Skip to main content

Matt Triano's Fastpages Blog Setup Post

ยท 6 min read

Update note: This is an old post from a prior blog where I was testing out a now-defunct FastAI blogging tool that made it easy to simply publish a jupyter notebook. I'll probably extract the bits that are still useful and scrap the rest.

Steps to set up a FastPages blog

Here are the official setup instructions. I'll include my instructions as my particular usecase involved some extra steps which aren't documented too well. My usecase involved:

  • Using a custom domain.
  • Accounting for the fact that I already have another GitHub Pages site. (Ultimately and surprisingly, I found no extra steps were needed for this part).
  1. (official step 1): Create a copy of the template repo via this link.
    1. Fill in the repo name, description, and select Public or Private if that option's open to you. (I don't know if Private will work; I used Public).
    2. Click Create repository from template.
  2. (official step 2, in your repo): Wait about 30 seconds for the repo's Actions to run. After they complete, you'll see a Pull Request that should be named Initial Setup (or similar). Open that Pull Request up. Create an ssh key-pair. The PR links to some unfamiliar website that will generate keys for you, which I found rather sketchy (for my reasons, see this page's footnote) and I would advise against using a service like that. Even though my blog test is a low-to-no-value asset, I can just generate a key on my machine and not violate a core rule of safe computing: "KEEP YOUR PRIVATE KEY SECURE".
    1. (On a linux or unix machine): Create your key-pair:
      1. Open up a terminal and create a spot for assorted secrets.
      2. ~$ mkdir .your_secrets && cd .your_secrets
      3. ~/.your_secrets$ mkdir fastpages && cd fastpages
      4. ~/.your_secrets/fastpages$ ssh-keygen -t rsa -b 4096 -C "your.email@email.com"which will generate the pair and ask where you want to save it. Type id_rsa, and leave the passcode part blank,
    2. (In your repo on GitHub): Enter your private key as a Repo secret
      1. Open the private key (the file that doesn't end in .pub) you made earlier in a text editor,
      2. (In your repo's Settings > Secrets section): click New repository secret,
      3. Enter "SSH_DEPLOY_KEY" into the Name field,
      4. Copy your private key (including the "---BEGIN RSA PRIVATE KEY---" and "---END RSA PRIVATE KEY---" parts) into the Value field,
      5. Click Add secret.
    3. (In your repo on GitHub): Enter your public key as a Deploy key
      1. Open the public key (the file that ends in .pub) you made earlier in a text editor,
      2. (In your repo's Settings > Deploy keys section): click add deploy key,
      3. Enter whatever you want into the Title field,
      4. Copy your public key (including the "ssh-rsa " part at the beginning and "your.email@email.com" part at the end) into the Value field,
      5. Click Add key.
  3. Setting up a custom domain:
    1. (In your repo's Settings > Pages section) Add name of your Custom domain (e.g. matttriano.dev) to the Custom domain field and click Save,
    2. (Via your domain registration service interface) Go to the site where you bought your domain (I use Google Domains) and pull up the DNS page for the domain you want to use:
      1. Add these GitHub IP addresses as custom records with Type = A and Host name left blank
        • 185.199.108.153
        • 185.199.109.153
        • 185.199.110.153
        • 185.199.111.153
      2. Add a record with Type = CNAME and Host name = www that points to your default GitHub Pages URL (<your-github-id>.github.io)
        • Note: It will automatically add a period to the end of .io (I think?)I thought I would have to use something else for the CNAME part as I have another site running that just uses matttriano.github.io (coincidentally using Dean Attali's beautiful-jekyll template, but Dean Attali's instructions showed that GitHub Pages is smart enough to use the repo's CNAME file (which was created step 3B) to figure out how to respond to requests.
      3. (Either in a clone the repo to your local machine or through the GitHub interface) Update the url and baseurl settings in the _config.yml file
        1. Enter your custom domain for the url (so the line looks like url: "https://matttriano.dev")
        2. Change the baseurl to be an empty string (ie baseurl: "")
        3. Commit the change and push it to your repo.
  4. (In your repo on GitHub) Merge your pull request It should take a little time to build, but after a bit you should be able to see your site at your custom domain. You might have to wait up to 30 minutes for DNS servers to be updated with your new info.
  5. (Optional) Require HTTPS for your site When you can see your site (or the error message you get when trying to access it changes), you can tell it to only serve requests using https. For some top level domains (like .dev, or most if not all of Google's TLDs)
    1. (In your GitHub repo's Settings > Pages section) Click Enforce HTTPS.

And that's about everything I had to do to get this site up and running. Writing up this post took far more time.

Why you shouldn't generate a key-pair using some random site โ€‹

The point of generating a key-pair is that it enables secure communications as long as your private key really is private. Others that have your public key can confirm messages came from you (you/your machine encrypts the message with your private key and they can decrypt it with your public key), and those others can send you secure messages (they can encrypt the message with your public key and they can only be decrypted with your private key). If you use a website to generate your private key, unless you yourself run that website or know its codebase, it's possible the website would retain a copy of the private key and they might even be able to connect to your identity from potentially identifying information (like IP address) that you send to the site.