A couple of months ago I decided it was time to move off of the server I've been hosting my sites on. I was tired of maintaining it and since I was just running 2 static sites was hoping I could save money as the sites don't generate enough income to pay for themselves. For my recipe site bulkeats.com I was earning a dollar here and there from Amazon affiliate links but decided to close my affiliate account. I had already dropped Prime more than a year ago due to Amazon's poor treatment of their staff, and with their recent behavior I didn't want to push any traffic to them.

Total hosting costs for my static sites were $5 per month over at Digital Ocean. I wasn't able to bring the cost down past this but I was able to reduce the time spent on general administrative work. There are some annoying downsides which I'll get to that I wasn't aware of prior to this move that I think are worth covering.

After researching several options I decided to go with Cloudflare and their new(ish) workers which seemed interesting. They don't directly support Pelican but the amount of work required to do so is as simple as changing one line in the configuration.

Cloudflare's workers can be set up for free, but if you do that you don't get to use a custom domain which was a deal breaker for me. Pricing is excellent though based on the number of requests you serve, so this will be beneficial if I launch any more static sites in the future.

Domain registration costs are as always the most expensive part of the process. Cloudflare doesn't allow you to register domains yet, so if you want to use a new domain you have to buy it somewhere else, wait for the 60 day lock to fall off, then transfer to them. You also have to renew for a full year when you do this as well if the domain renewal date isn't at least a year in the future.

The one upside about this process is that domain renewals are only ~$8 USD, so I'll end up saving almost 50% of what I was paying at my previous registrar. This cost savings outweighs the annoyance and upfront process for new domain registration, though I hope they start acting as a full registrar soon so I can buy domains directly from their interface when I need them.

Cloudflare has some relatively thorough documentation about how to get started from a site that already exists and the process was pretty painless. All I had to do was modify step 2 in my wrangler.toml so that bucket points to output:

bucket = "./output"
entry-point = "workers-site"

Once that's done it's as simple as going through their publishing steps.

Edit 2020-08-19, previously there was a section here talking about security headers and not understanding how to add them, it turns out that they were added to the default template and I generated my project prior to these being added, and they're pretty easy to add as well. HSTS is simple to activate (it's under the SSL/TLS -> Edge Certificates section as of 2020-07-27), though Cloudflare's documentation on how to turn this on is out of date with inaccurate images so you'll have to go hunting for it in the UI.

Deployments are relatively easy using Wrangler which I installed via Cargo, but then you have to install npm any way or you can't run wrangler publish because of webpack, so I don't really see the point in offering this as an option, it's just confusing and wastes time since you'll be presented with an error that you must install npm before continuing.

Mail spam is also a problem with Cloudflare. Before migrating I had a basic page up for consulting in case potential customers wanted to contact me, prior to migration the associated email received minimal spam. Within 24 hours of migrating to Cloudflare I was receiving over 100 spam emails a day. I've now removed this page and the spam has started to subside but it's still present. It seems that someone out there is aggressively scanning Cloudflare based sites for email addresses even if they're obscured or redacted then spamming them from various compromised AWS EC2 instances. Prior to the Cloudflare migration this hadn't been a problem in the 7 years I've been hosting my site via a server at Digital Ocean. I received more spam in the first 2 days on Cloudflare than I have in the past 2 years.

Cloudflare also does a lot of nickel and diming for functionality which I think is pretty annoying. Want more stats? It costs you money. Want better routing? It costs you money (which seems pretty dumb since isn't that the point of a CDN any way?). If I were to enable several more features it would easily cost me $20-$30 a month for my static sites which is crazy since they charge for many of these features on a per domain basis.

Overall I'm generally satisfied with the move, performance is slightly better and I don't have to maintain a server. What I do have to deal with is the mess that is Cloudflare's worker documentation (or lack of for anything past the basics), and their confusing UI. It seems like some engineers made this really neat MVP, but it has weird issues due to the way Cloudflare operates as a business. I want to deploy a static site, I want it to be fast, and I want it to be secure, that's it.

I'm cautiously recommending Cloudflare Workers as long as you're aware of all these caveats and annoyances.