Free static websites with SSL for hackers
rolodato.comI use Netlify which has the same qualities and requires less setup/attention. Am not affiliated with them.
Seconded - all you have to do is specify a build command and an output directory and Netlify will build your site on every commit to master. You can easily add a custom domain, manage DNS, and get Let’s Encrypt SSL with the click of a button.
Not affiliated either, but I’ve been blown away by how seamless their service has been.
Indeed so, I had quite a bit of code written to handle deployment for 2 simple static websites, all got replaced by netlify in under 10 minutes, mind blown.
I totally agree. Netlify has everything I need.
A second vote for Netlify, it's incredibly easy to use. I'm not monitoring uptime, but have had zero issues so far.
I use it with Hugo, a static site generator. I believe Netlify has an easy SSL setup option, but it has been a while since I set it up.
Before, I used NearlyFreeSpeech, which was very low cost but not nearly as streamlined.
netlify's ssl is one button plus a dns entry. it's pretty shiny
I was not aware of Netlify, thanks for letting me know. I've added it to the list of alternatives.
As it happens, I've got a couple of merge requests open to add HTTPS-only support to GitLab Pages.
If anybody is interested:
Rails: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/16273
Go: https://gitlab.com/gitlab-org/gitlab-pages/merge_requests/50
I've done similar setups. I highly recommend just using Cloudflare or Netlify instead. Unless you have an actual business reason, or love owning everything in the stack.
The headache of managing this yourself adds up, things break, things update, etc.
For static sites hosting on AWS S3 is super cheap, plus with Cloudfront CDN in front you can be sure your site is being delivered to the user by a server near him. It's not 100% free but still very cheap for static websites[1]
[1] https://medium.com/@sbuckpesch/setup-aws-s3-static-website-h...
At some point, I'm going to convert my web site (a neglected blog) to a static site. When I do, I'll likely go the S3 + Cloudfront route and retire the aging physical server it's running on.
I've looked into this a couple of times in the past and that's the method I kept coming up with. I really want to do it but I've had trouble motivating myself to redo the hundreds of blog posts currently in WordPress.
There are plugins for Wordpress which export sites as static sites. I personally used SimplyStatic [1] with success for a rather simple blog, but it seems development has ceased. While writing this comment I also found WP Static [2], perhaps one of those two works for you.
[1]: https://wordpress.org/plugins/simply-static/
[2]: https://wordpress.org/plugins/static-html-output-plugin/
You can try using an exporter to see how much more work you'll have to do to make the new static version work to your liking.
https://gohugo.io/tools/migrations/#wordpress https://import.jekyllrb.com/docs/wordpress/
Another option, similar to some of the top-level comments suggesting Cloudflare with GitHub pages, is to use Cloudflare's long-lived internal origin certificate on GitLab and Cloudflare's public externally-valid certificate for end-users.
Although I have to admit to not actually having set that up yet: it's on my to-do list for a personal site that's in-progress this week.
What I did was a more customized version of that, I made a .gitlab-ci.yml file which easily lets you run any scripts of your own to build, with the same end result. Using gulp I had it run in development mode by default with watchers and verbose outputs, yet in the ci file I called a production build that polished everything up. For the front end side, I used pug, sass and babel with a few other js things to make a templating system, which really helped me understand site structures.
I suppose https://neocities.org/ could qualify for the author's ideal alternative.
If you do use jekyll and gitlab, I made this jekyll plugin that does it for you (if you'd rather have something in-ecosystem than an npm package) -> https://github.com/JustinAiken/jekyll-gitlab-letsencrypt
As another commenter has mentioned, Netlify is fantastic. It takes care of everything and migration is painless. And the best of all, it's free~
This year, one of my goals is to migrate all my Wordpress blogs to Jekyll and host them on Netlify. I'm almost done with 2/3rds of them and couldn't be happier. Highly recommended.
You can use Full SSL on CloudFlare with GitHub Pages, which is end to end.
https://blog.cloudflare.com/secure-and-fast-github-pages-wit...
End-to-end secure, but only against passive attacks. Cloudflare "Full SSL" (as opposed to "Strict SSL") does not verify the certificate presented by the origin server, so someone sitting between Cloudflare and your origin can still MITM the connection without detection. Strict SSL does not currently work with GitHub Pages, because "*.github.io" certs do not match custom domains.
https://www.cloudflare.com/ssl/
https://github.com/isaacs/github/issues/156#issuecomment-110...
We're working on making Strict mode work better in such situations.
For example, if the origin server presents a certificate with a SAN for *.github.io and you have a CNAME to yourusername.github.io, this will (soon) validate as Strict.
That's great news! I've been hoping Cloudflare would allow customized cert validation (i.e. the user specifies a domain name to verify against, in the control panel). At least the improvement you mention will increase compatibility with GitHub Pages and others.
Wow this is great news! As someone who finds GitHub Pages with Cloudflare nearly perfect for my simple site, this change would make it even more so!
It is end to end but CloudFlare does not verify the identity of the origin server. The only equivalent option would be "Full SSL (Strict)", which is not free.
That is simply untrue. Full SSL (Strict) is available on all plan levels including free. There is no charge for it. In addition, if you don't have an SSL certificate on your origin we'll give you a cert for free as well: https://blog.cloudflare.com/cloudflare-ca-encryption-origin/
I believe Strict SSL is free on Cloudflare's side, but GitHub Pages does not work with it because it does not present a matching and valid certificate.
https://support.cloudflare.com/hc/en-us/articles/200170416-W...
I stand corrected :)
If i read free i mean free as in everything, but it seems you already need to have your own custom domain name. Meaning your own domain. Or did i miss something?
Yes, you need it. This topic is just to have SSL and free static host where GitHub just have a painful setup for that (also if you want custom domain here you need pay for it, obviously) https://github.com/isaacs/github/issues/156
Please don't teach people how to centralize the web around a service that isn't even supposed to be used for personal web pages [1].
[1] - "We offer Pages sites primarily as a showcase for personal and organizational projects." https://help.github.com/articles/github-corporate-terms-of-s...
If that was the case, there wouldn't be homepages (USER.github.io).
Projects reside on USER.github.io/PROJECT, so they assume you will create a homepage as well. If you're a user, that's your personal homepage.
Anyway, this is about GitLab.
You quoted it: "primarily", which means GitHub (in this case) does not prohibit users from using Page in the way you seem to disagree with. What you choose to do with Page, a blog, or a personal static website, is at the mercy and the discretion of the service provider. You just can't advertise products using Page.
You can call your project "my 365 days of kernel hacking series", put the code on Github, and then host a blog on GitHub with a mix of hacking blog posts and other non-hacking blog posts. That's acceptable.
He is explaining how to do this with GitLab Pages, not GitHub Pages (the ToS you linked to).
Other than that, yes, GitLab pages exists for the same reason.
Furthermore, one can host Gitlab on their own. There is nothing wrong morally or otherwise with using a document revision service and build platform to push static sites.