ARCHITECTURE.md

April 21, 2026 Β· View on GitHub

Hack23 Logo

πŸ›οΈ Hack23 Homepage β€” Architecture

C4 Architecture Model: Static Website on AWS S3 + CloudFront
Corporate Cybersecurity Consulting Website β€” hack23.com

Owner Version Status Review Cycle

License OpenSSF Scorecard Verify and Deploy SLSA 3

πŸ“‹ Document Owner: CEO | πŸ“„ Version: 1.1 | πŸ“… Last Updated: 2026-04-21 (UTC) πŸ”„ Review Cycle: Quarterly | ⏰ Next Review: 2026-07-21 🏷️ Classification: Public Low Standard


πŸ“š Architecture Documentation Map

DocumentFocusDescription
πŸ›οΈ ArchitectureC4 ModelC4 model showing system structure (this document)
πŸ›‘οΈ Security ArchitectureSecuritySecurity controls and infrastructure
πŸ“Š Data ModelDataContent model and data structures
πŸ”„ FlowchartProcessesCI/CD and content workflows
πŸ“ˆ State DiagramStatesDeployment and content lifecycle states
🧠 MindmapConceptsSystem conceptual relationships
πŸ’Ό SWOTStrategyStrategic analysis and positioning
πŸ”„ WorkflowsCI/CDGitHub Actions workflow documentation
🎯 Threat ModelThreatsSTRIDE threat analysis
πŸ›‘οΈ CRA AssessmentComplianceEU Cyber Resilience Act conformity
πŸ”„ BCP PlanResilienceBusiness continuity & recovery
πŸ’° Financial & Security PlanCostInfrastructure cost & security investment
πŸ”š End-of-Life StrategyLifecycleTechnology lifecycle management
🏷️ ClassificationDataSecurity classification framework
πŸš€ Future ArchitectureRoadmapArchitectural evolution plans

πŸ“‘ Table of Contents


🌐 System Context

%%{init: {"theme": "base", "themeVariables": {"primaryColor": "#2196F3", "primaryTextColor": "#ffffff", "lineColor": "#455A64", "secondaryColor": "#4CAF50", "tertiaryColor": "#FF9800", "primaryBorderColor": "#1565C0"}}}%%
C4Context
    title System Context - Hack23 Homepage (hack23.com)

    Person(visitor, "πŸ§‘ Website Visitor", "Potential clients, partners, developers exploring Hack23's cybersecurity services")
    Person(admin, "πŸ‘€ Content Admin", "CEO/developer maintaining website content")

    System(homepage, "🌐 Hack23 Homepage", "Static HTML/CSS corporate website showcasing cybersecurity consulting services, open-source projects, and ISMS transparency")

    System_Ext(cloudfront, "☁️ AWS CloudFront", "Global CDN with 400+ edge locations, DDoS protection, HTTPS termination")
    System_Ext(s3, "πŸ’Ύ AWS S3", "Static website hosting with versioning and encryption")
    System_Ext(github, "πŸ”§ GitHub", "Source control, CI/CD, security scanning")
    System_Ext(ghpages, "πŸ“„ GitHub Pages", "DR hosting fallback")

    Rel(visitor, cloudfront, "Views website", "HTTPS/TLS 1.3")
    Rel(cloudfront, s3, "Serves content", "HTTPS")
    Rel(admin, github, "Pushes content changes", "HTTPS/SSH")
    Rel(github, s3, "Deploys via CI/CD", "AWS OIDC")
    Rel(visitor, ghpages, "DR fallback", "HTTPS")

🏒 Container View

%%{init: {"theme": "base", "themeVariables": {"primaryColor": "#2196F3", "primaryTextColor": "#ffffff", "lineColor": "#455A64", "secondaryColor": "#4CAF50", "tertiaryColor": "#FF9800", "primaryBorderColor": "#1565C0"}}}%%
C4Container
    title Container View - Hack23 Homepage

    Person(visitor, "Website Visitor", "Browser user")

