Building a Real-Time Technical Blog System: Auto-Generated Post Pipeline for Four Domain Properties

```html

This session established a complete technical documentation pipeline that automatically generates granular technical blog posts across four separate domain properties: tech.queenofsandiego.com, tech.sailjada.com, tech.dangerouscentaur.com, and tech.burialsatseasandiego.com. The system captures development work at the session level and publishes detailed posts immediately upon session completion, with navigation integration into each property's main site.

What Was Done

Created automated infrastructure provisioning scripts for four tech blog subdomains with S3 + CloudFront + DNS
Built a blog generator that parses Claude Code session transcripts and generates detailed technical HTML posts
Implemented a Stop hook mechanism that triggers post generation and deployment at the end of each development session
Integrated tech blog navigation into the "Ship's Papers" dropdown menu on each main domain
Set up cross-domain infrastructure with appropriate SSL certificates, CloudFront distributions, and DNS routing
Created filtering logic to redact sensitive data (credentials, API keys, tokens) from published posts
Validated all infrastructure and tested live HTTP access across all four tech blog domains

Technical Architecture

Post Generation Pipeline: The system hooks into Claude Code's session lifecycle. When a development session ends, the Stop hook (/Users/cb/.claude/hooks/tech_blog_stop.sh) triggers, which calls the blog generator. The generator reads the session transcript (JSON Lines format stored in ~/.claude/sessions/), extracts relevant tool use entries and commands, filters out sensitive data using regex patterns, and generates a structured HTML article with semantic markup.

The blog generator logic in /Users/cb/Documents/repos/tools/tech_blog_generator.py parses entries with these characteristics:

File operations (Write/Edit to specific paths with timestamps)
AWS CLI commands (S3, CloudFront, Route53, ACM operations)
Command execution logs and outputs
Configuration changes and deployments

Each post is tagged with the domain property inferred from modified file paths. For example, files under /Users/cb/Documents/repos/sites/queenofsandiego.com/ generate posts to tech.queenofsandiego.com.

Infrastructure Stack: Each tech blog subdomain runs on identical infrastructure:

Origin: S3 bucket (e.g., qos-tech-blog, jada-tech-blog, dc-sites-tech-blog, bats-tech-blog)
CDN: CloudFront distribution with custom domain CNAME
SSL/TLS: Wildcard ACM certificates (*.queenofsandiego.com, *.sailjada.com) for queenofsandiego and sailjada properties; individual certificates for dangerouscentaur and burialsatseasandiego
DNS: Route53 hosted zones for queenofsandiego and sailjada; Namecheap CNAME for dangerouscentaur; GoDaddy CNAME for burialsatseasandiego

The infrastructure initialization script (/Users/cb/Documents/repos/tools/tech_blog_init.py) is idempotent and handles:

S3 bucket creation with versioning enabled
CloudFront distribution setup with origin path configuration
ACM certificate validation and DNS record creation
DNS CNAME record provisioning via Route53, Namecheap, or GoDaddy APIs
Configuration persistence to ~/.claude/projects/-Users-cb-Documents-repos/memory/project_tech_blogs.md

Domain-Specific Routing

Queen of San Diego & Sailjada: Both use Route53 hosted zones with wildcard ACM certificates. The infrastructure script created qos-tech-blog and jada-tech-blog S3 buckets mapped to CloudFront distributions aliased to tech.queenofsandiego.com and tech.sailjada.com respectively, with Route53 CNAME records pointing to the CloudFront domain names.

Dangerous Centaur: Uses Namecheap DNS with a wildcard CloudFront distribution (E2Q4UU71SRNTMB) that already existed on the dc-sites S3 bucket. The tech blog is served from a separate dc-sites-tech-blog bucket through its own CloudFront distribution, with a CNAME record at Namecheap pointing to the CloudFront domain.

Burials at Sea San Diego: Uses GoDaddy DNS. The infrastructure setup created bats-tech-blog S3 bucket and CloudFront distribution, then used the GoDaddy API (authenticated via stored credentials) to create the CNAME record for tech.burialsatseasandiego.com.

Data Redaction and Security

The blog generator implements multi-layer redaction before publishing:

Credential patterns: Regex matching for AWS access keys, secret keys, tokens, and API keys
File path sanitization: Absolute user paths truncated or anonymized
Environment variables: Sensitive env var values stripped while keeping variable names for context
Configuration files: References to repos.env or credential files mentioned but contents never exposed

The generator preserves technical detail necessary for engineering review (exact S3 bucket names, CloudFront distribution IDs, Route53 zone IDs, file paths, function names) while ensuring no secrets leak into the public technical documentation.

Navigation Integration

Updated /Users/cb/Documents/repos/sites/queenofsandiego.com/index.html to add a "Technical Blog" link in the Ship's Papers dropdown menu, pointing to https://tech.queenofsandiego.com/. Similar navigation updates apply to the other three main domain sites, with each pointing to its respective tech blog subdomain.

Session Hook Implementation

The Stop hook script (/Users/cb/.claude/hooks/tech_blog_stop.sh) is executed by Claude Code when a session ends. It:

Captures the current session ID from the Claude Code environment
Invokes the blog generator with the session transcript path
Determines the target domain(s) based on file modifications in the session
Generates the HTML post with a timestamp and session reference
Uploads the post to the appropriate tech blog S3 bucket
Invalidates the corresponding CloudFront distribution cache
Logs all actions to ~/.claude/logs/tech_blog_deploy.log

The hook is registered in /Users/cb/.claude/settings.json under the hooks.stop