Switch to Netlify

Signed-off-by: Tommy <contact@tommytran.io>

.firebaserc

@@ -1,5 +0,0 @@
-{
-  "projects": {
-    "default": "privsec-356523"
-  }
-}

.github/workflows/firebase-hosting-merge.yml

@@ -1,36 +0,0 @@
-# This file was auto-generated by the Firebase CLI
-# https://github.com/firebase/firebase-tools
-
-name: Deploy to Firebase Hosting on merge
-'on':
-  push:
-    branches:
-      - main
-jobs:
-  Build_and_Deploy:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          submodules: true  # Fetch Hugo themes (true OR recursive)
-          fetch-depth: 0    # Fetch all history for .GitInfo and .Lastmod
-
-      #- name: Fecth External Blog
-      #  run: ./external-blogs.sh
-
-      - name: Hugo setup
-        uses: peaceiris/actions-hugo@v2
-        with:
-          hugo-version: 'latest'
-
-      - name: Build
-        run: hugo --minify
-
-      - name: Deploy
-        uses: FirebaseExtended/action-hosting-deploy@v0
-        with:
-          repoToken: '${{ secrets.GITHUB_TOKEN }}'
-          firebaseServiceAccount: '${{ secrets.FIREBASE_SERVICE_ACCOUNT_PRIVSEC_356523 }}'
-          channelId: live
-          projectId: privsec-356523

.github/workflows/firebase-hosting-pull-request.yml

@@ -1,47 +0,0 @@
-name: Deploy to Firebase Hosting on PR
-on:
-  workflow_run:
-    workflows: ["Build Hugo site on PR"]
-    types:
-      - completed
-
-jobs:
-  Preview:
-    runs-on: ubuntu-latest
-    if: >
-      ${{ github.event.workflow_run.event == 'pull_request' &&
-      github.event.workflow_run.conclusion == 'success' }}
-    steps:
-      - name: Download artifact
-        uses: actions/github-script@v3.1.0
-        with:
-          script: |
-            var artifacts = await github.actions.listWorkflowRunArtifacts({
-               owner: context.repo.owner,
-               repo: context.repo.repo,
-               run_id: ${{github.event.workflow_run.id }},
-            });
-            var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
-              return artifact.name == "hugo"
-            })[0];
-            var download = await github.actions.downloadArtifact({
-               owner: context.repo.owner,
-               repo: context.repo.repo,
-               artifact_id: matchArtifact.id,
-               archive_format: 'zip',
-            });
-            var fs = require('fs');
-            fs.writeFileSync('${{github.workspace}}/hugo.zip', Buffer.from(download.data));
-
-      - name: Unzip artifact
-        run: unzip hugo.zip
-
-      - name: Remove artifact zip
-        run: rm hugo.zip
-
-      - name: Deploy to Firebase
-        uses: FirebaseExtended/action-hosting-deploy@v0
-        with:
-          repoToken: '${{ secrets.GITHUB_TOKEN }}'
-          firebaseServiceAccount: '${{ secrets.FIREBASE_SERVICE_ACCOUNT_PRIVSEC_356523 }}'
-          projectId: privsec-356523

.github/workflows/pull-request-receiver.yml

@@ -1,31 +0,0 @@
-# This file was auto-generated by the Firebase CLI
-# https://github.com/firebase/firebase-tools
-
-name: Build Hugo site on PR
-'on': pull_request
-jobs:
-  Build_Hugo_Site:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          submodules: true  # Fetch Hugo themes (true OR recursive)
-          fetch-depth: 0    # Fetch all history for .GitInfo and .Lastmod
-
-      #- name: Fecth External Blog
-      #  run: ./external-blogs.sh
-
-      - name: Hugo setup
-        uses: peaceiris/actions-hugo@v2
-        with:
-          hugo-version: 'latest'
-
-      - name: Build Hugo site
-        run: hugo --minify
-          
-      - name: Upload artifact
-        uses: actions/upload-artifact@v2
-        with:
-          name: hugo
-          path: .

