Queen of San Diego — Tech Blog

Under the hood at queenofsandiego.com

```html

Building Multi-Site Automated Technical Blog Infrastructure with Session Transcripts

Overview

Implemented a comprehensive automated technical documentation system that captures development work across four separate domains (queenofsandiego.com, sailjada.com, dangerouscentaur.com, and burialsatseasandiego.com) and publishes granular technical blog posts to corresponding tech subdomains. The system leverages Claude Code session transcripts to auto-generate detailed posts without manual intervention.

What Was Done

1. Blog Generator Infrastructure

Created three interconnected Python scripts to form the auto-publication pipeline:

  • /Users/cb/Documents/repos/tools/tech_blog_generator.py — Main generator that parses Claude Code session transcripts (JSONL format), extracts tool use events and file modifications, filters for sensitive data, and generates formatted HTML blog posts
  • /Users/cb/Documents/repos/tools/tech_blog_init.py — Infrastructure provisioning script that creates S3 buckets, CloudFront distributions, Route53 DNS records, and ACM certificate validation for each tech blog domain
  • /Users/cb/.claude/hooks/tech_blog_stop.sh — Stop hook executed at the end of each Claude Code session to trigger blog post generation and S3 upload

2. Domain-Specific Infrastructure Deployment

Provisioned complete blog infrastructure for four domains:

  • tech.queenofsandiego.com — S3 bucket: qos-tech-blog, CloudFront dist: E2ZA..., Route53 hosted zone created with A record aliasing to CloudFront
  • tech.sailjada.com — S3 bucket: jada-tech-blog, CloudFront dist: E1ZA..., Route53 integration with existing wildcard cert *.sailjada.com
  • tech.dangerouscentaur.com — Integrated with existing wildcard CloudFront distribution E2Q4UU71SRNTMB on dc-sites S3 bucket via CNAME at Namecheap DNS
  • tech.burialsatseasandiego.com — S3 bucket: bats-tech-blog, CloudFront dist, ACM certificate validation via GoDaddy API integration

Technical Implementation Details

Session Transcript Parsing

The generator processes Claude Code session transcripts in JSONL format. Each line contains a JSON event object. The system:

  • Extracts tool_use events with action type write or edit
  • Parses file paths to determine which site the work belongs to (via path matching: /Users/cb/Documents/repos/sites/queenofsandiego.com → QOS blog, etc.)
  • Filters out sensitive files: anything in .claude/ with credentials, repos.env, ACM certificates, Route53 hosted zones containing secrets
  • Extracts command history from command_use events, sanitizing AWS CLI commands to remove actual values
  • Organizes modifications chronologically and groups by topic (Infrastructure / Content / Tools)

Sensitive Data Filtering

Critical security requirement: No credentials, API keys, tokens, or secrets appear in published posts. Filtering rules:

  • Redact GoDaddy API credentials, AWS keys, authentication tokens
  • Replace actual S3 bucket names with descriptive placeholders in narrative sections (but use real names in <code> blocks for infrastructure audit purposes)
  • Strip Route53 hosted zone IDs and ACM certificate ARNs
  • Sanitize file paths containing personal information
  • Remove email addresses and personal domain registrant data

HTML Generation

Posts are generated as self-contained HTML fragments with semantic structure:

<h2>[Specific technical action]</h2>
<h3>Overview</h3>
<p>[What was accomplished]</p>

<h3>What Was Done</h3>
[Bulleted breakdown of actions]

<h3>Technical Details</h3>
[Deep dive into implementation]

<h3>Infrastructure</h3>
[AWS/DNS/CDN changes with exact resource names]

<h3>Key Decisions</h3>
[Why this approach was chosen]

Infrastructure Architecture

CloudFront Strategy

Three different deployment patterns based on existing infrastructure:

  • Dedicated distributions (QOS, JADA, BATS): New S3 origins, new CloudFront distributions, dedicated ACM certs for wildcard domains
  • Shared distribution (Dangerous Centaur): Leveraged existing dc-sites bucket and wildcard CloudFront dist E2Q4UU71SRNTMB, added origin group for tech.dangerouscentaur.com path

DNS Provisioning

Handled three different DNS providers:

  • Route53 (queenofsandiego.com, sailjada.com): Created hosted zones, added A records aliasing to CloudFront distributions, verified with existing wildcard certificates
  • Namecheap (dangerouscentaur.com): Added CNAME record pointing to CloudFront domain
  • GoDaddy (burialsatseasandiego.com): Programmatically added ACM certificate validation CNAME via GoDaddy API, then added blog CNAME

Certificate Management

Leveraged existing wildcard ACM certificates where available:

  • *.queenofsandiego.com wildcard cert — covers tech.queenofsandiego.com
  • *.sailjada.com wildcard cert — covers tech.sailjada.com
  • Created new certs for dangerouscentaur.com and burialsatseasandiego.com via CloudFront distribution creation

Navigation Integration

Added "Technical Blog" link to the Ship's Papers menu in /Users/cb/Documents/repos/sites/queenofsandiego.com/index.html dropdown navigation. This provides Sergio and other stakeholders with easy access to detailed technical documentation from the main site.

Stop Hook Integration

Modified /Users/cb/.claude/settings.json to register the stop hook tech_blog_stop.sh. This hook:

  • Runs automatically when a Claude Code session ends
  • Invokes the blog generator against the current session transcript