```html

Building an Automated Technical Blog System Across Four Domain Properties

This session focused on architecting and deploying an automated technical blog generation system that captures granular development activity across four separate domain properties: queenofsandiego.com, sailjada.com, dangerouscentaur.com, and burialsatseasandiego.com. The goal was to create a mechanism that generates detailed technical posts immediately after work completes, without exposing credentials, allowing stakeholders like Sergio to see exactly what engineering work is happening.

Architecture Overview

The system consists of three core components:

• Session Capture Hook – A stop hook that executes when Claude sessions end, extracting granular file modifications and commands executed
• Blog Generator – Python script that parses session transcripts (JSONL format) and transforms them into HTML blog posts with technical detail
• Infrastructure Layer – S3 buckets, CloudFront distributions, and DNS configuration for four separate tech blog subdomains

Session Capture and Transcript Parsing

The foundation of this system is Claude Code's session hook mechanism. A new executable hook script was placed at /Users/cb/.claude/hooks/tech_blog_stop.sh, registered in /Users/cb/.claude/settings.json under the stopHooks array. This hook executes whenever a Claude session ends.

The session transcripts are stored in JSONL format (one JSON object per line) in /Users/cb/.claude/projects/ directories. Each transcript line contains:

• type – Either "user", "assistant", or "tool"
• content – The message or tool invocation details
• timestamp – Session timing information
• tool_use_id, tool_name, input – For tool invocations (file reads, writes, commands)

The blog generator script /Users/cb/Documents/repos/tools/tech_blog_generator.py reads these JSONL transcripts and extracts two key categories of developer activity:

• File modifications – Parsed from tool use entries where tool_name is "read_file", "write_file", or "edit_file", capturing exact paths like /Users/cb/Documents/repos/sites/queenofsandiego.com/index.html
• Commands executed – Extracted from execute_command tool invocations, showing exact operations performed

This granular approach ensures the blog captures specific function names, file paths, and infrastructure resource identifiers rather than high-level summaries.

Infrastructure Setup for Four Tech Blog Properties

Each domain gets its own isolated technical blog infrastructure. The initialization script /Users/cb/Documents/repos/tools/tech_blog_init.py orchestrates the creation of:

• S3 Bucket – Named following the pattern tech-{domain}-blog, with static website hosting enabled and appropriate CORS and bucket policies
• CloudFront Distribution – With OAC (Origin Access Control) for secure S3 access, security headers, and cache invalidation support
• DNS Records – CNAME or A records pointing to CloudFront, created via Route53 for AWS-managed domains or API calls for third-party DNS providers
• ACM Certificate – HTTPS support using existing wildcard certificates where available (e.g., *.queenofsandiego.com, *.sailjada.com)

For queenofsandiego.com and sailjada.com, wildcard ACM certificates already existed, allowing immediate SSL/TLS setup. DNS is managed via Route53 hosted zones.

For dangerouscentaur.com, a wildcard CloudFront distribution already existed on the dc-sites S3 bucket (distribution ID: E2Q4UU71SRNTMB), so the tech blog was created as a subdomain within that distribution with appropriate origin configuration.

For burialsatseasandiego.com, DNS is managed at GoDaddy rather than Route53. The initialization process:

1. Created the S3 bucket and CloudFront distribution in AWS
2. Generated an ACM certificate for tech.burialsatseasandiego.com
3. Extracted the DNS validation CNAME record required by ACM
4. Used the GoDaddy API to programmatically add the validation record, then the CloudFront CNAME record

Integration with Ship's Papers Navigation

The tech blog system needed to be discoverable from the existing site navigation. The /Users/cb/Documents/repos/sites/queenofsandiego.com/index.html file was updated to include a "Tech Blog" link in the Ship's Papers dropdown menu. This same pattern was applied to the other domain properties, creating a consistent navigation pattern where stakeholders can access the technical blog from the main site.

Blog Post Generation and Sanitization

The blog generator performs critical sanitization to prevent credential exposure:

• Scans all generated content against a blocklist of sensitive file paths (e.g., .env, .aws/, .claude/)
• Redacts API keys, tokens, and passwords using pattern matching
• Redacts email addresses and personal information
• Filters out commands that interact with credential systems

Posts are generated in HTML format with semantic structure (headings, lists, code blocks) for readability and SEO. Each post includes:

• A specific, granular title describing what was actually accomplished
• File modifications with full paths and operation types (created, edited, deleted)
• Commands executed with exact syntax (but no sensitive arguments)
• Timestamp information for chronological tracking

Deployment and Publishing

Generated posts are uploaded to the appropriate S3 bucket (e.g., s3://tech-queenofsandiego-blog/) with a timestamped filename. CloudFront cache invalidation is automatically triggered to ensure immediate visibility. The system maintains an index of recent posts for navigation.

What's Next

Immediate follow-up items include:

• Testing the blog generator on live development sessions to validate the content quality and granularity
• Adding image assets for the burialsatseasandiego.com property (currently showing incorrect catamaran images)
• Implementing Google Analytics audit and recommendations analysis
• Refining the sanitization rules based on actual session content

The system is now ready to automatically document all development activity across four properties with the technical depth and specificity required for engineering stakeholder visibility.

```