap refresh coreLet’s run this command to remove any certbot packages that may exist on our instance.
sudo apt-get remove certbotinstalling certbot
sudo snap install --classic certbotLet’s ensure that the certbot command can be run:
sudo ln -s /snap/bin/certbot /usr/bin/certbotCheck to make sure certbot is on our path:
sudo certbot --versionadding SSL to our domain
Let’s Encrypt have a limitation on how many requests you can make per week so we can make use of their staging flag to be sure the SSL cert is applied.
sudo certbot --nginx --test-certYou will get a prompt to input an email address. It is important to put your real email address here so that you can get a notification if something was to go wrong with your site. Next, you must type yes to agree with their terms of service. The other question is optional, you can choose yes or no to share your email with them. Certbot will automatically detect your sites so we can press enter to continue.
If you get a success message then we have gotten a certificate!
Running without the staging flag
If you were to check your site in the browser you will still get a not secure and this is because we have applied the certificate in the staging environment. Now that we know our certificate can be applied we can remove the --test-cert flag and run the command again.
sudo certbot --nginxWe will go through the same process again. Input your email, confirm the terms of service and optionally opt into sharing your email. Certbot saw that we have an existing certificate on our domain and this is from using the — test-cert staging flag. Let input 2 to renew and replace our certificate.
Once again you will see a success message. Lastly, let’s test our site! And there you have it; our site is now secure.
Troubleshooting
If you get a register-failed message when you try to create a user we need to remove the database and then restart our service.
sudo rm /var/www/demo.davidrandoll.com/Blog.db
sudo systemctl restart kestrel-blogifier.serviceLets wait for a few seconds then run the status command to verify everything is good
sudo systemctl status kestrel-blogifier.serviceand there you have it, after deleting the DB then hard-refreshing (CTRL + R) the browser you should be able to register an account.
If you still have issues, registering it is likely due to permission of the /var/www/demo.davidrandoll.com directory.
Sources to help with installation
Tutorial: Proxying .NET Core and Kestrel with NGINX and NGINX Plus
