claude-timemachine
aa36b2905a
Single-binary Go service that renders markdown pages from a runtime volume mount. Targeted at public, no-auth, no-WAF deployment behind a TLS ingress; security posture is defense-in-depth at every layer: - goldmark with no WithUnsafe — raw HTML in author markdown is stripped - CSP without 'unsafe-inline', plus HSTS, COOP, CORP, Permissions-Policy - static handler rejects non-GET/HEAD, directory listings, dotfiles, traversal - content loader rejects symlinks that escape the content root, dotfiles, and .md files larger than 1 MiB - per-page template trees (cloned from layout) so define-blocks don't collide between home/category/page - SIGHUP triggers atomic library swap — live edits on volume, no rebuild Locale layout content/<locale>/<category>/<slug>.md. Categories without _index.md still appear on the home page with a humanized name. Search is a ~70-line vanilla JS scan over /search.json?lang=<locale>; swap for a real indexer if the corpus ever balloons. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
19 lines
638 B
HTML
19 lines
638 B
HTML
{{define "title"}}{{if .Category.Index}}{{.Category.Index.Title}}{{else}}{{humanize .Category.Name}}{{end}} · automc tutorials{{end}}
|
|
{{define "content"}}
|
|
<article class="category">
|
|
<h1>{{if .Category.Index}}{{.Category.Index.Title}}{{else}}{{humanize .Category.Name}}{{end}}</h1>
|
|
{{with .IndexHTML}}<div class="prose">{{.}}</div>{{end}}
|
|
|
|
<ul class="page-list">
|
|
{{range .Category.Pages}}
|
|
<li>
|
|
<a href="/{{$.Locale}}/{{.Category}}/{{.Slug}}">
|
|
<strong>{{.Title}}</strong>
|
|
{{with .Summary}}<span class="summary">{{.}}</span>{{end}}
|
|
</a>
|
|
</li>
|
|
{{end}}
|
|
</ul>
|
|
</article>
|
|
{{end}}
|