Kyle's Musings
Author Image

Categories

Japan (14) Blog (8) Technology (7) Homebrewing (1)

© 2023 - 2025 Kyle McAuliffe CC BY-SA 4.0
Built with Hugo ❤️ triple-hyde.

Migration from WordPress to Hugo

Feb 1, 2025 in TECHNOLOGY
devops terraform vs-code wordpress hugo migration
4 min read

While looking for personal projects to work on, I turned back to my blog. I’d been using WordPress for almost 20 years, but felt like it was time for something more modern, and more cost effective. After having played with Hugo in the past, I decided to give it a try. Back in 02019 I had migrated my site from a VPS to AWS LightSail. It was an interesting project, and I learned a lot while also lowering my monthly costs from about $10 to $5.

Initial Woes

I had my WordPress set to auto-update, but when I logged into the admin dashboard, I was greeted with a message that my site was out of date. The update WordPress to 6.7.1 had failed. After digging into this, I found out that the issue was an outdated version of PHP. I figured I would log into the server, update PHP, and then upgrade WordPress.

I logged into the server and was immediately greeted with a welcome to Ubuntu 16.04… I knew at that point I may be in trouble. I figured that the newer PHP version wasn’t available in such an older version of Ubuntu, so I upgraded to 18.04. However in doing so, my sshd config got corrupt and I was unable to login to my instance over SSH. It was still serving traffic over HTTP and HTTPS though, so my site was still up and I still had access to the admin functions.

Migrate to Hugo?

Looking at my options for migration, I found there were a few plugins that could handle the migration from WordPress to markdown. I tried a few, but each of them failed. I then found a few repositories that claimed to have a script that would migrate from WordPress to Hugo/Markdown, however when I tried them, they failed to handle the migration.

I figured at this point, it may be due to a WordPress version issue, so I took a snapshot of my LightSail instance, exported it to EC2, detatched the volume, and mounted it to a new instance. I fixed the sshd config, and was able to login again, however, I learned that given it was using a Bitnami WordPress image, it was not easy (or maybe even possible) to upgrade PHP. I ended up lauching a new LightSail instance and doing a WordPress AllInOne Migration from my old instance to the new.

After the migration, my export was able to be converted to Markdown using wordpress-export-to-markdown. I then tested locally using Hugo and found that the migration was successful, minus some minor formatting issues.

Infrastructure Buildout

It had been a while since I used Terraform, but have always enjoyed using it. I created a repo that built out the following:

Core AWS Services

S3 Buckets

  • Website Bucket

    • Versioning enabled
    • Lifecycle policy (180-day retention for old versions)
    • Private access only
    • Static website hosting configuration

  • Logs Bucket

    • 180-day log retention
    • CloudFront log delivery permissions
    • Private access only

CloudFront

  • Distribution with:
    • HTTPS enforcement
    • IPv6 enabled
    • Custom domain support
    • Price Class 100 (NA and Europe)
    • URL rewriting for Hugo compatibility
    • Security headers injection
    • Custom error handling

WAF (Web Application Firewall)

  • AWS Managed Rules Common Rule Set
  • CloudWatch metrics enabled
  • Customizable rule configuration

Note: Removed WAF due to cost considerations. Currently using CloudFront geographic restrictions instead. Can be re-implemented if traffic patterns warrant the additional security.

ACM (Certificate Manager)

  • SSL/TLS certificate for custom domain
  • DNS validation via Cloudflare
  • Auto-renewal enabled

DNS & Security

Cloudflare Integration

  • DNS records for:
    • Website CNAME (CloudFront)
    • ACM certificate validation
  • Proxy disabled for direct CloudFront access

Security Features

  • Security headers via CloudFront Functions:
    • HSTS
    • Content Security Policy
    • XSS Protection
    • Frame Options
    • Referrer Policy

CI/CD Components

IAM Configuration

  • GitHub Actions OIDC role
  • S3 deployment permissions
  • Specific repository access control

State Management

Backend Infrastructure

  • S3 bucket for state storage

    • Versioning enabled
    • Encryption enabled
    • Public access blocked

  • DynamoDB table for state locking

    • PAY_PER_REQUEST billing
    • LockID primary key

Monitoring & Logging

  • CloudFront access logs
  • WAF metrics in CloudWatch
  • S3 versioning for content tracking

Hugo deployment

I had created my infrastructure to test on a dev site in order to make sure everything was functional and that the original pages were formatted correctly. I then switched the original infra repo over to using my main site (https://kylemca.uliffe.com) and then updaed the Hugo repo as well.

The deployment is handled via GitHub Actions. The workflow is triggered by a push to the main branch. The workflow builds the Hugo site, and then uploads the site to the S3 bucket. The CloudFront distribution is then invalidated to ensure the new content is served.

Next Steps

I would like to dig more into things like SEO, analytics, and comments sections, as well as other things I stumble upon along the way. There are also a few static pages I’d like to add as well.

Conclusion

This was a fun project that allowed me to learn a lot about AWS, Hugo, and Terraform. I’m happy with the results and the cost savings (will update later on this, but given I don’t get much traffic, I am expecting it to be pretty significant).

Mac Gestures Fix After Microsoft Secure Browser Use