From d69342b2e9a0f6d795276e75aadd12757dcc540c Mon Sep 17 00:00:00 2001
From: Josh <josh@macawls.dev>
Date: Fri, 9 Jan 2026 00:16:46 +0200
Subject: [PATCH] init

---
 .air.toml                                     |   24 +
 .env.example                                  |   79 +
 .gitignore                                    |   13 +
 .woodpecker.yml                               |   43 +
 Dockerfile                                    |   22 +
 MONETIZATION.md                               |  121 +
 Makefile                                      |   22 +
 README.md                                     |   61 +
 docker-compose.yml                            |  119 +
 go.mod                                        |   67 +
 go.sum                                        |  160 +
 internal/auth/middleware.go                   |   54 +
 internal/auth/oauth.go                        |  535 +++
 internal/billing/lemon.go                     |  234 ++
 internal/billing/payout.go                    |  126 +
 internal/billing/store.go                     |  333 ++
 internal/billing/webhook.go                   |  303 ++
 internal/billing/wise.go                      |  198 +
 internal/build/assets/assets.go               |   15 +
 internal/build/assets/css/style.css           |  778 ++++
 internal/build/assets/js/main.js              |  127 +
 internal/build/assets/js/post.js              |  197 +
 internal/build/templates/base.html            |   76 +
 internal/build/templates/blog.html            |   34 +
 internal/build/templates/home.html            |   34 +
 internal/build/templates/post.html            |   57 +
 internal/build/templates/templates.go         |  139 +
 internal/cloudflare/analytics.go              |  451 ++
 internal/config/tiers.go                      |  100 +
 internal/db/db.go                             |   81 +
 internal/db/demos.go                          |  109 +
 internal/db/migrations/001_initial.sql        |  185 +
 internal/db/models.go                         |   34 +
 internal/db/sessions.go                       |   45 +
 internal/db/tenants.go                        |  147 +
 internal/db/users.go                          |   62 +
 internal/imaginary/client.go                  |   77 +
 internal/markdown/markdown.go                 |   72 +
 internal/markdown/themes.go                   |  152 +
 internal/og/og.go                             |  185 +
 internal/server/api.go                        |  208 +
 internal/server/blog.go                       |  703 ++++
 internal/server/build.go                      |  176 +
 internal/server/demo.go                       |  208 +
 internal/server/platform.go                   |  649 +++
 internal/server/ratelimit.go                  |  126 +
 internal/server/reader.go                     |  634 +++
 internal/server/server.go                     |  163 +
 .../server/static/analytics-screenshot.png    |  Bin 0 -> 54639 bytes
 internal/server/static/apple-touch-icon.png   |  Bin 0 -> 10597 bytes
 internal/server/static/favicon-16x16.png      |  Bin 0 -> 1215 bytes
 internal/server/static/favicon-192x192.png    |  Bin 0 -> 11380 bytes
 internal/server/static/favicon-32x32.png      |  Bin 0 -> 1711 bytes
 internal/server/static/writekit-icon.ico      |  Bin 0 -> 4286 bytes
 internal/server/static/writekit-icon.png      |  Bin 0 -> 29942 bytes
 internal/server/static/writekit-icon.svg      |   24 +
 internal/server/studio.go                     | 2052 +++++++++
 internal/server/sync.go                       |  113 +
 internal/server/templates/404.html            |   64 +
 internal/server/templates/expired.html        |   56 +
 internal/server/templates/index.html          |  484 +++
 internal/server/templates/signup.html         |  472 +++
 internal/storage/s3.go                        |  113 +
 internal/storage/storage.go                   |   14 +
 internal/tenant/analytics.go                  |  279 ++
 internal/tenant/apikeys.go                    |   94 +
 internal/tenant/assets.go                     |   80 +
 internal/tenant/comments.go                   |   70 +
 internal/tenant/members.go                    |   63 +
 internal/tenant/models.go                     |  124 +
 internal/tenant/pages.go                      |   39 +
 internal/tenant/plugins.go                    |  136 +
 internal/tenant/pool.go                       |  176 +
 internal/tenant/posts.go                      |  481 +++
 internal/tenant/queries.go                    |   24 +
 internal/tenant/reactions.go                  |  159 +
 internal/tenant/runner.go                     |  621 +++
 internal/tenant/search.go                     |   67 +
 internal/tenant/secrets.go                    |  202 +
 internal/tenant/settings.go                   |   84 +
 internal/tenant/sqlite.go                     |  273 ++
 internal/tenant/sync.go                       |   31 +
 internal/tenant/users.go                      |  117 +
 internal/tenant/webhooks.go                   |  308 ++
 main.go                                       |   50 +
 studio/embed.go                               |   20 +
 studio/index.html                             |   16 +
 studio/package-lock.json                      | 3732 +++++++++++++++++
 studio/package.json                           |   49 +
 studio/src/App.tsx                            |   92 +
 studio/src/api.ts                             |   77 +
 .../src/components/editor/MetadataPanel.tsx   |  198 +
 studio/src/components/editor/PluginEditor.tsx |  722 ++++
 studio/src/components/editor/PostEditor.tsx   |  354 ++
 .../src/components/editor/SlashCommands.tsx   |  270 ++
 studio/src/components/editor/SourceEditor.tsx |  105 +
 studio/src/components/editor/index.ts         |    4 +
 studio/src/components/layout/Header.tsx       |   76 +
 studio/src/components/layout/Sidebar.tsx      |  102 +
 studio/src/components/layout/index.ts         |    2 +
 studio/src/components/shared/Breadcrumb.tsx   |   45 +
 .../src/components/shared/BreakdownList.tsx   |   51 +
 studio/src/components/shared/EmptyState.tsx   |   24 +
 studio/src/components/shared/Field.tsx        |   27 +
 studio/src/components/shared/Icons.tsx        |  316 ++
 studio/src/components/shared/LoadingState.tsx |    9 +
 studio/src/components/shared/PageHeader.tsx   |   16 +
 studio/src/components/shared/SaveBar.tsx      |   39 +
 studio/src/components/shared/Section.tsx      |   21 +
 studio/src/components/shared/Skeleton.tsx     |  596 +++
 studio/src/components/shared/StatCard.tsx     |   26 +
 studio/src/components/shared/index.ts         |   23 +
 studio/src/components/ui/ActionMenu.tsx       |   92 +
 studio/src/components/ui/Badge.tsx            |   20 +
 studio/src/components/ui/Button.tsx           |   63 +
 studio/src/components/ui/Dropdown.tsx         |   86 +
 studio/src/components/ui/Input.tsx            |   50 +
 studio/src/components/ui/Modal.tsx            |   51 +
 studio/src/components/ui/Select.tsx           |   33 +
 studio/src/components/ui/Tabs.tsx             |   74 +
 studio/src/components/ui/Toast.tsx            |   33 +
 studio/src/components/ui/Toggle.tsx           |   29 +
 studio/src/components/ui/UsageIndicator.tsx   |   42 +
 studio/src/components/ui/index.ts             |   11 +
 studio/src/main.tsx                           |   11 +
 studio/src/pages/APIPage.tsx                  |  749 ++++
 studio/src/pages/AnalyticsPage.tsx            |  318 ++
 studio/src/pages/BillingPage.tsx              |  251 ++
 studio/src/pages/DataPage.tsx                 |  106 +
 studio/src/pages/DesignPage.preview.css       |  236 ++
 studio/src/pages/DesignPage.tsx               |  474 +++
 studio/src/pages/DomainPage.tsx               |   82 +
 studio/src/pages/EngagementPage.tsx           |  118 +
 studio/src/pages/GeneralPage.tsx              |  125 +
 studio/src/pages/HomePage.tsx                 |  229 +
 studio/src/pages/MonetizationPage.tsx         |   75 +
 studio/src/pages/PluginsPage.tsx              |  784 ++++
 studio/src/pages/PostEditorPage.tsx           |  285 ++
 studio/src/pages/PostsPage.tsx                |  302 ++
 studio/src/pages/index.ts                     |   10 +
 studio/src/stores/analytics.ts                |   10 +
 studio/src/stores/apiKeys.ts                  |   34 +
 studio/src/stores/app.ts                      |   19 +
 studio/src/stores/assets.ts                   |   33 +
 studio/src/stores/billing.ts                  |    4 +
 studio/src/stores/editor.ts                   |  467 +++
 studio/src/stores/fetcher.ts                  |   24 +
 studio/src/stores/hooks.ts                    |   35 +
 studio/src/stores/index.ts                    |    9 +
 studio/src/stores/interactions.ts             |   74 +
 studio/src/stores/plugins.ts                  |  102 +
 studio/src/stores/posts.ts                    |   41 +
 studio/src/stores/router.ts                   |   18 +
 studio/src/stores/secrets.ts                  |   36 +
 studio/src/stores/settings.ts                 |   93 +
 studio/src/stores/webhooks.ts                 |   69 +
 studio/src/types.ts                           |  128 +
 studio/tsconfig.json                          |   20 +
 studio/uno.config.ts                          |  259 ++
 studio/vite.config.ts                         |   47 +
 160 files changed, 28681 insertions(+)
 create mode 100644 .air.toml
 create mode 100644 .env.example
 create mode 100644 .gitignore
 create mode 100644 .woodpecker.yml
 create mode 100644 Dockerfile
 create mode 100644 MONETIZATION.md
 create mode 100644 Makefile
 create mode 100644 README.md
 create mode 100644 docker-compose.yml
 create mode 100644 go.mod
 create mode 100644 go.sum
 create mode 100644 internal/auth/middleware.go
 create mode 100644 internal/auth/oauth.go
 create mode 100644 internal/billing/lemon.go
 create mode 100644 internal/billing/payout.go
 create mode 100644 internal/billing/store.go
 create mode 100644 internal/billing/webhook.go
 create mode 100644 internal/billing/wise.go
 create mode 100644 internal/build/assets/assets.go
 create mode 100644 internal/build/assets/css/style.css
 create mode 100644 internal/build/assets/js/main.js
 create mode 100644 internal/build/assets/js/post.js
 create mode 100644 internal/build/templates/base.html
 create mode 100644 internal/build/templates/blog.html
 create mode 100644 internal/build/templates/home.html
 create mode 100644 internal/build/templates/post.html
 create mode 100644 internal/build/templates/templates.go
 create mode 100644 internal/cloudflare/analytics.go
 create mode 100644 internal/config/tiers.go
 create mode 100644 internal/db/db.go
 create mode 100644 internal/db/demos.go
 create mode 100644 internal/db/migrations/001_initial.sql
 create mode 100644 internal/db/models.go
 create mode 100644 internal/db/sessions.go
 create mode 100644 internal/db/tenants.go
 create mode 100644 internal/db/users.go
 create mode 100644 internal/imaginary/client.go
 create mode 100644 internal/markdown/markdown.go
 create mode 100644 internal/markdown/themes.go
 create mode 100644 internal/og/og.go
 create mode 100644 internal/server/api.go
 create mode 100644 internal/server/blog.go
 create mode 100644 internal/server/build.go
 create mode 100644 internal/server/demo.go
 create mode 100644 internal/server/platform.go
 create mode 100644 internal/server/ratelimit.go
 create mode 100644 internal/server/reader.go
 create mode 100644 internal/server/server.go
 create mode 100644 internal/server/static/analytics-screenshot.png
 create mode 100644 internal/server/static/apple-touch-icon.png
 create mode 100644 internal/server/static/favicon-16x16.png
 create mode 100644 internal/server/static/favicon-192x192.png
 create mode 100644 internal/server/static/favicon-32x32.png
 create mode 100644 internal/server/static/writekit-icon.ico
 create mode 100644 internal/server/static/writekit-icon.png
 create mode 100644 internal/server/static/writekit-icon.svg
 create mode 100644 internal/server/studio.go
 create mode 100644 internal/server/sync.go
 create mode 100644 internal/server/templates/404.html
 create mode 100644 internal/server/templates/expired.html
 create mode 100644 internal/server/templates/index.html
 create mode 100644 internal/server/templates/signup.html
 create mode 100644 internal/storage/s3.go
 create mode 100644 internal/storage/storage.go
 create mode 100644 internal/tenant/analytics.go
 create mode 100644 internal/tenant/apikeys.go
 create mode 100644 internal/tenant/assets.go
 create mode 100644 internal/tenant/comments.go
 create mode 100644 internal/tenant/members.go
 create mode 100644 internal/tenant/models.go
 create mode 100644 internal/tenant/pages.go
 create mode 100644 internal/tenant/plugins.go
 create mode 100644 internal/tenant/pool.go
 create mode 100644 internal/tenant/posts.go
 create mode 100644 internal/tenant/queries.go
 create mode 100644 internal/tenant/reactions.go
 create mode 100644 internal/tenant/runner.go
 create mode 100644 internal/tenant/search.go
 create mode 100644 internal/tenant/secrets.go
 create mode 100644 internal/tenant/settings.go
 create mode 100644 internal/tenant/sqlite.go
 create mode 100644 internal/tenant/sync.go
 create mode 100644 internal/tenant/users.go
 create mode 100644 internal/tenant/webhooks.go
 create mode 100644 main.go
 create mode 100644 studio/embed.go
 create mode 100644 studio/index.html
 create mode 100644 studio/package-lock.json
 create mode 100644 studio/package.json
 create mode 100644 studio/src/App.tsx
 create mode 100644 studio/src/api.ts
 create mode 100644 studio/src/components/editor/MetadataPanel.tsx
 create mode 100644 studio/src/components/editor/PluginEditor.tsx
 create mode 100644 studio/src/components/editor/PostEditor.tsx
 create mode 100644 studio/src/components/editor/SlashCommands.tsx
 create mode 100644 studio/src/components/editor/SourceEditor.tsx
 create mode 100644 studio/src/components/editor/index.ts
 create mode 100644 studio/src/components/layout/Header.tsx
 create mode 100644 studio/src/components/layout/Sidebar.tsx
 create mode 100644 studio/src/components/layout/index.ts
 create mode 100644 studio/src/components/shared/Breadcrumb.tsx
 create mode 100644 studio/src/components/shared/BreakdownList.tsx
 create mode 100644 studio/src/components/shared/EmptyState.tsx
 create mode 100644 studio/src/components/shared/Field.tsx
 create mode 100644 studio/src/components/shared/Icons.tsx
 create mode 100644 studio/src/components/shared/LoadingState.tsx
 create mode 100644 studio/src/components/shared/PageHeader.tsx
 create mode 100644 studio/src/components/shared/SaveBar.tsx
 create mode 100644 studio/src/components/shared/Section.tsx
 create mode 100644 studio/src/components/shared/Skeleton.tsx
 create mode 100644 studio/src/components/shared/StatCard.tsx
 create mode 100644 studio/src/components/shared/index.ts
 create mode 100644 studio/src/components/ui/ActionMenu.tsx
 create mode 100644 studio/src/components/ui/Badge.tsx
 create mode 100644 studio/src/components/ui/Button.tsx
 create mode 100644 studio/src/components/ui/Dropdown.tsx
 create mode 100644 studio/src/components/ui/Input.tsx
 create mode 100644 studio/src/components/ui/Modal.tsx
 create mode 100644 studio/src/components/ui/Select.tsx
 create mode 100644 studio/src/components/ui/Tabs.tsx
 create mode 100644 studio/src/components/ui/Toast.tsx
 create mode 100644 studio/src/components/ui/Toggle.tsx
 create mode 100644 studio/src/components/ui/UsageIndicator.tsx
 create mode 100644 studio/src/components/ui/index.ts
 create mode 100644 studio/src/main.tsx
 create mode 100644 studio/src/pages/APIPage.tsx
 create mode 100644 studio/src/pages/AnalyticsPage.tsx
 create mode 100644 studio/src/pages/BillingPage.tsx
 create mode 100644 studio/src/pages/DataPage.tsx
 create mode 100644 studio/src/pages/DesignPage.preview.css
 create mode 100644 studio/src/pages/DesignPage.tsx
 create mode 100644 studio/src/pages/DomainPage.tsx
 create mode 100644 studio/src/pages/EngagementPage.tsx
 create mode 100644 studio/src/pages/GeneralPage.tsx
 create mode 100644 studio/src/pages/HomePage.tsx
 create mode 100644 studio/src/pages/MonetizationPage.tsx
 create mode 100644 studio/src/pages/PluginsPage.tsx
 create mode 100644 studio/src/pages/PostEditorPage.tsx
 create mode 100644 studio/src/pages/PostsPage.tsx
 create mode 100644 studio/src/pages/index.ts
 create mode 100644 studio/src/stores/analytics.ts
 create mode 100644 studio/src/stores/apiKeys.ts
 create mode 100644 studio/src/stores/app.ts
 create mode 100644 studio/src/stores/assets.ts
 create mode 100644 studio/src/stores/billing.ts
 create mode 100644 studio/src/stores/editor.ts
 create mode 100644 studio/src/stores/fetcher.ts
 create mode 100644 studio/src/stores/hooks.ts
 create mode 100644 studio/src/stores/index.ts
 create mode 100644 studio/src/stores/interactions.ts
 create mode 100644 studio/src/stores/plugins.ts
 create mode 100644 studio/src/stores/posts.ts
 create mode 100644 studio/src/stores/router.ts
 create mode 100644 studio/src/stores/secrets.ts
 create mode 100644 studio/src/stores/settings.ts
 create mode 100644 studio/src/stores/webhooks.ts
 create mode 100644 studio/src/types.ts
 create mode 100644 studio/tsconfig.json
 create mode 100644 studio/uno.config.ts
 create mode 100644 studio/vite.config.ts

diff --git a/.air.toml b/.air.toml
new file mode 100644
index 0000000..47b189c
--- /dev/null
+++ b/.air.toml
@@ -0,0 +1,24 @@
+root = "."
+tmp_dir = "tmp"
+
+[build]
+cmd = "go build -o ./tmp/writekit ."
+full_bin = "./tmp/writekit"
+include_ext = ["go", "html", "css", "js"]
+exclude_dir = ["tmp", "node_modules", "studio/node_modules", ".git"]
+exclude_regex = ["_test\\.go"]
+delay = 500
+poll = true
+poll_interval = 1000
+
+[log]
+time = false
+
+[color]
+main = "magenta"
+watcher = "cyan"
+build = "yellow"
+runner = "green"
+
+[misc]
+clean_on_exit = true
diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..43544e1
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,79 @@
+# =============================================================================
+# CORE (Required)
+# =============================================================================
+
+# PostgreSQL connection string
+DATABASE_URL=postgres://writekit:writekit@localhost:5432/writekit?sslmode=disable
+
+# Base domain for the platform (without protocol)
+DOMAIN=writekit.localhost
+
+# Full URL for OAuth callbacks and links
+BASE_URL=http://writekit.localhost
+
+# Session cookie encryption key (min 32 characters)
+SESSION_SECRET=change-this-to-a-random-32-char-string
+
+# =============================================================================
+# OAUTH (At least one required for login)
+# =============================================================================
+
+GITHUB_CLIENT_ID=
+GITHUB_CLIENT_SECRET=
+
+GOOGLE_CLIENT_ID=
+GOOGLE_CLIENT_SECRET=
+
+DISCORD_CLIENT_ID=
+DISCORD_CLIENT_SECRET=
+
+# =============================================================================
+# STORAGE (Optional - for image uploads)
+# =============================================================================
+
+R2_ACCOUNT_ID=
+R2_ACCESS_KEY_ID=
+R2_SECRET_ACCESS_KEY=
+R2_BUCKET=
+R2_PUBLIC_URL=
+# Custom endpoint (for MinIO/local dev, leave empty for R2)
+R2_ENDPOINT=
+
+# =============================================================================
+# ANALYTICS (Optional - for Cloudflare analytics)
+# =============================================================================
+
+# Cloudflare API token with Analytics read permission
+CLOUDFLARE_API_TOKEN=
+
+# Cloudflare Zone ID for your domain
+CLOUDFLARE_ZONE_ID=
+
+# =============================================================================
+# BILLING (Optional - for paid memberships)
+# =============================================================================
+
+# LemonSqueezy - https://app.lemonsqueezy.com/settings/api
+LEMON_API_KEY=
+LEMON_STORE_ID=
+LEMON_WEBHOOK_SECRET=
+
+# Wise (for payouts) - https://wise.com/settings/api-tokens
+WISE_API_KEY=
+WISE_PROFILE_ID=
+
+# Minimum balance before payout (in cents, default: 1000 = $10)
+PAYOUT_THRESHOLD_CENTS=1000
+
+# =============================================================================
+# SERVER (Optional)
+# =============================================================================
+
+# Server port (default: 8080)
+PORT=8080
+
+# SQLite data directory for tenant databases (default: ./data)
+DATA_DIR=./data
+
+# Environment: prod, staging, or dev (affects some behaviors)
+ENV=dev
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..6474fa2
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,13 @@
+writekit
+writekit.exe
+studio/dist/
+*.db
+*.db-wal
+*.db-shm
+.env
+node_modules/
+.idea/
+.vscode/
+*.swp
+
+tmp
diff --git a/.woodpecker.yml b/.woodpecker.yml
new file mode 100644
index 0000000..7a5b594
--- /dev/null
+++ b/.woodpecker.yml
@@ -0,0 +1,43 @@
+when:
+  branch: [main, dev]
+  event: push
+
+steps:
+  - name: test
+    image: golang:1.24-alpine
+    commands:
+      - go test ./...
+
+  - name: build
+    image: docker:27-cli
+    environment:
+      - DOCKER_HOST=unix:///var/run/docker.sock
+    commands:
+      - docker build -t 10.0.0.3:5000/writekit:${CI_COMMIT_BRANCH} .
+      - docker push 10.0.0.3:5000/writekit:${CI_COMMIT_BRANCH}
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+
+  - name: deploy-staging
+    image: alpine
+    when:
+      branch: dev
+    commands:
+      - apk add --no-cache openssh-client
+      - mkdir -p ~/.ssh
+      - cp /mnt/ssh/deploy_key ~/.ssh/id_ed25519
+      - cp /mnt/ssh/known_hosts ~/.ssh/known_hosts
+      - chmod 600 ~/.ssh/id_ed25519
+      - ssh deploy@10.0.0.2 "cd /opt/writekit && docker compose pull writekit-staging && docker compose up -d writekit-staging"
+
+  - name: deploy-prod
+    image: alpine
+    when:
+      branch: main
+    commands:
+      - apk add --no-cache openssh-client
+      - mkdir -p ~/.ssh
+      - cp /mnt/ssh/deploy_key ~/.ssh/id_ed25519
+      - cp /mnt/ssh/known_hosts ~/.ssh/known_hosts
+      - chmod 600 ~/.ssh/id_ed25519
+      - ssh deploy@10.0.0.2 "cd /opt/writekit && docker compose pull writekit-prod && docker compose up -d writekit-prod"
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..b4bb6ed
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,22 @@
+FROM node:22-alpine AS studio
+WORKDIR /app/studio
+COPY studio/package*.json ./
+RUN npm ci
+COPY studio/ ./
+RUN npm run build
+
+FROM golang:1.23-alpine AS builder
+WORKDIR /app
+COPY go.mod go.sum ./
+RUN go mod download
+COPY . .
+COPY --from=studio /app/studio/dist ./studio/dist
+RUN CGO_ENABLED=0 go build -o writekit .
+
+FROM alpine:3.21
+RUN apk add --no-cache ca-certificates
+WORKDIR /app
+COPY --from=builder /app/writekit .
+COPY --from=builder /app/internal/db/migrations ./internal/db/migrations
+EXPOSE 8080
+CMD ["./writekit"]
diff --git a/MONETIZATION.md b/MONETIZATION.md
new file mode 100644
index 0000000..007b343
--- /dev/null
+++ b/MONETIZATION.md
@@ -0,0 +1,121 @@
+# WriteKit Monetization
+
+## Tiers
+
+| Tier | Price | Billing |
+|------|-------|---------|
+| Free | $0 | - |
+| Pro | $5/mo or $49/year | Lemon Squeezy |
+
+## Feature Matrix
+
+| Feature | Free | Pro |
+|---------|------|-----|
+| Subdomain (you.writekit.dev) | Yes | Yes |
+| Custom domain | No | Yes |
+| "Powered by WriteKit" badge | Required | Hidden |
+| Analytics retention | 7 days | 90 days |
+| API requests | 100/hour | 1000/hour |
+| Webhooks | 3 endpoints | 10 endpoints |
+| Webhook deliveries | 100/day | 1000/day |
+| Plugins | 3 max | 10 max |
+| Plugin executions | 1000/day | 10000/day |
+| Posts | Unlimited | Unlimited |
+| Assets | Unlimited | Unlimited |
+| Comments/Reactions | Unlimited | Unlimited |
+
+## Upgrade Triggers
+
+1. **Custom domain** - Primary trigger, most valuable to users
+2. **Remove badge** - Secondary, vanity upgrade
+3. **Analytics depth** - 7 days feels limiting for serious bloggers
+4. **Rate limits** - For power users/headless CMS use case
+
+## Positioning
+
+**Tagline:** "Your blog, your domain, your data."
+
+**Key messages:**
+- No paywalls, no algorithms, no surprises
+- 70% cheaper than Ghost ($5 vs $18/mo)
+- Own your content, export anytime
+- API-first, developer-friendly
+
+## Implementation
+
+### Backend Config
+
+```go
+// internal/config/tiers.go
+type Tier string
+
+const (
+    TierFree Tier = "free"
+    TierPro  Tier = "pro"
+)
+
+type TierConfig struct {
+    Price              int           // cents/month
+    AnnualPrice        int           // cents/year
+    CustomDomain       bool
+    BadgeRequired      bool
+    AnalyticsRetention int           // days
+    APIRateLimit       int           // requests/hour
+    MaxWebhooks        int
+    WebhookDeliveries  int           // per day
+    MaxPlugins         int
+    PluginExecutions   int           // per day
+}
+
+var Tiers = map[Tier]TierConfig{
+    TierFree: {
+        Price:              0,
+        AnnualPrice:        0,
+        CustomDomain:       false,
+        BadgeRequired:      true,
+        AnalyticsRetention: 7,
+        APIRateLimit:       100,
+        MaxWebhooks:        3,
+        WebhookDeliveries:  100,
+        MaxPlugins:         3,
+        PluginExecutions:   1000,
+    },
+    TierPro: {
+        Price:              500,  // $5
+        AnnualPrice:        4900, // $49
+        CustomDomain:       true,
+        BadgeRequired:      false,
+        AnalyticsRetention: 90,
+        APIRateLimit:       1000,
+        MaxWebhooks:        10,
+        WebhookDeliveries:  1000,
+        MaxPlugins:         10,
+        PluginExecutions:   10000,
+    },
+}
+```
+
+### Database
+
+Add to `tenants` table:
+```sql
+tier TEXT NOT NULL DEFAULT 'free'
+```
+
+### Frontend
+
+Update `BillingPage.tsx` with:
+- Current plan display
+- Feature comparison
+- Upgrade button → Lemon Squeezy checkout
+
+### Enforcement Points
+
+| Feature | File | Check |
+|---------|------|-------|
+| Custom domain | `server/domain.go` | Block if tier != pro |
+| Badge | Blog templates | Show if tier == free |
+| Analytics | `tenant/analytics.go` | Filter by retention days |
+| API rate limit | `server/middleware.go` | Rate limiter per tier |
+| Webhooks count | `tenant/webhooks.go` | Check on create |
+| Plugins count | `tenant/plugins.go` | Check on create |
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..ae20054
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,22 @@
+.PHONY: dev build test clean studio
+
+dev:
+	go run ./cmd/writekit
+
+build: studio
+	go build -o writekit ./cmd/writekit
+
+test:
+	go test ./...
+
+clean:
+	rm -f writekit
+	rm -rf dist/studio
+
+studio:
+	cd studio && bun install && bun run build
+	mkdir -p dist/studio
+	cp -r studio/dist/* dist/studio/
+
+docker:
+	docker build -t writekit:local .
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..c77669c
--- /dev/null
+++ b/README.md
@@ -0,0 +1,61 @@
+# WriteKit - Local Development
+
+## Prerequisites
+- Docker & Docker Compose
+- GitHub OAuth App (for login)
+
+## Setup GitHub OAuth
+1. Go to https://github.com/settings/developers
+2. New OAuth App:
+   - Name: `WriteKit Local`
+   - Homepage: `http://writekit.lvh.me`
+   - Callback: `http://writekit.lvh.me/auth/github/callback`
+3. Copy Client ID and Secret
+
+## Run
+```bash
+# Set OAuth credentials
+export GITHUB_CLIENT_ID=your_client_id
+export GITHUB_CLIENT_SECRET=your_client_secret
+
+# Start
+docker compose up --build
+```
+
+Or create `.env` file:
+```
+GITHUB_CLIENT_ID=your_client_id
+GITHUB_CLIENT_SECRET=your_client_secret
+```
+
+## Access
+- **Platform**: http://writekit.lvh.me
+- **Traefik dashboard**: http://localhost:8080
+- **MinIO console**: http://localhost:9001 (minioadmin/minioadmin)
+
+## Create a demo
+```bash
+curl -X POST http://writekit.lvh.me/api/demo
+```
+Returns subdomain like `demo-abc123.writekit.lvh.me` - works automatically, no hosts file needed.
+
+## Environment Variables
+
+### Required
+| Variable | Description |
+|----------|-------------|
+| `DATABASE_URL` | PostgreSQL connection string |
+| `DOMAIN` | Base domain |
+| `BASE_URL` | Full URL for OAuth callbacks |
+| `SESSION_SECRET` | Cookie encryption (32+ chars) |
+| `GITHUB_CLIENT_ID` | GitHub OAuth client ID |
+| `GITHUB_CLIENT_SECRET` | GitHub OAuth secret |
+
+### Optional
+| Variable | Description |
+|----------|-------------|
+| `GOOGLE_CLIENT_ID/SECRET` | Google OAuth |
+| `DISCORD_CLIENT_ID/SECRET` | Discord OAuth |
+| `R2_*` | Cloudflare R2 storage |
+| `IMAGINARY_URL` | Image processing service |
+| `CLOUDFLARE_API_TOKEN/ZONE_ID` | Analytics |
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..f236df9
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,119 @@
+services:
+  traefik:
+    image: traefik:v3.2
+    command:
+      - --api.insecure=true
+      - --providers.docker=true
+      - --providers.docker.exposedbydefault=false
+      - --entrypoints.web.address=:80
+    ports:
+      - "80:80"
+      - "8888:8080"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+
+  postgres:
+    image: postgres:16-alpine
+    environment:
+      POSTGRES_USER: writekit
+      POSTGRES_PASSWORD: writekit
+      POSTGRES_DB: writekit
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U writekit"]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+
+  imaginary:
+    image: h2non/imaginary:latest
+    command: -enable-url-source=false -max-allowed-size=15728640
+
+  minio:
+    image: minio/minio:latest
+    command: server /data --console-address ":9001"
+    environment:
+      MINIO_ROOT_USER: minioadmin
+      MINIO_ROOT_PASSWORD: minioadmin
+    ports:
+      - "9000:9000"
+      - "9001:9001"
+    volumes:
+      - minio_data:/data
+
+  minio-init:
+    image: minio/mc:latest
+    depends_on:
+      - minio
+    entrypoint: >
+      /bin/sh -c "
+      sleep 2;
+      mc alias set local http://minio:9000 minioadmin minioadmin;
+      mc mb local/writekit --ignore-existing;
+      mc anonymous set download local/writekit;
+      exit 0;
+      "
+
+  vite:
+    image: node:20-alpine
+    working_dir: /app/studio
+    environment:
+      - CHOKIDAR_USEPOLLING=true
+      - CHOKIDAR_INTERVAL=100
+    command: sh -c "npm install && npm run dev -- --host"
+    volumes:
+      - ./studio:/app/studio
+      - vite_node_modules:/app/studio/node_modules
+
+  app:
+    image: cosmtrek/air
+    working_dir: /app
+    depends_on:
+      postgres:
+        condition: service_healthy
+    environment:
+      air_wd: /app
+      ENV: local
+      VITE_URL: http://vite:5173
+      DATABASE_URL: postgres://writekit:writekit@postgres:5432/writekit?sslmode=disable
+      DOMAIN: writekit.lvh.me
+      BASE_URL: http://writekit.lvh.me
+      DATA_DIR: /data
+      SESSION_SECRET: dev-secret-change-in-prod-must-be-32-chars
+      IMAGINARY_URL: http://imaginary:9000
+      R2_ACCOUNT_ID: local
+      R2_ACCESS_KEY_ID: minioadmin
+      R2_SECRET_ACCESS_KEY: minioadmin
+      R2_BUCKET: writekit
+      R2_PUBLIC_URL: http://localhost:9000/writekit
+      R2_ENDPOINT: http://minio:9000
+      GITHUB_CLIENT_ID: ${GITHUB_CLIENT_ID:-}
+      GITHUB_CLIENT_SECRET: ${GITHUB_CLIENT_SECRET:-}
+      JARVIS_URL: http://jarvis:8090
+    volumes:
+      - .:/app
+      - app_data:/data
+      - go_mod:/go/pkg/mod
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.app.rule=HostRegexp(`writekit.lvh.me`) || HostRegexp(`{subdomain:[a-z0-9-]+}.writekit.lvh.me`)
+      - traefik.http.routers.app.entrypoints=web
+      - traefik.http.services.app.loadbalancer.server.port=8080
+
+  jarvis:
+    build:
+      context: ../jarvis
+    ports:
+      - "8090:8090"
+      - "9999:9999"
+    environment:
+      PORT: "8090"
+      LSP_PORT: "9999"
+
+volumes:
+  postgres_data:
+  minio_data:
+  app_data:
+  go_mod:
+  vite_node_modules:
diff --git a/go.mod b/go.mod
new file mode 100644
index 0000000..74e7d3a
--- /dev/null
+++ b/go.mod
@@ -0,0 +1,67 @@
+module github.com/writekitapp/writekit
+
+go 1.24.0
+
+toolchain go1.24.2
+
+require (
+	github.com/alecthomas/chroma/v2 v2.21.1
+	github.com/aws/aws-sdk-go-v2 v1.32.2
+	github.com/aws/aws-sdk-go-v2/config v1.28.0
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.41
+	github.com/aws/aws-sdk-go-v2/service/s3 v1.65.0
+	github.com/extism/go-sdk v1.7.1
+	github.com/go-chi/chi/v5 v5.1.0
+	github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0
+	github.com/google/uuid v1.6.0
+	github.com/gorilla/websocket v1.5.3
+	github.com/jackc/pgx/v5 v5.7.1
+	github.com/yuin/goldmark v1.7.13
+	github.com/yuin/goldmark-emoji v1.0.6
+	github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc
+	golang.org/x/image v0.34.0
+	modernc.org/sqlite v1.34.0
+)
+
+require (
+	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.6 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.17 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.21 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.21 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.19 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.0 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.0 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.24.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.32.2 // indirect
+	github.com/aws/smithy-go v1.22.0 // indirect
+	github.com/dlclark/regexp2 v1.11.5 // indirect
+	github.com/dustin/go-humanize v1.0.1 // indirect
+	github.com/dylibso/observe-sdk/go v0.0.0-20240819160327-2d926c5d788a // indirect
+	github.com/gobwas/glob v0.2.3 // indirect
+	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
+	github.com/ianlancetaylor/demangle v0.0.0-20240805132620-81f5be970eca // indirect
+	github.com/jackc/pgpassfile v1.0.0 // indirect
+	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
+	github.com/jackc/puddle/v2 v2.2.2 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/ncruces/go-strftime v0.1.9 // indirect
+	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
+	github.com/tetratelabs/wabin v0.0.0-20230304001439-f6f874872834 // indirect
+	github.com/tetratelabs/wazero v1.9.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.3.1 // indirect
+	golang.org/x/crypto v0.27.0 // indirect
+	golang.org/x/sync v0.19.0 // indirect
+	golang.org/x/sys v0.25.0 // indirect
+	golang.org/x/text v0.32.0 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
+	modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6 // indirect
+	modernc.org/libc v1.55.3 // indirect
+	modernc.org/mathutil v1.6.0 // indirect
+	modernc.org/memory v1.8.0 // indirect
+	modernc.org/strutil v1.2.0 // indirect
+	modernc.org/token v1.1.0 // indirect
+)
diff --git a/go.sum b/go.sum
new file mode 100644
index 0000000..68013e5
--- /dev/null
+++ b/go.sum
@@ -0,0 +1,160 @@
+github.com/alecthomas/assert/v2 v2.11.0 h1:2Q9r3ki8+JYXvGsDyBXwH3LcJ+WK5D0gc5E8vS6K3D0=
+github.com/alecthomas/assert/v2 v2.11.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
+github.com/alecthomas/chroma/v2 v2.2.0/go.mod h1:vf4zrexSH54oEjJ7EdB65tGNHmH3pGZmVkgTP5RHvAs=
+github.com/alecthomas/chroma/v2 v2.21.1 h1:FaSDrp6N+3pphkNKU6HPCiYLgm8dbe5UXIXcoBhZSWA=
+github.com/alecthomas/chroma/v2 v2.21.1/go.mod h1:NqVhfBR0lte5Ouh3DcthuUCTUpDC9cxBOfyMbMQPs3o=
+github.com/alecthomas/repr v0.0.0-20220113201626-b1b626ac65ae/go.mod h1:2kn6fqh/zIyPLmm3ugklbEi5hg5wS435eygvNfaDQL8=
+github.com/alecthomas/repr v0.5.2 h1:SU73FTI9D1P5UNtvseffFSGmdNci/O6RsqzeXJtP0Qs=
+github.com/alecthomas/repr v0.5.2/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4=
+github.com/aws/aws-sdk-go-v2 v1.32.2 h1:AkNLZEyYMLnx/Q/mSKkcMqwNFXMAvFto9bNsHqcTduI=
+github.com/aws/aws-sdk-go-v2 v1.32.2/go.mod h1:2SK5n0a2karNTv5tbP1SjsX0uhttou00v/HpXKM1ZUo=
+github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.6 h1:pT3hpW0cOHRJx8Y0DfJUEQuqPild8jRGmSFmBgvydr0=
+github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.6/go.mod h1:j/I2++U0xX+cr44QjHay4Cvxj6FUbnxrgmqN3H1jTZA=
+github.com/aws/aws-sdk-go-v2/config v1.28.0 h1:FosVYWcqEtWNxHn8gB/Vs6jOlNwSoyOCA/g/sxyySOQ=
+github.com/aws/aws-sdk-go-v2/config v1.28.0/go.mod h1:pYhbtvg1siOOg8h5an77rXle9tVG8T+BWLWAo7cOukc=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.41 h1:7gXo+Axmp+R4Z+AK8YFQO0ZV3L0gizGINCOWxSLY9W8=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.41/go.mod h1:u4Eb8d3394YLubphT4jLEwN1rLNq2wFOlT6OuxFwPzU=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.17 h1:TMH3f/SCAWdNtXXVPPu5D6wrr4G5hI1rAxbcocKfC7Q=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.17/go.mod h1:1ZRXLdTpzdJb9fwTMXiLipENRxkGMTn1sfKexGllQCw=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.21 h1:UAsR3xA31QGf79WzpG/ixT9FZvQlh5HY1NRqSHBNOCk=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.21/go.mod h1:JNr43NFf5L9YaG3eKTm7HQzls9J+A9YYcGI5Quh1r2Y=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.21 h1:6jZVETqmYCadGFvrYEQfC5fAQmlo80CeL5psbno6r0s=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.21/go.mod h1:1SR0GbLlnN3QUmYaflZNiH1ql+1qrSiB2vwcJ+4UM60=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc=
+github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.19 h1:FKdiFzTxlTRO71p0C7VrLbkkdW8qfMKF5+ej6bTmkT0=
+github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.19/go.mod h1:abO3pCj7WLQPTllnSeYImqFfkGrmJV0JovWo/gqT5N0=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0 h1:TToQNkvGguu209puTojY/ozlqy2d/SFNcoLIqTFi42g=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0/go.mod h1:0jp+ltwkf+SwG2fm/PKo8t4y8pJSgOCO4D8Lz3k0aHQ=
+github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.0 h1:FQNWhRuSq8QwW74GtU0MrveNhZbqvHsA4dkA9w8fTDQ=
+github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.0/go.mod h1:j/zZ3zmWfGCK91K73YsfHP53BSTLSjL/y6YN39XbBLM=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.2 h1:s7NA1SOw8q/5c0wr8477yOPp0z+uBaXBnLE0XYb0POA=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.2/go.mod h1:fnjjWyAW/Pj5HYOxl9LJqWtEwS7W2qgcRLWP+uWbss0=
+github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.0 h1:1NKXS8XfhMM0bg5wVYa/eOH8AM2f6JijugbKEyQFTIg=
+github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.0/go.mod h1:ph931DUfVfgrhZR7py9olSvHCiRpvaGxNvlWBcXxFds=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.65.0 h1:2dSm7frMrw2tdJ0QvyccQNJyPGaP24dyDgZ6h1QJMGU=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.65.0/go.mod h1:4XSVpw66upN8wND3JZA29eXl2NOZvfFVq7DIP6xvfuQ=
+github.com/aws/aws-sdk-go-v2/service/sso v1.24.2 h1:bSYXVyUzoTHoKalBmwaZxs97HU9DWWI3ehHSAMa7xOk=
+github.com/aws/aws-sdk-go-v2/service/sso v1.24.2/go.mod h1:skMqY7JElusiOUjMJMOv1jJsP7YUg7DrhgqZZWuzu1U=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.2 h1:AhmO1fHINP9vFYUE0LHzCWg/LfUWUF+zFPEcY9QXb7o=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.2/go.mod h1:o8aQygT2+MVP0NaV6kbdE1YnnIM8RRVQzoeUH45GOdI=
+github.com/aws/aws-sdk-go-v2/service/sts v1.32.2 h1:CiS7i0+FUe+/YY1GvIBLLrR/XNGZ4CtM1Ll0XavNuVo=
+github.com/aws/aws-sdk-go-v2/service/sts v1.32.2/go.mod h1:HtaiBI8CjYoNVde8arShXb94UbQQi9L4EMr6D+xGBwo=
+github.com/aws/smithy-go v1.22.0 h1:uunKnWlcoL3zO7q+gG2Pk53joueEOsnNB28QdMsmiMM=
+github.com/aws/smithy-go v1.22.0/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dlclark/regexp2 v1.4.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc=
+github.com/dlclark/regexp2 v1.7.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
+github.com/dlclark/regexp2 v1.11.5 h1:Q/sSnsKerHeCkc/jSTNq1oCm7KiVgUMZRDUoRu0JQZQ=
+github.com/dlclark/regexp2 v1.11.5/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
+github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
+github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
+github.com/dylibso/observe-sdk/go v0.0.0-20240819160327-2d926c5d788a h1:UwSIFv5g5lIvbGgtf3tVwC7Ky9rmMFBp0RMs+6f6YqE=
+github.com/dylibso/observe-sdk/go v0.0.0-20240819160327-2d926c5d788a/go.mod h1:C8DzXehI4zAbrdlbtOByKX6pfivJTBiV9Jjqv56Yd9Q=
+github.com/extism/go-sdk v1.7.1 h1:lWJos6uY+tRFdlIHR+SJjwFDApY7OypS/2nMhiVQ9Sw=
+github.com/extism/go-sdk v1.7.1/go.mod h1:IT+Xdg5AZM9hVtpFUA+uZCJMge/hbvshl8bwzLtFyKA=
+github.com/go-chi/chi/v5 v5.1.0 h1:acVI1TYaD+hhedDJ3r54HyA6sExp3HfXq7QWEEY/xMw=
+github.com/go-chi/chi/v5 v5.1.0/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
+github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y=
+github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8=
+github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 h1:DACJavvAHhabrF08vX0COfcOBJRhZ8lUbR+ZWIs0Y5g=
+github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
+github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd h1:gbpYu9NMq8jhDVbvlGkMFWCjLFlqqEZjEmObmhUy6Vo=
+github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
+github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
+github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
+github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM=
+github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg=
+github.com/ianlancetaylor/demangle v0.0.0-20240805132620-81f5be970eca h1:T54Ema1DU8ngI+aef9ZhAhNGQhcRTrWxVeG07F+c/Rw=
+github.com/ianlancetaylor/demangle v0.0.0-20240805132620-81f5be970eca/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw=
+github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
+github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
+github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
+github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
+github.com/jackc/pgx/v5 v5.7.1 h1:x7SYsPBYDkHDksogeSmZZ5xzThcTgRz++I5E+ePFUcs=
+github.com/jackc/pgx/v5 v5.7.1/go.mod h1:e7O26IywZZ+naJtWWos6i6fvWK+29etgITqrqHLfoZA=
+github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
+github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4=
+github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
+github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/tetratelabs/wabin v0.0.0-20230304001439-f6f874872834 h1:ZF+QBjOI+tILZjBaFj3HgFonKXUcwgJ4djLb6i42S3Q=
+github.com/tetratelabs/wabin v0.0.0-20230304001439-f6f874872834/go.mod h1:m9ymHTgNSEjuxvw8E7WWe4Pl4hZQHXONY8wE6dMLaRk=
+github.com/tetratelabs/wazero v1.9.0 h1:IcZ56OuxrtaEz8UYNRHBrUa9bYeX9oVY93KspZZBf/I=
+github.com/tetratelabs/wazero v1.9.0/go.mod h1:TSbcXCfFP0L2FGkRPxHphadXPjo1T6W+CseNNY7EkjM=
+github.com/yuin/goldmark v1.4.15/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+github.com/yuin/goldmark v1.7.13 h1:GPddIs617DnBLFFVJFgpo1aBfe/4xcvMc3SB5t/D0pA=
+github.com/yuin/goldmark v1.7.13/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Brc7iBKg=
+github.com/yuin/goldmark-emoji v1.0.6 h1:QWfF2FYaXwL74tfGOW5izeiZepUDroDJfWubQI9HTHs=
+github.com/yuin/goldmark-emoji v1.0.6/go.mod h1:ukxJDKFpdFb5x0a5HqbdlcKtebh086iJpI31LTKmWuA=
+github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc h1:+IAOyRda+RLrxa1WC7umKOZRsGq4QrFFMYApOeHzQwQ=
+github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc/go.mod h1:ovIvrum6DQJA4QsJSovrkC4saKHQVs7TvcaeO8AIl5I=
+go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0=
+go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8=
+golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
+golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
+golang.org/x/image v0.34.0 h1:33gCkyw9hmwbZJeZkct8XyR11yH889EQt/QH4VmXMn8=
+golang.org/x/image v0.34.0/go.mod h1:2RNFBZRB+vnwwFil8GkMdRvrJOFd1AzdZI6vOY+eJVU=
+golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk=
+golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc=
+golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
+golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
+golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
+golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
+golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ=
+golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
+google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+modernc.org/cc/v4 v4.21.4 h1:3Be/Rdo1fpr8GrQ7IVw9OHtplU4gWbb+wNgeoBMmGLQ=
+modernc.org/cc/v4 v4.21.4/go.mod h1:HM7VJTZbUCR3rV8EYBi9wxnJ0ZBRiGE5OeGXNA0IsLQ=
+modernc.org/ccgo/v4 v4.19.2 h1:lwQZgvboKD0jBwdaeVCTouxhxAyN6iawF3STraAal8Y=
+modernc.org/ccgo/v4 v4.19.2/go.mod h1:ysS3mxiMV38XGRTTcgo0DQTeTmAO4oCmJl1nX9VFI3s=
+modernc.org/fileutil v1.3.0 h1:gQ5SIzK3H9kdfai/5x41oQiKValumqNTDXMvKo62HvE=
+modernc.org/fileutil v1.3.0/go.mod h1:XatxS8fZi3pS8/hKG2GH/ArUogfxjpEKs3Ku3aK4JyQ=
+modernc.org/gc/v2 v2.4.1 h1:9cNzOqPyMJBvrUipmynX0ZohMhcxPtMccYgGOJdOiBw=
+modernc.org/gc/v2 v2.4.1/go.mod h1:wzN5dK1AzVGoH6XOzc3YZ+ey/jPgYHLuVckd62P0GYU=
+modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6 h1:5D53IMaUuA5InSeMu9eJtlQXS2NxAhyWQvkKEgXZhHI=
+modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6/go.mod h1:Qz0X07sNOR1jWYCrJMEnbW/X55x206Q7Vt4mz6/wHp4=
+modernc.org/libc v1.55.3 h1:AzcW1mhlPNrRtjS5sS+eW2ISCgSOLLNyFzRh/V3Qj/U=
+modernc.org/libc v1.55.3/go.mod h1:qFXepLhz+JjFThQ4kzwzOjA/y/artDeg+pcYnY+Q83w=
+modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4=
+modernc.org/mathutil v1.6.0/go.mod h1:Ui5Q9q1TR2gFm0AQRqQUaBWFLAhQpCwNcuhBOSedWPo=
+modernc.org/memory v1.8.0 h1:IqGTL6eFMaDZZhEWwcREgeMXYwmW83LYW8cROZYkg+E=
+modernc.org/memory v1.8.0/go.mod h1:XPZ936zp5OMKGWPqbD3JShgd/ZoQ7899TUuQqxY+peU=
+modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
+modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
+modernc.org/sortutil v1.2.0 h1:jQiD3PfS2REGJNzNCMMaLSp/wdMNieTbKX920Cqdgqc=
+modernc.org/sortutil v1.2.0/go.mod h1:TKU2s7kJMf1AE84OoiGppNHJwvB753OYfNl2WRb++Ss=
+modernc.org/sqlite v1.34.0 h1:wnIcc4XIGoWVkM9qGKn2PARAmpXsQWGebuOVOBYZZVY=
+modernc.org/sqlite v1.34.0/go.mod h1:pXV2xHxhzXZsgT/RtTFAPY6JJDEvOTcTdwADQCCWD4k=
+modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA=
+modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0=
+modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
+modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
diff --git a/internal/auth/middleware.go b/internal/auth/middleware.go
new file mode 100644
index 0000000..f70e920
--- /dev/null
+++ b/internal/auth/middleware.go
@@ -0,0 +1,54 @@
+package auth
+
+import (
+	"context"
+	"net/http"
+	"strings"
+
+	"github.com/writekitapp/writekit/internal/db"
+)
+
+type ctxKey string
+
+const userIDKey ctxKey = "userID"
+
+func SessionMiddleware(database *db.DB) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			token := extractToken(r)
+			if token == "" {
+				http.Error(w, "unauthorized", http.StatusUnauthorized)
+				return
+			}
+
+			session, err := database.ValidateSession(r.Context(), token)
+			if err != nil || session == nil {
+				http.Error(w, "unauthorized", http.StatusUnauthorized)
+				return
+			}
+
+			ctx := context.WithValue(r.Context(), userIDKey, session.UserID)
+			next.ServeHTTP(w, r.WithContext(ctx))
+		})
+	}
+}
+
+func GetUserID(r *http.Request) string {
+	if id, ok := r.Context().Value(userIDKey).(string); ok {
+		return id
+	}
+	return ""
+}
+
+func extractToken(r *http.Request) string {
+	if cookie, err := r.Cookie("writekit_session"); err == nil && cookie.Value != "" {
+		return cookie.Value
+	}
+
+	auth := r.Header.Get("Authorization")
+	if strings.HasPrefix(auth, "Bearer ") {
+		return strings.TrimPrefix(auth, "Bearer ")
+	}
+
+	return r.URL.Query().Get("token")
+}
diff --git a/internal/auth/oauth.go b/internal/auth/oauth.go
new file mode 100644
index 0000000..890acae
--- /dev/null
+++ b/internal/auth/oauth.go
@@ -0,0 +1,535 @@
+package auth
+
+import (
+	"context"
+	"crypto/hmac"
+	"crypto/sha256"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"io"
+	"log/slog"
+	"net/http"
+	"net/url"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/go-chi/chi/v5"
+	"github.com/writekitapp/writekit/internal/db"
+)
+
+type Handler struct {
+	database      *db.DB
+	sessionSecret []byte
+	baseURL       string
+	providers     map[string]provider
+}
+
+type provider struct {
+	Name         string
+	ClientID     string
+	ClientSecret string
+	AuthURL      string
+	TokenURL     string
+	UserInfoURL  string
+	Scopes       []string
+}
+
+type oauthToken struct {
+	AccessToken string `json:"access_token"`
+}
+
+type oauthState struct {
+	Provider  string `json:"p"`
+	TenantID  string `json:"t,omitempty"`
+	Redirect  string `json:"r,omitempty"`
+	Callback  string `json:"c,omitempty"`
+	Timestamp int64  `json:"ts"`
+}
+
+type userInfo struct {
+	ID        string
+	Email     string
+	Name      string
+	AvatarURL string
+}
+
+func NewHandler(database *db.DB) *Handler {
+	baseURL := os.Getenv("BASE_URL")
+	if baseURL == "" {
+		baseURL = "https://writekit.dev"
+	}
+
+	secret := os.Getenv("SESSION_SECRET")
+	if secret == "" {
+		secret = "dev-secret-change-in-production"
+	}
+
+	h := &Handler{
+		database:      database,
+		sessionSecret: []byte(secret),
+		baseURL:       baseURL,
+		providers:     make(map[string]provider),
+	}
+
+	if id := os.Getenv("GOOGLE_CLIENT_ID"); id != "" {
+		h.providers["google"] = provider{
+			Name:         "Google",
+			ClientID:     id,
+			ClientSecret: os.Getenv("GOOGLE_CLIENT_SECRET"),
+			AuthURL:      "https://accounts.google.com/o/oauth2/v2/auth",
+			TokenURL:     "https://oauth2.googleapis.com/token",
+			UserInfoURL:  "https://www.googleapis.com/oauth2/v2/userinfo",
+			Scopes:       []string{"email", "profile"},
+		}
+	}
+
+	if id := os.Getenv("GITHUB_CLIENT_ID"); id != "" {
+		h.providers["github"] = provider{
+			Name:         "GitHub",
+			ClientID:     id,
+			ClientSecret: os.Getenv("GITHUB_CLIENT_SECRET"),
+			AuthURL:      "https://github.com/login/oauth/authorize",
+			TokenURL:     "https://github.com/login/oauth/access_token",
+			UserInfoURL:  "https://api.github.com/user",
+			Scopes:       []string{"user:email"},
+		}
+	}
+
+	if id := os.Getenv("DISCORD_CLIENT_ID"); id != "" {
+		h.providers["discord"] = provider{
+			Name:         "Discord",
+			ClientID:     id,
+			ClientSecret: os.Getenv("DISCORD_CLIENT_SECRET"),
+			AuthURL:      "https://discord.com/api/oauth2/authorize",
+			TokenURL:     "https://discord.com/api/oauth2/token",
+			UserInfoURL:  "https://discord.com/api/users/@me",
+			Scopes:       []string{"identify", "email"},
+		}
+	}
+
+	return h
+}
+
+func (h *Handler) Routes() chi.Router {
+	r := chi.NewRouter()
+	r.Get("/google", h.initiate)
+	r.Get("/github", h.initiate)
+	r.Get("/discord", h.initiate)
+	r.Get("/callback", h.callback)
+	r.Get("/validate", h.validate)
+	r.Get("/user", h.user)
+	r.Get("/providers", h.listProviders)
+	r.Post("/logout", h.logout)
+	return r
+}
+
+func (h *Handler) initiate(w http.ResponseWriter, r *http.Request) {
+	providerName := strings.TrimPrefix(r.URL.Path, "/auth/")
+	if _, ok := h.providers[providerName]; !ok {
+		http.Error(w, "unknown provider", http.StatusBadRequest)
+		return
+	}
+
+	p := h.providers[providerName]
+	state := oauthState{
+		Provider:  providerName,
+		TenantID:  r.URL.Query().Get("tenant"),
+		Redirect:  r.URL.Query().Get("redirect"),
+		Callback:  r.URL.Query().Get("callback"),
+		Timestamp: time.Now().Unix(),
+	}
+
+	stateStr, err := h.encodeState(state)
+	if err != nil {
+		slog.Error("encode state", "error", err)
+		http.Error(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+
+	authURL := fmt.Sprintf("%s?client_id=%s&redirect_uri=%s&response_type=code&scope=%s&state=%s",
+		p.AuthURL,
+		url.QueryEscape(p.ClientID),
+		url.QueryEscape(h.baseURL+"/auth/callback"),
+		url.QueryEscape(strings.Join(p.Scopes, " ")),
+		url.QueryEscape(stateStr),
+	)
+
+	if providerName == "discord" {
+		authURL += "&prompt=consent"
+	}
+
+	http.Redirect(w, r, authURL, http.StatusTemporaryRedirect)
+}
+
+func (h *Handler) callback(w http.ResponseWriter, r *http.Request) {
+	code := r.URL.Query().Get("code")
+	stateStr := r.URL.Query().Get("state")
+
+	if code == "" || stateStr == "" {
+		http.Error(w, "missing code or state", http.StatusBadRequest)
+		return
+	}
+
+	state, err := h.decodeState(stateStr)
+	if err != nil {
+		slog.Error("decode state", "error", err)
+		http.Error(w, "invalid state", http.StatusBadRequest)
+		return
+	}
+
+	if time.Now().Unix()-state.Timestamp > 600 {
+		http.Error(w, "state expired", http.StatusBadRequest)
+		return
+	}
+
+	p, ok := h.providers[state.Provider]
+	if !ok {
+		http.Error(w, "unknown provider", http.StatusBadRequest)
+		return
+	}
+
+	token, err := h.exchangeCode(r.Context(), p, code)
+	if err != nil {
+		slog.Error("exchange code", "error", err)
+		http.Error(w, "auth failed", http.StatusInternalServerError)
+		return
+	}
+
+	info, err := h.getUserInfo(r.Context(), p, state.Provider, token)
+	if err != nil {
+		slog.Error("get user info", "error", err)
+		http.Error(w, "failed to get user info", http.StatusInternalServerError)
+		return
+	}
+
+	user, err := h.findOrCreateUser(r.Context(), state.Provider, info)
+	if err != nil {
+		slog.Error("find or create user", "error", err)
+		http.Error(w, "failed to create user", http.StatusInternalServerError)
+		return
+	}
+
+	session, err := h.database.CreateSession(r.Context(), user.ID)
+	if err != nil {
+		slog.Error("create session", "error", err)
+		http.Error(w, "failed to create session", http.StatusInternalServerError)
+		return
+	}
+
+	if state.Callback != "" {
+		callbackURL := state.Callback
+		if strings.Contains(callbackURL, "?") {
+			callbackURL += "&token=" + session.Token
+		} else {
+			callbackURL += "?token=" + session.Token
+		}
+		http.Redirect(w, r, callbackURL, http.StatusTemporaryRedirect)
+		return
+	}
+
+	redirect := state.Redirect
+	if redirect == "" || !strings.HasPrefix(redirect, "/") || strings.HasPrefix(redirect, "//") {
+		redirect = "/"
+	}
+
+	http.SetCookie(w, &http.Cookie{
+		Name:     "writekit_session",
+		Value:    session.Token,
+		Path:     "/",
+		Expires:  session.ExpiresAt,
+		HttpOnly: true,
+		SameSite: http.SameSiteLaxMode,
+		Secure:   !strings.Contains(h.baseURL, "localhost"),
+	})
+
+	http.Redirect(w, r, redirect, http.StatusTemporaryRedirect)
+}
+
+func (h *Handler) validate(w http.ResponseWriter, r *http.Request) {
+	token := r.URL.Query().Get("token")
+	if token == "" {
+		http.Error(w, "missing token", http.StatusBadRequest)
+		return
+	}
+
+	session, err := h.database.ValidateSession(r.Context(), token)
+	if err != nil {
+		http.Error(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+	if session == nil {
+		http.Error(w, "invalid session", http.StatusUnauthorized)
+		return
+	}
+
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *Handler) user(w http.ResponseWriter, r *http.Request) {
+	token := r.URL.Query().Get("token")
+	if token == "" {
+		http.Error(w, "missing token", http.StatusBadRequest)
+		return
+	}
+
+	session, err := h.database.ValidateSession(r.Context(), token)
+	if err != nil || session == nil {
+		http.Error(w, "invalid session", http.StatusUnauthorized)
+		return
+	}
+
+	user, err := h.database.GetUserByID(r.Context(), session.UserID)
+	if err != nil || user == nil {
+		http.Error(w, "user not found", http.StatusNotFound)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]any{
+		"id":         user.ID,
+		"email":      user.Email,
+		"name":       user.Name,
+		"avatar_url": user.AvatarURL,
+	})
+}
+
+func (h *Handler) listProviders(w http.ResponseWriter, r *http.Request) {
+	providers := []map[string]string{}
+	if _, ok := h.providers["google"]; ok {
+		providers = append(providers, map[string]string{"id": "google", "name": "Google"})
+	}
+	if _, ok := h.providers["github"]; ok {
+		providers = append(providers, map[string]string{"id": "github", "name": "GitHub"})
+	}
+	if _, ok := h.providers["discord"]; ok {
+		providers = append(providers, map[string]string{"id": "discord", "name": "Discord"})
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]any{"providers": providers})
+}
+
+func (h *Handler) logout(w http.ResponseWriter, r *http.Request) {
+	cookie, err := r.Cookie("writekit_session")
+	if err == nil && cookie.Value != "" {
+		h.database.DeleteSession(r.Context(), cookie.Value)
+	}
+
+	http.SetCookie(w, &http.Cookie{
+		Name:     "writekit_session",
+		Value:    "",
+		Path:     "/",
+		MaxAge:   -1,
+		HttpOnly: true,
+		SameSite: http.SameSiteLaxMode,
+		Secure:   !strings.Contains(h.baseURL, "localhost"),
+	})
+
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *Handler) exchangeCode(ctx context.Context, p provider, code string) (*oauthToken, error) {
+	data := url.Values{}
+	data.Set("client_id", p.ClientID)
+	data.Set("client_secret", p.ClientSecret)
+	data.Set("code", code)
+	data.Set("redirect_uri", h.baseURL+"/auth/callback")
+	data.Set("grant_type", "authorization_code")
+
+	req, err := http.NewRequestWithContext(ctx, "POST", p.TokenURL, strings.NewReader(data.Encode()))
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+	req.Header.Set("Accept", "application/json")
+
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	body, _ := io.ReadAll(resp.Body)
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("token exchange failed: %s", body)
+	}
+
+	var token oauthToken
+	if err := json.Unmarshal(body, &token); err != nil {
+		return nil, err
+	}
+	return &token, nil
+}
+
+func (h *Handler) getUserInfo(ctx context.Context, p provider, providerName string, token *oauthToken) (*userInfo, error) {
+	req, err := http.NewRequestWithContext(ctx, "GET", p.UserInfoURL, nil)
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("Authorization", "Bearer "+token.AccessToken)
+	req.Header.Set("Accept", "application/json")
+
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	body, _ := io.ReadAll(resp.Body)
