Reducing complexity and attack surface with Jamstack (Hugo and Strapi)

Reducing complexity and attack surface with Jamstack (Hugo and Strapi)

02 October, 2023 1 min read
Jamstack, Hugo, Strapi, web development, software architecture, complexity

Jamstack is a fantastic software-architectural approach for certain use cases, and with very low complexity.

I enter all my data into Strapi CMS hosted in a FreeBSD jail and accessible at cms.overbring.com (internal domain only).

The REST API of Strapi CMS returns JSON, which Hugo’s getRemote function receives at build time.

With templates, Hugo spits out separate Markdown files with proper frontmatter, as explained in this article .

(Alternatively, getRemote gets data and creates listings in HTML from a Hugo template. For example, a list of projects.)

With this tool added to the stack, I now have a powerful setup that takes data entered in Strapi’s user-friendly UI and transforms it into whatever I need.

Why have a process (node, php-fpm, etc.) consuming resources to serve web pages, if 99.9% of what this process is serving is static data that rarely changes?

Most “read-only”/publishing sites (blogs, news, portfolios, etc.) out there could probably be built with Hugo instead of with a Wordpress instance laden with tens of eternally-vulnerable plugins.

I’d prefer to worry only about Caddy or Nginx having vulnerabilities.