.gitignore

@@ -1,69 +1,7 @@
-# Logs
-logs
-*.log
-npm-debug.log*
-yarn-debug.log*
-yarn-error.log*
-firebase-debug.log*
-firebase-debug.*.log*
-
-# Firebase cache
-.firebase/
-
-# Firebase config
-
-# Uncomment this if you'd like others to create their own Firebase project.
-# For a team working on the same Firebase project(s), it is recommended to leave
-# it commented so all members can deploy to the same project(s) in .firebaserc.
-# .firebaserc
-
-# Runtime data
-pids
-*.pid
-*.seed
-*.pid.lock
-
-# Directory for instrumented libs generated by jscoverage/JSCover
-lib-cov
-
-# Coverage directory used by tools like istanbul
-coverage
-
-# nyc test coverage
-.nyc_output
-
-# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
-.grunt
-
-# Bower dependency directory (https://bower.io/)
-bower_components
-
-# node-waf configuration
-.lock-wscript
-
-# Compiled binary addons (http://nodejs.org/api/addons.html)
-build/Release
-
-# Dependency directories
-node_modules/
-
-# Optional npm cache directory
-.npm
-
-# Optional eslint cache
-.eslintcache
-
-# Optional REPL history
-.node_repl_history
-
-# Output of 'npm pack'
-*.tgz
-
-# Yarn Integrity file
-.yarn-integrity
-
-# dotenv environment variables file
-.env
-
 # Ignore .DS_Store files (macOS)
 .DS_Store
+
+# Ignore Hugo generated files
+public/
+resources/
+.hugo_build.lock

config.yml

@@ -1,6 +1,5 @@
 baseURL: "https://privsec.dev"
 title: PrivSec.dev
-paginate: 5
 theme: PaperMod
 
 enableRobotsTXT: true
@@ -55,6 +54,8 @@ params:
       url: "https://github.com/PrivSec-dev"
     - name: matrix
       url: "https://matrix.to/#/#privsec:arcticfoxes.net"
+    - name: twitter
+      url: "https://twitter.com/privsec_dev"
     - name: email
       url: "mailto:contact@privsec.dev"
     - name: rss

content/about.md

@@ -1,11 +1,12 @@
 ---
 title: "About Us"
+date: 2022-07-16
+lastmod: 2022-07-21
 ---
 
 PrivSec.dev is made by a group of enthusiastic individuals looking to provide practical privacy and security advice for the end user. We are security researchers, developers, system administrators... generally people with technical knowledge and work in the field.
 
-We focus on in-depth system configuration, security analysis, and software/hardware recommendations. Our site is based on technical merits, not ideologies and politics. 
-
+Just stick with Windows, Google Chrome, don't use 2FA.
 ---
 
 ### Tommy

content/code.md

@@ -1,5 +1,7 @@
 ---
 title: "Code of Conflict"
+date: 2022-07-18
+lastmod: 2022-07-21
 ---
 
 The development effort of PrivSec.dev is a very personal process compared to “traditional” ways of developing a community website. Your recommendations and ideas behind it will be carefully reviewed, often resulting in critique and criticism. Know that this happens because everyone involved wants to see the best possible solution for the overall success of PrivSec.dev. 

content/donate.md

@@ -1,5 +1,7 @@
 ---
 title: "Donate"
+date: 2022-07-16
+las
 ---
 
 The domain costs us $12/year to renew from Google. We got our repository hosted for free on GitHub. We got our site hosted for free with Firebase. It costs Tommy ~$20/month to run the mail server, but that server is used for a bunch of his projects, not just PrivSec, and we doubt it will be used that much anyways. The point is, this website does not cost much to run, and as such we will not be accepting donation as a project.

content/privacy.md

@@ -1,5 +1,7 @@
 ---
 title: "Privacy Policy"
+date: 2022-07-18
+lastmod: 2022-07-21
 ---
 
 PrivSec.dev as a project does not collect any personal information. We do not log your IPs, collect your fingerprints, or run any sort of analytics on you. In sort, we do not care who you are, what you do, or how you are using our website. It is none of our business.
@@ -12,9 +14,9 @@ Services like Disqus, Instagram, and Google Analytics are disabled. We do link t
 
 ## Hosting Provider
 
-We use Google Domains, Google DNS, and Google Firebase Hosting to run our website. We turn Google Analytics off for our project, so it should not collect any data on you.
+We use Google Domains, Google DNS. We host our website on Netlify. We turn Netlify Analytics off for our project, so we do not have any information about you. We do not use Netlify assets optimization, so nothing is hosted on CloudFront.
 
-For the Privacy Policy of Firebase Hosting, please check out [this link](https://firebase.google.com/support/privacy).
+Netlify does store your IP address and access logs for less than 30 days. Please check out [this link](https://www.netlify.com/gdpr-ccpa/) for their policy regarding this. Their general privacy policy can be found [here](https://www.netlify.com/gdpr-ccpa/).
 