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("user info failed: %s", body)
+	}
+
+	var raw map[string]any
+	if err := json.Unmarshal(body, &raw); err != nil {
+		return nil, err
+	}
+
+	info := &userInfo{}
+
+	switch providerName {
+	case "google":
+		info.ID = getString(raw, "id")
+		info.Email = getString(raw, "email")
+		info.Name = getString(raw, "name")
+		info.AvatarURL = getString(raw, "picture")
+
+	case "github":
+		info.ID = fmt.Sprintf("%v", raw["id"])
+		info.Email = getString(raw, "email")
+		info.Name = getString(raw, "name")
+		if info.Name == "" {
+			info.Name = getString(raw, "login")
+		}
+		info.AvatarURL = getString(raw, "avatar_url")
+
+		if info.Email == "" {
+			info.Email, _ = h.getGitHubEmail(ctx, token)
+		}
+
+	case "discord":
+		info.ID = getString(raw, "id")
+		info.Email = getString(raw, "email")
+		info.Name = getString(raw, "global_name")
+		if info.Name == "" {
+			info.Name = getString(raw, "username")
+		}
+		if avatar := getString(raw, "avatar"); avatar != "" {
+			info.AvatarURL = fmt.Sprintf("https://cdn.discordapp.com/avatars/%s/%s.png", info.ID, avatar)
+		}
+	}
+
+	if info.Email == "" {
+		return nil, fmt.Errorf("no email from provider")
+	}
+	return info, nil
+}
+
+func (h *Handler) getGitHubEmail(ctx context.Context, token *oauthToken) (string, error) {
+	req, err := http.NewRequestWithContext(ctx, "GET", "https://api.github.com/user/emails", nil)
+	if err != nil {
+		return "", err
+	}
+	req.Header.Set("Authorization", "Bearer "+token.AccessToken)
+	req.Header.Set("Accept", "application/json")
+
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		return "", err
+	}
+	defer resp.Body.Close()
+
+	var emails []struct {
+		Email    string `json:"email"`
+		Primary  bool   `json:"primary"`
+		Verified bool   `json:"verified"`
+	}
+	if err := json.NewDecoder(resp.Body).Decode(&emails); err != nil {
+		return "", err
+	}
+
+	for _, e := range emails {
+		if e.Primary && e.Verified {
+			return e.Email, nil
+		}
+	}
+	for _, e := range emails {
+		if e.Verified {
+			return e.Email, nil
+		}
+	}
+	return "", nil
+}
+
+func (h *Handler) findOrCreateUser(ctx context.Context, providerName string, info *userInfo) (*db.User, error) {
+	user, err := h.database.GetUserByIdentity(ctx, providerName, info.ID)
+	if err != nil {
+		return nil, err
+	}
+	if user != nil {
+		return user, nil
+	}
+
+	user, err = h.database.GetUserByEmail(ctx, info.Email)
+	if err != nil {
+		return nil, err
+	}
+	if user != nil {
+		h.database.AddUserIdentity(ctx, user.ID, providerName, info.ID, info.Email)
+		return user, nil
+	}
+
+	user, err = h.database.CreateUser(ctx, info.Email, info.Name, info.AvatarURL)
+	if err != nil {
+		return nil, err
+	}
+	h.database.AddUserIdentity(ctx, user.ID, providerName, info.ID, info.Email)
+	return user, nil
+}
+
+func (h *Handler) encodeState(state oauthState) (string, error) {
+	data, err := json.Marshal(state)
+	if err != nil {
+		return "", err
+	}
+	mac := hmac.New(sha256.New, h.sessionSecret)
+	mac.Write(data)
+	sig := mac.Sum(nil)
+	return base64.URLEncoding.EncodeToString(append(data, sig...)), nil
+}
+
+func (h *Handler) decodeState(s string) (*oauthState, error) {
+	payload, err := base64.URLEncoding.DecodeString(s)
+	if err != nil {
+		return nil, err
+	}
+	if len(payload) < 32 {
+		return nil, fmt.Errorf("invalid state")
+	}
+
+	data := payload[:len(payload)-32]
+	sig := payload[len(payload)-32:]
+
+	mac := hmac.New(sha256.New, h.sessionSecret)
+	mac.Write(data)
+	if !hmac.Equal(sig, mac.Sum(nil)) {
+		return nil, fmt.Errorf("invalid signature")
+	}
+
+	var state oauthState
+	if err := json.Unmarshal(data, &state); err != nil {
+		return nil, err
+	}
+	return &state, nil
+}
+
+func getString(m map[string]any, key string) string {
+	if v, ok := m[key]; ok {
+		if s, ok := v.(string); ok {
+			return s
+		}
+	}
+	return ""
+}
diff --git a/internal/billing/lemon.go b/internal/billing/lemon.go
new file mode 100644
index 0000000..0df1b95
--- /dev/null
+++ b/internal/billing/lemon.go
@@ -0,0 +1,234 @@
+package billing
+
+import (
+	"bytes"
+	"context"
+	"crypto/hmac"
+	"crypto/sha256"
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+)
+
+const lemonBaseURL = "https://api.lemonsqueezy.com/v1"
+
+type LemonClient struct {
+	apiKey        string
+	storeID       string
+	webhookSecret string
+	httpClient    *http.Client
+}
+
+func NewLemonClient() *LemonClient {
+	return &LemonClient{
+		apiKey:        os.Getenv("LEMON_API_KEY"),
+		storeID:       os.Getenv("LEMON_STORE_ID"),
+		webhookSecret: os.Getenv("LEMON_WEBHOOK_SECRET"),
+		httpClient:    &http.Client{},
+	}
+}
+
+func (c *LemonClient) IsConfigured() bool {
+	return c.apiKey != "" && c.storeID != ""
+}
+
+type CheckoutRequest struct {
+	StoreID         string            `json:"store_id"`
+	VariantID       string            `json:"variant_id"`
+	CustomPrice     *int              `json:"custom_price,omitempty"`
+	CheckoutOptions *CheckoutOptions  `json:"checkout_options,omitempty"`
+	CheckoutData    *CheckoutData     `json:"checkout_data,omitempty"`
+}
+
+type CheckoutOptions struct {
+	Embed bool `json:"embed,omitempty"`
+}
+
+type CheckoutData struct {
+	Email  string            `json:"email,omitempty"`
+	Name   string            `json:"name,omitempty"`
+	Custom map[string]string `json:"custom,omitempty"`
+}
+
+type CheckoutResponse struct {
+	Data struct {
+		ID         string `json:"id"`
+		Attributes struct {
+			URL string `json:"url"`
+		} `json:"attributes"`
+	} `json:"data"`
+}
+
+func (c *LemonClient) CreateCheckout(ctx context.Context, req *CheckoutRequest) (*CheckoutResponse, error) {
+	if req.StoreID == "" {
+		req.StoreID = c.storeID
+	}
+
+	payload := map[string]any{
+		"data": map[string]any{
+			"type":       "checkouts",
+			"attributes": req,
+			"relationships": map[string]any{
+				"store": map[string]any{
+					"data": map[string]any{"type": "stores", "id": req.StoreID},
+				},
+				"variant": map[string]any{
+					"data": map[string]any{"type": "variants", "id": req.VariantID},
+				},
+			},
+		},
+	}
+
+	body, err := json.Marshal(payload)
+	if err != nil {
+		return nil, err
+	}
+
+	httpReq, err := http.NewRequestWithContext(ctx, "POST", lemonBaseURL+"/checkouts", bytes.NewReader(body))
+	if err != nil {
+		return nil, err
+	}
+
+	httpReq.Header.Set("Authorization", "Bearer "+c.apiKey)
+	httpReq.Header.Set("Content-Type", "application/vnd.api+json")
+	httpReq.Header.Set("Accept", "application/vnd.api+json")
+
+	resp, err := c.httpClient.Do(httpReq)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	respBody, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if resp.StatusCode != http.StatusCreated && resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("checkout creation failed (status %d): %s", resp.StatusCode, string(respBody))
+	}
+
+	var checkoutResp CheckoutResponse
+	if err := json.Unmarshal(respBody, &checkoutResp); err != nil {
+		return nil, err
+	}
+
+	return &checkoutResp, nil
+}
+
+func (c *LemonClient) CreateSubscriptionCheckout(ctx context.Context, variantID, email, name string, custom map[string]string) (string, error) {
+	req := &CheckoutRequest{
+		VariantID: variantID,
+		CheckoutData: &CheckoutData{
+			Email:  email,
+			Name:   name,
+			Custom: custom,
+		},
+		CheckoutOptions: &CheckoutOptions{Embed: true},
+	}
+
+	resp, err := c.CreateCheckout(ctx, req)
+	if err != nil {
+		return "", err
+	}
+
+	return resp.Data.Attributes.URL, nil
+}
+
+func (c *LemonClient) CreateDonationCheckout(ctx context.Context, variantID string, amountCents int, email, name, message string, custom map[string]string) (string, error) {
+	if custom == nil {
+		custom = make(map[string]string)
+	}
+	if message != "" {
+		custom["message"] = message
+	}
+
+	req := &CheckoutRequest{
+		VariantID:   variantID,
+		CustomPrice: &amountCents,
+		CheckoutData: &CheckoutData{
+			Email:  email,
+			Name:   name,
+			Custom: custom,
+		},
+		CheckoutOptions: &CheckoutOptions{Embed: true},
+	}
+
+	resp, err := c.CreateCheckout(ctx, req)
+	if err != nil {
+		return "", err
+	}
+
+	return resp.Data.Attributes.URL, nil
+}
+
+func (c *LemonClient) VerifyWebhook(payload []byte, signature string) bool {
+	if c.webhookSecret == "" {
+		return false
+	}
+
+	mac := hmac.New(sha256.New, []byte(c.webhookSecret))
+	mac.Write(payload)
+	expectedSig := hex.EncodeToString(mac.Sum(nil))
+
+	return hmac.Equal([]byte(signature), []byte(expectedSig))
+}
+
+type WebhookEvent struct {
+	Meta struct {
+		EventName  string            `json:"event_name"`
+		CustomData map[string]string `json:"custom_data"`
+	} `json:"meta"`
+	Data json.RawMessage `json:"data"`
+}
+
+type SubscriptionData struct {
+	ID         string `json:"id"`
+	Attributes struct {
+		CustomerID  int    `json:"customer_id"`
+		VariantName string `json:"variant_name"`
+		UserName    string `json:"user_name"`
+		UserEmail   string `json:"user_email"`
+		Status      string `json:"status"`
+		RenewsAt    string `json:"renews_at"`
+		FirstSubscriptionItem struct {
+			Price int `json:"price"`
+		} `json:"first_subscription_item"`
+	} `json:"attributes"`
+}
+
+type OrderData struct {
+	ID         string `json:"id"`
+	Attributes struct {
+		UserName  string `json:"user_name"`
+		UserEmail string `json:"user_email"`
+		TotalUsd  int    `json:"total_usd"`
+	} `json:"attributes"`
+}
+
+func (c *LemonClient) ParseWebhookEvent(payload []byte) (*WebhookEvent, error) {
+	var event WebhookEvent
+	if err := json.Unmarshal(payload, &event); err != nil {
+		return nil, err
+	}
+	return &event, nil
+}
+
+func (e *WebhookEvent) GetSubscriptionData() (*SubscriptionData, error) {
+	var data SubscriptionData
+	if err := json.Unmarshal(e.Data, &data); err != nil {
+		return nil, err
+	}
+	return &data, nil
+}
+
+func (e *WebhookEvent) GetOrderData() (*OrderData, error) {
+	var data OrderData
+	if err := json.Unmarshal(e.Data, &data); err != nil {
+		return nil, err
+	}
+	return &data, nil
+}
diff --git a/internal/billing/payout.go b/internal/billing/payout.go
new file mode 100644
index 0000000..4361699
--- /dev/null
+++ b/internal/billing/payout.go
@@ -0,0 +1,126 @@
+package billing
+
+import (
+	"context"
+	"fmt"
+	"log/slog"
+	"os"
+	"strconv"
+	"time"
+)
+
+type PayoutWorker struct {
+	store          *Store
+	wise           *WiseClient
+	thresholdCents int
+	interval       time.Duration
+}
+
+func NewPayoutWorker(store *Store, wiseClient *WiseClient) *PayoutWorker {
+	threshold := 1000
+	if v := os.Getenv("PAYOUT_THRESHOLD_CENTS"); v != "" {
+		if t, err := strconv.Atoi(v); err == nil {
+			threshold = t
+		}
+	}
+
+	return &PayoutWorker{
+		store:          store,
+		wise:           wiseClient,
+		thresholdCents: threshold,
+		interval:       5 * time.Minute,
+	}
+}
+
+func (w *PayoutWorker) Start(ctx context.Context) {
+	if !w.wise.IsConfigured() {
+		slog.Warn("wise not configured, payouts disabled")
+		return
+	}
+
+	ticker := time.NewTicker(w.interval)
+	defer ticker.Stop()
+
+	slog.Info("payout worker started", "threshold_cents", w.thresholdCents, "interval", w.interval)
+
+	for {
+		select {
+		case <-ctx.Done():
+			slog.Info("payout worker stopped")
+			return
+		case <-ticker.C:
+			w.processPayouts(ctx)
+		}
+	}
+}
+
+func (w *PayoutWorker) processPayouts(ctx context.Context) {
+	balances, err := w.store.GetTenantsReadyForPayout(ctx, w.thresholdCents)
+	if err != nil {
+		slog.Error("failed to get tenants ready for payout", "error", err)
+		return
+	}
+
+	for _, balance := range balances {
+		if err := w.processPayout(ctx, balance.TenantID, balance.AvailableCents); err != nil {
+			slog.Error("failed to process payout",
+				"tenant_id", balance.TenantID,
+				"amount_cents", balance.AvailableCents,
+				"error", err,
+			)
+			continue
+		}
+	}
+}
+
+func (w *PayoutWorker) processPayout(ctx context.Context, tenantID string, amountCents int) error {
+	settings, err := w.store.GetPayoutSettings(ctx, tenantID)
+	if err != nil {
+		return fmt.Errorf("get payout settings: %w", err)
+	}
+	if settings == nil || settings.WiseRecipientID == "" {
+		return fmt.Errorf("payout not configured for tenant")
+	}
+
+	recipientID, err := strconv.ParseInt(settings.WiseRecipientID, 10, 64)
+	if err != nil {
+		return fmt.Errorf("invalid recipient ID: %w", err)
+	}
+
+	quote, err := w.wise.CreateQuote(ctx, "USD", settings.Currency, amountCents)
+	if err != nil {
+		return fmt.Errorf("create quote: %w", err)
+	}
+
+	reference := fmt.Sprintf("WK-%s-%d", tenantID[:8], time.Now().Unix())
+
+	transfer, err := w.wise.CreateTransfer(ctx, quote.ID, recipientID, reference)
+	if err != nil {
+		return fmt.Errorf("create transfer: %w", err)
+	}
+
+	payoutID, err := w.store.CreatePayout(ctx, tenantID, amountCents, settings.Currency, fmt.Sprintf("%d", transfer.ID), quote.ID, "pending")
+	if err != nil {
+		return fmt.Errorf("record payout: %w", err)
+	}
+
+	if err := w.wise.FundTransfer(ctx, transfer.ID); err != nil {
+		w.store.UpdatePayoutStatus(ctx, payoutID, "failed", nil, err.Error())
+		return fmt.Errorf("fund transfer: %w", err)
+	}
+
+	if err := w.store.DeductBalance(ctx, tenantID, amountCents); err != nil {
+		return fmt.Errorf("deduct balance: %w", err)
+	}
+
+	w.store.UpdatePayoutStatus(ctx, payoutID, "processing", nil, "")
+
+	slog.Info("payout initiated",
+		"tenant_id", tenantID,
+		"amount_cents", amountCents,
+		"transfer_id", transfer.ID,
+		"payout_id", payoutID,
+	)
+
+	return nil
+}
diff --git a/internal/billing/store.go b/internal/billing/store.go
new file mode 100644
index 0000000..0b64e15
--- /dev/null
+++ b/internal/billing/store.go
@@ -0,0 +1,333 @@
+package billing
+
+import (
+	"context"
+	"database/sql"
+	"time"
+
+	"github.com/jackc/pgx/v5/pgxpool"
+)
+
+type Store struct {
+	db *pgxpool.Pool
+}
+
+func NewStore(db *pgxpool.Pool) *Store {
+	return &Store{db: db}
+}
+
+type Tier struct {
+	ID             string
+	TenantID       string
+	Name           string
+	PriceCents     int
+	Description    string
+	LemonVariantID string
+	Active         bool
+	CreatedAt      time.Time
+}
+
+type Subscription struct {
+	ID                  string
+	TenantID            string
+	UserID              string
+	TierID              string
+	TierName            string
+	Status              string
+	LemonSubscriptionID string
+	LemonCustomerID     string
+	AmountCents         int
+	CurrentPeriodStart  time.Time
+	CurrentPeriodEnd    time.Time
+	CancelledAt         *time.Time
+	CreatedAt           time.Time
+}
+
+type Donation struct {
+	ID           string
+	TenantID     string
+	UserID       string
+	DonorEmail   string
+	DonorName    string
+	AmountCents  int
+	LemonOrderID string
+	Message      string
+	CreatedAt    time.Time
+}
+
+type Balance struct {
+	TenantID              string
+	AvailableCents        int
+	LifetimeEarningsCents int
+	LifetimePaidCents     int
+	UpdatedAt             time.Time
+}
+
+type PayoutSettings struct {
+	TenantID          string
+	WiseRecipientID   string
+	AccountHolderName string
+	Currency          string
+	PayoutEmail       string
+}
+
+func (s *Store) CreateTier(ctx context.Context, tier *Tier) error {
+	_, err := s.db.Exec(ctx, `
+		INSERT INTO membership_tiers (tenant_id, name, price_cents, description, lemon_variant_id, active)
+		VALUES ($1, $2, $3, $4, $5, $6)
+	`, tier.TenantID, tier.Name, tier.PriceCents, tier.Description, tier.LemonVariantID, tier.Active)
+	return err
+}
+
+func (s *Store) GetTiersByTenant(ctx context.Context, tenantID string) ([]Tier, error) {
+	rows, err := s.db.Query(ctx, `
+		SELECT id, tenant_id, name, price_cents, description, lemon_variant_id, active, created_at
+		FROM membership_tiers
+		WHERE tenant_id = $1 AND active = TRUE
+		ORDER BY price_cents ASC
+	`, tenantID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var tiers []Tier
+	for rows.Next() {
+		var t Tier
+		if err := rows.Scan(&t.ID, &t.TenantID, &t.Name, &t.PriceCents, &t.Description, &t.LemonVariantID, &t.Active, &t.CreatedAt); err != nil {
+			return nil, err
+		}
+		tiers = append(tiers, t)
+	}
+	return tiers, rows.Err()
+}
+
+func (s *Store) CreateSubscription(ctx context.Context, sub *Subscription) error {
+	_, err := s.db.Exec(ctx, `
+		INSERT INTO subscriptions (tenant_id, user_id, tier_id, tier_name, status, lemon_subscription_id, lemon_customer_id, amount_cents, current_period_start, current_period_end)
+		VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)
+	`, sub.TenantID, sub.UserID, sub.TierID, sub.TierName, sub.Status, sub.LemonSubscriptionID, sub.LemonCustomerID, sub.AmountCents, sub.CurrentPeriodStart, sub.CurrentPeriodEnd)
+	return err
+}
+
+func (s *Store) GetSubscriptionByLemonID(ctx context.Context, lemonSubID string) (*Subscription, error) {
+	var sub Subscription
+	var userID, tierID sql.NullString
+	var cancelledAt sql.NullTime
+	var periodStart, periodEnd sql.NullTime
+
+	err := s.db.QueryRow(ctx, `
+		SELECT id, tenant_id, user_id, tier_id, tier_name, status, lemon_subscription_id, lemon_customer_id,
+		       amount_cents, current_period_start, current_period_end, cancelled_at, created_at
+		FROM subscriptions WHERE lemon_subscription_id = $1
+	`, lemonSubID).Scan(&sub.ID, &sub.TenantID, &userID, &tierID, &sub.TierName, &sub.Status,
+		&sub.LemonSubscriptionID, &sub.LemonCustomerID, &sub.AmountCents, &periodStart, &periodEnd,
+		&cancelledAt, &sub.CreatedAt)
+
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	sub.UserID = userID.String
+	sub.TierID = tierID.String
+	if periodStart.Valid {
+		sub.CurrentPeriodStart = periodStart.Time
+	}
+	if periodEnd.Valid {
+		sub.CurrentPeriodEnd = periodEnd.Time
+	}
+	if cancelledAt.Valid {
+		sub.CancelledAt = &cancelledAt.Time
+	}
+	return &sub, nil
+}
+
+func (s *Store) UpdateSubscriptionStatus(ctx context.Context, lemonSubID, status string, renewsAt *time.Time) error {
+	_, err := s.db.Exec(ctx, `
+		UPDATE subscriptions
+		SET status = $1, current_period_end = $2, updated_at = NOW()
+		WHERE lemon_subscription_id = $3
+	`, status, renewsAt, lemonSubID)
+	return err
+}
+
+func (s *Store) CancelSubscription(ctx context.Context, lemonSubID string) error {
+	_, err := s.db.Exec(ctx, `
+		UPDATE subscriptions
+		SET status = 'cancelled', cancelled_at = NOW(), updated_at = NOW()
+		WHERE lemon_subscription_id = $1
+	`, lemonSubID)
+	return err
+}
+
+func (s *Store) CreateDonation(ctx context.Context, donation *Donation) error {
+	err := s.db.QueryRow(ctx, `
+		INSERT INTO donations (tenant_id, user_id, donor_email, donor_name, amount_cents, lemon_order_id, message)
+		VALUES ($1, $2, $3, $4, $5, $6, $7)
+		RETURNING id
+	`, donation.TenantID, donation.UserID, donation.DonorEmail, donation.DonorName, donation.AmountCents, donation.LemonOrderID, donation.Message).Scan(&donation.ID)
+	return err
+}
+
+func (s *Store) AddEarnings(ctx context.Context, tenantID, sourceType, sourceID, description string, grossCents, platformFeeCents, processorFeeCents, netCents int) error {
+	tx, err := s.db.Begin(ctx)
+	if err != nil {
+		return err
+	}
+	defer tx.Rollback(ctx)
+
+	_, err = tx.Exec(ctx, `
+		INSERT INTO earnings (tenant_id, source_type, source_id, description, gross_cents, platform_fee_cents, processor_fee_cents, net_cents)
+		VALUES ($1, $2, $3, $4, $5, $6, $7, $8)
+	`, tenantID, sourceType, sourceID, description, grossCents, platformFeeCents, processorFeeCents, netCents)
+	if err != nil {
+		return err
+	}
+
+	_, err = tx.Exec(ctx, `
+		INSERT INTO balances (tenant_id, available_cents, lifetime_earnings_cents, updated_at)
+		VALUES ($1, $2, $2, NOW())
+		ON CONFLICT (tenant_id) DO UPDATE
+		SET available_cents = balances.available_cents + $2,
+		    lifetime_earnings_cents = balances.lifetime_earnings_cents + $2,
+		    updated_at = NOW()
+	`, tenantID, netCents)
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit(ctx)
+}
+
+func (s *Store) GetBalance(ctx context.Context, tenantID string) (*Balance, error) {
+	var b Balance
+	err := s.db.QueryRow(ctx, `
+		SELECT tenant_id, available_cents, lifetime_earnings_cents, lifetime_paid_cents, updated_at
+		FROM balances WHERE tenant_id = $1
+	`, tenantID).Scan(&b.TenantID, &b.AvailableCents, &b.LifetimeEarningsCents, &b.LifetimePaidCents, &b.UpdatedAt)
+
+	if err == sql.ErrNoRows {
+		return &Balance{TenantID: tenantID}, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &b, nil
+}
+
+func (s *Store) GetTenantsReadyForPayout(ctx context.Context, thresholdCents int) ([]Balance, error) {
+	rows, err := s.db.Query(ctx, `
+		SELECT b.tenant_id, b.available_cents, b.lifetime_earnings_cents, b.lifetime_paid_cents, b.updated_at
+		FROM balances b
+		JOIN payout_settings ps ON b.tenant_id = ps.tenant_id
+		WHERE b.available_cents >= $1 AND ps.wise_recipient_id IS NOT NULL
+	`, thresholdCents)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var balances []Balance
+	for rows.Next() {
+		var b Balance
+		if err := rows.Scan(&b.TenantID, &b.AvailableCents, &b.LifetimeEarningsCents, &b.LifetimePaidCents, &b.UpdatedAt); err != nil {
+			return nil, err
+		}
+		balances = append(balances, b)
+	}
+	return balances, rows.Err()
+}
+
+func (s *Store) DeductBalance(ctx context.Context, tenantID string, amountCents int) error {
+	_, err := s.db.Exec(ctx, `
+		UPDATE balances
+		SET available_cents = available_cents - $1,
+		    lifetime_paid_cents = lifetime_paid_cents + $1,
+		    updated_at = NOW()
+		WHERE tenant_id = $2 AND available_cents >= $1
+	`, amountCents, tenantID)
+	return err
+}
+
+func (s *Store) CreatePayout(ctx context.Context, tenantID string, amountCents int, currency, wiseTransferID, wiseQuoteID, status string) (string, error) {
+	var id string
+	err := s.db.QueryRow(ctx, `
+		INSERT INTO payouts (tenant_id, amount_cents, currency, wise_transfer_id, wise_quote_id, status)
+		VALUES ($1, $2, $3, $4, $5, $6)
+		RETURNING id
+	`, tenantID, amountCents, currency, wiseTransferID, wiseQuoteID, status).Scan(&id)
+	return id, err
+}
+
+func (s *Store) UpdatePayoutStatus(ctx context.Context, payoutID, status string, completedAt *time.Time, failureReason string) error {
+	_, err := s.db.Exec(ctx, `
+		UPDATE payouts
+		SET status = $1, completed_at = $2, failure_reason = $3
+		WHERE id = $4
+	`, status, completedAt, failureReason, payoutID)
+	return err
+}
+
+func (s *Store) GetPayoutSettings(ctx context.Context, tenantID string) (*PayoutSettings, error) {
+	var ps PayoutSettings
+	var recipientID, holderName, currency, email sql.NullString
+
+	err := s.db.QueryRow(ctx, `
+		SELECT tenant_id, wise_recipient_id, account_holder_name, currency, payout_email
+		FROM payout_settings WHERE tenant_id = $1
+	`, tenantID).Scan(&ps.TenantID, &recipientID, &holderName, &currency, &email)
+
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	ps.WiseRecipientID = recipientID.String
+	ps.AccountHolderName = holderName.String
+	ps.Currency = currency.String
+	if ps.Currency == "" {
+		ps.Currency = "USD"
+	}
+	ps.PayoutEmail = email.String
+
+	return &ps, nil
+}
+
+func (s *Store) SavePayoutSettings(ctx context.Context, ps *PayoutSettings) error {
+	_, err := s.db.Exec(ctx, `
+		INSERT INTO payout_settings (tenant_id, wise_recipient_id, account_holder_name, currency, payout_email)
+		VALUES ($1, $2, $3, $4, $5)
+		ON CONFLICT (tenant_id) DO UPDATE
+		SET wise_recipient_id = $2,
+		    account_holder_name = $3,
+		    currency = $4,
+		    payout_email = $5,
+		    updated_at = NOW()
+	`, ps.TenantID, ps.WiseRecipientID, ps.AccountHolderName, ps.Currency, ps.PayoutEmail)
+	return err
+}
+
+type User struct {
+	ID    string
+	Email string
+	Name  string
+}
+
+func (s *Store) GetUserByID(ctx context.Context, id string) (*User, error) {
+	var u User
+	err := s.db.QueryRow(ctx,
+		`SELECT id, email, COALESCE(name, '') FROM users WHERE id = $1`,
+		id).Scan(&u.ID, &u.Email, &u.Name)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &u, nil
+}
diff --git a/internal/billing/webhook.go b/internal/billing/webhook.go
new file mode 100644
index 0000000..a16533b
--- /dev/null
+++ b/internal/billing/webhook.go
@@ -0,0 +1,303 @@
+package billing
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"log/slog"
+	"net/http"
+	"strconv"
+	"time"
+)
+
+type MemberSyncer interface {
+	SyncMember(ctx context.Context, tenantID, userID, email, name, tier, status string, expiresAt *time.Time) error
+}
+
+type WebhookHandler struct {
+	store        *Store
+	lemon        *LemonClient
+	memberSyncer MemberSyncer
+}
+
+func NewWebhookHandler(store *Store, lemonClient *LemonClient, syncer MemberSyncer) *WebhookHandler {
+	return &WebhookHandler{
+		store:        store,
+		lemon:        lemonClient,
+		memberSyncer: syncer,
+	}
+}
+
+func (h *WebhookHandler) HandleWebhook(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	body, err := io.ReadAll(r.Body)
+	if err != nil {
+		slog.Error("failed to read webhook body", "error", err)
+		http.Error(w, "Failed to read body", http.StatusBadRequest)
+		return
+	}
+
+	signature := r.Header.Get("X-Signature")
+	if !h.lemon.VerifyWebhook(body, signature) {
+		slog.Warn("invalid webhook signature")
+		http.Error(w, "Invalid signature", http.StatusUnauthorized)
+		return
+	}
+
+	event, err := h.lemon.ParseWebhookEvent(body)
+	if err != nil {
+		slog.Error("failed to parse webhook event", "error", err)
+		http.Error(w, "Failed to parse event", http.StatusBadRequest)
+		return
+	}
+
+	ctx := r.Context()
+
+	switch event.Meta.EventName {
+	case "subscription_created":
+		err = h.handleSubscriptionCreated(ctx, event)
+	case "subscription_updated":
+		err = h.handleSubscriptionUpdated(ctx, event)
+	case "subscription_cancelled":
+		err = h.handleSubscriptionCancelled(ctx, event)
+	case "subscription_payment_success":
+		err = h.handleSubscriptionPayment(ctx, event)
+	case "order_created":
+		err = h.handleOrderCreated(ctx, event)
+	default:
+		slog.Debug("unhandled webhook event", "event", event.Meta.EventName)
+	}
+
+	if err != nil {
+		slog.Error("webhook handler error", "event", event.Meta.EventName, "error", err)
+		http.Error(w, "Handler error", http.StatusInternalServerError)
+		return
+	}
+
+	w.WriteHeader(http.StatusOK)
+}
+
+func (h *WebhookHandler) handleSubscriptionCreated(ctx context.Context, event *WebhookEvent) error {
+	data, err := event.GetSubscriptionData()
+	if err != nil {
+		return fmt.Errorf("parse subscription data: %w", err)
+	}
+
+	tenantID := event.Meta.CustomData["tenant_id"]
+	userID := event.Meta.CustomData["user_id"]
+	tierID := event.Meta.CustomData["tier_id"]
+
+	if tenantID == "" {
+		return fmt.Errorf("missing tenant_id in custom data")
+	}
+
+	sub := &Subscription{
+		TenantID:            tenantID,
+		UserID:              userID,
+		TierID:              tierID,
+		TierName:            data.Attributes.VariantName,
+		Status:              normalizeStatus(data.Attributes.Status),
+		LemonSubscriptionID: data.ID,
+		LemonCustomerID:     strconv.Itoa(data.Attributes.CustomerID),
+		AmountCents:         data.Attributes.FirstSubscriptionItem.Price,
+	}
+
+	if data.Attributes.RenewsAt != "" {
+		if t, err := time.Parse(time.RFC3339, data.Attributes.RenewsAt); err == nil {
+			sub.CurrentPeriodEnd = t
+		}
+	}
+	sub.CurrentPeriodStart = time.Now()
+
+	if err := h.store.CreateSubscription(ctx, sub); err != nil {
+		return fmt.Errorf("create subscription: %w", err)
+	}
+
+	if h.memberSyncer != nil && userID != "" {
+		user, _ := h.store.GetUserByID(ctx, userID)
+		email, name := "", ""
+		if user != nil {
+			email, name = user.Email, user.Name
+		}
+		if err := h.memberSyncer.SyncMember(ctx, tenantID, userID, email, name, sub.TierName, "active", &sub.CurrentPeriodEnd); err != nil {
+			slog.Error("sync member failed", "tenant_id", tenantID, "user_id", userID, "error", err)
+		}
+	}
+
+	slog.Info("subscription created",
+		"tenant_id", tenantID,
+		"lemon_id", data.ID,
+		"tier", data.Attributes.VariantName,
+	)
+
+	return nil
+}
+
+func (h *WebhookHandler) handleSubscriptionUpdated(ctx context.Context, event *WebhookEvent) error {
+	data, err := event.GetSubscriptionData()
+	if err != nil {
+		return fmt.Errorf("parse subscription data: %w", err)
+	}
+
+	var renewsAt *time.Time
+	if data.Attributes.RenewsAt != "" {
+		if t, err := time.Parse(time.RFC3339, data.Attributes.RenewsAt); err == nil {
+			renewsAt = &t
+		}
+	}
+
+	status := normalizeStatus(data.Attributes.Status)
+
+	if err := h.store.UpdateSubscriptionStatus(ctx, data.ID, status, renewsAt); err != nil {
+		return fmt.Errorf("update subscription: %w", err)
+	}
+
+	if h.memberSyncer != nil {
+		sub, _ := h.store.GetSubscriptionByLemonID(ctx, data.ID)
+		if sub != nil && sub.UserID != "" {
+			user, _ := h.store.GetUserByID(ctx, sub.UserID)
+			email, name := "", ""
+			if user != nil {
+				email, name = user.Email, user.Name
+			}
+			if err := h.memberSyncer.SyncMember(ctx, sub.TenantID, sub.UserID, email, name, sub.TierName, status, renewsAt); err != nil {
+				slog.Error("sync member failed", "tenant_id", sub.TenantID, "user_id", sub.UserID, "error", err)
+			}
+		}
+	}
+
+	slog.Info("subscription updated", "lemon_id", data.ID, "status", status)
+
+	return nil
+}
+
+func (h *WebhookHandler) handleSubscriptionCancelled(ctx context.Context, event *WebhookEvent) error {
+	data, err := event.GetSubscriptionData()
+	if err != nil {
+		return fmt.Errorf("parse subscription data: %w", err)
+	}
+
+	sub, _ := h.store.GetSubscriptionByLemonID(ctx, data.ID)
+
+	if err := h.store.CancelSubscription(ctx, data.ID); err != nil {
+		return fmt.Errorf("cancel subscription: %w", err)
+	}
+
+	if h.memberSyncer != nil && sub != nil && sub.UserID != "" {
+		user, _ := h.store.GetUserByID(ctx, sub.UserID)
+		email, name := "", ""
+		if user != nil {
+			email, name = user.Email, user.Name
+		}
+		if err := h.memberSyncer.SyncMember(ctx, sub.TenantID, sub.UserID, email, name, sub.TierName, "cancelled", nil); err != nil {
+			slog.Error("sync member failed", "tenant_id", sub.TenantID, "user_id", sub.UserID, "error", err)
+		}
+	}
+
+	slog.Info("subscription cancelled", "lemon_id", data.ID)
+
+	return nil
+}
+
+func (h *WebhookHandler) handleSubscriptionPayment(ctx context.Context, event *WebhookEvent) error {
+	data, err := event.GetSubscriptionData()
+	if err != nil {
+		return fmt.Errorf("parse subscription data: %w", err)
+	}
+
+	sub, err := h.store.GetSubscriptionByLemonID(ctx, data.ID)
+	if err != nil {
+		return fmt.Errorf("get subscription: %w", err)
+	}
+	if sub == nil {
+		return fmt.Errorf("subscription not found: %s", data.ID)
+	}
+
+	grossCents := data.Attributes.FirstSubscriptionItem.Price
+	platformFeeCents := grossCents * 5 / 100
+	processorFeeCents := grossCents * 5 / 100
+	netCents := grossCents - platformFeeCents - processorFeeCents
+
+	description := fmt.Sprintf("%s subscription - %s", sub.TierName, time.Now().Format("January 2006"))
+
+	if err := h.store.AddEarnings(ctx, sub.TenantID, "subscription_payment", sub.ID, description, grossCents, platformFeeCents, processorFeeCents, netCents); err != nil {
+		return fmt.Errorf("add earnings: %w", err)
+	}
+
+	slog.Info("subscription payment recorded",
+		"tenant_id", sub.TenantID,
+		"gross_cents", grossCents,
+		"net_cents", netCents,
+	)
+
+	return nil
+}
+
+func (h *WebhookHandler) handleOrderCreated(ctx context.Context, event *WebhookEvent) error {
+	data, err := event.GetOrderData()
+	if err != nil {
+		return fmt.Errorf("parse order data: %w", err)
+	}
+
+	tenantID := event.Meta.CustomData["tenant_id"]
+	userID := event.Meta.CustomData["user_id"]
+	message := event.Meta.CustomData["message"]
+
+	if tenantID == "" {
+		return fmt.Errorf("missing tenant_id in custom data")
+	}
+
+	if event.Meta.CustomData["type"] != "donation" {
+		return nil
+	}
+
+	donation := &Donation{
+		TenantID:     tenantID,
+		UserID:       userID,
+		DonorEmail:   data.Attributes.UserEmail,
+		DonorName:    data.Attributes.UserName,
+		AmountCents:  data.Attributes.TotalUsd,
+		LemonOrderID: data.ID,
+		Message:      message,
+	}
+
+	if err := h.store.CreateDonation(ctx, donation); err != nil {
+		return fmt.Errorf("create donation: %w", err)
+	}
+
+	grossCents := data.Attributes.TotalUsd
+	platformFeeCents := grossCents * 5 / 100
+	processorFeeCents := grossCents * 5 / 100
+	netCents := grossCents - platformFeeCents - processorFeeCents
+
+	description := fmt.Sprintf("Donation from %s", data.Attributes.UserName)
+
+	if err := h.store.AddEarnings(ctx, tenantID, "donation", donation.ID, description, grossCents, platformFeeCents, processorFeeCents, netCents); err != nil {
+		return fmt.Errorf("add earnings: %w", err)
+	}
+
+	slog.Info("donation recorded",
+		"tenant_id", tenantID,
+		"donor", data.Attributes.UserEmail,
+		"gross_cents", grossCents,
+	)
+
+	return nil
+}
+
+func normalizeStatus(lemonStatus string) string {
+	switch lemonStatus {
+	case "on_trial", "active":
+		return "active"
+	case "paused", "past_due", "unpaid":
+		return "past_due"
+	case "cancelled", "expired":
+		return "cancelled"
+	default:
+		return lemonStatus
+	}
+}
diff --git a/internal/billing/wise.go b/internal/billing/wise.go
new file mode 100644
index 0000000..c40a46f
--- /dev/null
+++ b/internal/billing/wise.go
@@ -0,0 +1,198 @@
+package billing
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+)
+
+const wiseBaseURL = "https://api.transferwise.com"
+
+type WiseClient struct {
+	apiKey    string
+	profileID string
+	client    *http.Client
+}
+
+func NewWiseClient() *WiseClient {
+	return &WiseClient{
+		apiKey:    os.Getenv("WISE_API_KEY"),
+		profileID: os.Getenv("WISE_PROFILE_ID"),
+		client:    &http.Client{},
+	}
+}
+
+func (c *WiseClient) IsConfigured() bool {
+	return c.apiKey != "" && c.profileID != ""
+}
+
+type Quote struct {
+	ID             string  `json:"id"`
+	SourceAmount   float64 `json:"sourceAmount"`
+	TargetAmount   float64 `json:"targetAmount"`
+	Rate           float64 `json:"rate"`
+	Fee            float64 `json:"fee"`
+	SourceCurrency string  `json:"sourceCurrency"`
+	TargetCurrency string  `json:"targetCurrency"`
+}
+
+type Transfer struct {
+	ID            int64   `json:"id"`
+	Status        string  `json:"status"`
+	SourceValue   float64 `json:"sourceValue"`
+	TargetValue   float64 `json:"targetValue"`
+}
+
+func (c *WiseClient) CreateQuote(ctx context.Context, sourceCurrency, targetCurrency string, sourceAmountCents int) (*Quote, error) {
+	payload := map[string]any{
+		"sourceCurrency": sourceCurrency,
+		"targetCurrency": targetCurrency,
+		"sourceAmount":   float64(sourceAmountCents) / 100,
+		"profile":        c.profileID,
+	}
+
+	body, err := json.Marshal(payload)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequestWithContext(ctx, "POST", wiseBaseURL+"/v3/quotes", bytes.NewReader(body))
+	if err != nil {
+		return nil, err
+	}
+	c.setHeaders(req)
+
+	resp, err := c.client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	respBody, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("quote creation failed (status %d): %s", resp.StatusCode, string(respBody))
+	}
+
+	var quote Quote
+	if err := json.Unmarshal(respBody, &quote); err != nil {
+		return nil, err
+	}
+
+	return &quote, nil
+}
+
+func (c *WiseClient) CreateTransfer(ctx context.Context, quoteID string, recipientID int64, reference string) (*Transfer, error) {
+	payload := map[string]any{
+		"targetAccount":         recipientID,
+		"quoteUuid":             quoteID,
+		"customerTransactionId": reference,
+		"details":               map[string]any{"reference": reference},
+	}
+
+	body, err := json.Marshal(payload)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequestWithContext(ctx, "POST", wiseBaseURL+"/v1/transfers", bytes.NewReader(body))
+	if err != nil {
+		return nil, err
+	}
+	c.setHeaders(req)
+
+	resp, err := c.client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	respBody, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated {
+		return nil, fmt.Errorf("transfer creation failed (status %d): %s", resp.StatusCode, string(respBody))
+	}
+
+	var transfer Transfer
+	if err := json.Unmarshal(respBody, &transfer); err != nil {
+		return nil, err
+	}
+
+	return &transfer, nil
+}
+
+func (c *WiseClient) FundTransfer(ctx context.Context, transferID int64) error {
+	url := fmt.Sprintf("%s/v3/profiles/%s/transfers/%d/payments", wiseBaseURL, c.profileID, transferID)
+
+	payload := map[string]any{"type": "BALANCE"}
+	body, err := json.Marshal(payload)
+	if err != nil {
+		return err
+	}
+
+	req, err := http.NewRequestWithContext(ctx, "POST", url, bytes.NewReader(body))
+	if err != nil {
+		return err
+	}
+	c.setHeaders(req)
+
+	resp, err := c.client.Do(req)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated {
+		respBody, _ := io.ReadAll(resp.Body)
+		return fmt.Errorf("funding failed (status %d): %s", resp.StatusCode, string(respBody))
+	}
+
+	return nil
+}
+
+func (c *WiseClient) GetTransferStatus(ctx context.Context, transferID int64) (string, error) {
+	url := fmt.Sprintf("%s/v1/transfers/%d", wiseBaseURL, transferID)
+
+	req, err := http.NewRequestWithContext(ctx, "GET", url, nil)
+	if err != nil {
+		return "", err
+	}
+	c.setHeaders(req)
+
+	resp, err := c.client.Do(req)
+	if err != nil {
+		return "", err
+	}
+	defer resp.Body.Close()
+
+	respBody, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return "", err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return "", fmt.Errorf("get transfer failed (status %d): %s", resp.StatusCode, string(respBody))
+	}
+
+	var transfer Transfer
+	if err := json.Unmarshal(respBody, &transfer); err != nil {
+		return "", err
+	}
+
+	return transfer.Status, nil
+}
+
+func (c *WiseClient) setHeaders(req *http.Request) {
+	req.Header.Set("Authorization", "Bearer "+c.apiKey)
+	req.Header.Set("Content-Type", "application/json")
+}
diff --git a/internal/build/assets/assets.go b/internal/build/assets/assets.go
new file mode 100644
index 0000000..a7eed10
--- /dev/null
+++ b/internal/build/assets/assets.go
@@ -0,0 +1,15 @@
+package assets
+
+import (
+	"embed"
+	"io/fs"
+	"net/http"
+)
+
+//go:embed css js
+var staticFS embed.FS
+
+func Handler() http.Handler {
+	sub, _ := fs.Sub(staticFS, ".")
+	return http.FileServer(http.FS(sub))
+}
diff --git a/internal/build/assets/css/style.css b/internal/build/assets/css/style.css
new file mode 100644
index 0000000..a52612e
--- /dev/null
+++ b/internal/build/assets/css/style.css
@@ -0,0 +1,778 @@
+/* WriteKit - Blog Stylesheet */
+
+*, *::before, *::after {
+  box-sizing: border-box;
+}
+
+:root {
+  --accent: #2563eb;
+  --font-body: system-ui, -apple-system, sans-serif;
+  --font-mono: 'SF Mono', 'Fira Code', 'Consolas', monospace;
+
+  --text: #18181b;
+  --text-muted: #71717a;
+  --bg: #ffffff;
+  --bg-secondary: #fafafa;
+  --border: #e4e4e7;
+
+  --content-width: 680px;
+  --spacing: 1.5rem;
+
+  /* Compactness defaults (cozy) */
+  --content-spacing: 1.75rem;
+  --paragraph-spacing: 1.25rem;
+  --heading-spacing: 2.5rem;
+  --line-height: 1.7;
+}
+
+/* Compactness: Compact */
+.compactness-compact {
+  --content-spacing: 1.25rem;
+  --paragraph-spacing: 0.875rem;
+  --heading-spacing: 1.75rem;
+  --line-height: 1.55;
+}
+
+/* Compactness: Cozy (default) */
+.compactness-cozy {
+  --content-spacing: 1.75rem;
+  --paragraph-spacing: 1.25rem;
+  --heading-spacing: 2.5rem;
+  --line-height: 1.7;
+}
+
+/* Compactness: Spacious */
+.compactness-spacious {
+  --content-spacing: 2.25rem;
+  --paragraph-spacing: 1.5rem;
+  --heading-spacing: 3rem;
+  --line-height: 1.85;
+}
+
+/* Layout: Minimal */
+.layout-minimal .site-header {
+  justify-content: center;
+}
+.layout-minimal .site-nav {
+  display: none;
+}
+.layout-minimal .site-footer {
+  border-top: none;
+  opacity: 0.7;
+}
+.layout-minimal .profile {
+  margin-bottom: 3.5rem;
+}
+
+/* Layout: Magazine */
+.layout-magazine .posts-list {
+  display: grid;
+  grid-template-columns: repeat(auto-fill, minmax(300px, 1fr));
+  gap: 1.25rem;
+}
+.layout-magazine .post-card {
+  padding: 1.5rem;
+  border: 1px solid var(--border);
+  background: var(--bg);
+  transition: border-color 0.2s, box-shadow 0.2s;
+}
+.layout-magazine .post-card:hover {
+  border-color: var(--accent);
+  box-shadow: 0 4px 12px rgba(0, 0, 0, 0.04);
+}
+.layout-magazine .post-card-title {
+  font-size: 1.0625rem;
+}
+.layout-magazine .post-card-description {
+  font-size: 0.875rem;
+  -webkit-line-clamp: 2;
+  display: -webkit-box;
+  -webkit-box-orient: vertical;
+  overflow: hidden;
+}
+
+html {
+  font-size: 16px;
+  -webkit-font-smoothing: antialiased;
+  -moz-osx-font-smoothing: grayscale;
+}
+
+body {
+  margin: 0;
+  padding: 0;
+  font-family: var(--font-body);
+  color: var(--text);
+  background: var(--bg);
+  line-height: 1.6;
+}
+
+a {
+  color: var(--accent);
+  text-decoration: none;
+  transition: color 0.15s;
+}
+
+a:hover {
+  text-decoration: underline;
+  text-underline-offset: 2px;
+}
+
+/* Header */
+.site-header {
+  display: flex;
+  align-items: center;
+  justify-content: space-between;
+  max-width: var(--content-width);
+  margin: 0 auto;
+  padding: 2rem var(--spacing);
+}
+
+.site-name {
+  font-weight: 600;
+  font-size: 1rem;
+  color: var(--text);
+  letter-spacing: -0.01em;
+}
+
+.site-name:hover {
+  text-decoration: none;
+  color: var(--accent);
+}
+
+.site-nav {
+  display: flex;
+  gap: 1.5rem;
+}
+
+.site-nav a {
+  color: var(--text-muted);
+  font-size: 0.9375rem;
+  font-weight: 450;
+}
+
+.site-nav a:hover {
+  color: var(--text);
+  text-decoration: none;
+}
+
+/* Main */
+main {
+  max-width: var(--content-width);
+  margin: 0 auto;
+  padding: 0 var(--spacing) 3rem;
+}
+
+/* Footer */
+.site-footer {
+  max-width: var(--content-width);
+  margin: 0 auto;
+  padding: 2.5rem var(--spacing);
+  text-align: center;
+  color: var(--text-muted);
+  font-size: 0.8125rem;
+  border-top: 1px solid var(--border);
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  gap: 0.75rem;
+}
+
+.powered-by {
+  color: var(--text-muted);
+  text-decoration: none;
+  font-size: 0.75rem;
+  opacity: 0.7;
+  transition: opacity 0.2s;
+}
+
+.powered-by:hover {
+  opacity: 1;
+}
+
+/* Profile */
+.profile {
+  text-align: center;
+  margin-bottom: 3rem;
+}
+
+.profile-avatar {
+  width: 72px;
+  height: 72px;
+  border-radius: 50%;
+  margin-bottom: 1rem;
+}
+
+.profile-name {
+  font-size: 1.125rem;
+  font-weight: 600;
+  margin-bottom: 0.25rem;
+  letter-spacing: -0.01em;
+}
+
+.profile-bio {
+  color: var(--text-muted);
+  max-width: 380px;
+  margin: 0 auto;
+  font-size: 0.9375rem;
+  line-height: 1.6;
+}
+
+/* Post List */
+.posts-list {
+  display: flex;
+  flex-direction: column;
+  gap: var(--content-spacing);
+}
+
+.post-card a {
+  display: block;
+  color: inherit;
+}
+
+.post-card a:hover {
+  text-decoration: none;
+}
+
+.post-card-date {
+  font-size: 0.8125rem;
+  color: var(--text-muted);
+  font-variant-numeric: tabular-nums;
+}
+
+.post-card-title {
+  margin: 0.375rem 0 0;
+  font-size: 1.1875rem;
+  font-weight: 600;
+  letter-spacing: -0.015em;
+  line-height: 1.35;
+}
+
+.post-card a:hover .post-card-title {
+  color: var(--accent);
+}
+
+.post-card-description {
+  margin: 0.5rem 0 0;
+  color: var(--text-muted);
+  font-size: 0.9375rem;
+  line-height: 1.55;
+}
+
+.no-posts {
+  color: var(--text-muted);
+  text-align: center;
+  padding: 3rem 0;
+}
+
+/* Pagination */
+.pagination {
+  display: flex;
+  justify-content: space-between;
+  margin-top: 3rem;
+  padding-top: 1.5rem;
+  border-top: 1px solid var(--border);
+  font-size: 0.9375rem;
+}
+
+/* Post Header */
+.post-header {
+  margin-bottom: 2.5rem;
+}
+
+.post-date {
+  font-size: 0.8125rem;
+  color: var(--text-muted);
+  font-variant-numeric: tabular-nums;
+}
+
+.post-title {
+  margin: 0.5rem 0 0;
+  font-size: 2.25rem;
+  font-weight: 700;
+  line-height: 1.2;
+  letter-spacing: -0.025em;
+}
+
+.post-description {
+  font-size: 1.125rem;
+  color: var(--text-muted);
+  margin: 0.75rem 0 0;
+  line-height: 1.5;
+}
+
+.post-tags {
+  display: flex;
+  flex-wrap: wrap;
+  gap: 0.5rem;
+  margin-top: 1.25rem;
+}
+
+.tag {
+  font-size: 0.8125rem;
+  color: var(--text-muted);
+  background: var(--bg-secondary);
+  padding: 0.25rem 0.625rem;
+  border-radius: 0.25rem;
+}
+
+.post-cover {
+  margin: 1.75rem 0 0;
+}
+
+.post-cover img {
+  width: 100%;
+  height: auto;
+  border-radius: 0.5rem;
+  aspect-ratio: 16 / 9;
+  object-fit: cover;
+}
+
+/* Prose */
+.prose {
+  line-height: var(--line-height);
+  font-size: 1.0625rem;
+}
+
+.prose > *:first-child {
+  margin-top: 0;
+}
+
+.prose h2 {
+  margin-top: var(--heading-spacing);
+  margin-bottom: var(--paragraph-spacing);
+  font-size: 1.5rem;
+  font-weight: 650;
+  letter-spacing: -0.02em;
+  line-height: 1.3;
+}
+
+.prose h3 {
+  margin-top: calc(var(--heading-spacing) * 0.8);
+  margin-bottom: calc(var(--paragraph-spacing) * 0.8);
+  font-size: 1.25rem;
+  font-weight: 600;
+  letter-spacing: -0.015em;
+  line-height: 1.35;
+}
+
+.prose h4 {
+  margin-top: calc(var(--heading-spacing) * 0.65);
+  margin-bottom: calc(var(--paragraph-spacing) * 0.65);
+  font-size: 1.0625rem;
+  font-weight: 600;
+  letter-spacing: -0.01em;
+}
+
+.prose p {
+  margin: var(--paragraph-spacing) 0;
+}
+
+.prose ul, .prose ol {
+  margin: var(--paragraph-spacing) 0;
+  padding-left: 1.375rem;
+}
+
+.prose li {
+  margin: calc(var(--paragraph-spacing) * 0.4) 0;
+  padding-left: 0.25rem;
+}
+
+.prose li::marker {
+  color: var(--text-muted);
+}
+
+.prose blockquote {
+  margin: var(--content-spacing) 0;
+  padding: 0 0 0 1.25rem;
+  border-left: 2px solid var(--border);
+  color: var(--text-muted);
+}
+
+.prose blockquote p {
+  margin: 0;
+}
+
+.prose pre {
+  margin: var(--content-spacing) 0;
+  padding: 1.125rem 1.25rem;
+  background: var(--bg-secondary);
+  border: 1px solid var(--border);
+  border-radius: 0.375rem;
+  overflow-x: auto;
+  font-family: var(--font-mono);
+  font-size: 0.875rem;
+  line-height: 1.6;
+}
+
+.prose code {
+  font-family: var(--font-mono);
+  font-size: 0.875em;
+  background: var(--bg-secondary);
+  padding: 0.175rem 0.375rem;
+  border-radius: 0.25rem;
+  font-variant-ligatures: none;
+}
+
+.prose pre code {
+  background: none;
+  padding: 0;
+  font-size: inherit;
+}
+
+.prose img {
+  max-width: 100%;
+  height: auto;
+  border-radius: 0.375rem;
+  margin: var(--content-spacing) 0;
+}
+
+.prose a {
+  text-decoration: underline;
+  text-underline-offset: 2px;
+  text-decoration-color: color-mix(in srgb, var(--accent) 40%, transparent);
+}
+
+.prose a:hover {
+  text-decoration-color: var(--accent);
+}
+
+.prose hr {
+  margin: var(--heading-spacing) 0;
+  border: none;
+  border-top: 1px solid var(--border);
+}
+
+.prose strong {
+  font-weight: 600;
+}
+
+.prose table {
+  width: 100%;
+  margin: var(--content-spacing) 0;
+  border-collapse: collapse;
+  font-size: 0.9375rem;
+}
+
+.prose th, .prose td {
+  padding: 0.625rem 0.75rem;
+  border: 1px solid var(--border);
+  text-align: left;
+}
+
+.prose th {
+  background: var(--bg-secondary);
+  font-weight: 600;
+}
+
+/* Reactions & Comments */
+.reactions, .comments {
+  margin-top: 3.5rem;
+  padding-top: 2rem;
+  border-top: 1px solid var(--border);
+}
+
+.comments-title {
+  margin: 0 0 1.25rem;
+  font-size: 1.125rem;
+  font-weight: 600;
+}
+
+.reaction-buttons {
+  display: flex;
+  gap: 0.5rem;
+  flex-wrap: wrap;
+}
+
+.reaction-btn {
+  display: flex;
+  align-items: center;
+  gap: 0.375rem;
+  padding: 0.5rem 0.875rem;
+  border: 1px solid var(--border);
+  border-radius: 2rem;
+  background: var(--bg);
+  cursor: pointer;
+  font-size: 1rem;
+  transition: all 0.15s;
+}
+
+.reaction-btn:hover {
+  background: var(--bg-secondary);
+  border-color: color-mix(in srgb, var(--accent) 50%, var(--border));
+}
+
+.reaction-btn.active {
+  background: var(--accent);
+  border-color: var(--accent);
+  color: white;
+}
+
+.reaction-btn .count {
+  font-size: 0.8125rem;
+  font-weight: 500;
+}
+
+/* Search */
+.search-trigger {
+  display: flex;
+  align-items: center;
+  gap: 0.5rem;
+  padding: 0.375rem 0.75rem;
+  border: 1px solid var(--border);
+  border-radius: 0.375rem;
+  background: var(--bg);
+  color: var(--text-muted);
+  cursor: pointer;
+  font-size: 0.875rem;
+  transition: border-color 0.15s;
+}
+
+.search-trigger:hover {
+  border-color: color-mix(in srgb, var(--accent) 50%, var(--border));
+}
+
+.search-trigger kbd {
+  padding: 0.125rem 0.375rem;
+  background: var(--bg-secondary);
+  border-radius: 0.25rem;
+  font-family: var(--font-mono);
+  font-size: 0.6875rem;
+}
+
+.search-modal {
+  display: none;
+  position: fixed;
+  inset: 0;
+  z-index: 100;
+}
+
+.search-modal.active {
+  display: block;
+}
+
+.search-modal-backdrop {
+  position: absolute;
+  inset: 0;
+  background: rgba(0, 0, 0, 0.4);
+  backdrop-filter: blur(2px);
+}
+
+.search-modal-content {
+  position: absolute;
+  top: 15%;
+  left: 50%;
+  transform: translateX(-50%);
+  width: 90%;
+  max-width: 520px;
+  background: var(--bg);
+  border-radius: 0.5rem;
+  box-shadow: 0 20px 40px -8px rgba(0, 0, 0, 0.2);
+  overflow: hidden;
+}
+
+#search-input {
+  width: 100%;
+  padding: 1rem 1.25rem;
+  border: none;
+  font-size: 1rem;
+  outline: none;
+  background: var(--bg);
+  color: var(--text);
+}
+
+#search-input::placeholder {
+  color: var(--text-muted);
+}
+
+.search-results {
+  max-height: 320px;
+  overflow-y: auto;
+  border-top: 1px solid var(--border);
+}
+
+.search-result {
+  border-bottom: 1px solid var(--border);
+}
+
+.search-result:last-child {
+  border-bottom: none;
+}
+
+.search-result a {
+  display: block;
+  padding: 0.875rem 1.25rem;
+  color: inherit;
+}
+
+.search-result a:hover {
+  text-decoration: none;
+}
+
+.search-result:hover, .search-result.focused {
+  background: var(--bg-secondary);
+}
+
+.search-result-title {
+  font-weight: 500;
+  font-size: 0.9375rem;
+}
+
+.search-result-snippet {
+  font-size: 0.8125rem;
+  color: var(--text-muted);
+  margin-top: 0.25rem;
+  line-height: 1.5;
+}
+
+.search-result mark {
+  background: color-mix(in srgb, var(--accent) 25%, transparent);
+  color: inherit;
+  border-radius: 0.125rem;
+  padding: 0 0.125rem;
+}
+
+.search-hint {
+  padding: 0.625rem 1.25rem;
+  font-size: 0.75rem;
+  color: var(--text-muted);
+  text-align: center;
+  border-top: 1px solid var(--border);
+}
+
+.search-hint kbd {
+  padding: 0.125rem 0.375rem;
+  background: var(--bg-secondary);
+  border-radius: 0.25rem;
+  font-family: var(--font-mono);
+}
+
+.search-no-results {
+  padding: 1.5rem 1.25rem;
+  text-align: center;
+  color: var(--text-muted);
+  font-size: 0.9375rem;
+}
+
+/* Comment Form */
+.comment-form textarea {
+  width: 100%;
+  padding: 0.875rem;
+  border: 1px solid var(--border);
+  border-radius: 0.375rem;
+  font-family: inherit;
+  font-size: 0.9375rem;
+  resize: vertical;
+  min-height: 100px;
+  background: var(--bg);
+  color: var(--text);
+  transition: border-color 0.15s;
+}
+
+.comment-form textarea:focus {
+  outline: none;
+  border-color: var(--accent);
+}
+
+.comment-form button {
+  margin-top: 0.75rem;
+  padding: 0.5rem 1rem;
+  background: var(--accent);
+  color: white;
+  border: none;
+  border-radius: 0.375rem;
+  cursor: pointer;
+  font-size: 0.875rem;
+  font-weight: 500;
+  transition: opacity 0.15s;
+}
+
+.comment-form button:hover {
+  opacity: 0.9;
+}
+
+/* Comments List */
+.comments-list {
+  margin-top: 1.5rem;
+}
+
+.comment {
+  padding: 1.25rem 0;
+  border-bottom: 1px solid var(--border);
+}
+
+.comment:first-child {
+  padding-top: 0;
+}
+
+.comment:last-child {
+  border-bottom: none;
+}
+
+.comment-header {
+  display: flex;
+  align-items: center;
+  gap: 0.625rem;
+  margin-bottom: 0.625rem;
+}
+
+.comment-avatar {
+  width: 28px;
+  height: 28px;
+  border-radius: 50%;
+}
+
+.comment-author {
+  font-weight: 500;
+  font-size: 0.9375rem;
+}
+
+.comment-date {
+  font-size: 0.8125rem;
+  color: var(--text-muted);
+}
+
+.comment-content {
+  font-size: 0.9375rem;
+  line-height: 1.6;
+}
+
+/* Auth Prompt */
+.auth-prompt {
+  padding: 1.25rem;
+  background: var(--bg-secondary);
+  border-radius: 0.375rem;
+  text-align: center;
+  font-size: 0.9375rem;
+  color: var(--text-muted);
+}
+
+.auth-prompt a {
+  font-weight: 500;
+}
+
+/* Mobile */
+@media (max-width: 640px) {
+  :root {
+    --spacing: 1.25rem;
+  }
+
+  .site-header {
+    padding: 1.5rem var(--spacing);
+  }
+
+  .post-title {
+    font-size: 1.75rem;
+  }
+
+  .prose {
+    font-size: 1rem;
+  }
+
+  .prose h2 {
+    font-size: 1.375rem;
+  }
+
+  .prose h3 {
+    font-size: 1.125rem;
+  }
+}
diff --git a/internal/build/assets/js/main.js b/internal/build/assets/js/main.js
new file mode 100644
index 0000000..3695c68
--- /dev/null
+++ b/internal/build/assets/js/main.js
@@ -0,0 +1,127 @@
+(function() {
+  'use strict';
+
+  // Live reload when studio saves settings
+  const channel = new BroadcastChannel('writekit-studio');
+  channel.onmessage = function(event) {
+    if (event.data.type === 'settings-changed') {
+      location.reload();
+    }
+  };
+
+  document.addEventListener('DOMContentLoaded', initSearch);
+
+  function initSearch() {
+    const trigger = document.getElementById('search-trigger');
+    const modal = document.getElementById('search-modal');
+    const backdrop = modal?.querySelector('.search-modal-backdrop');
+    const input = document.getElementById('search-input');
+    const results = document.getElementById('search-results');
+
+    if (!trigger || !modal || !input || !results) return;
+
+    let debounceTimer;
+
+    function open() {
+      modal.classList.add('active');
+      document.body.style.overflow = 'hidden';
+      input.value = '';
+      results.innerHTML = '';
+      setTimeout(() => input.focus(), 10);
+    }
+
+    function close() {
+      modal.classList.remove('active');
+      document.body.style.overflow = '';
+    }
+
+    trigger.addEventListener('click', open);
+    backdrop.addEventListener('click', close);
+
+    document.addEventListener('keydown', function(e) {
+      if (e.key === '/' && !modal.classList.contains('active') &&
+          !['INPUT', 'TEXTAREA'].includes(document.activeElement.tagName)) {
+        e.preventDefault();
+        open();
+      }
+      if (e.key === 'Escape' && modal.classList.contains('active')) {
+        close();
+      }
+    });
+
+    input.addEventListener('input', function() {
+      const query = this.value.trim();
+      clearTimeout(debounceTimer);
+
+      if (query.length < 2) {
+        results.innerHTML = '';
+        return;
+      }
+
+      debounceTimer = setTimeout(() => search(query), 150);
+    });
+
+    input.addEventListener('keydown', function(e) {
+      const items = results.querySelectorAll('.search-result');
+      const focused = results.querySelector('.search-result.focused');
+
+      if (e.key === 'ArrowDown') {
+        e.preventDefault();
+        if (!focused && items.length) {
+          items[0].classList.add('focused');
+        } else if (focused?.nextElementSibling) {
+          focused.classList.remove('focused');
+          focused.nextElementSibling.classList.add('focused');
+        }
+      } else if (e.key === 'ArrowUp') {
+        e.preventDefault();
+        if (focused?.previousElementSibling) {
+          focused.classList.remove('focused');
+          focused.previousElementSibling.classList.add('focused');
+        }
+      } else if (e.key === 'Enter' && focused) {
+        e.preventDefault();
+        const link = focused.querySelector('a');
+        if (link) window.location.href = link.href;
+      }
+    });
+
+    async function search(query) {
+      try {
+        const res = await fetch('/api/reader/search?q=' + encodeURIComponent(query));
+        const data = await res.json();
+
+        if (!data || data.length === 0) {
+          results.innerHTML = '<div class="search-no-results">No results found</div>';
+          return;
+        }
+
+        results.innerHTML = data.map(r => `
+          <div class="search-result">
+            <a href="${r.url}">
+              <div class="search-result-title">${highlight(r.title, query)}</div>
+              ${r.description ? `<div class="search-result-snippet">${highlight(r.description, query)}</div>` : ''}
+            </a>
+          </div>
+        `).join('');
+      } catch (e) {
+        results.innerHTML = '<div class="search-no-results">Search failed</div>';
+      }
+    }
+
+    function highlight(text, query) {
+      if (!text) return '';
+      const escaped = escapeHtml(text);
+      const tokens = query.split(/\s+/).filter(t => t.length > 0);
+      if (!tokens.length) return escaped;
+      const pattern = tokens.map(t => t.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')).join('|');
+      return escaped.replace(new RegExp(`(${pattern})`, 'gi'), '<mark>$1</mark>');
+    }
+
+    function escapeHtml(text) {
+      const div = document.createElement('div');
+      div.textContent = text;
+      return div.innerHTML;
+    }
+  }
+})();
diff --git a/internal/build/assets/js/post.js b/internal/build/assets/js/post.js
new file mode 100644
index 0000000..278358d
--- /dev/null
+++ b/internal/build/assets/js/post.js
@@ -0,0 +1,197 @@
+var WriteKit = (function() {
+  'use strict';
+
+  let config = {};
+  let user = null;
+
+  async function init(opts) {
+    config = opts;
+
+    try {
+      const res = await fetch('/api/reader/me');
+      const data = await res.json();
+      if (data.logged_in) {
+        user = data.user;
+      }
+    } catch (e) {}
+
+    if (config.reactions) initReactions();
