Skip to content

Build notes // this station

Colophon

Transparency for humans and machines: what runs here, what does not, and where to read the full technical spec.

Stack

Static HTML, CSS, and vanilla JavaScript on Cloudflare Pages with Functions, KV, and R2 (uploaded files) for the API, blog metadata, and admin content. No React, Vue, or client framework on public pages.

Design

The visual language is “Field Station” — a dossier in daylight, an ops console after dark. Theming is entirely CSS-variable-driven, so a single token set drives both modes; the browser toggles between them. Two typographic voices: Inter for the human voice, a system monospace for the machine voice (labels, telemetry, the ⌘K command palette).

Typography

Inter (variable WOFF2), self-hosted under /assets/fonts/ and declared in /styles/fonts.css — not loaded from Google Fonts or other CDNs. Monospace is the system font stack (no download).

Libraries (vendored)

Markdown, sanitization, syntax highlighting, and the admin editor load from /assets/vendor/ on this origin only (marked, DOMPurify, Prism, Quill). See MoCipher-SPEC.md for the file list.

Privacy & analytics

The only measurement here is Cloudflare Web Analytics — privacy-first and cookieless: no cookies, no client-side identifiers, and no cross-site tracking. There is no Google Analytics, no Facebook pixel, and no advertising or engagement-tracking stack. I don't optimize this site for “engagement” metrics at the cost of visitor privacy.

The one third-party browser script beyond analytics is the Cloudflare Turnstile widget on the contact form (privacy-friendly, cookieless bot protection). Operational data (e.g. HTTP logs) may be processed by the hosting provider as described in privacy.html.

Security

Strict Content-Security-Policy and related headers are defined in _headers at the repository root (summarized in the spec).

Open documentation

Authoritative detail: MoCipher-SPEC.md. Machine-oriented summary: /llms.txt.