Building an Auto-Generated Technical Blog Pipeline: Infrastructure Setup for Four Domain Properties
Overview
This session implemented a comprehensive technical blogging system across four domain properties (queenofsandiego.com, sailjada.com, dangerouscentaur.com, and burialsatseasandiego.com) with automatic post generation from Claude Code session transcripts. The system captures granular technical details from development work and publishes them immediately upon session completion, making all work visible and auditable.
What Was Done
- Created auto-generation pipeline scripts to parse Claude Code session transcripts and generate blog posts
- Provisioned S3 buckets and CloudFront distributions for four tech blog subdomains
- Configured DNS routing across three DNS providers (Route53 for AWS-hosted zones, Namecheap for dangerouscentaur, GoDaddy for burialsatseasandiego)
- Integrated tech blog links into existing site navigation (Ship's Papers menu)
- Set up automated post generation hooks triggered at session end
- Established certificate infrastructure for HTTPS on all four properties
Technical Details: Infrastructure Architecture
Blog Generation Pipeline
The system works by hooking into Claude Code's session lifecycle. When a development session ends, the tech_blog_stop.sh hook executes and:
- Reads the session transcript (JSONL format from
~/.claude/projects/) - Extracts all tool use entries (file operations, commands executed) using
tech_blog_generator.py - Runs Python analysis to strip credentials and extract technical context
- Generates an HTML blog post with specific file paths, resource names, and decisions
- Uploads to the appropriate S3 bucket based on which domain was the focus
- Invalidates CloudFront cache to make the post immediately live
This approach ensures every technical decision is documented in real-time, with granular details about what changed and why.
S3 and CloudFront Configuration
Four S3 buckets were created following the pattern tech-{domain}-blog:
tech-queenofsandiego-blog— CloudFront distribution with wildcard cert for*.queenofsandiego.comtech-sailjada-blog— CloudFront distribution with wildcard cert for*.sailjada.comtech-dangerouscentaur-blog— Uses existing wildcard CF distribution (ID: E2Q4UU71SRNTMB) ondc-sitesbuckettech-burialsatseasandiego-blog— CloudFront distribution, requires separate ACM cert due to external domain
Each CloudFront distribution is configured with:
- S3 origin with origin access identity (OAI) for secure access
- Default root object:
index.html - HTTPS only (viewer policy enforced)
- Cache behavior with 300-second TTL for HTML, longer for static assets
- Compression enabled for text-based content
DNS Configuration Across Three Providers
DNS was configured differently based on each domain's registrar:
Route53 (sailjada.com, queenofsandiego.com):
tech.queenofsandiego.com CNAME → CloudFront distribution domain
tech.sailjada.com CNAME → CloudFront distribution domain
Namecheap (dangerouscentaur.com):
tech CNAME → CloudFront distribution domain
(Uses existing wildcard cert infrastructure)GoDaddy (burialsatseasandiego.com):
tech CNAME → CloudFront distribution domain
ACM certificate DNS validation CNAME record added to GoDaddy nameservers
The burialsatseasandiego.com setup required special handling because it's registered at GoDaddy but was being accessed via the sailjada.com wildcard certificate. A new ACM certificate was issued for the full domain, and the DNS validation record was added via GoDaddy's API integration.
Infrastructure Configuration Storage
All infrastructure details (bucket names, distribution IDs, DNS records, certificate ARNs) were saved to a structured JSON config file at:
/Users/cb/.claude/projects/-Users-cb-Documents-repos/memory/tech_blogs_infra.jsonThis config is referenced by the blog generator to determine which S3 bucket and CloudFront distribution to use for each domain, eliminating hardcoding and enabling easy updates.
Integration with Existing Navigation
Links to the tech blogs were added to the Ship's Papers menu on each primary site, making technical documentation immediately discoverable by stakeholders like Sergio. The navigation structure follows the existing pattern in index.html files across all properties.
Certificate Management
*.queenofsandiego.com— existing wildcard cert in ACM*.sailjada.com— existing wildcard cert in ACMdangerouscentaur.com— covered by existing wildcard distributionburialsatseasandiego.com— new ACM certificate provisioned, DNS validation via GoDaddy
Key Architectural Decisions
Why separate S3 buckets per domain? Isolation and independent scaling. Each property can have its own traffic patterns and retention policies. Separate buckets also simplify permissions and enable domain-specific blog customization in the future.
Why CloudFront? Global CDN distribution ensures low-latency blog access regardless of where readers are located. Cache invalidation is fast (propagates within seconds), allowing real-time post updates. HTTPS termination at edge improves performance.
Why hook into Claude Code sessions? This captures the actual development context—file paths, commands, tool usage—directly from the transcript rather than relying on manual documentation. It's granular, immediate, and unhackable in terms of accuracy.
Why store infrastructure config as JSON? Enables the blog generator and future tooling to be completely provider-agnostic. If CloudFront distributions change or new subdomains are added, only the config file needs updating.
Security Considerations
The blog generation pipeline includes a credential-stripping phase that:
- Removes any API keys, tokens, or passwords from command outputs
- Redacts email addresses and phone numbers from file contents
- Filters environment variables that might contain secrets
- Logs only file paths and operation types, not file contents when sensitive
This ensures technical documentation is detailed enough to audit and learn from, but secure enough for external stakeholder review.
What's Next
- Image asset management on burialsatseasandiego.com (incorrect images for "imagine" and "small catamaran" fields noted for