Added all of the website

In the end I made it with Alpine.js because I'm dumb and impatient.
Hopefully AI will teach how to use github actions without breaking my site

Author: webdev-sam

.data/content/contents.sqlite

@@ -0,0 +1,24 @@
+# Environment Variables Example
+# Copy this file to .env and fill in your actual values
+# NEVER commit the .env file to git!
+
+# Site Configuration
+SITE_URL=https://webdevsam.io
+SITE_NAME=webdevsam.io
+
+# Contact Form (if you add backend functionality later)
+# CONTACT_EMAIL=sam@webdevsam.io
+# SMTP_HOST=
+# SMTP_PORT=
+# SMTP_USER=
+# SMTP_PASS=
+
+# Analytics (if you add Google Analytics)
+# GA_TRACKING_ID=
+
+# API Keys (if you integrate any APIs)
+# EXAMPLE_API_KEY=
+# EXAMPLE_API_SECRET=
+
+# Development
+# NODE_ENV=development

.env.example

@@ -0,0 +1,66 @@
+name: CI - Validate Site
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Validate HTML files
+        run: |
+          echo "Checking for HTML syntax issues..."
+          find . -name "*.html" -type f ! -path "*/.*" | while read file; do
+            echo "Checking $file"
+            # Basic HTML validation - check for common issues
+            if ! grep -q "<!DOCTYPE html>" "$file" 2>/dev/null; then
+              echo "⚠️  Warning: $file missing DOCTYPE declaration"
+            fi
+          done
+          echo "✓ HTML validation complete"
+
+      - name: Check for sensitive data
+        run: |
+          echo "Scanning for potential sensitive data..."
+          # Check for common sensitive patterns (excluding this check itself)
+          if grep -r -i "password" --include="*.html" --include="*.js" --exclude-dir=".git" --exclude-dir=".github" . | grep -v "type=\"password\"" | grep -v "placeholder" | grep -v "Password" | grep -v "github/workflows"; then
+            echo "⚠️  Warning: Found 'password' references - please review"
+          fi
+          if grep -r -i "api[_-]key" --include="*.html" --include="*.js" --exclude-dir=".git" --exclude-dir=".github" .; then
+            echo "❌ Error: Found potential API keys in code"
+            exit 1
+          fi
+          if grep -r -i "secret" --include="*.html" --include="*.js" --exclude-dir=".git" --exclude-dir=".github" . | grep -v "secrets." | grep -v "github/workflows"; then
+            echo "⚠️  Warning: Found 'secret' references - please review"
+          fi
+          echo "✓ Sensitive data check complete"
+
+      - name: Validate links structure
+        run: |
+          echo "Checking for broken internal links..."
+          # Check that referenced pages exist
+          for page in index.html pages/home.html pages/blog.html pages/work.html pages/services.html pages/contact.html pages/404.html; do
+            if [ -f "$page" ]; then
+              echo "✓ Found $page"
+            else
+              echo "❌ Missing $page"
+              exit 1
+            fi
+          done
+          echo "✓ Link structure validation complete"
+
+      - name: Check file sizes
+        run: |
+          echo "Checking for large files..."
+          find . -type f ! -path "*/.*" -size +5M -exec ls -lh {} \; | awk '{print "⚠️  Large file: " $9 " (" $5 ")"}'
+          echo "✓ File size check complete"

.github/workflows/ci.yml

@@ -0,0 +1,39 @@
+name: Deploy to DreamHost
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch: # Allows manual trigger
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Deploy to DreamHost via SFTP
+        uses: SamKirkland/FTP-Deploy-Action@v4.3.5
+        with:
+          server: ${{ secrets.FTP_SERVER }}
+          username: ${{ secrets.FTP_USERNAME }}
+          password: ${{ secrets.FTP_PASSWORD }}
+          local-dir: ./
+          server-dir: ./
+          dangerous-clean-slate: false
+          exclude: |
+            **/.git*
+            **/.git*/**
+            **/.github/**
+            **/.vscode/**
+            **/.idea/**
+            **/node_modules/**
+            **/.env*
+            **/*.log
+            **/README.md
+            **/NOTES.md
+            **/TODO.md
+            **/.DS_Store
+            **/Thumbs.db

.github/workflows/deploy.yml

@@ -0,0 +1,79 @@
+# Operating System Files
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db
+Desktop.ini
+
+# Editor and IDE Files
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+.project
+.settings/
+*.sublime-project
+*.sublime-workspace
+
+# Environment Variables and Secrets
+.env
+.env.local
+.env.*.local
+*.key
+*.pem
+secrets.json
+
+# Logs
+logs/
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+
+# Temporary Files
+*.tmp
+*.temp
+.cache/
+.temp/
+
+# Backup Files
+*.bak
+*.backup
+*~
+
+# FTP/SFTP Configuration (if you have local FTP clients)
+.ftpconfig
+sftp-config.json
+deployment-config.json
+
+# Local Development
+.local/
+local/
+
+# Git Attributes
+.gitattributes
+
+# Personal Notes (if you keep any in the repo)
+NOTES.md
+TODO.md
+.notes/
+
+# Build artifacts (if you ever add a build process)
+dist/
+build/
+.output/
+.nuxt/
+node_modules/
+
+# Testing
+coverage/
+.nyc_output/
+
+# Optional: Exclude draft content
+content/drafts/
+**/draft-*.md

