../blog

About this site

· updated

What this is

A small corner of the internet. No analytics, no cookie banner, no newsletter pop-up. Just a few pages of text and the occasional post when I have something worth writing down.

How it’s built

This site is built with Astro and rendered as a fully static bundle — every page is plain HTML by the time it reaches your browser. The blog post you are reading right now started its life as a Markdown file in src/content/blog/, was type-checked against a Zod schema, and was compiled at build time.

There is no JavaScript on most pages. The only client-side script is the blinking cursor on the landing page, and even that is pure CSS.

The look

The aesthetic is deliberately spare: a single monospace font, a near-black foreground, a transparent background, and no images outside of the rare post that genuinely needs one. The whole stylesheet fits in a single file you can read in under a minute.

Inspiration for that direction came from a handful of places — old BBS screens, the motherfuckingwebsite.com school of “your browser already knows how to render text”, and a general fatigue with sites that load megabytes of fonts and tracking just to show a paragraph.

What you’ll find here

Posts will mostly be short technical notes — things I figured out at the terminal, opinions I want to stop repeating in person, occasional longer pieces when something deserves it. I do not have a publishing schedule and I am not trying to grow an audience. If a post is useful to you, that is great. If not, the back button is right where you left it.

The protected page

The protected link on the landing page leads to a page whose contents only exist as ciphertext until a password is entered in the browser. At build time the plaintext HTML is encrypted with AES-256-GCM (key derived from the password via PBKDF2, 100k iterations) and inlined into a shell page; the plaintext version is then deleted from dist/. In the browser, crypto.subtle decrypts it locally — no backend involved.

It is not a real security boundary: the ciphertext is public, so a determined attacker with a wordlist and time can brute-force it offline. The point is to keep things like a postal address out of the indexable web, not to defend against a nation-state. Use a long, random password.

Credits

The blog scaffolding (content collections, the post layout pattern, the FormattedDate component) is adapted from the official Astro blog template, with the styling rewritten from scratch to fit this site.

If you find something here you want to fix, get in touch — the contact address is on the landing page.