DevOps

Complete Guide to Hugo on AWS: From CI/CD to Production Infrastructure

Welcome to the complete guide for deploying Hugo sites on AWS! This comprehensive series covers everything from basic CI/CD automation to production-grade infrastructure with security, monitoring, and global distribution. Architecture Overview Our complete setup provides a robust, secure, and globally distributed static site hosting solution: What You’ll Learn This guide is structured as a progressive journey from basic automation to enterprise-grade infrastructure: Part 1: CI/CD Pipeline with GitHub Actions Set up GitHub Actions for automated Hugo builds Configure AWS OIDC for secure, keyless authentication Deploy to S3 with proper IAM permissions Implement scheduled publishing with Hugo’s publishDate Part 2: Complete AWS Infrastructure Set up Route 53 for custom domain management Configure CloudFront for global content delivery Implement SSL/TLS with AWS Certificate Manager Advanced caching strategies and performance optimization Part 3: Security with AWS WAF Deploy AWS WAF for web application protection Configure rate limiting and DDoS protection Implement IP allowlists/blocklists Set up security monitoring and alerting Part 4: Monitoring and Operations CloudWatch dashboards and custom metrics Real User Monitoring (RUM) integration Automated health checks and alerting Performance optimization based on analytics Key Benefits This architecture provides:

Monday, August 25, 2025 Read

Part 1: CI/CD Pipeline with GitHub Actions

Building and deploying a static site with Hugo can be as simple as running a couple of commands on your local machine. But if you want to publish updates frequently, automate your workflow, and avoid the possibility of human error, a continuous integration/continuous delivery (CI/CD) pipeline is essential. In this first part of our comprehensive guide, we’ll set up GitHub Actions to automatically build and deploy your Hugo site to AWS S3 using Terraform for infrastructure management and AWS OIDC for secure, keyless authentication.

Monday, September 1, 2025 Read

Part 2: Complete AWS Infrastructure

In Part 1, we set up automated deployments to S3. While functional, your site is still missing crucial production features: a custom domain, SSL certificate, and global content delivery. In this part, we’ll complete the AWS infrastructure stack using Terraform to create a professional, high-performance hosting solution. This is Part 2 of our Complete Guide to Hugo on AWS. Make sure you’ve completed Part 1: CI/CD Pipeline first. Why CloudFront and Route 53? While you can serve a Hugo site directly from S3, using CloudFront and Route 53 provides significant benefits:

Monday, September 8, 2025 Read

Part 3: Security and WAF - Complete Hugo on AWS Guide

In Part 2, we set up a production-ready hosting infrastructure with CloudFront and Route 53. While CloudFront provides some built-in DDoS protection, adding AWS WAF (Web Application Firewall) gives us granular control over traffic filtering, rate limiting, and protection against common web attacks. In this part, we’ll implement comprehensive security measures for your Hugo site. This is Part 3 of our Complete Guide to Hugo on AWS. Make sure you’ve completed Part 2: AWS Infrastructure first.

Monday, September 15, 2025 Read

Part 4: Monitoring and Operations - Complete Hugo on AWS Guide

In this final part of our Hugo on AWS series, we’ll implement comprehensive monitoring and operational excellence practices. After building your CI/CD pipeline, infrastructure, and security layer, it’s crucial to have visibility into your site’s performance, availability, and user experience. What We’ll Build By the end of this guide, you’ll have: 📊 CloudWatch Dashboards for infrastructure and application metrics 🔔 Intelligent Alerting for availability and performance issues 👥 Real User Monitoring to understand actual user experience 🏥 Automated Health Checks with multi-region monitoring ⚡ Performance Optimization based on data-driven insights 💰 Cost Monitoring and budget alerts Architecture Overview Step 1: CloudWatch Dashboards Infrastructure Monitoring Dashboard First, let’s create a comprehensive dashboard to monitor our infrastructure components.

Monday, September 22, 2025 Read

From Terraform to the AWS CDK: Weighing the Pros and Cons

If you’ve been following my blog, you know that I’m a huge fan of Terraform. HashiCorp’s declarative configuration language has been my go‑to tool for provisioning everything from S3 buckets to complex Kubernetes clusters. Recently, however, I’ve been dabbling with the AWS Cloud Development Kit (CDK), which lets you define cloud resources using familiar programming languages like TypeScript, Python and Java. In this post we’ll examine some of the reasons teams consider migrating from Terraform to the CDK and discuss the trade‑offs involved.

Monday, October 20, 2025 Read

Balancing DevOps and Mental Health: Strategies to Avoid Burnout

DevOps is often described as a culture rather than a job title. It is about breaking down silos, speeding up feedback loops, and empowering teams. But with great responsibility comes great stress. On-call schedules, production outages, incident retrospectives, and the constant pressure to move fast can take a toll on mental health. In this post I will share strategies that have helped me, and many of my colleagues, balance the demands of DevOps with the need for well-being.

Monday, October 6, 2025 Read

Using AI Tools for DevOps: Productivity Without the Hype

Everyone seems to be talking about generative AI. Tools like ChatGPT and GitHub’s Copilot promise to revolutionise the way developers and operations engineers work. As someone who spends a lot of time writing infrastructure code and troubleshooting systems, I’ve been curious about how these tools actually fit into a DevOps workflow. Coding assistants for Infrastructure as Code I was initially sceptical of AI code generation. How could a language model understand the nuances of my Terraform modules or Kubernetes manifests? Surprisingly, Copilot has been most helpful for boilerplate code: writing resource blocks, suggesting module inputs, or drafting basic YAML for GitHub Actions. It won’t design your entire infrastructure, but it does save you from typing repetitive blocks. For example, when creating IAM policies, Copilot can scaffold the JSON and remind you of required keys.

Monday, September 29, 2025 Read

Hugo Include Code Shortcode: Seamlessly Embed Source Files in Documentation

When writing technical documentation, one of the biggest challenges is keeping code examples synchronized with your actual implementation. Copy-pasting code leads to outdated examples, while manual maintenance is error-prone and time-consuming. Today, I’ll show you how to build a Hugo shortcode that automatically includes source code files directly from your project, complete with syntax highlighting, line selection, and professional GitHub-style formatting. Why Build an Include Code Shortcode? Most documentation approaches have significant drawbacks:

Monday, August 18, 2025 Read

Building a Local PlantUML Extension for Hugo: No External Dependencies Required

When writing technical documentation, diagrams are essential for explaining complex architectures and workflows. PlantUML is a fantastic tool for creating diagrams from simple text descriptions, but most Hugo implementations rely on external web services or require manual diagram generation. Today, I’ll show you how to build a complete Hugo extension that processes PlantUML diagrams locally using Hugo shortcodes—no external dependencies, no source file modifications, just seamless integration. Why Build a Local PlantUML Extension? Most Hugo PlantUML solutions have significant limitations:

Sunday, August 10, 2025 Read

Maintenance Mode

Backstory What do you do when you are a small company and don’t want to have a multi regional roll out, but need to upgrade a core feature? I throw out a maintenance mode message. I would love to find a better way, but I have yet to find it. It would be wonderful if someone could point me in that direction, but for now, I will stick with this methodology.

Sunday, August 15, 2021 Read

Change Jenkins URL from CLI

Where did I go wrong?! Well, as I stated in Disabling Jenkins Security I am not experienced in managing Jenkins servers to the degree that I would like. And so when I perform updates I like to create an AMI backup and spin that one up to be able to test upgrades of packages and Jenkins itself. Once I started up the AMI I tried to access it with it’s public dns record. The only issue was it kept redirecting me over to the production version’s domain name.

Thursday, August 5, 2021 Read