.gitignore

@@ -0,0 +1,114 @@
+# .htaccess for webdevsam.io
+# SEO and Performance Optimizations
+
+# Enable Rewrite Engine
+<IfModule mod_rewrite.c>
+  RewriteEngine On
+  RewriteBase /
+
+  # Force HTTPS
+  RewriteCond %{HTTPS} off
+  RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
+
+  # Remove www (or add www if you prefer)
+  RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
+  RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
+
+  # SPA Routing - Redirect all requests to index.html
+  RewriteCond %{REQUEST_FILENAME} !-f
+  RewriteCond %{REQUEST_FILENAME} !-d
+  RewriteRule ^(.*)$ /index.html [L]
+</IfModule>
+
+# GZIP Compression
+<IfModule mod_deflate.c>
+  AddOutputFilterByType DEFLATE text/html
+  AddOutputFilterByType DEFLATE text/css
+  AddOutputFilterByType DEFLATE text/javascript
+  AddOutputFilterByType DEFLATE text/xml
+  AddOutputFilterByType DEFLATE text/plain
+  AddOutputFilterByType DEFLATE application/javascript
+  AddOutputFilterByType DEFLATE application/x-javascript
+  AddOutputFilterByType DEFLATE application/json
+  AddOutputFilterByType DEFLATE application/xml
+  AddOutputFilterByType DEFLATE application/xhtml+xml
+  AddOutputFilterByType DEFLATE application/rss+xml
+  AddOutputFilterByType DEFLATE application/atom_xml
+  AddOutputFilterByType DEFLATE image/svg+xml
+</IfModule>
+
+# Browser Caching
+<IfModule mod_expires.c>
+  ExpiresActive On
+  
+  # Images
+  ExpiresByType image/jpeg "access plus 1 year"
+  ExpiresByType image/jpg "access plus 1 year"
+  ExpiresByType image/png "access plus 1 year"
+  ExpiresByType image/gif "access plus 1 year"
+  ExpiresByType image/svg+xml "access plus 1 year"
+  ExpiresByType image/webp "access plus 1 year"
+  ExpiresByType image/x-icon "access plus 1 year"
+  
+  # CSS and JavaScript
+  ExpiresByType text/css "access plus 1 month"
+  ExpiresByType application/javascript "access plus 1 month"
+  ExpiresByType text/javascript "access plus 1 month"
+  
+  # Fonts
+  ExpiresByType font/woff "access plus 1 year"
+  ExpiresByType font/woff2 "access plus 1 year"
+  ExpiresByType application/font-woff "access plus 1 year"
+  ExpiresByType application/font-woff2 "access plus 1 year"
+  
+  # HTML
+  ExpiresByType text/html "access plus 0 seconds"
+  
+  # Default
+  ExpiresDefault "access plus 1 month"
+</IfModule>
+
+# Security Headers
+<IfModule mod_headers.c>
+  # X-Frame-Options
+  Header always set X-Frame-Options "SAMEORIGIN"
+  
+  # X-Content-Type-Options
+  Header always set X-Content-Type-Options "nosniff"
+  
+  # X-XSS-Protection
+  Header always set X-XSS-Protection "1; mode=block"
+  
+  # Referrer Policy
+  Header always set Referrer-Policy "strict-origin-when-cross-origin"
+  
+  # Permissions Policy
+  Header always set Permissions-Policy "geolocation=(), microphone=(), camera=()"
+  
+  # Content Security Policy (adjust as needed)
+  # Header always set Content-Security-Policy "default-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.tailwindcss.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://cdn.tailwindcss.com; img-src 'self' data: https:; font-src 'self' data: https:;"
+</IfModule>
+
+# Prevent Directory Browsing
+Options -Indexes
+
+# Custom Error Pages (create these if needed)
+# ErrorDocument 404 /404.html
+# ErrorDocument 500 /500.html
+
+# MIME Types
+<IfModule mod_mime.c>
+  AddType application/javascript js
+  AddType text/css css
+  AddType image/svg+xml svg svgz
+  AddType application/font-woff woff
+  AddType application/font-woff2 woff2
+  AddType application/json json
+  AddType application/manifest+json webmanifest
+</IfModule>
+
+# UTF-8 Encoding
+AddDefaultCharset UTF-8
+<IfModule mod_mime.c>
+  AddCharset UTF-8 .html .css .js .xml .json .rss .atom
+</IfModule>