12 comments

[ 5.3 ms ] story [ 39.2 ms ] thread
I second the thumbs-up to Middleman...to me, it hits the right sweet spot between hack-it-yourself-static-site and building out a Sinatra/Padrino/Rails, or even a WordPress site.

Having Sass and templating work right out of the box is, for many of my projects, just about all I need. Then I add a plugin to deploy to S3 and I'm good to go. But one of Middleman's best features is the ability to supply JSON (or YAML) files and automatically generate routes and pages from the data. I find it to be a nice way to prototype data-heavy sites that may end up requiring a full-blown Rails setup.

If all you're doing is blogging, then Jekyll might be all you need (especially since it, I think, had native Sass support in its latest version)...but for anything more complicated, or even simpler (i.e. a few static pages and not a blog), Middleman hits that niche very sweetly. I came across it when reading an article by a front-end shop about how they use it as a sort-of backend to their client-side-heavy apps...I haven't used it for that purpose yet, but, given how easy it is to setup the build process via Sprockets, I have no doubt it could serve as a decent static backbone for such an app.

Vox Media uses Middleman for most of their features: http://product.voxmedia.com/2014/7/29/5863004/take-a-peek-at...

Middleman is awesome and very proven in the field. There's a lot of cool sites out there made with it.

At Netlify (https://www.netlify.com) we're building a static hosting service with integrated build automation that's perfect for projects built with static site generators.

With the right tooling this approach to building websites can be so much more efficient than traditional dynamic sites, and it solves all the issues around security, performance and scaling costs that plagues WordPress and Drupal sites.

How is Netlify better than Github Pages?
Github pages can only run builds of plain jekyll sites with no plugins. Netlify will work for pretty much any static site generator (right now we support ruby, node and python).

You can also trigger new builds without pushing to Git (essential for pages like https://www.staticgen.com that grabs data from somewhere else than the Github repo).

Apart from that there's hosting features like:

SSL for custom domains

Redirects

Rewrite rules

Fine grained header control

Lossless image compression

Automatically moves asset to content addressable URLs on a cookie-less domain with far-future expires headers

There's a few more things in the works as well.

Great! Exactly the information I was looking for :)

    Many sites don't really require all that for them to run, 
    and it's crazy to me that something as read heavy as a 
    blog often can't perform well under load given that it's 
    just serving up the same old stuff over and over again. 
    You want to have some tooling to make it easier, but it 
    doesn't need to be run time tooling.
Woah, that makes a tremendous amount of sense, I'm really surprised this kind of thing wasn't developed and caught on big earlier. No more worrying about security upgrades, no more worrying about overusing limited computing resources, no more worrying about giving things like Wordpress to people who don't understand the vast security implications, etc. etc.
I am curious about this seemingly common perception that Wordpress is an insecure product. Is Wordpress, when configured correctly, far less secure than other platforms? (My main thinking is that it is an obvious target due to its incredible marketshare)

A client I had was recently terrified of using Wordpress because an 'SEO expert' had filled her head with conjecture about the insecurity of Wordpress compared to Drupal, referring anecdotally to the White House website using Drupal as some sort of indicator that Drupal is infinitely more secure.

However, looking at CVE data, I don't find massive discrepancies, in fact Drupal had more listed vulnerabilities (almost double) than Wordpress in 2014. Compare the CVE statistics for Drupal http://www.cvedetails.com/vendor/1367/Drupal.html vs. Wordpress http://www.cvedetails.com/vendor/2337/Wordpress.html

I'm just curious if you believe there are inherent risks in Wordpress, or if you meant specifically Wordpress in the wrong hands and with the wrong plugins/extensions etc.

> I'm just curious if you believe there are inherent risks in Wordpress, or if you meant specifically Wordpress in the wrong hands and with the wrong plugins/extensions etc.

Well, in the context of submission link -- serving straight up static HTML content, you have essentially zero risk of security vulnerabilities. I meant to contrast this in a general sense with Wordpress, so I moreso did mean to imply Wordpress is insecure for both its inherent risks (fewer or greater than Drupal) and risks that come with plugins (which a significant amount of Wordpress users do end up getting).

Sounds very good. But I would like more info on :

  > but I personally have had poor luck getting Grunt to work reliably in practice.
Ruby is really good at writing DSLs, Javascript sucks at it.

I'll happily admin that this is user error, but I always have trouble editing Gruntfiles when I start to bring in other packages. Adding an additional task to a Gruntfile is way harder in than Rake, or make, or even Ant for that matter, mainly because you are dealing with hand editing a huge JSON blob.

Tweaking the file to add a different path in or whatever is fine, but there are many times where I wanted to to copy and paste something in to make it work, and I spent as much time fiddling with the format of the js file as I did solving my problem.

A lot of people love grunt, but I'm not one of them.

Thanks for your reply. I've been working with maven and make so far. I'm not used to do much stuff in Ruby, so that's why I don't consider Rake files for a big benefit of my working process.

Anyway I consider your points valid, although I also think you can remove a lot of the boilerplate ( Copy-Paste code ) by introducing some variables to your Grunt build.

I personally use Assemble [1] and I find it pretty decent for generating static content websites.

Good to know there's a good alternative in the ruby world.

1: https://github.com/assemble/assemble