+    if (config.comments) initComments();
+  }
+
+  async function initReactions() {
+    const container = document.querySelector('.reactions-container');
+    if (!container) return;
+
+    const res = await fetch(`/api/reader/posts/${config.slug}/reactions`);
+    const data = await res.json();
+
+    const counts = data.counts || {};
+    const userReactions = data.user || [];
+
+    if (config.reactionMode === 'upvote') {
+      const emoji = config.reactionEmojis[0] || '👍';
+      const count = counts[emoji] || 0;
+      const active = userReactions.includes(emoji);
+
+      container.innerHTML = `
+        <button class="reaction-btn ${active ? 'active' : ''}" data-emoji="${emoji}">
+          <span class="emoji">${emoji}</span>
+          <span class="count">${count}</span>
+        </button>
+      `;
+    } else {
+      container.innerHTML = config.reactionEmojis.map(emoji => {
+        const count = counts[emoji] || 0;
+        const active = userReactions.includes(emoji);
+        return `
+          <button class="reaction-btn ${active ? 'active' : ''}" data-emoji="${emoji}">
+            <span class="emoji">${emoji}</span>
+            <span class="count">${count}</span>
+          </button>
+        `;
+      }).join('');
+    }
+
+    container.querySelectorAll('.reaction-btn').forEach(btn => {
+      btn.addEventListener('click', () => toggleReaction(btn));
+    });
+  }
+
+  async function toggleReaction(btn) {
+    if (config.requireAuth && !user) {
+      showAuthPrompt('reactions');
+      return;
+    }
+
+    const emoji = btn.dataset.emoji;
+
+    try {
+      const res = await fetch(`/api/reader/posts/${config.slug}/reactions`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ emoji })
+      });
+
+      if (res.status === 401) {
+        showAuthPrompt('reactions');
+        return;
+      }
+
+      const data = await res.json();
+      const countEl = btn.querySelector('.count');
+      const current = parseInt(countEl.textContent) || 0;
+
+      if (data.added) {
+        btn.classList.add('active');
+        countEl.textContent = current + 1;
+      } else {
+        btn.classList.remove('active');
+        countEl.textContent = Math.max(0, current - 1);
+      }
+    } catch (e) {
+      console.error('Failed to toggle reaction', e);
+    }
+  }
+
+  async function initComments() {
+    const section = document.querySelector('.comments');
+    if (!section) return;
+
+    const list = section.querySelector('.comments-list');
+    const formContainer = section.querySelector('.comment-form-container');
+
+    const res = await fetch(`/api/reader/posts/${config.slug}/comments`);
+    const comments = await res.json();
+
+    if (comments && comments.length > 0) {
+      list.innerHTML = comments.map(renderComment).join('');
+    } else {
+      list.innerHTML = '<p class="no-comments">No comments yet. Be the first!</p>';
+    }
+
+    if (user) {
+      formContainer.innerHTML = `
+        <form class="comment-form">
+          <textarea placeholder="Write a comment..." rows="3" required></textarea>
+          <button type="submit">Post Comment</button>
+        </form>
+      `;
+      formContainer.querySelector('form').addEventListener('submit', submitComment);
+    } else {
+      formContainer.innerHTML = `
+        <div class="auth-prompt">
+          <a href="/api/reader/login/github?redirect=${encodeURIComponent(window.location.pathname)}">Sign in</a> to leave a comment
+        </div>
+      `;
+    }
+  }
+
+  function renderComment(comment) {
+    const date = new Date(comment.created_at).toLocaleDateString('en-US', {
+      year: 'numeric', month: 'short', day: 'numeric'
+    });
+
+    return `
+      <div class="comment" data-id="${comment.id}">
+        <div class="comment-header">
+          ${comment.avatar_url ? `<img src="${comment.avatar_url}" alt="" class="comment-avatar">` : ''}
+          <span class="comment-author">${escapeHtml(comment.name || 'Anonymous')}</span>
+          <span class="comment-date">${date}</span>
+        </div>
+        <div class="comment-content">${comment.content_html || escapeHtml(comment.content)}</div>
+      </div>
+    `;
+  }
+
+  async function submitComment(e) {
+    e.preventDefault();
+    const form = e.target;
+    const textarea = form.querySelector('textarea');
+    const content = textarea.value.trim();
+
+    if (!content) return;
+
+    const btn = form.querySelector('button');
+    btn.disabled = true;
+    btn.textContent = 'Posting...';
+
+    try {
+      const res = await fetch(`/api/reader/posts/${config.slug}/comments`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ content })
+      });
+
+      if (res.status === 401) {
+        showAuthPrompt('comments');
+        return;
+      }
+
+      const comment = await res.json();
+      const list = document.querySelector('.comments-list');
+      const noComments = list.querySelector('.no-comments');
+      if (noComments) noComments.remove();
+
+      list.insertAdjacentHTML('beforeend', renderComment(comment));
+      textarea.value = '';
+    } catch (e) {
+      console.error('Failed to post comment', e);
+    } finally {
+      btn.disabled = false;
+      btn.textContent = 'Post Comment';
+    }
+  }
+
+  function showAuthPrompt(feature) {
+    alert(`Please sign in to use ${feature}`);
+  }
+
+  function escapeHtml(text) {
+    const div = document.createElement('div');
+    div.textContent = text;
+    return div.innerHTML;
+  }
+
+  return { init };
+})();
diff --git a/internal/build/templates/base.html b/internal/build/templates/base.html
new file mode 100644
index 0000000..876a092
--- /dev/null
+++ b/internal/build/templates/base.html
@@ -0,0 +1,76 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>{{.Title}}</title>
+  <meta name="description" content="{{.Description}}">
+  <link rel="canonical" href="{{.CanonicalURL}}">
+
+  {{if .NoIndex}}<meta name="robots" content="noindex">{{end}}
+
+  <!-- Open Graph -->
+  <meta property="og:title" content="{{.Title}}">
+  <meta property="og:description" content="{{.Description}}">
+  <meta property="og:type" content="{{.OGType}}">
+  <meta property="og:url" content="{{.CanonicalURL}}">
+  {{if .OGImage}}<meta property="og:image" content="{{.OGImage}}">{{end}}
+  <meta property="og:site_name" content="{{.SiteName}}">
+
+  <!-- Twitter Card -->
+  <meta name="twitter:card" content="summary_large_image">
+  <meta name="twitter:title" content="{{.Title}}">
+  <meta name="twitter:description" content="{{.Description}}">
+  {{if .OGImage}}<meta name="twitter:image" content="{{.OGImage}}">{{end}}
+
+  <!-- Fonts -->
+  <link rel="preconnect" href="https://fonts.googleapis.com">
+  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+  {{if .FontURL}}<link rel="stylesheet" href="{{.FontURL}}">{{end}}
+
+  <link rel="stylesheet" href="/static/css/style.css">
+
+  <style>
+    :root {
+      --accent: {{with index .Settings "accent_color"}}{{.}}{{else}}#2563eb{{end}};
+      --font-body: {{or .FontFamily "system-ui, -apple-system, sans-serif"}};
+    }
+  </style>
+
+  {{if .StructuredData}}
+  <script type="application/ld+json">{{.StructuredData}}</script>
+  {{end}}
+</head>
+<body class="layout-{{with index .Settings "layout"}}{{.}}{{else}}default{{end}} compactness-{{with index .Settings "compactness"}}{{.}}{{else}}cozy{{end}}">
+  <header class="site-header">
+    <a href="/" class="site-name">{{.SiteName}}</a>
+    <nav class="site-nav">
+      <button type="button" id="search-trigger" class="search-trigger">
+        <span>Search</span>
+        <kbd>/</kbd>
+      </button>
+    </nav>
+  </header>
+
+  <main>
+    {{template "content" .}}
+  </main>
+
+  <footer class="site-footer">
+    <span>&copy; {{.Year}} {{.SiteName}}</span>
+    {{if .ShowBadge}}<a href="https://writekit.dev" class="powered-by" target="_blank" rel="noopener">Powered by WriteKit</a>{{end}}
+  </footer>
+
+  <div id="search-modal" class="search-modal">
+    <div class="search-modal-backdrop"></div>
+    <div class="search-modal-content">
+      <input type="text" id="search-input" placeholder="Search..." autocomplete="off">
+      <div id="search-results" class="search-results"></div>
+      <div class="search-hint">Press <kbd>ESC</kbd> to close</div>
+    </div>
+  </div>
+
+  <script src="/static/js/main.js"></script>
+  {{block "scripts" .}}{{end}}
+</body>
+</html>
diff --git a/internal/build/templates/blog.html b/internal/build/templates/blog.html
new file mode 100644
index 0000000..5ea0235
--- /dev/null
+++ b/internal/build/templates/blog.html
@@ -0,0 +1,34 @@
+{{define "content"}}
+<div class="blog">
+  <header class="blog-header">
+    <h1>Posts</h1>
+  </header>
+
+  <section class="posts-list">
+    {{range .Posts}}
+    <article class="post-card">
+      <a href="/posts/{{.Slug}}">
+        <h2 class="post-card-title">{{.Title}}</h2>
+        <time class="post-card-date" datetime="{{.Date.Format "2006-01-02"}}">{{.Date.Format "January 2, 2006"}}</time>
+        {{if .Description}}
+        <p class="post-card-description">{{.Description}}</p>
+        {{end}}
+      </a>
+    </article>
+    {{else}}
+    <p class="no-posts">No posts yet.</p>
+    {{end}}
+  </section>
+
+  {{if or .PrevPage .NextPage}}
+  <nav class="pagination">
+    {{if .PrevPage}}
+    <a href="{{.PrevPage}}" class="pagination-prev">&larr; Newer</a>
+    {{end}}
+    {{if .NextPage}}
+    <a href="{{.NextPage}}" class="pagination-next">Older &rarr;</a>
+    {{end}}
+  </nav>
+  {{end}}
+</div>
+{{end}}
diff --git a/internal/build/templates/home.html b/internal/build/templates/home.html
new file mode 100644
index 0000000..f03008b
--- /dev/null
+++ b/internal/build/templates/home.html
@@ -0,0 +1,34 @@
+{{define "content"}}
+<div class="home">
+  {{with index .Settings "author_bio"}}
+  <section class="profile">
+    {{with index $.Settings "author_avatar"}}
+    <img src="{{.}}" alt="{{$.SiteName}}" class="profile-avatar">
+    {{end}}
+    <p class="profile-bio">{{.}}</p>
+  </section>
+  {{end}}
+
+  <section class="posts-list">
+    {{range .Posts}}
+    <article class="post-card">
+      <a href="/posts/{{.Slug}}">
+        <h2 class="post-card-title">{{.Title}}</h2>
+        <time class="post-card-date" datetime="{{.Date.Format "2006-01-02"}}">{{.Date.Format "January 2, 2006"}}</time>
+        {{if .Description}}
+        <p class="post-card-description">{{.Description}}</p>
+        {{end}}
+      </a>
+    </article>
+    {{else}}
+    <p class="no-posts">No posts yet.</p>
+    {{end}}
+  </section>
+
+  {{if .HasMore}}
+  <nav class="pagination">
+    <a href="/posts" class="view-all">View all posts</a>
+  </nav>
+  {{end}}
+</div>
+{{end}}
diff --git a/internal/build/templates/post.html b/internal/build/templates/post.html
new file mode 100644
index 0000000..10f1791
--- /dev/null
+++ b/internal/build/templates/post.html
@@ -0,0 +1,57 @@
+{{define "content"}}
+<article class="post">
+  <header class="post-header">
+    <time class="post-date" datetime="{{.Post.Date.Format "2006-01-02"}}">{{.Post.Date.Format "January 2, 2006"}}</time>
+    <h1 class="post-title">{{.Post.Title}}</h1>
+    {{if .Post.Description}}
+    <p class="post-description">{{.Post.Description}}</p>
+    {{end}}
+    {{if .Post.Tags}}
+    <div class="post-tags">
+      {{range .Post.Tags}}
+      <a href="/tags/{{.}}" class="tag">#{{.}}</a>
+      {{end}}
+    </div>
+    {{end}}
+    {{if .Post.CoverImage}}
+    <figure class="post-cover">
+      <img src="{{.Post.CoverImage}}" alt="{{.Post.Title}}" loading="eager" />
+    </figure>
+    {{end}}
+  </header>
+
+  <div class="post-content prose">
+    {{.ContentHTML}}
+  </div>
+
+  {{if .InteractionConfig.ReactionsEnabled}}
+  <section id="reactions" class="reactions" data-slug="{{.Post.Slug}}">
+    <div class="reactions-container"></div>
+  </section>
+  {{end}}
+
+  {{if .InteractionConfig.CommentsEnabled}}
+  <section id="comments" class="comments" data-slug="{{.Post.Slug}}">
+    <h3 class="comments-title">Comments</h3>
+    <div class="comments-list"></div>
+    <div class="comment-form-container"></div>
+  </section>
+  {{end}}
+</article>
+{{end}}
+
+{{define "scripts"}}
+{{if or .InteractionConfig.ReactionsEnabled .InteractionConfig.CommentsEnabled}}
+<script src="/static/js/post.js"></script>
+<script>
+  WriteKit.init({
+    slug: "{{.Post.Slug}}",
+    reactions: {{.InteractionConfig.ReactionsEnabled}},
+    comments: {{.InteractionConfig.CommentsEnabled}},
+    reactionMode: "{{.InteractionConfig.ReactionMode}}",
+    reactionEmojis: "{{.InteractionConfig.ReactionEmojis}}".split(","),
+    requireAuth: {{.InteractionConfig.ReactionsRequireAuth}}
+  });
+</script>
+{{end}}
+{{end}}
diff --git a/internal/build/templates/templates.go b/internal/build/templates/templates.go
new file mode 100644
index 0000000..4e1183a
--- /dev/null
+++ b/internal/build/templates/templates.go
@@ -0,0 +1,139 @@
+package templates
+
+import (
+	"bytes"
+	"embed"
+	"encoding/json"
+	"html/template"
+	"time"
+)
+
+//go:embed *.html
+var templateFS embed.FS
+
+var funcMap = template.FuncMap{
+	"safeHTML": func(s string) template.HTML { return template.HTML(s) },
+	"json":     func(v any) string { b, _ := json.Marshal(v); return string(b) },
+	"or": func(a, b any) any {
+		if a != nil && a != "" {
+			return a
+		}
+		return b
+	},
+}
+
+var fontURLs = map[string]string{
+	"system":        "",
+	"inter":         "https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap",
+	"georgia":       "",
+	"merriweather":  "https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&display=swap",
+	"source-serif":  "https://fonts.googleapis.com/css2?family=Source+Serif+4:wght@400;600;700&display=swap",
+	"jetbrains-mono": "https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;500;700&display=swap",
+}
+
+var fontFamilies = map[string]string{
+	"system":        "system-ui, -apple-system, sans-serif",
+	"inter":         "'Inter', system-ui, sans-serif",
+	"georgia":       "Georgia, 'Times New Roman', serif",
+	"merriweather":  "'Merriweather', Georgia, serif",
+	"source-serif":  "'Source Serif 4', Georgia, serif",
+	"jetbrains-mono": "'JetBrains Mono', 'Fira Code', monospace",
+}
+
+func GetFontURL(fontKey string) string {
+	if url, ok := fontURLs[fontKey]; ok {
+		return url
+	}
+	return ""
+}
+
+func GetFontFamily(fontKey string) string {
+	if family, ok := fontFamilies[fontKey]; ok {
+		return family
+	}
+	return fontFamilies["system"]
+}
+
+var homeTemplate, blogTemplate, postTemplate *template.Template
+
+func init() {
+	homeTemplate = template.Must(template.New("").Funcs(funcMap).ParseFS(templateFS, "base.html", "home.html"))
+	blogTemplate = template.Must(template.New("").Funcs(funcMap).ParseFS(templateFS, "base.html", "blog.html"))
+	postTemplate = template.Must(template.New("").Funcs(funcMap).ParseFS(templateFS, "base.html", "post.html"))
+}
+
+type PageData struct {
+	Title          string
+	Description    string
+	CanonicalURL   string
+	OGType         string
+	OGImage        string
+	NoIndex        bool
+	SiteName       string
+	Year           int
+	FontURL        string
+	FontFamily     string
+	StructuredData template.JS
+	Settings       map[string]any
+	ShowBadge      bool
+}
+
+type HomeData struct {
+	PageData
+	Posts   []PostSummary
+	HasMore bool
+}
+
+type BlogData struct {
+	PageData
+	Posts    []PostSummary
+	PrevPage string
+	NextPage string
+}
+
+type PostData struct {
+	PageData
+	Post              PostDetail
+	ContentHTML       template.HTML
+	InteractionConfig map[string]any
+}
+
+type PostSummary struct {
+	Slug        string
+	Title       string
+	Description string
+	Date        time.Time
+}
+
+type PostDetail struct {
+	Slug        string
+	Title       string
+	Description string
+	CoverImage  string
+	Date        time.Time
+	Tags        []string
+}
+
+func RenderHome(data HomeData) ([]byte, error) {
+	var buf bytes.Buffer
+	if err := homeTemplate.ExecuteTemplate(&buf, "base.html", data); err != nil {
+		return nil, err
+	}
+	return buf.Bytes(), nil
+}
+
+func RenderBlog(data BlogData) ([]byte, error) {
+	var buf bytes.Buffer
+	if err := blogTemplate.ExecuteTemplate(&buf, "base.html", data); err != nil {
+		return nil, err
+	}
+	return buf.Bytes(), nil
+}
+
+func RenderPost(data PostData) ([]byte, error) {
+	var buf bytes.Buffer
+	if err := postTemplate.ExecuteTemplate(&buf, "base.html", data); err != nil {
+		return nil, err
+	}
+	return buf.Bytes(), nil
+}
diff --git a/internal/cloudflare/analytics.go b/internal/cloudflare/analytics.go
new file mode 100644
index 0000000..4255ab8
--- /dev/null
+++ b/internal/cloudflare/analytics.go
@@ -0,0 +1,451 @@
+package cloudflare
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+	"sync"
+	"time"
+)
+
+type Client struct {
+	apiToken string
+	zoneID   string
+	client   *http.Client
+	cache    *analyticsCache
+}
+
+type analyticsCache struct {
+	mu      sync.RWMutex
+	data    map[string]*cachedResult
+	ttl     time.Duration
+}
+
+type cachedResult struct {
+	result    *ZoneAnalytics
+	expiresAt time.Time
+}
+
+func NewClient() *Client {
+	return &Client{
+		apiToken: os.Getenv("CLOUDFLARE_API_TOKEN"),
+		zoneID:   os.Getenv("CLOUDFLARE_ZONE_ID"),
+		client:   &http.Client{Timeout: 30 * time.Second},
+		cache: &analyticsCache{
+			data: make(map[string]*cachedResult),
+			ttl:  5 * time.Minute,
+		},
+	}
+}
+
+func (c *Client) IsConfigured() bool {
+	return c.apiToken != "" && c.zoneID != ""
+}
+
+type ZoneAnalytics struct {
+	TotalRequests   int64           `json:"totalRequests"`
+	TotalPageViews  int64           `json:"totalPageViews"`
+	UniqueVisitors  int64           `json:"uniqueVisitors"`
+	TotalBandwidth  int64           `json:"totalBandwidth"`
+	Daily           []DailyStats    `json:"daily"`
+	Browsers        []NamedCount    `json:"browsers"`
+	OS              []NamedCount    `json:"os"`
+	Devices         []NamedCount    `json:"devices"`
+	Countries       []NamedCount    `json:"countries"`
+	Paths           []PathStats     `json:"paths"`
+}
+
+type DailyStats struct {
+	Date       string `json:"date"`
+	Requests   int64  `json:"requests"`
+	PageViews  int64  `json:"pageViews"`
+	Visitors   int64  `json:"visitors"`
+	Bandwidth  int64  `json:"bandwidth"`
+}
+
+type NamedCount struct {
+	Name  string `json:"name"`
+	Count int64  `json:"count"`
+}
+
+type PathStats struct {
+	Path     string `json:"path"`
+	Requests int64  `json:"requests"`
+}
+
+type graphqlRequest struct {
+	Query     string         `json:"query"`
+	Variables map[string]any `json:"variables,omitempty"`
+}
+
+type graphqlResponse struct {
+	Data   json.RawMessage `json:"data"`
+	Errors []struct {
+		Message string `json:"message"`
+	} `json:"errors,omitempty"`
+}
+
+func (c *Client) GetAnalytics(ctx context.Context, days int, hostname string) (*ZoneAnalytics, error) {
+	if !c.IsConfigured() {
+		return nil, fmt.Errorf("cloudflare not configured")
+	}
+
+	cacheKey := fmt.Sprintf("%s:%d:%s", c.zoneID, days, hostname)
+	if cached := c.cache.get(cacheKey); cached != nil {
+		return cached, nil
+	}
+
+	since := time.Now().AddDate(0, 0, -days).Format("2006-01-02")
+	until := time.Now().Format("2006-01-02")
+
+	result := &ZoneAnalytics{}
+
+	dailyData, err := c.fetchDailyStats(ctx, since, until, hostname)
+	if err != nil {
+		return nil, err
+	}
+	result.Daily = dailyData
+
+	for _, d := range dailyData {
+		result.TotalRequests += d.Requests
+		result.TotalPageViews += d.PageViews
+		result.UniqueVisitors += d.Visitors
+		result.TotalBandwidth += d.Bandwidth
+	}
+
+	browsers, _ := c.fetchGroupedStats(ctx, since, until, hostname, "clientRequestHTTPHost", "userAgentBrowser")
+	result.Browsers = browsers
+
+	osStats, _ := c.fetchGroupedStats(ctx, since, until, hostname, "clientRequestHTTPHost", "userAgentOS")
+	result.OS = osStats
+
+	devices, _ := c.fetchGroupedStats(ctx, since, until, hostname, "clientRequestHTTPHost", "deviceType")
+	result.Devices = devices
+
+	countries, _ := c.fetchGroupedStats(ctx, since, until, hostname, "clientRequestHTTPHost", "clientCountryName")
+	result.Countries = countries
+
+	paths, _ := c.fetchPathStats(ctx, since, until, hostname)
+	result.Paths = paths
+
+	c.cache.set(cacheKey, result)
+
+	return result, nil
+}
+
+func (c *Client) fetchDailyStats(ctx context.Context, since, until, hostname string) ([]DailyStats, error) {
+	query := `
+		query ($zoneTag: String!, $since: Date!, $until: Date!, $hostname: String!) {
+			viewer {
+				zones(filter: { zoneTag: $zoneTag }) {
+					httpRequests1dGroups(
+						filter: { date_geq: $since, date_leq: $until, clientRequestHTTPHost: $hostname }
+						orderBy: [date_ASC]
+						limit: 100
+					) {
+						dimensions {
+							date
+						}
+						sum {
+							requests
+							pageViews
+							bytes
+						}
+						uniq {
+							uniques
+						}
+					}
+				}
+			}
+		}
+	`
+
+	vars := map[string]any{
+		"zoneTag":  c.zoneID,
+		"since":    since,
+		"until":    until,
+		"hostname": hostname,
+	}
+
+	resp, err := c.doQuery(ctx, query, vars)
+	if err != nil {
+		return nil, err
+	}
+
+	var data struct {
+		Viewer struct {
+			Zones []struct {
+				HttpRequests1dGroups []struct {
+					Dimensions struct {
+						Date string `json:"date"`
+					} `json:"dimensions"`
+					Sum struct {
+						Requests  int64 `json:"requests"`
+						PageViews int64 `json:"pageViews"`
+						Bytes     int64 `json:"bytes"`
+					} `json:"sum"`
+					Uniq struct {
+						Uniques int64 `json:"uniques"`
+					} `json:"uniq"`
+				} `json:"httpRequests1dGroups"`
+			} `json:"zones"`
+		} `json:"viewer"`
+	}
+
+	if err := json.Unmarshal(resp, &data); err != nil {
+		return nil, fmt.Errorf("parse response: %w", err)
+	}
+
+	var results []DailyStats
+	if len(data.Viewer.Zones) > 0 {
+		for _, g := range data.Viewer.Zones[0].HttpRequests1dGroups {
+			results = append(results, DailyStats{
+				Date:      g.Dimensions.Date,
+				Requests:  g.Sum.Requests,
+				PageViews: g.Sum.PageViews,
+				Visitors:  g.Uniq.Uniques,
+				Bandwidth: g.Sum.Bytes,
+			})
+		}
+	}
+
+	return results, nil
+}
+
+func (c *Client) fetchGroupedStats(ctx context.Context, since, until, hostname, hostField, groupBy string) ([]NamedCount, error) {
+	query := fmt.Sprintf(`
+		query ($zoneTag: String!, $since: Date!, $until: Date!, $hostname: String!) {
+			viewer {
+				zones(filter: { zoneTag: $zoneTag }) {
+					httpRequests1dGroups(
+						filter: { date_geq: $since, date_leq: $until, %s: $hostname }
+						orderBy: [sum_requests_DESC]
+						limit: 10
+					) {
+						dimensions {
+							%s
+						}
+						sum {
+							requests
+						}
+					}
+				}
+			}
+		}
+	`, hostField, groupBy)
+
+	vars := map[string]any{
+		"zoneTag":  c.zoneID,
+		"since":    since,
+		"until":    until,
+		"hostname": hostname,
+	}
+
+	resp, err := c.doQuery(ctx, query, vars)
+	if err != nil {
+		return nil, err
+	}
+
+	var data struct {
+		Viewer struct {
+			Zones []struct {
+				HttpRequests1dGroups []struct {
+					Dimensions map[string]string `json:"dimensions"`
+					Sum        struct {
+						Requests int64 `json:"requests"`
+					} `json:"sum"`
+				} `json:"httpRequests1dGroups"`
+			} `json:"zones"`
+		} `json:"viewer"`
+	}
+
+	if err := json.Unmarshal(resp, &data); err != nil {
+		return nil, fmt.Errorf("parse response: %w", err)
+	}
+
+	var results []NamedCount
+	if len(data.Viewer.Zones) > 0 {
+		for _, g := range data.Viewer.Zones[0].HttpRequests1dGroups {
+			name := g.Dimensions[groupBy]
+			if name == "" {
+				name = "Unknown"
+			}
+			results = append(results, NamedCount{
+				Name:  name,
+				Count: g.Sum.Requests,
+			})
+		}
+	}
+
+	return results, nil
+}
+
+func (c *Client) fetchPathStats(ctx context.Context, since, until, hostname string) ([]PathStats, error) {
+	query := `
+		query ($zoneTag: String!, $since: Date!, $until: Date!, $hostname: String!) {
+			viewer {
+				zones(filter: { zoneTag: $zoneTag }) {
+					httpRequests1dGroups(
+						filter: { date_geq: $since, date_leq: $until, clientRequestHTTPHost: $hostname }
+						orderBy: [sum_requests_DESC]
+						limit: 20
+					) {
+						dimensions {
+							clientRequestPath
+						}
+						sum {
+							requests
+						}
+					}
+				}
+			}
+		}
+	`
+
+	vars := map[string]any{
+		"zoneTag":  c.zoneID,
+		"since":    since,
+		"until":    until,
+		"hostname": hostname,
+	}
+
+	resp, err := c.doQuery(ctx, query, vars)
+	if err != nil {
+		return nil, err
+	}
+
+	var data struct {
+		Viewer struct {
+			Zones []struct {
+				HttpRequests1dGroups []struct {
+					Dimensions struct {
+						Path string `json:"clientRequestPath"`
+					} `json:"dimensions"`
+					Sum struct {
+						Requests int64 `json:"requests"`
+					} `json:"sum"`
+				} `json:"httpRequests1dGroups"`
+			} `json:"zones"`
+		} `json:"viewer"`
+	}
+
+	if err := json.Unmarshal(resp, &data); err != nil {
+		return nil, fmt.Errorf("parse response: %w", err)
+	}
+
+	var results []PathStats
+	if len(data.Viewer.Zones) > 0 {
+		for _, g := range data.Viewer.Zones[0].HttpRequests1dGroups {
+			results = append(results, PathStats{
+				Path:     g.Dimensions.Path,
+				Requests: g.Sum.Requests,
+			})
+		}
+	}
+
+	return results, nil
+}
+
+func (c *Client) doQuery(ctx context.Context, query string, vars map[string]any) (json.RawMessage, error) {
+	reqBody := graphqlRequest{
+		Query:     query,
+		Variables: vars,
+	}
+
+	body, err := json.Marshal(reqBody)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequestWithContext(ctx, "POST", "https://api.cloudflare.com/client/v4/graphql", bytes.NewReader(body))
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("Authorization", "Bearer "+c.apiToken)
+
+	resp, err := c.client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	respBody, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("cloudflare API error: %s", string(respBody))
+	}
+
+	var gqlResp graphqlResponse
+	if err := json.Unmarshal(respBody, &gqlResp); err != nil {
+		return nil, err
+	}
+
+	if len(gqlResp.Errors) > 0 {
+		return nil, fmt.Errorf("graphql error: %s", gqlResp.Errors[0].Message)
+	}
+
+	return gqlResp.Data, nil
+}
+
+func (c *analyticsCache) get(key string) *ZoneAnalytics {
+	c.mu.RLock()
+	defer c.mu.RUnlock()
+
+	if cached, ok := c.data[key]; ok && time.Now().Before(cached.expiresAt) {
+		return cached.result
+	}
+	return nil
+}
+
+func (c *analyticsCache) set(key string, result *ZoneAnalytics) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	c.data[key] = &cachedResult{
+		result:    result,
+		expiresAt: time.Now().Add(c.ttl),
+	}
+}
+
+func (c *Client) PurgeURLs(ctx context.Context, urls []string) error {
+	if !c.IsConfigured() || len(urls) == 0 {
+		return nil
+	}
+
+	body, err := json.Marshal(map[string][]string{"files": urls})
+	if err != nil {
+		return err
+	}
+
+	req, err := http.NewRequestWithContext(ctx, "POST",
+		fmt.Sprintf("https://api.cloudflare.com/client/v4/zones/%s/purge_cache", c.zoneID),
+		bytes.NewReader(body))
+	if err != nil {
+		return err
+	}
+
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("Authorization", "Bearer "+c.apiToken)
+
+	resp, err := c.client.Do(req)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		respBody, _ := io.ReadAll(resp.Body)
+		return fmt.Errorf("cloudflare purge failed: %s", string(respBody))
+	}
+
+	return nil
+}
diff --git a/internal/config/tiers.go b/internal/config/tiers.go
new file mode 100644
index 0000000..cb96efa
--- /dev/null
+++ b/internal/config/tiers.go
@@ -0,0 +1,100 @@
+package config
+
+type Tier string
+
+const (
+	TierFree Tier = "free"
+	TierPro  Tier = "pro"
+)
+
+type TierConfig struct {
+	Name               string `json:"name"`
+	Description        string `json:"description"`
+	MonthlyPrice       int    `json:"monthly_price"`
+	AnnualPrice        int    `json:"annual_price"`
+	CustomDomain       bool   `json:"custom_domain"`
+	BadgeRequired      bool   `json:"badge_required"`
+	AnalyticsRetention int    `json:"analytics_retention"`
+	APIRateLimit       int    `json:"api_rate_limit"`
+	MaxWebhooks        int    `json:"max_webhooks"`
+	WebhookDeliveries  int    `json:"webhook_deliveries"`
+	MaxPlugins         int    `json:"max_plugins"`
+	PluginExecutions   int    `json:"plugin_executions"`
+}
+
+var Tiers = map[Tier]TierConfig{
+	TierFree: {
+		Name:               "Free",
+		Description:        "For getting started",
+		MonthlyPrice:       0,
+		AnnualPrice:        0,
+		CustomDomain:       false,
+		BadgeRequired:      true,
+		AnalyticsRetention: 7,
+		APIRateLimit:       100,
+		MaxWebhooks:        3,
+		WebhookDeliveries:  100,
+		MaxPlugins:         3,
+		PluginExecutions:   1000,
+	},
+	TierPro: {
+		Name:               "Pro",
+		Description:        "For serious bloggers",
+		MonthlyPrice:       500,
+		AnnualPrice:        4900,
+		CustomDomain:       true,
+		BadgeRequired:      false,
+		AnalyticsRetention: 90,
+		APIRateLimit:       1000,
+		MaxWebhooks:        10,
+		WebhookDeliveries:  1000,
+		MaxPlugins:         10,
+		PluginExecutions:   10000,
+	},
+}
+
+func GetTier(premium bool) Tier {
+	if premium {
+		return TierPro
+	}
+	return TierFree
+}
+
+func GetConfig(tier Tier) TierConfig {
+	if cfg, ok := Tiers[tier]; ok {
+		return cfg
+	}
+	return Tiers[TierFree]
+}
+
+type TierInfo struct {
+	Tier   Tier       `json:"tier"`
+	Config TierConfig `json:"config"`
+}
+
+func GetTierInfo(premium bool) TierInfo {
+	tier := GetTier(premium)
+	return TierInfo{
+		Tier:   tier,
+		Config: GetConfig(tier),
+	}
+}
+
+type Usage struct {
+	Webhooks int `json:"webhooks"`
+	Plugins  int `json:"plugins"`
+}
+
+type AllTiersResponse struct {
+	CurrentTier Tier                `json:"current_tier"`
+	Tiers       map[Tier]TierConfig `json:"tiers"`
+	Usage       Usage               `json:"usage"`
+}
+
+func GetAllTiers(premium bool, usage Usage) AllTiersResponse {
+	return AllTiersResponse{
+		CurrentTier: GetTier(premium),
+		Tiers:       Tiers,
+		Usage:       usage,
+	}
+}
diff --git a/internal/db/db.go b/internal/db/db.go
new file mode 100644
index 0000000..83809aa
--- /dev/null
+++ b/internal/db/db.go
@@ -0,0 +1,81 @@
+package db
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"path/filepath"
+	"sort"
+
+	"github.com/jackc/pgx/v5/pgxpool"
+)
+
+const defaultDSN = "postgres://writekit:writekit@localhost:5432/writekit?sslmode=disable"
+
+type DB struct {
+	pool *pgxpool.Pool
+}
+
+func Connect(migrationsDir string) (*DB, error) {
+	dsn := os.Getenv("DATABASE_URL")
+	if dsn == "" {
+		dsn = defaultDSN
+	}
+
+	pool, err := pgxpool.New(context.Background(), dsn)
+	if err != nil {
+		return nil, fmt.Errorf("connect: %w", err)
+	}
+
+	if err := pool.Ping(context.Background()); err != nil {
+		pool.Close()
+		return nil, fmt.Errorf("ping: %w", err)
+	}
+
+	db := &DB{pool: pool}
+
+	if err := db.RunMigrations(migrationsDir); err != nil {
+		pool.Close()
+		return nil, fmt.Errorf("migrations: %w", err)
+	}
+
+	return db, nil
+}
+
+func (db *DB) RunMigrations(dir string) error {
+	entries, err := os.ReadDir(dir)
+	if err != nil {
+		return fmt.Errorf("read migrations dir: %w", err)
+	}
+
+	var files []string
+	for _, entry := range entries {
+		if entry.IsDir() || filepath.Ext(entry.Name()) != ".sql" {
+			continue
+		}
+		files = append(files, entry.Name())
+	}
+	sort.Strings(files)
+
+	for _, name := range files {
+		content, err := os.ReadFile(filepath.Join(dir, name))
+		if err != nil {
+			return fmt.Errorf("read %s: %w", name, err)
+		}
+
+		if _, err := db.pool.Exec(context.Background(), string(content)); err != nil {
+			return fmt.Errorf("run %s: %w", name, err)
+		}
+	}
+
+	return nil
+}
+
+func (db *DB) Close() {
+	db.pool.Close()
+}
+
+func (db *DB) Pool() *pgxpool.Pool {
+	return db.pool
+}
+
diff --git a/internal/db/demos.go b/internal/db/demos.go
new file mode 100644
index 0000000..7ecbdf0
--- /dev/null
+++ b/internal/db/demos.go
@@ -0,0 +1,109 @@
+package db
+
+import (
+	"context"
+	"crypto/rand"
+	"encoding/hex"
+	"os"
+	"strconv"
+	"time"
+
+	"github.com/jackc/pgx/v5"
+)
+
+func getDemoDuration() time.Duration {
+	if mins := os.Getenv("DEMO_DURATION_MINUTES"); mins != "" {
+		if m, err := strconv.Atoi(mins); err == nil && m > 0 {
+			return time.Duration(m) * time.Minute
+		}
+	}
+	if os.Getenv("ENV") != "prod" {
+		return 100 * 365 * 24 * time.Hour // infinite in local/dev
+	}
+	return 15 * time.Minute
+}
+
+func (db *DB) GetDemoBySubdomain(ctx context.Context, subdomain string) (*Demo, error) {
+	var d Demo
+	err := db.pool.QueryRow(ctx,
+		`SELECT id, subdomain, expires_at FROM demos WHERE subdomain = $1 AND expires_at > NOW()`,
+		subdomain).Scan(&d.ID, &d.Subdomain, &d.ExpiresAt)
+	if err == pgx.ErrNoRows {
+		return nil, nil
+	}
+	return &d, err
+}
+
+func (db *DB) GetDemoByID(ctx context.Context, id string) (*Demo, error) {
+	var d Demo
+	err := db.pool.QueryRow(ctx,
+		`SELECT id, subdomain, expires_at FROM demos WHERE id = $1 AND expires_at > NOW()`,
+		id).Scan(&d.ID, &d.Subdomain, &d.ExpiresAt)
+	if err == pgx.ErrNoRows {
+		return nil, nil
+	}
+	return &d, err
+}
+
+func (db *DB) CreateDemo(ctx context.Context) (*Demo, error) {
+	subdomain := "demo-" + randomHex(4)
+	expiresAt := time.Now().Add(getDemoDuration())
+
+	var d Demo
+	err := db.pool.QueryRow(ctx,
+		`INSERT INTO demos (subdomain, expires_at) VALUES ($1, $2) RETURNING id, subdomain, expires_at`,
+		subdomain, expiresAt).Scan(&d.ID, &d.Subdomain, &d.ExpiresAt)
+	if err != nil {
+		return nil, err
+	}
+	return &d, nil
+}
+
+type ExpiredDemo struct {
+	ID        string
+	Subdomain string
+}
+
+func (db *DB) CleanupExpiredDemos(ctx context.Context) ([]ExpiredDemo, error) {
+	rows, err := db.pool.Query(ctx,
+		`DELETE FROM demos WHERE expires_at < NOW() RETURNING id, subdomain`)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var demos []ExpiredDemo
+	for rows.Next() {
+		var d ExpiredDemo
+		if err := rows.Scan(&d.ID, &d.Subdomain); err != nil {
+			return nil, err
+		}
+		demos = append(demos, d)
+	}
+	return demos, rows.Err()
+}
+
+func (db *DB) ListActiveDemos(ctx context.Context) ([]Demo, error) {
+	rows, err := db.pool.Query(ctx,
+		`SELECT id, subdomain, expires_at FROM demos WHERE expires_at > NOW()`)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var demos []Demo
+	for rows.Next() {
+		var d Demo
+		if err := rows.Scan(&d.ID, &d.Subdomain, &d.ExpiresAt); err != nil {
+			return nil, err
+		}
+		demos = append(demos, d)
+	}
+	return demos, rows.Err()
+}
+
+func randomHex(n int) string {
+	b := make([]byte, n)
+	rand.Read(b)
+	return hex.EncodeToString(b)
+}
diff --git a/internal/db/migrations/001_initial.sql b/internal/db/migrations/001_initial.sql
new file mode 100644
index 0000000..94f3bc3
--- /dev/null
+++ b/internal/db/migrations/001_initial.sql
@@ -0,0 +1,185 @@
+-- Users (provider-agnostic)
+CREATE TABLE IF NOT EXISTS users (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    email VARCHAR(255) UNIQUE NOT NULL,
+    name VARCHAR(255),
+    avatar_url TEXT,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
+);
+
+-- OAuth identities
+CREATE TABLE IF NOT EXISTS user_identities (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+    provider VARCHAR(50) NOT NULL,
+    provider_id VARCHAR(255) NOT NULL,
+    provider_email VARCHAR(255),
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    UNIQUE(provider, provider_id)
+);
+
+-- Sessions
+CREATE TABLE IF NOT EXISTS sessions (
+    token VARCHAR(64) PRIMARY KEY,
+    user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+    expires_at TIMESTAMP WITH TIME ZONE NOT NULL
+);
+
+-- Tenants (blog instances)
+CREATE TABLE IF NOT EXISTS tenants (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    owner_id UUID REFERENCES users(id) ON DELETE SET NULL,
+    subdomain VARCHAR(63) UNIQUE NOT NULL,
+    custom_domain VARCHAR(255),
+    premium BOOLEAN DEFAULT FALSE,
+    members_enabled BOOLEAN DEFAULT FALSE,
+    donations_enabled BOOLEAN DEFAULT FALSE,
+    auth_google_enabled BOOLEAN DEFAULT TRUE,
+    auth_github_enabled BOOLEAN DEFAULT TRUE,
+    auth_discord_enabled BOOLEAN DEFAULT TRUE,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
+);
+
+-- Demos (temporary blogs)
+CREATE TABLE IF NOT EXISTS demos (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    subdomain VARCHAR(63) UNIQUE NOT NULL,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    expires_at TIMESTAMP WITH TIME ZONE NOT NULL
+);
+
+-- Reserved subdomains
+CREATE TABLE IF NOT EXISTS reserved_subdomains (
+    subdomain VARCHAR(63) PRIMARY KEY,
+    reason VARCHAR(255)
+);
+
+-- Membership tiers
+CREATE TABLE IF NOT EXISTS membership_tiers (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    name VARCHAR(100) NOT NULL,
+    price_cents INTEGER NOT NULL,
+    description TEXT,
+    benefits TEXT[],
+    lemon_variant_id VARCHAR(64),
+    active BOOLEAN DEFAULT TRUE,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
+);
+
+-- Subscriptions
+CREATE TABLE IF NOT EXISTS subscriptions (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    user_id UUID REFERENCES users(id) ON DELETE SET NULL,
+    tier_id UUID REFERENCES membership_tiers(id) ON DELETE SET NULL,
+    tier_name VARCHAR(100) NOT NULL,
+    status VARCHAR(20) NOT NULL,
+    lemon_subscription_id VARCHAR(64) UNIQUE,
+    lemon_customer_id VARCHAR(64),
+    amount_cents INTEGER NOT NULL,
+    current_period_start TIMESTAMP WITH TIME ZONE,
+    current_period_end TIMESTAMP WITH TIME ZONE,
+    cancelled_at TIMESTAMP WITH TIME ZONE,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
+);
+
+-- Donations
+CREATE TABLE IF NOT EXISTS donations (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    user_id UUID REFERENCES users(id) ON DELETE SET NULL,
+    donor_email VARCHAR(255),
+    donor_name VARCHAR(255),
+    amount_cents INTEGER NOT NULL,
+    lemon_order_id VARCHAR(64) UNIQUE,
+    message TEXT,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
+);
+
+-- Earnings ledger
+CREATE TABLE IF NOT EXISTS earnings (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    source_type VARCHAR(20) NOT NULL,
+    source_id UUID NOT NULL,
+    description TEXT,
+    gross_cents INTEGER NOT NULL,
+    platform_fee_cents INTEGER NOT NULL,
+    processor_fee_cents INTEGER NOT NULL,
+    net_cents INTEGER NOT NULL,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
+);
+
+-- Balances
+CREATE TABLE IF NOT EXISTS balances (
+    tenant_id UUID PRIMARY KEY REFERENCES tenants(id) ON DELETE CASCADE,
+    available_cents INTEGER DEFAULT 0,
+    lifetime_earnings_cents INTEGER DEFAULT 0,
+    lifetime_paid_cents INTEGER DEFAULT 0,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
+);
+
+-- Payouts
+CREATE TABLE IF NOT EXISTS payouts (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    amount_cents INTEGER NOT NULL,
+    currency VARCHAR(3) DEFAULT 'USD',
+    wise_transfer_id VARCHAR(64),
+    wise_quote_id VARCHAR(64),
+    status VARCHAR(20) NOT NULL,
+    failure_reason TEXT,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    completed_at TIMESTAMP WITH TIME ZONE
+);
+
+-- Payout settings
+CREATE TABLE IF NOT EXISTS payout_settings (
+    tenant_id UUID PRIMARY KEY REFERENCES tenants(id) ON DELETE CASCADE,
+    wise_recipient_id VARCHAR(64),
+    account_holder_name VARCHAR(255),
+    currency VARCHAR(3) DEFAULT 'USD',
+    payout_email VARCHAR(255),
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
+);
+
+-- Indexes
+CREATE INDEX IF NOT EXISTS idx_identities_lookup ON user_identities(provider, provider_id);
+CREATE INDEX IF NOT EXISTS idx_identities_user ON user_identities(user_id);
+CREATE INDEX IF NOT EXISTS idx_sessions_expires ON sessions(expires_at);
+CREATE INDEX IF NOT EXISTS idx_sessions_user ON sessions(user_id);
+CREATE INDEX IF NOT EXISTS idx_tenants_owner ON tenants(owner_id);
+CREATE INDEX IF NOT EXISTS idx_tenants_subdomain ON tenants(subdomain);
+CREATE INDEX IF NOT EXISTS idx_demos_expires ON demos(expires_at);
+CREATE INDEX IF NOT EXISTS idx_demos_subdomain ON demos(subdomain);
+CREATE INDEX IF NOT EXISTS idx_tiers_tenant ON membership_tiers(tenant_id) WHERE active = TRUE;
+CREATE INDEX IF NOT EXISTS idx_subscriptions_tenant ON subscriptions(tenant_id);
+CREATE INDEX IF NOT EXISTS idx_subscriptions_user ON subscriptions(user_id);
+CREATE INDEX IF NOT EXISTS idx_subscriptions_lemon ON subscriptions(lemon_subscription_id);
+CREATE INDEX IF NOT EXISTS idx_donations_tenant ON donations(tenant_id);
+CREATE INDEX IF NOT EXISTS idx_earnings_tenant ON earnings(tenant_id);
+CREATE INDEX IF NOT EXISTS idx_payouts_tenant ON payouts(tenant_id);
+
+-- Reserved subdomains
+INSERT INTO reserved_subdomains (subdomain, reason) VALUES
+    ('www', 'system'),
+    ('api', 'system'),
+    ('app', 'system'),
+    ('admin', 'system'),
+    ('staging', 'system'),
+    ('demo', 'system'),
+    ('test', 'system'),
+    ('mail', 'system'),
+    ('smtp', 'system'),
+    ('ftp', 'system'),
+    ('ssh', 'system'),
+    ('traefik', 'system'),
+    ('ops', 'system'),
+    ('source', 'system'),
+    ('ci', 'system')
+ON CONFLICT (subdomain) DO NOTHING;
diff --git a/internal/db/models.go b/internal/db/models.go
new file mode 100644
index 0000000..2dc522b
--- /dev/null
+++ b/internal/db/models.go
@@ -0,0 +1,34 @@
+package db
+
+import "time"
+
+type User struct {
+	ID        string
+	Email     string
+	Name      string
+	AvatarURL string
+	CreatedAt time.Time
+}
+
+type Tenant struct {
+	ID               string
+	OwnerID          string
+	Subdomain        string
+	CustomDomain     string
+	Premium          bool
+	MembersEnabled   bool
+	DonationsEnabled bool
+	CreatedAt        time.Time
+}
+
+type Session struct {
+	Token     string
+	UserID    string
+	ExpiresAt time.Time
+}
+
+type Demo struct {
+	ID        string
+	Subdomain string
+	ExpiresAt time.Time
+}
diff --git a/internal/db/sessions.go b/internal/db/sessions.go
new file mode 100644
index 0000000..92e6987
--- /dev/null
+++ b/internal/db/sessions.go
@@ -0,0 +1,45 @@
+package db
+
+import (
+	"context"
+	"crypto/rand"
+	"encoding/hex"
+	"time"
+
+	"github.com/jackc/pgx/v5"
+)
+
+func (db *DB) CreateSession(ctx context.Context, userID string) (*Session, error) {
+	token := make([]byte, 32)
+	if _, err := rand.Read(token); err != nil {
+		return nil, err
+	}
+
+	s := &Session{
+		Token:     hex.EncodeToString(token),
+		UserID:    userID,
+		ExpiresAt: time.Now().Add(30 * 24 * time.Hour),
+	}
+
+	_, err := db.pool.Exec(ctx,
+		`INSERT INTO sessions (token, user_id, expires_at) VALUES ($1, $2, $3)`,
+		s.Token, s.UserID, s.ExpiresAt)
+	return s, err
+}
+
+func (db *DB) ValidateSession(ctx context.Context, token string) (*Session, error) {
+	var s Session
+	err := db.pool.QueryRow(ctx,
+		`SELECT token, user_id, expires_at FROM sessions
+		 WHERE token = $1 AND expires_at > NOW()`,
+		token).Scan(&s.Token, &s.UserID, &s.ExpiresAt)
+	if err == pgx.ErrNoRows {
+		return nil, nil
+	}
+	return &s, err
+}
+
+func (db *DB) DeleteSession(ctx context.Context, token string) error {
+	_, err := db.pool.Exec(ctx, `DELETE FROM sessions WHERE token = $1`, token)
+	return err
+}
diff --git a/internal/db/tenants.go b/internal/db/tenants.go
new file mode 100644
index 0000000..6215975
--- /dev/null
+++ b/internal/db/tenants.go
@@ -0,0 +1,147 @@
+package db
+
+import (
+	"context"
+
+	"github.com/jackc/pgx/v5"
+)
+
+func (db *DB) GetTenantBySubdomain(ctx context.Context, subdomain string) (*Tenant, error) {
+	var t Tenant
+	var ownerID, customDomain *string
+	err := db.pool.QueryRow(ctx,
+		`SELECT id, owner_id, subdomain, custom_domain, premium, members_enabled, donations_enabled, created_at
+		 FROM tenants WHERE subdomain = $1`,
+		subdomain).Scan(&t.ID, &ownerID, &t.Subdomain, &customDomain, &t.Premium,
+		&t.MembersEnabled, &t.DonationsEnabled, &t.CreatedAt)
+	if err == pgx.ErrNoRows {
+		return nil, nil
+	}
+	if ownerID != nil {
+		t.OwnerID = *ownerID
+	}
+	if customDomain != nil {
+		t.CustomDomain = *customDomain
+	}
+	return &t, err
+}
+
+func (db *DB) GetTenantByOwner(ctx context.Context, ownerID string) (*Tenant, error) {
+	var t Tenant
+	var owner, customDomain *string
+	err := db.pool.QueryRow(ctx,
+		`SELECT id, owner_id, subdomain, custom_domain, premium, members_enabled, donations_enabled, created_at
+		 FROM tenants WHERE owner_id = $1`,
+		ownerID).Scan(&t.ID, &owner, &t.Subdomain, &customDomain, &t.Premium,
+		&t.MembersEnabled, &t.DonationsEnabled, &t.CreatedAt)
+	if err == pgx.ErrNoRows {
+		return nil, nil
+	}
+	if owner != nil {
+		t.OwnerID = *owner
+	}
+	if customDomain != nil {
+		t.CustomDomain = *customDomain
+	}
+	return &t, err
+}
+
+func (db *DB) CreateTenant(ctx context.Context, ownerID, subdomain string) (*Tenant, error) {
+	var t Tenant
+	err := db.pool.QueryRow(ctx,
+		`INSERT INTO tenants (owner_id, subdomain)
+		 VALUES ($1, $2)
+		 RETURNING id, owner_id, subdomain, custom_domain, premium, members_enabled, donations_enabled, created_at`,
+		ownerID, subdomain).Scan(&t.ID, &t.OwnerID, &t.Subdomain, &t.CustomDomain, &t.Premium,
+		&t.MembersEnabled, &t.DonationsEnabled, &t.CreatedAt)
+	return &t, err
+}
+
+func (db *DB) GetTenantByID(ctx context.Context, id string) (*Tenant, error) {
+	var t Tenant
+	var ownerID, customDomain *string
+	err := db.pool.QueryRow(ctx,
+		`SELECT id, owner_id, subdomain, custom_domain, premium, members_enabled, donations_enabled, created_at
+		 FROM tenants WHERE id = $1`,
+		id).Scan(&t.ID, &ownerID, &t.Subdomain, &customDomain, &t.Premium,
+		&t.MembersEnabled, &t.DonationsEnabled, &t.CreatedAt)
+	if err == pgx.ErrNoRows {
+		return nil, nil
+	}
+	if ownerID != nil {
+		t.OwnerID = *ownerID
+	}
+	if customDomain != nil {
+		t.CustomDomain = *customDomain
+	}
+	return &t, err
+}
+
+func (db *DB) IsUserTenantOwner(ctx context.Context, userID, tenantID string) (bool, error) {
+	var exists bool
+	err := db.pool.QueryRow(ctx,
+		`SELECT EXISTS(SELECT 1 FROM tenants WHERE id = $1 AND owner_id = $2)`,
+		tenantID, userID).Scan(&exists)
+	return exists, err
+}
+
+func (db *DB) IsSubdomainAvailable(ctx context.Context, subdomain string) (bool, error) {
+	var exists bool
+
+	err := db.pool.QueryRow(ctx,
+		`SELECT EXISTS(SELECT 1 FROM reserved_subdomains WHERE subdomain = $1)`,
+		subdomain).Scan(&exists)
+	if err != nil {
+		return false, err
+	}
+	if exists {
+		return false, nil
+	}
+
+	err = db.pool.QueryRow(ctx,
+		`SELECT EXISTS(SELECT 1 FROM demos WHERE subdomain = $1 AND expires_at > NOW())`,
+		subdomain).Scan(&exists)
+	if err != nil {
+		return false, err
+	}
+	if exists {
+		return false, nil
+	}
+
+	err = db.pool.QueryRow(ctx,
+		`SELECT EXISTS(SELECT 1 FROM tenants WHERE subdomain = $1)`,
+		subdomain).Scan(&exists)
+	if err != nil {
+		return false, err
+	}
+
+	return !exists, nil
+}
+
+func (db *DB) ListTenants(ctx context.Context) ([]Tenant, error) {
+	rows, err := db.pool.Query(ctx,
+		`SELECT id, owner_id, subdomain, custom_domain, premium, members_enabled, donations_enabled, created_at
+		 FROM tenants`)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var tenants []Tenant
+	for rows.Next() {
+		var t Tenant
+		var ownerID, customDomain *string
+		if err := rows.Scan(&t.ID, &ownerID, &t.Subdomain, &customDomain, &t.Premium,
+			&t.MembersEnabled, &t.DonationsEnabled, &t.CreatedAt); err != nil {
+			return nil, err
+		}
+		if ownerID != nil {
+			t.OwnerID = *ownerID
+		}
+		if customDomain != nil {
+			t.CustomDomain = *customDomain
+		}
+		tenants = append(tenants, t)
+	}
+	return tenants, rows.Err()
+}
diff --git a/internal/db/users.go b/internal/db/users.go
new file mode 100644
index 0000000..d9ed170
--- /dev/null
+++ b/internal/db/users.go
@@ -0,0 +1,62 @@
+package db
+
+import (
+	"context"
+
+	"github.com/jackc/pgx/v5"
+)
+
+func (db *DB) GetUserByID(ctx context.Context, id string) (*User, error) {
+	var u User
+	err := db.pool.QueryRow(ctx,
+		`SELECT id, email, name, avatar_url, created_at FROM users WHERE id = $1`,
+		id).Scan(&u.ID, &u.Email, &u.Name, &u.AvatarURL, &u.CreatedAt)
+	if err == pgx.ErrNoRows {
+		return nil, nil
+	}
+	return &u, err
+}
+
+func (db *DB) GetUserByEmail(ctx context.Context, email string) (*User, error) {
+	var u User
+	err := db.pool.QueryRow(ctx,
+		`SELECT id, email, name, avatar_url, created_at FROM users WHERE email = $1`,
+		email).Scan(&u.ID, &u.Email, &u.Name, &u.AvatarURL, &u.CreatedAt)
+	if err == pgx.ErrNoRows {
+		return nil, nil
+	}
+	return &u, err
+}
+
+func (db *DB) GetUserByIdentity(ctx context.Context, provider, providerID string) (*User, error) {
+	var u User
+	err := db.pool.QueryRow(ctx,
+		`SELECT u.id, u.email, u.name, u.avatar_url, u.created_at
+		 FROM users u
+		 JOIN user_identities i ON i.user_id = u.id
+		 WHERE i.provider = $1 AND i.provider_id = $2`,
+		provider, providerID).Scan(&u.ID, &u.Email, &u.Name, &u.AvatarURL, &u.CreatedAt)
+	if err == pgx.ErrNoRows {
+		return nil, nil
+	}
+	return &u, err
+}
+
+func (db *DB) CreateUser(ctx context.Context, email, name, avatarURL string) (*User, error) {
+	var u User
+	err := db.pool.QueryRow(ctx,
+		`INSERT INTO users (email, name, avatar_url)
+		 VALUES ($1, $2, $3)
+		 RETURNING id, email, name, avatar_url, created_at`,
+		email, name, avatarURL).Scan(&u.ID, &u.Email, &u.Name, &u.AvatarURL, &u.CreatedAt)
+	return &u, err
+}
+
+func (db *DB) AddUserIdentity(ctx context.Context, userID, provider, providerID, providerEmail string) error {
+	_, err := db.pool.Exec(ctx,
+		`INSERT INTO user_identities (user_id, provider, provider_id, provider_email)
+		 VALUES ($1, $2, $3, $4)
+		 ON CONFLICT (provider, provider_id) DO NOTHING`,
+		userID, provider, providerID, providerEmail)
+	return err
+}
diff --git a/internal/imaginary/client.go b/internal/imaginary/client.go
new file mode 100644
index 0000000..394af08
--- /dev/null
+++ b/internal/imaginary/client.go
@@ -0,0 +1,77 @@
+package imaginary
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"mime/multipart"
+	"net/http"
+)
+
+type Client struct {
+	baseURL string
+	http    *http.Client
+}
+
+func New(baseURL string) *Client {
+	return &Client{
+		baseURL: baseURL,
+		http:    &http.Client{},
+	}
+}
+
+type ProcessOptions struct {
+	Width   int
+	Height  int
+	Quality int
+	Type    string
+}
+
+func (c *Client) Process(src io.Reader, filename string, opts ProcessOptions) ([]byte, error) {
+	var body bytes.Buffer
+	writer := multipart.NewWriter(&body)
+
+	part, err := writer.CreateFormFile("file", filename)
+	if err != nil {
+		return nil, err
+	}
+	if _, err := io.Copy(part, src); err != nil {
+		return nil, err
+	}
+	writer.Close()
+
+	if opts.Width == 0 {
+		opts.Width = 2000
+	}
+	if opts.Height == 0 {
+		opts.Height = 2000
+	}
+	if opts.Quality == 0 {
+		opts.Quality = 80
+	}
+	if opts.Type == "" {
+		opts.Type = "webp"
+	}
+
+	url := fmt.Sprintf("%s/resize?width=%d&height=%d&quality=%d&type=%s",
+		c.baseURL, opts.Width, opts.Height, opts.Quality, opts.Type)
+
+	req, err := http.NewRequest("POST", url, &body)
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("Content-Type", writer.FormDataContentType())
+
+	resp, err := c.http.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		errBody, _ := io.ReadAll(resp.Body)
+		return nil, fmt.Errorf("imaginary error %d: %s", resp.StatusCode, string(errBody))
+	}
+
+	return io.ReadAll(resp.Body)
+}
diff --git a/internal/markdown/markdown.go b/internal/markdown/markdown.go
new file mode 100644
index 0000000..77c0da3
--- /dev/null
+++ b/internal/markdown/markdown.go
@@ -0,0 +1,72 @@
+package markdown
+
+import (
+	"bytes"
+	"sync"
+
+	"github.com/yuin/goldmark"
+	emoji "github.com/yuin/goldmark-emoji"
+	highlighting "github.com/yuin/goldmark-highlighting/v2"
+	"github.com/yuin/goldmark/extension"
+	"github.com/yuin/goldmark/parser"
+	"github.com/yuin/goldmark/renderer/html"
+)
+
+var (
+	renderers   = make(map[string]goldmark.Markdown)
+	renderersMu sync.RWMutex
+)
+
+func getRenderer(codeTheme string) goldmark.Markdown {
+	if codeTheme == "" {
+		codeTheme = "github"
+	}
+
+	renderersMu.RLock()
+	if md, ok := renderers[codeTheme]; ok {
+		renderersMu.RUnlock()
+		return md
+	}
+	renderersMu.RUnlock()
+
+	renderersMu.Lock()
+	defer renderersMu.Unlock()
+
+	if md, ok := renderers[codeTheme]; ok {
+		return md
+	}
+
+	md := goldmark.New(
+		goldmark.WithExtensions(
+			extension.GFM,
+			extension.Typographer,
+			emoji.Emoji,
+			highlighting.NewHighlighting(
+				highlighting.WithStyle(codeTheme),
+			),
+		),
+		goldmark.WithParserOptions(
+			parser.WithAutoHeadingID(),
+		),
+		goldmark.WithRendererOptions(
+			html.WithHardWraps(),
+			html.WithXHTML(),
+			html.WithUnsafe(),
+		),
+	)
+	renderers[codeTheme] = md
+	return md
+}
+
+func Render(source string) (string, error) {
+	return RenderWithTheme(source, "github")
+}
+
+func RenderWithTheme(source, codeTheme string) (string, error) {
+	md := getRenderer(codeTheme)
+	var buf bytes.Buffer
+	if err := md.Convert([]byte(source), &buf); err != nil {
+		return "", err
+	}
+	return buf.String(), nil
+}
diff --git a/internal/markdown/themes.go b/internal/markdown/themes.go
new file mode 100644
index 0000000..90e73d7
--- /dev/null
+++ b/internal/markdown/themes.go
@@ -0,0 +1,152 @@
+package markdown
+
+import (
+	"strings"
+
+	"github.com/alecthomas/chroma/v2"
+	"github.com/alecthomas/chroma/v2/styles"
+)
+
+var chromaToHljs = map[chroma.TokenType]string{
+	chroma.Keyword:            "hljs-keyword",
+	chroma.KeywordConstant:    "hljs-keyword",
+	chroma.KeywordDeclaration: "hljs-keyword",
+	chroma.KeywordNamespace:   "hljs-keyword",
+	chroma.KeywordPseudo:      "hljs-keyword",
+	chroma.KeywordReserved:    "hljs-keyword",
+	chroma.KeywordType:        "hljs-type",
+
+	chroma.Name:              "hljs-variable",
+	chroma.NameBuiltin:       "hljs-built_in",
+	chroma.NameBuiltinPseudo: "hljs-built_in",
+	chroma.NameClass:         "hljs-title class_",
+	chroma.NameConstant:      "hljs-variable constant_",
+	chroma.NameDecorator:     "hljs-meta",
+	chroma.NameEntity:        "hljs-name",
+	chroma.NameException:     "hljs-title class_",
+	chroma.NameFunction:      "hljs-title function_",
+	chroma.NameFunctionMagic: "hljs-title function_",
+	chroma.NameLabel:         "hljs-symbol",
+	chroma.NameNamespace:     "hljs-title class_",
+	chroma.NameOther:         "hljs-variable",
+	chroma.NameProperty:      "hljs-property",
+	chroma.NameTag:           "hljs-tag",
+	chroma.NameVariable:      "hljs-variable",
+	chroma.NameVariableClass: "hljs-variable",
+	chroma.NameVariableGlobal: "hljs-variable",
+	chroma.NameVariableInstance: "hljs-variable",
+	chroma.NameVariableMagic: "hljs-variable",
+	chroma.NameAttribute:     "hljs-attr",
+
+	chroma.Literal:     "hljs-literal",
+	chroma.LiteralDate: "hljs-number",
+
+	chroma.String:          "hljs-string",
+	chroma.StringAffix:     "hljs-string",
+	chroma.StringBacktick:  "hljs-string",
+	chroma.StringChar:      "hljs-string",
+	chroma.StringDelimiter: "hljs-string",
+	chroma.StringDoc:       "hljs-string",
+	chroma.StringDouble:    "hljs-string",
+	chroma.StringEscape:    "hljs-char escape_",
+	chroma.StringHeredoc:   "hljs-string",
+	chroma.StringInterpol:  "hljs-subst",
+	chroma.StringOther:     "hljs-string",
+	chroma.StringRegex:     "hljs-regexp",
+	chroma.StringSingle:    "hljs-string",
+	chroma.StringSymbol:    "hljs-symbol",
+
+	chroma.Number:            "hljs-number",
+	chroma.NumberBin:         "hljs-number",
+	chroma.NumberFloat:       "hljs-number",
+	chroma.NumberHex:         "hljs-number",
+	chroma.NumberInteger:     "hljs-number",
+	chroma.NumberIntegerLong: "hljs-number",
+	chroma.NumberOct:         "hljs-number",
+
+	chroma.Operator:     "hljs-operator",
+	chroma.OperatorWord: "hljs-keyword",
+
+	chroma.Punctuation: "hljs-punctuation",
+
+	chroma.Comment:            "hljs-comment",
+	chroma.CommentHashbang:    "hljs-meta",
+	chroma.CommentMultiline:   "hljs-comment",
+	chroma.CommentPreproc:     "hljs-meta",
+	chroma.CommentPreprocFile: "hljs-meta",
+	chroma.CommentSingle:      "hljs-comment",
+	chroma.CommentSpecial:     "hljs-doctag",
+
+	chroma.Generic:           "hljs-code",
+	chroma.GenericDeleted:    "hljs-deletion",
+	chroma.GenericEmph:       "hljs-emphasis",
+	chroma.GenericError:      "hljs-strong",
+	chroma.GenericHeading:    "hljs-section",
+	chroma.GenericInserted:   "hljs-addition",
+	chroma.GenericOutput:     "hljs-code",
+	chroma.GenericPrompt:     "hljs-meta prompt_",
+	chroma.GenericStrong:     "hljs-strong",
+	chroma.GenericSubheading: "hljs-section",
+	chroma.GenericTraceback:  "hljs-code",
+	chroma.GenericUnderline:  "hljs-code",
+
+	chroma.Text:            "",
+	chroma.TextWhitespace:  "",
+}
+
+func GenerateHljsCSS(themeName string) (string, error) {
+	style := styles.Get(themeName)
+	if style == nil {
+		style = styles.Get("github")
+	}
+
+	var css strings.Builder
+	css.WriteString("/* Auto-generated from Chroma theme: " + themeName + " */\n")
+
+	bg := style.Get(chroma.Background)
+	if bg.Background.IsSet() {
+		css.WriteString(".prose pre { background: " + bg.Background.String() + "; }\n")
+	}
+	if bg.Colour.IsSet() {
+		css.WriteString(".prose pre code { color: " + bg.Colour.String() + "; }\n")
+	}
+
+	seen := make(map[string]bool)
+
+	for chromaToken, hljsClass := range chromaToHljs {
+		if hljsClass == "" {
+			continue
+		}
+
+		entry := style.Get(chromaToken)
+		if !entry.Colour.IsSet() && entry.Bold != chroma.Yes && entry.Italic != chroma.Yes {
+			continue
+		}
+
+		if seen[hljsClass] {
+			continue
+		}
+		seen[hljsClass] = true
+
+		selector := "." + strings.ReplaceAll(hljsClass, " ", ".")
