Running my blog on AWS
Introduction
I have been running my own server for almost 7 years now. Back then you had to buy a SSL certificate and configure it. Later on this became a lot easier with letsencrypt. Other tasks did not become easier or less time consuming:
- keeping the software up-to-date
- keeping the os (ubuntu) up-to-date
- keeping security settings up-to-date
Over time the task to stay up-to-date and having all the security settings correct became to complex and time consuming. Time to let the professionals take over. The following tools had to be replaced:
- mail server
- OwnCloud (Cross device file sync, calendar and contact sync)
- Website / Blog
- Image Gallery
- Selfoss (rss aggregator and reader)
What I want to accomplish
The target picture is to reduce the effort and be as secure as possible. When using cloud services (SaaS products) you hand over some or all of your data to someone else. This has to be considered when doing your threat modeling.
- For now, the mail server is shutdown. In the future I might replace it with either Purelymail or Fastmail.
- OwnCloud got replaced by Dropbox and Posteo.
- The blog has been and still is generated with Hugo.
- The image gallery is now generated with Sigal. The theme is build custom.
- Selfoss got replaced by Feedly.
How I did it / am doing it
The cancellation for the hosting contract and the request for domain transfer had to be initiated via snail mail. Two days later I had the confirmation and the transfer code.
The services involved for running a static website on AWS are
- Route53
- CloudFront
- Lambda@Edge (for prettier URLs like /blog/)
- S3
The basic architecture:
+---> Route 53 +---> CloudFront +---> /gallery +---> S3 /gallery-bucket/
+---> /* +---> S3 /blog-bucket/
Result
As a result I now have to maintain a lot less moving parts and can focus on content.