amber/fatkiss
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
20a6656ebcd9ba68f710048a33280ed73720149b
fatkiss/README.md
T

130 lines
3.7 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Fat Kiss — Natural Ritual Skincare
**https://getfatkiss.com** | "Everybody Wants One."
Hugo static site with Decap CMS admin. Handcrafted on Kauaʻi.
## Quick Start
```bash
# Local dev
docker compose up preview # → http://localhost:1317
# Build
docker compose run --rm build
# Deploy
bash scripts/deploy.sh
```
## Project Structure
```
content/ # Markdown content (products, about, journal)
data/site/ # YAML config (home, contact, settings, navigation)
data/reviews/ # Review YAML files
assets/scss/ # SCSS design system
assets/js/ # JavaScript
layouts/ # Hugo templates
static/admin/ # Decap CMS
static/uploads/ # Media uploads
server/ # Contact form backend
scripts/ # Build & deploy scripts
```
## How Amber Edits Content
1. Go to **https://getfatkiss.com/admin/**
2. Log in with Gitea (MFA required)
3. Use the sidebar to edit:
- **Pages → Home Page** — hero, brand statement, featured products, ethos
- **Pages → Site Settings** — toggle sections on/off
- **Pages → Contact Settings** — social links, routing
- **Products** — add/edit/archive products
- **About** — edit about page sections
- **Journal** — write journal posts
- **Reviews** — manage customer reviews
4. Changes commit to Gitea → webhook triggers deploy
## How to Add a Product
1. Admin → Products → New Product
2. Fill in: title, product type, status, summary, benefit chips, blend description, directions, ingredients, CTA
3. Set status: `inquiry` (visible, contact to order) or `coming_soon` (visible, not yet available)
4. Save → deploys automatically
## How to Hide a Section
1. Admin → Pages → Home Page
2. Find the section (e.g. Reviews, Journal Preview)
3. Set `enabled: false`
4. Save → section disappears from site
## Conditional Rendering
Sections render ONLY when `enabled: true` AND content exists. No empty boxes. No "coming soon" placeholders (unless explicitly enabled).
## Contact Form Security
- Cloudflare Turnstile (bot protection)
- Server-side token verification
- Rate limiting (5 req / 15 min)
- Honeypot field
- Input sanitization
- Category allowlist
- CORS locked to getfatkiss.com
- No personal emails exposed in HTML
## Deploy Flow
1. Content edited in Decap CMS
2. Commit pushed to Gitea
3. Gitea webhook → `scripts/deploy.sh`
4. Hugo builds to temp directory
5. Validates output exists
6. Atomically rsyncs to live webroot
7. Previous build kept as rollback
## Rollback
```bash
# Content rollback: revert commit in Gitea
# Build rollback on Hub:
ssh hub-direct 'sudo rsync -az --delete /home/benjoe/getfatkiss/public.prev/ /var/www/getfatkiss.com/public_html/'
```
## Future Roadmap
- **Ecommerce**: Stripe integration, cart, checkout
- **Newsletter**: Listmonk integration
- **Fat Kiss Studio**: Custom admin replacing Decap CMS
- **Subscriptions**: Recurring orders
- **Wholesale portal**: B2B ordering
- **Local pickup**: Kauaʻi fulfillment option
## Security Headers
Configured in Apache:
- X-Frame-Options: SAMEORIGIN
- X-Content-Type-Options: nosniff
- Referrer-Policy: strict-origin-when-cross-origin
- Permissions-Policy: geolocation=(), microphone=(), camera=()
## Admin Security
- `/admin/` — noindex, nofollow
- Gitea OAuth authentication
- MFA required on Amber's Gitea account
- No secrets in admin config
- Media uploads restricted to `/static/uploads/`
## Tech Stack
- **Hugo** — static site generator
- **Decap CMS** — browser-based content editing
- **Gitea** — self-hosted Git + auth backend
- **Docker** — Hugo build environment
- **Apache** — web server on Hub
- **Cloudflare** — DNS + CDN + Turnstile
- **Node.js** — contact form backend
Reference in New Issue View Git Blame Copy Permalink