+		css.WriteString(selector + " {")
+
+		if entry.Colour.IsSet() {
+			css.WriteString(" color: " + entry.Colour.String() + ";")
+		}
+		if entry.Bold == chroma.Yes {
+			css.WriteString(" font-weight: bold;")
+		}
+		if entry.Italic == chroma.Yes {
+			css.WriteString(" font-style: italic;")
+		}
+
+		css.WriteString(" }\n")
+	}
+
+	return css.String(), nil
+}
+
+func ListThemes() []string {
+	return styles.Names()
+}
diff --git a/internal/og/og.go b/internal/og/og.go
new file mode 100644
index 0000000..98e3037
--- /dev/null
+++ b/internal/og/og.go
@@ -0,0 +1,185 @@
+package og
+
+import (
+	"bytes"
+	"image"
+	"image/color"
+	"image/draw"
+	"image/png"
+
+	"github.com/golang/freetype"
+	"github.com/golang/freetype/truetype"
+	"golang.org/x/image/font"
+	"golang.org/x/image/font/gofont/goregular"
+	"golang.org/x/image/font/gofont/gobold"
+)
+
+const (
+	imgWidth  = 1200
+	imgHeight = 630
+)
+
+var (
+	regularFont *truetype.Font
+	boldFont    *truetype.Font
+)
+
+func init() {
+	var err error
+	regularFont, err = freetype.ParseFont(goregular.TTF)
+	if err != nil {
+		panic(err)
+	}
+	boldFont, err = freetype.ParseFont(gobold.TTF)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func parseHexColor(hex string) color.RGBA {
+	if len(hex) == 0 {
+		return color.RGBA{16, 185, 129, 255} // #10b981 emerald
+	}
+	if hex[0] == '#' {
+		hex = hex[1:]
+	}
+	if len(hex) != 6 {
+		return color.RGBA{16, 185, 129, 255} // #10b981 emerald
+	}
+
+	var r, g, b uint8
+	for i, c := range hex {
+		var v uint8
+		switch {
+		case c >= '0' && c <= '9':
+			v = uint8(c - '0')
+		case c >= 'a' && c <= 'f':
+			v = uint8(c - 'a' + 10)
+		case c >= 'A' && c <= 'F':
+			v = uint8(c - 'A' + 10)
+		}
+		switch i {
+		case 0:
+			r = v << 4
+		case 1:
+			r |= v
+		case 2:
+			g = v << 4
+		case 3:
+			g |= v
+		case 4:
+			b = v << 4
+		case 5:
+			b |= v
+		}
+	}
+	return color.RGBA{r, g, b, 255}
+}
+
+func Generate(title, siteName, accentColor string) ([]byte, error) {
+	accent := parseHexColor(accentColor)
+
+	img := image.NewRGBA(image.Rect(0, 0, imgWidth, imgHeight))
+
+	for y := 0; y < imgHeight; y++ {
+		ratio := float64(y) / float64(imgHeight)
+		r := uint8(float64(accent.R) * (1 - ratio*0.3))
+		g := uint8(float64(accent.G) * (1 - ratio*0.3))
+		b := uint8(float64(accent.B) * (1 - ratio*0.3))
+		for x := 0; x < imgWidth; x++ {
+			img.Set(x, y, color.RGBA{r, g, b, 255})
+		}
+	}
+
+	c := freetype.NewContext()
+	c.SetDPI(72)
+	c.SetClip(img.Bounds())
+	c.SetDst(img)
+	c.SetSrc(image.White)
+	c.SetHinting(font.HintingFull)
+
+	titleSize := 64.0
+	if len(title) > 50 {
+		titleSize = 48.0
+	}
+	if len(title) > 80 {
+		titleSize = 40.0
+	}
+
+	c.SetFont(boldFont)
+	c.SetFontSize(titleSize)
+
+	wrapped := wrapText(title, 28)
+	y := 200
+	for _, line := range wrapped {
+		pt := freetype.Pt(80, y)
+		c.DrawString(line, pt)
+		y += int(titleSize * 1.4)
+	}
+
+	c.SetFont(regularFont)
+	c.SetFontSize(28)
+	pt := freetype.Pt(80, imgHeight-80)
+	c.DrawString(siteName, pt)
+
+	var buf bytes.Buffer
+	if err := png.Encode(&buf, img); err != nil {
+		return nil, err
+	}
+
+	return buf.Bytes(), nil
+}
+
+func wrapText(text string, maxChars int) []string {
+	if len(text) <= maxChars {
+		return []string{text}
+	}
+
+	var lines []string
+	words := splitWords(text)
+	var current string
+
+	for _, word := range words {
+		if current == "" {
+			current = word
+		} else if len(current)+1+len(word) <= maxChars {
+			current += " " + word
+		} else {
+			lines = append(lines, current)
+			current = word
+		}
+	}
+	if current != "" {
+		lines = append(lines, current)
+	}
+
+	if len(lines) > 4 {
+		lines = lines[:4]
+		if len(lines[3]) > 3 {
+			lines[3] = lines[3][:len(lines[3])-3] + "..."
+		}
+	}
+
+	return lines
+}
+
+func splitWords(s string) []string {
+	var words []string
+	var current string
+	for _, r := range s {
+		if r == ' ' || r == '\t' || r == '\n' {
+			if current != "" {
+				words = append(words, current)
+				current = ""
+			}
+		} else {
+			current += string(r)
+		}
+	}
+	if current != "" {
+		words = append(words, current)
+	}
+	return words
+}
+
+var _ = draw.Draw
diff --git a/internal/server/api.go b/internal/server/api.go
new file mode 100644
index 0000000..59ce9a1
--- /dev/null
+++ b/internal/server/api.go
@@ -0,0 +1,208 @@
+package server
+
+import (
+	"net/http"
+	"strconv"
+	"strings"
+
+	"github.com/go-chi/chi/v5"
+	"github.com/writekitapp/writekit/internal/auth"
+	"github.com/writekitapp/writekit/internal/tenant"
+)
+
+func (s *Server) publicAPIRoutes() chi.Router {
+	r := chi.NewRouter()
+	r.Use(s.apiKeyMiddleware)
+	r.Use(s.apiRateLimitMiddleware(s.rateLimiter))
+
+	r.Get("/posts", s.apiListPosts)
+	r.Post("/posts", s.apiCreatePost)
+	r.Get("/posts/{slug}", s.apiGetPost)
+	r.Put("/posts/{slug}", s.apiUpdatePost)
+	r.Delete("/posts/{slug}", s.apiDeletePost)
+
+	r.Get("/settings", s.apiGetSettings)
+
+	return r
+}
+
+func (s *Server) apiKeyMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		tenantID, ok := r.Context().Value(tenantIDKey).(string)
+		if !ok || tenantID == "" {
+			jsonError(w, http.StatusUnauthorized, "unauthorized")
+			return
+		}
+
+		key := extractAPIKey(r)
+		if key != "" {
+			db, err := s.tenantPool.Get(tenantID)
+			if err != nil {
+				jsonError(w, http.StatusInternalServerError, "database error")
+				return
+			}
+
+			q := tenant.NewQueries(db)
+			valid, err := q.ValidateAPIKey(r.Context(), key)
+			if err != nil {
+				jsonError(w, http.StatusInternalServerError, "validation error")
+				return
+			}
+			if valid {
+				next.ServeHTTP(w, r)
+				return
+			}
+			jsonError(w, http.StatusUnauthorized, "invalid API key")
+			return
+		}
+
+		if GetDemoInfo(r).IsDemo {
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		userID := auth.GetUserID(r)
+		if userID == "" {
+			jsonError(w, http.StatusUnauthorized, "API key required")
+			return
+		}
+
+		isOwner, err := s.database.IsUserTenantOwner(r.Context(), userID, tenantID)
+		if err != nil || !isOwner {
+			jsonError(w, http.StatusUnauthorized, "API key required")
+			return
+		}
+
+		next.ServeHTTP(w, r)
+	})
+}
+
+func extractAPIKey(r *http.Request) string {
+	auth := r.Header.Get("Authorization")
+	if strings.HasPrefix(auth, "Bearer ") {
+		return strings.TrimPrefix(auth, "Bearer ")
+	}
+	return r.URL.Query().Get("api_key")
+}
+
+type paginatedPostsResponse struct {
+	Posts  []postResponse `json:"posts"`
+	Total  int            `json:"total"`
+	Limit  int            `json:"limit"`
+	Offset int            `json:"offset"`
+}
+
+func (s *Server) apiListPosts(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	limit, _ := strconv.Atoi(r.URL.Query().Get("limit"))
+	offset, _ := strconv.Atoi(r.URL.Query().Get("offset"))
+	tag := r.URL.Query().Get("tag")
+	includeContent := r.URL.Query().Get("include") == "content"
+
+	q := tenant.NewQueries(db)
+	result, err := q.ListPostsPaginated(r.Context(), tenant.ListPostsOptions{
+		Limit:  limit,
+		Offset: offset,
+		Tag:    tag,
+	})
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to list posts")
+		return
+	}
+
+	posts := make([]postResponse, len(result.Posts))
+	for i, p := range result.Posts {
+		posts[i] = postToResponse(&p, includeContent)
+	}
+
+	jsonResponse(w, http.StatusOK, paginatedPostsResponse{
+		Posts:  posts,
+		Total:  result.Total,
+		Limit:  limit,
+		Offset: offset,
+	})
+}
+
+func (s *Server) apiGetPost(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	slug := chi.URLParam(r, "slug")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	post, err := q.GetPost(r.Context(), slug)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get post")
+		return
+	}
+	if post == nil {
+		jsonError(w, http.StatusNotFound, "post not found")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, postToResponse(post, true))
+}
+
+func (s *Server) apiCreatePost(w http.ResponseWriter, r *http.Request) {
+	s.createPost(w, r)
+}
+
+func (s *Server) apiUpdatePost(w http.ResponseWriter, r *http.Request) {
+	s.updatePost(w, r)
+}
+
+func (s *Server) apiDeletePost(w http.ResponseWriter, r *http.Request) {
+	s.deletePost(w, r)
+}
+
+var publicSettingsKeys = []string{
+	"site_name",
+	"site_description",
+	"author_name",
+	"author_role",
+	"author_bio",
+	"author_photo",
+	"twitter_handle",
+	"github_handle",
+	"linkedin_handle",
+	"email",
+	"accent_color",
+	"font",
+}
+
+func (s *Server) apiGetSettings(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	allSettings, err := q.GetSettings(r.Context())
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get settings")
+		return
+	}
+
+	result := make(map[string]string)
+	for _, key := range publicSettingsKeys {
+		if val, ok := allSettings[key]; ok {
+			result[key] = val
+		}
+	}
+
+	jsonResponse(w, http.StatusOK, result)
+}
diff --git a/internal/server/blog.go b/internal/server/blog.go
new file mode 100644
index 0000000..8b873d5
--- /dev/null
+++ b/internal/server/blog.go
@@ -0,0 +1,703 @@
+package server
+
+import (
+	"bytes"
+	"context"
+	"crypto/md5"
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"html/template"
+	"log/slog"
+	"net/http"
+	"net/http/httputil"
+	"net/url"
+	"os"
+	"time"
+
+	"github.com/go-chi/chi/v5"
+	"github.com/writekitapp/writekit/internal/auth"
+	"github.com/writekitapp/writekit/internal/build/assets"
+	"github.com/writekitapp/writekit/internal/build/templates"
+	"github.com/writekitapp/writekit/internal/config"
+	"github.com/writekitapp/writekit/internal/markdown"
+	"github.com/writekitapp/writekit/internal/tenant"
+	"github.com/writekitapp/writekit/studio"
+)
+
+func (s *Server) serveBlog(w http.ResponseWriter, r *http.Request, subdomain string) {
+	var tenantID string
+	var demoInfo DemoInfo
+
+	tenantID, ok := s.tenantCache.Get(subdomain)
+	if !ok {
+		t, err := s.database.GetTenantBySubdomain(r.Context(), subdomain)
+		if err != nil || t == nil {
+			d, err := s.database.GetDemoBySubdomain(r.Context(), subdomain)
+			if err != nil || d == nil {
+				s.notFound(w, r)
+				return
+			}
+			tenantID = d.ID
+			demoInfo = DemoInfo{IsDemo: true, ExpiresAt: d.ExpiresAt}
+			s.tenantPool.MarkAsDemo(tenantID)
+			s.ensureDemoSeeded(tenantID)
+		} else {
+			tenantID = t.ID
+		}
+		s.tenantCache.Set(subdomain, tenantID)
+	} else {
+		d, _ := s.database.GetDemoBySubdomain(r.Context(), subdomain)
+		if d != nil {
+			demoInfo = DemoInfo{IsDemo: true, ExpiresAt: d.ExpiresAt}
+			s.tenantPool.MarkAsDemo(tenantID)
+		}
+	}
+
+	ctx := context.WithValue(r.Context(), tenantIDKey, tenantID)
+	ctx = context.WithValue(ctx, demoInfoKey, demoInfo)
+	r = r.WithContext(ctx)
+
+	mux := chi.NewRouter()
+
+	mux.Get("/", s.blogHome)
+	mux.Get("/posts", s.blogList)
+	mux.Get("/posts/{slug}", s.blogPost)
+
+	mux.Handle("/static/*", http.StripPrefix("/static/", assets.Handler()))
+
+	mux.Route("/api/studio", func(r chi.Router) {
+		r.Use(demoAwareSessionMiddleware(s.database))
+		r.Use(s.ownerMiddleware)
+		r.Mount("/", s.studioRoutes())
+	})
+
+	mux.Mount("/api/v1", s.publicAPIRoutes())
+	mux.Mount("/api/reader", s.readerRoutes())
+
+	mux.Get("/studio", s.serveStudio)
+	mux.Get("/studio/*", s.serveStudio)
+
+	mux.Get("/sitemap.xml", s.sitemap)
+	mux.Get("/robots.txt", s.robots)
+
+	mux.ServeHTTP(w, r)
+}
+
+func (s *Server) blogHome(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		slog.Error("blogHome: get tenant pool", "error", err, "tenantID", tenantID)
+		http.Error(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	s.recordPageView(q, r, "/", "")
+
+	if html, etag, err := q.GetPage(r.Context(), "/"); err == nil && html != nil {
+		s.servePreRendered(w, r, html, etag, "public, max-age=300")
+		return
+	}
+
+	posts, err := q.ListPosts(r.Context(), false)
+	if err != nil {
+		slog.Error("blogHome: list posts", "error", err)
+		http.Error(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+
+	settings, _ := q.GetSettings(r.Context())
+	siteName := getSettingOr(settings, "site_name", "My Blog")
+	siteDesc := getSettingOr(settings, "site_description", "")
+	baseURL := getBaseURL(r.Host)
+
+	showBadge := true
+	if t, err := s.database.GetTenantByID(r.Context(), tenantID); err == nil && t != nil {
+		tierInfo := config.GetTierInfo(t.Premium)
+		showBadge = tierInfo.Config.BadgeRequired
+	}
+
+	postSummaries := make([]templates.PostSummary, 0, len(posts))
+	for _, p := range posts {
+		if len(postSummaries) >= 10 {
+			break
+		}
+		postSummaries = append(postSummaries, templates.PostSummary{
+			Slug:        p.Slug,
+			Title:       p.Title,
+			Description: p.Description,
+			Date:        timeOrZero(p.PublishedAt),
+		})
+	}
+
+	data := templates.HomeData{
+		PageData: templates.PageData{
+			Title:        siteName,
+			Description:  siteDesc,
+			CanonicalURL: baseURL + "/",
+			OGType:       "website",
+			SiteName:     siteName,
+			Year:         time.Now().Year(),
+			Settings:     settingsToMap(settings),
+			NoIndex:      GetDemoInfo(r).IsDemo,
+			ShowBadge:    showBadge,
+		},
+		Posts:   postSummaries,
+		HasMore: len(posts) > 10,
+	}
+
+	html, err := templates.RenderHome(data)
+	if err != nil {
+		slog.Error("blogHome: render template", "error", err)
+		http.Error(w, "render error", http.StatusInternalServerError)
+		return
+	}
+
+	s.servePreRendered(w, r, html, computeETag(html), "public, max-age=300")
+}
+
+func (s *Server) blogList(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		http.Error(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	s.recordPageView(q, r, "/posts", "")
+
+	if html, etag, err := q.GetPage(r.Context(), "/posts"); err == nil && html != nil {
+		s.servePreRendered(w, r, html, etag, "public, max-age=300")
+		return
+	}
+
+	posts, err := q.ListPosts(r.Context(), false)
+	if err != nil {
+		http.Error(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+
+	settings, _ := q.GetSettings(r.Context())
+	siteName := getSettingOr(settings, "site_name", "My Blog")
+	baseURL := getBaseURL(r.Host)
+
+	showBadge := true
+	if t, err := s.database.GetTenantByID(r.Context(), tenantID); err == nil && t != nil {
+		tierInfo := config.GetTierInfo(t.Premium)
+		showBadge = tierInfo.Config.BadgeRequired
+	}
+
+	postSummaries := make([]templates.PostSummary, len(posts))
+	for i, p := range posts {
+		postSummaries[i] = templates.PostSummary{
+			Slug:        p.Slug,
+			Title:       p.Title,
+			Description: p.Description,
+			Date:        timeOrZero(p.PublishedAt),
+		}
+	}
+
+	data := templates.BlogData{
+		PageData: templates.PageData{
+			Title:        "Posts - " + siteName,
+			Description:  "All posts",
+			CanonicalURL: baseURL + "/posts",
+			OGType:       "website",
+			SiteName:     siteName,
+			Year:         time.Now().Year(),
+			Settings:     settingsToMap(settings),
+			NoIndex:      GetDemoInfo(r).IsDemo,
+			ShowBadge:    showBadge,
+		},
+		Posts: postSummaries,
+	}
+
+	html, err := templates.RenderBlog(data)
+	if err != nil {
+		http.Error(w, "render error", http.StatusInternalServerError)
+		return
+	}
+
+	s.servePreRendered(w, r, html, computeETag(html), "public, max-age=300")
+}
+
+func (s *Server) blogPost(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	slug := chi.URLParam(r, "slug")
+	isPreview := r.URL.Query().Get("preview") == "true"
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		http.Error(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	if isPreview && !s.canPreview(r, tenantID) {
+		http.Error(w, "unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	if !isPreview {
+		path := "/posts/" + slug
+		s.recordPageView(q, r, path, slug)
+
+		if html, etag, err := q.GetPage(r.Context(), path); err == nil && html != nil {
+			s.servePreRendered(w, r, html, etag, "public, max-age=3600")
+			return
+		}
+	}
+
+	post, err := q.GetPost(r.Context(), slug)
+	if err != nil {
+		http.Error(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+	if post == nil {
+		aliasPost, _ := q.GetPostByAlias(r.Context(), slug)
+		if aliasPost != nil && aliasPost.IsPublished {
+			http.Redirect(w, r, "/posts/"+aliasPost.Slug, http.StatusMovedPermanently)
+			return
+		}
+		http.NotFound(w, r)
+		return
+	}
+
+	if !post.IsPublished && !isPreview {
+		http.NotFound(w, r)
+		return
+	}
+
+	title := post.Title
+	description := post.Description
+	contentMD := post.ContentMD
+	tags := post.Tags
+	coverImage := post.CoverImage
+
+	if isPreview {
+		if draft, _ := q.GetDraft(r.Context(), post.ID); draft != nil {
+			title = draft.Title
+			description = draft.Description
+			contentMD = draft.ContentMD
+			tags = draft.Tags
+			coverImage = draft.CoverImage
+		}
+	}
+
+	settings, _ := q.GetSettings(r.Context())
+	siteName := getSettingOr(settings, "site_name", "My Blog")
+	baseURL := getBaseURL(r.Host)
+	codeTheme := getSettingOr(settings, "code_theme", "github")
+
+	showBadge := true
+	if t, err := s.database.GetTenantByID(r.Context(), tenantID); err == nil && t != nil {
+		tierInfo := config.GetTierInfo(t.Premium)
+		showBadge = tierInfo.Config.BadgeRequired
+	}
+
+	contentHTML := ""
+	if contentMD != "" {
+		contentHTML, _ = markdown.RenderWithTheme(contentMD, codeTheme)
+	}
+
+	interactionConfig := q.GetInteractionConfig(r.Context())
+	structuredData := buildArticleSchema(post, siteName, baseURL)
+
+	data := templates.PostData{
+		PageData: templates.PageData{
+			Title:          title + " - " + siteName,
+			Description:    description,
+			CanonicalURL:   baseURL + "/posts/" + post.Slug,
+			OGType:         "article",
+			OGImage:        coverImage,
+			SiteName:       siteName,
+			Year:           time.Now().Year(),
+			StructuredData: template.JS(structuredData),
+			Settings:       settingsToMap(settings),
+			NoIndex:        GetDemoInfo(r).IsDemo || isPreview,
+			ShowBadge:      showBadge,
+		},
+		Post: templates.PostDetail{
+			Slug:        post.Slug,
+			Title:       title,
+			Description: description,
+			CoverImage:  coverImage,
+			Date:        timeOrZero(post.PublishedAt),
+			Tags:        tags,
+		},
+		ContentHTML:       template.HTML(contentHTML),
+		InteractionConfig: interactionConfig,
+	}
+
+	html, err := templates.RenderPost(data)
+	if err != nil {
+		http.Error(w, "render error", http.StatusInternalServerError)
+		return
+	}
+
+	if isPreview {
+		previewScript := `<style>
+.preview-banner {
+  position: fixed;
+  bottom: 0;
+  left: 0;
+  right: 0;
+  background: linear-gradient(135deg, #7c3aed 0%, #6d28d9 100%);
+  color: #fff;
+  font-family: system-ui, -apple-system, sans-serif;
+  font-size: 13px;
+  z-index: 99999;
+  padding: 10px 16px;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  gap: 16px;
+  box-shadow: 0 -4px 20px rgba(0,0,0,0.15);
+}
+@media(min-width:640px) {
+  .preview-banner {
+    bottom: auto;
+    top: 0;
+    left: 50%;
+    right: auto;
+    transform: translateX(-50%);
+    border-radius: 0 0 8px 8px;
+    padding: 8px 20px;
+  }
+}
+.preview-badge {
+  display: inline-flex;
+  align-items: center;
+  gap: 6px;
+  font-weight: 600;
+  letter-spacing: 0.02em;
+}
+.preview-badge svg {
+  width: 14px;
+  height: 14px;
+}
+.preview-status {
+  opacity: 0.9;
+  font-size: 12px;
+}
+.preview-link {
+  background: rgba(255,255,255,0.2);
+  color: #fff;
+  padding: 4px 10px;
+  border-radius: 4px;
+  text-decoration: none;
+  font-weight: 500;
+  font-size: 12px;
+  transition: background 0.15s;
+}
+.preview-link:hover {
+  background: rgba(255,255,255,0.3);
+}
+.preview-rebuild {
+  position: fixed;
+  top: 16px;
+  right: 16px;
+  background: #18181b;
+  color: #fafafa;
+  padding: 8px 16px;
+  border-radius: 6px;
+  font-size: 13px;
+  font-family: system-ui, sans-serif;
+  z-index: 99998;
+  opacity: 0;
+  transition: opacity 0.15s;
+  pointer-events: none;
+}
+.preview-rebuild.visible { opacity: 1; }
+</style>
+<div class="preview-banner">
+  <span class="preview-badge">
+    <svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
+      <path d="M1 12s4-8 11-8 11 8 11 8-4 8-11 8-11-8-11-8z"/><circle cx="12" cy="12" r="3"/>
+    </svg>
+    Preview Mode
+  </span>
+  <span class="preview-status">Viewing as author</span>
+  <a class="preview-link" href="/studio/posts/` + post.Slug + `/edit">Back to Editor</a>
+</div>
+<div class="preview-rebuild" id="preview-rebuild">Rebuilding...</div>
+<script>
+(function() {
+  var channel = new BroadcastChannel('writekit-preview');
+  var slug = '` + post.Slug + `';
+  var rebuild = document.getElementById('preview-rebuild');
+  channel.onmessage = function(e) {
+    if (e.data.slug !== slug) return;
+    if (e.data.type === 'rebuilding') {
+      rebuild.classList.add('visible');
+      return;
+    }
+    if (e.data.type === 'content-update') {
+      var content = document.querySelector('.post-content');
+      if (content) content.innerHTML = e.data.html;
+      var title = document.querySelector('h1');
+      if (title) title.textContent = e.data.title;
+      var desc = document.querySelector('meta[name="description"]');
+      if (desc) desc.content = e.data.description;
+      rebuild.classList.remove('visible');
+    }
+  };
+})();
+</script>`
+		html = bytes.Replace(html, []byte("</body>"), []byte(previewScript+"</body>"), 1)
+		w.Header().Set("Cache-Control", "no-store")
+		w.Header().Set("Content-Type", "text/html; charset=utf-8")
+		w.Write(html)
+		return
+	}
+
+	s.servePreRendered(w, r, html, computeETag(html), "public, max-age=3600")
+}
+
+func (s *Server) canPreview(r *http.Request, tenantID string) bool {
+	if GetDemoInfo(r).IsDemo {
+		return true
+	}
+
+	userID := auth.GetUserID(r)
+	if userID == "" {
+		return false
+	}
+
+	isOwner, err := s.database.IsUserTenantOwner(r.Context(), userID, tenantID)
+	if err != nil {
+		return false
+	}
+	return isOwner
+}
+
+func (s *Server) serveStudio(w http.ResponseWriter, r *http.Request) {
+	if viteURL := os.Getenv("VITE_URL"); viteURL != "" && os.Getenv("ENV") == "local" {
+		target, err := url.Parse(viteURL)
+		if err != nil {
+			slog.Error("invalid VITE_URL", "error", err)
+			http.Error(w, "internal error", http.StatusInternalServerError)
+			return
+		}
+		proxy := httputil.NewSingleHostReverseProxy(target)
+		proxy.Director = func(req *http.Request) {
+			req.URL.Scheme = target.Scheme
+			req.URL.Host = target.Host
+			req.Host = target.Host
+		}
+		proxy.ServeHTTP(w, r)
+		return
+	}
+
+	path := chi.URLParam(r, "*")
+	if path == "" {
+		path = "index.html"
+	}
+
+	data, err := studio.Read(path)
+	if err != nil {
+		data, _ = studio.Read("index.html")
+	}
+
+	contentType := "text/html; charset=utf-8"
+	if len(path) > 3 {
+		switch path[len(path)-3:] {
+		case ".js":
+			contentType = "application/javascript"
+		case "css":
+			contentType = "text/css"
+		}
+	}
+
+	if contentType == "text/html; charset=utf-8" {
+		if demoInfo := GetDemoInfo(r); demoInfo.IsDemo {
+			data = s.injectDemoBanner(data, demoInfo.ExpiresAt)
+		}
+	}
+
+	w.Header().Set("Content-Type", contentType)
+	w.Header().Set("Cache-Control", "public, max-age=31536000, immutable")
+	if contentType == "text/html; charset=utf-8" {
+		w.Header().Set("Cache-Control", "no-cache")
+	}
+	w.Write(data)
+}
+
+func (s *Server) sitemap(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		http.Error(w, "internal error", http.StatusInternalServerError)
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	posts, _ := q.ListPosts(r.Context(), false)
+	baseURL := getBaseURL(r.Host)
+
+	w.Header().Set("Content-Type", "application/xml; charset=utf-8")
+	w.Header().Set("Cache-Control", "public, max-age=3600")
+
+	w.Write([]byte(`<?xml version="1.0" encoding="UTF-8"?>
+<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
+  <url><loc>` + baseURL + `/</loc></url>
+`))
+
+	for _, p := range posts {
+		lastmod := p.ModifiedAt.Format("2006-01-02")
+		if p.UpdatedAt != nil {
+			lastmod = p.UpdatedAt.Format("2006-01-02")
+		}
+		w.Write([]byte(fmt.Sprintf("  <url><loc>%s/posts/%s</loc><lastmod>%s</lastmod></url>\n",
+			baseURL, p.Slug, lastmod)))
+	}
+
+	w.Write([]byte("</urlset>"))
+}
+
+func (s *Server) robots(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Content-Type", "text/plain; charset=utf-8")
+	w.Header().Set("Cache-Control", "public, max-age=86400")
+
+	if GetDemoInfo(r).IsDemo {
+		w.Write([]byte("User-agent: *\nDisallow: /\n"))
+		return
+	}
+
+	baseURL := getBaseURL(r.Host)
+	fmt.Fprintf(w, "User-agent: *\nAllow: /\n\nSitemap: %s/sitemap.xml\n", baseURL)
+}
+
+func (s *Server) ownerMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		demoInfo := GetDemoInfo(r)
+		if demoInfo.IsDemo {
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		userID := auth.GetUserID(r)
+		if userID == "" {
+			http.Error(w, "unauthorized", http.StatusUnauthorized)
+			return
+		}
+
+		tenantID, ok := r.Context().Value(tenantIDKey).(string)
+		if !ok || tenantID == "" {
+			http.Error(w, "unauthorized", http.StatusUnauthorized)
+			return
+		}
+
+		isOwner, err := s.database.IsUserTenantOwner(r.Context(), userID, tenantID)
+		if err != nil {
+			http.Error(w, "internal error", http.StatusInternalServerError)
+			return
+		}
+		if !isOwner {
+			http.Error(w, "forbidden", http.StatusForbidden)
+			return
+		}
+
+		next.ServeHTTP(w, r)
+	})
+}
+
+func getSettingOr(settings tenant.Settings, key, fallback string) string {
+	if v, ok := settings[key]; ok && v != "" {
+		return v
+	}
+	return fallback
+}
+
+func settingsToMap(settings tenant.Settings) map[string]any {
+	m := make(map[string]any)
+	for k, v := range settings {
+		m[k] = v
+	}
+	return m
+}
+
+func getBaseURL(host string) string {
+	scheme := "https"
+	if env := os.Getenv("ENV"); env != "prod" {
+		scheme = "http"
+	}
+	return fmt.Sprintf("%s://%s", scheme, host)
+}
+
+func computeETag(data []byte) string {
+	hash := md5.Sum(data)
+	return `"` + hex.EncodeToString(hash[:]) + `"`
+}
+
+func (s *Server) servePreRendered(w http.ResponseWriter, r *http.Request, html []byte, etag, cacheControl string) {
+	if demoInfo := GetDemoInfo(r); demoInfo.IsDemo {
+		html = s.injectDemoBanner(html, demoInfo.ExpiresAt)
+		etag = computeETag(html)
+	}
+
+	if match := r.Header.Get("If-None-Match"); match == etag {
+		w.WriteHeader(http.StatusNotModified)
+		return
+	}
+
+	w.Header().Set("Content-Type", "text/html; charset=utf-8")
+	w.Header().Set("Cache-Control", cacheControl)
+	w.Header().Set("ETag", etag)
+	w.Write(html)
+}
+
+func buildArticleSchema(post *tenant.Post, siteName, baseURL string) string {
+	publishedAt := timeOrZero(post.PublishedAt)
+	modifiedAt := publishedAt
+	if post.UpdatedAt != nil {
+		modifiedAt = *post.UpdatedAt
+	}
+
+	schema := map[string]any{
+		"@context":      "https://schema.org",
+		"@type":         "Article",
+		"headline":      post.Title,
+		"datePublished": publishedAt.Format(time.RFC3339),
+		"dateModified":  modifiedAt.Format(time.RFC3339),
+		"author": map[string]any{
+			"@type": "Person",
+			"name":  siteName,
+		},
+		"publisher": map[string]any{
+			"@type": "Organization",
+			"name":  siteName,
+		},
+		"mainEntityOfPage": map[string]any{
+			"@type": "WebPage",
+			"@id":   baseURL + "/posts/" + post.Slug,
+		},
+	}
+	if post.Description != "" {
+		schema["description"] = post.Description
+	}
+	b, _ := json.Marshal(schema)
+	return string(b)
+}
+
+func (s *Server) recordPageView(q *tenant.Queries, r *http.Request, path, postSlug string) {
+	referrer := r.Header.Get("Referer")
+	userAgent := r.Header.Get("User-Agent")
+	go func() {
+		q.RecordPageView(context.Background(), path, postSlug, referrer, userAgent)
+	}()
+}
+
+func timeOrZero(t *time.Time) time.Time {
+	if t == nil {
+		return time.Time{}
+	}
+	return *t
+}
diff --git a/internal/server/build.go b/internal/server/build.go
new file mode 100644
index 0000000..116d845
--- /dev/null
+++ b/internal/server/build.go
@@ -0,0 +1,176 @@
+package server
+
+import (
+	"context"
+	"database/sql"
+	"html/template"
+	"log/slog"
+	"sync"
+	"time"
+
+	"github.com/writekitapp/writekit/internal/build/templates"
+	"github.com/writekitapp/writekit/internal/markdown"
+	"github.com/writekitapp/writekit/internal/tenant"
+)
+
+type renderedPage struct {
+	path string
+	html []byte
+	etag string
+}
+
+func (s *Server) rebuildSite(ctx context.Context, tenantID string, db *sql.DB, host string) {
+	q := tenant.NewQueries(db)
+	settings, err := q.GetSettings(ctx)
+	if err != nil {
+		slog.Error("rebuildSite: get settings", "error", err, "tenantID", tenantID)
+		return
+	}
+
+	posts, err := q.ListPosts(ctx, false)
+	if err != nil {
+		slog.Error("rebuildSite: list posts", "error", err, "tenantID", tenantID)
+		return
+	}
+
+	baseURL := getBaseURL(host)
+	siteName := getSettingOr(settings, "site_name", "My Blog")
+	siteDesc := getSettingOr(settings, "site_description", "")
+	codeTheme := getSettingOr(settings, "code_theme", "github")
+	fontKey := getSettingOr(settings, "font", "system")
+	isDemo := getSettingOr(settings, "is_demo", "") == "true"
+
+	pageData := templates.PageData{
+		SiteName:   siteName,
+		Year:       time.Now().Year(),
+		FontURL:    templates.GetFontURL(fontKey),
+		FontFamily: templates.GetFontFamily(fontKey),
+		Settings:   settingsToMap(settings),
+		NoIndex:    isDemo,
+	}
+
+	var pages []renderedPage
+	var mu sync.Mutex
+	var wg sync.WaitGroup
+
+	addPage := func(path string, html []byte) {
+		mu.Lock()
+		pages = append(pages, renderedPage{path, html, computeETag(html)})
+		mu.Unlock()
+	}
+
+	postSummaries := make([]templates.PostSummary, len(posts))
+	for i, p := range posts {
+		postSummaries[i] = templates.PostSummary{
+			Slug:        p.Slug,
+			Title:       p.Title,
+			Description: p.Description,
+			Date:        timeOrZero(p.PublishedAt),
+		}
+	}
+
+	wg.Add(1)
+	go func() {
+		defer wg.Done()
+		homePosts := postSummaries
+		if len(homePosts) > 10 {
+			homePosts = homePosts[:10]
+		}
+		data := templates.HomeData{
+			PageData: pageData,
+			Posts:    homePosts,
+			HasMore:  len(postSummaries) > 10,
+		}
+		data.Title = siteName
+		data.Description = siteDesc
+		data.CanonicalURL = baseURL + "/"
+		data.OGType = "website"
+
+		html, err := templates.RenderHome(data)
+		if err != nil {
+			slog.Error("rebuildSite: render home", "error", err)
+			return
+		}
+		addPage("/", html)
+	}()
+
+	wg.Add(1)
+	go func() {
+		defer wg.Done()
+		data := templates.BlogData{
+			PageData: pageData,
+			Posts:    postSummaries,
+		}
+		data.Title = "Posts - " + siteName
+		data.Description = "All posts"
+		data.CanonicalURL = baseURL + "/posts"
+		data.OGType = "website"
+
+		html, err := templates.RenderBlog(data)
+		if err != nil {
+			slog.Error("rebuildSite: render blog", "error", err)
+			return
+		}
+		addPage("/posts", html)
+	}()
+
+	for _, p := range posts {
+		wg.Add(1)
+		go func(post tenant.Post) {
+			defer wg.Done()
+
+			contentHTML := post.ContentHTML
+			if contentHTML == "" && post.ContentMD != "" {
+				contentHTML, _ = markdown.RenderWithTheme(post.ContentMD, codeTheme)
+			}
+
+			interactionConfig := q.GetInteractionConfig(ctx)
+			structuredData := buildArticleSchema(&post, siteName, baseURL)
+
+			data := templates.PostData{
+				PageData: pageData,
+				Post: templates.PostDetail{
+					Slug:        post.Slug,
+					Title:       post.Title,
+					Description: post.Description,
+					Date:        timeOrZero(post.PublishedAt),
+					Tags:        post.Tags,
+				},
+				ContentHTML:       template.HTML(contentHTML),
+				InteractionConfig: interactionConfig,
+			}
+			data.Title = post.Title + " - " + siteName
+			data.Description = post.Description
+			data.CanonicalURL = baseURL + "/posts/" + post.Slug
+			data.OGType = "article"
+			data.StructuredData = template.JS(structuredData)
+
+			html, err := templates.RenderPost(data)
+			if err != nil {
+				slog.Error("rebuildSite: render post", "error", err, "slug", post.Slug)
+				return
+			}
+			addPage("/posts/"+post.Slug, html)
+		}(p)
+	}
+
+	wg.Wait()
+
+	for _, p := range pages {
+		if err := q.SetPage(ctx, p.path, p.html, p.etag); err != nil {
+			slog.Error("rebuildSite: save page", "error", err, "path", p.path)
+		}
+	}
+
+	if s.cloudflare.IsConfigured() {
+		urls := make([]string, len(pages))
+		for i, p := range pages {
+			urls[i] = baseURL + p.path
+		}
+		if err := s.cloudflare.PurgeURLs(ctx, urls); err != nil {
+			slog.Error("rebuildSite: purge cache", "error", err)
+		}
+	}
+
+	slog.Info("rebuildSite: complete", "tenantID", tenantID, "pages", len(pages))
+}
diff --git a/internal/server/demo.go b/internal/server/demo.go
new file mode 100644
index 0000000..8a4d855
--- /dev/null
+++ b/internal/server/demo.go
@@ -0,0 +1,208 @@
+package server
+
+import (
+	"bytes"
+	"math/rand"
+	"net/http"
+	"os"
+	"strconv"
+	"time"
+
+	"github.com/writekitapp/writekit/internal/auth"
+	"github.com/writekitapp/writekit/internal/db"
+	"github.com/writekitapp/writekit/internal/tenant"
+)
+
+type ctxKey string
+
+const (
+	tenantIDKey ctxKey = "tenantID"
+	demoInfoKey ctxKey = "demoInfo"
+)
+
+type DemoInfo struct {
+	IsDemo    bool
+	ExpiresAt time.Time
+}
+
+func GetDemoInfo(r *http.Request) DemoInfo {
+	if info, ok := r.Context().Value(demoInfoKey).(DemoInfo); ok {
+		return info
+	}
+	return DemoInfo{}
+}
+
+func demoAwareSessionMiddleware(database *db.DB) func(http.Handler) http.Handler {
+	sessionMW := auth.SessionMiddleware(database)
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			if GetDemoInfo(r).IsDemo {
+				next.ServeHTTP(w, r)
+				return
+			}
+			sessionMW(next).ServeHTTP(w, r)
+		})
+	}
+}
+
+func (s *Server) injectDemoBanner(html []byte, expiresAt time.Time) []byte {
+	scheme := "https"
+	if os.Getenv("ENV") != "prod" {
+		scheme = "http"
+	}
+	redirectURL := scheme + "://" + s.domain
+	banner := demoBannerHTML(expiresAt, redirectURL)
+	return bytes.Replace(html, []byte("</body>"), append([]byte(banner), []byte("</body>")...), 1)
+}
+
+func demoBannerHTML(expiresAt time.Time, redirectURL string) string {
+	expiresUnix := expiresAt.Unix()
+	return `<div id="demo-banner"><div class="demo-inner"><span class="demo-timer"></span><a class="demo-cta" target="_blank" href="/studio">Open Studio</a></div></div>
+<style>
+#demo-banner{position:fixed;bottom:0;left:0;right:0;background:rgba(220,38,38,0.95);color:#fff;font-family:system-ui,-apple-system,sans-serif;font-size:13px;z-index:99999;backdrop-filter:blur(8px);padding:10px 16px}
+@media(min-width:640px){#demo-banner{bottom:auto;top:0;left:auto;right:16px;width:auto;padding:8px 16px}}
+.demo-inner{display:flex;align-items:center;justify-content:center;gap:12px}
+.demo-timer{font-variant-numeric:tabular-nums;font-weight:500}
+.demo-timer.urgent{color:#fecaca;animation:pulse 1s infinite}
+@keyframes pulse{0%,100%{opacity:1}50%{opacity:.6}}
+.demo-cta{background:#fff;color:#dc2626;padding:6px 12px;text-decoration:none;font-weight:600;font-size:12px;transition:transform .15s}
+.demo-cta:hover{transform:scale(1.05)}
+</style>
+<script>
+(function(){
+const exp=` + strconv.FormatInt(expiresUnix, 10) + `*1000;
+const timer=document.querySelector('.demo-timer');
+const cta=document.querySelector('.demo-cta');
+const update=()=>{
+const left=Math.max(0,exp-Date.now());
+const m=Math.floor(left/60000);
+const s=Math.floor((left%60000)/1000);
+timer.textContent=m+':'+(s<10?'0':'')+s+' remaining';
+if(left<30000)timer.classList.add('urgent');
+if(left<=0){
+timer.textContent='Demo expired';
+setTimeout(()=>{
+const sub=location.hostname.split('.')[0];
+location.href='` + redirectURL + `?expired=true&subdomain='+sub;
+},2000);
+return;
+}
+requestAnimationFrame(update);
+};
+update();
+if(location.pathname.startsWith('/studio'))cta.textContent='View Site',cta.href='/posts';
+})();
+</script>`
+}
+
+func generateFakeAnalytics(days int) *tenant.AnalyticsSummary {
+	if days <= 0 {
+		days = 30
+	}
+
+	baseViews := 25 + rand.Intn(20)
+	var totalViews, totalVisitors int64
+	viewsByDay := make([]tenant.DailyStats, days)
+
+	for i := 0; i < days; i++ {
+		date := time.Now().AddDate(0, 0, -days+i+1)
+		weekday := date.Weekday()
+
+		multiplier := 1.0
+		if weekday == time.Saturday || weekday == time.Sunday {
+			multiplier = 0.6
+		} else if weekday == time.Monday {
+			multiplier = 1.2
+		}
+
+		dailyViews := int64(float64(baseViews+rand.Intn(15)) * multiplier)
+		dailyVisitors := dailyViews * int64(65+rand.Intn(15)) / 100
+
+		totalViews += dailyViews
+		totalVisitors += dailyVisitors
+
+		viewsByDay[i] = tenant.DailyStats{
+			Date:     date.Format("2006-01-02"),
+			Views:    dailyViews,
+			Visitors: dailyVisitors,
+		}
+	}
+
+	return &tenant.AnalyticsSummary{
+		TotalViews:     totalViews,
+		TotalPageViews: totalViews,
+		UniqueVisitors: totalVisitors,
+		TotalBandwidth: totalViews * 45000,
+		ViewsChange:    float64(rand.Intn(300)-100) / 10,
+		ViewsByDay:     viewsByDay,
+		TopPages: []tenant.PageStats{
+			{Path: "/", Views: totalViews * 25 / 100},
+			{Path: "/posts/shipping-a-side-project", Views: totalViews * 22 / 100},
+			{Path: "/posts/debugging-production-like-a-detective", Views: totalViews * 18 / 100},
+			{Path: "/posts/sqlite-in-production", Views: totalViews * 15 / 100},
+			{Path: "/posts", Views: totalViews * 12 / 100},
+			{Path: "/posts/my-2024-reading-list", Views: totalViews * 8 / 100},
+		},
+		TopReferrers: []tenant.ReferrerStats{
+			{Referrer: "Google", Views: totalViews * 30 / 100},
+			{Referrer: "Twitter/X", Views: totalViews * 20 / 100},
+			{Referrer: "GitHub", Views: totalViews * 15 / 100},
+			{Referrer: "Hacker News", Views: totalViews * 12 / 100},
+			{Referrer: "LinkedIn", Views: totalViews * 10 / 100},
+			{Referrer: "YouTube", Views: totalViews * 8 / 100},
+			{Referrer: "Reddit", Views: totalViews * 5 / 100},
+		},
+		Browsers: []tenant.NamedStat{
+			{Name: "Chrome", Count: totalVisitors * 55 / 100},
+			{Name: "Safari", Count: totalVisitors * 25 / 100},
+			{Name: "Firefox", Count: totalVisitors * 12 / 100},
+			{Name: "Edge", Count: totalVisitors * 8 / 100},
+		},
+		OS: []tenant.NamedStat{
+			{Name: "macOS", Count: totalVisitors * 45 / 100},
+			{Name: "Windows", Count: totalVisitors * 30 / 100},
+			{Name: "iOS", Count: totalVisitors * 15 / 100},
+			{Name: "Linux", Count: totalVisitors * 7 / 100},
+			{Name: "Android", Count: totalVisitors * 3 / 100},
+		},
+		Devices: []tenant.NamedStat{
+			{Name: "Desktop", Count: totalVisitors * 70 / 100},
+			{Name: "Mobile", Count: totalVisitors * 25 / 100},
+			{Name: "Tablet", Count: totalVisitors * 5 / 100},
+		},
+		Countries: []tenant.NamedStat{
+			{Name: "United States", Count: totalVisitors * 40 / 100},
+			{Name: "United Kingdom", Count: totalVisitors * 12 / 100},
+			{Name: "Germany", Count: totalVisitors * 10 / 100},
+			{Name: "Canada", Count: totalVisitors * 8 / 100},
+			{Name: "France", Count: totalVisitors * 6 / 100},
+			{Name: "Australia", Count: totalVisitors * 5 / 100},
+		},
+	}
+}
+
+func generateFakePostAnalytics(days int) *tenant.AnalyticsSummary {
+	if days <= 0 {
+		days = 30
+	}
+
+	baseViews := 5 + rand.Intn(8)
+	var totalViews int64
+	viewsByDay := make([]tenant.DailyStats, days)
+
+	for i := 0; i < days; i++ {
+		date := time.Now().AddDate(0, 0, -days+i+1)
+		dailyViews := int64(baseViews + rand.Intn(6))
+		totalViews += dailyViews
+
+		viewsByDay[i] = tenant.DailyStats{
+			Date:  date.Format("2006-01-02"),
+			Views: dailyViews,
+		}
+	}
+
+	return &tenant.AnalyticsSummary{
+		TotalViews: totalViews,
+		ViewsByDay: viewsByDay,
+	}
+}
diff --git a/internal/server/platform.go b/internal/server/platform.go
new file mode 100644
index 0000000..78597d8
--- /dev/null
+++ b/internal/server/platform.go
@@ -0,0 +1,649 @@
+package server
+
+import (
+	"embed"
+	"encoding/json"
+	"fmt"
+	"io/fs"
+	"log/slog"
+	"net/http"
+	"os"
+	"regexp"
+	"strings"
+
+	"github.com/writekitapp/writekit/internal/auth"
+)
+
+//go:embed templates/*.html
+var templatesFS embed.FS
+
+//go:embed static/*
+var staticFS embed.FS
+
+var subdomainRegex = regexp.MustCompile(`^[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$|^[a-z0-9]$`)
+
+func (s *Server) platformHome(w http.ResponseWriter, r *http.Request) {
+	content, err := templatesFS.ReadFile("templates/index.html")
+	if err != nil {
+		slog.Error("read index template", "error", err)
+		http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+		return
+	}
+
+	html := string(content)
+	html = strings.ReplaceAll(html, "{{ACCENT}}", "#10b981")
+	html = strings.ReplaceAll(html, "{{VERSION}}", "v1.0.0")
+	html = strings.ReplaceAll(html, "{{COMMIT}}", "dev")
+	html = strings.ReplaceAll(html, "{{DEMO_MINUTES}}", "15")
+
+	w.Header().Set("Content-Type", "text/html")
+	w.Write([]byte(html))
+}
+
+func (s *Server) notFound(w http.ResponseWriter, r *http.Request) {
+	content, err := templatesFS.ReadFile("templates/404.html")
+	if err != nil {
+		http.NotFound(w, r)
+		return
+	}
+
+	w.Header().Set("Content-Type", "text/html")
+	w.WriteHeader(http.StatusNotFound)
+	w.Write(content)
+}
+
+func (s *Server) platformLogin(w http.ResponseWriter, r *http.Request) {
+	http.Redirect(w, r, "/signup", http.StatusFound)
+}
+
+func (s *Server) platformSignup(w http.ResponseWriter, r *http.Request) {
+	content, err := templatesFS.ReadFile("templates/signup.html")
+	if err != nil {
+		slog.Error("read signup template", "error", err)
+		http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+		return
+	}
+
+	html := string(content)
+	html = strings.ReplaceAll(html, "{{ACCENT}}", "#10b981")
+
+	w.Header().Set("Content-Type", "text/html")
+	w.Write([]byte(html))
+}
+
+func (s *Server) platformDashboard(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Content-Type", "text/html")
+	w.Write([]byte(`<!DOCTYPE html>
+<html>
+<head><title>Dashboard - WriteKit</title></head>
+<body>
+<h1>Dashboard</h1>
+<p>Create your blog or manage your existing one.</p>
+</body>
+</html>`))
+}
+
+func (s *Server) serveStaticAssets(w http.ResponseWriter, r *http.Request) {
+	sub, err := fs.Sub(staticFS, "static")
+	if err != nil {
+		http.NotFound(w, r)
+		return
+	}
+	http.StripPrefix("/assets/", http.FileServer(http.FS(sub))).ServeHTTP(w, r)
+}
+
+func (s *Server) checkSubdomain(w http.ResponseWriter, r *http.Request) {
+	subdomain := strings.ToLower(r.URL.Query().Get("subdomain"))
+	if subdomain == "" {
+		jsonError(w, http.StatusBadRequest, "subdomain required")
+		return
+	}
+
+	if !subdomainRegex.MatchString(subdomain) {
+		jsonResponse(w, http.StatusOK, map[string]any{
+			"available": false,
+			"reason":    "invalid format",
+		})
+		return
+	}
+
+	available, err := s.database.IsSubdomainAvailable(r.Context(), subdomain)
+	if err != nil {
+		slog.Error("check subdomain", "error", err)
+		jsonError(w, http.StatusInternalServerError, "internal error")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, map[string]any{"available": available})
+}
+
+func (s *Server) createTenant(w http.ResponseWriter, r *http.Request) {
+	userID := auth.GetUserID(r)
+
+	var req struct {
+		Subdomain string `json:"subdomain"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	subdomain := strings.ToLower(req.Subdomain)
+	if !subdomainRegex.MatchString(subdomain) {
+		jsonError(w, http.StatusBadRequest, "invalid subdomain format")
+		return
+	}
+
+	existing, err := s.database.GetTenantByOwner(r.Context(), userID)
+	if err != nil {
+		slog.Error("check existing tenant", "error", err)
+		jsonError(w, http.StatusInternalServerError, "internal error")
+		return
+	}
+	if existing != nil {
+		jsonResponse(w, http.StatusConflict, map[string]any{
+			"error": "you already have a blog",
+			"url":   s.buildURL(existing.Subdomain),
+		})
+		return
+	}
+
+	available, err := s.database.IsSubdomainAvailable(r.Context(), subdomain)
+	if err != nil {
+		slog.Error("check availability", "error", err)
+		jsonError(w, http.StatusInternalServerError, "internal error")
+		return
+	}
+	if !available {
+		jsonError(w, http.StatusConflict, "subdomain not available")
+		return
+	}
+
+	tenant, err := s.database.CreateTenant(r.Context(), userID, subdomain)
+	if err != nil {
+		slog.Error("create tenant", "error", err)
+		jsonError(w, http.StatusInternalServerError, "failed to create tenant")
+		return
+	}
+
+	if _, err := s.tenantPool.Get(tenant.ID); err != nil {
+		slog.Error("init tenant db", "tenant_id", tenant.ID, "error", err)
+	}
+
+	user, _ := s.database.GetUserByID(r.Context(), userID)
+	if user != nil {
+		if tenantDB, err := s.tenantPool.Get(tenant.ID); err == nil {
+			tenantDB.Exec(`INSERT INTO site_settings (key, value) VALUES ('author_name', ?) ON CONFLICT DO NOTHING`, user.Name)
+			tenantDB.Exec(`INSERT INTO site_settings (key, value) VALUES ('author_avatar', ?) ON CONFLICT DO NOTHING`, user.AvatarURL)
+		}
+	}
+
+	slog.Info("tenant created", "subdomain", subdomain, "user_id", userID, "tenant_id", tenant.ID)
+
+	jsonResponse(w, http.StatusCreated, map[string]any{
+		"subdomain": subdomain,
+		"url":       s.buildURL(subdomain),
+		"tenant_id": tenant.ID,
+	})
+}
+
+func (s *Server) getTenant(w http.ResponseWriter, r *http.Request) {
+	userID := auth.GetUserID(r)
+
+	tenant, err := s.database.GetTenantByOwner(r.Context(), userID)
+	if err != nil {
+		slog.Error("get tenant", "error", err)
+		jsonError(w, http.StatusInternalServerError, "internal error")
+		return
+	}
+	if tenant == nil {
+		jsonResponse(w, http.StatusOK, map[string]any{"has_tenant": false})
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, map[string]any{
+		"has_tenant": true,
+		"tenant": map[string]any{
+			"id":        tenant.ID,
+			"subdomain": tenant.Subdomain,
+			"url":       s.buildURL(tenant.Subdomain),
+			"premium":   tenant.Premium,
+		},
+	})
+}
+
+func jsonResponse(w http.ResponseWriter, status int, data any) {
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(status)
+	json.NewEncoder(w).Encode(data)
+}
+
+func jsonError(w http.ResponseWriter, status int, msg string) {
+	jsonResponse(w, status, map[string]string{"error": msg})
+}
+
+func (s *Server) buildURL(subdomain string) string {
+	scheme := "https"
+	if env := os.Getenv("ENV"); env != "prod" {
+		scheme = "http"
+	}
+	return fmt.Sprintf("%s://%s.%s", scheme, subdomain, s.domain)
+}
+
+func (s *Server) createDemo(w http.ResponseWriter, r *http.Request) {
+	origin := r.Header.Get("Origin")
+	referer := r.Header.Get("Referer")
+
+	validOrigins := []string{
+		"https://" + s.domain,
+		"https://www." + s.domain,
+	}
+	if env := os.Getenv("ENV"); env != "prod" {
+		validOrigins = append(validOrigins,
+			"http://"+s.domain,
+			"http://www."+s.domain,
+		)
+	}
+
+	isValidOrigin := func(o string) bool {
+		for _, v := range validOrigins {
+			if o == v {
+				return true
+			}
+		}
+		return false
+	}
+
+	isValidReferer := func(ref string) bool {
+		for _, v := range validOrigins {
+			if strings.HasPrefix(ref, v) {
+				return true
+			}
+		}
+		return false
+	}
+
+	if origin != "" && !isValidOrigin(origin) {
+		jsonError(w, http.StatusForbidden, "forbidden")
+		return
+	}
+	if origin == "" && referer != "" && !isValidReferer(referer) {
+		jsonError(w, http.StatusForbidden, "forbidden")
+		return
+	}
+
+	var req struct {
+		Name  string `json:"name"`
+		Color string `json:"color"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	if req.Name == "" {
+		req.Name = "Demo User"
+	}
+	if req.Color == "" {
+		req.Color = "#10b981"
+	}
+
+	demo, err := s.database.CreateDemo(r.Context())
+	if err != nil {
+		slog.Error("create demo", "error", err)
+		jsonError(w, http.StatusInternalServerError, "failed to create demo")
+		return
+	}
+
+	s.tenantPool.MarkAsDemo(demo.ID)
+	if _, err := s.tenantPool.Get(demo.ID); err != nil {
+		slog.Error("init demo db", "demo_id", demo.ID, "error", err)
+	}
+
+	if err := s.seedDemoContent(demo.ID, req.Name, req.Color); err != nil {
+		slog.Error("seed demo content", "demo_id", demo.ID, "error", err)
+	}
+
+	slog.Info("demo created", "subdomain", demo.Subdomain, "demo_id", demo.ID, "expires_at", demo.ExpiresAt)
+
+	jsonResponse(w, http.StatusCreated, map[string]any{
+		"subdomain":  demo.Subdomain,
+		"url":        s.buildURL(demo.Subdomain),
+		"expires_at": demo.ExpiresAt.Format("2006-01-02T15:04:05Z"),
+	})
+}
+
+func (s *Server) seedDemoContent(demoID, authorName, accentColor string) error {
+	db, err := s.tenantPool.Get(demoID)
+	if err != nil {
+		return fmt.Errorf("get tenant pool: %w", err)
+	}
+
+	result, err := db.Exec(`INSERT INTO site_settings (key, value) VALUES
+		('site_name', ?),
+		('site_description', 'Thoughts on building software, developer tools, and the craft of engineering.'),
+		('accent_color', ?),
+		('author_name', ?),
+		('is_demo', 'true')
+		ON CONFLICT DO NOTHING`, authorName+"'s Blog", accentColor, authorName)
+	if err != nil {
+		return fmt.Errorf("insert settings: %w", err)
+	}
+	rows, _ := result.RowsAffected()
+	slog.Info("seed demo settings", "demo_id", demoID, "rows_affected", rows)
+
+	_, err = db.Exec(`INSERT INTO posts (id, slug, title, description, content_md, tags, cover_image, is_published, published_at, created_at, modified_at) VALUES
+		('demo-post-1', 'shipping-a-side-project',
+		'I Finally Shipped My Side Project',
+		'After mass years of abandoned repos, here is what finally worked.',
+		'I have mass abandoned side projects. We all do. But last month, I actually shipped one.
+
+Here''s what I did differently this time.
+
+## The Graveyard
+
+Before we get to what worked, let me be honest about what didn''t. My GitHub is full of:
+
+- [ ] A "better" todo app (mass of features planned, mass built)
+- [ ] A CLI tool I used once
+- [ ] Three different blog engines (ironic, I know)
+- [x] This project — finally shipped
+
+The pattern was always the same: mass enthusiasm for a week, mass silence forever.
+
+## What Changed
+
+This time, I set one rule: **ship in two weeks or kill it**.
+
+> "If you''re not embarrassed by the first version of your product, you''ve launched too late." — Reid Hoffman
+
+I printed that quote and stuck it on my monitor. Every time I wanted to add "just one more feature," I looked at it.
+
+## The Stack
+
+I kept it minimal:
+
+| Layer | Choice | Why |
+|-------|--------|-----|
+| Frontend | React | I know it well |
+| Backend | Go | Fast, simple deploys |
+| Database | SQLite | No ops overhead |
+| Hosting | Fly.io | $0 to start |
+
+~~I originally planned to use Kubernetes~~ — glad I didn''t. SQLite on a single server handles more traffic than I''ll ever get.
+
+## The Launch
+
+I posted on Twitter, mass likes. mass signups. Then... mass complaints about bugs I hadn''t tested for.
+
+But here''s the thing: **those bugs only exist because I shipped**. I fixed them in a day. If I''d waited for "perfect," I''d still be tweaking CSS.
+
+---
+
+Ship something this week. mass needs to be big. Your mass abandoned project could be mass person''s favorite tool.',
+		'["career","shipping"]',
+		'https://images.unsplash.com/photo-1517694712202-14dd9538aa97?w=1200&h=630&fit=crop',
+		1,
+		datetime('now', '-2 days'),
+		datetime('now', '-2 days'),
+		datetime('now', '-2 days')),
+
+		('demo-post-2', 'debugging-production-like-a-detective',
+		'Debugging Production Like a Detective',
+		'A systematic approach to finding bugs when console.log is not enough.',
+		'Last week, our API started returning 500 errors. Not always — just enough to be infuriating. Here''s how I tracked it down.
+
+## The Symptoms
+
+Users reported "random failures." The logs showed:
+
+` + "```" + `
+error: connection refused
+error: connection refused
+error: context deadline exceeded
+` + "```" + `
+
+Helpful, right?
+
+## Step 1: Gather Evidence
+
+First, I needed data. I added structured logging:
+
+` + "```go" + `
+slog.Error("request failed",
+    "endpoint", r.URL.Path,
+    "user_id", userID,
+    "duration_ms", time.Since(start).Milliseconds(),
+    "error", err,
+)
+` + "```" + `
+
+Within an hour, a pattern emerged:
+
+| Time | Endpoint | Duration | Result |
+|------|----------|----------|--------|
+| 14:01 | /api/posts | 45ms | OK |
+| 14:01 | /api/posts | 52ms | OK |
+| 14:02 | /api/posts | 30,004ms | FAIL |
+| 14:02 | /api/users | 48ms | OK |
+
+The failures were always *exactly* 30 seconds — our timeout value.
+
+## Step 2: Form a Hypothesis
+
+> The 30-second timeout suggested a connection hanging, not failing fast.
+
+I suspected connection pool exhaustion. Our pool was set to 10 connections. Under load, requests would wait for a free connection, then timeout.
+
+## Step 3: Test the Theory
+
+I checked the pool stats:
+
+` + "```sql" + `
+SELECT count(*) FROM pg_stat_activity
+WHERE application_name = ''myapp'';
+` + "```" + `
+
+Result: **10**. Exactly at the limit.
+
+## The Fix
+
+` + "```go" + `
+db.SetMaxOpenConns(25)      // was: 10
+db.SetMaxIdleConns(10)      // was: 2
+db.SetConnMaxLifetime(time.Hour)
+` + "```" + `
+
+Three lines. Two days of debugging. Zero more timeouts.
+
+---
+
+The lesson: **when debugging production, be a detective, not a guesser**. Gather evidence, form hypotheses, test them.',
+		'["debugging","golang","databases"]',
+		'https://images.unsplash.com/photo-1555066931-4365d14bab8c?w=1200&h=630&fit=crop',
+		1,
+		datetime('now', '-5 days'),
+		datetime('now', '-5 days'),
+		datetime('now', '-5 days')),
+
+		('demo-post-3', 'sqlite-in-production',
+		'Yes, You Can Use SQLite in Production',
+		'How to scale SQLite further than you think — and when to finally migrate.',
+		'Every time I mention SQLite in production, someone says "that doesn''t scale." Let me share some numbers.
+
+## The Reality
+
+SQLite handles:
+
+- **Millions** of reads per second
+- **Thousands** of writes per second (with WAL mode)
+- Databases up to **281 TB** (theoretical limit)
+
+For context, that''s more than most apps will ever need.
+
+## Configuration That Matters
+
+The defaults are conservative. For production, I use:
+
+` + "```sql" + `
+PRAGMA journal_mode = WAL;
+PRAGMA synchronous = NORMAL;
+PRAGMA cache_size = -64000;  -- 64MB cache
+PRAGMA busy_timeout = 5000;
+` + "```" + `
+
+This gives you:
+
+| Setting | Default | Production | Impact |
+|---------|---------|------------|--------|
+| journal_mode | DELETE | WAL | Concurrent reads during writes |
+| synchronous | FULL | NORMAL | 10x faster writes, still safe |
+| cache_size | -2000 | -64000 | Fewer disk reads |
+
+## When to Migrate
+
+SQLite is **not** right when you need:
+
+1. Multiple servers writing to the same database
+2. ~~Horizontal scaling~~ (though read replicas now exist via Litestream)
+3. Sub-millisecond writes under heavy contention
+
+If you''re running a single server — which is most apps — SQLite is great.
+
+> "I''ve never used a database that made me this happy." — every SQLite user, probably
+
+## Getting Started
+
+Here''s my standard setup:
+
+` + "```go" + `
+db, err := sql.Open("sqlite3", "file:app.db?_journal=WAL&_timeout=5000")
+if err != nil {
+    log.Fatal(err)
+}
+db.SetMaxOpenConns(1)  // SQLite writes are serialized anyway
+
+// Run migrations
+if _, err := db.Exec(schema); err != nil {
+    log.Fatal(err)
+}
+` + "```" + `
+
+---
+
+Stop overengineering. Start with SQLite. Migrate when you *actually* hit limits — you probably never will.',
+		'["sqlite","databases","architecture"]',
+		'https://images.unsplash.com/photo-1544383835-bda2bc66a55d?w=1200&h=630&fit=crop',
+		1,
+		datetime('now', '-8 days'),
+		datetime('now', '-8 days'),
+		datetime('now', '-8 days')),
+
+		('demo-post-4', 'my-2024-reading-list',
+		'My 2024 Reading List',
+		'',
+		'Here are the books that shaped my thinking this year.
+
+## Technical Books
+
+- **Designing Data-Intensive Applications** by Martin Kleppmann
+- **The Pragmatic Programmer** by David Thomas
+- **Staff Engineer** by Will Larson
+
+## Non-Technical
+
+- **The Mom Test** by Rob Fitzpatrick
+- **Building a Second Brain** by Tiago Forte
+
+More thoughts on each coming soon...',
+		'["books","learning"]',
+		'',
+		1,
+		datetime('now', '-12 days'),
+		datetime('now', '-12 days'),
+		datetime('now', '-12 days')),
+
+		('demo-draft-1', 'understanding-react-server-components',
+		'Understanding React Server Components',
+		'A deep dive into RSC architecture and when to use them.',
+		'React Server Components are confusing. Let me try to explain them.
+
+## The Problem RSC Solves
+
+Traditional React apps ship a lot of JavaScript to the browser. RSC lets you run components on the server and send only the HTML.
+
+## Key Concepts
+
+TODO: Add diagrams
+
+## When to Use RSC
+
+- Data fetching
+- Heavy dependencies
+- SEO-critical pages
+
+## When NOT to Use RSC
+
+- Interactive components
+- Client state
+- Event handlers
+
+Still writing this one...',
+		'["react","architecture"]',
+		'',
+		0,
+		NULL,
+		datetime('now', '-1 days'),
+		datetime('now', '-2 hours')),
+
+		('demo-draft-2', 'vim-tricks-i-use-daily',
+		'Vim Tricks I Use Daily',
+		'The shortcuts that actually stuck after 5 years of using Vim.',
+		'After mass years of Vim, these are the commands I use daily.