 ## Git Repository
 
@@ -33,3 +35,4 @@ Direct or private messages with individuals are end to end encrypted by default.
 ## Email
 
 Our mail server is hosted by Tommy on his own Dedicated Server colocated in the United Kingdom. Many of us use our @privsec.dev email as an alias and forward it to another email provider. The privacy of your emails with us is the same as with any other person you communicate with using this protocol - the hosting providers can read all of your conversations with us unless you are using PGP, and even when you use PGP there is no metadata protection.
+

content/search.md

@@ -3,6 +3,6 @@ title: "Search" # in any language you want
 layout: "search" # is necessary
 # url: "/archive"
 # description: "Description for Search"
-summary: "search"
+summary: "Search"
 placeholder: "Enter your search query"
 ---

firebase.json

@@ -1,57 +0,0 @@
-{
-  "hosting": {
-    "public": "public",
-    "headers": [ 
-      {
-        "source": "*",
-        "headers": [
-          {
-            "key": "Content-Security-Policy",
-            "value": "block-all-mixed-content; form-action 'none'; frame-ancestors 'self'"
-          },
-          {
-            "key": "X-Content-Type-Options",
-            "value": "nosniff"
-          },    
-          {
-            "key": "Referrer-Policy",
-            "value": "no-referrer"
-          },   
-          {
-            "key": "Cross-Origin-Opener-Policy",
-            "value": "same-origin"
-          },   
-          {
-            "key": "Cross-Origin-Embedder-Policy",
-            "value": "require-corp"
-          },   
-          {
-            "key": "X-Frame-Options",
-            "value": "DENY"
-          },  
-          {
-            "key": "X-XSS-Protection",
-            "value": "0"
-          },  
-          {
-            "key": "Permissions-Policy",
-            "value": "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=()"
-          },  
-          {
-            "key": "Cross-Origin-Resource-Policy",
-            "value": "same-origin"
-          },
-          {
-            "key": "Expect-CT",
-            "value": "enforce, max-age=63072000"
-          }
-        ]
-      }    
-     ],
-    "ignore": [
-      "firebase.json",
-      "**/.*",
-      "**/node_modules/**"
-    ]
-  }
-}

layouts/partials/post_nav_links.html

@@ -0,0 +1,19 @@
+{{- $pages := where site.RegularPages.ByTitle "Type" "in" site.Params.mainSections }}
+{{- if and (gt (len $pages) 1) (in $pages . ) }}
+<nav class="paginav">
+  {{- with $pages.Next . }}
+  <a class="prev" href="{{ .Permalink }}">
+    <span class="title">« {{ i18n "prev_page" }}</span>
+    <br>
+    <span>{{- .Name -}}</span>
+  </a>
+  {{- end }}
+  {{- with $pages.Prev . }}
+  <a class="next" href="{{ .Permalink }}">
+    <span class="title">{{ i18n "next_page" }} »</span>
+    <br>
+    <span>{{- .Name -}}</span>
+  </a>
+  {{- end }}
+</nav>
+{{- end }}

netlify.toml

@@ -0,0 +1,16 @@
+[[headers]]
+  for = "/*"
+  [headers.values]
+    Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
+    Content-Security-Policy = "default-src 'self'; script-src 'self' 'unsafe-inline'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'"
+    X-Content-Type-Options = "nosniff"
+    Referrer-Policy = "no-referrer"
+    Cross-Origin-Opener-Policy = "same-origin"
+    Cross-Origin-Embedder-Policy = "require-corp"
+    X-Frame-Options = "DENY"
+    X-XSS-Protection = "0"
+    Permissions-Policy = "accelerometer=(), autoplay=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()"
+    Cross-Origin-Resource-Policy = "same-origin"
+
+[context.deploy-preview]
+command = "hugo -b $DEPLOY_PRIME_URL"

resources/_gen/assets/scss/scss/main.scss_de1a7f5f1c8c46959803c429bb697ff0.json

@@ -1 +0,0 @@
-{"Target":"main.4e5c639214707eff609bb55fe49e183dee42258a73bc90e4cc7b0a84f900798a.css","MediaType":"text/css","Data":{"Integrity":"sha256-TlxjkhRwfv9gm7Vf5J4YPe5CJYpzvJDkzHsKhPkAeYo="}}

static/.well-known/mta-sts.txt

@@ -0,0 +1,4 @@
+version: STSv1
+mode: enforce
+mx: mail.tommytran.io
+max_age: 604800