We’ve already installed a web server, now we need to configure it to serve our site content. Here’s a quick guide.

SSH onto the pi:

ssh pi@<ip-address-of-your-pi>
sudo vi /etc/nginx/sites-enabled/<name-of-your-blog>

insert config for blog

The config to serve your blog would look like the following:

server {
    listen   80;
    server_name <your-blog.com> <www.your-blog.com>;
    root /usr/share/nginx/html/_site;

    location / {
            return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name <your-blog.com> <www.your-blog.com>;
    root /usr/share/nginx/html/_site;
    ssl_certificate /etc/letsencrypt/live/<your-blog.com>/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/<your-blog.com>/privkey.pem;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;
    index index.html index.htm;

    location / {
            try_files $uri $uri/ /index.html;
    }

    location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
            expires 30d;
            add_header Pragma public;
            add_header Cache-Control "public";
    }
}

I’ll give you the config for my blog with the replacement variables:

server {
    listen   80;
    server_name tinklr.net www.tinklr.net;
    root /usr/share/nginx/html/_site;

    location / {
            return 301 https://$host$request_uri;
#                try_files $uri $uri/ /index.html;
    }
}

server {
    listen 443 ssl;
    server_name tinklr.net www.tinklr.net;
    root /usr/share/nginx/html/_site;
    ssl_certificate /etc/letsencrypt/live/tinklr.net/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/tinklr.net/privkey.pem;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;
    index index.html index.htm;

    location / {
            try_files $uri $uri/ /index.html;
    }

    location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
            expires 30d;
            add_header Pragma public;
            add_header Cache-Control "public";
    }
}

This automatically forwards requests to https. You may have noticed that there is a line commented out. This is from when I was setting up the SSL certificate.

location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
        expires 30d;
        add_header Pragma public;
        add_header Cache-Control "public";
}

This section was a recommendation from google page speed.

Symbolic link our config:

sudo ln -s /etc/nginx/sites-available/<your_blog_config> /etc/nginx/sites-enabled/<your_blog_config>

My command would look like this:

sudo ln -s /etc/nginx/sites-available/tinklr.net /etc/nginx/sites-enabled/tinklr.net

Disable default symbolic link

I usually disable the default config, but you can leave it as a catch all if you’d like:

sudo mv /etc/nginx/sites-enabled/default /etc/nginx/sites-enabled/default.disabled

Add further Google page speed changes

Page speed has already recommended that we use caching on our resources and now we will comment in the gzip setting in the nginx.conf

sudo vi /etc/nginx/nginx.conf

Comment in or add the following if it doesn’t exist in your config:

gzip on;
gzip_disable "msie6";

gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
        text/plain
        text/css
        text/js
        text/xml
        text/javascript
        application/javascript
        application/x-javascript
        application/json
        application/xml
        application/rss+xml
        image/svg+xml;

Restart and test

sudo service nginx restart

Now nginx should serve our site content and hopefully it should be a little quicker with the google page speed changes we’ve made.