+
+## Navigation
+
+- Ctrl+d and Ctrl+u for half page down/up
+- zz to center current line
+
+## Editing
+
+Still collecting my favorites...',
+		'["vim","productivity"]',
+		'',
+		0,
+		NULL,
+		datetime('now', '-3 days'),
+		datetime('now', '-1 days'))
+		ON CONFLICT DO NOTHING`)
+	if err != nil {
+		return fmt.Errorf("insert posts: %w", err)
+	}
+	slog.Info("seed demo posts", "demo_id", demoID)
+
+	return nil
+}
+
+func (s *Server) ensureDemoSeeded(demoID string) {
+	db, err := s.tenantPool.Get(demoID)
+	if err != nil {
+		slog.Error("ensureDemoSeeded: get pool", "demo_id", demoID, "error", err)
+		return
+	}
+
+	var count int
+	err = db.QueryRow("SELECT COUNT(*) FROM posts").Scan(&count)
+	if err != nil {
+		slog.Error("ensureDemoSeeded: count posts", "demo_id", demoID, "error", err)
+		return
+	}
+
+	if count > 0 {
+		return
+	}
+
+	slog.Info("re-seeding demo content", "demo_id", demoID)
+	if err := s.seedDemoContent(demoID, "Demo User", "#10b981"); err != nil {
+		slog.Error("ensureDemoSeeded: seed failed", "demo_id", demoID, "error", err)
+	}
+}
diff --git a/internal/server/ratelimit.go b/internal/server/ratelimit.go
new file mode 100644
index 0000000..f58e6f8
--- /dev/null
+++ b/internal/server/ratelimit.go
@@ -0,0 +1,126 @@
+package server
+
+import (
+	"net/http"
+	"sync"
+	"time"
+
+	"github.com/writekitapp/writekit/internal/config"
+)
+
+type bucket struct {
+	tokens    float64
+	lastFill  time.Time
+	rateLimit int
+}
+
+type RateLimiter struct {
+	mu      sync.RWMutex
+	buckets map[string]*bucket
+}
+
+func NewRateLimiter() *RateLimiter {
+	rl := &RateLimiter{
+		buckets: make(map[string]*bucket),
+	}
+	go rl.cleanup()
+	return rl
+}
+
+func (rl *RateLimiter) Allow(tenantID string, limit int) bool {
+	rl.mu.Lock()
+	defer rl.mu.Unlock()
+
+	now := time.Now()
+	b, ok := rl.buckets[tenantID]
+	if !ok {
+		b = &bucket{
+			tokens:    float64(limit),
+			lastFill:  now,
+			rateLimit: limit,
+		}
+		rl.buckets[tenantID] = b
+	}
+
+	if b.rateLimit != limit {
+		b.rateLimit = limit
+		b.tokens = float64(limit)
+	}
+
+	elapsed := now.Sub(b.lastFill)
+	tokensToAdd := elapsed.Hours() * float64(limit)
+	b.tokens = min(b.tokens+tokensToAdd, float64(limit))
+	b.lastFill = now
+
+	if b.tokens >= 1 {
+		b.tokens--
+		return true
+	}
+	return false
+}
+
+func (rl *RateLimiter) cleanup() {
+	ticker := time.NewTicker(5 * time.Minute)
+	for range ticker.C {
+		rl.mu.Lock()
+		threshold := time.Now().Add(-1 * time.Hour)
+		for k, b := range rl.buckets {
+			if b.lastFill.Before(threshold) {
+				delete(rl.buckets, k)
+			}
+		}
+		rl.mu.Unlock()
+	}
+}
+
+func (s *Server) apiRateLimitMiddleware(rl *RateLimiter) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			tenantID, ok := r.Context().Value(tenantIDKey).(string)
+			if !ok || tenantID == "" {
+				next.ServeHTTP(w, r)
+				return
+			}
+
+			t, err := s.database.GetTenantByID(r.Context(), tenantID)
+			if err != nil {
+				next.ServeHTTP(w, r)
+				return
+			}
+
+			premium := t != nil && t.Premium
+			tierInfo := config.GetTierInfo(premium)
+			limit := tierInfo.Config.APIRateLimit
+
+			if !rl.Allow(tenantID, limit) {
+				w.Header().Set("X-RateLimit-Limit", itoa(limit))
+				w.Header().Set("X-RateLimit-Reset", "3600")
+				w.Header().Set("Retry-After", "60")
+				jsonError(w, http.StatusTooManyRequests, "rate limit exceeded")
+				return
+			}
+
+			w.Header().Set("X-RateLimit-Limit", itoa(limit))
+			next.ServeHTTP(w, r)
+		})
+	}
+}
+
+func itoa(n int) string {
+	if n == 0 {
+		return "0"
+	}
+	s := ""
+	for n > 0 {
+		s = string(rune('0'+n%10)) + s
+		n /= 10
+	}
+	return s
+}
+
+func min(a, b float64) float64 {
+	if a < b {
+		return a
+	}
+	return b
+}
diff --git a/internal/server/reader.go b/internal/server/reader.go
new file mode 100644
index 0000000..270579a
--- /dev/null
+++ b/internal/server/reader.go
@@ -0,0 +1,634 @@
+package server
+
+import (
+	"context"
+	"crypto/rand"
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/go-chi/chi/v5"
+	"github.com/writekitapp/writekit/internal/tenant"
+)
+
+func (s *Server) readerRoutes() chi.Router {
+	r := chi.NewRouter()
+
+	r.Get("/login/{provider}", s.readerLogin)
+	r.Get("/auth/callback", s.readerAuthCallback)
+	r.Get("/auth/providers", s.readerAuthProviders)
+
+	r.Group(func(r chi.Router) {
+		r.Use(s.readerAuthMiddleware)
+
+		r.Get("/config", s.getInteractionConfig)
+
+		r.Get("/posts/{slug}/comments", s.listComments)
+		r.Post("/posts/{slug}/comments", s.createComment)
+		r.Delete("/comments/{id}", s.deleteComment)
+
+		r.Get("/posts/{slug}/reactions", s.getReactions)
+		r.Post("/posts/{slug}/reactions", s.toggleReaction)
+
+		r.Get("/me", s.getReaderMe)
+		r.Post("/logout", s.readerLogout)
+
+		r.Get("/search", s.search)
+	})
+
+	return r
+}
+
+func (s *Server) getInteractionConfig(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	config := q.GetInteractionConfig(r.Context())
+
+	jsonResponse(w, http.StatusOK, config)
+}
+
+func (s *Server) listComments(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	slug := chi.URLParam(r, "slug")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	comments, err := q.ListComments(r.Context(), slug)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to list comments")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, comments)
+}
+
+func (s *Server) createComment(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	slug := chi.URLParam(r, "slug")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	if q.GetSettingWithDefault(r.Context(), "comments_enabled") != "true" {
+		jsonError(w, http.StatusForbidden, "comments disabled")
+		return
+	}
+
+	var req struct {
+		Content  string `json:"content"`
+		ParentID *int64 `json:"parent_id"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	if req.Content == "" {
+		jsonError(w, http.StatusBadRequest, "content required")
+		return
+	}
+
+	userID := getReaderUserID(r)
+	if userID == "" {
+		jsonError(w, http.StatusUnauthorized, "login required")
+		return
+	}
+
+	// Get user info for validation
+	user, _ := q.GetUserByID(r.Context(), userID)
+	authorName := "Anonymous"
+	authorEmail := ""
+	if user != nil {
+		authorName = user.Name
+		authorEmail = user.Email
+	}
+
+	// Validate comment via plugins
+	runner := s.getPluginRunner(tenantID, db)
+	allowed, reason, _ := runner.TriggerValidation(r.Context(), "comment.validate", map[string]any{
+		"content":     req.Content,
+		"authorName":  authorName,
+		"authorEmail": authorEmail,
+		"postSlug":    slug,
+	})
+	runner.Close()
+
+	if !allowed {
+		msg := "Comment rejected"
+		if reason != "" {
+			msg = reason
+		}
+		jsonError(w, http.StatusForbidden, msg)
+		return
+	}
+
+	comment := &tenant.Comment{
+		UserID:   userID,
+		PostSlug: slug,
+		Content:  req.Content,
+		ParentID: req.ParentID,
+	}
+
+	if err := q.CreateComment(r.Context(), comment); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to create comment")
+		return
+	}
+
+	// Trigger comment.created hook
+	go func() {
+		runner := s.getPluginRunner(tenantID, db)
+		defer runner.Close()
+
+		// Get post info
+		post, _ := q.GetPost(r.Context(), slug)
+		postData := map[string]any{"slug": slug, "title": slug, "url": "/" + slug}
+		if post != nil {
+			postData["title"] = post.Title
+		}
+
+		runner.TriggerHook(r.Context(), "comment.created", map[string]any{
+			"comment": map[string]any{
+				"id":          comment.ID,
+				"content":     comment.Content,
+				"authorName":  authorName,
+				"authorEmail": authorEmail,
+				"postSlug":    slug,
+				"createdAt":   comment.CreatedAt.Format(time.RFC3339),
+			},
+			"post": postData,
+		})
+	}()
+
+	jsonResponse(w, http.StatusCreated, comment)
+}
+
+func (s *Server) deleteComment(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	id := chi.URLParam(r, "id")
+
+	userID := getReaderUserID(r)
+	if userID == "" {
+		jsonError(w, http.StatusUnauthorized, "login required")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	var commentID int64
+	if _, err := json.Number(id).Int64(); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid comment id")
+		return
+	}
+	commentID, _ = json.Number(id).Int64()
+
+	comment, err := q.GetComment(r.Context(), commentID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get comment")
+		return
+	}
+	if comment == nil {
+		jsonError(w, http.StatusNotFound, "comment not found")
+		return
+	}
+
+	if comment.UserID != userID {
+		jsonError(w, http.StatusForbidden, "not your comment")
+		return
+	}
+
+	if err := q.DeleteComment(r.Context(), commentID); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to delete comment")
+		return
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+}
+
+func (s *Server) getReactions(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	slug := chi.URLParam(r, "slug")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	counts, err := q.GetReactionCounts(r.Context(), slug)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get reactions")
+		return
+	}
+
+	var userReactions []string
+	userID := getReaderUserID(r)
+	if userID != "" {
+		userReactions, _ = q.GetUserReactions(r.Context(), userID, slug)
+	} else if anonID := getAnonID(r); anonID != "" {
+		userReactions, _ = q.GetAnonReactions(r.Context(), anonID, slug)
+	}
+
+	jsonResponse(w, http.StatusOK, map[string]any{
+		"counts": counts,
+		"user":   userReactions,
+	})
+}
+
+func (s *Server) toggleReaction(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	slug := chi.URLParam(r, "slug")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	if q.GetSettingWithDefault(r.Context(), "reactions_enabled") != "true" {
+		jsonError(w, http.StatusForbidden, "reactions disabled")
+		return
+	}
+
+	var req struct {
+		Emoji string `json:"emoji"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	if req.Emoji == "" {
+		jsonError(w, http.StatusBadRequest, "emoji required")
+		return
+	}
+
+	userID := getReaderUserID(r)
+	anonID := ""
+	requireAuth := q.GetSettingWithDefault(r.Context(), "reactions_require_auth") == "true"
+
+	if userID == "" {
+		if requireAuth {
+			jsonError(w, http.StatusUnauthorized, "login required")
+			return
+		}
+		anonID = getOrCreateAnonID(w, r)
+	}
+
+	added, err := q.ToggleReaction(r.Context(), userID, anonID, slug, req.Emoji)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to toggle reaction")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, map[string]bool{"added": added})
+}
+
+func (s *Server) search(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	query := r.URL.Query().Get("q")
+
+	if query == "" {
+		jsonResponse(w, http.StatusOK, []any{})
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	results, err := q.Search(r.Context(), query, 20)
+	if err != nil {
+		jsonResponse(w, http.StatusOK, []any{})
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, results)
+}
+
+func (s *Server) getReaderMe(w http.ResponseWriter, r *http.Request) {
+	userID := getReaderUserID(r)
+	if userID == "" {
+		jsonResponse(w, http.StatusOK, map[string]any{"logged_in": false})
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	user, err := q.GetUserByID(r.Context(), userID)
+	if err != nil || user == nil {
+		jsonResponse(w, http.StatusOK, map[string]any{"logged_in": false})
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, map[string]any{
+		"logged_in": true,
+		"user": map[string]any{
+			"id":         user.ID,
+			"email":      user.Email,
+			"name":       user.Name,
+			"avatar_url": user.AvatarURL,
+		},
+	})
+}
+
+func (s *Server) readerLogout(w http.ResponseWriter, r *http.Request) {
+	token := extractReaderToken(r)
+	if token == "" {
+		w.WriteHeader(http.StatusNoContent)
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	db, err := s.tenantPool.Get(tenantID)
+	if err == nil {
+		q := tenant.NewQueries(db)
+		q.DeleteSession(r.Context(), token)
+	}
+
+	http.SetCookie(w, &http.Cookie{
+		Name:     "reader_session",
+		Value:    "",
+		Path:     "/",
+		MaxAge:   -1,
+		HttpOnly: true,
+		Secure:   true,
+		SameSite: http.SameSiteLaxMode,
+	})
+
+	w.WriteHeader(http.StatusNoContent)
+}
+
+func getReaderUserID(r *http.Request) string {
+	if id, ok := r.Context().Value(readerUserIDKey).(string); ok {
+		return id
+	}
+	return ""
+}
+
+type readerCtxKey string
+
+const readerUserIDKey readerCtxKey = "readerUserID"
+
+func (s *Server) readerAuthMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		token := extractReaderToken(r)
+		if token == "" {
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		tenantID, ok := r.Context().Value(tenantIDKey).(string)
+		if !ok || tenantID == "" {
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		db, err := s.tenantPool.Get(tenantID)
+		if err != nil {
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		q := tenant.NewQueries(db)
+		session, err := q.ValidateSession(r.Context(), token)
+		if err != nil || session == nil {
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		ctx := context.WithValue(r.Context(), readerUserIDKey, session.UserID)
+		next.ServeHTTP(w, r.WithContext(ctx))
+	})
+}
+
+func extractReaderToken(r *http.Request) string {
+	if cookie, err := r.Cookie("reader_session"); err == nil && cookie.Value != "" {
+		return cookie.Value
+	}
+
+	auth := r.Header.Get("Authorization")
+	if strings.HasPrefix(auth, "Bearer ") {
+		return strings.TrimPrefix(auth, "Bearer ")
+	}
+
+	return ""
+}
+
+func (s *Server) readerLogin(w http.ResponseWriter, r *http.Request) {
+	provider := chi.URLParam(r, "provider")
+	if provider != "google" && provider != "github" && provider != "discord" {
+		jsonError(w, http.StatusBadRequest, "invalid provider")
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	redirect := r.URL.Query().Get("redirect")
+
+	baseURL := os.Getenv("BASE_URL")
+	if baseURL == "" {
+		baseURL = "https://writekit.dev"
+	}
+
+	tenantInfo, err := s.database.GetTenantByID(r.Context(), tenantID)
+	if err != nil || tenantInfo == nil {
+		jsonError(w, http.StatusNotFound, "tenant not found")
+		return
+	}
+
+	domain := tenantInfo.CustomDomain
+	if domain == "" {
+		domain = tenantInfo.Subdomain + "." + s.domain
+	}
+	callbackURL := fmt.Sprintf("https://%s/api/reader/auth/callback", domain)
+	if redirect != "" {
+		callbackURL += "?redirect=" + redirect
+	}
+
+	authURL := fmt.Sprintf("%s/auth/%s?tenant=%s&callback=%s",
+		baseURL, provider, tenantID, callbackURL)
+
+	http.Redirect(w, r, authURL, http.StatusTemporaryRedirect)
+}
+
+func (s *Server) readerAuthCallback(w http.ResponseWriter, r *http.Request) {
+	token := r.URL.Query().Get("token")
+	redirect := r.URL.Query().Get("redirect")
+
+	if token == "" {
+		jsonError(w, http.StatusBadRequest, "missing token")
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	baseURL := os.Getenv("BASE_URL")
+	if baseURL == "" {
+		baseURL = "https://writekit.dev"
+	}
+
+	userURL := baseURL + "/auth/user?token=" + token
+	resp, err := http.Get(userURL)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "auth failed")
+		return
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		body, _ := io.ReadAll(resp.Body)
+		jsonError(w, http.StatusUnauthorized, "invalid token: "+string(body))
+		return
+	}
+
+	var platformUser struct {
+		ID        string `json:"id"`
+		Email     string `json:"email"`
+		Name      string `json:"name"`
+		AvatarURL string `json:"avatar_url"`
+	}
+	if err := json.NewDecoder(resp.Body).Decode(&platformUser); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to parse user")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	user, err := q.GetUserByID(r.Context(), platformUser.ID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+	if user == nil {
+		user = &tenant.User{
+			ID:        platformUser.ID,
+			Email:     platformUser.Email,
+			Name:      platformUser.Name,
+			AvatarURL: platformUser.AvatarURL,
+		}
+		if err := q.CreateUser(r.Context(), user); err != nil {
+			jsonError(w, http.StatusInternalServerError, "failed to create user")
+			return
+		}
+	}
+
+	session, err := q.CreateSession(r.Context(), user.ID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to create session")
+		return
+	}
+
+	tenantInfo, _ := s.database.GetTenantByID(r.Context(), tenantID)
+	secure := tenantInfo != nil && !strings.HasPrefix(tenantInfo.Subdomain, "localhost")
+
+	http.SetCookie(w, &http.Cookie{
+		Name:     "reader_session",
+		Value:    session.Token,
+		Path:     "/",
+		Expires:  session.ExpiresAt,
+		HttpOnly: true,
+		Secure:   secure,
+		SameSite: http.SameSiteLaxMode,
+	})
+
+	if redirect == "" || !strings.HasPrefix(redirect, "/") || strings.HasPrefix(redirect, "//") {
+		redirect = "/"
+	}
+
+	http.Redirect(w, r, redirect, http.StatusTemporaryRedirect)
+}
+
+func (s *Server) readerAuthProviders(w http.ResponseWriter, r *http.Request) {
+	baseURL := os.Getenv("BASE_URL")
+	if baseURL == "" {
+		baseURL = "https://writekit.dev"
+	}
+
+	resp, err := http.Get(baseURL + "/auth/providers")
+	if err != nil {
+		jsonResponse(w, http.StatusOK, map[string]any{"providers": []any{}})
+		return
+	}
+	defer resp.Body.Close()
+
+	var result map[string]any
+	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
+		jsonResponse(w, http.StatusOK, map[string]any{"providers": []any{}})
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, result)
+}
+
+func getOrCreateAnonID(w http.ResponseWriter, r *http.Request) string {
+	if cookie, err := r.Cookie("anon_id"); err == nil && cookie.Value != "" {
+		return cookie.Value
+	}
+
+	b := make([]byte, 16)
+	rand.Read(b)
+	anonID := hex.EncodeToString(b)
+
+	http.SetCookie(w, &http.Cookie{
+		Name:     "anon_id",
+		Value:    anonID,
+		Path:     "/",
+		MaxAge:   365 * 24 * 60 * 60,
+		HttpOnly: true,
+		SameSite: http.SameSiteLaxMode,
+	})
+
+	return anonID
+}
+
+func getAnonID(r *http.Request) string {
+	if cookie, err := r.Cookie("anon_id"); err == nil {
+		return cookie.Value
+	}
+	return ""
+}
diff --git a/internal/server/server.go b/internal/server/server.go
new file mode 100644
index 0000000..d35d1e6
--- /dev/null
+++ b/internal/server/server.go
@@ -0,0 +1,163 @@
+package server
+
+import (
+	"context"
+	"database/sql"
+	"log/slog"
+	"net/http"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/go-chi/chi/v5"
+	"github.com/go-chi/chi/v5/middleware"
+	"github.com/writekitapp/writekit/internal/auth"
+	"github.com/writekitapp/writekit/internal/cloudflare"
+	"github.com/writekitapp/writekit/internal/db"
+	"github.com/writekitapp/writekit/internal/imaginary"
+	"github.com/writekitapp/writekit/internal/storage"
+	"github.com/writekitapp/writekit/internal/tenant"
+)
+
+type Server struct {
+	router      chi.Router
+	database    *db.DB
+	tenantPool  *tenant.Pool
+	tenantCache *tenant.Cache
+	storage     storage.Client
+	imaginary   *imaginary.Client
+	cloudflare  *cloudflare.Client
+	rateLimiter *RateLimiter
+	domain      string
+	jarvisURL   string
+	stopCleanup chan struct{}
+}
+
+func New(database *db.DB, pool *tenant.Pool, cache *tenant.Cache, storageClient storage.Client) *Server {
+	domain := os.Getenv("DOMAIN")
+	if domain == "" {
+		domain = "writekit.dev"
+	}
+
+	jarvisURL := os.Getenv("JARVIS_URL")
+	if jarvisURL == "" {
+		jarvisURL = "http://localhost:8090"
+	}
+
+	var imgClient *imaginary.Client
+	if url := os.Getenv("IMAGINARY_URL"); url != "" {
+		imgClient = imaginary.New(url)
+	}
+
+	cfClient := cloudflare.NewClient()
+
+	s := &Server{
+		router:      chi.NewRouter(),
+		database:    database,
+		tenantPool:  pool,
+		tenantCache: cache,
+		storage:     storageClient,
+		imaginary:   imgClient,
+		cloudflare:  cfClient,
+		rateLimiter: NewRateLimiter(),
+		domain:      domain,
+		jarvisURL:   jarvisURL,
+		stopCleanup: make(chan struct{}),
+	}
+
+	s.router.Use(middleware.Logger)
+	s.router.Use(middleware.Recoverer)
+	s.router.Use(middleware.Compress(5))
+
+	s.routes()
+	go s.cleanupDemos()
+
+	return s
+}
+
+func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	s.router.ServeHTTP(w, r)
+}
+
+func (s *Server) routes() {
+	s.router.HandleFunc("/*", s.route)
+}
+
+func (s *Server) route(w http.ResponseWriter, r *http.Request) {
+	host := r.Host
+	if idx := strings.Index(host, ":"); idx != -1 {
+		host = host[:idx]
+	}
+
+	if host == s.domain || host == "www."+s.domain {
+		s.servePlatform(w, r)
+		return
+	}
+
+	if strings.HasSuffix(host, "."+s.domain) {
+		subdomain := strings.TrimSuffix(host, "."+s.domain)
+		s.serveBlog(w, r, subdomain)
+		return
+	}
+
+	s.notFound(w, r)
+}
+
+func (s *Server) servePlatform(w http.ResponseWriter, r *http.Request) {
+	mux := chi.NewRouter()
+	mux.NotFound(s.notFound)
+
+	mux.Get("/", s.platformHome)
+	mux.Get("/login", s.platformLogin)
+	mux.Get("/signup", s.platformSignup)
+	mux.Get("/signup/complete", s.platformSignup)
+	mux.Get("/dashboard", s.platformDashboard)
+	mux.Handle("/assets/*", http.HandlerFunc(s.serveStaticAssets))
+
+	mux.Mount("/auth", auth.NewHandler(s.database).Routes())
+
+	mux.Route("/api", func(r chi.Router) {
+		r.Get("/tenant/check", s.checkSubdomain)
+		r.Post("/demo", s.createDemo)
+		r.Group(func(r chi.Router) {
+			r.Use(auth.SessionMiddleware(s.database))
+			r.Post("/tenant", s.createTenant)
+			r.Get("/tenant", s.getTenant)
+		})
+	})
+
+	mux.ServeHTTP(w, r)
+}
+
+func (s *Server) cleanupDemos() {
+	ticker := time.NewTicker(15 * time.Second)
+	defer ticker.Stop()
+
+	for {
+		select {
+		case <-ticker.C:
+			expired, err := s.database.CleanupExpiredDemos(context.Background())
+			if err != nil {
+				slog.Error("cleanup expired demos", "error", err)
+				continue
+			}
+			for _, d := range expired {
+				s.tenantPool.Evict(d.ID)
+				s.tenantCache.Delete(d.Subdomain)
+				slog.Info("cleaned up expired demo", "demo_id", d.ID, "subdomain", d.Subdomain)
+			}
+		case <-s.stopCleanup:
+			return
+		}
+	}
+}
+
+func (s *Server) Close() {
+	close(s.stopCleanup)
+}
+
+// getPluginRunner returns a PluginRunner for the given tenant
+func (s *Server) getPluginRunner(tenantID string, db *sql.DB) *tenant.PluginRunner {
+	return tenant.NewPluginRunner(db, tenantID)
+}
+
diff --git a/internal/server/static/analytics-screenshot.png b/internal/server/static/analytics-screenshot.png
new file mode 100644
index 0000000000000000000000000000000000000000..815602911d2dc087ec56e1abd720b3b09135d84b
GIT binary patch
literal 54639
zcmd43bzGG1*DgAWh=PiOfV4<6gpv{iiUQJ-Lw6$}-JwXAAl)6q(A`}_cZbrAz|b(~
zLHwTce$MCjzWaC1-uv_J=dXdM?pXI)_qx_~J$@ghL>^)iVS+%QhoT?e%Ys06-+(}9
z-|pQ8{$s~tf&_scgGArIm3N5Wn#EF+x4lCBF349^!mqp=&DDbyp8wr!NI_+`Q7k1u
zC%-LUAOIN^rNSj?oKvndJQAtctBxwY`ZUNo*y{zq)ADWWt2t+-idI!{#T^}61ZM9B
zD(19VyK>$jnyqCs2AjwFwY5R?X<v->-0JydJhNe6yo`r&ctiyH-Mb7xdqALtVIKRP
znG3HPx<7w{8e8ub-u%)sxubOR>m|o+#+zT!M7Qv7eo5q^Bj;}2{5}?yl+3f||K}8+
zbQTn8p!Cn(doNdKVCLRJ9_Tk$OT*%nMq}Uo^Jj>0_D;mXh19=pn)%xb81wa50>{f&
z|DqW|Agr6SnZo}(QI4|ldaOYpkDMo3H%)A8nR7eePEAc^sXzJEjK%T*3#;bpY%{@q
zdc7xx4fADCadB~D<C~inx~Q!7B?PS_H^<2#P9vukb<W3$uPt?u&41gm_q}4?twzy_
zS}(YV%N*yQSLpit`^UyhKm0pX4m|{#E`v)h|Nq-O@^8$9hZ8WF^wFYPTFJLPg8lyt
z#+%Cz5<Q-LPu^gN{8vLV!UGODb4Tr>(C^%-Jza@IJY4Bd5^y=$gE$}kH3kQ!@jFUc
zQVD0s0(Yh_p|7$^OAp(LEy7)3-1ex$VQJGmu^q6f(SC5>lZd|N_$1Ghe)p@z+C=<3
zlAB2}ScnDXs#cf-L-E@%$(81Q=)uJoGz?C+j`@ofE?Vit@FbWSRm)ko=9SfEUIh&;
zEioGbvl<;3)yCqMa`TLZvKjtwAMM*>1>CRVEb0jtk})0-ad{2Oh|`=Mt{(tzv>wk_
zPf1DXgTM}*4)@EdmHo<0#}WP9)+-;vGht4;+yZKgV2nRc^DwSrY$STA<#BOwwprkQ
zxv4o$%3W!_+GjuST2Wbff&dp>oX?}&Hb!zZFMbgKEu5*eOgqqNIPJ9vCgHwrBtoaS
zkg@RdPr>C61vJ3<8heXVGdH)ZNG8>I@?Z0)tBRhg-THIyhr|YOk)0Z&!PFJ_Kf|%|
zi%dz=6&Z0+s>F!#h~(s_5Bb-xUk@*&5_m-2sJN*4c$^Nim(-Y)b6vkJ<g3@XA#*it
zH^;Wa#F_77W6u}q`jF+HB%v-uQo%8l_oHstYRsvL^fy&a%Wo!>;lU+El~s-8{&e)@
zHuSDim_*(2oU<necBGLgt+MxAopX}?oFhUe%4BmaPq=VYq8f32@_TW)Q3D%|-HqCD
zOg98VW3A!xTL`@}fl1e&ES{*WwRF6qN7^r@NUtk!qRsJU4UjJsgT%*8-4}zn@~c*2
z16b-S3kyG11#6tP2N6pvI{x$`u&Dx5gg5}>b+ydmJ{U!LXC|A9&H6_ogM@p=8%GT<
z+u>s6A1{6+IDhi`)^P`n(!T%d$v+QAkSW#JZ3APmR;b;QnwCcHe(@U^B6JLlT>K#d
zc19K!7JB+u1_+*@U&^+-R#&I1{V{AJG?9$Tvb(o~3P_CjH!}knGn#kfAL}ReF~82`
z%cDB?5*eDO<KO19c+-5A`eW=OoX#Cs?+b6I4U!HT6-ULAuJn7D+_@)O1u;-o-P{rJ
z_>mo>v8QVoNyKa`Ri2n2Egk0kFBv|VchS++t-7d#SaMjNzIMBCh;ds>@rh?4IH{Sx
z%ohnEqZA2dXMRctmXMTWVr1MJ&XUf<A}|U2JPX(u>S9&EuqT>=FmgsbGIW%oqp{^@
ziw|)^$woejQTeZ)hmK-ituxN<BcC%KrDrtAT(5zJSC_la+kxfOTVITWA0rZlbC{eG
ztMz*{`4v`<mwrgA<SDLlTgmm!gF$cbqR^GjU|*f|l3GP;?03h?^1n&E4mlY<^tzqU
zMRZtjsD3E1DEP%Gp}pD4emOgvnhn{8fy6|jb-Ao^5O=eeS|uyn<-5CO$)f$z75*k7
z<U^<5-P4s5qeVzP0ft*pNs~OG8K(G&yJ~JVMapdoo-3rH;AGIz@>r~p!6oly&S{{9
z{w_8WDa#WWefHhdnY)Sqc<0bPFA(dV@4)ihu(>_o-nQ|P2+wzX!-gkOc8%-i%joL|
zG{Rm!6Ygv;Ul<^YZ_lb0HOJP`QS|+mN4wqpLKk;P00^U?o&9yqc6r+vtBu3b?Jq=Z
zq?a&eXRYZm3_(+t$?u-z1Uce>Cu!Y`8%;6{w&EM>AkQ_6n=?A8R|S)E+8mX8CnmOP
zua2B-qXiR7K^hDymVfcuN%PD&ECvaCQ{x`<eAm9^(bNVh1d%K5IeBl%eVf6@&5_r$
zsf9E-X}c;qLd5a&P83Gc13hQIzVnRO{%AK9ezH^xO9u;3@6Uzv<?fR|A?9Tr+5M<}
zH01ZHp+C0(3|)&>a->s;j@S;@iqJFA??UNV1Xs~Lr*m;|_<(&rv(WUDm6Yu1$6dCH
zx;PwMLN-%<yPp&dAC<Q*exS!$F=m8iDi7nN((p$_9DBL<sI%dkWAfLr<nC1hG46BJ
zmt(V>Emj4W=@sK@=aHsWe7ATNwaHKuVHCnmf&9{OB*>jPKXLLgshb!7<MQQxE<`WN
zr4~6Pj=|HM)6HMcWGnA^T!JkF-^x+=#HhHsj!b%ms$b<?58PNFj+5W`be^gzxBQcV
z;L{RC>?*Y3OyR=^-*1XMEko<0N88i-nHOTWKqU7HJyy8mqJDpcH28;<`-qu1NL+wU
zH5FHgkt1^5yf|S;#xhOiwYSBaejKUC{#s^%B1g|;8e%pXg}fXcH;0BxFfkQrPr60R
zBM7;X3Km#(Y!r%D6})WImHcl-?T&KAkRPHQOh0!f^skzUClQ(_kyg;LSg2~ui8;d+
zr*q&-HBnE)a|blDl!K>}6g0F$mrsqH$I5tJ9fKuv?i-_{ZzhQ=moxXveouIu3YgMN
z``RZwlc(7m<aX=jlPP)I2=<Nsh!*sOYB5nKWR`e9|HbKw_pV}sFvssh;aSc_mbk59
z49$6$br;eMb*uI4)%N&d8^3&m(Bwa^)LTCtdVahM1$i*sQF>D%UmIFfuNIaTo&6+u
zTKz>@>Ndwv38$XQCS&}|-L7XM9dyeCL|n}6{FYk|`U7|z;N{H64KV6Ui$K2;)Vxz|
zX}!q9;G`2%$MEK!cm%%^wQ5O;9?R<Z{i0cUwn@$c=_o_~7pJF&zjDbYSoE41ok6Rs
ztJwz{(NVg2J>yRAy|F(6oir~tJBn`T$=*6zT6?+tIgQejs3wPra$h*8P8!eE<zsOM
zF^W}qD0h5kvtY!X-*|Fr!__Ix;Oca-cX}kNz@4w0VQ+}EEHcNKBcP)q*4kUh2_1xd
z(Re$yC9;fSmd0`T+e9{VL`kZ7tdX>PxxU^QJ<;;21(iI5-kWVQNjwb9p(q;K{^(~M
z3=A(`P^fb>v)IY%d_d9(nyz@mH#D?*bx#}lmtN}0%R5BzG!REdvr^7z;$_Vf53(`R
zXv>r%!>?^TSH_bh%6TeQ<s9b=j;`zBs?5=27-B30l@@C{z0wd!<ZSIeidrd3Bf&j-
z`xPsR*mhd-a#MY7Zrk)=6N5BB(ps!{!_f)NqCU@PSaa^=WJo2qxI;;G$F%Fmr*EO!
zp&GZ|)BzT3K-bkXqlaoR(^vEOdBh&)s`0jc)2mlQMyM$@x)7{m0ErE)D|oTwpFL4S
z!yYQ6&h~rmiP(1E9P_KmFI$Y0RYaD%t)}wgr{|}myu2GBj$XT&)bsd+YO>#vBdxx^
zejH*AXdqCjq-~M4h;)Vw8wzf~%TQubKeG0#)XZ*_H45^1eRm6zwRLxn%UxJs6zLsM
z35B|AzRp&PLTm`=E}O-@1CJj~MV{Z~{5(!<h*IYEZ|#>o$lXvHJwFVGJUu`8(i=6W
zR>t70e+-k|B_C&dR1{%zGi@8GAojLu`j)wX9FY$W0w|&ex(a-<V!Zq=#!3OcVs7%x
zeYn0f-h}+fFKkv^<cB&r<&sEqI-@QABiWshEyhj+Jy{y-ez<=E>nr)PH*Y>y%6fSf
zSg>5FJJi`9HZZ#NZJco9wXLIw1x)3RW@uSy@`I0|fEAi?Fd%zkMq*30>LPb?t1UG>
z12}l*9YY0@xDQsR*tR(qcI70kG`8wx9tuE~pZPn?@0K5O?QrXM#}Fb&saj+~9%ln+
zSVppzD|hb)hoipf9|^Aap%kY&j&slmCwb#4Xr@I)vhtEa>J;J%PYcAvEjFa8!=2xb
z73)t^t@{Vn&{yuTM$SGwx{cMqL?L!nVcpe}wg1TwOg>(%t=xVqgCEh&FK>JKu3;eC
zl!RA8Gl4G$Xt!3Dvkw!=l6(;sXyHDvsO5mLIF~5xMKy=7a1I@BrG5~FQXU@DS70|(
zc&n{_6bvQCp`=U`77_~btvolH_(rpvAzrmBAw8dY;SPCK?sKp!*etl6kb#-#8}y72
zkAphTT*#5*x#c9=t0shEAssUnWAjzzPwgkiD-&|CMP*!lCq1=h&k~wo|G*epZuPxy
zyo;}Y1KZf-N#`#K+-VrJw?TZqAS@%nrcJ^l`Rpr%+)vAjX;Y<1jov<EsnY{<8R`1?
z$Y-R#G-cHsI>!!H^p)KMx91LL8N{om-<66Mm6<3DLE=MQ<g%CK#vqE*rx3J_8uw1f
zCYDts_1sgkRJd0SmUv%~ud9QBn!u@${4Yt0)yNh7OD4$q!1_WQPSo;KJ^>1)KRK2b
zO~R7P*V__la5&@3mmgCi?d4vWYv_=^q&@ds!dLTn3^e@V#49$uxksS-EbCQ-xk66P
z!$`h(h;w;jvM=uf`ab7m$6aBmm=A!P0gg2fApa>T+14o5%a8>8KXMaa-3@pOaFG9;
zBT~Y^CcBuPzfzPLgzt}WKWaZDzuLp7s=3WmSUWHBJ}B@Wc|=&&S6aRVlFfoYcddD-
zO`?g*X3fl~#Z>M!V`WJv?d;B<rEMEwpxfBcVjWL>#ps~oD`TXNo!Yp*!{ZS`|5jw1
z&SZl-3fLL1tU?__OAikZUC)oYS{FkEm<4DhW2r*NfULxET;0Blb$@zqZ_n5FUR-av
zPMbfFYYIjZLYzurn9cEWg}^pEU!x94S%%F*+CeNh<MXv&|G@%~BAZ<T41Ze5^BUN~
z;V>ldIqm~n^UL$&acdkL94ZG^9Pn~yipgwlYO2omR9VH0RREQ8`$^N<+FEDlhZqY+
zN^lITzCT<!va6>joCEylVIZ3a%(-8v*M|ZL*)*KiGt$$k0@{XpoD=w6&%R<Y-^0Q(
z)g!#$wq)3!2wBd$ql$Q9O#jb~`S35xySpsw5$WQ&ig{siPo6xHoLg@7!@bVbuP^G!
zg2N?lfwXStKPY4u5NN<+u6!eHzdLtX>PaSOG{eZiFjZlp>EKY=Q#ARhI%G7MlsCU-
zr@9)<9=Sf>;QsdQ7q@%YGu@bQ8x0K)1X@`@yx0K}li}fa-VX+63ob4%se4o^Kc`qd
zwTy~6GnlV;#dt`RPH+O`hDBD(2rQP`&xdP+VP^DM8@t8na0UvBpTWF4141*)!E#wr
z3O5~Dd&%?aD|V)=qGEd$|DS)kXsq@{L`=%b$q}m<9BoZHH6!2MyTJ)S1VDKEbJ2gm
z4*s1y9Joi~--IImlgB0B*Vos-PJs4G{~!^hc(?Ee?$|y3)0#cT|GhB6|9tcRG!yh6
z@S*>?(fIFpoVBute#xXFT<Lckf#zCVnn*}+aIhkiUXhaB*2F8@4S4|pfg6MfR9TKO
zR<)YQYc^GSb$L$C=kOW1G5YrHTVRdc<gg$kw2B85TazVO>ClXf3|4g+nIe->Sc?yK
zw+&#&wz~|gF$5Y8KLKx`-@Mj{JXs9s?x%R?O+`i3`QFLttlsrJobq`bu%Peg{e2>-
zx9V;9Vn;|4pQF{@LK9DR*nLtN(Weoip%g{(GBShc1Zss^O}AH_si~<)Nd+B%YuF6?
z_>LxYA28hcGoEYFJm7I|*Rw-J1en@KrOpYt)b#_{wz633x#{VpYdq)UyXa<V2$%1k
zpGOT#3q*jr4N5rb`*vn)q9P-i)ha)RG2RS-M{oxdM`5g*Y~*PR`Bm~}y?EznXX6{c
zYN{t}-Xv17?0(fMH&aOJ4|diXr4Eg}V5Fn_7_6hjYq#}`&!O<uvyVP<Xc&*!&$PQp
zlqHU*t!V6H0I#$*m}aZabaSr_iFwW!{qGCwfZI?h(h)K@&$k-U2WBPGFFu|GBGS*!
zqk!C<7kK&d^Ur247|ge(O-H%HJmD%Y|JIGm2MvVU@K~<|{s~JGf)Y2azXtds7H|It
z2T%tjeSZ!Q&i^(CaMOT)xq`;vpxkR;Yli>qS@z9!D!yd@0i8|0fA|KNV-LcY$+zB!
z07xi%kSlt0d@H<EHku^wDUArO*Quo<-v0;@{5Jqc;O+m?(QU#d7Slrb&j8>23NSt8
z5(8J{C={k}C^j@a3^@1e!{uuL8vNqIMKoC@id@}pQs1KfbOol68(Xrsn&f^ZfI1Ms
zf&Ps@C+q~+6f;%UtEoZ(bMC0ig8H+Ki-UgXwp5nZ-vv?M904ihM_n8gG+a3?b%wIK
zt_@H?*r=)Xmk|+V?RSaN(22=k(t+b&Y74r#)z{PGTFC*JQ2_v00RS#9GqcoKvf)O@
z&?fti4j%?&UP+crhOA;t;-<0D-@#~%ei?#-g3Q%xsVVP#cBaa@qZ`~V&z8HR+yUf{
z^|A?rJR9aFdrtb*(-YZKt*1~i=d=lA#YoAR?{Tbb+}x)C<WmRW%xr9I`VWaYKYfoW
z_UMTcsansBi-*2gR}dBT>#^6kel1ksmM+cBizPbsZ;e4UU8&zHpsp_U&j3ggz!(b#
z3rrB<^kGT~?pLQ_grs~99~Er#hDehECxQ+s(cqeQDQT5X;_du4BhN%}d<LMi!2U+V
zlrN1+ak|_rZTDslJWi|NcgKL<0L|nAT$*c%W`i56h*ho=!PTZF%IS1D%3`AMEw|GL
zj$#$jSgIqZOXN5;(U1F3+lV3cMyk5AdDP`RF0B-!W_@i+*58@vw^GK2tJl~C5pkHf
zN6^b<z7Ba|b2JLoj0g|^_U#*8M|O+ZbU8=;%J0Pvf~Qa6nhhE>fib`h+hcjEKQ6PV
z_K048UI3s&;<LPOM*F4fJ~s<hOC|q)A=Qttz;$n8^Oq}!yYnaj{4}g<8aQ1|60rQ$
zN}K4Q1NgZRzWvULB3<MKU|cb5wi_c{a}JC9-7H-GHOHId(kxmM&%mKxK@3~f%r!GI
zJNc`dvO6V){gJhB#kwP4L)WCRl*!D8eKY>J8#XIFF*F1WV6a>wW!K2X=>a7rB`yxm
z(^_RMEv+BjA9PLobhf*`N#D=*Qp7w+i)dalN_{DyLJyiBuCmszfQ^idct^%u?`uCR
zKV&>UUGT)_Ki?{ejI{U*LR-AF^*|1akoU%O%h5!#XzsxFw{Kp)$DH}7@UZOm-xb62
zlI5A;y+5Zsf&>4(QU|cV@UW8)D_NVI!F8(cSevv?^^9LRjxAl-xu-ig6i=N~wH(|<
z@dKagJ-fp^(UL~4Li4-9CWTx{sNBl?T&4iod04IK@>F<nI&I!Gl-nZvGG)1b@~t&2
z@#_p1?;6E<SR{w&<`K_|E$Vd3r+wtOaF1Gwsn?-nvosQ6e0~u|lvm^=IxChiZFb3)
zI|hZ6m;~3YlM-L5Iy*DZ78{kt{&HYt|1dFXZj6}wz`$jrpvrw7KlBO<R<4VfE7a2w
z|E!QEHp@0+Ilm#SFnU3vy09Rsa6HTQscDvg*W$zGr44(fzOcwr=_I@+!rFvMDz5-0
zGivr-(mW=CtEVpyDiFaT>eT|X*zkf)9}EyVlY>Cf&w%YzJ?uzXzrh+Ad9Myz1qeKQ
zqG|R7D)Qgvd`fp+cgQ%M-{yH9WQGKPec_!mN**Z;&9|!{;%wvRSV=+GWe91Cx0l`A
zDkTFm$%y%Ac8Kfg2OH`LY^XNYoB7Bl#2Bcy%a@0qJ+fqU9!VE%Qe~tb<Y9}TeBqo}
z)|eA<S45!n`BbN@XS@MIL`%A|NUA&5&>kDL{S~1^F^lu__1Fe~I<(6t19s;5#`Bvx
zgsHc<JyCdab)q84l<~<>DL+_YR{Us!3mz%UkzV6k6gH#_2`}bi(3h$6RxBtsM<eHv
z-+sl3c+pu;VcRF0n|PlI2f3MlU_Uu#HYrP#GA-dczlhZTjWn~|oMat8eoP%1ru{>B
zH)qhvH210&z?mg^z#uY36Z(h2zP``Q1qQ6>inbKfvPxm5q65n<%h9>=1$H4sZjJ{~
zoTu^;Z{bBF(Nz@#sROT&_v$M{=f$wFLVWM-mYu&739x3b8oZy!^P+fbl2<QKs_AQc
zAYpaEM#*D#MhEF~x%0HQf}_(zj9$(@!kgT02M6B;3A4IHL%fPfpe=zJo<11e!WFHl
zPLE74w7tE+_tA+oX|fGj^x2`wx9Xg#+38^x-Jkfr#p7Vr^S#iSC~BY5?_bziu3@4E
zJkqWpHe<4D#A+tZ@)YfoJj}9~o$f{Foa2U4Ils13?b7?b!sog+9+u5xl@^rhMPDhs
zb4QQJUWv&T{*?Pl?9A*uPEDOxBK<mHgQ+ZALoE2R864&JLFx1FNTH+UXQacHTf<B(
zbIgJEwdSTpPhr~k_fgt)08*=)ZswvWJ7=m?Xi^g3>AdwSGcE0yaY~jaV}tV{4y-GZ
z24mGrVK@p~ZqoE9Tif2}c*?3)9w~p62z%>XT%zz<;(g)NLCj1!3v_-3K*AlQ%Jn7E
zxS_4HSWYXiRrK^VpCu#wW(>FICyyQ}3PZEc>N})sBVrFDU7K@$kB&dTo>td;9rQ(7
z=aX=ly8qckP1D^xQ86(c5Cy0)_p#Qk?c6>Y`*ok1<NAnPdyUb@9XpvMuFK((Ji()s
zB)SDe)fTP{B2R>~VZS{e=9Wx5r7oQqHi<oYAkNegLYQTZY$SAk5=71Y{x0cP*JMN+
zx40q{n?5hAOzCKAx~5|Pajx^{Wx8hFK6_&(KU#TPwtzwmy(Dh^d+Z<B2ZxqOJnGOR
zrlLacrjKpkZ&1yFv=@A3#^#UA*ZCSDhaKS*@(bzcMZ;sF5d5R8qEm=lPbqt)lRczB
zlmYH9sxa;Icx;Mw+|d`Od&jk^iic9}9Wk+x5w@mnibpz!{{sN0A&te;`cv69mob?f
zHXXX{x-p`WiKwqJ-W7^4k?%C2Kc{Ox-1?N^O<TIPLx5pBFQ)|4Nu}gh`@wXo+#lNz
zsU(@Qc+Wq0CnDU;Ps(Vau)TP7q95E{I+=TW5?mnkfVkLPozmX;eQROLX8BV1``0E~
zW`KqF%t|!`5SAO2eZwx(xkIGap&%_DaF4v2nKp~PSq2SkxI18E{I(cx6YuHPYuxAJ
z@?HwFp3I6(Pq2Gsg3)6irzyaI65$OmfZZTarFc1dV^rQZg9L(s_fhqI&szMb)8Yyy
z(kv!{Oi;>CVOKVtmO}+2*UD?3P@4{zTvY%f+oR)FCgR&lK@cCMv3Bejd_0U7r526Q
z#a#Mkw!9n1_U+@k%(t8>6B~)qonp%(3TO8iicu&HjQ73vZhe^ceZ(B(=cI0nu6$4c
z1yA4M&~ye`5&2UE{1!!9m4J+oDjyWcA<hOS<U-FvU)I=&nk-udmC7z!shsO6*VX&h
z&~A%b1$tS|6tz=CeY;mTr()m3FZ#!kNveF*4x1Akdsei(^nTs2%=&aAQ4JY1VZ|rk
zQ^=HKk>mYZ9nt%{(xySsEVz>%LYsP;0oo!m`CeAh!$JN6=<q{gxw7Q+>h?D6qrBYT
zj+XU(DO-30mzbahYMumcYvEg&GKz`@<z((OE@E$(fK4y?-%anJ*sYVqz63A}Q*><X
z)Br0G^~Z1z|GRShn;0J*+kG2eT+HhA=o%=y0Uj#9bl+y&|4U`4MEeJi_#bdE{#A~>
z2?seKCNVer4)w8VT7!Ufk^PkO1%tVm)f91Cc?rUcK@775N<-T!tRNu!MrkQK+mB6l
z$O?{UyZiY$6LYf4jF@T5X1RXvJxdkN=T!W?8$-0%Avxx$GEdNQiKXN}3GO5KHgh83
zhN>$2;g#7>BDPtmW(NBzl)<sH@(hobG9Vj=+Jw&re`Vd$gcb>0&V^D)niZ=w)WYbb
zlJNB#TDFaQYtRO=0empNfq!*5r`!k$Y>iw%9#P2{_zU+9&Cpr0()mIop|a;()aO{s
znsb@U)}Co$!$Yg@Pjfko@iHNNhFw!%tFaYoRj=?2$gzU`q#nrR>8Z!Ow$95tJJR=C
z@2B-HH2&>2_OJxUJxQZt_CpJOxcjMc_bPe^UuYsHWT;`VVmh*d%5tT6>s>h!8#dkw
zX>r9txHfKB6#tLcwS#sVi4{xkhD_Z>V@g6*WiRJV+=&93Y57VoVvK*9U1c}MB@`R5
z#B!J#&zivkBBPA7Oc8L5NUrloZ+?ieDpoVzw{40nCp>A#06E}83O$aX@pjI7J%Ob(
zkG_fR%l=B;ogK(bP@Ue<$E8eL8T+A8<!v@SbK*ET%3A`_!7orJ5&FJ>3+Ek<GvT71
z3~7Il;_n|@xLw{XAo(CfJjYf-LDvsLydvc*IXAX<yCzB^Fi<=vLW3L3GV_v!v%Dzl
zR+2$TDo*N)7c`t~K_=__IO=spRNC@NtyDwc%8|a(wm7xoSu3E8%GfPj{Gi6+*T%O?
