Jekyll2023-08-22T20:07:23+00:00https://deepkapadia.com/feed.xmlDeep KapadiaDad, husband, software engineer, sports enthusiast New Site2018-02-19T04:48:44+00:002018-02-19T04:48:44+00:00https://deepkapadia.com/2018/02/19/new-site<p>I had been hosting this site on GitHub pages for sometime but I had been feeling quite glum about a few things. GitHub pages did not support HTTPS for my custom domain and neither was it fronted by a CDN (although I do belive GitHub pages might be using Fastly) that I had some control over. One other thing that had been bugging me was the fact that because the site was largely static HTML, I did not update it often because I was lazy.</p>
<p>I took some time today to move my nameservers over to a Cloudflare and start using it as a CDN. I found some <a href="https://blog.cloudflare.com/secure-and-fast-github-pages-with-cloudflare/">instructions</a> on the Cloudflare site. Cloudflare also supports getting a <a href="https://scotthelme.co.uk/tls-conundrum-and-leaving-cloudflare/">“free” SSL cert</a> if you use their service. I feel much better now since my team and I did the work to move <a href="https://open.nytimes.com/https-on-nytimes-com-ed04bca88ed6">nytimes.com behind a CDN and serve it over HTTPS</a>, last year. I just had to catch up.</p>
<p>Now, there are <a href="https://www.troyhunt.com/cloudflare-ssl-and-unhealthy-security-absolutism/">some documented issues</a> with my approach. I still went ahead with this for the time being. The key here is to ensure that you enable SSL on your origin behind your CDN too. While that is currently not possible with GitHub pages when serving a custom domain, it does get enforced in a roundabout way with <code class="language-plaintext highlighter-rouge">mysite.github.io</code> being redirected to my custom domain which then redirects to the HTTPS site. As always, security is never foolproof and there are weak links somewhere along the chain but this is a step in the right direction vs. serving unencrypted.</p>
<p>A quick <code class="language-plaintext highlighter-rouge">dig</code> confirms the site is moved over to the new DNS since it is using the new nameservers from Cloudflare.</p>
<figure class="highlight"><pre><code class="language-bash" data-lang="bash"><span class="nv">$ </span>dig deepkapadia.com +noall +answer
<span class="p">;</span> <<<span class="o">>></span> DiG 9.10.3-P4-Ubuntu <<<span class="o">>></span> deepkapadia.com +noall +answer
<span class="p">;;</span> global options: +cmd
deepkapadia.com. 163 IN A 104.31.71.130
deepkapadia.com. 163 IN A 104.31.70.130</code></pre></figure>
<p>Plus, I have been wanting to try out a static site generator like <a href="https://jekyllrb.com">Jekyll</a> for some time which is supported by <a href="https://github.com/jekyll/jekyll">GitHub pages</a>. Although the one that I’d really love to try someday is <a href="https://gohugo.io/">Hugo</a>. I just went with the lowest barrier to entry here.</p>
<p>I also hope that given these changes, I’ll be more diligent and encouraged to document my thoughts (and probably happenings with my life) a bit more since it is something I wish I’d do more but find excuses to not do so.</p>I had been hosting this site on GitHub pages for sometime but I had been feeling quite glum about a few things. GitHub pages did not support HTTPS for my custom domain and neither was it fronted by a CDN (although I do belive GitHub pages might be using Fastly) that I had some control over. One other thing that had been bugging me was the fact that because the site was largely static HTML, I did not update it often because I was lazy.