This is the first in a series of posts describing the design, architecture and implementation of bergw.xyz, the website you’re reading right now.

In this introductory post, I’ll give an overview of the design and explain the motivations behind the key architecture decisions.

High-level design

bergw.xyz is entirely cloud-native and the infrastructure for the entire system, including auxiliary systems like monitoring, runs in a single AWS account. These AWS services include:

• Public hosted zone, A records, and registration of the bergw.xyz domain in Route 53.
• CloudFront as a CDN and HTTPS compatibility service for S3 HTTP access.
• ACM to manage the S3 HTTP SSL certificate.
• Unscaled web applications running on EC2 instances in the VPC.
• Lambda functions carry out reporting and monitoring processes. These are regularly scheduled to run by EventBridge event schedules, and report to me via an SNS topic.

All endpoints redirect HTTP to HTTPS to guarantee security and privacy.

Route 53

Go to part 2 in the series to read more about the DNS records set up in Route 53.

www.bergw.xyz

Read part 3 in the series for details on how static website hosting is set up on an S3 bucket to serve the static site at www.bergw.xyz.

blog.bergw.xyz and bergw.xyz

Part 4 in the series covers the services running on EC2 instances, including this blog.