    System_Boundary(website, "Hack23 Homepage") {
        Container(html, "πŸ“„ HTML Pages", "HTML5", "1,353 pages β€” 105 English source pages Γ— 14 languages: project showcases, blog posts, services, ISMS docs, sitemaps")
        Container(css, "🎨 Stylesheet", "CSS3", "Single styles.css with responsive design, CSS custom properties, dark theme")
        Container(sitemap, "πŸ—ΊοΈ Sitemap", "XML", "SEO sitemap with hreflang tags for 14 languages")
        Container(robots, "πŸ€– Robots.txt", "Text", "Search engine crawling directives")
        Container(schema, "πŸ“‹ Schema.org", "JSON-LD", "Structured data for SEO: Organization, WebPage, FAQPage, BreadcrumbList, Service")
    }

    System_Boundary(infra, "AWS Infrastructure") {
        Container(cf, "☁️ CloudFront", "CDN", "Global edge delivery, HTTPS, caching, security headers")
        Container(s3bucket, "πŸ’Ύ S3 Bucket", "Storage", "Static content with versioning, AES-256 encryption at rest")
        Container(route53, "🌍 Route53", "DNS", "Domain management with health checks")
        Container(acm, "πŸ”’ ACM", "TLS", "SSL/TLS certificate management")
    }

    System_Boundary(cicd, "CI/CD Pipeline") {
        Container(actions, "βš™οΈ GitHub Actions", "CI/CD", "Build, validate, scan, deploy workflows")
        Container(scanning, "πŸ” Security Scanning", "Tools", "CodeQL, ZAP, Scorecard, Dependency Review")
    }

    Rel(visitor, cf, "HTTPS requests", "TLS 1.3")
    Rel(cf, s3bucket, "Origin fetch", "HTTPS")
    Rel(actions, s3bucket, "Deploy content", "AWS OIDC")
    Rel(actions, scanning, "Security checks", "API")

🧩 Component View

%%{init: {"theme": "base", "themeVariables": {"primaryColor": "#2196F3", "primaryTextColor": "#ffffff", "lineColor": "#455A64", "secondaryColor": "#4CAF50", "tertiaryColor": "#FF9800", "primaryBorderColor": "#1565C0"}}}%%
C4Component
    title Component View - Hack23 Homepage Content

    Container_Boundary(content, "Website Content") {
        Component(index, "🏠 Homepage", "HTML", "Main landing page with services overview")
        Component(projects, "πŸ“¦ Project Pages", "HTML", "7 product portfolio: CIA, CIA Compliance Manager, Black Trigram, EU Parliament MCP Server, Riksdagsmonitor, EU Parliament Monitor, Homepage")
        Component(docs, "πŸ“š Documentation Pages", "HTML", "Project documentation pages with ISMS cards")
        Component(features, "⭐ Feature Pages", "HTML", "Project feature showcase pages")
        Component(blog, "πŸ“ Blog Posts", "HTML", "26 English blog articles on security, compliance, AI, Discordian framework")
        Component(services, "πŸ’Ό Services", "HTML", "Consulting services and offerings")
        Component(i18n, "🌍 Translations", "HTML", "13 language variants Γ— 96 pages each (sv, ko, ar, zh, de, fi, fr, es, ja, he, nl, da, no)")
    }

    Container_Boundary(seo, "SEO & Metadata") {
        Component(meta, "🏷️ Meta Tags", "HTML", "Open Graph, Twitter Cards, hreflang")
        Component(schemaorg, "πŸ“‹ Schema.org", "JSON-LD", "Structured data markup")
        Component(breadcrumbs, "🍞 Breadcrumbs", "HTML", "Navigation with Schema.org BreadcrumbList")
    }

    Container_Boundary(style, "Styling") {
        Component(stylesheet, "🎨 styles.css", "CSS3", "Single CSS file with custom properties and responsive grid")
    }

