Deploy Hugo on Google Cloud Storage

Deploy part of the Hugo blog site created in last post.

Deploy target:Google Cloud Storage

About Hugo, I saw a lot of articles that deploy to GitHub Pages.

It’s easy and cost free, but I did’t want to set this blog as my GitHub user page, nor create dummy GitHub account.

Therefore, I deployed on Google Cloud Storage, in Google Cloud Platform.

No particular reason why not AWS S3.

Google Cloud Storage it self supports Hosting a Static Website, but it doesn’t support SSL.

So, in order to achieve https access, I used alpha release function, Using a Cloud Storage bucket as a load balancer backend.

This is my personal blog site, so not care about alpha’s stability.

Request to be whitelisted to use alpha feature

Need to request from here.


Deploy to Google Cloud Storage

Firstly, deploy normaly by following document.

Create Bucket

gsutil mb -l asia gs://yokomotod.io

Set default ACL

gsutil defacl ch -u allUsers:READER gs://yokomotod.io

Upload contents

gsutil -m rsync -R public gs://yokomotod.io

Set Index page and Not Found page

gsutil web set -m index.html -e 404.html gs://yokomotod.io

Get SSL certificates

Use Let’s Encrypt.

I used compute instance temporary because certbot doesn’t support for mac currently.

sudo apt-get update
sudo apt-get install certbot -t jessie-backports
sudo certbot certonly --manual --agree-tos --manual-public-ip-logging-ok --email yokomotod@gmail.com --domain yokomotod.io

Then, prompt shows informaton about ACME challange. So prapare contents according to it.

mkdir -p public/.well-known/acme-challenge/
echo -n m93MIV9iKfPGoZNKmDC-Una1cjD3w_FUWZYGbRsqBz0.DIv0_zl8TCm68ozhMeQWjeLCmlY0aj0PztQApIP1Lhw > public/.well-known/acme-challenge/m93MIV9iKfPGoZNKmDC-Una1cjD3w_FUWZYGbRsqBz0
gsutil -m rsync -R public gs://yokomotod.io

After created contents, press enter key on certbot prompt. Certificates files will be generated if it could respond correct response for ACME challange.

Register certificates to CGP.

Go to [Networking] > [Load Balancer] > [advanced menu] > [Certificates] > [CREATE SSL CERTIFICATE], and paste contents of generated cert.pemchain.pemprivkey.pem to each fields.

Set up Load Balancer

Create backend backet (this is alpha feature)

gcloud alpha compute backend-buckets create yokomotod-io-backend-bucket \
    --description "" \
    --gcs-bucket-name "yokomotod.io"

Create url map

gcloud alpha compute url-maps create yokomotod-io-url-map \

Create target proxy

gcloud compute target-http-proxies create yokomotod-io-target-http-proxy \
    --url-map yokomotod-io-url-map
gcloud compute target-https-proxies create yokomotod-io-target-https-proxy \
    --url-map yokomotod-io-url-map --ssl-certificate yokomotod-io-ssl-certificate-2017-01-01

Create global ip address

gcloud compute addresses create yokomotod-io-address --global

Create global forwarding rule

gcloud compute forwarding-rules create yokomotod-io-http-forwarding-rule \
    --address --global \
    --target-http-proxy yokomotod-io-target-http-proxy --ports=80

gcloud compute forwarding-rules create yokomotod-io-https-forwarding-rule \
    --address --global \
    --target-https-proxy yokomotod-io-target-https-proxy --ports=443

Finally, register yokomotod.io A record to DNS, and https://yokomotod.io is established.

Tailing slash redirect problem

However, access to https://yokomotod.io will be redirect to https://yokomotod.io/en/index.html , even thogh local hugo server redirect to https://yokomotod.io/en/ .

For more precisely, it redirects as

https://yokomotod.io → https://yokomotod.io/en → https://yokomotod.io/en/index.html

According to SO, it seems that redirection /en to /en/index.html, not /en/, is a specification of GCS, and AWS S3 also.

I’m not sure why hugo won’t redirect https://yokomotod.io to https://yokomotod.io/en/ directly…

As workaround for this, rewrite public/index.html manualy.

<!DOCTYPE html><html><head><title>https://yokomotod.io/en</title><link rel="canonical" href="https://yokomotod.io/en"/><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http-equiv="refresh" content="0; url=https://yokomotod.io/en/" /></head></html>

<!DOCTYPE html><html><head><title>https://yokomotod.io/en/</title><link rel="canonical" href="https://yokomotod.io/en/"/><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http-equiv="refresh" content="0; url=https://yokomotod.io/en/" /></head></html>


  • Tailing slash redirect problem
    • I would like to submit issues to hugo about this
  • Update Let’s Encrypt Certificates automation
    • Cron on Compute Instance can achieve it, but I don’t want to have instance only for that.
    • I’m waiting Cloud Function cron job or like that. Until that, maybe GAE Cron Service can be used but not checked.
  • 301 Redirect http requests to https
    • AWS Cloud Front support http→https redirect but GCP doesn’t yet.
    • This is also can be done with nginx on instance, but I don’t want to …
    • Or else, I hope the feature of Cloud Function backend for Load Balancer



comments powered by Disqus