Moving on from my initial Heroku experiment, I removed the Jekyll site and now have the bare minimum required for hosting content requiring authentication on Heroku
static.json with the following contents
{
"clean_urls": true,
"https_only": true,
"root": "static/",
"basic_auth": true
}
BASIC_AUTH_USERNAME and BASIC_AUTH_PASSWORD - make sure that the value of password is readable by htpasswd e.g. openssl passwd -apr1 <password_plaintext>static folder, add this to git and push to heroku using git push heroku master (Heroku will have set up that remote when creating the app). When regenerating the site this is the only step you will need to rerun.I have a lot of Gitbook content which I will need to add to the site - for now I am manually building the books and copying them into the static folder. Next step will be to script that.
→ posted on April 2, 2020herokudevelopment
I have some Gitbooks created for notes that I've taken on various programming books or courses down throughout the years. I didn't want to put these up on a Github pages site as notes like that probably violate copyright. So I wanted some way to hide them behind authentication so that only I could see them.
My initial thinking is that I would need some kind of server to respond to requests and only serve the content if needed. You could probably do this with S3 or some other AWS service but I'm paranoid about using those as even if you think you are within the free tier, you could still be hit with a bill for unexpected usage. I didn't trust that my site would always be configured correctly enough to avoid that. Then next I considered a site that would give me enough free CPU to run a basic server. Enter Heroku.
I tried to use the Jekyll Auth plugin but couldn't get it working.
.gemspec file at the root level then you can use the git option and pass the url of the repo e.g. gem 'jekyll-auth', git: "https://github.com/benbalter/jekyll-auth"Heroku Buildpack
I tried a different approach which was to get Heroku to serve the files and then use http basic authentication to protect them. Heroku has a buildpack for static sites. This is marked as experimental but it worked fine for me. Hopefully they won't remove it.
openssl passwd -apr1 <password_plaintext>. Then you set the env variable BASIC_AUTH_PASSWORD to be this value. This didn't work for me from the command line - probably some characters that needed escaping - so I just set it via the web interface.Some misc Heroku issues that I ran into.
In the end this worked out fine - a lot easier than I expected and I have a website hidden behind authentication. The dyno that the website is on goes to sleep if not used for a while so the initial request for a page can be slow if the dyno is loading up but it's still only a few seconds. Now that I have a server on Heroku I look forward to seeing what else I can do with it.
→ posted on March 18, 2020herokudevelopment