I recently migrated my site to Azure Static Web App (SWA) using their free tier and Hugo to generate the static webpage from my markdown blog notes. This has really cleaned up the infrastructure, operations and security of the blog.gurfin.se-site.
This new setup allows me to to DDoS protection, security header injection, SSL-encryption, WAF, Continuous Integration, Continuous Deployment, version control, CDN caching and proxying. And all the blog posts are written in Markdown in Obsidian or Vim:
The proxy operation requires setting up a Custom Domain for the SWA in Azure. Which was simple enough, but it required first disableing the proxy feature on the CNAME record in Cloudflare.
Also, I had to rewrite the Hugo Theme which I use to compile the webpage a little bit. This was mainly to not have to add static hash:es for the inline JavaScript that was on the page. You can view my fork here: https://github.com/RiveransRafting/github-style
Once the code was corrected I was able to add the missing security headers to Cloudflare, as a “Transform Rule”. This allows me to rewrite, remove and inject headers to the HTTP request and response - much cheaper than doing it in Azure. 😉
The nicest part of the new setup though is the Gitlab pipeline. It’s a completely self contained operation, so I can swap out the server running the execution, as long as it has an internet connection it will be able to download all dependencies, test, build and then deploy the application to Azure.
Upgrading the infrastructure of the blog has been a really great first cloud project. It has made me less stressed about the blog being hacked or breaking. And I also get the feature of version control, which is nice.
I will list some of the references that I used for this project here below: https://github.com/strisys/azure-staticwebsite-behind-cloudflare https://learn.microsoft.com/en-us/azure/static-web-apps/gitlab?tabs=vanilla-javascript