Deploying a Hugo Static Website to AWS S3 and Cloudflare Using Pulumi

This is a submission for the Pulumi Deploy and Document Challenge: Fast Static Website Deployment

What I Built

I created an automated deployment pipeline for a Hugo static website using Pulumi for infrastructure management. The solution uses AWS S3 for hosting and Cloudflare as a CDN, with GitHub Actions handling continuous deployment. This setup provides a fast, secure, and cost-effective way to host static websites.

Live Demo Link

Check out the live site at: https://afkprojects.online

Project Repo

The complete project is available on GitHub: pulumi-hugo-s3

Key features:

• Pulumi TypeScript for infrastructure management
• Hugo static site generator
• AWS S3 for hosting
• Cloudflare CDN integration
• GitHub Actions for CI/CD
• Automated SSL/TLS certificate management

My Journey

The Challenge

I wanted to create a simple but effective deployment pipeline for static websites that would be:

• Cost-effective for small projects
• Easily maintainable
• Secure by default
• Fast to deploy

Implementation

1. Used Pulumi to provision AWS S3 infrastructure
2. Integrated Cloudflare for CDN and DNS management
3. Set up GitHub Actions for automated deployments
4. Configured Hugo for static site generation

Challenges Faced

1. S3 Bucket Permissions: Initially struggled with correct bucket policies and public access settings. Solved by carefully configuring bucket ACLs and ownership controls.

2. CDN Integration: Chose Cloudflare over AWS CloudFront for better cost efficiency and simpler setup.

3. Deployment Automation: Created a GitHub Actions workflow that coordinates Hugo builds with Pulumi deployments.

Using Pulumi

Pulumi was instrumental in managing infrastructure as code. Key benefits included:

1. Type Safety: Using TypeScript provided better error catching and IDE support.

2. Resource Management: Pulumi handled all AWS and Cloudflare resources consistently:
   

const websiteBucket = new aws.s3.BucketV2("websiteBucket", {
    bucket: config.require("bucketName"),
    forceDestroy: true
});

const cloudflareRecord = new cloudflare.Record("cloudflareRecord", {
    zoneId: config.require("zoneId"),
    name: config.require("domain"),
    type: "CNAME",
    value: websiteBucketConfiguration.websiteEndpoint,
    proxied: true
});

1. State Management: Pulumi's state management made it easy to track and update infrastructure changes.

Key Learnings

• Infrastructure as Code principles with Pulumi
• AWS S3 static website hosting configuration
• CDN integration and DNS management
• CI/CD pipeline setup with GitHub Actions

The project demonstrates how modern IaC tools like Pulumi can simplify complex deployments while maintaining security and performance.