Skip to content

Third Post, this time under my own name

en flag
sq flag
fr flag
Voiced by Amazon Polly

Forget ‘user’, this is now ‘William”

Email is now setup.

What have I learned?

MX records are a pain in the neck.

Nothing comes for free (not AWS SES, not Google Workspace, not anything useful in WP Mail)

I prefer DMARC and DKIM over SPF, mostly because SPF relies on overiding/hacking TXT records with machine readable data; however, nobodies machine agrees. I want to have SPF and Google Auth the same domain, but the records conflict [ugh]. DKIM and DMARC are structured to deconflict (DKIM via CNAME, DMARC via _dmarc.<domain>)

Lightsail saves some effort, but there is still a lot to do to get a wordpress instance fully functional: HTTPS (bncert), email (WPMail, AmazonSES, Google Workspaces), HTTPS again (because bncert only gets and configs the certs, it doesn’t update wp-config to use https), a couple of random IAM users (to get roles and keys for Polly and Translate on AWS plugin) and the SES IAM credentials. It is nice that I don’t need to hand-manage the EC2 instance and load the software by hand, but be under no illusion that Lightsail WordPress is click-and-go.

Oh, right, and I’m still playing around. Single-node, onboard database, one availability zone. Zero redundancy, optimization, CDN, S3 buckets, EFS, VPC, split subnets, autoscaling, etc. Hmmm, feeling like it is time to take a quick snapshot…

Leave a Reply

Your email address will not be published. Required fields are marked *