z8y4G6`+VMBQM3p$oEL_xVwrAv;9Ep<9mBw5w2waKJr}w1!<8-WR><qX#0tUO)&}=g
zkO(NqRyI7u&@0~x#~Aj{weX?gPa3Pv!el$xC2$-4V9dr!-@D@4y`!@#ELY1)@rvEz
z5`sMZS#rhn>d0@42t%SN<!9YRc$%iis8P(aSNE>ugRY!{1o98L!``0nd@!b=GK(!b
zU>9Zz%Qu(OX!W928MB0h{TW$i3`XXUMpKu!(-g5-IT^)Ks*1O&@YHtT9NRh6Z3uL=
z!VI%V^}la{Xx@0BI|RBnM1K?cVHkvEPZA6*-j;CQyQ(7QhgGX5*11T&{goC9%lM?+
z#Swh*PM1tdnGZsfuG-tSMW`rLXu>^tTF>=r+rx5NU}Zh9E$ublruaomN3WQhjzJHo
zfv7|pFH_+2E<C9HOCZyE)!|p?Fw=^`u)w9P`2JBJTK<HqrElL6w$~hu4-yXSHLQem
z{ZfuED9vqMKIbX${haZ>Y}r)~yXrWBDRlbiEB~4ek<V+6yp*?UuRJ^%D>ZN+HC1tG
zoiW={)li1E3zZf<e=<-Q7Su)0Wc>YMLH4%ll)(ZqIY{f#1ByF*FJ5o_>}kdx%aX_r
z)wqv(;@1zD(=vNUHB-UIvT&x&pE2w0q3$8kOJ>}g<ggzae&$U-Ti#vBi%;&mkqdBT
zIVEx1s5nir^E8}<7h+)UkM-mv02lqd4_+Q<Gw%CxyZg(OI9`3>>u!1hNf&<8-*>Vi
z$Jzw;uaJ|{9nUb{luH_K3c#xTXV?1{P1A$)A-KCUN|z!%DyXwx(PRo0-6caBcA`Fa
z9g-G8WtjX=RjX@1m81#NHFA7XrpGp{(mPDXDle5>yzUS_P<lDX^6jPTbfJSa4UMDW
z;OtseS4~g-+JtYb9qHM|C^!qCxLed6Ge^pq^!pGS>5T$TmhI#@o<B{$I&-*$)r)`V
zseG0-?budkT85{WZ*4+h4+&G7uR8ngyh5d+=o+=ENuOQhKR%ob9i;pj>a%I8i-xm0
zgR9~iHM)uQlm{QBUDUP77zyWovZJhlycgo?P}dg5y^4um`E{5u^GPVvuI6?Ry6P0o
z?;vc@OYGZ>$(LRtLR|H`s{~{kY1m`GWk+%Flucn+3g0AD_tQ<!Psu-s*N*2rzDq!{
z@m=ul>m;`j%sgAxtM3^DIns)1HfT)s;(BT>m6qMHi!+l0CX?IY{<BYq2YhH)?R1a~
zkMvfzW!4^FQ0ne#*77%G(+RltN%pP@PYo^CoQTYETK}%DO|5fW$8IZ4O=9@SGM%{u
z!#ee%;^)h)dTUa5y(}>2Pe35HpWu5h1yCON=pUDrH#J{YYYNTrQX?WnGz_t1cVgqV
z*<XhSJhqi6A6k^E5OlgbdVzeqc`j9PaY6ja^JhzeENnx|q#`3*%?tYIeyNJUXO(=_
zmfUCf>!tpJ-TZMx!U2bl6n?oSxU-eDm{qipb29WwCDHaCjA0~KDN3EbEA2u~p14v=
ze46ghDt(8|*cj;VpWu&ieDA(_U$6n*^jHt$V*6e+F|%C0Zuj|R5B2CWTjf0&AN}s`
zT=Uec#k5qD2<Z8aO)jG5DLyxn=CyjhO3L2w3v>{T%~&j_wUmArjI2nUEXd3hf61T8
ztmWDvM?boSuf<;uhf7LvSyaP>I9M6UUwdhWh8}678Je{bNA|`(#e4O#k%G}`q*Ym*
z4O5&!UR()EL-QK1`CdXfRSYmF@A2BexQ2=Z$^r4n>65AL<hX`|=w?h+Hr3csMfIKD
z{`u1n>+%QC!D7XSpzW5kiYoeujDbtQvsgA!%c%oX;6QQR=@ozo86Cv5n?sw+@;v(j
z*F4y~>)9LA!TJrhVi`2Sks^3iS~KOYE7fI?py{%SxWBz&mO$(?Jp5Od#@g2X^E=96
zuM5spX2UJF9T+|>k2P}*t+WfjSFHFpa34Ip@*uZl%cJmfmTJtj6%kK9LubETy<_c&
zk&ZTp;%{L)sdpl3yDOtgLZW`+`P=9qX1!@nu6mR1b@GJTlkxmY|0G}`KK$cZ#O^40
zRE_Yg<_J^w6ON}6DUSVe$x<!fs#?SyI$|%)RSCN^l0U4i&BQ*@hct-h)PH`Wuf~gM
zI<<XE!O8nUpl>WY7gNJ~RG<6Aw>EC>{(0qjZKaUTY?;xDPb_?=o#kgLlV3`ySw<?|
zQnr`6V4|o_(|Bh6kBL`HKad<FC1a%m862gUpqJ>Xb_h>}i~;9XDuL}(mX8FVj5q&8
zFgO5T;uh7rSkw-4OFK7>7~-hfMV8mLR+Zb$$ypEE+zMD2$ezYAoD*RCUEcXU7O%`7
z+6N;V8A#qhPI&dWY=}y=*%@8FFwAG9n>lj%<?B85_QMR->OOOu@o_tCgLd9))1DkU
zNBhavxC8_m?+G_4rPoa4<INGp04Pl>ihp`z1Uol1U2Agom9=S^MsP7G+J9;5m?l#p
zG67TcA{PrRTBRkfN^rgQh5?+p=O-MP_~>k7;&>j-GME-@TQ7kTAz;<+6p-=U8u=@n
zRu;dYuY9X4eHM48l-ER3_3-$Y@Hi0}Degw;#l8=Dmu|G8h+VeUX=&&8LSMgwAuJ-g
zGBQ4X>d72a4+a(`e)?2HrS~J*bmt9wg@tkCUCcSI1>bK;eKGs&f_NvDP#B)KQ04c;
zRq%x{&)7@W7mSQ6p<Ekqoj1{7;T4dF_yiCSES9!Xh9jv(YFHm$?-u^V(@cQO8|{(z
zd2%+?G5|CFOv9_+h1#$PjG5^zCEkCcE8%<a@_obi6GPU>nU&K01i~0+B304Gpa8bS
z;GFsv5##&EnacePC)FN>#D;yfnkaE!LNc<s{+!8h)e>l*zh8W%p1msum%1QMl4#t=
z%@@&tVb6LUx%<Ev2>U+-nw<Q6x1$`%$zQs{7iSxy`_LJ#Fsf%j6D$kT6718zH6tsE
zz*C)4`Lo#ZZ{aU!<DC!h*3rX+MZy-M+bs05Dp#xoa98-%c6Y2kU$Cz>`FWwEkF`Ue
zTJ`I!9<-OoSN(2SO^5d%gv5r1?SH$f_;gubTPwKvJGHj-JPpQ@q>z}vs%;=F>UvD}
z7<G{w(?v;KIieV{cOQH(Hoq7zE#x(}fj>Y^<)$yS(jxN^-Yjs@S6Ul|V+z*+krslY
zzgqvagGScFGJwd<^QW1(Kr=<l<Cmi249v2bIa4kQVt$<VowYVGG0g0=3M31w;khd4
zz2lzn?R=J{Dnv~Uv$TpmK0SP&HCzk0A{;2^6X&Mm6Lg;rfl%e|Kc5mu7-qm3v)$Lp
zWUPxBg-(s7=kRd(mB=+ueI5jeI=skBe%`MEy7C>Bt+P@3(7<E5_KO_(F;hskgce7~
z+ea}!RnwtIT{^Q)HM)Y8KRsYnWvvtws6x_cIdf58&B2<t^K$PGxR}ik0X_%VKZa-9
zVL1fW={X0bLa%-vGxj_1a8@!Ub(1wg5-d1nv9ra40((qM*EXi5F47WRoK}u1mlgUa
zBOxqq=Gms+Jk3Dp>W|@IHXF;0;L2msTY(TwHa^B{SkV4mk{FPrFuw~Y$5Tui4SDo%
zb7+8}d2v@0-`(A{f%l`llDZF=hF#*8M~5;elO@9wC19)lLFLD>G9f`>v5C`&PB)mT
z+CKnrWgL6g5t`gd>sF#Rx$;6h5Y464)W07~Ob>x;z7H5>sbcuYIyR3qIEHKzM98MG
zdtb(iw6{eJq}&k+vcZHSumV(uABgSm9|RJIQd$@Z?dF8pAHblmbe0}U9x;MEf-@pi
zRj&QI!6HCnop(K+rA>0N0@%cjjg3G}&u(L+%b<i50K01s`iR+$2148p)A|8$IJcnw
z8UjC_cej`xI;#H%3n)`LKU}9gW?*2ru3|~p?9RD1dfc+ISN4M=qUG#+J3`2h4-S6J
zBV6jpls)UAyK{A(o}SAo`ciou;6}bj>C}oLjGvzZmA>6Pa!#dpA6oYwN66u+x_<lw
z$=zV7wuA{M<>tmh_89b3ruLinzLhB$T6dSM&P9+!{=gZPyv1}dcy<U4A`UGYOo6re
zj~Db=skB8a!f%6Il!?nrT^7+m5^egB!g`>}p^&R6YCts%Fkml_rY)9N0V?z{kZ&V;
zpc;-sLmBR<^Ldtri{h(ofCx};>2N%2zig0K25=cR8-V&w(F*Fk0X1xT1yp(TwUzsU
z8pTp(5m^k2eJJ;Jfd{DINU)b0G~R(5WB2uP3gaL8DqoyA5oAE^LI;13D$Adq1wuCq
zYE*tJ+8H48zVGd=9J~GwafJyRKR^!db4$z4m8BKoxqM%>VPk~1W!;AxhcM?bCvY%p
z|I&wLz}>|)iia!l;y%-!;(@I9u(8SKmKp|#GR8gM<+|fNO;$?_x|vy;U&UlfK-Coc
z-aX%-pzV>IABhJ5lN`*-YSrrd1P>37rS4GH*f^($<fYadZS9{xgd6AE1$wz0rMUx8
zNDk-nRJp3?O^Jc3F;L)%pzI+63<03AAG9ZVG&G?4-Hu9_)vLE=YbxeA&}d|SZ-j-L
zwdZ|rZK$p;-1PN34p!R#uq;!@bh#dWA`@V$>9_ak=e|G|bk`%e(*D=I(c4!t0prZf
z)jIi4v?jW19(Ae;1f5OtH!GSS><%iW;7*r^x3Tcf)`J;j%eJ2EyCr=O(=BZp;Kru9
zQ}OBHK1mpEA|hX-?OlmVEhgx5NVd<xKAE{yPHojK%h9qTbJeh8n{X>?AncxA@1=aY
zowP*xIX*AEp{&CJN=}a+mAi|JeWNN0p9x<VXRb<5PhUFd7vRD_-*rdTSS|{SRsx(0
zx!u?hQr<CuJ73ieFy*gK``z7uN)wXV4k+YZs|Eg6&f=;J8gUt{H0;HK@3wY`RHTx@
z@;)!aqhH<+YSA%B#~b6vB|6I`ygv%Qq+`;anF)M1x`+-I!;HLO<;<v__jli_!&RNJ
z)PM7<m?+~F$+CKdrR<o9626y6E3M%ceNI+6ir#c?$T`izo(K($Ata}>84oTrfD}==
z8d}bFqsfzWN(Bc6I_Fm}drPUZ=GNaEt)|xpzy~KqOGNCYk=oLBcW!ruW@M$FFcup-
zXzzBA`(h2Sqh<fIxm!RGUF#>T>aQz->rY$+F7{f0HC|w7w>^c-61ZINOBnU(+xH?N
zC3VezSC<=61C^HtR{13?H$M!Nn<DcCCo<^St6vHBb5(1p0f+HP7fZAN2OtXrUm|ni
zk}KYPl655zVZP6wf{HV5cwiS17G>Dp*KM`M9r+ZVKzy$7rfI`r)f#qHk-^vi9;Q>#
zp8gT}te#(A$+u4STp0+SqmBi`0zBNyePcFi_hTX>-JbK9XN2kkhU2{gmrnl`&r+yt
z9Z9>w2!#kX`+U>n;A<`VQjWLUU@@t#CTl(D{m4IfS1RT_D_ptQm5hXJCeN_7b0N&7
z`?r<p&lDmb$kku~+to7#_h41o@2nQ0hzA{=u^Mg=pZDldtIEM+<}F8-m8JwDmd1=A
z{;Vzw7r?OMzFfmWgq4hq8^c*4-$X(~Lxr_Q0AB)ds2-8=Ro2#C01h)u%@|letf=B{
zW-ue;$nvNVpxa@o-D?)s$$aa1cYCtLu=6`baWo^NHPyxt8cxIM3b9{TwM`KUPvGiz
z$a2vVh2AnyXf3<lvtd&;{BW|3(c+Bx7Om+F<Jt3W$BL2ioa7H}<AKQ+x=CHiYDAC<
zrv(p^1A;O2l60tYKW(|)GY|I>N^yggHYQZIiFaM?=1d`%FOG{Z`=HC|_&~vBi($Gx
zWUiH1qqw2)Jsv(#c!V}_L1KznU!`~LriSU9GuRP~Rrp8Kj%QdtMsK9$SR`%;1Hx3$
zPaySOaAYPHd`3hx1@QO*OOcj_AV;n#PiKe5_e-c6RjO^)H%4<s0-p`$sV<|7>**{s
zegX6<aC?YIFp1+zj3HH#N{K-)&{gah>oz=Sr+T96(Iimqv}m|gWQF_s`U3O|xJsEA
z*@w)20hG()4&bMkMaW&#eF)u-CJl3Pa`s&goj^%X?1bP4JE<tMP;Fa+eJn|r9IeYs
znTN-Dn8DTVu1(_B&C|u3lS~Zy+dy_NWz8=pUdh$#q}Y^;eurz8`NF4-#_;LV<*W7v
zTMVJ5(EHMc1n`(qZ~SK@j^n?!?8o|v`hMer=11Tb7s5a;sOoh+_gPhNjIrzB7)KIs
zNJB%zGancnJccV^KQMg%{{6mgfH$)Wl;7cHE0vX%D%f0RQ|zm8m!x_x=;+qmuU6d;
zdwj^8KHRFOJLy|irbS!1ps!1Q|7c;A(Ghm_qX;Jcxd%5UlF&<;B}>0nmSaB`;KVi*
z`c5z6?gl=@wrc}T-}38DL<Gbuy82H<vT<D<YjaCm%Z>$jp_mKS5`TTQ-7J}7azM$M
zBELgs-BQzZbr(~;Ip#bBafX?m0Bmh*tKwr)#vCGtXMC^uJ{iexrTbY5SXAHgo++8L
z5|S#vh|=YDfESwJrTk3MmRZE1nZsX><$M4#7#-oN2P}Z8@p?~{#zXk-6vRdc24g*V
zAa9`4oONeJ5bSk2D5h=2E^`fXd+ZL{roJ~ZF?rYBlL%3jt}OQDy+N55to{+;{Y&}Y
zzk-hcg>LRYA*=lbvi~17;D7x%TSd?UhnQkriI$6uACUHZ9Q04Nx5B0ed4P*-(Lp0X
zI^mG$%3?PCH5r>p>VWY;KlpOqUxBkDkdp8yE`ry3e;Rgb6kS`GuAZ;mO{zKhJok1h
zf}8O4i1<j$^6H5fO=nhRdk0CLTx<yyy|JiNPJNO7U@B7vOp?(wY;3PR88R|q#k0m@
ze<|(WR$^<0UY-vcc=htz<GsQQYy!S%+l_n;;)07zr<IgcQj^cJ#^la-te59zhzm%o
zksl|U!C`k%hE4vIX&r7?u@`o*h7E_WSsHQd3MmN@@Tv2wg(gwrb2<@+*eG)Rf-Bvm
zA7`WflS0%KCW|X%a-<F0pU=D`Ep+X^Dz49|Z<mL^7r_8GnttfC%I?Sq=f_^YbqqS4
zwV<!#Yp#sw9~=FW2L>fG12EETSJ!AA19EEclB7adBawY5QE61^{n0f3hF@Y-Fnnh4
zAqgBex1X&&S5=I7BB2aJV_pqf24+-#_j^L-H|2KLXK1g$b~Mylr0NLwJcQ^Rc^*uS
zVOBanSk!Xq7~)lCfCwY6-F?jsU+qNOzE`JH-8Ztt-J`h3<&DmDOc9?rH_{}Eb-u<;
ztPs+8+QDDc@V+i{YMiEDuVJ`XY=592Pqyz^p*<|v3s0rxs@_MDBVwUxHRm)*75~WZ
zqliB=VOqCZR&kl!>5Hr;JyLRRtAItauKdgMra5_pyXvX%^x{-6!Q?!R^E*i9`D3Eq
zWajP*d&IkbXZNf7F-Mx&#7cD!i=}Xfsy^%U=A8POo>7qWTi3b<4^C{DeixqRJ%*`|
zf(r`XD!OYdp*@2wV78?B?Dmzvr+sbKdp+~pwh|8$0OEtM_pWNSzRZSdFjwUbBLZeX
zGihi?emU*4Riz}_muhHDij}h?kaRf^{rnt_k^bSMzTVj^7=g8hD)L>_3ZrN*lSRAS
zmk{euJl=}tO7ck#=k^s$6*<n1Mw=TGhWEA=IOi?xvkG)8%+-<nEg7C6b-Sh9dG?zs
zml800w2A85Z!lUO3pS2CB1OGM)skJx?*%~+?G~ypuS`*wv?J}^#C&8M1a`9{xNU&J
zhjG|o+kX4#c+g*yVIv=QIlml4CZ6EXP?_Xfq+W+;C$9S~?E?2!>~k68cj;lBuOHr0
zn%3f&<6olCabhVutt5j(i_6r4wh3o0d^%B|BNF9!Ht@^lpAi|yp(L{txlfc5FImFW
z-Ouadc@w*K;B{;&LFb5_Ew?gDdD#T7K_{G&osH@i{$?RrrjDPjodLI3-3u2Gx?-;C
zoOVWaA}o)t(%h#nfAmHyYBI)2KOov%YcKnyl<XEFM$A`l_4@K^C0~w|iRm+tD(cXc
z5$i!Djh3jPIs0`^j;D`v$ljfEoKq|rZ74$wM@EX4b76OPM~uHS=%mcl{$j{l)ztJX
zb=Tl0bN0HbeIN@o|4EDZkvukGSgmnFY-yu*m<p7mv5+j1Bgfghe@t9411h%N%S1}a
zW`I&#HsBp2BDwsoVbHYo(^+wKtyk4?XD4}*10UR_e5uINvDim8`|cNmvx>f`G?O1^
zA|jQf{Z*PJt;X=Xd&sf&AF5DfmjOrpNRj@udnbR1dU-wrO6gRo!+OqP?i{?uwrQ@u
z-LGdIqH?Uii3uWobY0$Aw9$}PuiAE9wGKn_hFNB~N{^6nPo59?a7z^>63~e%_6~>j
zy=b>{mpn2OK^PD93&c3d)Vj{0LxgwSnbs2a@9z9sn#s-NJqw(0cH3r(nw31?pDh@c
zmQ8FCJ}*J2X7DRh_owVLLk{;%3bqFC9+zy-!kHzJ7FX{&%_~%Fb(&z8XX95`3Zt#m
zJf=TLC%pwL7TdCr%+90aR~bBqqaCpEllG&jLAu4mN|LTSX3mmHE!d%%s&4D~GHH3_
z%-Nql1n1v5Vq2ZRV}7O8bm1+H45>95a7a5=JpR~mKFxMGGY;76;QR9m;zL!}*gEO8
zk;}F*Ct|%i$xin*r83K0vqO1zkyIY`%1LaQ;)a<>cPE8`B7`RNp|Y92r@SUY(^Z{b
z2DXVVB$6wnDwegT+959WfKc(Y{rv;tYV&@>;`grhB~N!qiCpayG#@4`t@YrIltjS-
z>tVb$ljo`mOq}g=c-@XgPGs8s{AKo<vO|D?m9?jc(rSlLZ(eY0gLmt_eK)MO+h2h|
zB59*3FZb23`(e9j1muxvNM3I3Yne0b5!azjxnh(lswir$BTUZeDz1US@?!Lp`mJPL
zipJYhA&*jswykzs`5)y=9K99c=_M@4S2;m;2)}}RAs<qOm!$Pyb)=qU_i93gg^nPD
zG5}w7;^OX)g4lY-ekg?K!fe*k*NWk!7Oz;udGU7$#&O)-;h8Dld&(A)fw`rVCO0h&
z-FqqeSFg(UFr7=*?N3L%cHyv3&gC<c%Td9Q-OFDvD<;ZK0lokghqL5Q4gX*PbS#=e
z+5O%48oxfsgH2;518^}Cjx5^0MDi(~UbVZaSKLRJ-X?f`<<KQxW`E!~ZuY6~i4^i3
z`!0Rc;tOviqR53)qRNxnb#@Nmeoe^b0Zg!5Vm0R1*-;4ftYHS_daIhw#->No?%QKT
zf)lOk-ocRLMT9XBDM2GX6yH4PCp(%VMrZm<dgco_HTX-bpDDi6qdnRDbwSy7Zfd(#
zu`4~#inOUx;9x=>NDFhaGry6_NSu&4Ci10Z!JKiKDK6vt{OJJEs|b1DI<b?)H;phw
zN93%)ZapoZF_fOz^giSjc&Qm;{vFLjS1o6dddapN&pjtAgdoXo#IOizhjQ2&81%HQ
zifo_2Xf)^7nY=(|aE%#NAED(1%?5FBwev?RhWO-(ph;#+uPyA?orYy=jKHZ<HYk=R
zVW%kL*-`k0@%N*vkcc#=Wy%Y`uVA6p2jIyxXF=qHo%#Z+_uA``OwP`CG-n!JnICP`
zbJ1pTx24ozaF1zs^)XpEP;`?y_hl#mb%bY}db^QK;Yq?+q+N0DD((#>ws~NOJ;!pG
z7<wdL$0yHzY=djh@EGt6cF;+-hOptv=JBuPbt`mXCJk$GTR)b0+ezu1mq&6^e6|#Z
z^a<F~MJ6Mh?rD2+hq{IwAudgR;x*ZlHS_zY{7!uqToe?{uc-Yn2+LRLb>-{qjVcA~
zfbWngvx43zUYPKxqi<-`e6geIX!KWaUSIA@ydy7C7WuuA6lf4i>+Sc&nH_moePMTQ
z$~wf=<5i8aq9{}eW}Z%<Nm1^q?U<JgJ_5^4Ciwzk8Cl=-h3e8tqZ;KoE?<xnu?s&~
zh;3IXKGCZsgPT}9dq_slG4Sn0dt!yw#Vbc0m`oXYs^-KAV82!mlH`MIv2D)4Tid;Z
zOht)zbA(al=eIlFJ(zm!FaYbvQ=?nkU(oH}DGR}S5S+MwAe0lac;qdm@|bjFK)s!h
zJ%^p1qf6$)bdIkx)00<e6?}03u}SuwaLA4&yvb0DJioH<8FMyCLir0E8h~jsQ!(iC
z2IKkLp~DSTDdHfPNt)N3M7E~+z)aY0Zd^!g@sb@01OXc<o7V|_@!V;k;s3CUUSjSg
znKs(@S^Mr%8bK5_c(~#7hC1m}MusYWo}wJdINb;VGb3Tk!rOw;FZDZ<)lPZABVxB~
zo+j`@gRuZvx0z84kX&xw2XI6{&?gL#<3>vq67uAa2OC^{4*?2VqvYBbbn6rh`~l4W
z7a4`@&pp8YxzWB<#6#haEPx><n#UHFl$3NMJpsk`M%)@}^2C4^XaHn=<CvZ43X4Tc
z1u3aMfIoXpM7`O554;4FLY#5i<fxO5aC*73<6X^7D2}dV62JOiH4D>fF=!J|>;RyY
z?W!tcB=9MLuGa4q?`+(`tHCOwqN4lOfPe-#5Q9u$E-okybM2mBS1lmC`G<eX3A_T(
zAd$b)X$3?Brux!P9yv887cBu=E1&9j_oz3*xUujV2Zm!}VjjG_Q5krEO|^u0KOB_;
zq<k7vtx*LfrAmu={#jaaZkUmRy!^*Q(m(A__O!lKxJUWoMRRkrVx9_chH99pdN*D4
zhl&%yO%G4X`w$PMlK9O^CIJE<klF$21RLhKQ2+@T*Kp43;=LKL<ad_J*o<jPH3o+n
ztQ*B(kuJNmaAzf@2>@s$bHA`uP-s;r5pZ(>L;_CQX~lmNBpz0vZ`Df9v!^^UFy8t8
zehWaGRc0VtcGEmiS!Mm*zaKkU5d1$UmjXU%A_)el$sSce7U*`(@0SGZfepyrVjusb
z4)9n7xPE_zu<?IQ0{4G^N9EsrTwaM4eL!1SczF1aA89v}34(sM^iWV!b2;ecBImKm
zPE8g3Yo=x^2#Rl<agtWK04Q;7Z31q!?x-tPHV6blMWxpfObP&kZC(T#uU*e<+}%-5
zhKOcvZtkk8Dpu{DaNB&PB0+rXMEa0o096B)O?UIPvTwR#cO*yd^5P<}CSWj41UR~9
z^}7HV9-IH9F*=8!P>J!6*6at3WLQ>S(l&t3>oqH7{Z)U7RIxVlIP7Twx;SdBjq!pc
zJtdw-92^G87*-*3F+TZ^ACoE5tJ$b!!X`|czM>;Sne`0}XaMofR9INpp%YaS>kf0(
zD1dA4o*t}r9|9r=;Oj6{U;OPp2Gark1QdG^CINDQBdUD*2cV(f3`aKXBf!I%l5C0T
z8V!8zjvpZjNl6yz>Nlge_Y|;JU>yVUnaZ8&O+6=o_72D=GJ6Ig(R!JEe$6c{SXfxd
zeOp6BKcG(}v{V3OM#$IiyRsgU^TQ1v5wf;AyjS+rKmo`Jl4Mm%VKvct#}Ajb+J2WA
z_gYNINI%S~X&~l79iq>7Yw=WkjRsrq@TZmAKcBPl2S{rG@(2il@~uAxUvxebns90V
z$nTktftt__S%31ixX*jXv}97ld7Go|Zp;-R&CFE!kZ7I9ul%<MucPoR0o@;}@e3M(
zeARU)f)8$22Pir?IJ{$XKH8$cA5Qk$@O$e9piKOJD7FG%=DDG?pMSObk-MF|9Uo$#
zqZ`mKA$k!)XKL-n=;&+R$1RcwT3)@eB8fH*Na5iLFU0L57A9uc%MZ{Lgzd**q77k;
z+-kP8v^47cYb~M18v-?QZmT5#I{Oh8)(1JBNxIxJ1aPxYYutdopuu9k9t_P7Uk3oh
zE}NEqXcuK<WF%2Y#<^KrM@NB5*~ae<a{I(<fiQ3^$oz>dGxQKh9U!4BgQbk~;ywm+
zd|$qNxsgVklmg_#4)n~-OwQ6CKn{ld1}^wZ=m%Aj{PV>miQes7ih$CD&G2soupLDE
zw?1q1pDf3JsU>7Tx_0Ud%JB;515N**7xaG(@cgfPoQDtaIU>5<3U`zn`pA<%4$bW5
z%TASdWrUc3u_e9W2!+161ycL+FZ2+ba6SsaYtYh)lm)fv0MzHOq`w-K`fi|1^@(%Z
z9}f(C0}9LaZ{+)X)`%GTh=T8U#yU$fZVa$d0BF8iBuDuM1|A+CL(Or2CST7tFnq%^
z3TWb~;I5KGn;V&)UMgTRfZP-b)Zx~D&`L8a6)phZ!+B}I^M7&o)=^de-@D*JMHCbi
z6r`m=1QZaYRk{VFTe>?AttcqnNK1DL(jna`AdS*3-8lRB`F!vF&7C`IX01DG)~sRq
zm*<>!ykfuh-p{k2efYELpDJT!Jl3Tsb<2V0k-aUOl}lu*yI>DsTRy~7$dC$cml6nh
zSmd$~sczZa9A=%8-um+mE2l{t--mO&7R4%<SXc&+&zotbV}<aq{(T4?8K}6W=2EM)
zO}Djg3DXeAPy}-bvQ1KAV*NwM$Hy+lKSArqfbcj{NKRN-IE-9;5h`)glxZaK@7!q*
zgFJ6KwKTWpc)h152uE!W(`-j!rv->c@2x`R<9B3KZzHG@1(@eDe=MLb52K^i9f6Y+
zj_EzTe;&XqyTa^Rvc5RHZj_sZd?u7NE-fyu8u;8GOre8fJ?;c%P3v#ysKQ4%Il1Ih
zMJ^UXLc&VN4YliO`U}3;q^L5nf&SDkRxnk=YY`#2vPt|U<06+Hs;azTY<Vg4_calA
zc3rn#bmU*UbctFn>^jx3>5dk>+|F)s8`<veZdXSKm&aL!t&m)pwK!!4k5&iff4r73
za2u#yxsf|*LNd6*31BD+YY)_5B<wb6R3n*vKpu)&@1i}F%HQAraBIeMAyS!xwNsXC
z^Y_mtTnC0W>lZO(P@`yj!#v_{r;wpxhE1qY!<PqI33n+Owl+*g@TWF_W0;urvF|QN
zg%=YG7l-9$E=`U@?>Od2Z^BbbsYJDgh7Vcd9b>++7xP~mzE+~`e~QbD*ta?qkycZ3
zRzgGc8{!T6%i!n7e4b6S?@CFd;Yx?4XtmHvq*67i=;n3?O9bV+)Jjn;4ANvlv8IE(
zeAwi<k-%w;kdBK7986s#`e=M@m6O%HDcjb1Z9&7b&jdm|F5$Z7+f^Klo1GqP<RbcV
z+mU>H`WksIPpEcNn^mKqe9f{@m-v+`JiwAhhaGaNntzIkbHK}xEq^X&iIm&s_kS>u
ztzdH!!PRxr!{AIQ@kCO5<Z|(KGs(ub9<>8~XRjw#=dpVqQ!x`KBlyfd*#=TvUmG2h
zoQ<4M>pqE-IJ2|0FPdB>%y{63eFtBS)Ki5M9r27UZ9XBOTn0<hS#>6&fAu&d`f>`H
zqE-gA(ZH8Vy1l&+aV%Vom!pkgiKTRI-=?&*C<JlKznAY}4Y}`Gk=w4bRV3Aru9$Yl
zFW*N;JWBXiEKW?G5DY|j^S*30H6Mk!xQa~GjG$ahF%nsiWu>pW)>-iZX}XOObAZS-
z*jc>VoG#tPdu;#ZQl6i((fg?c<nR!3E%W`W-jao$S_bC)iEwnTFE1h)%YFu5LL6my
zc_D^hFigm_lGk#sZ{9p0cFG{gztM5+gM?CITH(|0Db-JDXi=3=->C_%$Yx*`sg;w1
zB$$h|=^uf{n`lv3ht$#)NjDG{-z)7FDjNPvQJ5rX#0Aoi#U?zt?=kYh`Yvf$3GJ6z
zr=OvU^*~FN^sq-RRx7CohrBb|`89L%qum}uysL0SP`EhAhx}6`Fe&HHRQQgmusiKc
zzTkr@Zla+ksTB)$Cg!~1c>7)oMv!dH>jIbYFv0{<r}ys0iE6-vkf*sg7Vo+od__Px
z!XtWaFP-msTzWuUkZA9Ch$ZnOqaYMlG>eN(Z^%$zfAd(eosHt-d%F?=F-KlS_11`x
z=F}jaE~QTgzvCCI?x-k=%}aNfcn0CD$j8Xi2oOXb3Q0^`^hosYETT8(OLg;BKFwiu
zlI+?H4Xt3E7^iuFbZ|+Lkc|KO@H9kwUX$U3VxH?xfmGtIhT%7gySCCAJ9b^aIvNq5
zy~TT3;*m@Fc;Byz7tuD0T;1v|%2bw}PpFykFwB}C&M}u<ab_IZPEfAUc)?tG{O-hE
zrSa-qc_gR8j!f_O%t+J8+62fal~{Id%iq<-k)?j8R^G>7e%fawz@E`clJ28K$8+%A
z%xYh1Zn2J9yeTItFLpw2Z++D`gWX8n)Ut9{P-Wzw1aO&v-@r<?%VTASTV_7;U5R*t
zbbPPYzU7?iD_&6SIBm!Y9&ApHy6^S5F4UDNUxYB2?ynANna)h(LEOsR(Zf{emcQ!C
zM-X{+Y)kQp0->jgseHju7#R}E8~5)+vPpIOWLTA=yr+cj`M@@XKWoX1bWly}g}-0T
z{Bp&D=~=kRvCX+aUw3IjfZLB)g7{ne?<A(95`S!Icq+au3v2(VKpD*&8>2}^J|mc&
zFh+<0gem`h1(V47t>};olfL;k*H`Lg%K3@Xds&W8V@1i3eAV*>SH=j+EIZp*Lqj}r
z?X=x;hjYGXwYSIiJ*iNZO)rt)KTP7H_~xk~a?m^9ep@2a$jDN@xKH{9pP6(ur{iX5
zMJXpMrGRXltJCYVl#sW+``kNG7Jfa&@i+Dr@{2)I1+R;ZqlNjjCoh6<AST&{f!J=-
z-D9yi(k^O}q}n__$-&_DdX2YD-;%yiqLk|+{_TR<kh6KQuSSUeWZqb1XV0^Ir<|KC
zvK0<O)<3&~rj>(5(0Oxc^B7L__H7xE2feCjk=sggC%(EPVRY+s=JH<?0y=R%$Wwf4
z+gWG$5qmVNymixfYqC>k>`US4?|ZIaDaCuDK96DHJ{Ssr!nZ*vCDizKwg15sE`_*+
zcrT@EQa<`{j70O4ZK@2;!!`}knUqxwN!ckr^MkjKpOC$XTpBl`y)u@XVlG+A`;LZ(
z(|PbM*GBv}RD1E;tK_$p=7~?SxgA_`MHqRytUSlU)!&@fd;Wzk`@6#q<FWQnqX%LM
zKQd|09rvP)>?CP>$P&I(l?p|AsPwI6fB&d)in)bd68x+CYd|HBOYhs|D!wA#T{sL@
ze@0PmB8c_|qVf_h9#fGr^!@&Hgf>ztjSSNMQKH1eLY8=T)~Wiq>BS4to>)8e4@tlt
zIX;-__;c?1{lnWAsd`k3N?LWblZww}d>o#+bzjTWcG}+E`e{|~otNTUU$4E~%uu{K
zyl(D_bTT_2MpD$ve8`ux$Vq7&`SIo86e*>FW9C>_>rrE2W*FrcSov6`Hasc}@6nQM
z*Ds7yUk#8K;G<~q?CQ>~5f%F-_%UCqu=&YHyG=|S(x{Mo<OSGAE$94Prq;&Y0Y~=?
zzK})MQ?OXbIW}xXvBce4onf)<75qp+o^DVF5hAIS?eyks`;Y4qnq;^dpGIHq=hCG#
zDjs!*V;?HtoWQ}Z)JPZFe;{{xy=+=C$b(*hlZ5^{+2L7-1w&2(s@9KY%vDM{XMIn9
z%<fmSdJs}v(cRPju48^lSL8fv^>Ck_T4Y{CRFplrN2QDj6nHuaIBG;Yk#n~W@GxW<
z6?US#UUix&FR0C}kB%VAWh>k}D&B0Oe2}!g&{Q2A!JR0-fJa88Ny_CgS|}bopvWS9
zUTCym`_|j#$(hDK(<K;;{#o;G&5qlflDm^+A%@-KA))(Xugp39X|!c7M0_}R1(9RT
z?`(p*J3Ca})U6M$n$1Ui3_KLTtaEtXn0kFoT@tsTqjwx1_s`4xIwf7*63IW$b(8&U
z3fdKI*DK`Zl5L}^)Xf_U1qZ*BV0jYA@3}<%DIA*fj&x8+mR60PBq>TeA<N9Aeeu>c
zYh;ZyrP}v6iG22GrDA|ZDp4#{iiG~bL*)^HmMdo+D{tx*fUVZb?`J)~aPYy@NlR~T
z*og(_-hu|HSz|uUHihiFtOUZ5>GF)M*|5t&TFODw>IYhCbh0Cr{ybb)o3o)#cr?FQ
zXgNs1p))FaKF>ok@M7cAsZ>{N+KXYCx2fc6w=A}5BO~lnTCWL}^Jh^@R7)-dM0R18
zmnYw-5!FINJadO6S!wDQbX<<(nW!3%sgq96;MSAqOd~5`JJHQ!ehhio(xa(t-Q82X
z8n_;B0ru@R-llm@cNNu}&d!c5*C$j~&9!)i+52XHvf}j4omeDQP4W|sy3|W}B?CXy
zeUsCAz{<_9?{sibv)(OD@iF}M`8=UE{$}BerJC1e9;RoKL9aGB??0^Z#XQ%{7@AWH
zFO&n-pQVAC#-DOXswS-6aAHkb{&SfnRpPw1w}K)M%#=zLg<FHO2+hR;o-pO6DYsu4
zE<hEx<{Vg#$*(TsrrUmDa=>4?o8~XS@amueb9HR3S$+Q@U5?AECr8H5ztK5*W<?k4
z*E^&r_lf8cx_)3YF-CS6<+#I<WlPCfE0RffN?zS2zaL;Hdj;bOkC^H5zWK9SPea%G
zO9(F)loFQc!E40}8`<uF%4}2XsX!0Bq%Mhxh)7#?x5;-uB1|MV6Eeb#R*6(>>@2b5
zH1#`D8qXTv%F1399aV{`RTvJ4F_EOooBO4=%9HJEiIeWPy94S`UmnXfDbDw7Qw;bo
z-MQP=D^*DBgdQv_K7H$nla`dm&+eliMF=yQ@ub0>-qwd&>JHZ%&3@tfuyly;cYRU*
z?9^RJN&B;8!Necmmq{XEB|UF~btLyF;`&AB2BjYDduC4xgY6KSkEy_DUk|u(_m7Yp
z5AP#HgMQeqV^Ta<jrDO>=LFu!9X<gWPX>O^o%!AOlHejr2dNP`*e-O02d$+nudb7m
zF~x8(Q*RkW@|Nl^p64`#UQ0I*S5zzz-TbkcUPQSG?ju8+JU1=3ad*Ukq`U*+LFbG0
zZv%Qh)cIffR{2ks1Qksd_zcOlUzKS%7#x21G@za+E$xzPno--TP>_05naW$4ii;F_
z%lk>IRW85g&6^Ly4nw5=Q~BfKLXDRq6Vv>&l@F4_qBD!2rkyULmerMQRH<)mtUqPA
z(9YntlWZ-_Qq{jTiMowlm#a4!6!rOTMg2C_s4|GLJI}5`QrIx2M%_)PyP|x@%9;9j
zrF;FH=Hi?Z58ohda=y?UU2;=Ktb^rx9TStQgY~fDwbUHtqqh<&3Z>@pRJVCT@G}cv
zELVK`yuaXzM>hR3>&4<(63v)L@Gpab(BSm|2VNz2+248jvsN7peMU<gEOLA=C`D<z
zk)|>M3aTG|r9Tc0#uwt33vu^UyyW<h=h&%((CSV!{htuCludU^i;-&r?spqo$n|MC
ztPL8fu)bGf>MqQv*omJO`t4~ueWgDAsM^6|G(ldWt^d6=qLeT+zn}sg@w)>2<%RQu
ztr@GYQ}=?|eimr**!^T|@W0-0Xuqk!#r){Wld@z3!@k6Px@$!`%>1M}$nmj88ctCr
z;xMhfC6y8~&}+V>bNqmn09eMxLjIQ?`rNui`uzRIOPhmEt}aI(T7HxOA^iPjy<>yH
z?R9zO`cL3CU&3WA2^0NCvA6~c5EpEnXRjAKg#Lcj%jthv&&3+Vp;_O@I!hxE%+LP{
zD&z1#WC@uXW6%`%CsO^NN}~KP&}n)M(3DhFV_snVcfps*1_Lzw<G(Kj`ju}e-u-ju
z|7&s&d!WDh-?Y-~bEu^ns%S^)jPUv^<RG}8{{KQ%3Ur(H$BdFlc^va3qnV>MY&#%T
zOm7FMj{;x{0tQvChnwdo`==m@BKYD3XoT$TB=9&z9rt$Kxc6wbdaLe>T0Y<`TubqG
z0g)5tUx5}E4>HN#S8tvS1bf&6d0UqMSSV_JI9J))x+pJmM6bgoz`*5jlc@_n6#qBT
zj^&`lyaN>1Q%Eb|QsisbU-WR!oPoeIXxzks^6%k<RsArQ*gHra|3)b|XV55z8Bpux
zlm&#Wz@xXj>GeXI8Yt8CNqnwKlsPEU^yVq(oIn~>(jzi1u3ES0YK(#tUn}dsbm)Im
z)lRkxw;Dl(N>oVb-TU|AKKsBk?u-ZVXf2Q9g{rQ|ioHR}!;J~2F@xyyL&!*9oNmE@
zzzeUab$th6@BayN8FF5K#`-)sjQc-Bszl<J(qVCc0q_k=oVK+7U4dKkCqybRVlqH)
zrA}F$uB|=;rEEQ5V0xYmC1DeDtb=CtSgmWhzB&l?!PrH=lg8B<R?FDLG>Dm<)rkpN
zsCHPR<=l7s*ua0jrw~ImFbo<t@O~)vA}DaxAN}%Ix2zQYcX)X!(?3+Fi9y!7Knggp
z0)&7O3@}PiGIhiSk?}qFHUw%j`9>pZ83mxdEfahbHS*M@gKUuDiDuCzBO)RqCua$b
zxuW7QN>x1i;WpJYaw)-|xk~K6T|e(?)KAF&2*9L+@U+~aGOH)#*m;~bBcyU5xtoL3
z?|`gerw|f(45ZQYA^ML6oArM#;w-DO%|;7uPHnddTom(afJBV0Zt{Pd8v~rY?(XhU
zZO`*xkQLncI$>X!1%&^HPoC`il6#=$W~*WjTXhjNT2&5fWusbV_K`W&-PsD6kf7&^
zS)Qss1W1gMiV8%|tL;|?!RZbloVDu%ZOwmj0c;r{unzJ`$SKjnYO)QKTu=?t&e{10
zUNG|?BQa~iE&d?we+PkH0kx<gp9J}Tv>0vP0Ne8>6J+7d`F=(b{i`hHg_4Z;dxifq
z7^&fo2Ph#y`VSyT0Z6O*FD%Be8Sx*_hXcu!gPpw;MuxTRZ^grBcuJJs7v|L8OZMNk
zzIVe}3kFmB&&epPvI~%1AF=ytHFE(u$XBmkot?vG0*!Xr_@~7nx&-2avmm+Xu~9Zk
zy@67LMj-6(K_Ne{Y*;o(48aB){e(wK$|OM3@PL{50tyfg*T>jEi3*j-kDr{JgcNOu
z=0C_O>1C+3K`uT0p5VFuqZq)2WOz&zW;Br627*NSO1YC~uuJ~QCX!x-V*Kz2OiVpJ
zJtz~?`<26L`r*JZi|4T<h#vZEHuk?jSVOe}Hj_rhBVJw&j|cE<&UZjjj4f>M0Z2bF
zGow_&ZP@_7L{YwBiWzr#99Gl1sz&!W%4ZT`yQ3k-&CiauTiZ8L%Jo+dfZF;B(Qmty
z;FNd?QA&t<T-3Gzbtc&a?sSr-tFUN-0*N^#l=h)qqAPw4Oae?isLGp|n9R8C2BxX)
z2XVf-i6eXkQQF@49?QYS;m`SDS6{khH2-cl8;bwD)R%-3Nt?a?f5gYHAgq(XPX73z
zvasyzFs!KD@h<+=Cr+zGDSZQjKoTx_wBN#z#dU#gIs<(bJg`xT;G|Be9}MWTuG~%q
z56vV02epN)1F*h~qBD#MTB!8uF$3WUNK!&-`z~T8B{f%VcvC+}UuCcQ3St+uKoN*%
z>2QBg=~7p`Nye_RabL6&vg67KH-EPR2NxRhGn85KW5R1SAkhaDQOXMi1$+)0IL{e5
zgUt7uws;K<Mf9avM$nX^OEMGB5;&g6o7%U9F=j1>GMwXCJoU?7$iK_`$CK~p65)cX
zTzQeHW6@eJ;%L9GV-YZaPjX3k$rB!Y2HTciz~GHqDi#`o?5_i$lNrvSxt*iM{bSI#
z8c~y=Kf)cOR_&O7MbUwvpD@aHUc==Q2+RM)j2#2*>j&qJm6RKQy~O{GRy7)_Khk=a
zc$L)$hef3bU<}^BO&c0KS{{pMP$%V-Q~CUa#XE|{h?vgXrfBM={u##9^s~vA!3Q0Y
z2t-)~;^o-6#F9c_$efBWgHyvPp`Z_OU*3~~p9q8@)VZTR&qjUTpL)&UHDIThb!#v0
zqHF8lxMEpy8fmD}lx&&rgm_jBWG4u_6Zj)647CG5uZ=;X^0WX(-I@*!4Q(gfzyJ8&
zxev!KRUzT1^=CYMgfk|1JD*#YKOx9dhag|nzW8u5Q<i+;=nnl6K2nw@*Do+I^7_<p
zLAm#2M2+{ouIT09Gg7C?fwO8c$$moo9`HKe!#wq0vc1m<KyIp4V};FJmf=nE&%uUq
zBm!B4qm*e>J}d((kwFF2nLhxK1$l+9$^%;!LB)4!;_F^}OR?K-e{%^W7trGJ!Py<d
zKm<b)4Z-fezPXmnUb1GjClS)*kziEJiL+%u(!=5TD0DM7-Tzq=#`2y7*9)nSxu(Oy
zVLlYPBOq>=U+&7iB>!8DyJ*DZmH)DYieDc;!ucBN9ZgyX5(YS*hnu(y5fBr1WnnsJ
zE0Of9zGv`WV1osfNwN}oMe!yRl~q;HmVrNASGX>c<-Ehf@c2M2KthEb979i-doNn{
z@0`zlRc(cgBG8ld-r@|+WzKIL)J{9*=lZ15UtMC%kWFIV(wkd}q}}2nj4F3sNsr!}
zm^vei?hUxz9RCH)>j2fj!#KdsMR5zBh_35tR_cSO;LthtxfkZPS>(jTYkI?Z>dH4o
z3A#(v@-e5SE~(ab3=%|}hxHcOze_%~_*T7qtu98{JS%$Ox+EAG0@Uk0##PD65E;qJ
z@#Y@OA6-i4da^;hM^WX$=^zh)iu01`2>)-9wcjashpqR}egpDzr)CT`YXnu8vBz76
zB=l6WsOcAt{-srjsOS8r8m+K~Q~WO>KBM8vw%64$>rBo!w$ijlGi&Auz5(=`(V2;h
z!#^-kG04erAVs*>_YkaM0;koq>sD>%<%fkHsrv)wj8%He1n;!&X-SW6ML$YOUkI_+
z_iVb!+1>}Xzc_!FlBxE!V6A2Sx#Ji@A_(wXF&G#YX6&Me_+4;piUgC9l9J{xrDbMr
zO_a;ZqWm53+dMoxdf8e~$0sG_9Yljv01-K^7W*G9eU-ZB({&=;Gb>Vd+1~89CJz{u
z@?K7h)4g=z)$s>}TvU<tMw8@<bo{&9IScjz55;X4nrx>WMsMpozgIe}$P>1DtiML_
zT)>JCQA!L#g%6pTQEr}rQ9(*d<0l5>$Xj$QGC=oZdfVGWlAvON6;+CIqMW7-1*+Wj
zA*AO~BUh_t-W0!^mc;JZt7h5Kqe|Ec7&o$&%EC%Vl1`zCmgVsH$aTf&3Ta8ypYHH~
z<?apPS+z(Y^S!n^gr=m9sbeDY1qmzW4&rld1#3gen0c7`3i~Q(2A6rPEiG}v(FfIb
zgIp7r5TC-=7uLRc%L<&AnsO!RuIz{CA_=&NMyW8sr<j<pc(CMOf;90-AMYpiW>wLW
zwu)8bb}qs<;jKFVlDvzVziFdNkUoj_`TW0=BF@jxPxsdVrM*zAkDQb+l<=VukAgd?
zPvC3>c&O;BOt;+Q`q7=})JqsOdbiY4&*?^|4zlp8Q~jX*`=_-pPJYG2U)0Rlw2@jo
z^hzgme^mLK8HO@?xFO6<qW77W)06`%6T>hlD>K;HD@Cq-CegbdI1YZvknM0X>3&g7
zFW3(1Ad{Vx@UrC_W;^p8CxHhkE-Du5K?Bb_bqIZzS#6-64A#LYhTp|<eOBO9A$!MT
z1BFVPxmH3p!#nu+4?aa+)T{;POD@ZAx~zexw25L%!T14exkfU-2>Py!c0j5sY|lqD
zOjP{t@8xPr=`HS9u}Nhe@Uuysc9!EvjkhDN);n_aGSCQ+A7Y8EY3aNz?z&}DjpZB0
z(B>oa_6A=_NZNGiUYti8sS`axas&^elr8!u#pHi@5TU6NRjJp|*yq6;3?ZEX*HCH(
z<$NsQmAW2U#`R<@fudtX%nl=ZMfm!Mwc4|<+L_{Pt+>6P9(z-87-opNNVp7FJrmt5
z19Y{PtneOt&ID3@kde<vjEnzCCqc()))3<{+k(PF3qcMnmmd*ikBP|0HUlre3uJs%
zp-&%^!xa*Or4SqCVW#opvcLQ$qQ6%IPiN&ssdrf2`|Vqx)EJPsj)o;BCPqY*0@RIC
z&j#)c=5j-4R~NW$^__2KAgZw96XhoYgq1+U`c3ykCMG^mXFS<oTUcy^<}Kr9h2rDs
zi1LA2D~-YP&SyRb9w!azB_F?DiB{Hhh?J|DIkPI2e5;n=b)-+~MD-!Uq7h90d_v@?
zge=@r(~_vAtCqRd7AZ@zV0^|so;shzwGz;wNN0GX>aN^19K^V<na{10<Ky9+38J6(
z@nFL_L>D^I_UnqX(vbUsbErIX26~V<fVrQdqLv`H3hGk%pg~&*^1_N#O7j2l4rj><
zHarX-wc<+n>`&VDJsxi~-;+DcQ~mO4;%WT=NRZ}`nHkDd@rV$g&MsG<PXElk-Q13h
zs9HE%C>%kKfI*|%D$`Ptmkh6;iwzy-*kwiUp<78L6F!9oM`6<OW6NT-!^-ByAF!Dh
zyc_6WAdE2zYA`9hMnXU5fP389vsM464q{lK4WSw{UC3U_8^T7(1cO&P<N4<tA^;9{
zzmP;#V;*Hi^qlCtC=ZoI>J@J+oRvU1!@1T#whikCsoA+-2MRxJ1ro7c9eXlJy?4Zb
zqzRl>*$IlP{}bx52A;X&f+_c?f?^?=R7;s+U;N6~?|y@C5MEKXs<)jG%=X|EudlE3
zY}M>SJcI)AjdmA%Kn^)7yo#99(tKG9<@5mo@^1gtm6eqpyQAMfQ9h?_8LB!Ffapk{
zlj!<0VeH?uGVw<se)-^&7dENKZrn`8yn8g~2{346Wn`u+?J{fT!fF_Ik<cV4f-&|)
zm_Rd)WC;gKiOm)mAv_~>Fa6^yaF*OLDmuN{+$@Alg)%Q{atjklaMz`!rE3A?j$~L7
z*npXJYEzQY@&%36cBez2_88!0>JV`oL@loF9BPh-ot3KP+olvJ8+yWJ84%CnfUlBa
z2ULu!7#P8XY#9&_qj**GVUl&Ho7G7ddzmH5)VfL#+E&4?+9K_<dHIZZIXMrwV)C1h
zq109NIN0-S4xDL#O53j}ukSpaqF7kXEe!JWlV_&1+6$wRgw{|GMR)8LyH$%{zh{ks
zZem@1p;V$ArNS1p$CCSq6jbvmem1XVr~1<b+dX=d3xBFY@A-k9l@Y6xch~V2dFaC*
zyG(cBDOujnb)S8MvDg!L2=RjnsK8<_>eOsmoYjnW{kXOcmBrAL>lFe~u6vE*pEv=E
z|E6u6p$QXp$_d2rUoEGqN=r+Df!4)bZ4N=Lw#RWg7!}a0CuO)h*{tZDLzF2xwhX6{
zZ6){2V#aO79g(#sU9w+lyG}mtJHE{7xF<XAC;i4_X#Wwn9lq0OUt8J2gxO=Ce%6qF
zUi)&MXo3dT<<&PXO_vbXf2-?9A)HdXobAJPkFyUJlJ@zkGN$zx$ET%i_tNY3y$5l+
z6n1uZr(S*4=K2)?&iu5)sHUN7w5Iw^(ICGW*hmm+9X$h5r=x3b*D>+_)KX6z9gBaS
zwARL5Mx{^571gDVd_mm{@Du~XlM6V}zHFX~r$G(NMmdw-C?m!X*a9N!JHM~vRj$rR
zdqJ+ZU%>J+IKPc!X0i%dOfw^n%OQ`#F4Bk`UJVYg()dusRW=bP_&V>2*~oIdnigUB
z9VaIzGtT9m0}-NYeXQIfm1S+|o73QOBdi%AZ|0?W8bF>Wj2%{PHN%W?*Y*Q3m{r$k
zTQ-67y0y>WqyutgW9gb~EtDouPBI<=C41Fe<?4NnX{Tc^;<@*H{3%7GYSqsL{CFvq
zHTIvLkJ&pdy*}UQD8GlO0O@x`gADn2WucImp#1>JF~jLO>~6iSdOpJJ^lHiHgo=IL
zA-a{kxx<Cic>1@j{*w!!z*y*+9C$7sOdoMiGWz}C<0w%rdc9k!r+4^=JS$QpgRU>D
zj7%l?FOZG~#!ILmX8BP;3eTt#y6J6j3^YAEik6G|Eyvl)*ku<yoX&<%y!Fb|B024}
zF=&nhB!j5TI8s&*tS(ztsXV8$XMY%{gnP5kRy(F%&3@r&Yv3iXQ&dPbUPvb+7%->K
zRgv&m?<%3vsd4!nx3rN;r;XRrH$7e_{W5Os3Fu|EqqaGHZJA8`gy_A9a^AsNTDhH>
zGN_V>vGZo}iMAbrA0}Gr_8!eE4t3Q@kB{4n{RY7uMdN||S(ZyVMr3_OlSD(#4y1<%
zD?vs9^xxZ#cf_rd40Y~gDsQZrV&qi1zI64der$OMF^S@@&30^i_nI20d~dR4Bvq-X
zF0#?wxmZo*3D#G!<c=L)aHuJ7AzGN2p!+qD>JwO?vSEE&Ubf5;c54wU@{)N!Z%RV_
z)ZXQR>sW}%cW}Lz$k~l-xMV!rL({72U=oeW0|_@KN~_{b)`zKK<+cp&6fd?Gf_63n
z?Kb@uHvL10tg1xSs(Fnuw%!>uM+}jU?{)@=SpKk_u@qr&I*+-8s8Aw6M@WZiKGrjq
zLh(17A(?pB?S*U9H52Rv-Me@0)IdKs+wNU3H3uMU{4IT4peRe2ObvV2vf}4eu98Tm
zZs4~?oK{+$edaff#Ag&;oUX92*FHXIT`5q3D1GEjSsed5H<xMO&PJJ-2BWm*#h~`Z
zPBiIKu7Y;(mIcPraaD1T(@V>Yp<Ku5{+`$;k{sw-e4p<jr2G+B&%F1tyL_(lx9hg<
zk7~~(JGQw;5@PBMr<hgs#c|3Ssl0#x9+NqJX77MpZb52#VPm3v?Xqj-7&c+l^|&fR
z=K~__&EBGb!bdo*WmVN<gXxk6Uq+tSJ*Mdh3=A9|I*EU0YcIlMJO3d*{s*+(OY=K%
zcQOkYP9#u!vdr(avylGh89Kt66mWqo>B9pMVEDxEUbRV*%tH|1R8i&E`&A$32`_K_
zPN`Opw0F+9n2}1=pdC*{`^w7zL6_iwEZYpWhvyOYF&5>vW(tSXShrnxM~4Wb-0Caz
zW{WbpqlZ&=pChw*UYJmi(e$rGx{Zt!Xfh_*xbI&bn_d3d#41`pwMizlp1m&bbU0*z
zgP45*8K{@iM)IxGY5Zm`k%Ck2gCQA7C%6BU#r?rPc#x@_QKOF!ih5oma`98md`R}i
zs|NT}ySXossyLs8Xu-{Ex?D;_PhBP|tCK>fWnAVeDA<I4R0W5fX;j%~W1Z>}wyf|?
zkMEN|wVJL0$MwiMT7K!;V8y(#X6x~FWc5C?FVBfC(%Qb}f_<eX?3@x|O#vkaS=7}o
zBH9mX?Xvq~IlhYuZUq&pei6YRA}yH@VAL$G32MU_WtV|1IlynCS@60s$7m<Q-iqgN
zzsdGchf=d`YK@uavv$-pc4z7y1KzpCuN)7R6E!s24$}l47DjDq&sgTxLWLDtZAT~V
zkXMC6RGL`(G7&kZZx9G&NG!ZWcD^F#?9__h{5^B#tzMg&;iPEbIgn2f{<aI5CM4#6
zPxR7;XA5_dzJ2*)#Uvglx=0aOlEW6qlYQR#&o#ats#2_PRXl%aM(VEcyLU<@+}v+x
zO_~f^fjE9Vtgb@eZgXJ-E6n9!FTjotdJ<UQhHBZ=q0sPkJwk#fR>G<zOIRt@sUNOS
zw$1YuvCrN2^-!_M#985U7XIq9yr)sQ^zy5FK~)xxDkS@M$PDS1wz}UFMp+7HtX`VS
zO(+Ve3*Q;dSN)P9eCRM;Q~hXd+gU)NRy%F^9cW}h62@MmB=g>_Tc4e_9nQYD4t=k}
zd7mdl?rc3$95c^!Z%OA>kMc%~xnKtog{(X$(<s@z{j<fqu|jc|%^*S5VJ(CDn&O~p
z@y=r&J8>TajW^A&COEY>-qC1l?c6pKc1b6UJA|pOSS5a0-<T+E=rEBA`Im}YpkRG_
zCH0bf=>4g+Z;EXWC&u4?;2C7*-)<cyTUeUFu5t~nd9vYXo*KL=tx{L3RYm<sI+tlu
zv%O|x(uO{_u<8ePDs62+P_+rwI)~P~S6^{l7^{p2C=FQaMz2dw-=F$e?XVKLsBs}x
z7Q>EUqy8e|Awl;LVSN_{S8pI$e4_0JM~ae9i%O%*iY<jmha0kzTI73rbHHI1sTQ}B
zGP*4nYaYjrj^f-R+q8l5O_34LeQ=&5;*gr8PPOQdj9jgmH)c{clIv1F*s@bA>^~fG
z%fpM3GtLWCO}5h?J7DB0?F;$2*l&bUyZtK-p(6u;m8fnrB{K=zk6TMO{9RNW#CLva
ztdCTTr+N&Ge~I{{RbRf>FbD>CRk!TJ0OPl_&~&V7y?axI<4j$@Q<xHC+QM^U36*xs
zeMKJAhJUv#>@wokCDaX%_cA$M>N=Ldws14po9gLDbaQ;Ti>M)mOzWwsurfEh&0$ai
z5A%mjVrrrO+RO9%kRX$u`YpEAT;3$PB#d5U`j{1re)$Ka3k`e6`>DtFSSCp+`#bL(
z?#<twx*SMnvUsg}<e+GqK#67O;HUZKB3nYyo{<6vLxF^ELLt}0>K6Z;YD}7LS9zof
z+iS#cZje{o8cP4Bs92cmB8cZ?talqPX`c6MdT7eMGShpEhy7?#9irh+n%j%gEXv($
z#4&UewXXO4oFq*hZac0zRdjWH`#Xhu(-((aY5JD&>P9keU+bynYGOWjEvxQIuA19t
zyeQ^LOCgy8*6C!X8F$*6qKufiSBT%ts5`s<{)Q2V=Dp$eVi1YA#^7z*@dJP9Mwc{8
z!gSZ+G+R@Z^(WhRcQzDQyK`ge-CQ+KaPc|^NK+jMqe7>04}J+dO!jDiiPNO-uN3;c
z>+oP-%H8sr(_;?Qooj0GqH2y@!hZ$jz1+$z-K;J=_q}l$F^*EaI@RYaI8SBt4%O}G
z!%l>6-{knCpEvNnhxGD7&EwuI$?>mt9glqQI2su{%SUOfiZ^El{7Rmdd>imB*%<3+
z_g}4WReooo;n4hngSt43n(_YqhRUz01P%@Z(Jc}6EyRVQkM&w_EPQ1>wqWoXP89S(
zLu>>iu)HQJ_31;(&87^d0*fE@PTkaK^yk)QmnmmnDj?KIC}L)LFryW1BYX|%8TV(A
zh)-zz=P&PGdrG(V=P_}dT20SAr}sa+SlFXmzW6lF%B#dC@^$r>y;k!FpQ*#Q<puYm
zL|M%c&s<kiG}54PNAhKqeuH%aKvSFHviw}ocmYm#h_3a6dJK6Wo+!7Rx{6Kmqw>q4
zaG#5j{d5hIyE#U{vu;&qug;mVS9uNF9>T&%wrMzEJB4f9&pxxcA3YF#h&s^~TlHUz
zt3YFlJ0t;%nKj`aizf=d!9n0yO0d|cE7+LV+lN#e7&^A{XIr&C-o5VcYFZ!#w-0*r
zJIZ3Y2YzUoK92rA3oQ)v^l<FX!N1tusio|0B1C_p2EI<HHlkps2}b~O{|;NzeC+Id
zk;+<Np8|kx2HHI$fkdcY22h(4NXqjS0_o0)WvcX`7~Kx7GJYWw&9|Qq=N3X#WLOHJ
zPNytJZfra^_}p|rlWpEu6#Lpf7W4KueT?Da4jWDN*d+1gn;&W_ZP`yD{05+*1iCit
z43Zs(LkEV1p(=<iTa(g^jzxN&TFty&=~9v~3&qKfQTJyn$0o}YCKJ{o;d@=$vBi&L
zID+tUoGXEe&UFLe1K_u^G-YVe13f3sH><Zmf#_ds2+Gdp7Z($`9Z*##FSW9o3{_6H
zEcVl5?f;Y!TUI=`jR9<>ZsTJBPBY;?Yt`$Ody?3$^DL1B_1bq;MgDvj-D-VWSarE>
z@Aati_G+)j^z^v|TdVqthe}nrX02pralvV)B&V<Pcbn0h(->E8yH*1ZtjS7r9O5GE
zHH__zk+3p^dr~dS(HOYSc8`YEearPGVm5CGV6;0rL{RQvxYn~2nn{gw0@$tQ>xW~h
zk(%ZC>g5N^19OmeDI7M9bT)$$nTv~y9_@)y>`r!SjgT9XwDY&V)0}^ll2I;<=DXlf
zA{Z%*TW>CRzpwl3nb+C(g^<W#Xs??^g1>s3KBp%wzlxgM+!M(4C#&X3ZaW`$u1k{I
zA68XiltS1s)G;t#X2v&sTW~zlyj*if&Vk(hr_9XsHD~nHGIl%jJPbnOaK{U4!qXeO
zq^rz28kDWxNhh?L_5;G5ccuPPp!Fl#phx(B$|f&8{Dg%TWqX6d4b@yE3*@gtq$VL1
z*wWHsOV1DBE5IFHi5l=%ixxFmJe~aB5Uc3bFmtu-p55a=TCT(^mxZI(|EjAE;*Q@t
zTXA>Sd@kaE;O-d2Yn65HFYr9D$#S??NRWH?4N}i;_)YIQcBk_44N0!)+f=QC1P^ze
zUD8*AO_h|QOsa>M?@SoImM+XtmlRwHKrU~w2AfL}brc2cb<%HG!3l)u55Y%Q0bO0G
zB~&_+fuRymTqv9JfIu2r{a!&wKi|s~KqVt2B_(N6R$;7aoz4Km0gAr5Q(c;JiHrfQ
zz;TD{SM#wQRF9hyPF`pz1+`cFkR0hG0IGo2MeA)Uk@f=5iJAA1FLUeu^thy+xj3T~
zWB36o!=ljm@=F;eXK1Tq7gITVrAofC;3kcLmCaF)mB$y8p$yOtOVS$En1P%L=`uAf
z?aAN-lV?!P?T(HPz^^ryb<T32mJ}YH`M9F21=3-30y8da`KZdLPB;B(Y5}X-{SoYv
z+mE=$8pXT}c5>-24$A9?XAH>3KD9gkFfHqhAwDjGOx!u}EWoKRv@O*~zGkIJa#8g;
zxPjmgCR2Gt;G)AIDw+f7LH`y?w2_seOvoSg+V$}{HTm2G<4|IUPe9<*K@(kS{GN9G
zO*$!`%d61`@^uq;yWUR~mU3WI@71CiY_wKZYI&aT+tM3cEUt!66~=e)ytWS=5-yS2
ziLU!|aSDmy=u*6~JciwYZ0)uc9~0XWix^&H$r-yvG@tBEumb!_IDC5{H7~0&lI0A0
z=iLk0!5@Am2>Af#a%dub-uMl<Sm?3OxL{{rt2jm+r716toY$!iZS0;F(_Y^K%jx)&
z?9VWEejVjcNtW8QoSc<Z;ef>l-`<ft6}NkWoFBiPLlo@vNEZ_zNpgc<jOTLSre4_}
zJos5*p43CAQ??X|K}->BsbQ*At~=LAiU~?HK-*h{t`ts>EN~tQ<`<{{AE35bg}<M;
zYXS1osc%&zWk<WhLo?IdYTc@<38!efCoTG&3wtz%f0V~m-oU>*+0)wn{*Qxb?^kW#
z=J)dp+z=!=S&X5Q95+qmaPoRF5xmk#LTD}>0O|h23y4f*;0k`=t7z+|7*q&QQ({t5
zVNDcImA1)_?Fuv9NuKlWiv05(O1tml_$Qs4JH4xx-izx7skua5uF@_Gs*n+Txv00N
zCHDve$+Ab=Vm{+iMU`oLV@M%`f`vex1F`%G1Xn-3?=_%q9i&R6rUEs*Veu#_Myu4J
z6cnDw*?;-^g0bk*ou1_I=L`3)ru1`E<;QX~v0lZI|Jm-nXEZ}Uq({b089I`yL+c`x
zNw#2tJNRmkU<`K9M;?$+1T?cjBLFg&3K&;TD8~Sn6!~Ouk*K=4=8;Y~*6fenQ|UiI
z<2!dNy5H)}*>}Py)|*KFlTUVlGGQj_jkBttoFV&qR`PQL-Na^v*aGIs&Fw)TPTWI1
zcxX`ZNS-Q{c+}=<O3ukG@mr~`hT^6=<Gfw@Feg+^VQr>6_hXp3Hb1xFuHKNWpEGQj
zeICBNq0{(Wmzy&AZS`0?#>lJGYx_|`iMR=lAm#f_@fzBv*gD?ueqnWCXm2Q0579bz
z*}!@5iQ+MIL0{Pp>)@8N)jnkOu6ej)YCc&ZS5hM)@n?{x&E4L|0R?w4x&g`*le`i7
zDpnL+1OvS?y*6xxVH?h$St7<^4?30O2#EriCz;i8ckftYAf7=Y^EZAKkGIf^lec4m
z^Qzn(RiMPkcbC3Y5bhFBJnC6TVpVgpn(ILDXjOlJrcK)3>Ko)O0X}H@LO{cgITG?J
zwi#Fm%t_K;&_!Gn#BV;t8;mnP#*YK{V~1ocY+0l$>Iy=K0}Nq}d@XY1bgP~P8HN32
z@1i{II`|)!ecot#KZH-ygsTbz&jNQ2I|bpOZ#*vF;eO}q%b2<CV~sI&SB5CD27SNv
z!-m(}C$#zj?n)WDyo9E}0+QpDrlgj2XbkfmQ4fPeU<nNx;?vD1MTnzIq=sD4J%it(
z$oS|eWb817%MxtT>kn37?jt|VXP%{toZpFoD4j&O%PeJ<L*%*B$J=}kEmD{xpF-HL
zD=0pZSDeGxU%YLYN*o{sDQ!VyJD`|%_+X|CA%trfT`p0@rFYxupu?SPFAXZTA8;xs
z6L&E!O0;`o!-Zt_%ob8Ud053u==Z7gGGEBcCxsbxU2;XOr6?5g*d*~HxXK2=jMBXh
z9NC*ZkxU<%XT^dw5nf!VIWed*3usosWnSKt!(9{Wo)7x)T&W<Kn|Bah#7N~NdBLQe
zJd5gXkl=Wr{`;!xz~09bfy|Qy^eTE1hQz{Pf^A*yB)g?d)Q=_>)BIGwjL=bo@pnrK
zvb7ILClL>iHyT+e&}{j@1PO|@Y;VE2K6aO+$FX?{E0^mJNW_fqSZ3-3a>ZEONtU6{
znzdAGrEdh1POjrT&?088AU=U6u2)baS1YTjUS*Dv5YMQk)jP81*|XP0iq8%R#f&4=
zqcCV{S@WSz`S^HHl7#{9Ge*?$if$$@b+%&~r-sI*O9&m5z!*2ao=!r+y@jv>l`t*2
zH`ihxhxC_eo~^Pn^E{n?{w;5>dM-Ohq}RUfS(SE-#wiZZus25F3lHeW^!E|Ouo)a$
z=u;V$axsqDr}lLz?tb{ZQg>tU!6c_?_q`H{N`qat3HlfC+jz@Iu$wKDuIk+&n`gX%
z(D6XsonB8UdDHKSUTc7oeN1S`TTG#>mV07ZEMi->+_f&J8|4f1(K4P|->6fsIj}rB
z*Vi%JKyFK%({FfgYakG6P(k|4*HELTZ`p77?4D#4J7)QpH5?;lo{AN}cQ;h`xm`|Y
zx8>fwvOdJ$;P88?%{$sYiH3N@1?gYXgn_$V^qSx2KfE~3zwIC=K<q$>@lJ%CFS=iG
zVh=5|R0W-dBJLVn0A<?S>T=^G-As|j-r45}uW}S+fhXbVy_P9GJv|4Z1-G-$ICT0M
zXG$3c9k2o91&H@;dy6z|@0bRVP}lB=Y;e)%X;r-<pJ22az;2RpaA`qZhF~QHfxr&K
zT9$0Lu(z%Y(SQKJG;pzE<~iEU@I@dQ-nTFTS~?1|Dy1A&!+o=2h8?DbWZ<Kh+7U%E
z0-Gp%Jb_F=?2yrlLOmEPLY38z>{7v6+q!lHLhBtg7kugcIOXMG!C;$fYd<j;X5@?q
zY?bxBRIapy<>Y7J7b@gK*YlDGgN!WcyEY4z@|ywVd(4|;!dX0*JFoiDq9J}$LVC>W
zM04SDCZxr3o*oExt-N^$HY4it05r;lf>Qh`O{dH3S3Tv7$8yD0ia;GyHqtipZT0BK
zfB?6x+QWH;tsQ1pkqyV*W(1-}(si#PCo4+@5I&b6sP45Dla=Mf=K-V})%rJPr6!Hm
zpGl>t!SD+M;`h60Y)oS=_jE~3_56;t%TI?!@leLX2nK;CRW{H=b|QRW^+yo$_LM;%
zDKJkQc@PbfpgI_pCW*`I4$P*LMd(Edf5d7}8!71MmH-)U?FOEuq!-N?svZ`&WOXl$
zQ~(+SxZ=<dd^Y6HJn$VjON+3dzT>x!Y}bSIDJH)zoHBz~sbeEJK93K8XM6YVWNn}f
zZ~C{2ua>bgh59|;!H_$X{`dN0TCVS)V(@1>*i%SE<mB|U%MBWjo*Rsr0<4L-tOGG5
z50@Js#E_tH0i;zb!tFPgF@OZYVLjW>n~<%A;Y`REWepPqA>(lBCBW(F7)0PO2{f2L
z>zTlA)x>8~Ykr==0xnwcrvGSf`lLhZAi-B}f=bZs)#UMeNtC#WpjXYggo3?uuSN+e
zhZ!-n8GrkadWc%6pg8{5e+rhnm@hzOfd*@c4G=)-n4|e{+4-e^2p91LBZn4KRF@22
zYH8K!Hu=CiVO+i1*#pf3+k50vMcnrWL;)~{m=2|(dudkDz9k0qP1eAYyk>uey#kI{
zRNk8%_BzpM+vr<Er0)ZXlG(5@b&#ad+BNdQLQx`Otk{U(BLB4(Iu;tHV#lqLGW~G7
z8OX@%cJv!1Ht<m8v*%rWeA?g(Fl8Ot50Fp!*!cOi(6p9Opu6TUu~m&6QDq`kTNSS1
zO(J$srl92HJcRc`f!UX4-%~fLfRHAza~JG1LHMB%N9WA1q?2D3L&cW_Fz(Dr*-Yg-
zJG&y>+dzR$UH|o!uVJukLQydQ9pN=<GkWXAaZo(Cs8WoFsJ7E{zkWre=0=kY64w^o
z0M!e_)mt}zGY{H#b#|7Nl%!d}AW7U|w1Y6H*kMg6cNn~(QNV?@(0&`9R7AuIk%q|q
zFa{|T6lG<zZ6BjH7K=rTL0Sg-*duCU)E}(uL2!Hj{^tZ1B9I+R;&%t|I65L?5BPy+
zJJI#u?^YnJsBL}&@plbYD-Oxi-w@kJaK&+2MJ-DZIZ_p`;|QF6hIY&ucvtwCr7Dwp
z`8R>0iq0~h<F72?Lc<uU7#epOQ4_6hszWN^aRxnPH{!{mA?5Gx7`9-(gL}0Fvm4w_
zo0C9cMVTJ}S6yUYzU-F;Vz60Z?bp)MR~|ItO8+HBx<Jumfh|ps@VbuT_EzqXsQ&>)
zVE+B@3II62vdmyH0)6;if;Z7boR*WY-O6>oy`8YEmM-fAa51%7`+SkJKA8|qL^QFP
z&dRp;Kk6VZZ=m0`rb_K}j7X)^HniAX%h`Yx=U_B)y1ZkJq5(Wiwc-}QXaIs5O2B#{
zYY~zFM?m^c%dPCdpk`u{KH!1r(tqQ#`J*4ml8f8bGv_jw@=$bcpshx$=T@#+@_;Ia
z)p9pRw=DEzb*zGLtRtK*H_8<xR3lRfg@lEnqiKy&Ch&IYldK_T1mKt)ga(2)k0TQk
znFT5_lSdgC8HYxv*l_Up)1ywtp97&$uvfl2j<Zm^-UBs+r#Y3u#GISprg@yKWD-7I
z97eT7g<jf{<KjRzHcbZF;tJS>H6RN^W6!(1^C|w!@&&V(dD0OtC862v`+WKTbi0nk
zV$@E~{kpaSa4<@a8>r1tYuMmc;P}*jxgWSskrOY!O>t@f?K9tu$(BI8Q2#Z`p++EB
zmUz&VgoK1(N#QeVe1atfL#hpR{vaUq_Yy#fw|HeYy8lr_rqB_nmOCn#TD`_hRavTR
zD-Dv3EFT-dW@_~^2~YC9NArf8ssnWga$V3U{TJZBOFOSssu1|2<a;*<)u{bpFa1qL
zafQ6ZmAYOtA7nO?2Ytt#1!h(t>OstEQioMQK!`)i%?{^3{(hcG7#v40s-};C&(%XN
z_6g#h>e<K6w-B>z;O_(bP=xhif<yo@r%YwgriTM~2aHFUQwFjgopBRKMG7V|#l^*)
zp~z4j5I4UH2rR;@?OygfEUc=frKPo<4Gp*cHWZK02ZJL*x1*YzjI4kpy^y*A$jC=1
zVSEHab}(DW&Sivs2o*Mp6}m;pU1-PpT~RC(NtAF&Kh+X<5nf?Lcm;1~LtQ5VF)fy<
z%sFZ8ja{?|RNV1rPJ_vZfrW!jGAI>a(L}AS`$JYd%jov)U`AN}vNeD6b`$|ax`6HB
zbt>pnovbE2Iv93MP$_FR)&3WX*#zf!-Lg*isPfg9@Khv!pGx5oytZg5WfN<T_HErG
zUK6GrW=TkxCV&3?tPckCi2m=_zVs80z*eSd3Zq{IF8#)6p*Gu=nTD$+2(;VRuikgz
zK`n_0-phz1UcU;cME~?bZb(!4si}vmll$!^&|_Bnbptgo>VF5jTi8eil&<UbRj^27
zYy3BhY4BccfqDf0M-)}J!QP&aN^?-`QXcpLBCj8IRN5ahUc~`Isy4Xh2!xJ2u8swy
z8{iBW(JZEJWi8+|YVYeCRVLH_eIE*dbfEwUfp}C1TwlPoP|O$9S;v=eubc<zIxVgf
zt(8#kFs+W)sC6j{4*Aia^{JZ?iVM0dXBc}A?l<1*42b>o@tzUUZQ37VYoi*)grCcG
zabv~WA5a%W_WsHUo%|j3M!2xdEPdJuzk4rCxz?hx?JI{4%QxCm!7%gy-F0URT&ZuD
zzqK2Gz?*Bk@%(BkrSZOdFBhAyF8>jUPSf#ul-cAdSKqWz-(okv>z~72UShAbQ^*vN
zQsto3vp{^vUqH~YKld#6xYq}PSYkwh{#>&t>QCkuEf75Vq}!5IJb#(|$jj0j@r(k6
zfyYbQiYp-y^wfW+41p_+8Z5-Kl<R-nSBtTuRxJYYkrrG`#FIOR3;)RlAnp%bQ3=ri
zCFvjm=ovunxj9oW&>KX;wF4te#%*s5zw&zfll2~MPJX_{RF#AJSM!fUpdg_RJ$lol
zwNAR(`rNi$QN)ZxxHRI<4K#e}0U*66I{*3z6%Z?6H$QwqacCA}&G^rLLQ}?JMYtPE
z(;b$|zu(94JZi#mo4p*Z?SZsBnEmFRDiY`dUV!IbD)~)v{xi@>zX@M{`3Ro%DeyV_
z_zpFoKmd;CZAhnqe0N;&Z!o}?0R{Yrm3^p&%Ae64n4pqjwnqP!lUO{oUuHB^go7+-
zU>MdTxI`nre*IblL6VF(OTV!ZP(J&Wd(M1sr~t})GOdsrec(8uUMD^dbw~1UKRgh^
zK7$NB67p=#R~{tDWXflM5>!-H)`n!}IkU4I3_ikZ7ohO4H9=LI*C6;0wLD9IUy=I1
z4*uT(hwmb&V^QlJ;U$Cz(}zHW82{gxx&OC+{Lf6fZdStiQk|D)4t%a+eUMg%2_yrm
zEm#9SI2urIgWhEDh<c#@Vy(Uo@|~!xA!proAk^*Hfqx0CtXimNNdoQhEl6X-Qqe-a
z`P*c4d}=vGMa471%XuRsBXAQ}prwy$*!2Lr>!(Tya(59N06rg8)Bs_6qsA7NoD2Nk
z2ZtP$Wi8fg<3CwWwXm?TIrwjD#Gc~ayVd38A2rBbV9ITwCdlUCe^?#D_W!JoG}IGF
z6%r8>=jP_Zy@`#WET|C9PguGPQ8<LG)SP*)+CYpu0C!@j{0w{%UO;6~Pj45Fz`|XE
zwK{V$QvO<LALwkYV^Ej0phteH!kr+KF8|oqFI%ZVT1lJ00JRyP)?X{SZ^H~n8jJgi
zWG$uucrvKA&-7yd&V0{(l<`NzKY`WHZCLrw^7xVgn)aU-{`pF8Eb0be2s{fLRdBm@
zzx?~(8Nj)lv2MCq$?v^w6dy#x$9S(9C06J4WgR?at-JppT475*pyLMJNL-<v15``x
z_a_VfV+W$YS!4eI$`p9D&?jTiC=t2nI&+HRf}=G5KI>d7nk6ZMn82){a<K{Qq@uEB
z8F-MW1p=Qx`_}*dRxcV<l#zh3fqwJjBO@H(<%2`U`On9fuzGLKoNqem+3#2Oxm*4y
z(!D%9P<9IjX*UdC#TuI)nA#vc1|};bC@6?R(5IO?cgFNTQ@<riB@%EAu4HYAtMiR(
zHrA{_JaZ`f)hdJ$!^6V_n)Y(_!_1v<svxXAZo@Zp{vWphj^C2b$CA*+0$^9|LRHvx
z@vsJIRA2UqiHWuV!d*bGP(AN$cA+5Zt@T@OZf+RD7%*r?-?QWdeQtcD`Lj*_XJBOH
z063?t1;^A%&YP$v?nxm2UqKE6kBt>pbNqz-Zq84i+tjy2+B-Tz0UdYw;mPLD7kEzV
zP#S?MRcqB2@Q{#op=*{kG&5TR>+23&bDv8b^ryS|<<l^G${HO|MF;pFKIY(N9_Tm$
zT(=`|p84mFj0Eo)KX|xM64gV>j7{?N)*lBg_x<6s+n=qQn+(seroI@-p1stBBkpG!
