cameleer/cameleer-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat/initial-build #1

Merged
hsiegeln merged 32 commits from feat/initial-build into main 2026-04-24 17:56:10 +02:00
Conversation 0 Commits 32 Files Changed 43 +15075 -19
hsiegeln commented 2026-04-24 17:56:01 +02:00
Contributor
Copy Link
No description provided.
hsiegeln added 32 commits 2026-04-24 17:56:02 +02:00
Scaffold Astro 5 project with static output and i18n-ready content collections b9b0dcb6ec
Add lightningcss devDependency (required by vite cssMinify config) 4afe37ee1a
Plan fix: add lightningcss to Task 1 devDependencies list 902d48a80a
Add Tailwind config with Mission Control tokens and global styles ec320f7ae4 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Fix focus ring visibility and add DM Sans 600 weight d0e7d13f09
Plan fix: use text-display/text-hero (fontSize) not font-display/font-hero (fontFamily) 4759f88780
Add auth URL config module with validation (TDD) 8ab30ca8fc 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add sign-up URL test coverage and remove unused beforeEach import 3a155efa69
Plan fix: mirror sign-up URL test coverage additions for Task 3 7f8a41fd34
Add security-headers middleware with strict CSP (TDD) 3432d509df 
Exports buildSecurityHeaders() (pure, testable) and wires it into the
Astro onRequest middleware. Adds astro:middleware alias in vitest config
so the unit tests run outside Astro's build context. 14 tests pass (7
existing + 7 new).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Document CSP directive rationale and strengthen inline-script assertion 2945c63f2a 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Plan fix: correct Task 4 preview-headers claim (static Astro doesn't run middleware at preview) e0a7ec4651 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add BaseLayout with meta tags, favicon, robots.txt, and OG card e084177acf 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add shared building-block components: header, footer, CTAs, topographic background 8b4b1ae699 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add RouteDiagram hero SVG: 2 Camel routes with cross-route correlation 6b27d8f013
Add homepage Hero section — headline, subhead, CTAs, diagram 754333226b
Add DualValueProps section — 3 tiles pairing outcomes with capabilities 6f9e98aeb6
Add HowItWorks section — 3-step engineer-facing walkthrough 5af7e0079f
Add WhyUs section — moat (zero-code, bidirectional) + team pedigree 9795c633c9
Add PricingTeaser section — 4 tier mini-cards linking to /pricing 94b9b844ac
Assemble homepage — Hero, DualValueProps, HowItWorks, WhyUs, PricingTeaser, FinalCTA 6f70e1a642
Add pricing page with 4-tier comparison cards d4449bb404
Add imprint page (TMG §5 / DDG §5 structure, operator fields marked <TBD>) 07de57dda5
Add privacy policy page (GDPR-aligned, no-cookies posture documented) ecbf1f90d7
Add .htaccess for origin hardening, HTTPS redirect, and cache headers dfb8419b08
Add CI lint configs (html-validate, linkinator), fix nav a11y and URL routing 04a1bd0aaf 
- .htmlvalidate.json with relaxed rules for design-system inline styles
- linkinator.config.json skipping mail, external auth/platform origins
- Fix lint:html npm script quoting for Windows-shell compatibility
- Switch astro build.format to 'directory' so /pricing resolves without MultiViews
- trailingSlash: 'ignore' lets both /pricing and /pricing/ work naturally
- Add aria-label to both <nav> landmarks (Primary, Footer) to satisfy html-validate

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Add Lighthouse CI config with >=95 thresholds across 4 categories cc7802e461
Add Gitea Actions workflow: build, test, lint, Lighthouse, rsync deploy with header smoke check 92bef08357
Add README and operator checklist for Hetzner + Cloudflare + Gitea setup 7e0d341c89
Apply final-review cleanup: robots sitemap, CI guards, header parity d98d73b14a 
- Remove Sitemap line from robots.txt (no @astrojs/sitemap installed; was
  pointing to a 404 that would trip Google Search Console).
- Align Permissions-Policy across all three enforcement layers (middleware,
  .htaccess, Cloudflare Transform Rule in OPERATOR-CHECKLIST) by dropping the
  stray fullscreen=(self) from the middleware.
- Bump Lighthouse CI numberOfRuns from 1 to 3 to dampen CI-runner noise.
- Add CI guard that fails the build if any <TBD:...> marker survives into
  dist/ — prevents a legally incomplete imprint from shipping by accident.
- Add SFTP_* secret null-guard before the rsync --delete step so a missing
  secret fails loudly instead of targeting the SSH user's home root.
- Document the set:html compile-time-constant invariant in DualValueProps.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Make CI arm64-runner-aware for Gitea self-hosted act_runner ea6267d6f7 
Runner: self-hosted arm64. Deploy target: amd64 (Hetzner). Cross-arch is
safe because Astro output is plain static HTML/CSS/JS — nothing in the
bundle is arch-specific.

Changes:
- runs-on: ubuntu-latest (most portable act_runner label — override per your
  runner's registered labels if needed).
- Install Chromium from apt at workflow time (Google Chrome has no Linux/arm64
  stable build; Chromium does). Handles both chromium and chromium-browser
  package names, sudo-less runners, and idempotently skips if already present.
- Export CHROME_PATH so LHCI picks the right binary.
- Add chromeFlags to lighthouserc.cjs: --no-sandbox --headless=new
  --disable-gpu --disable-dev-shm-usage (required in containerized/root
  Chromium on CI runners).
- timeout-minutes on both jobs.
- Defense-in-depth install of rsync + openssh in deploy job if the runner
  image doesn't ship them.
- Null-guard SFTP_KEY and SFTP_KNOWN_HOSTS secrets.
- Switch echo to printf for deterministic newline handling when writing key
  material to ~/.ssh files.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Split CI and deploy into separate workflows
Some checks failed
ci / build-test (push) Failing after 1m19s
Details
ci / build-test (pull_request) Failing after 1m4s
Details
7ecd1ff871 
- .gitea/workflows/ci.yml: builds, tests, lints, and runs Lighthouse on
  every push and PR to main. Runs on arm64 self-hosted Gitea runner.
- .gitea/workflows/deploy.yml: deploys to Hetzner on push to main or
  manual workflow_dispatch from Gitea UI. No Lighthouse (that's CI's
  job). Keeps the TBD-marker guard as a last-line safety check.

Both workflows live on the same concurrency group so no two deploys
race. On main push, CI and deploy run in parallel; CI is independent
and non-blocking for the deploy step.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
hsiegeln merged commit 65667d9b50 into main 2026-04-24 17:56:10 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
claude
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: cameleer/cameleer-website#1
Delete Branch "feat/initial-build"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?