Skip to content
Personal Digital Estate

ADR-0006 · Docs Site on Cloudflare Pages

We chose to deploy docs.ducatillon.net (the Architecture Wiki) as a static Astro + Starlight site on Cloudflare Pages protected by Cloudflare Access (email OTP), rather than self-hosting it on the Agent Host VPS.

Context

Section titled “Context”

The Architecture Wiki contains all documentation about the Personal Digital Estate: C4 diagrams, ADRs, security model, cost ledger, venture log, glossary (CONTEXT.md), and agent identity (SOUL.md). It must be private — only Francois should have access.

Two hosting options existed:

  1. Cloudflare Pages + Access — static site on Cloudflare CDN, auth via email OTP
  2. Self-hosted on VPS — nginx serving static files on the same Hostinger VPS as Hermes

Decision

Section titled “Decision”

Cloudflare Pages + Access.

Rationale

Section titled “Rationale”
  1. Independence from VPS — if the VPS goes down (maintenance, misconfiguration, Hostinger outage), the docs remain accessible. This is exactly when you’d need them most: to debug the VPS itself.
  2. Proven zero-trust auth — Cloudflare Access email OTP is battle-tested, requires zero nginx/auth configuration on our side, and costs €0.
  3. Auto-deploy — push to GitHub → deployed in 30 seconds. No pull/rebuild step on VPS.
  4. The SSOT is the Git repo, not the rendered site — both Hermes (via GitHub MCP) and the docs site (via Cloudflare Pages build) consume the same source: fducat18/docs.ducatillon.net. There is only one source of truth.

How Hermes accesses the architecture docs

Section titled “How Hermes accesses the architecture docs”
WhatWhere it livesHow Hermes reads it
SOUL.md~/.hermes/SOUL.md on VPSLocal filesystem — always available, even offline
CONTEXT.md~/.hermes/CONTEXT.md on VPSLocal filesystem — injected as system context
Full wiki (ADRs, diagrams, venture-log, cost-ledger, etc.)GitHub repo fducat18/docs.ducatillon.netGitHub MCP — reads raw .md on demand

This is analogous to: your identity (SOUL) lives in your head, your reference library (wiki) lives on a shelf you can reach. Hermes has both — the core context is always local, the full corpus is one MCP call away.

What we sacrifice

Section titled “What we sacrifice”
  • Slight latency — reading an ADR via GitHub MCP is ~200ms slower than reading a local file. Negligible.
  • GitHub dependency — if GitHub is down (extremely rare), Hermes can’t read the full wiki. But SOUL.md and CONTEXT.md remain available locally.

Security model for docs.ducatillon.net

Section titled “Security model for docs.ducatillon.net”
  • Cloudflare Access — email OTP sent to Francois’s personal email only
  • No public access — returns 403 to anyone not authenticated
  • No secrets in the wiki — API keys, tokens, passwords are NEVER committed to the repo. Only architecture, decisions, and diagrams.