ziqHf-8(y3>_WX$<*ijzL{*!)q{tSOzc@U15Uj-k?)1d0Eb%yVv#|Mu<88<i{)m~*X
z>DXK3EZXn=_6)SeV8%3(xFjoqCNpr|oiU;NImy#%kDc%&H(;Cw7?p2_U3{cV{IHb$
z^GeGZ^tj*G_V@Fv1BxxGW-W*YRSOB=Hwr@WZQRWTrlLA*byVwtkg4+eqZXFNkN(Q&
z${IGpH6i|g*ellxfXa#T#zBRuE58!aLK=5!&j%H6o_`KK$z`jX#6SL_pE>Sz`qlUH
zhm5;tt632QaEk>xsA+jj`!xB!#aIcA){i#-zWUSZ`iUwBv!^zX|5Sl1JJ;Jy%KVFY
zsz_I`U4*NW>KQ%twiR2(<w{xQGntQaubw{N##*+zShOO8s=Ko!<Qq?#gkRb&GdTJb
zo-{3XY2;_K7~5_P7h@Ou+J79*jNjuC$i{#kUzzjeS>l-^kxgyt&0&zDt4NxwS4PZA
z4ZvO!hv)@t_bEiXc3-wBSG6w|v^{{Cs*PNTL=j=*;^O9RRza-AlxWprOdHj_Hk{}W
z;Uo&Lqj3H6XgV@*lsH)60><)U8xCFWJ87sR-iExjHZ(3UGZW?J(4Yzgy#<cEoqtUX
z4(|AR9{Fz9t(Ak!+0M=m9M1)#MErZnIPcd9EouabJzH~s&0K8E1pOfaa`<p>0uL0o
zov<N&Ik<lHtj?U|&-m3}2%HZI0D2`*4gSV2j3-(G&1<<8dUKY+gc3D%ekP5d9_uak
zCQOtEDxST{99pShn~M~rch0O3&?`IAWoBlEb4~y38NOO?nA10Of@V#EKZY|<d)wAv
z(D?59b|;6{4{``-Q3h!1e0u99#26R<TXpXl)nwOpi$;C00iq(HR11m%p@{Tmc~I#J
zgwR4SQbG&8TL7in=uMO&0TOyoK&o^F0){{k5HM6jugO_?-uK(z9_Q?{$JpN(`;2{l
z$)5yS_r2Dd*SzMOS7%2w*$7||H#{g$1B)kt>Nra^ly)Uv>1`Sg)b$R%sT@MU|32~K
z$9Z4RZ0Y7G#d5$T@blP2aDZ?3n~tp!u+G`QZ{fs44l%$BxQM8Fsv(C}SKq`3&Fg2)
zSNiRL=u49ouWq?lC2jbhPZ#{uhFxX6l2p`rx<oaS#Mz(05BL-C7msuSQX2!hkK4Hd
zx`{w49u7K*L9<d>uL5gExY20z-6|$$jJ$g~8EjdlN5Am9hvaPjGIH06n)|?*DuUWN
zm>O^MW8Gx<eaU7AeZF{hEc;Y=E07ycx7~}e1Z84CF5I8GDvhxn$Wf=3Awgf0y6K`M
zA1(5VID9)g9Xmw~joF_ff9-A8B>GLBV=weWb7O6$nT(VcV%06ippxvs5U^AqvF&yS
z)l$>K*eI&z=UcmDl6~6Pr~FKKu~*4pQr4p;kRNweH4@vfs<9u2@FCh!%NfA4HJade
zl~c7;cHB#U|MX_PWkXzS*01>BMH}j~J7EdF1A9{DX>DeE3>YvS2gX6qy6v~Sy=dm7
z|FIc5TOQ`;FF+?x-?0R2Ty1+Xb!wBb$#3ICkImcdFP8VWduMvd)}ate>uqcf`!YLQ
z;Q!|*7_(!!Z}MtSa5h+1iTXECo9~aEs<7-=YJ=<bsnc`kW>jC}-+Ee;x!h>V;5eqX
zQZy}g_4Z9BfC+lPF5Y5-I?es5>65R`E7{LeU!-U|9q%{67V*$Jfr5@h{^Jqo0txmw
zz?&EHrz;JW1bSngs9)GZBr;#OG1L4cPp@2UXRq`dtelW;T^l(c*e3GBPgThr+R8rW
zHzJuyYFnHw$j?L<6|pec164RRfC6BbMS9#w1vSy-s|+mKq0pnF9d{1PJB6Sc4XixW
z^3ZMPJ1-tQO>|dci=#|3wxBLJDydyibH~5#zRW7!P8q`mZh<{FO&I!7YJ=jF+-3a>
zHANT!WfebmYzntrU3SvvM;>0sI<!50CK1X&Dv8NMt&Qs<*oK?5&d6p??ELgZ;C}Z(
zyDVN3;6^`V9#wm)!<f9#t`)$TbBv=I%qppu=xFHfWR+M4`>5lH<-Rr8E;TiBG>(q`
zx!V+2W6;%^j8=;Poqo0)Y)*sU?m4M1`B@<fd5@`oU*|tGrEV~m%YIEuZr8$9sWwX1
z!1@UXm!p%@?zc#lb6oM=?MEIq@EJXc6+6@i8V%`%);VX_3j7SYb<?KQk?Aj!Ofxbv
zsFyD#wkk$Z<9r)JUM5)uC&fA-;#GE^q}Ko*bozp6!>^aB)9OZ-EPC4upPkofYZc5)
zXg^3?&^f<S)*c<{R}}!9u?O9a`<m%516@8yw+5ewpY;t{PK8Fil4Oc5g<q=v`t_CK
z8t_8QR5%V!<*(-znfa&33bbu*ZYHyU7dggoI#SC189++$fzq@=t#moba}DpvS&X#8
zA{6Kcw%Vxm{Dta&c063ze$Yb*a2H~E{ZzKi!7Q4WN*ax#8_InpnZ53MtkoBWIU0D3
zV$MrmK8H>&Z&l`G%b}vAfzMy=jYzzrRETU_{}PZB$2%y47guLjTzP%x_O8as@lUm2
z=2WZdk{`4CY){Hgt8mCKYqa-!T9_ox$;G7zgNd71^-%UWhW`PzH==&R+!1L?c~dLI
zeo+#rXxPPt?!Fate>YX!=y#J_w|T0V!nlP(_d7!O%d-wdbvnui{1DvYEmJ3)8}zhu
z^+1ibzzD0xSb^hjVt-Z^HCG9M@NP2~{twuf!kOu9(yiU`ck7P^(m?nDXwPkfDFNY(
zt1^1)v+AFxZ2QxyG@G##$4>FS6e^-NsG2X(z+Ir<pbn%CWB8E@Nr%pGQEJrXydwz-
z2~;QO^5pp!Z8qSp*dzLN@to8hD+T<fdxHeS?lDDh0R<+w{%HO59aRRri#d#~olW&q
z-dqEP9RmsMk+<+Qk$@#r{)Rd_Nbzb2`5JpyuY_^4cUNsYDdn{lVrzyRRMt|OwM?g6
zV-$sH{)q_*2TAl*iz)IGN5_8-6kxm%HIJr!5!k;o24&od$6omP#VA&-oHvr3jN-8V
z%)PY_Odl%1mrW;F9Kb?;7Xn_RjfW-MvK5=d;0rw9W+2ZYYj-H$8hy6Wdg_v-IiVx?
zCZN8I@SuXq&kPVgsz=?sb@Ui+__VLLlI5%`PwQzbkb(gK6Y->8>3?tmdH^giV1v@3
z-y2V3vX-75Xhd1`g3#NT2aPpH=xd?0{>BZ{Mvg|}G*^JuLz|D>s_(M4TZKT>9nY5k
zesY_w1V4K~>{E`$sp;A~`=`2;L;rwu(@xnFLBHNSm`b9h@SYHPDwGS!|NSD9O{D3v
zG3eAmz9qfW`?-(0dni%tpX8GNKh(tl<^P*Y`7c!Dyd+@kXOIi-iJ+!A4}8On0w=7T
zVd?#Uqip^QzXp8QfBpaX|G|glB0w(fUy!3Ru46S4=Xu=@#krQmRYT@3AL8UqLotOt
zWpSPV<;N^>`iAPGpNtpf|76O9m9^=@Kw>Iv2)@x(<-Qt#DX*B?nw7p)c`WR%uTuxf
zcT{#<s(xy|=5M4XmUsa5?JvR{^m*_(PVBbj)z2B&bBPLP+*+a`4?)7-<uP%lOI{u1
z#6U9ygsQNqsFhvaF`UnGj+|6ckzo4APU$W20^t)&Q2GKWkCS%{2NUbv<euhk$xfJ}
z`Z4HGBbby5B%Mo#;#W^MjkcfI`sBFf;<VqKGhkjG2v`2&rBKo6y;xbHswY*MHxtz_
zy4zjf9T^T{VMjv&Z6N1(SX9m?BEe8cq*v!wo4`ueP2_#M^XJs;5~OZAXZmP<r?K?}
z3bI>j%hPfdO{-mi?&)xo|MdH~>WqxNd!Ik=4!s{J4YuzXE;=yo^(da9Ko_=j>h`h(
z%p@cg6>UraFL&<u-Qy19v?aEYK76*)U}sKH*J7YdW#c<2IRoA2<wqPS1H-p+gGQev
zkhTPZwOhpa6SG1b^;<Fq%Mfr4kr1~#P9QkB+C;!y0;%VSSJmu(`!VV&^isu;xrM<k
z5dx>PQoYlc6_~A)8A5UizjWwl(D$mFC?lj_O|}BRhg2kfGjV3kGqSZuax*RERKx>b
zj--n9)FqXhzTRqMbX(!jCbK{N5BRem#EG$zMlj?GdImY|J9$V#JT&>h6TR@2Y?em(
z^kWPrgm;4<Yu_IBSk={w@4<>f(K<_Uk(4U!t)9%cdjp^ALIXz>R{DbD-%m)?PaZoE
z_;U!-$5`U-QN!V${nf^}RNv6<O=zq|=K6kcxdY9=+ceSwxA&$rnx9xw5ORMGeRXXa
z$zL<kWx8a#9O#a`j<cD6U(%SnIat2pmR0toH*tNMRqCG2l7rJtpmmcOqt3uuW>wzO
zjCbFNhyJm2NM6lHLbnVe9{KyCOi9nzG+GiP`o)Z-UC38Rq=CYf-JhlzhkiB;c+yql
zT_5`Th($-@5vCzBGs|vBHxiz*tX^-}YjHaM9ats0mj;%YDH2dPvy4WM3LvNt3OWW&
z`S(8!xc@q|7Qs}YT0GY1=|g!jKN?y6%ckg{w^C}Qrtx4`EnX?b)mTQ#<#Wc)g9012
z-i_)4XqNHBFwsZ~50%DxZi0uqOsudA?8eEST39rhL;tCTQL>P=TX}OU8G$2LmJWFT
zS-ZN^%|yam6a0-JE5Z?rltf3Rjf7(Yzk@tS=|MS;jx#-D3t4qrG;w>elrCCF7Lp$6
z?<_E`r&_7|AbEB)>f`95L1zV4x$I~Ax6Nv{oDhW>@eucwhIm^}+*Wq=Xct$}?%a}e
zwGUKsacbbknn3zl@y}ws%DZp1I)6WLiT5`5^Pt2^vt@oYGJ(uJ8%S-FwnG%dM7WB3
z_#Wqr?oJc8WO7YN%_UUjxTsIl^hiF*dfCRzg9ZBX)8S6v>LN3V8>pL=mXB9txs~la
zrV~@*hbB-fXmMTB`hf3OoR>3i)*+WHa!uT}qoH&gbK@e<UR>d+s)SH~!WBg)PQKtm
zRal@e%-*^AT_OLIQF_WTf!Zyp6k-`xyDP>>U}Wdj-UwY)Ut<dEtBagg9a37&s8YP<
z4Gq{1V}rPh4FW0*ZL#Py&LfP;c)zj>*VE(1-Z!WGPK81#{GNWlej7Q2Ho`Byb6&P6
z_dyOOR#_~Y>?NpEQ}d8p@pnIe-hLR8o0}9~g2PFTl~@wW{M`<gDpuLv>+Y?hheL*C
z?7mD4_XjFVFO7D06>=8s?s%{mu(*refObZ1tSnBf{=qTN8W@sI9xI4&=x8Y%_$k@y
zq<9UPKK-QX*@27Csg@l_P@hMn(krj>XOgNS+=JDOeZ$|1lts>2gxg%d(b*2qM(%A^
zJ=!6S#4l4#Or7<QPZ&SS3>=ywNH5&;TgY(dJqBh)qCiWj56zaC6w6A<ubzAUadWdu
zqN-v4Iiftn&5I2^K;G17_`|JSl$Bt6%p=R^9`W}Z1XJ#Gs3OW^WAGb_*hQ7(=23Q}
z9i;i---fuG%(XBt?@km4!(|lOt+eaSiK(fZyJ)7+bSGBGT>fxloy}-c_4}Ss_XE}H
z#eiSi5%#J@73;gFtMcOKF3RslDB6>`N2_v4yP^b|-s~SUPPTq7Gv0dz)tkP-JPp#f
z$p!)1#NV&UG_U@8=3G12rJ#A*djIHX9o=*zvctRS7(^}-V1`9>5zU%N3*C;cUnW%?
za21=<e7+#)<;9E9z6L%M18%1NTjM+?TdE{adKS4+MQi7iamR+=mjT@|Nz`Iu1buE9
zrdw6D^uucf;fobeM3M6~?rGjzY9Wy}1z1-4D>~;rCrf&?4?3#d9Gx7arD?W=O^ZcU
zKP$(0Zpd6VeAKrst0e-#YpyN3zfw8b`ra_qe)hKz5AAxy--@FqX)A8qb64({IR*NC
zX$aI?kaZcYuo^_u%~31UpYrYaxk!~m2zoFf(ScOuR^$6cdEr5*lljK>>1zfC5#MT7
z$=ap+lT5z!C5T&~zIX3~P3-PFqOWR0?gkf0pjL=*R%1H#0e$Ttl<HomZ0IMA+oT`d
zS0MNQ-eSDpeSn}fma+2~%(H7eh(6{lETmmKO($)Tx@DxHD(QN#AP@7-RK;uKkH-J}
zid=RLvi<TP&Mo(<Z%*n+9}kW~M&ID57JJfQNgkaY;=6h&hG%?pLs1wbR$PNxD!~>Z
zHab$wMRT)^y|#+oig(=-*7)N_RFYyts5HfE35hzX)tgiG!?c!XWq=As?_0Mt@c4}H
z1#;-q{DRwr>?7F?R*43K&&$P0yG@IxB4`?Ex6evV*#cVk@z>Ak0yPwfLX_GgYpa#h
zM|Ov}G*OzBMJezK3fWQCz<^fW{wLDely(i}cgkj^#&@P+b)2mSZ#DXHX^=C>Bg_})
z-ZehqxF5|kVG`P3apT?cXE#>Kbm0SQr{LK@Tk`utO-<F(&y;31J90te5im-$*7+;o
zQx6Na160buqHli{AqSQXHa04)jO#o?93c<Uca$Dp`y&FmD9<bSbglnew$QhtF8$+-
zrp$lWSbUblZ87-6|D$djz_wv)um2C|Zha{QVFW@D_g#7NVaPXe04zyBI&c_raAE9g
zCzaFk;^mMJP5+|~>Hh|}J(mUs6G2(3fW8U9{JyjQ^PV6NH)wb<nvk3JZLi$(Ds$~Q
zIC?cI!6)OQIgKE<5BY;8n2D*W1)%j99S{pS&tG2w&r$}ObRbX0s^r#4`%83SURj8<
zP4Bk5Lgf&r^!toW-$M{N#fqlGI_dx|ef&6@=x!bbe@-YEpA_UBaV2J;Ror~}1cyL(
z1~^Do=nVG)sD;6R2``jk`pfcC3H&*c7k6$|s*I;pVj4DgGdtc5q<WW@<bh}-cQfG0
zb3=+0MklU!!pgKy^jW(l(W>YFN)O_ee%QBr^mcai<PbX`%>ZZ}_ZrleCHqYS>0F0h
z+bcO9=4s8+=8FzS^7;!rbJay|UHpGfPu|L(lZ0}LId<AlT&V0tw58m$@Fh-;rfk=1
zZgll1lrtOVPkGGlsw4nF#e7)w=X(ROg~i1pEDP@!*QYtJCWoq!Bu1wY^lZ;@acvc!
zX8e}BMVum$UknxSWp=(YO{pdVY^N!9!EvWW3P<|CN{^t`$CGeY-^@%)10OrUc`%PM
zm>aAEyn~TDb(pF4ofJbeqK%G?cHSpz%nvF!k0*|oe2`eLK}@Vwh0<I@;R|S&%BXFp
zEoJ&5?jUj0CA=rspucTxVUc)KgtJd0clXxi^G}ZKzT+d+I7C0ERSSC|jlRF>Wi8|R
z=4spelyr^P{N9#AAg5veQF50V>eUrlMN$*GaoqEL`<ePW*^NK=c{p9MqyvAG`xY+@
zbYK{=hR2W3TtPpbZ%wieH-Z|Tav%@w*5~<X{|ex$a(OrtADHsoeF3xWKpw8Z+lAO1
z3_;Qj`FN7VV-0iT&7n9a$7%v)nJMW^!61k-{g+3;ZSgCvM#17_(+zgZJC|P8s&6gr
zdP}EB8khOfNQQ>8F)Q4eSCwrJo+bZ`!8-O-GAB>`m?nqV1&4ewbHq&EuJX)lNSYlT
z{pR=gm1l=!K7{tN4JCTx0^wJl{p)Xb-Ah_>`YQCOw~}>|rbQXvE&25{@et`+>w126
zQK6tRs^ysr9k2DE@f)EcyL9%tVr50q%|OWuEd?%{L&KwH<|=sl_)Yiemj+0Tf7@iR
z_dflZ$DYV=|L<K{N72G!qmTWkS$;F}K5yKh5H{zjMVVLs{p^RU>T^B!PsIDf2FC}4
zx8~e>MCGKcMK>PRpeB(vaWJ=y)J+oCu$^ebQf@4w78Y{VxjDVAmg7*^ol8y6ng_>H
zSv5vwkWU<q2MBq>_5z4t)1!B^ZN##o&ghN=Zqy$-@>0{zgqOD;A{I#!;Hy25j`lnO
zzoyAuBhb67y^yx1{ZZH{&Gcp(p+P0V?Jp0n>F#c+#)l*fRod#F<`10n$WR%3W0le{
zc+^{smd>axH*Tr23(~d27j9bscFPYm?QCv(D<#-e8p(^DJ*wMa^$556M_|!In9m|5
zm9S@NWFlSeX?HL5$b3SgHqz1iT-cXKl2}*j`jpK`eUWVs8A;icBfKG(u0(YQh@LGk
zmUs}rB=PbuqesVu9s1Z1#{J-yGhIv3!QXil?*nu20xzudmmzsnFou1i=~HHPvDqV@
zI_~gXUDxR~WS3{}N1Y-~od(069LwTKOo~;orm3^0@s6W2ug7J@)4!)d+dM{<(bWx7
z$1D-R@nZ9cP{?P9F>!sPPZ(dTvu^3}^3BZTNjh+^{{57sli26xl0FgGu-S9x=9*T^
z73Ok+GhT0yZ-J+kukYnsbes1esSyt{FC&{9GGmJe3ez+=``9fGv0OXEc`j_cAYwR3
zZ_r3e1#V(uKCHJVbl_zw0u@=whxVV4KBItPm8;X*YHHt!G-Y2OM^}wQvqhww{D1zy
z&Fxlbf4!BBMwFBl!;8CSH_~nv82e}ye!`SAxQy&36x+dabEkcaCr-x^<bR*ze!%ia
z+(<^6Fz!(X^|nBJw%;0${`mqht=8_(&>`BzE7e;Tl>PR;J{4KEx(?j@Rnno_wXfvC
z2Sv4|4uzPO8EaQLse!^I``r`6!QQJ?SONZJrwN-h-=mPDDG=t9P1~tzcH`67ttZ0<
zwW0`tQ%M5+e+SJYc2--qHm5aKSr2(SK3-P;v-4#<{^rYV2+ubxe}9ZP`jqlf;pK8z
z!rFpJy|C<isN$$Q%s7~I&0yH!Xs1HM5tFjC0D9SL<mjXCy9w*1qqdbfh7qgO6n^D;
z!@Mq(^6_J1(EM+5AL)EXCgqsY2IoByr*3YZxo+%-P|43xs*Hr1IZfAIZk3>IMl)b=
zC&`oG84cl8>u8Tv#P)8oix!wDIW+g><&9l5vT-%7ai6N<D2$mnC6OG#tKfD0wlx@e
z<p6|ym(<VJs0)d%^=u5Qjm!QrO|*TMJxH{Y@aJ*Ilpj$q0np>r6q?bhG`|Wc_}^DS
zitlu+?51eX2Jd2uxti+s7dCK@#4=KMaKjQ#L!Tk%-p0jt!@aby3q<x3oa4@jY$S=(
zC-!xMIj*9>cJd>7ia%kx_1<J(+u%L@mMA1U7ypQnNyl7}+zlqVfq&4A2D9kH*Ng9x
zlVmF+?+g!*e!}UJFvIR=b(<BcWq+DE96MXbv&E;ohQp*P3wN;GQqAz+cv5_^9}cp4
z?E(V>A9S4QKfXZN6b1w?*rO08(TGRXbeA@pz2-sS$((<hst4=I&@c0E8;Idhye1(3
z8|FdyC=XYvvfg<Uf9<cIIgU@&%Fekn7sdIdxvr7rBxg6VVi*OCkX=TYR$4~FxYSzz
z-RX>S{GmAo#geAV;-bEo!?c9qDC2DE`4%2<-4|!2fN4La<jMO%R6;~qafkf5aSwU8
zi6sv7)fpYl>3-0mu>*>p12ONPO;722AXp0MphC8MLuF};8)#0WCSooVr#nqPo70Hv
z=*1HQX);MY1%;!fUcH)=x4yC*X%J0Ua|k}t=j~(pw3}s5S#{8FUT)rS*w=^2EJ4bt
zIk<lGuAT35T+gQy&2@cuw6J}bBwwd0`L6;H0PZW$Kb)E(X9NJD!T`mqr^FQm<>4tH
zTh$>6D1EZ6T@h+Ar9OX!-5Dsm1d|6Tc&>HMGtV}p24eN^ec@L0abd{^_xq+Bebeo#
zF^~m0evKO?XG#MgWOT_8NUH>600iy32M|f2>B3<5>JAL;qyAZR+b2jeeRq7~U>rz}
zK!lbR5VP&9o<{`#x+1`k+isqOTm)&r5O+L<Tgn-s9six?%&q8v5l4T9E)<FXyl-@g
zlvJX$0E8c4%$~jI1uy~g_9yE@kk_X(!2q{8Ow~{kIsTf9vEGmnuB)JE!lcpJ@RG{2
z5(~)+?zF2Q2L7Q6(8%2j)Sva}b@quUaa$Wn5<@;&{c88KWOnqtJ^*^*uhD%v6|4p*
zU$m87UWnS`q|sS^Y#i3n3~nBH@FpC{#r*D_;!`+xQS$7zpQWzoQMsu9+$j=2fb-h>
z?uJdk`7qnxi;FCCDnhwUI}X3Uu|F{ckM!L8xV#7gg}tz`q2S>6)oh#T)m+U$u2WI#
z=v<+S+VSXO^SXICu4tI9S0pb{1q1fbV|#%1&$Ar$h`jrjTv2OljW}=HHpn%i%@&?r
z<MbE-1GT`<n1S%uw%^15RA^vL$dX78n7Vx(_->B)rG<dWQF-q*;hV*8Za#P4Na-C(
zsrcmE*$}n7p_QyJTYb5HDlbCYYDzOrD%{4E?zFiynwA(EjM_?@ao#-3Wmf9%<{R4`
zAa=I-2Z>7zEv(X@j&P1!p*>0tY6GXG53+w|Ct)3(xM$ZfR^<+^xhtUuA=N@_rsu@x
z#o|eg1%4hOGqnfrkQb|FDJ|Vz$W63Ftu5${)K|-|ZxwD5cOo_G;HT!IY<(_i9Y!3#
zB=2?UuZMZ;^LIak<%-$Ni(PuRB1%aOdD8JK+*{K8Rm!)xS1GN6xVi#ctMRcZOk5xb
zN@R8z*2+7VErAtTJDL4aR~@qhv%jiLcAT4yllS&cc{H1yuYk^r%!84xg;t7*ogHbg
z(QBl@dc62YWjw6L*MolQSJq&JO&cFHyeH-?{vFh!O+mYSD_<$yq<DLy${Qal7}%OT
zZ0lTNXY064O<H;h6D}(qx~DCGFx%*w=THtgpvmOd)cneg+x$iyTGdX1X7Y^Q^H77Y
z74~%1%Q~1N)B>-S)=3E%R7RHgq5@%v@rItjTvFkxB6?2s@0E<u8o_r{cD^ByKJU2>
zCMn46y8zuj@=~f?ibA)w9l@oOOHnI*8Je<lv)8mv=3DkG4c<JYMYV%3l4zdClLY#2
zwh3hL;_=pw9p6a;8&5cVmRd2g_0T>0$d+RAlsJBc60Dhop^R1;t#)a$qh~oIZRQ_3
zM3m3}J}!>%AbJ?|UjT(VSJEPhs&V{k2USKF$;`gegTLbeBfOZwdcBC64gn#+VTUg^
zJv;n{y#9kDGO|(l2Htulm4jI0)SSNjbI!}#y!&r?XMARGx$~M^V*JOt`U{D+sb+Rj
zNtjOG^@Rh)B9pZNB+<}BIrR=-yt#;$?;>;32Erc>DBqdx=$1IRx!8?N^MN-ZJ3|9G
z<nbeWi$TxvK&8f;0q*2`0Uesv+G&BUF8#ECOJ;^Q?X~lm$!|^=PT2n~^sVIgpR~$}
z%q4-5K?rM}wa3fJp>AsI)Ywd$jSN4L_r}OsVVttP1$)cwsg;4D?{7@iFqe$<>uh!>
zSzi_+%9YpZ+y8cPNPcblI8W6w-n%u|d=&plaB$LN<DO#kulQ4c%u{YTb##xffPAm#
zV_U=><*JfT1&(tZFcd>ZrwpFg=~km(xt(hPwxS&DSfg@liVXrqwCX8bZb0rtVd8wo
zi$7Yosk09kbtd{$_s_%Ly46%jCE7(kURhh_VAo8<{9aC%d!&fH@&LAi{zkz5Da9Q6
zzUHPpSw-sL%_ZuoxBV))ycb8b$gy5dU)o{)O2Z7UG~le%stQKZNhII(#<$%X&8bK$
zlWQrXTR%A3QgCnFq!V`#^&KJDWIyBx?dz#2{<z|-3{~Grk#3Y}vLoFN0%Y=GSNu<2
z>YTdqB42If-ukJz%f!g7@sv=0i;!I}TwqA@n)$s<t{kblwaN9hb9cj}TJD^cqx+q_
z<emc%;ac2vxv{bvHUOy)UiiT4%I1BPyvXZ*-&X|)z5VYni@sH377ar&s%M9Y=YsCE
z?}z`9->yaekBJK8x5Gt@2Gz;rGr)KX2^+Nic3AXZQx@`{gHGjby(iyTA-5aBP4Ul<
z5~t7nZ|hUZRsGW{14pbVkQSDLcyBStH-R&%;Hqr;z+?oRD^Cv(6N$j)0)glpftCRJ
zr56}#IFFJ(KmG*R7>9qP_5V+)F%qb|f0~sl!VvGJLB|A84vZM)>yH>?1i)BaxeSxU
zb29{)$U74FywdV=6atio*9GfNABKe6fhIjez-kkakjBT5O!))JgEo*Uu;hXJFKV>x
zyetfe`gLL%Y(@6VYyyyEavv!Q3P=!%v9<#K#{N}(!v1X}N_)BtPl2&i)$!QzEg${i
zHhG4%CMpW8Uw<s5K4_%*i_<(4<TXRp{^4S)yYPL32P;y^&au+hM@@Xgcci4KFccC_
zt0;qxh&ms{csUr_7$e)>CLTI@kJL3kKfLSWSQp~-*?7cAD&&K&a{&(T{n%mTWOLDI
zB48}cfzAzb{W#DXv#kwEey#)Z&-QqMES{qaLaICJqCnwrD!*lDx36zE@v0hYN=nu6
zY^vIV1`2D?_xZ%uQdFs7XgDs-b;$|ItgpEj8a=yF@LGc-w{A|P+b6Q?(4ZKgph2Vz
zM2?OFM(ak}1{O64qAVC=xlw~x%B?#uR^hsCKt<SiZps@t%BknVq(qX249^kl?Pq0u
z`c&srt;6k(lAhfeEcMul>evi-o*U{dJYQoNurVO5h<Z0JJ^hR=T#-vxybs4cJJefz
z9FnepIDRN>jiJW}fe0gDxF<vRk!3!^8W4~m>20r#T6&g%d;mt*YHLe-aa83lYr^`H
z4M#(*o){aO;xUD$KP8(B2Fh6ZfJg1$TtHU>Ap-yG%UkoxTM>_#-FQ$%Q5>iRPfju!
zZ|_|<q5-mtpQ|&ALVoW10!=nB^acNUE+8r_Ja0?`VJ#cQ47VL)zQm*fY}i+3m=ksm
zN=e0b`kXB?9{G_fzUT@kxLM8Y??x;Hy0~Iu!4v%smi}2vyRrVl;DVDz$H*;=Gc=Vj
z9w`AoANI~b5{tP!m^i<k<X0QKlKi$i;9L&eVM>I;(ex7-Iv{h6^zC^1OI4c)Y5Sft
z+QK>xVH{-_3>^+SIjf3_Si1)h%Ex^3(O9>Kz1X6Z(TRa<=bU0ly48|)cO%~4;y5T*
z<f;WNQq9K=%G}><pR|;q09=<o$CwMT?<Ll$z*Vv2v?M<=dbX=Ow)>R2zFwsqDcpTE
zj-y-FNBNi6f2-dLyB~m=5njM=yfN=Sn*OvJ0@-B@eiaA$+_81wdJM#`<M{zWl_}2R
zVBy$nF&uf7LruQihu~H$`%qC3=F!$Fxu;;>*BeudoNRtYGAz<K205y0#bg8mCPG1$
zCw@Iwe8wL2YG4GvSt;?uS|fqSV*_OHbT%RyN$j#0X)KT?$~q7R<AHFAVWt8a-tqDv
z4Yr-;pts(Mu~^5&9_OO(`zQPAHuGjQlV(j#HogH`z^yr_CHQD`{)B(vUMkJ$u>0GS
z&MZaX+`)seT!#FZA(rhRGW-`n5gao0N@!|bUsoCSSW<3$$mX&Pi1=j)LowwJI~VaF
zgzc{NwGAMso6VaZFPhlzomhl1L_UDZ_^Qn|05NK+MgI#YcI#k_>%4kjJmtUkLm6T?
zl&`}mi<UIuqHN6IEk6ZGFMGz*dH`}_>A(%R1N?Zm+SMgHqx=oEDy@I5Ct!oF;&(Gv
zf*h8|YHL$1b_bGZ`~CDFp!KHa&F$~30f$Q{7@g4m%1o5QVo5$wD|q5#Z7p!;c6v;u
zP3+t6*CI((z@4}$x>73%X(|AP{NG?s?Y>U@AeE%5)5;=3?l?)*2?vG)FqXQLut-cg
zeO-$Igf~bJE=x_p2w~;p-D1nBMac`2FCfqJf3`OTFjj{+A1g~fFI5DxUD}mIILRRW
zgqkCB^!|<$c#?E1eWNjClG)<r%*1xPY$BLS!VK29_cd#>HMchqcy|y(1`FLn_ej(^
zn|S46R81k??aVZ~KV-9<8Y54O5uX_-toaJY5uA5$t6!?B@z4Jhc!jATx9YP(<=*x}
z^}pHU8D^h+bp25)%HtoXrwIf#O_NjovLo$vmA%=Jbt3%s<u)zhYlb_v3{5+A_&Zzq
zR4YTb3zT}y;tdjpzri01343w91|l*MU6LcXmQFIGf5BUa4-5>rfe>HnDI{jb;4As<
zLB_;R#<o<oi&p9`LS_Uek#w6cn5D?vGi6jrh5BkcPm&(RbNb>X&*_q)!V_~P?Ap|@
zHEovsDX#U~AOWA{!dvEAaBFqyyCaU@tKymjvU2V#Xuo>tS>q$H?k!69E6PBIFIgTu
zHxM~PzYiwsJ_uBD6>B#EI}Pv(sC%w_@jy=IOc}`Sun^FR2OM=q{y9Uy$1E1HF-^YT
z;&4AYbF*kn-_UdX#M(>}P?SajoiPyKT;?!iE_#jhW{7cD-ev9EV(33_dy6&huV%*P
zTVLD&B42Z$e+DHdol_U3x>*_@KJDJ~*pjig0F^yAF$HpPVxPjpzQE1NhNKPA&1HND
zR5J<<uiD6TT}CWjzo~qzT=*2c&!?dKH*t*djARH1d3s)C;5Gg=zG*|K<13z&cPr`1
z6JbV)7IGHQMpok6d4sW-g+RDUmpB2XKg|uuL#II82xJcpjB}l58e6B~K@C?n6pcMD
zld)0k1HeisDAEdX2JSat5}gNb^|gazAm@kAttI5Lh)&RwvqiKw2#7F+!;=C%y<Kk=
za#;jXK^FHoka#kfl=DhBu+a}Ns?}BL$?w7Vl9Gw)uSj(>*fJtDO$z>tm6g@w%~%=3
z69s&sM_A$vHiGRaW6yuUWq6^m&Rd!DTH=LD!zZQg=(a_q5WP2xvK-&M_fJycd6ZVz
zP^lv7e=%*VRj!~a2;sBiElmxMr{*#E_uuIBI&sBW0~E4tSq%~DvT)a1Ol>s7=}ED!
zz|PQ4mtCzkx@aO*1gqMmn9$d+T7?JPlzw?*Q&B|O;#BOKK5MOI;Y2WD;wa?AEhUj_
zy+BUWD$*+U;*w%mKtC}=VAEIEu#sT>XJ{eU27~-CcVbhx-&=`AVq18DUUm%>1~WZ7
zgaw;@PxKcJQXVT*+QLz3IeWBD)-uT7->A{q_w!=qq26MTPjOXM1slHFOR2wmbShjP
zh9?w!OxQVThs-X!g=ws<`}idIVE7$te5!M_eeP-+Vi;GD(7n78)nY$n;C9~6MmLy&
z*5&k`9yPjsxb-^JpkKJlUM)d#S>ERpR>f)9dsue~H@diOO3aMuJusB3OB^*WSk5(Z
ziso)Uq1eU>>0=-D@vv9gTP%NSb3xYC4Dyo~{t|IK`@@osbWu?Xk*}a)ahZDy9bhMS
zCwIo~Qf2nlYQHuQmSjSIV!8>uet?=#V0<LjK7rDiY;IUvSP8Yzlc}8fGZtnF<lvu0
zyJav=ro`9t`S(rd@dmvyHhIW@j5J~I1VQEXT{&cDW5L07iTe=RGbGr~wP|&)i@W}q
zXBVqg=7}6naVRC~^Uc9>y_6zh#qWs}y%D29oL>N<cT!e(Ufz1Q=~Hq%*4Q8sLF$b2
zHCJdX^`K2!{S0KgD-asZDz%c8welNovX+p#d}#I<f2*=9VILC=D-E>oZ`X%vdh(c-
zhTK<xhg1X;`T@p-xWD~}Q)D^1^o!Z7Kk`jh6oAWu#j(DJWhqJk-3A9Qd|ajuNyXn`
ziOuNN`6w`%a#|K^6;$__n<<!O>dvZ?B3VIts^?qyAHQ^g4$l81OYB%gAHD=+2}jzN
zy%07-Ult2#Uv+avp0Ikn)q@#+B!5roFQFW$bm7M;d09kCsO#<76WIt{fHU`6|CrLg
z*E9a`be-qk&c`5OADAx*ss#+ry6-jD)zx9iDzg;n!okUX*-HF_V@&`s-(O1m`J$rO
ztR&?AmYnB8mot2}BS*w-QJ955Jk?0dXMbU4HM_Dbc(nKk5DRLAF?BwYtag12^GLsb
z1AqBNk~!r#(+5xEIV<%grDS$l82<ji`^1E5QRCNqN@8m+PrIlo@lQ+_FkN=O-Uss9
z8ODR@fpNF(f_)1MyDms)dnZMLddS`NjOCr?9N$Hj$*AtABTe7InK`C_3Z6|l!clBN
z=`xZk7>>}c4HDiH>_yba1u5O_jxd;sahwAByguk*(TDHX=cN@}Dp9kXO{a~T3Y;*#
zD)5SOl=A_`c${r2-DKj&K~O)FmA&?Lae+|3S5*lFLh%NF+zDWC1^UO%H|996-oC>Z
zzVOM}rBoSoFZZ*Iso?WG5Zd@j7#`(n1N$LeDJo!S2S&0=NZ~N|gP6c4JM@oVx}=cG
zJ-o;pxObPr;XY>K)6s)={#|&wD*$H{$Y|d6nVAvFaz58pnuAe+P4Zy<UVSU2X7>h8
z(`B(nb@EaI?~2Bfmmx<!n<ZkhV2=&nrxgNp6s`}gR3j8DE^L@8I(r@f;K*&*PA342
z?n5viF;<lZ)n%<Uql4aTd3|2xd7gx~k59yx5+Dl(uIq3?^`F-c33goM7vuv1$7V*s
z%EA|L_=xF+Bg`i?9_Y8sd+mn?4z5Pz#Z4PqGI%&ZId7%MmWfdGQ9JE%AxR2@pg#bj
zLGPS~S9rZP1faaBb1?k$Np<ipy?x~^RQ5M@9kfFNd)tj1I!-{n`_Rdz4i9gFinUxf
zjEPAQcaTfU?^On3I0~S<I!I1#CV1ho6h1$Z#Fb<NK)nsVb^^Tg-DC+NDcPSUQf#_C
zI<d9Tweo&FK5f>t=GG(`hm##+G(sEf>H|^2r$5I%l-a^N0aY!pU%W6G;{g*XdmcW+
z)tU5*EUsFQq6|nMDc<>tG_Uas@DMekX{ayb>NM&Wy!!cT)9-YF?b`R@4s*#-=i`Du
zy&T;}f2i#A1*Mk%n~l;ktGt1b-YN@8l#AOmOo<eV0L&RjZG+>7Tp!ovuLfO1{^(Cm
z0UiOc{@mq7aht9mTSj~9b#=8VV^1C^7?|Oy**!9F+xpuWC$y0Phm1-Ea;mv5sOel(
zAtwRWHct{7=3DZQ+sT8K&gZSKYkjL)DMh|(G?A?qOjH_L|9(EuZvIzj0j3M&&4ZP`
zz+g+G;_|Byk1My`KV_Fz>vmt0OyY_sZfiWK5lw%eM7lQ;5a*<Y(fc<EwjU~|V&mFf
zte7P0eQW7Q^;)S*H~KY^)^k!-K|UzBZ6HqmL2Tjf8Jl`(-MMQ*T0IB!Q3{c_*m|nc
z*{9*`UDXtm*<5MOB;WN3G}w<}gTVF9bQwn}7143oE}Z^Ors~OEkd%&o{ODR#*Lqv`
zjPcI0|B;Qog_T@JTMS10GCacjePrd~PL1${mAm%d67vE&>R#hgcl&#m({r$%?pxf>
zPDXWJE8pv3hlL!0dL6JEyQeMhSUp_vqg3&?Snv(MA)mR{FLLT?8+>v6jUz8dOGbXn
z3-!qw+r-giS1kIZHk)#l_?S<SrX6`bO5Qs<o+T_!-a5d;qZ1!X<bR2?coiK%&|E{-
zi-}wq9QywKQ#M@2Zyq<30v}Ygwv{P$@DChp&&MXKi1XS>p*f)}tZd#DTO<u;xvQC{
z+5Uq`d30PMHPyT;$3S^$yuq3>``Y>a(73nQ;B}|PrD}`%a%I!26Ye*pE(iFW-@so*
z%`F=3Zq$4{ftuC&v8~ali6A=!Mu}X*SA47&|4C(gX)Y;_Cr0JQ+c}hhtWwLMuW^%P
zKD`73ty3apjpLBmTH$LtU!@`So13JLDqjv2+%?tZKzp@+szUkt`R%yc4PN>6`gLIO
z{Hb-p^Y^!G$g49eqF0wT1HnD>qD|CZpE~8=NuefEYGg|bna%qt<#lQu=ePKNPk{a3
zA2|(ea-6<+B0V$$3`pBgs08=uBfUyL^M`Mjhs}v8lGV_39<V(uZv!QR=x>Kd=<<c+
zBkthoxNrUwobca^Z5Z-#hI1eM^S@#wcgOpKF?r3FJkm~JEChp10$=}sx1Ki{ms__*
zJvBF}akp}{1{6_}!d*NB^4ClCzwdxgg_R3t>G9>70k!(;zmNsSYHH<r$Vn|A9uY$$
zPXMyXVuGa*&S0G6=m%2|4~G3gzb<Zd{*{xdF~TcnK0zo`TY6-Z-EqUz@2u&M3Kh}%
z!kfR|7JVF@{btk6WD03Y8I~%YPjdiABp_$N^pjp)`aHam5nmUG=N>EsK1I3jh5I=P
zeQt~C0`v(z)1gOIm8JIkrAdJ3F=p>ePCS<QBE?iw>fN+6_edpYFFJ#0Y*DLNX{r8s
z!o&j5WPKIMro~33A1C<3P5xmF*zChyR5%W%xElRHSsh^bwas+LDPI#X5pOe*X`_1O
zfRHMmk&m=McAo3iXiE}4)i~s4Wmv@l)4@Yw-EZZ_2XOOOcwo|4-CheXIm0xQ2{~1m
za$(h`u2W0dUi=l;BM>?0QEoO(ux#gE0CyuW<F$?fKC5vjt?`0X5n~QUZ4!UzJ{3T4
zkRjz$l4`;FxuU4d8*U1(I5$T!N$c+Ja9I7+*VngRmf4#rETy*KG^I)DE9xmc;Ed2J
z@dhZzOx?jI*;}qqqt`@L3a+3^aIayr0RRrMu@?Wt4pv)KnkS!da$~Ds9Gq?^J~3bV
zw-;fqMpLZz7btFAot#F2@06u{s#IA=D@_KPWj+q_KqtL;EX>Ibcxc5Ew*|XQ#ft$%
zeO@96?=xQ8HF%gCr8mBoU{`<74y=cr>-)l<zvm_!&^u2@C8Wj+QwYn5`kUgF?e8_8
zF&#L&nb0<R_oiC^)yO%;Xg+bo+nsE#M9t5_Y_BmcJ7P+qij~gzSQMn`!|DIVcV?kP
zrs6LQgYg0as6xi-y*h7?9Ic=*v<2l3mvLR!p=sQoK58=r2$N3}tG?;Upxg&O?f}Ra
z=R1Z@WGzU=dhzezkp)_FU)pzB2?R}hemeR?nC(CzqrakjxnMny?;Y20o1n-$lVTmX
z?G!qy79o9eqrM9w=gnX}nFJ?78M#rCEm0KM`G%*Y_<N52M9hYWX*XI!vtz}i@sdHD
zs#6He#4rVU);p%zsH{vub)6u&s3To5JR!aDvaBkB*-0wnn20m2jP{oyQ@9|`ag75N
zko%YeRlZa*)!OR3C;CTY4_|sU2~a%@Zu+_?Xe!Tuc{?BqS^>nvp0|$$j9&U<XhA}D
zP|)?_)LLgdbb~0nWo2<sOp|$O&Q)8XQ*6B|c>C}B%ioFddddDVmfB8+Ti2JtMt$JF
zmr!ZdUU9{`94Mi$X4Ax-HOdR?LXGW4zO6P{@$oI$XqX%0ZaD++am7M=#V<gs({3Cl
zE7orSnkGwYo>WfAbIbo!489$<5PzEX*K6MAey@33VT`cb2iQMg?944`>6!b;c=cf*
zVq<i6886uN=ooHk;q+sGhLCE(jVxR~E_7Y70yc6R?h#<q3Fm?*{4$?^;$&0`F739#
zc&);lh~w4TDrQRt@;8|JR6(f7?Q%3-00N=YmqJ`5!O?Y;aV8ys?6b~m6;L108ONcz
Mn$F*tyOz)XFF6kK=l}o!

literal 0
HcmV?d00001

diff --git a/internal/server/static/apple-touch-icon.png b/internal/server/static/apple-touch-icon.png
new file mode 100644
index 0000000000000000000000000000000000000000..6dad36d757b1b3a01e9f55f8dd3ff35af93746f7
GIT binary patch
literal 10597
zcmZ{K2T+qw(04*0w9tF6Qbj^9f`D{s(tGc{3rGt{6{Ltt=qSCH&;<z{BovV%MF_<p
z9Su?h@s0m?=9~GxnQt;rZswl7yM1<V_kO#3sgLzF$w-(<0001)ww9U^u5J7G5P@<3
zic?^5T*K+CWuylHJmmubU<m-gZ(JAbI{*+01pxLP004P70KgDX*kh=GdjWRR(NqKc
z{r4;FtIEOk5C>>k1_J=(L;oJ&n18hku9GlCTTh*E55mYG$;txrSOfqBNVU~eOu|==
ziXz}HrqLHl{lVUQeUUxx8_Qs|bQlahNIj4jS9<sOIZ3>B`tM6d>Kyavjiq5VY^#u3
z8F6Fkj=BovdR{TH4zer3lolWC=GsxbSG?EI<K2C6v##W4+O%NW*;Ch3>wbI@@f1^R
z?S54htQ5Mxh9G&XA?ZJ~lxm?P?xd{Zawb8SZsDl`7j4#c6dVt7AZW(70JOzPg7lQx
zC<#*m8NWY;!$@D^y+m?C0du6R_~*c;_(SkHATmx>0F=@dLo5E%-`41q^?Uc(iWh_J
zl$IO&$eOA3?oyzdmUUW+Tbk-)Q^Io71Uh63a)Of|P#5=2nPnEAngHdIPLuXI%)2;}
zV2yqp08&<Jrf?xVB{@|Xr$?I-9$_gdTzF&j#s&hlZGuAE(>lE5_hEi}y>vEd8f5Qc
z&KsQ4Jv8Z8J}Xb->kl+VuOiwH@#zR?1eh=i^qKE><5}_S2#P_)zz8G9H1(&f^BKP{
zC?S6iG8$K|s{uU~STj~S8`I(R9r>h>Ug*1M1vCWBnDyqzHzQhcH)2f9S~OA`t({c@
z$}Brn=6#LbjP(}*d1pp-WqOpZO0VMyn6)<GEeLRrZG)n?#w{<8HneWHsw3e1>)6xP
zuLi&Z6?VEax-@N&tibcx{^N1qm#l%xGCm((g!82ys8J@|CQf?FHAl)l7(M|^1K(uE
zew#F>4JOB=`VpK9-B5RN>?jfP)Y<t4h2h0lC-aLXE!vtE$2U>2i7CtY_vYzZrH+tY
zN*NX*YdCX3vG|1mHLUw}%Cm@_kDZz}4y4Ugmo?l5#Jq-D_mfhDRK1nN`{J9#rXotM
zrN82h!rZBVrYmuzFbY^9VF>N?Pbv!RFd$i(o#0q4LQ9R@bFq_~cX7(MdH3#YLxKND
zX*fwWUMo=-Z5K&6k5+H^lT3N|*t!nT0Cq!p$uu4VaDG?)i_zkO3-b=cIy+S)<CqT1
zP-sg;(g`d9s({(c0Jr)`@<D~gBcK6jgRq+=B(_nBy&ck6Vl8!E2<*8UD4?1-iKixr
zlTMseevlDFkJc@!pu_<7!Y})H{+6E_|Iidg1Ts?}JQ%l`Ed=z0Vy9y4YYC)=M}9s*
z8*}cKbu;wUw9*XPILR}il~nu;ceqqObCXvW(M)CKgL^zbH^^=|n$DJw%;$ZE8Gy{=
zB{TVj61q`)XP_`pr==)1J<usdz|8x7N2BFG5$XCpN#s6?w*y6ySnPG4Ja^?u=+@mk
z#PcIO2J~yH!3LNUdoVD+uThANHp)}Tmc=x|Epr!Tz(e@hdtpfM@gRsDeDyq0^Tpo;
zN-0SFUqE|#K3<P6Rs>*SN-K~5fH(@zLe|NT2s^%TcR*n=n)0#|=}Yo8{_m3q%^gox
z7Nvk8tC)gjOAAF))@%uwDDZ$Wub64j#uYxs*T=LITl+%c-srD_ByLD!w9<mvLY!aB
zj)tz$V-RO3GWkaVW8GLD)1X3-sX9(gtHe<Rmmi+<wkVru+gN<%(=v_oTMnV&bg8Nq
zHQOOYj-8rErsp&MBj<tc`e?^T5pGTjT-TG}K^kH?7K|2Peybs$EiCknFNMZe`STe5
zQ9462LzRf4^dSaybd+2z=Y1xs2#T|$rq39c$EAV|kkOsiyC{Bragl_Go!TVF>F5sx
zmxT>!YwkwH@mVQ%(D8M7dQ(EPB1JOpOUH33snsjqbhlua0bayIxMm{;fa*^3L&rLz
zl$@nNrQDE)XbMDyC8)<0t2Ztn_yYNhBo;U)J5f%F$*z;b57t-Zl);lhH+hZKLVIJL
zlor#KTHp8oxhr%{+#!6^FgTXib}5+<kug;Geiv^8`~kp9Pi2xg+!JQ(nU|+YrCe5c
z&#23E(?AtYdYv}}eb%pmHBj*b=QYVQ>r|M2V#c`(xAd0kjUt5FrZ>sSw6!c3ipM;d
z6_a`#OL%qn`-9kz<u9upuw_ologwQf>5Zzk@k%yNU5SDnl{6Vqau;6(O7PD~Z`1qU
zrfsO-G0Emj-YDSeHnL2xmq>;({0L4MgnWFB6cHe$eMThd)06h7`bK%<S3gyYocaAh
zGDnHBt`Z(bOyPR+Y3ySRFh#1_5%kS$InK}5cgjtdB~Da0N+6-Txugt$S?kN>jIx~7
z0Oq^EgX-%4@k1mKPeagcw`uj$_d7LCd7-oeh1a{=&u<c+(-<a<zPNa-|C;Rkn<*JQ
zwBO#tAB_{_`D$a=B#sZBJ5CGY1u1$dVIrmgu8BQ&`&g$a*2$$)oymlr<_&fdCnJa*
z?=fOH1K0vMgcwCXA}eymji(sDcj(DDnIig_gL(#wIK4^SB@?a$lI5y$mDed0o>>f&
zJY%q*(3RZgOI9C0HhgcfDa?gR{F4C9d>_VrN+FPDDAA*H2$3vfT#@%j*)9r3#RWW&
z;6mLQi=-N4n740G8>+m9r&f}M98|Ix(uQ)wq8N9a6D61jSqBv=N-}{Q^fP#mqIV7Q
z8Y{`#MpQ;r6i#$+q+pw^HG*sZR;r$vwy$%Zrmd4*KVu>POtRd%=LUIxX}u7W8lZCU
z>X;HU7&EGdVBXPr9%4}@>C>CLSM5@|D({bnlwkZ7CT?{<R6`Z63a>iP*^Ou*cpx~+
z4Es%XVO0AFyh0b7W3YYVaYj5CE%CGGzYVn&!GxZf&&L7_?|N5M^Ojo6Y@|Qq7CO2-
z!Vp~jFW2oQgEMIaoF$sBA53+&N9Ud@;(@-d?Ok|Tu&Apy0oUIsm2siCP{!Av92}=L
zyEIbXzFK_E!06!&spjO1W{z2vTayipzyEI!z@X1&zVVxgSH&w6_p!%Cb@=r#nW}%1
zJ!Kjc@#XLS$B`fqQy58i%0##2^(u)>i6;dQSR~A;vWRDn(?J++L!L{J!GjshQ+_^)
zy-thTd_E?r{m)XP_Y|_;E8i=;54}bp{@CaKxX_5czHZ@KZt_VzH)nBEpFJdgBz>Sc
zcE$e3ygcE?lmk<Et@0`i)CW*yU?|RJc$-q+BTKEm8I*<fV!|ALm=mC+Qbozm-zOKz
zW_+RlN}h(x4Z`<cJEbbiEYoqud3JL4#7!%L-SgL}Ni<TO?<U=p!Y%FH^5=e5DyPx6
z)3TD9?<D1@_F0u;$>UQ>`qSGX)|m+hb0<BxwypiPd-u}biHBycfej9vR_}sb7Ke{?
zJ`}J}mGSSnlRU?rb^UnV0t~96)4;A9*Z-!d7)WiFT_0~D6Dj;6nYqnuWofyAdKdnO
zv6PK_nXvJarLJm0{IHw17t)s}d2OWX!?Evv@K{Nd{JhmWJnPvWuiybNequ2Q0Sunj
zpxhdDbX1tG{mrNE<MZuu)GedN-$}bSZqehF2LHppZAu#VVGW8q&LY|eVmsYu-Ap}3
z+E2*&zvMISR15=FlfcU*kHmMn1>%{mUgziiagCR&vIpe?ZSi;)4QzE7>fbIfrtiMx
zHh))Wr~%R;k!T4B!Zz({9>`U6KSS(_Y}R+E*L(UnJJuIJt@=(e6Ryr*^2yVXx^c4D
zC4QHX;>W=d;pNFXsJHNY+04{V&GJWcaB;r`X~QQ*Z)U6T?OuYyuN|-@>CP5OI|E~0
z=4SPYamTPL$-{_{ikx1_FEg<h=cjc;iV8}zng)C?@G7Mpz_K(uL3Fnh7CKydmiMMu
z{C~-q(bAXQpfcNhz+mzm3d{nTh)w$;@4fu~mr{DZl5&P_s)~EO{cN(snB%Vs^L@Fw
zG|}btQ;R7Qv3UrR!0iAhV^aSEi@{ZfyWd`6B0_eq22CG=8Ygv9W28COW+<MVI4qrJ
zZ77gB#7^4+;lUT|gzLZ%ORAR#_a+LG1>^jp(9(s~q#r|(G84b<=guJC9cx3&>g&BR
zC3a!J-44;R{FMUMt?c5y8<)RNVnQzgfBf8bsy@6DAD0rgDid2*@TWSl>V1xtr$_MG
z*)QBE&VL;#xj7a*FHgeG&tG9JRNw;}q9>UIA9AF#EUz^qj;2XNhA^us77V3qT@2yg
z?T+BT1F`2{K3^6{xf=^JpNZdWJ!aV0_#;knaaget8aOHvGGh;RR{7BEEXZLO!|I>k
znKf!uphGvmYj-Kqc@!R@E23yxEJPkW{f8((ZkFFLcR2B+ke1tjZ)A;jQ5FzORA@>H
z1<5*vM^EB;Y3u2~YA1bzT|6IAm_uaxA3e=3;n?T)Rn%R-qaK40^kbba>Q7O!jG*2P
zyIVQ^>H$^N+|y`pYmos+fOG&bph<5r+aMzDTo=Dof0hEa<B2q_^43>NdEI=Bs(slS
zle<=0F!97Pf=ASrN^JOrY9GzpJ6jjD!<EEl&uBJZCJKjRd)05k|33N9f+gsHoM-M`
zvmMbWwbZ;;vi`-q-tI!zko~1?Zc@-ygm}gkIR)M6F0W^sD52u=gZvtOD@a`-_wuL%
za`}jfMxs)a|F1-WIvlwFL+0K-?U)`05kWocTks*tlr%toJc3R-pz!^?N>1t{%S^=y
zd{O?V5suBd=G4)Ltn8)yIfZ9Pb>zU~U0F$aLo04W`cW3y$`5%`FMN9|YhG+KTU#*J
zmCPmx)OUEKAD9)6TVq7F-W<&Y&)gP4BH00C8AI=L>oF2zg{b_|MPwjmr#6W5_0H?J
zKs&}mXB{Wlk?J#6E&jbpjOd<a@1e3zV^a^;bz%`m8ltu_n})eSuBIkY>c!OEhB|(~
zcoS;VWVziB09mpfb21hg@wS*hT?RZ?TL-a+mR9Re_vtQuzdvFjLb1BRtUHt@FT(n@
z4CE)Wb{)qOUL86Nm3P@_fQ5siC#k5Iiv%VQSgxL7$ftenQF2)NKwVXdPq2Q<CQq+z
zZ~p#l#0q`DcE@gj+GU!v{n+&zc4H$fx3h?KGWgQfUq(r3e#HMea=D0=do!X-eud?M
z>urFcUIxbC&+#aj#xdsZbh~iox8KeNLJkA-CxDTgR~T~EO13T=@#7{RpP-XP*?#~z
zzWvdpwSg^pJq2ZirMM|MoG#q)6uO%HJ2jukZH>s@ag{H=6bZ}Sya4qn$jnX}ocp?a
z+Jbgb*25K~=09<}6P3AOsQXJl!P~rkbN<Z}$lzWBTij2)*&_WPSXJA#)%F7W3w9U(
zAb7e^(i&yQ-w{$Hzhy;Zjf}?t#t!z?B<fzMEajI<n_kldxvDfN`aeC@$Hf*pnIJ2v
zcn6>&hlRw{@FNmqa(J*f5jTx>O2x9YJk=!OS2RWIA+vt7b2!UI=+VwE5w>3ci58n4
zk2^YBWa>xqWuY->g+o2^K>MY-wRV4goNv+{#6p*;K5CJp_FlE?_iiuES4dWQ;k&`4
z1a{+YR)+^p$1ff3DMNPH%1RbUP{xX=hxzQNt3mkPHBaxWUz^Vq7M6x6E_}Z2f8!4r
z*;;5*cRvpb6Uf;*j(&f+e%x^5hi+C{dI-r5)GPdnw0SD`+YvXr@;j1TtL*pq;?7D;
zz#iA_hVIGjxL_e)G^z?lZ+zuY{Qb%BiAqFmQ^78nJlKEf-h*J2w_H<nV5(GcY{%7*
z;&pfEHR;XPDR6E%du+lsW+7f~982P%lQ-z%8<AtE$R7UoEh6V_=mAVjxsGnw5Qc@h
za-l|i1BcPIKOHXYVm`;F)a8~SOB!OxNI`8)!1Jo4Zr`!A8;2R`r*nd=**^XLc^`Z3
zN(Ji;LYi53Y-SloS);`<eG|Z6*M*|o8^zPE;>|ZX*k@68G4L^pOQK|PLBI7|g(Zb+
zdxiB?J+VJM7n~f?=L}KNV`;3@<$-FI%@syaLhr!^0h9|<A5qG(7|k09viC(NrnQrK
zCw(wG8M;fF!}1`a%bjEC=Da_=-2Lw>Gr!~Y$%UEQmt*8?jHwO3h4r4-R60!C7818I
zCw!^YQ>OnuF0kpoRbpZK1SCu$0UR^|V^Z6H39Et>mSsXk{<!#4tR{msS5|S@aER8y
zU2r@PVAtWj0VroBRD;A^%Q>8A1b{N>;lX}6e+uTrv$Kr{Ybk=?wic<#IOYw~I`ZQc
z9>l95qS?xPJt{y!IhU&NNn>!L=_=HqB0o+pEKma<vl~?q!SbQFugM$c{19H{ZG8t#
z<gxmRR00{u$q(ba*vL!`=aFF7C-kgvP#YktN11^tKF}`mp~|otZu!%O6cWn9<9qR?