πŸ“ File Structure

hack23-homepage/
β”œβ”€β”€ πŸ“„ index.html                    # Main landing page (and 12 lang variants)
β”œβ”€β”€ πŸ“„ *-project.html / *.html       # 7 product overview pages (CIA, CIA Compliance Manager,
β”‚                                    # Black Trigram, EU Parliament MCP Server, Riksdagsmonitor,
β”‚                                    # EU Parliament Monitor, Hack23 Homepage)
β”œβ”€β”€ πŸ“„ *-features.html               # Project feature pages
β”œβ”€β”€ πŸ“„ *-docs.html                   # Project documentation pages
β”œβ”€β”€ πŸ“„ blog-*.html                   # 26 English blog articles (+ translations)
β”œβ”€β”€ πŸ“„ services.html                 # Services page
β”œβ”€β”€ πŸ“„ why-hack23.html               # About / differentiators
β”œβ”€β”€ πŸ“„ *_{lang}.html                 # Translated pages β€” 13 languages Γ— 96 pages
β”‚                                    # (sv, ko, ar, zh, de, fi, fr, es, ja, he, nl, da, no)
β”œβ”€β”€ 🎨 styles.css                    # Single stylesheet (responsive, dark theme)
β”œβ”€β”€ πŸ—ΊοΈ sitemap.xml                   # XML sitemap with hreflang
β”œβ”€β”€ πŸ“„ sitemap_*.html                # HTML sitemaps per language
β”œβ”€β”€ πŸ€– robots.txt                    # Crawling directives
β”œβ”€β”€ πŸ“„ budget.json                   # Lighthouse performance budgets
β”œβ”€β”€ πŸ“„ .htmlhintrc                   # HTML linting configuration
β”œβ”€β”€ πŸ“ screenshots/                  # Visual assets and product screenshots
β”œβ”€β”€ πŸ“ docs/                         # Auto-generated release docs (Lighthouse, a11y, security reports)
β”œβ”€β”€ πŸ“ .github/
β”‚   β”œβ”€β”€ πŸ“ workflows/                # 10 workflow YAMLs + agentic workflow markdown templates
β”‚   β”œβ”€β”€ πŸ“ skills/                   # 58 Copilot skills (12 categories)
β”‚   β”œβ”€β”€ πŸ“ agents/                   # 8 custom Copilot agents
β”‚   β”œβ”€β”€ πŸ“ aw/                       # Agentic workflow shared prompts
β”‚   └── πŸ“„ copilot-mcp.json          # MCP server configuration
β”œβ”€β”€ πŸ“„ ARCHITECTURE.md               # C4 architecture (this file)
β”œβ”€β”€ πŸ“„ SECURITY_ARCHITECTURE.md      # Security design
β”œβ”€β”€ πŸ“„ THREAT_MODEL.md               # STRIDE / MITRE ATT&CK threat analysis
β”œβ”€β”€ πŸ“„ CRA-ASSESSMENT.md             # EU Cyber Resilience Act conformity
β”œβ”€β”€ πŸ“„ BCPPlan.md                    # Business Continuity Plan
β”œβ”€β”€ πŸ“„ FinancialSecurityPlan.md      # Cost & security investment
β”œβ”€β”€ πŸ“„ End-of-Life-Strategy.md       # Technology lifecycle
β”œβ”€β”€ πŸ“„ DATA_MODEL.md                 # Content & data model
β”œβ”€β”€ πŸ“„ FLOWCHART.md                  # Process flows
β”œβ”€β”€ πŸ“„ STATEDIAGRAM.md               # Lifecycle states
β”œβ”€β”€ πŸ“„ MINDMAP.md                    # Conceptual relationships
β”œβ”€β”€ πŸ“„ SWOT.md                       # Strategic analysis
β”œβ”€β”€ πŸ“„ WORKFLOWS.md                  # CI/CD documentation
β”œβ”€β”€ πŸ“„ FUTURE_ARCHITECTURE.md        # Architectural roadmap
β”œβ”€β”€ πŸ“„ FUTURE_SECURITY_ARCHITECTURE.md # Security enhancement roadmap
β”œβ”€β”€ πŸ“„ FUTURE_WORKFLOWS.md           # CI/CD evolution
β”œβ”€β”€ πŸ“„ CLASSIFICATION.md             # Data classification per ISMS
β”œβ”€β”€ πŸ“„ ISMS_REFERENCE_GUIDE.md       # Blog-to-policy mapping
β”œβ”€β”€ πŸ“„ SECURITY.md                   # Vulnerability disclosure policy
└── πŸ“„ README.md                     # Project overview

