From 3a36c2a9091bb1eca84c66f9d594cd655fc087db Mon Sep 17 00:00:00 2001
From: Timothy DeHerrera <tim@nrdxp.dev>
Date: Sat, 24 Jan 2026 22:17:59 -0700
Subject: [PATCH] chore: add Netlify deployment configuration

- netlify.toml: Configure cargo build --release and run compiler.
  Publish directory set to public/.

- static/_headers: Add security headers (X-Frame-Options, CSP, etc.)
  and cache control for static assets (1 year for css/images,
  1 hour for HTML, 1 hour for feed).
---
 netlify.toml    | 13 +++++++++++++
 static/_headers | 25 +++++++++++++++++++++++++
 2 files changed, 38 insertions(+)
 create mode 100644 netlify.toml
 create mode 100644 static/_headers

diff --git a/netlify.toml b/netlify.toml
new file mode 100644
index 0000000..0c72369
--- /dev/null
+++ b/netlify.toml
@@ -0,0 +1,13 @@
+# Netlify build configuration for nrd.sh
+
+[build]
+  command = "cargo build --release && ./target/release/nrd-sh"
+  publish = "public"
+
+[build.environment]
+  RUST_VERSION = "1.84"
+
+# Redirect clean URLs (optional, for server-side routing)
+# Not needed since we use .html extensions
+
+# Headers are configured in static/_headers
diff --git a/static/_headers b/static/_headers
new file mode 100644
index 0000000..8a6513f
--- /dev/null
+++ b/static/_headers
@@ -0,0 +1,25 @@
+# Netlify headers for nrd.sh
+
+# Default headers for all paths
+/*
+  X-Frame-Options: DENY
+  X-Content-Type-Options: nosniff
+  Referrer-Policy: strict-origin-when-cross-origin
+
+# Cache static assets aggressively
+/*.css
+  Cache-Control: public, max-age=31536000, immutable
+
+/*.png
+  Cache-Control: public, max-age=31536000, immutable
+
+/*.gif
+  Cache-Control: public, max-age=31536000, immutable
+
+# HTML pages: short cache, revalidate
+/*.html
+  Cache-Control: public, max-age=3600, must-revalidate
+
+# Feed: moderate cache
+/feed.xml
+  Cache-Control: public, max-age=3600