Personal tech blog built with Hugo, hosted on AWS with S3/CloudFront, and secured by Cloudflare. Includes complete infrastructure as code using Terraform.
The blog infrastructure consists of:
- S3 bucket for static content hosting
- CloudFront for content delivery
- ACM certificate for SSL
- Cloudflare for DNS management
.
├── blog/ # Hugo blog
├── infrastructure/ # Terraform configs
└── .github/
└── workflows/ # GitHub Actions
For the infrastructure deployment to work, you need to set up these GitHub secrets:
AWS_ACCESS_KEY_ID: Your AWS access keyAWS_SECRET_ACCESS_KEY: Your AWS secret keyACM_CERTIFICATE_ARN: The ARN of your ACM certificateCLOUDFRONT_DISTRIBUTION_ID: The CloudFront distribution ID (after initial deployment)
- Create an ACM certificate in the us-east-1 region (required for CloudFront)
- Copy the certificate ARN
- Add it as a GitHub secret named
ACM_CERTIFICATE_ARN - Format:
arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012
-
Set up required GitHub secrets
-
Deploy infrastructure:
cd infrastructure terraform init terraform apply -
Run blog locally:
cd blog hugo server -D
The infrastructure deployment happens through GitHub Actions when changes are made to the infrastructure code. The workflow:
- Validates Terraform configuration
- Plans the changes
- Applies the changes if approved
Blog content is automatically deployed when changes are pushed to the main branch. The workflow:
- Builds the Hugo site
- Syncs content to S3
- Invalidates CloudFront cache
See CONTRIBUTING.md for details on the development process and how to submit changes.
This project is licensed under the MIT License - see the LICENSE file for details.