building samsite.ca

Posted on Sat 24 September 2016 in articles • Tagged with pelican, aws, serverless, cicd, gitlab, s3, low cost • 3 min read

once upon a time, i had a wordpress here. i hated it. still do. it feels like killing an ant with a sledgehammer. it’s slow and prone to plugin overload. going to keep it simple.

all the source for my site and its infrastructure is available on gitlab. i’ll be writing up a more formal page (i may even use Caps in it) where i document the site and its costs. i’d really like to get a live readout on costing direct from aws. we shall see.

no more sledgehammer

pelican is a static site generator. give it a theme (which is easy to customise) and some markdown-formatted source files, and it will give you a modern site encoded entirely in html. unlike wordpress or joomla, there’s no server-side processing or databases required. using it here because: community, simplicity, and python.

as cheap as possible, without being slow and crappy.

i’ve been bathing in the aws kool-aid for a while, so it was the natural choice. this site is 1.3mb in this initial state. it’s stored on s3 at reduced redundancy, so per month, that 1.3mb costs about $0.0000312. s3 is also the webserver, auto-scaling load balancer, and the redundant host. all that costs very little though. data transfer out will cost $0.90 if i get 8,500 whole-site downloads in a month. the average visitor will (hopefully) not download my whole site. there a $0.004 in charges for each 10,000 requests. each page load is made up of many requests so this could scale up into pennies territory fast. it costs $0.50/month to host my domain with aws. the domain is $10 per year plus tax, so let’s just call it $1 per month.

tl;dr: grand total for a year of fast, reliable web hosting: maybe $24, if i’m popular.

everything needed to deploy the site contained in one repo (hopefully).

it’s all here but the domain name, the deploy keys, aws, linux, and docker. the cloudformation template will put up the s3 buckets required and set the domain’s dns record. the pelican dockerfile will build the site, as will the instructions in .gitlab-ci.yml. .local_aliases will even define commands to make the docker work easier.

the themes and plugins directories aren’t included to keep the repo simple. they can be downloaded here:

test it local before pushing to prod (most of the time).

pretty clean and simple use case for docker here. the dockerfile lays out an entire build environment for pelican. it will read in my src directory and write out locally. i can use the nginx image to see the site live at http://localhost:8000 (see .local_aliases).

one step push to prod

this was a big must-have for me in building the site. i wanted to write things locally, git push, and have it magically appear on the website some seconds later. i’ve been using gitlab at work. they’ve moved fast and build some great tools over the last couple of years. so, i thought i’d try their free private repos and free ci tools.

.gitlab-ci.yml spells out a pretty simple build environment and action list for their ci service to take on. the keys and bucket name are stored in the gitlab repo’s variables section under settings. on merge into master, a ci runner fires up. it pulls down the python docker image, does the build, then uses the aws cli to upload everything to s3.

sadly, i’m using user credentials here. it’s a special purpose user whose writes are limited to reading and writing to the prod bucket. and the credentials are stored using gitlab’s secret variables store, so they are reasonably secure. would i protect financial applications this way? customer data? no. my personal site where risks are low? yeah, might as well. keeps things simple.