Build notes // this station
Colophon
Transparency for humans and machines: what runs here, what does not, and where to read the full technical spec.
Stack
Static HTML, CSS, and vanilla JavaScript on Cloudflare Pages with Functions, KV, and R2 (uploaded files) for the API, blog metadata, and admin content. No React, Vue, or client framework on public pages.
Design
The visual language is “Field Station” — a dossier in daylight, an ops console after dark. Theming is entirely CSS-variable-driven, so a single token set drives both modes; the browser toggles between them. Two typographic voices: Inter for the human voice, a system monospace for the machine voice (labels, telemetry, the ⌘K command palette).
Typography
Inter (variable WOFF2), self-hosted under /assets/fonts/ and declared in /styles/fonts.css — not loaded from Google Fonts or other CDNs. Monospace is the system font stack (no download).
Libraries (vendored)
Markdown, sanitization, syntax highlighting, and the admin editor load from /assets/vendor/ on this origin only (marked, DOMPurify, Prism, Quill). See MoCipher-SPEC.md for the file list.
Privacy & analytics
The only measurement here is Cloudflare Web Analytics — privacy-first and cookieless: no cookies, no client-side identifiers, and no cross-site tracking. There is no Google Analytics, no Facebook pixel, and no advertising or engagement-tracking stack. I don't optimize this site for “engagement” metrics at the cost of visitor privacy.
The one third-party browser script beyond analytics is the Cloudflare Turnstile widget on the contact form (privacy-friendly, cookieless bot protection). Operational data (e.g. HTTP logs) may be processed by the hosting provider as described in privacy.html.
Security
Strict Content-Security-Policy and related headers are defined in _headers at the repository root (summarized in the spec).
Open documentation
Authoritative detail: MoCipher-SPEC.md. Machine-oriented summary: /llms.txt.