cameleer-website

Marketing site for cameleer.io — zero-code observability for Apache Camel.

This is a static Astro 5 site. Hosted on Hetzner Webhosting L, fronted by Cloudflare, deployed via Gitea Actions.

Development

npm ci
npm run dev       # http://localhost:4321
npm run test      # vitest — auth config + middleware header tests
npm run build     # produces dist/
npm run preview   # serves dist/

Quality gates (run in CI)

npm run lint:html     # html-validate on dist/
npm run lint:links    # linkinator on dist/
npm run lh            # Lighthouse CI (>=0.95 on all 4 categories)

Environment variables

See .env.example. All are PUBLIC_* (build-time, embedded in HTML).

Var	Purpose
PUBLIC_AUTH_SIGNIN_URL	Logto sign-in URL (redirected to by "Sign in" buttons)
PUBLIC_AUTH_SIGNUP_URL	Logto sign-up URL (redirected to by "Start free trial")
PUBLIC_SALES_EMAIL	Sales email (mailto: target for "Talk to sales")

Deployment

Manual trigger only. Merging to main does NOT auto-deploy. To ship: Gitea → Actions → deploy → Run workflow on main. The workflow runs tests, builds, then rsyncs dist/ to Hetzner over SSH (ed25519 key on port 222, host-key-pinned), and post-deploy curls the live site to verify security headers.

Rollback: trigger the deploy workflow on the previous main commit (Actions UI lets you pick a ref).

Security headers (HSTS, CSP, X-Frame-Options, etc.) are owned by Cloudflare Transform Rules, not by anything in this repo. Hetzner Webhosting L ignores file-based .htaccess (AllowOverride None), so origin-side header config is impossible from code. See OPERATOR-CHECKLIST.md §2.

See OPERATOR-CHECKLIST.md for the one-time Hetzner + Cloudflare setup.

Design & plan

• docs/superpowers/specs/2026-04-24-cameleer-website-design.md — the approved spec.
• docs/superpowers/plans/2026-04-24-cameleer-website.md — the implementation plan that built this repo.