Static
Static here means: HTML (and the Rendorix URLs inside it) are produced in advance—static site generator, Astro prerender, Jekyll, Hugo, Next.js export, etc. The image GET is still dynamic in the sense that CloudFront may miss and run Lambda once, but the string the browser uses is fixed at build (or the last CI run).
When static is a good fit
Section titled “When static is a good fit”- Marketing pages, docs, blogs, and product pages where everyone gets the same image set.
- You can list all assets and presets at build time (or you accept rebuilds when the set changes).
- You are fine rebuilding to rotate signing behavior or bump preset versions in lockstep with content.
Avoid relying on static HTML for per-user image lists unless you prerender one page per user (unusual) or you load signed URLs client-side from an API (then the “static” page is a shell—the important signing still happens on a server).
Where signing happens in the pipeline
Section titled “Where signing happens in the pipeline”| Stage | What runs |
|---|---|
| Local dev (optional) | npm run build with dev secrets (never commit) or mock URLs that skip HMAC when using a fake edge |
| CI (recommended) | Build step reads HMAC secret from CI secrets; emits final src in HTML |
| Deploy | Artifact is static files; no Rendorix secret on the CDN that serves HTML (only public strings) |
Environment variables for signing are build-time in this model—process.env.RENDORIX_HMAC_SECRET in a Vite/Astro integration, Jekyll plugin, etc. Rotate the key with a new build and redeploy (or staged overlap in the edge for old signatures during rollover—see Security).
Caching and CDN behavior
Section titled “Caching and CDN behavior”- HTML is often aggressively cacheable (same for all users): long
max-ageon assets and redeploy to update. - Image URLs in that HTML are signed; choose
explong enough that browsers do not outlive a valid link for typical visits (TTL). If tabs stay open for days, either lengthen signed TTL or accept that very old tabs need a refresh (same as any static asset URL with time-bounded auth). - CloudFront still caches image responses by URL; static sites that bump query strings on every rebuild increase cache cardinality—prefer stable URLs for the same logical image variant when possible.
Tradeoffs (summary; link to Tradeoffs)
Section titled “Tradeoffs (summary; link to Tradeoffs)”Pros: Simple runtime (no app server for HTML), predictable cost, excellent global cache for anonymous traffic.
Cons: Rebuild to change any baked URL; long exp on signed links in HTML if you hate rebuilding; no per-request personalization in the markup itself without hybrids.
See Tradeoffs and Usage: overview for the wider picture.
Related reading
Section titled “Related reading”- SSR — when every page is dynamic
- Examples: Astro (static)