A single-author web app hosted on Cloud Run

There's a category of web applications where the content is written by one author and published read-only to everyone else.

In this situation, you need 3 things:

1. A database.
2. A private, authenticated app for writing.
3. A public app for reading.

Within those 3 things are a multitude of choices.

Here are the choices I decided to make:

• The apps are written in JavaScript and run in Node.js.
• The apps use Express to handle requests.
• The apps use Pug as a template engine to render HTML.
• The apps use CSS for styling and JS for progressive enhancement.
• The write app uses HTTP Basic authentication, as there is a single user.
• The data for the apps is stored and indexed in MongoDB Atlas, using the official MongoDB client for Node.js.
• The app configuration is stored in environment variables (some might move to Secrets Manager).
• The pages are generated dynamically when needed, with a reasonable cache expiry time for static files (stylesheets, scripts, etc).
• The code is edited locally in VS Code.
• The apps run locally during development using nodemon.
• The code for the apps is hosted on GitHub and version control is handled in GitHub Desktop.
• The apps run in an environment described by a Dockerfile.
• The Docker image is built automatically from the master branch using Cloud Build, and deployed using Cloud Run. This happens using the Cloud Build GitHub app and a push trigger on the master branch, but might move to GitHub Actions.
• A custom subdomain is mapped to the apps using CNAME records added at the DNS nameserver. This is currently CloudFlare, to give the option of adding caching, but might move elsewhere.

Similarly, here are the choices I decided not to make:

• The apps are not written in TypeScript or PHP.
• The apps do not use EJS, Liquid or JSX as a template engine.
• The apps do not use React to render the UI in the client.
• The apps do not use styled-components or CSS Modules for styling.
• The apps do not use webpack or Parcel for bundling.
• The apps do not use Next.js for routing.
• The pages are not generated statically as part of a build step.
• The read apps do not use cookies or authentication.
• The write apps do not use sessions or OpenID Connect for authentication.
• The data for the apps is not stored in SQLite, MySQL, PostgreSQL, Cloud SQL, RDS, Cloud Firestore, DynamoDB, or a hosted service with a GraphQL interface.
• The database does not run on the same machine as the app.
• The apps do not use an ORM for managing data.
• The data for the apps is not stored with the code in version control.
• The code is not hosted in GitLab or Bitbucket.
• The apps are not edited, run, or hosted in Glitch, CodeSandbox, repl.it or Stackblitz.
• The apps are not deployed as serverless functions.
• The apps are not hosted in Firebase, Vercel or Netlify.
• The apps are not deployed to AWS, Azure, Render or Heroku.