183a92123c
The homepage Lighthouse perf score dropped to 0.94 in CI (threshold 0.95) because Hero and ThreeAmWalkthrough each load a 1920×945 PNG screenshot straight out of public/product/ — together ~1.2 MiB and the LCP element. Other pages have no product imagery and pass with 1.0. Adds a sharp-based generator (scripts/optimize-product-images.mjs, run via `npm run optimize:images`) that emits 1280w and 1920w WebP variants beside each source PNG. Lightbox.astro now wraps the trigger in a <picture> with a WebP <source srcset> auto-derived from the PNG path (PNG kept as fallback for the ~2% of clients without WebP), exposes a fetchpriority prop, and points the dialog modal at the 1920w WebP. The Hero passes fetchpriority="high" on the LCP image; index.astro injects a matching <link rel="preload" as="image" imagesrcset> via a new BaseLayout head slot so the WebP is discovered before the body parses. Effect on the LCP image: 551 KiB PNG → 46 KiB WebP at 1280w (-92%). Local Lighthouse perf: 0.95 → 1.00 across 3 runs on /index.html; pricing/imprint stay 1.00; privacy unchanged at 0.98 (pre-existing CLS). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
cameleer-website
Marketing site for cameleer.io — zero-code observability for Apache Camel.
This is a static Astro 5 site. Hosted on Hetzner Webhosting L, fronted by Cloudflare, deployed via Gitea Actions.
Development
npm ci
npm run dev # http://localhost:4321
npm run test # vitest — auth config + middleware header tests
npm run build # produces dist/
npm run preview # serves dist/
Quality gates (run in CI)
npm run lint:html # html-validate on dist/
npm run lint:links # linkinator on dist/
npm run lh # Lighthouse CI (>=0.95 on all 4 categories)
Environment variables
See .env.example. All are PUBLIC_* (build-time, embedded in HTML).
| Var | Purpose |
|---|---|
PUBLIC_AUTH_SIGNIN_URL |
Logto sign-in URL (redirected to by "Sign in" buttons) |
PUBLIC_AUTH_SIGNUP_URL |
Logto sign-up URL (redirected to by "Start free trial") |
PUBLIC_SALES_EMAIL |
Sales email (mailto: target for "Talk to sales") |
Deployment
Manual trigger only. Merging to main does NOT auto-deploy. To ship: Gitea → Actions → deploy → Run workflow on main. The workflow runs tests, builds, then rsyncs dist/ to Hetzner over SSH (ed25519 key on port 222, host-key-pinned), and post-deploy curls the live site to verify security headers.
Rollback: trigger the deploy workflow on the previous main commit (Actions UI lets you pick a ref).
Placeholder mode
To put the site into "back shortly" mode, trigger Gitea → Actions → deploy-placeholder → Run workflow. To bring the real site back, trigger Actions → deploy → Run workflow on the desired main commit. Both workflows share the deploy-production concurrency group, so they can never run simultaneously.
The placeholder is hand-authored static HTML in placeholder/ and does NOT depend on npm/astro build — it is deliberately decoupled from the main build so it can ship even when that build is broken.
Scope note. The placeholder serves HTTP 200 (not 503), so Cloudflare's edge will cache it normally. This is fine for short planned maintenance windows. For longer outages or incident fallback, purge Cloudflare's cache (or set a short-TTL Cache Rule for the maintenance window) before triggering recovery via deploy.yml, otherwise the edge may serve the placeholder past recovery until TTL expires.
Security headers (HSTS, CSP, X-Frame-Options, etc.) are owned by Cloudflare Transform Rules, not by anything in this repo. Hetzner Webhosting L ignores file-based .htaccess (AllowOverride None), so origin-side header config is impossible from code. See OPERATOR-CHECKLIST.md §2.
See OPERATOR-CHECKLIST.md for the one-time Hetzner + Cloudflare setup.
Design & plan
docs/superpowers/specs/2026-04-24-cameleer-website-design.md— the approved spec.docs/superpowers/plans/2026-04-24-cameleer-website.md— the implementation plan that built this repo.