Endless Dark

Objective

Host a lightweight, media-rich band site on AWS with global performance, HTTPS security, and custom email under the endlessdark.net domain — all without managed CMS overhead.

1 · S3 Static Hosting

• Created an S3 bucket named endlessdark.net with public access disabled.
• Uploaded site assets (HTML, CSS, images, YouTube embeds).
• Enabled Static Website Hosting and noted the REST endpoint (not the website endpoint).

2 · CloudFront Distribution + OAC

• Deployed a CloudFront distribution with the S3 REST endpoint as origin.
• Created a new Origin Access Control (OAC) to restrict bucket access exclusively to CloudFront.
• Attached OAC policy:

  {
    "Statement": [{
      "Effect": "Allow",
      "Principal": { "Service": "cloudfront.amazonaws.com" },
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::endlessdark.net/*",
      "Condition": {
        "StringEquals": {
          "AWS:SourceArn": "arn:aws:cloudfront::ACCOUNT_ID:distribution/DISTRIBUTION_ID"
        }
      }
    }]
  }

• Requested SSL via AWS Certificate Manager (us-east-1) and linked it to CloudFront for HTTPS.

3 · Route 53 Configuration

• Created a Hosted Zone for endlessdark.net.
• Added an A Record (Alias) targeting the CloudFront distribution.
• Added TXT records for Zoho Mail domain verification.
• Configured MX records supplied by Zoho to route mail correctly.

4 · Zoho Mail Setup

1. Registered at Zoho Mail (free plan for custom domains).
2. Verified domain via Route 53 TXT record:

   zoho-verification=xxxxxxxxxxxxxxxxx

3. Added Zoho-provided MX records and optional SPF + DKIM for deliverability.

5 · Result

endlessdark.net now streams high-quality video, loads fast via CloudFront edge locations, and uses secure HTTPS with a private S3 bucket. Band members manage mail through Zoho Mail, achieving a fully professional presence at zero ongoing cost.