βš™οΈ Technology Stack

LayerTechnologyPurpose
ContentHTML5Semantic markup with Schema.org structured data
StylingCSS3Responsive design with custom properties; single styles.css
HostingAWS S3 (private bucket)Static website hosting with versioning + AES-256 encryption
CDNAWS CloudFrontGlobal edge delivery (450+ PoPs) with HTTPS, security headers, OAC
DNSAWS Route53Domain management with health-check based DR failover
TLSAWS ACMCertificate management (TLS 1.3)
DR HostingGitHub PagesFree fallback origin via Route53 health-check failover
CI/CDGitHub Actions (10 workflows)Automated build, validate, scan, deploy, release pipeline
Security ScanningCodeQL, OWASP ZAP, OpenSSF Scorecard, Dependency ReviewMulti-layer security scanning
QualityHTMLHint, Lighthouse CI, html5validator, LinkinatorContent validation and performance
Build HardeningStepSecurity Harden RunnerRuntime egress filtering and process monitoring
Supply ChainSLSA Build Level 3, Anchore Syft (SBOM), GitHub AttestationsBuild provenance, SBOM, signed releases
Build ToolingNode.js (LTS), dra1ex/minify-actionHTML/CSS/JS minification
AI ToolingGitHub Copilot, 58 skills, 8 custom agents, MCP serversDevSecOps assistance

πŸ”„ Deployment Architecture

%%{init: {"theme": "base", "themeVariables": {"primaryColor": "#2196F3", "primaryTextColor": "#1a1a2e", "lineColor": "#455A64", "secondaryColor": "#e8f5e9", "tertiaryColor": "#fff8e1", "primaryBorderColor": "#1565C0"}}}%%
flowchart LR
    subgraph GitHub["πŸ”§ GitHub"]
        repo[Repository] --> actions[GitHub Actions]
        actions --> validate[Validate HTML/CSS]
        validate --> scan[Security Scan]
        scan --> build[Minify & Build]
    end

    subgraph AWS["☁️ AWS"]
        build --> s3[S3 Bucket]
        s3 --> cf[CloudFront CDN]
        cf --> edge[Edge Locations]
    end

    edge --> visitor[πŸ§‘ Visitor]

    classDef default fill:#e3f2fd,stroke:#1565C0,stroke-width:2px,color:#1a1a2e
    classDef primary fill:#2196F3,stroke:#1565C0,stroke-width:2px,color:#ffffff
    classDef success fill:#4CAF50,stroke:#2E7D32,stroke-width:2px,color:#ffffff
    classDef warning fill:#FF9800,stroke:#F57C00,stroke-width:2px,color:#ffffff
    classDef danger fill:#D32F2F,stroke:#B71C1C,stroke-width:2px,color:#ffffff
    classDef info fill:#455A64,stroke:#263238,stroke-width:2px,color:#ffffff

πŸ“‹ ISMS Compliance

This architecture aligns with the following ISMS frameworks:

FrameworkControlsStatus
ISO 27001:2022A.8.9 Configuration Management, A.8.25 Secure Developmentβœ… Implemented
NIST CSF 2.0PR.DS-1 Data-at-Rest Protection, PR.IP-1 Configuration Baselineβœ… Implemented
CIS Controls v8.1CIS 2 Software Inventory, CIS 16 Application Software Securityβœ… Implemented