zykZm81HbDGpP%{R%QXMIcEdMpcOYM6lU_Fv87dT2k^%)Eud~n|%xhZRgcgIX;+EbF
zAt^C?t5!zxt}wa3qUts0W^8US<Hw)#3$#;^Bscv`Octb29im|3ANo}tjcRgJL~gLx
zDfP<uIe*@;Q?xBfqXyVv8Q1+iw)z#`=ME1ZdSMFRv&oWcyg$;PKHt-uMD8C-$+UZM
zVD{Q{gb9M>e2QY^UIX1u$Mp5jy*;GJbEfGbehv)-HtQjS`EnMwwIsp%{3+EmRG-{N
z*?!ZkAy>W-gqXx&Yor~>$@Lo+Q7Zq<z~rW!VW@)`P@3@atN|}Fqh9OrCv=ZGf=f1^
zfbI^RbddTu_zvpApa_CsN^6|VZxpQJD!?U&m6VvgWMcAQSV&z*#nJE#1|J2OLbei(
zlW;QgIuK#!9WxZ*I?Xc5@^nc|oFuJlfJvq>Np+%NoD9yvTJH1?;9-C;1ju)`1V$PE
zxiMYpKu52S&<-l(gtS^wJ05Q4MJOzgqbjBqtLafH_C&6|@7)}W^}7jLD!A+KLX}r-
z;^ew;2v;F+5tYXWJR-}|r*i<8Pr)R2u_ijuTpWX5xxTL*z&CNPD^rWT$S^I|)Nd-S
zlJY1q$}x{fKD)qrT4cN#Fh-_&@U$;=us2nOLJ0rS;hA0Br-Xu2a2TD!SQ-vmw$_mf
z&bnE^N5SUR$Mso??n84|LS=$iGj!pT=7#e`C;$}*7pxj5;{vrpeX;=v8qP!LhL?~h
z0)N(vOoEzorvrPJAJxN4cnC3hD{nSt4t)w4cd#o7mID&7NS6WDord0gDB*-X5mpi>
z7Aek}NBm|eg9vYokuRB(PPgMCo}(9m+s~vLM>y~$SPPt4eFJ{eQ5sr#G`AcdAunZr
z8~zXu8iH7s64tq*&&=Hk4e1=oC4ZEME3^X<_{|l34q!$}q%si}g_YPUUTod>8epyW
z*(E~3AdFc<2ww-H;7!~VRRj{sO~9V24BY(FJ~Z&X8yo#-QC!4>VMGB4d5|BL#hZKY
zGt(JMITo*z`W&&&8haHYoULK*9W#KYcndzkgoxkJTrYdy1ysedo#5)Dq-DG&=B%%}
zvM&%Fj>VQQjH2QE$u)LUHou$350|BD9cFaJIp32t6EYGpM-T-sD(*Vo`?~1$g`U#w
zlxf`=)~9TL2U2JY7i6sbO?akDj!QpD!w1~Mn}A2a^F%0NTZ8T{APJgF=XNTLQPnU7
zD?fSl8M!~G@WIz24VpXhrZq87|H^E!!xIT<X3GZhaI-g8*nrLY-R`wJ;H^BtAGG<+
zBrHWL!D+4Bw?^;K&p#_UH<)c6vwMRUP5kGqUj5a2UORY*Ct51rTJ=?!Guh3_p`i$5
zVGB=-zQRzWu6`OBLqWJqC=hD-%$~rms4=b`Klo}cj~Ml>qtgg#-r_Unkpu-D8o6}7
zR9u`=xrXglI^!(0o(sk53I!=7f3Z^$3)LP_RY2FQBz3d;?*Km&I~Hs7RIHlu!Ew3O
z`7bVQ4BK*Y6h9?-KzB!Ynr=UNj+iLIrLy|k@o=6%<ZFlc;2NO<$e~wWccx+q)8pR(
zSdCYEz~Eqpd>6j|x0|F<h^f7+cDetPx50pw`k3PFiZ50;p5U<jW>2eF{A0@M<hSgW
zjb%9s38dMqNa>e$2C<+omAI7dnKrs@B`IP*8NI3023I!beW=6xvDc&U>XU54CxI9G
z30;9HDJpU4?Ys?Ru!FgR2^_ZgbmI1X(uJ{u-r!HqVhShlsA-<K;W<SUUIrsGYw{bd
zgbuA&S1pXbp9J)>iGGbzQaww_YI*aj9rBbtnkn~KH-CsJ_cmQ;5PLfBWa{o?EqE+G
z1UXHxs?uzw(cl4a$Cp{4#j@&xFZeY~CZV9hW%-gjKfrcNYoq(WHQvlGNQhGN9Lo+5
zQ%boRLF_sf^{pqHcR%H5BlzV|9dA{NS-x*44#afuQJ=ZYl{bu_K@V7<t3EH7B?fOi
z(zlse<hpC}jPncRI^JfxhK7cymEmG%G3S)$F1{?L$7uy-clIJ!r(M3}K5B{ffNzjN
zntR^H<afNeg$M%>qzZhawca<8%h5-Y)}V>)OXn?N9GeGF($iE^?-VV^SekDs=oHnW
zK#x>4OWLOGol1HKDnPVflI@VH!sjqJ?ttC-u|9-D*FQJk*z^@O6<MJ&ZX%`^h6A^8
z3&kN;FoAxW_p935T3SC8<AiC%tBhiFQqI|iD$#EzjA~5#UMPi0jW0Fx;hgvaKajPq
z%O#H8CQ@Xo;27|l?Q$yPbucle@KK^%iWQF`PHG<y@~yAXt)_?i<XHRUo~u~G^B-wL
zimbX7k3)2)1ZX)P7Z>iX8T@@0Uf9_d7BDe5(i>rSe{z36Kq#vT?P`XAf_^3-$zeOc
zWv;I#qIVoq(dBfvpq-yK->u>!FuNu*x*0@u`z#jiK6g&6S_?PG&VGFU6WP_|&4ELh
z)$vSXGVpe37R==+-#zO#_#}hqX8V-L@C#zvm~&GJs5M%Nb}s1?fjN&d%hVsAkIt7l
zx4BEWgQ~9Tk@*_qv`5hxQv>$$`_F}&jp+B?!83I}Ec*B>OI8aT*qg3VjrINzxf9!-
z^lcXAx}t`_m+!)A!4jA055NwtXOl`nQeDSZ_yagK_18<mRUXs%EFA1j$iHn#6=jX3
z4(s3adC<KtEAP}2-$zLAs-iGmWyUe4=r5Z#!_i-faRB!(d6-BMNFYU3?14H#UkfxJ
z6rCk)sxaef3(qG?%qiReX|4yeoGLpt;%K+;!GDgsRP!W3jXHDKfCX-DwUJr08g3(e
zPZ`-u8TClL{A&OCleXSe)UR@5i_U<+f!|jze2;ov?Fe@}!gTjv6A2N3ZF6ImD()9m
z^5-}rLz#Xmh%cV3r!l@=$K`2QSIWdNWAEBD-nFR}D)0H}LAC`WZp_#)kW-1QbmuXd
zsZm9_{@rQ74gan3<iuw!A9*mQPo~AeWRw5;$&cy8Nx2V!H=DMNLf6Jay|Q0s5P$j<
zl)j9eZ{p)RAU*8bGd#XWU7b${lI7hXzcN(4c}H7&o@V%Z?1YN=-lzl%^Giy9qDmw5
zJC^0{ZE#jmQDT^~r-XL2%z%47d)n#qhIjOr{Ii%)j}*lT-spdFc+V~&FE7bUL`C&(
z^szf+DqBEjODx0F1KqBt*ZZL&Z%I<BRe-(ZEa-B}AwKe)L*OcJ8V`j=TnWI;UEar7
z$wViAIIfTkJ$w)BieXOG8$)VeR0=T?;L-}f61!+_ewlW0AI0Lm`@=(uwhCWk;fg~;
zyb26DjaZ+M$7+>Yk!{*#JUQz;PB=ZtRpJb6RsM45ic}8KP?Xpri>PTdc|H~y8BtwT
z@b|&mWX2}fZyO4OU^CJOX+}o3=|ngeNEaHY@9+D~m+h!<alb$PfeaMcup0K`VEvX@
z42K#3GLoa$w?PhFMQ3;18P1pIuD-6_-<CsyIFAqxoGK2}6SZ@UsZb>=O)HVFd$fYy
zVz^j}{Sbn2OV5}levvVhsy9_{-wY4CXZ6v$z*=ar2vhrW4GB;>SeZ!z5iY-EbQ#A2
z1h01cvp5J$=+Y=<k_cKD4XMa0B_I*&32k0r411PNoP7;RP1=lLKHiI>4Nx`Br40Hx
z35%8>H1jvsn>E|!>nna;rWqh=K!p45izP(NCijD0pF92@Mds4YxT@IU(YNHtCx{<t
zmGg?1)#7}&ACK|&LDLD3-iEUxh$J{KN-@t$CwB1RTr)acumSZ{-njd5X>mO`4}iZJ
z_>75W@YU60oq-ZnV6%)As{e3h0AzdJ9rQ!I(YiZ7CqF+gwU~nuT@rS*Q)PR-_o#x3
z3L-vQ{?Xs_{s-M>iFvN@9AqYCL0i5%LbMXF!joZ0F`G;k!Md|X!erqzfUjFM$lr!h
zK6q4hIXdm@bNm2V(kTCiLd4qe=WK{S-w?(5A;$WCSgWtV=1g5Sx&u{R=*H;w#t|IO
zy5k6|9@QdDiBNm-_Xpc>$=zs?Q#}o|Qjg<w*i0?81o;8|-K|*G{-mYOHflA4U%!5Y
zHT9yNeI=Z*NTbS;DWY@(#&XY<a6V1e8`0{=qIzBBzg^Z^OyoCQfDFuQPciZ+fChxg
z^!Q+9j4&2U`}aeb!GN|BQ~S+9@mHH)1y#!drKAQ@3EkoFDnoW83H6W4yVmZt6mx%{
za)fg9u^wnYOb{5C=ZgkD#05tKCnWb@O`ndx^%JixT%UX7Ggz1&v-FLl<HO)a-%oMd
z8k3HQY^5Sx%_frl<3?S!W*JlFrp^Y+L`W7i`ZS&qm>mh@|7aPmNsV&;s*wO(`j*rn
z8vKWJ2K$IxtTo<6hkL+1_OC*x&&DWPtJ8ug_!IOajle}pRk;49wzc|oLB9OSFb7#~
zCf){~6E2eddg~&z*_EVmTUtQ?+c>*G_<DGxpWv#B(5g5k`khE^^G{*DsSky2AKhzI
z5`i2OtP{3A;RCaiL9fGZB1QSZ5rSew<M4%h##J<f3gm9e?1o+Dad4h;f%<njeuPVQ
ziGO2w`Z(>K*FK(7Vw@b)iKxWXMny779Lb4-IRes@MTN@m$t63HNT#hZs+dsKQ2>?l
zGU7COP!$O{5QQ&+%v=~BO5x=D(zdCrOi|xQqV|}_6a6HssDhDk&_-65DA*1j2Ix#%
zfYkCXF*Fr%an1s~M6~eRQ#SyeKs!nhE}4%5_S2*Y!Zp95FNk;aft820#pOt43cDLB
zH4&%$$KT!~pK+liNNENO8QfrmaVLzTWZaM@#k5i(&pQ}o55+s~lyR=CCIF2aEE$>%
zHQ+&o!zlpvK*e;cB++|odNPK0L`CSmgEbVuQJ|pDRsYpJsN57#^p~3Rk*Eu^-$q?8
zac6j}=`^4EuP3Dv33B0ZN{pZ*_&feBRUmEL&WL}xiS`6ntJhwyL?_<0F8ZEBC=Sv?
zxlja->%d-?aB9#*=)hAcKChMcd0kz%Hks8AfH!>)#S<d-|07}t-?ASl3UbTZ-A-Jq
zNcxs0FWM%ilzM{3DO7GN?h;T9DhPKhP@-UKZ=GUNXn+aBcZ_E$g)2Q}<bu5RZw&pO
zov0%zV4cZO!uC4}OfC|qR1W=sA%>DETn&nBzMe#gWR@U`e5b;bPK^j#|HaH1+FyQZ
zPI7H}*N%yvWrp$l+g~UA@2DsVXEy*PAo4dRlw2r;ll6;%sK=YZcr(>>PJZcUzvm*Q
z_-gN3+nhH=8Z3GxoB8%rT;f4-id+tP6u88QdPZU|IT3Loi1!X+^A!B;@$$KkUVXG^
z=~><o=TEjQmeUK)f*#I?aQBf8=4Wzc0cC@19gPeQbH|zzhL$p1`t^|<TPGj4@MM4+
z=LkAntqa0gd+Mw1Pa8`oQ{xFKrZrj)TVOBTD0r_c5Jk1~K1ZDGKfy4f1fnP|-*FPd
zXcb>sOT;#y%98ZL;xN;`jt@?y&>-BmxLcDAM)99|ma-sgxq`J%EkjgHvx6y;7C(&n
zKfPo+0N=9ijN#~<|Ix{uT9&c^O@#0yOo%*S!@n=KPC7+lhniQCr)8cDiyoV=Sl#6J
z@QG;#S-aeBX`7YI?P_#BuKL|`b6sBO`Z3l$d4*I$`=>%NleB|T_=EM!(pY=EuO#K}
zvLuXZh@knG8I4bl!B@dIIHwUuB78vZSZoY+pDz*qyX&%w64%k(Mm-`Uo1Kkdc-MWB
zDIITf^7oU;7hEk^4vZ}wB&%KHefaP+vr*XHKA3BYc@}*Ulm75X?eVo3+CPrqY6@q1
z&QK1MOYV<sDLtGPck`%o4X4x)PkXj!S1z)?cgBPjTgmK`MU!@shl?e2pFyR-SRIn3
zcJi=T(g8Y7sV@q3Py^Si`s%=K1IE2vdO5mFp=N1!Ga_tZd<0_9p7^)!6Ctr0%Wxp7
zsuuW<PYR-2uFl)2{h4PrRgcZT3{zs5<K&2glDX~aL;9<3A6xare+?QjF)an=bMz95
z5^oWuEY^H9McRYL5}*c8mMBs8VNKQf94Q`ihFqKB&3;b`7)OFE>7;ym+;@fnbf8*)
zz!i0Kar~bJE|e*38Lt5LH}N}-i$PGk#z*mzh{{^x(qOMI0iFH&pWM6HE?v(3Rfw>M
z<q~`AJ9-WufNSJuDZe@RL5C#r*0q8-E~LLcvm#VCR8f=T*uf$R(&ra(%7-A5`xTeW
zf1t`_&8S8MAX7o28e$8qvvN{Cy<x*@apZ}0aR%}ALdA)c81cbgn%Lm!6TIXgj@|ob
zt@I`cWzf8TS8g@UKs)>GmB#rmq&rMF4nv6{S(ffuzBGWX&ZjB~+mQ^zLbazI3gRBs
zRmM%%1P(<nzy1cM+j?h%|5Feh#VH;71eXc`1~czaq0L4V?tW>jCdhs%qhFtd!Jh@Z
zD2Pe2+Hf+ZEGNSi`(y+7a-N)%I^GjYPyR`Js%H}Oe0G<DTA+)3LPuC4wtFpKLV0(7
zK0>M3-Vq&k)<U@>j%G%aDf1?DmqYKJLT-yUE=uPTFKM2$@<5uJrc*XTq;_G`H8I<u
zaz)j(77Ng5E0G075M2QIW2I1fRrn8z_*m*ou7Hw<xdP!}R$-~@Idk1$`tODL(h9I`
zD{(52hH?enSrl58lL5d+gNS-H6h*XSh}Pt!NDI<Z{}U$?w<$*w^p-k5$15BSYzrgW
z^EmSt2wm1T$OYvByp`W+3Zm|vQa4lW*uAQvd<kfraG2-nI~KX~Cfs*F1t?!tNyZX@
zD7sB~oXgI~RA&zkx_3&RC<7F}F$-^b2mcJUb`U)!MaQ5&g?n!to7l4e>@-rPWO?ru
zTKn!e$#22f>ylouAT(*O|5~Mxuo4Eb2XF<@H^1t2=Rj%0Z5>3%jgf9>!^DQI65ki?
zU@EPtA8zVgY@cvqoLwef%&=S~s!rwVA=!c4+#X86wqb9!+Qak))(Cw@Vh66}#<zu9
zjqCNeZq1i1W>a3;M7l@{lk8Okp4RWngm70Y0fpWNeKviaG9Hz+t)f5D)NKGXi*J)S
z);+@|IkqU2PVjISy1)_4;o7E=YB!J?#&n=Jm+7~?LPSFu`S+IRzAFg~RPQ_sM2KSJ
zdunBg8aRbv&T%<$G|Fb6$vCr8rj*~?1I|*;a1kvqBT~scTB#Z2LV6mBc1<*=daCZa
zwoKMoFd#-{l-t|BqHZn4wxDeAO5qI399qqx>#F0{7CukKQ!L4|64wgpKk8$(0Nx!a
z*;+}WcuMn_&?wpd{e1w5UB??ex4&Q&FwE{ovHc>hmjriP4&6V`29|(XFtA~}@Ly)z
zrJE<)MjE!KHM*Vs1-7L!>C9@2+`-)xyc42s5#r();wtYP<cezm;!trZ5ixNQaY++#
z33*9rc`-?0C{!K_&D8sQ{C^Gb^>^`fi}?Q!xTVzmci&Oq|Ev(=>FXLC;^-Uj|BR6m
zmlv1)-$eurLP~LCnEs71_IC>ja}06?goTCO^Yrr$c6JPKz2_g~UU00yj3WYQtLv*Z
IK6HrxAJVtmApigX

literal 0
HcmV?d00001

diff --git a/internal/server/static/favicon-16x16.png b/internal/server/static/favicon-16x16.png
new file mode 100644
index 0000000000000000000000000000000000000000..176525be645bd12f00a1f067e52f6ac7082248e1
GIT binary patch
literal 1215
zcmZ`(eN0<b6u)eP_PzEM;=s1x4AU^@unQ{%v|`LA1d2d5U<n%-`Dj5vgg^=7D?u24
z2*XMF5C@FO*D8Yo1>e0b9}fBiHW<yuU=-*?D5%qoY-7nXf_MwYL=$h`y(jma^E<zL
zf9K|XaWXW3BArP903{3b3&YmII@x>idRSy1j*V-4U|0wMxrYEKJP*JN>?-^ffGiIH
z9>f43tp$LeUavpp3&0-gWN?JPy{??6`;vpMa*&#Xu5n-|2Wr^#7>gd~;Sl<Yhbnle
zib6FM`i4Sv6uQhs-%_Z_8r5CIQ7&rcqBac2+uaHz>>^+<3AH5bBOoN8o`3@c{DBRJ
z*^t@!eq__5Y<hfm#c4cL$+J?_?oc#v(G^^IhZNJ{`mMM=g(~e)jibJfhw4dKPrybB
zHSgD}xkydIc6@Tz!OKPSH_FV$;)PqG6Z+7J{^Et(rRJH!`RM}#y#(yyz-k|+{oqiW
zgz2tYnyp-#^JJjwkhau3Cov4M=^he(&w*e2FdYS^2@*Ei(O063BWI0_Ev+W#j{Ld1
z62o;CjW2~b@RARsDKOpQpe8nKi8eA(Ml4!KzG+rs7-7-YTa&QCo9QkvO_8XT1>2&G
zqfy3jJ6c0PZNBNAr-5P7Isy)QGuons+b{QbVD-*SjYUq~z|uMC(dYB?o`z8tZIzCM
zO`;KP+v-nc=6mNCX6u*l*DWs<FPKWr=GN6U_u)}H8p}IkulvrqU+X@s&!3yko0~f_
zJS^xRdUepiMb|m7orImZHEdc-z&<vFY&gKOHiaQ!H*VAR_O|Bznoj&;M9Q#G>tos-
zwlcM4bJL=h+45EE>neUv4_{@w{<m{orn2qf2UhgUPvdNxxDNyTG`f_^t9V1C2cF3U
zfM>8yo3S*t96MP`S%^RDH?Dv$aVfEEWnqj!=65_oFdZKgBez(V*M44I;X63S#U<E0
zDe?EqdbUAv%NfQkGEyigaVyUX*`R{UCnrTMEhfR+{ue}@9jTu_{NunY4fP7S5c!Ed
ziZ(C4=Q}u1kiTWI2vOG7-o-t|MIW3njJ*C@v!meLMpJy;%JTk~DplcO(|4SN=bm|r
zd$pMvPoHd&WLaso;5j!aXyT^(k!$TK$-h5vsS-Y?R-EfDMV(!ke^=VC&x;W3yO6v2
z;*H>XNzTo?Nz;jw5ef%K&qgQjys5>Ur~J2~CE+0r#{(DR9;;d>YP!@P>yp=!sSvwE
z#GAi(Jv^0C=8~JBnZ1*c7?V&@Q&ASgdORcPGns^uktTVTqhoc|>4+IGlj$9>r#7hB
z_md2)A8=FpM=Is9N`*8&LxBwtdx*V6$HXGBBtq;dm3T{!N!&d=q#hm@L$)9N3y_*7
zPfE!7f54v(0oFgs;eQyENvVoVWo&Bte=uHRsn}<i<UVVk3}b{=On6#?GCMXy0kX5R
gk0yPVk{KVHt~i>Oky!W0*BK`PnSZFC=0r@<U&Uw?j{pDw

literal 0
HcmV?d00001

diff --git a/internal/server/static/favicon-192x192.png b/internal/server/static/favicon-192x192.png
new file mode 100644
index 0000000000000000000000000000000000000000..23ef4a7afbc35616ef9a347ca4ccccb936b80a2f
GIT binary patch
literal 11380
zcmZ{~2Q*w?^fr8FFr$~~gb@-^qW9j32to8-qxarN7d;UXM2{dk5d<-M`yq*vsF_hi
zltD0JjCXwR|9#i`zO}wJ>&{*4&N=(+v*+CBJkQztxxStj1t|+D000!)57iCvcf`#_
z48eaJE_*`pHx9>#hPnU{&J6(Y1OWJle+2&x071e4uxkeZvTp!@(f93V19|)p5C<JC
zb>RBuQ`%FNgMUKe`_Mc904N7;F3^ZiwG;j!G*DYt1G+=b#3+8774A9@0Q@Z4>MBN|
zi~B`kZ=8(7u9Xfu+X794OwR+QT7`rML|e3h=MTyaUYVzq6Q{s6#kr3RDqL@!VAFel
zRhVapfw>K6hu)~G>zlvIFQ$<qlpt;48xUn}71nuj{@28MN#XD?%W`f;$2g>Z#dzlY
z&%pZfj7!+BrzPjB0n-ZSR((HSrFwm#SMig8r)ZFuuKr37@*R?V{#CFEFnia;<iy;>
zBveoEj>46QQ(24};s@Nf%>8q9U)zo_g&>~eN?FL4`X|*MXaRa#S%#-ynLD4|um294
zgc(uYkRLgNv)$ySOBdN63(+OWY=y&0yPdHJXQ=hvkBKw4bqOmR%u-rzn^E|SHjzrx
z{00_P3P3qmLbcCV_Sig%#YwBosnZxav|<(Qghqpr8c1_HC?9mK>^<tCtcZn{Cb_14
z=%jAzN?Xu<B>+BO-yX+frqW`Rq-Jkequ#~I4{ueOf=+==z}6fz+^4@jQa|O!4sAS-
zzYPfno)BaaJc-?N)v3xngQ~$x!NbNz34LvcMf(jUL6ZxB>z^+~Ze%FRcQnTO`doJm
zUW2zmj0BBfJ;)B>TgS>Ykfg1}Byu`$B<?oI28gDRCqM2WjZoL#-1~`H8;jg~wNGxN
zDAh<AAP6`VDwUjCDJ#Fou5JJeLc+Lw6`RP3w+_pb;7Ya@EKWi;!dRxzhq;V2+8JAn
z&aRn6{cnlkpC;Q&8xrAC#ikw^OaYv}yiM$(5~B{o8A~TYPX_vxL?+|*pwUF~rD)or
zy<4;4Nf2s3W~&pe&ET+s-yIb2t!vzU)f2VSRL)gqTM5XqJF*_ZiXJ}Eqfn`!M8QJp
zR>^1evSHwJI8KOD%V2$liuq1ZQ^`h`qR}GNR}NW00*+74Tn_Z~@%(pg>k2^U<E@CS
z;8OQwG#LM5#@v5T0m_P9rZ|SPI_2d|Z5i6T?sv(o1}+mS|H)EHzN?DtD79Pu*vuU&
zi>5@@bJXSsr{oBEO(B#dONff0UkH{H(UwM5goBfIYLn!)XL^}XiAW#;hK=aY=cdyb
zgwsH4w@bTOL&=)DSrD(DHmIOVLc6ItpcvVtk><4z#Nc;1NgIWYRWIhgg1#>HfQ*Nj
z)VPaYDL3upA|ebLzzp=k-;#UN&nV%`1d&8q>?6kXr|ztt$T9;pi1N}rg{zn_Cli;M
z=@X(==rQFh=cirU1Ge@NmvA|FW3}{jnnn7|^R_5*>(x-x_#{&JS$&C?u|eOZL?RK7
z)LLK6V(4)s#sj!EQ-B_8blXX%GpW;?-uZF{VbP$V1q3X;K?pk);)*(`BB>RjLnOw9
z4rf(BhP~ZEBtlhMV06kZOxfs`UaPVKRX(ATx}_H@VW)59)P@*AKMS#F$qK0Q8%ypT
z-lqWl0!zZ>3nv`?o;P;B2sg3Dx6hJvAnIQo_{V^>kjL1HxPPIF>04)xi`nZ7Kxk&m
z!OP(5ld`a=^`P0>T}i;fQZnx0SuBGKI3`}Io|#=@CAk-Q^Z-$!qXRkz$GGHHrH5W5
z&ChNJ#D6A(&rh~1izlWNQah@;@6RFb$Ih+)cZL!Ql}|%wDTK0b_!#t%z1VoT{PlKo
z5F>FAJ<u%BnOneM^coyP(hc>&1pMa&!^MpRfnyFrnJ`a~F#3fwk!n@!u}2N#oG$Ru
zYXMn5rlqo>njHhS5gW7me;Pxs&AOr?$0TDNO6{P-wp2{PzYd`{r@))`&64J|dU?8g
zc8MW8$IRV7$VUoy2W-(DnW*W?eTbs-H#u_db%CG$OwltE|Gj@E0W7wA4}Rc;r+lg%
zAECbxUN`Z0Hu)Ft|1yBy7AHO?%8t=I<uUUGx3UnnG62m78P!bWf(XNIzqOzZ%jTUM
z+p)-LHcO-)k`}?<W@p4~p(LkPZcYOKbU<OV&c5UVu+oP;wK<8zkg-c~U>#4@)D^+U
z<R(YO?9<rEqjadU=bxl+QW;I*B)+wr+glQo_;CBh50vOc+{OgFDybp<AlwrCELlyA
z1@Ky7RaUMm)%*c&uW4_ea%#OX3cHWq{>zD0i4|Z_p-%c?HTihV$VS7@ed#6J8KKqe
zZ(~GW6h=oV<ZU0->L)Q<la0yD(8CQasb7<i-88`*^F1_l|Ac%r#HJ(=jI&FMzW&=7
zG^4yCB|c*Hz!%p!t5)Q1L!i9y(1F|N<c@ybWdLy;?W6Vg@juowE*Li?hHjRJANlpq
z^>`kb=$kG92ID(l4)$jaB`DyZ1Qtvg*r07^eBEN#<=xM2EEjX3xA~T-u=y#=jq^I}
zHkMr+)#kw9XDM)Ms6ZVN&iX}Vm@fKe35_79-K0iK087HOW<dgpa6SE;2)xOX5sUbv
z`F@+YkgapnIjV{n)3=n3v4!ir0+`AwFS}+{jeEf#J^$T~1wvUNZ^V?ZCrY-3dX{e|
z;a9wm@+#3kOF~})^2Xkm?jLqd;mTjLtyfy<{+=jeEAviJu({4qpEm*;M1G=1mc}<z
zVAZd!{!WRF5APCqvfe?}OLhHfbCnRw^|gUdUCK0s$EXcR35rqtVGN4x)xSGktE7lk
z#NO*GnF&IS80!KY|CCSTO8G!v3swSbn|b_;IAQ&^bLNIJFdXj;`Dn7nU)f1R`jtST
zIsKppK!j`<yrr7`WW8})sOBwIjDcG{qH4&W2C}?YMb2kD)T&%>DY?aGp4zVS=9<Nk
zWHS<@)9}ZI^pNn3bR50dZt$G%GdR$50U2dGu}Hm2wug7+)d@<dNAQ&Cl3ygjDB<h;
zq5ku6O86Gcn-IhgN$-TbLHqH-qG7lX10^#Nv;G;)V4fET$ML0m0C5$<xUbX&wZB9w
zuy-@{80R3}YCh6qZT`2+z62={9#dx`<%n}g9q9Dz&&6F|3;U5MOcaK{R_A0}h62Ny
zz@XtK7+_Mp0i<|+AyR27F8Tp7We8qQ{*~O@@;Pu<-n4v~!#uUHeOaf5PX-ul?f?&u
z^TP{c^`rlfp{i+GaHqMoj2d;i<v;lQcelJOrJiMc7cPf62KMUR_|2TGbe{E;S~1Dh
zOyjvXPO-B39WZLwsy9v_YMHw}pcI4;_4hw~Al%yqNGm%c;eKB6BMqqX((4TA)%NEM
z$f*3GYw02Jn@~2^l4C$_AjQ;CuvCq@<jRv~K0ctI3P(^K9)KI|f|EsIss!=CA8zg3
zUvfF3!6U^1(N{gEZ?|ix28ch~8xdB7v!F-BF;bm$K8)^UW<<5&d%b(V_(<x)<8527
z>Cf8#`%(wP^jQj@M;krSAm^qlXBrD+wur&XhzoQ$+;c6Oj*ILzK$>>LmM%-*o%?N<
ziiqa}_UqKb5NP}uLpv$MJud-X59Ve;HxDfWP3rUw_wipi&wiy<+v)9W5pm|^Qa@sr
z_;`*5#x~<S@h_WSziYc&r?a^0s!U9G*8T+vi@+|BNA|;$tjn%b`QJR6QB=)QCl(RZ
zoRmQXos!2;0%+wdBGm_!TIQ?E<JvEn_zNt}nKHl9cyclj(@+qSr1gocCVp*uWN4iv
z<^~aU%X~+B`*CKIhf{XZ5$G(Pyjh6G<*RPar&V`#t`YPbH%!(AKVb$n8KL>D%%*M`
zyh#%iaV>Ku@Aq6x+ziCGC<uw4-^o6eg5sJA$Nm*=D2w(Tys!@*P7ZauJB8aICden}
z_2_|*(ozNyDk0<uR=2vcs!~Ih<-Hh!tY%Xjt)gJ#FWsfBwL2rxT?+#9OL6ulnv2p>
z!Qkz-$?gB<^<Il><THA5I`LUv6t%ow4UCI=ZePs2xBd+`Aiw%+;0(hNpHKH%)n#J$
zOocKW<j_Z5%PBII5#$>kao^?B$JTees#?O2oA_|=e-@^k{D(AP-#^@J#wp@mWPVs>
zfS{@QnKypvW>{RwA;rAG^<h_Ud;67I>Ce|0oe#DvBB{*Gy6rb*jXIXqG4#YKzQG=h
zc|ii}ZACgVJ(clO`W-;ZT#oVPL)kGO=q1MOFgiNYNokt$RP2p5*IE&8?E=(9;o6cw
zWy;lU`_wwE<D(;}s{P{(4QYm3<7?b|%)XtHl8k=}?C)*lPG7WDk?T%fKYsUM#;74h
zj8YmcZNE0g^~?uen-V8OXbc>Uy@?e6#~~|4%)l^;fPZQ&p5JB+>nqk;!&O7rdvJ*Q
z65oaS_Tp+!XVBoZfi(ATtg*&mQyuR(>t}}JEusmT-uj$OyHJxWh3v<^6I0t4#|QiG
zv~2Zi$S?t)1q2SX*d$Dd@!OV{jS?xIJ-xQn_mPicXd*fMZs<fWCbk!L5|@J+U-04B
zC9GlW{NTwdJ03#0w^mHh6?#Vzxu1FeBI$18CE|mFy0paNurZk_dOnd~T7qSQQf^m`
zAYc42?AX*(_OGa(0dA5Bi}Y$}qr?<7kAMA#l^S@uOhC*mrHdf3(ka4kd0$<wusOS=
z(dgkJmyc8H>GNS$y-xHY2fzA?E<>8Q6jMfj#+sMq-}YhH+Hg$|5wsbTNYh(;_fY5C
z{`5PCSdKqiLeC~p@nKQ<drN=AQfplP$-~<_=a-EC&V;eB8?VY${(N@02lI{NhquqM
zVu4I1h6JwJRuc^eY)Q^Esv*F3x}?rbS4%j(wv%LdEDHJIJG1B7^y|hg{7)mc^|H0z
zsA)Hq4&G^Fw|Ug`)w;WZ`7^e%u#>Isv+W*m2M-8jJRkp7QiEVlJb2kp<ODlJ387<}
z((_=~z9;>PrR;vL9Y+r5!Dpuy$DeQ}PCd98hq`I?^NX@)pH+1O2?x{(`dWO%Y`=Y<
zaxt|<(4XWTb+S#PeGl(E2%aTK3(<(M-d6Qi+#wg-H#7UDuN7PNxL`Ffwb<yTS`DE>
z&0T{0ztS=B6*$NaX<|OiyPTh?oQsZomoW7><R9-h^LQ9C5J{@i`<nsH?E^@2mM%j4
zB`!Wm)nqik0$&HR_=(9&geFu$GSM4$R6>+gXn#>XA3l}-aO#fTjD>*dD55@^crI1t
zZs^0JGH!;%inq7C*7wYyF73ho{^BObx~|FzKSBhz>gFkN>y_J>W1VR~>0BUz2=xr-
zIpo$IvQQKFIxHaKZtg}RhT{pv-=hsXm=HPDk-vWeSIu2*kFn}|6|%C0ul@|Z?Nt#;
z$S4z|d*&zI&-;SGhPiNLp*eUev+bMHTh6*_emp8O`bqS&fjnbc-dJ=O+5&>mFO!3f
zAAd}lm4;#n96J6iOIXe4Zp*PE)Os$%&S{l4@WN7dkD4ipRCXmYYKqeMkep)md6@#!
zGvm9%iTh-sQ9m5;Nb;T8y`0Y6n0;?y+QlaFmR7=(B7e%5ubtH!{EwgTja6J};omj_
zY<Xic+mXsYv7O^9<LO^-4>O5R26VC0GL2j1Vb)<@p~$Zj-6u!3Yg=KW@)PK7oCu*6
zk*5avk%Y(aW<em4K9SD?m8oGBnz16`&-c6|hv;MSp}#@fa2n=I#xkLzHB&9BliG^p
z&ZxtH?s8{#k0)m1|1Ku*C=}KI(IuLhW;L+?mPz|ZF7QM_`ONFFG2_jJvS@bck9kna
z{q+SDC`mN`TX=xW=_4##;bNX%PSebOA6NSI=`JK1&GhBFY#(&!bIxsMMxfr(o5<&(
zFXyPUn44#iNl@l>t4h<%yjai*ZJtypJnWi1*g87suW;7cx$oubws}mye}iR9YJg*r
zMg}TRijgW>Gk4@)7CPffZb$KB*3}rz@?Joaqn9z7mCkI*@%`bB_U0}z&T7$lc(M)%
z)|B+({Nlax+jf`;uFLwil#H*DK(Bz;v6eDM#Taru80i>qfB5jNP|wGVOUi?-@kIU(
zw;i{)-xh7&7p<Sp+QDpBPB_nD%L9E*oN`5c(zH|a&X<<6{hu6+^3VizMxphHDUCjk
zr4ek96(Fq#d2mO49+XKHbF}Ht|A^|HCg%Hrm#0j3$+@6hZis+F=N{|QKn<boudbq{
zb5EBaquK3)oQMAkE&6ReV}1x=d884t>Ib0<K~Eh6(kU4%+gD$+0pnwc+9=FK>lg=<
z$X+_t@wH9pTcz-07y0GFLlpyiUUUu@H1s?t3!Tqc^6Y$+dg`}oSAIgT*_;Gc#=3f(
z&p5?<QM@2@kCfx3C1Es4qN0<jhNH&`w`p@sBL&uRCY{(M7k0MivZSvBQ#=avwg@IQ
zaM>m5P|GL3Zr%>VIsXXgetWx*=8!GnUs#Su3kwjf%&;ES@Mod<UZyT%M`|jGvrlwY
z{-qBghOFicot4X#boE^N`ut+#V!{Phc|VuOb)nBGuCU}vq9hu{OX-ACdS)8cZ(9`o
zK?aKyxq@iKAG{$U4S0~o`P&fLZNVa!hvy;^4{J6HFGG(1BEQAWE69AEuogPxF0v*L
z`A-mrBSlT`M5+wedx!ze_3fLP(*&>Sd90e7188uLTHv)FfAfdI;Db|8%#l>zTus+A
zG(ijbh81-|i${FA=_rz%3T#DA=wZKSmDGDXWtRZw;N^WI7KYGk*$G;Cy-Yx}p!df%
zwoqe%^dbdJ70z#$4CnX(hMCwu@&EU33%wnvGS0n3vAW1jyA<hhKy@EfB~FRm{12E@
z!W#ShN{(?TdrEB%QtgN!)6|63jhb_?&53^sE;KPdTc4f&qOiW{rL{I-tA+vX5Kb|4
z*L$b`;j3R|SKTI<5>HH%4BiU%<kvi<x(*D^TaL~}{@BCXZ3fR1;iDC8BYS&zjAvLx
z_|+_r@3Xe_Q<TtqtD~EC^eCYxL1Zy{E;7%ZjC6x7#U)y(&CDqrT|yeC`okhIwJ05#
zPe0hOK&`q{nbVJ}cz;gc{v)DmkvT@}9FrcMYw!CddWMQ5I4qkMPVc*?jdss|_#$ya
zxX#LvKRyQgzA*z((s-S(jY(_kv`0c+haK5z4;4V!Px(bYv7;KTBU;4*B%D`p`MtAe
zgwoC%HRQ1mwVsGIeXw%;!y3&i+B1*Ns|bh3Bpuq4Zq$fkJJ*e0m_iCOlv$rPT=Opf
z-ivu#&Z3k}b$vSlX4m;)IK3ZiXHzpgrHI{hJwr}kXV)^ZlFjZ9*t$iqA;1I=z>85B
zkL@&u2d3{=T5*1<yKS~SPcl$YS11FEoyfz0=0v={otXKF&U17OyAqf5g5aHonBM}-
zHDCC^CD^gKvkE^@B}L5b%yF=8>-E>nb|mZIQW~Vt7UXAgufDY+7R-L4LoOWix&IUz
zBl7`@Nh7hq%Zl4AQ&OQJ1L7>$N`<C;FAV>imZBg`t#p7f$Ml0fs;@MF8~=2ZKWmXT
zrZV9#{_W0WA&O4rG0j4gDHnn)bfoIaHTn6ZP8W+EHU<s{l){(Y;lBr!FzCG3Bgwsg
zKmP%u;nkpmRH-_?jMv5uM<}6V#nJ<$&>5~0g`a|`GTysx`P}_geSxl%C1lA(+BhvG
zTzZDpWKL6u&y*QEv`To1o*oQz#S<NBVff4&^bee;@$Zh$muGa2jz_`&(0Q*$nDFA~
z7(b?WNKrpkXjc46zIWhf{{Tju!`_t7z<=HbHr*Mg<h^l|5crL@eH#zUP6uh5RP-;z
z#(akH{GuzSx_-ReEd^i!ZGyXe^}bsu#?<&;(L(M(lg*&4U+>FRm+*=&0mfkuM_EY8
zT6d1O3-W5VMr{dkyQVcxB=<UCKuHwBW)qrK{8BDRpPyneM=DEpXaZ3tV5hOj{%KyV
z0@lzeTmfPGw&)bvTLnpgmHq;>+#P?;Zo0QRT8bQ_gr@WQ-Ssh`OhUNYoRsITKVGc=
z{9QT6k8N}F(L_R}o#0pSQ&eM1Z<uM&YpL|Yt3&kbfD@Z@w544M=nVcd-`CZ9z_xg$
zl`6(Bc)p>h0711%nxX)4f(aXXBtL`VB3*=FxP=nG+9IKQ*kUe@OA22=+9DtCU17e!
zc-o7b*tjklAmJcNaL*>I<c+9&?l!Y<FrY+$jvv9Q#Jel4Mk&v+;hkMM_!r;%mKEv#
z$&?lYIs*u}6~4=XTPhYQFVLp$A)Ub{jKe!F{;ap6;rmnBat?7X1mW9Sf82R6RWLoH
zn$|aIXw#8{#S6o}!x|2u4uPrP#idK|7sIi=Z<_z!&8l6Bo<x>JZ+-ABd9|YxD_^NJ
z;z5i7JttUF)+DfF97R21E9jy6F5=wzFShq1zln3y+JKVAqP?9IT!qMp5^!FI&hleN
zJl$_&cw7E^JYZX2i2NK2vrFcL()HQphVlrL%Ud@zpAug;iz;H<5__4J{*Xq)tKwhY
z9u5-D<Wm363?JcHze4`|M|l`{j6Z`JA!46!Wl|+c*Jx$l;LTn&#N$<Cl2F?oEet2W
znHgFaZw3`>+PdoO-2>b3%$wnt<o8$WJ6yAKEdj$QXefK26wh;syzo|KW|5DTPqkug
z867<<5G7qCpFVVaaGG8FkZE&ro8~r6oC9&HSoi}tUx&$<)5M}@=kA4J`Z&QbpLvYJ
zQb6bMrH8M&uuKfdG=Ia#Pi09MO@Lh#nbb1w*>3^^nq^8%VEic~@UThWnS!7<PQ{gq
z5Kn8(zth?KJryGxn0!DiAtJ<7E<ycnOqy`8G!${SZbF%R;9Fp7{1_qhCCS-+&7Xx#
zWm35g968)MiQ_3_j&n}7?qOTgMAFL2<X*9Wbs4ozL4o=A*};C_H$*7m{XULnWjOab
zk!+}n=-OxU&w@QW;>j<yZS=So@*cJby(qn(%kAt%@nu-d16>7Awl3s2C*%NxySKP4
zx_ZHA)@%jDcw{afyPrY_dB2%>%dH#ZDYCQq(*!)vpY;<qwBRr|PO{F!JuXn-@+)R#
zM~=l-$cucPK11CJpW(Hd+shAphMX?iWQ%RkPs!mjn0h`WeSdzq<{QIn2`O4K!W0OY
zR_WS2u9w+{MY~Bs@xKob-#zZCI<L%*kyvx1LQ5+<tW+vX0>e(rWb)&#z$_Pb2-Ge5
zy?^|njzL(}OPVqX>QV`6JGZA|j8lIIONELYv?AY>oS)(uOY(*8wE<=2%by~B`l}(K
z0R%6Poc&$Gx%%Vu-<&Khg;~2WGJXna61|0I%n!;B46nS_%ER_GUe`rnK<paMhd&d(
z0m7MmpCyUpiM!bj<vuv3e<;q`%;OJvU>!9{mL%OMFc{`_68ftp*OQffqi+Cufh)@k
z3-^V0{K?F0oM^xLNqv7;`YoHsdg=vPN1caam1c#w+>~d?0Mjq=CyPcSIWz9$y+mR9
ziGliA3$iRg_=6*w>?_1~N6p+7SNe&~KXw1~Ti4MM&B4(^^HUM8i$>LY6qY+<sHjfQ
ze8r0deH(?_{E^dSkj{@4X@6cnKuMg)?vN)wTUy~X3PH!8Z><l|ss)Jykkvri`jvJr
zba}r}Z2KiTuc1NzO}l_qe*rDSv9Ax6?NV1EG=fs(&6xfk$B=OfQJmHM+>q{siSJQ&
zrmXDJld8`NFk~L*YRfgMjWG*%Pgv5jpPQu6_mN#rza^+j5q19kxO>c2Dpi`&N7f#c
z7Z`XHU#u4CcTO1{_0eY>X?*(3UvOs^Nx-kSMp0xPMD>MjTYshh5L{@ao&Pn}FNTc~
z(B*zxczMO!M6mISl%-y^v%e_U!1;VsxRS>nf7ZkNPt*<a-7RT_{6<wVKDtp;YJ+~R
zWDqy1gcQi_g2xxsnzxhNAD9geoyd0n+3X2S>?b;zqDsEFoYC7Z7)skAHc_0_Hk;7r
zR<o6zROVJ&4$`*Jv7qlG`_v?&&X#N@jObPt{^N5Lpw*?R*)q+t%Mgub2*=UUz3h4~
zIM;IFQBBX4iQ`9C(TiKych<;F7;gp@kzpE5Z3aoo-fOp+8&g)j+)JT4S}KeFL_vX<
z_k;KYq^lkBfqZh3KQBK$@|H=VxpOy(dxSa&JP5wSASKbtcgs0QCw<1!p)U2~S9;Q1
z`6Ai*236;(f0iPr?0S_y*|ScT`c&}NnibexY(>ZLc;GvH&tAaIqt#T;hg;s2d~%qY
zg3y(W&}?~j@WaD|IRS$yPcLWZ05NNn{_4&w!Pwm&N=M{W=j?1zpY-<*<>K+ERQUN!
z&0&yx-dZ$h%=LV~^I~rz)`vjAS<<4RStI!MImhm9;>5+zaZ_Kz05VcMGe^Z_ouTy)
z?TeXyuUEd1j?e%5+dQi-L^NFd%fT|eb<lskM-7zqu^bbHTv(gBq94J<2%>$qI@ip{
zm?IaxRb$@-+q2Un{X-gd7!$Jc1tFgI?|jqFsOvS%>;;*KO9gma@;C1PM#h~<G9;?;
z;DMmurTuWN3rd-bjU8f6iXrYG{h7))0|AtE&VK-l@Cdk4wGw9J8a`3LS?BFWfJ{WG
zoN=$+t=GsNd-{UDZlC#bR>JA_YYDATT`k5K=@=Tu$v<_AR@lH@ovMp4Ti7|9Jc6sI
zXHWa?@P*}tkMOE3Q9=4Z%NDm@rn)|Iq0Ih_`z7t8c|4O<0<S{;-XC7ZZqbcCC1_Aq
zuC(ppN8pJ)eN!|(`O+hP%jL(z+bu~fG++nryjoxTLgh10At$2+Mft(B0k!3;W1Fdr
z$@Rq{olXawDnmkHbt2{6oXG31DhJEGCHEl^rg5ii5}Zju#o`!lILuypX__;=WVv1k
zBQV-dv-E`fy2o^tUpa6hhO@YhA3llTclYtkkgH9ywKFBGeKg86^}Ow<xbnXLX8+KC
zwcqJc5BY|Apj7BKg@{mh-|SayVXzhnwBV#f6Nz$k^0>v<JVJY?l|+qPaCby3+-<mR
zY#J!}i#pG&vRp;-C1ju^*sLRe4;puu{UHQ9uX4Ss--Ie8U-UOv%YXl&Gwxn|Nr6uu
zd{=Z-`&Xl^n$p;t5;-nM2u2V$=z=53HdYWV`M(jGNiagK?!p;7svH&KDwdm^WMHy>
z_a+Joc{RG${JdA%a^%hrD};*Jt;gRsM!|61ZbG1t{8t>qmD!|vm}iva&VRoD0-aB(
zLnURgj+-gI;yGKk!H3AC`|LOFq=v`UBev9%J5bL@F23t@?MyrQ4$^r}C->Sd_AqP3
zxDdUB=IK9tYE#$~0Rl-=Vc45SlY0Z@tc@9x3Om9!$GUwMNI8j$4=B3?ZC88JEQ9wq
z^hIUD2`s9;@mW4Mp|s;<(yTkG4*Q98-(O`(&s+xxm9hRxWl~5epj8p9)_}54;{mqY
zfhPxr`eO6%yW5nHM+qHavLUbHDK=pFlgIt|hCc(g+A^C;1SY+dzehh~9k1VlA9ES#
zO9-NkkpfPp&rNCxvO+KcBbo{C+OU^8T|WySqQB*s_*tZ#ryni!sYvcE_q`ri6&`#1
zw4Lgj&TZW0)smQ|RqC6_H<AD`T$hY_g7%KqA%JVKV3Rh*>)Ch2zvM#Uwtr9k4ezFc
z<<|W&-x)f-m&7ak1X#AuySb?Eebn0A+|fi|s#)&ywp{dztj5PaRX%{4nC^bHijQ$v
zY_1wN9842a#A@_kKR`c2Y8XFk5RyNeuBmp8@m{n`@3XK0zNEBwfAmb=lErp%-R}~M
zr;173l*d>j(|Cj&=%mDyMetdRmp)(EHAFP2=j71ASv(VW@SJPn0{!I0`-%}IH4Har
zsp^(M-qZ9{8;k<xJ?rz&yhe|yeECQ9Yw#pB&t@t)CiSBunhM-rx=8CuqARm6V{mW3
zfQBjoeNb1Vizup;-oU3pZjxBv1DB7A%0IDkh`lYRqYt8$H>qE_&WZ5wYzv*JG`&RQ
zB?>2YdQBi?l{-76Z^?)+=-1uDecsv>ktJnG_+6Ke_%vqists@0E;;UQ6KGFzP=89&
z=^hk;E@16Bs|WkvU!Nzrz?(6hc~9ad%R8-5`U^}zdgNC8Z|mupTIpMhu0xJ4>%Dx$
z3dede1zzg>Z|}#@J_HS#p^%EZf<kQ3JnN*{IcYlMx{iZk5R9c=U>fBAL`0GqcLynk
z5OXKGZy-6m3001q%t(QI2z2;M`9|o<;uXy9e(uXEN)!~s;{JsqPJ=0WqL$axnJU)b
zeF2-XH_M|#{{`glHury<>Y=WAM^6!oM%r}E%l3S^G5e$LuKTBV!OV1LagpGk=DAbH
zsK)S!%8i<*m=M0>9|*<!`5%~~t5pF&yh?RdF;O!bgryKh;*(eGHz7VAP$E9&RgW$+
z6P+|(r2N8?OWqKXEXCy{z;wkh>h*Z>^UO_3E#)H?-IcoRE)e3-!`A)MgHP#FEf)-M
zd^rd|v_TY*k3x`{FXjHvg!E8aFMK|XZx3dJ@Jq~RT&#re3rTVH?=86i2_euI(w8pg
z#W%7i;bTAAhbT<ww+-P-kBO3_v8oT&AWdtQsFBBKvCHY_pac9){69g;L|s$(wnBT$
zy-(Xy8^Zzeo+Gvtnm83GG6Yc~_V3F6CSgb7mWYZ0VVXF4b=S(73{AUJ-D`J2fN<bN
zTeXJ@VZ0(ZlG^FVJ3aLO#K;j70)naUb1@9@yqm`<w&~9uf`<9NN9Aq5Gf>|oMd~1K
z!ElQoO&=A@CdI(eAetWAIXR{KKjt9O)!*njsxSo}*`9>8vcI5;V1L9-pa3j1Hp^}^
z+W7FUxelgm7(aOTnMLCrKW4q4Xx7d6&|h4F4Xvc_FVHX-^dW&_q)FC^mk23%>=ZAD
zvfCsKK3)nc3(q?YS%D%!8-r_)@qef0&FGA1``Z`APVyMqKOf{)%pZy|0Kkg_pNIns
zf^r{196i&?9Yq*UhWMHc0j2PqjPeuhjDChpW@Z9s7)MSnfiyBSjADRr+KOqCNX#||
zHVbs9^0vP7iOA$#tndH`Sj`Y2<|B1rhlDYX&X37NVQODgWuktOcI&9a41O%R2uKW|
z8C#+?=^~JYrAS#7<=5bAz)EX1E8r3h)4Ew4Agn}_P!4HX`Oo&ZBc87FV4xJAG!KPY
z8^I;JD`{aM2S?q%C?#(s%xFV0I|j0^r5w2B9eUzsLI9LH&scMSd}P{WL4!7Akt}BT
z0tlO8*~FMC&Jx27Jryw~6|vW|^mFF(Rt?V-0RL2PT!TyIGv&9xpci%h;*F;N&{D)$
zs@O=?$6Ji^5YRoDG?%NL?tBT2uESFsUi8)gzAgl`O!yIlmb!}_K<smr(AzgoN~b87
zL(&$<=hCOax|JviQ_h!nic;g67++)&9F8oVN2Nz%SOMHNTxn>0B(|p>Wp5-JL=<zU
zaaZ-lL4*puPnX9OBH{<8o}+AM1&u1vz&s6&7{(P<E7mUrcsek=mrgTS!4sR`xI>4g
zH+DcNQRw~Ak^JMGW~%E4coc4;>7cbAT`MKtX*&&?FPZB4Z20a{t{Ot~fD>Y@z}CUs
z!SK#GJOp301K{p-?;lIS7a$De(qrS2^#vqzQNYG*_m0i9oeyn;@Tf(%atD(zURHl{
zQ(bJHzNJ9E9Je@`qFuiFjN|z!;|#GozDO`7Fovo*HMN`=d=ks5jC;cu+2P|^aI*oi
zW0&AUam%1ZwKGN<{=vrT!&Y2i@qCZP=fjFIv$ckJk3JE9QnX@sCEWxbR^4V2#GPTI
zQurFBImSWazAx1IVKpz6^bDxnM}g6r%F761Bwt5E>iXychZM*M%D@;rgRg?}hw6VJ
zi=;>S85s=%;}3J&`SP_T0s$c5pci@{xj)1SR^jLNl7@EBgp!SF&vfnGoG;iQ*<Urv
zjng(Dw^}|cSikd;&($;;fGX=*pRbJg{_JbEBdVKB5$T(O*S204QNDC>WX7KkxG`+V
zAmtD%CV!b7he+*c3Oti={5AterR&_lFyH5$=sM!g>zekuHPY;M0(@q{apfFeqd|>k
z8ns3c5ax7gCmVna?lpfBc^3TWn;$a(OcqMT2lZH+r-xF#GIl^55}3wygQU&v|1-AN
z!^<5xI5ajwCHh`D{!oCK&1fvJ?M3t{v&MN8*ABi2uGxLHo7qDk^JrPZeK55_KUAQJ
zp@YeZ<|#z2*^L6!JG6vHu2?9%<inel@_BHzM2f*JkJ@$;uO4?jLWG%yl$WY=`V!|I
zV-s*5kO$h1eE{XIlW`Bl%plm2KRA>i?6;h|NNYTmfJY9KM^gXgKf>4h`KNj=s()qr
z?z>knp3A|h0}nU?uYr+H*?JtpUy?p2|H79H7T=Waf#u8GZA2Yr7NE}uf7qxy%?L5^
zuG3bG#BX^5>BfIAm6WNia>j~D?l5_B7qPod+fYn_Z8ooZ>j?D#&h#@|YXl5RiOSe6
zfkbnS&XCIKW>-i?)p-t+aC~?t<g<Kn={`mUmv>+6W^Q9}1ZOKeeP40sEy~D9m`o*a
zU7$yr*@?ah{F`tw_8Ij+M~J`&a4(TnHsRO2D<4=Bn~zVC7lKlQiqKGYFDY|ns+x%A
zUh@Iw&F8xJSm2E&O4rh0q)+?aH)Rf1%HqeI@k_VeZ+)b21~m~oi8PTPYX1e7;;Tk|
zb|px~V-t?NI|u;M{Js8`yV*dJ3M4kVlu?>^54sQ!y^8f*<X~Y}c^U5c$h1$o8o!}u
zn+5EARGf0Yied0_d~H6d-G(omy%(rq7U*Oj=q&5#?~K0zqQasQ0wSUUqT)uPVzT0r
zvLfRA!osq`!dbf42mh}QUOrB4&%*xyJK(6bZpwdo{_hBZZeGp-f%aa$|DQe*qOzjW
z|9cRgCxNB-KFl|Lp87ls46*lj20}tY1l_zn0vzpqodtdTT?!B6S@4YjZ4Ev3235Pb
F{{{LJntK2M

literal 0
HcmV?d00001

diff --git a/internal/server/static/favicon-32x32.png b/internal/server/static/favicon-32x32.png
new file mode 100644
index 0000000000000000000000000000000000000000..090f94ec15dfa52211e8be9bef5b202c93d209ed
GIT binary patch
literal 1711
zcmZ{lc~H~W7RPUZBoL5A&?FE@kb<=ANtEytG{K|<O4vjeMHC2IX-o>C5i}a2RaVPl
z!%~E_0*W+RdF-MrL5NQUDxwD40)iqSpdhHo^1{5C&h*W^xpVG!&iCBUocq@~8Gb$<
zn^49m0Kg_sCOtr<gpJTdsP3fH)OQ<66f=MYK&ll0qB8(2t1Qtg0FoU6m^uOgR0IH;
zSK8w5swyBNzw)4i^^GIFb-6(0Xz`e#NdV}|Hv-nfy~0+RNWLeFft=LApvgEBQQTty
z;QKx4w7?K~ec^Q0{%E7_QwcM|?q&+w!GZ-v=f&q?&Kg(zjB(kznU40-uGdpHh+wXw
z_quB=R+@KkWAJLpgn=UW(rQ}%8-%~hKnRJ_`^tqh=JM%~@Ywt28KuYPeEI0>g=>Pj
zSlQz4>CkD-&x2P5_<e=W>v9c8_#v%%oFXQ7P-=RXEC%`Nrf?TzDr)?U++GtqF{6(P
z8(w;hv-PyEd$)L@a8S$tH#4>~6V2St9GS^X;Zeu9Ffx&i8K=ZKG{F=Y(a-Fge_ffO
zCLGoikNSypkKnD2)6j*mquSv&>_z8KpMWK{_xo!Ci)V|=VaNlYQcrZRK7^#m0@ff{
z*J|Z+<Mt>{dLzdk<^Q?nrA(9DHmfsg=D<GU3bqKeT92K=)|pTyQ!3ewZP~W2%Ua(P
z4tsY&BmHjR{j^mf?K`oKaVEsDY2Wp{ZrFxL4HCV>48cYo?HN_hYB^8bw=kTKG0OfB
zMSs~GnIU}P_Ci=>)RA?bqxKOH)$}994m*~tI`*rXal;iu5=&bd7jcAb)uXIV2vhhF
zO<jPoICnpb^J{!)*Tdy6shG0jn7Bl-wlg=?<LbX^k$(geV%^K}O7&U__M-)hg9}@5
z6~B4%jjm{^1@ZD6_GB4uVqmyWz4Q1zd=zJT+fgG__HYS&WGy8J)19#Qax;&V<u#aR
zi%{B~Ic=`^BA1iYhkJ=kCL^#deZs!Uj5dG&5_yWNvbIP71<$`IiG^WGTDm{At#v7@
zwW?4Cy(7i&nG+4ErYxH2m-ac^59u}%HI&9SVd9XrQi~+-t@GZyJP4idWTEGCa^8$}
zQIJo*>C|6ZODw5&Pot`Joe^sld{oQB23=kH%(K#voq$O=p4lqFU&uTMH#f30VW_@)
z$DDmB-A|n9CW;%}wRuE@ARKfb4teM$v%OI7#iHxmT#JW4vta}cv}d&ipOczK@2xb*
zFD|Oldm9~4UnaR@#G}q>+Z_11vxqO1C@Pf9r~5i!@u-20da>(W>wKU5$eNRnH~09Z
zTz~7B2Yjns;H?$B3QARV@8w*lnzx_rQ*R9#zmuLhG6@<jc%?tqO!ZtD%DE#_tTaA>
zTQ^OiO>XOb5C#kdKPV5>y{J8gowc-yrzK-|YQW}pf3Qv=ksp8Pm^Rc2D{qG(>b_ri
z+TS2b=4gio9rk7C`d89UhinNTVbe-=Xt#HaqZIT1R=}GK7}@u|7kE)5IVs%7+2KIv
zvwLRG`zCR+2!u%PE1O6=i&#^zNW|&mv{<3KoJ9H~J?w4<eK8E?VgSAVMJgoxIk@f8
zisat>RKK407SuS(zL%-UtlGL{d$6~+@*=<)V@Kr+6U{{roJ_F<GQ!+0;_Qusa5}k?
z|AO+0QG9BJ(2mIEQilr4AVUp1#_02UXw$K8J&_39YHW5W@{0oovQt0YH?IN^;x*{)
zg7i00pK8zh=g*W-_RuuD3SLjw1Pkr5HU~C7Yf5;eZ&wgrsw=&wXviM*m{_~ubTtNx
z_~qMjUv#nY$Z9+65mxkaffjZhLe=8OA71R>+FWl`ZyR^Qz|+a@v4Yl6iPr$FfA-ke
zEii{L;ooo@uKyiRTO77@f!AtRtlNv<tKV$*3B8|Pj4rdk8#wtj^c_Va0ehf(yK~*7
zGwX&YbPB>pfa8>(M$}G3`It!XoXPm=fo9X9^d_xk1yk8!+I}g7y-ZEb5T|V$rF!K(
z;R9*qoF*JCY0$(bKlRF$Ne@!X(vihgk-_S>jNkuQK-f-o5I0BmWQ)^R8gi0;TZ7B+
zX8L%z_>yYoTJjkoe0Bss8j4DcRtX?F5_i}+5$%ZNKq3hu?}VJlHja*vqvH>(_1S*_
z94<RPCguMFYx*7=o5T9=4*YmdbP_*;!}}j*2N5Dt{@cXbmoHT@*bQbMH-;~WNQ?#o
ifxtfgXhKp{1TWg2n;84ktgEr=5%6UA(66~45&s8&gVw$P

literal 0
HcmV?d00001

diff --git a/internal/server/static/writekit-icon.ico b/internal/server/static/writekit-icon.ico
new file mode 100644
index 0000000000000000000000000000000000000000..b49b243e32a6832304cb1527ed23b77d9422cfa6
GIT binary patch
literal 4286
zcmc(j+iz4=6voFyOIr|7fka{y!-K?tf)B<ECdNp7@IigjME?LaioSY#(^syRmI7^|
zExq5{xpZhdS9+xo+hTzLooSg`%k;wZ0s*@Gt<yR5%pg#z#zPi!=5Y4@zP<KZ-~I-h
z?GgTL*kIGYZN;l?wskg}Z4<#G+uMXbH!l8d<4f}~|G;LGMO<@pHzgMPT|xtya;Eze
z3Hr8($GujX9m~bzNEg3*jdc1p%h~RaB{Fb8W_VY}{L^c0?v{*CbVyI{PHFLM5~p*8
zIPJ@%(XmY2j#O!Kq`@IgTDbQ(Qp9Udk$`i#ba`Hoi@je-Y`g;=x0Xa>_IgD6`hO5-
z)3Z{`y!Bw%S*rs)7tu(#2`dLL@AwEmTmtq-rK9N?3H5(3H<;^TuCa+O@wV-dD(0#I
zqZZtHqJdaEhg1oWry$&WTi=n`MCYO?j6}WS^t~+Q_Ef24f2+Z)A(qY|6%LQdY42v4
zyz03xhbSEFV3)A&a<D6if1AU-@-V|5ooL@7MPQduLuJH&!9n-p#%y9e%+1}F?sGp%
zp)*~Iz%3>g!=avDXdo6>lUfhD7b!B(|D6b!<~2&6lr}#n`QR4PV^$8O?0q@0uor1k
z4Q8G5ap^(}PSNuY?j6kQV*Z7`NR?)4NPBakFO)-y(HF7tb^~75-rBcQ@^~*F>;l5%
zP~uuCwJjT^vT^O5y{KtiBQ3$#<#H%nZr++AViMv$z_Z52C-3xTbK_IuZ+>1{nC~tQ
z^rq^AVvnO$W!@Jhmo*;cU6Vrr-|PKbWo)urM#q8@ij+v07#$19%uHCW@;P~}$B1bB
zSv2aG$dzJ=M2cmcF_ROgq!q1fB3}s{$dzi;bnLA3g|Z~qwOVq)&Ld0?`SiWx<aU|4
zJ}j4pj>*Nr9Jw@@Cw&)wkwE7MQs;hJLPPly=HDFLxAW}$g`XwNJK=DS4DtLrW82Bg
z3GhsvH1|SvGBS`M?$e*jA^I$bJ+yK-2EP5|TQW5>AWr5uj+T^ApW2&ctfzwfgoX+Y
z4mCWh0i%xR4UB8xKFF9E#<ub4=6kYEs#fcHQR3Sw*>E`wzLi6s&J)MiJQRXq_C+at
zwKoUi_*J}X)hO+Ypym$zR`6Y5C2O^w7oBL*5ps8sydMJJ$|09I>%osPhn=|!_@3Ao
zCVl}Lm7buJnukCf|0MWM@E7`G;mp!=Gt0F~vcS$JtQ>N{tBd0|FqhVY*%xLWE?+4m
z2L;AnSaq@ne19B27<?n%n|GgC9`-X6{7kTuIUHt9wQ>A<=F)nw_NH<$@e}odT!8P3
z;|IXMr$#YHwtKx~fS=6a5co9)euzA5M<3Ge^rq(FIAbrd{>!X?UZWPyiz@KFjG1Qd
z{NQUn+<k818SpUqzHRa=^Br)mOyH2Mdm6{DWiG7;vp3B=%;V=9ePPz5>SP7F=ZWL{
zz@P7n<g=R^^=^>{`fs0O1sqnwVIdD$;8(@*H4j=3R(&X7{TErgYD1CsCEraBdUm(O
z@x9<{JtX@F^-=2O&Y(a0T~Ek<@U0v&!LJ1O8ab?HuEXHZ>%($GtBc(0Wav)^VV6?!
zXzGJ<C<DJKj^6^l)<d#?P%jt4D@M`Z9QtrCIk0j#0Dgt8e>N-)9q&sH9P`lrA~fCI
z^^t@}>ScQNiV=e&b>ivzP^y|YNI7RfIeO}4%rs-0gKvt~L!v&AAN-_xT0H}r`o59f
z@ZLubOb!`*FY>=4<5L%8f{5UYG{({FDdrvcqgoto?}`)85aNDnc2Fi_eWLzJBgU9(
zQ|HBnzEzSBtB<Nf4|;mPHn8;&9LD2jv93Mrzm-EK>nI7nCM`W*N*B7X;p4uVoE~MJ
zT9eurh1@srtgYt@`HgpaI0rg<J{MQuRjFW23um`_xm3f`j>XSk#n&A8&iy32*pofH
zZ{?tQ$N(dg$RZ9B+M7psH~G9c#@q#jYPHrwF`s5lnjF;A_Th;Y(|X15UnTAD$u98r
zCULO#MY2v>Ihbd6vQC;_PWwWAwR-!%yN2=Ix&Cec35QbFt-gBf0X{rT?U)>r_hPAe
zP*1DAdL(*(|83@E7~f*-g;5WQHTiHH)K8`xzB)>7ALg3EyJ$^nU+kvd_QJ*N%?EMF
z1ylW`dRq0>>g|_u>2Jqj_N%GyTSKE%C+D?#MZ%e-{y{yA`Y82s>L=CHjxu(szdx;f
xZ}VF^8tX@^4{~07W}I2sC)RUbsdrdqco_9j>gCi=j`Qwfe}9|*5Ac6|{srORhSmT8

literal 0
HcmV?d00001

diff --git a/internal/server/static/writekit-icon.png b/internal/server/static/writekit-icon.png
new file mode 100644
index 0000000000000000000000000000000000000000..6af7cc69baaa0d5a940364221bf6ac39a5933d9f
GIT binary patch
literal 29942
zcmaHTc|6qn_y5~Yma$|fWGl*=H5n;MNF|hgmn~Z%+lcHTDP&EQN?8lphGY-fNf?HZ
zZDbpancr);-A~<nzrR1EN4@9uKCg4m>zwB~=lPnbOBXfi4{#lTAc$V;{MjoIL<;^&
z3Q<#nUu(X7+u#?C`}yl$5X8_x{2^&}dua>)k@J?uwOjgb_P2bjJnbMKA0G+Fo6cS~
zR_=BZZk`TlODbFt#1CnmJ$=<TeWB(~I(K6Ro^Vw=wcGSzlPuafz*4HVLRyoqDFsqh
z`Zyu<;NJ8QebonrE!UFa(SRr~mlARg>btrv-}#4iNza^Dhy0s(zMn`Y@luo@;ut^F
zbxP2YLCXvYw{OZk({ro*^@aYoU8{au6c01?PW2lcuW_z4Io_m16?L}9$YnL~ZciCL
z^)LsEk`$9je6Rp%+=awaYMV%inyi}6@;TH79i&&GBA^fv#$>^s5DCPwv7`q@#zikd
z4@j?x1_x1oQe>P_`wS^7qIpqo$nN{Nvn;AM%%1n;`F`%1(xDrtJ|~Yod~`xch*>L`
z<2ZCa7x&6~bW|?L(m1+!?mnliBKAa+bgXQjjOF3r)Ov*DCzltoYbO3PGY{+2NW3}J
zWH~nO+Q7-in>j~ZWo!z&n>TNp{TyaXBLNFOxIv<JSnFVZ;bvHat}G<aoz6#9Gz`HR
z>RhCFnw2h4W_X))wo3Bh*>>qpLEgbOqKf17_1^AH-ju#hn$7LH{@CN?De~OH3Fp}~
zXd$p*n>^0escwo^afl|}hJ@@Q)bNT!Q7B7;;s9Z#A7)8q<I65mmReV3>EirOyd<{p
zdSVIZ`NIk4qSzpzhq}cbn-py(%wBXUwDm=dB5WZO@9I~Vy-oCg_%Pv0`-Pxtn58V4
zyjQ1!k<iLEUR#yh=ZjR-)uLw<P}C!hH??C%h6C^FFi#w~>G(*7uBY3mQc4tXFWu^?
zyn@t3Woc<aCL|jN6wN0o{go;m#|@Rk)DGLR5tVB7+SteENGsO5bLa!aCXJ$lScmhe
z@t(L3_81Au4YA<lIxMY5P3=sYWL5FVY0>jSdeLl9Zir!rV7Z}Cw05VwmH8({wopz7
zD~!13z*$T(I{9G&Dc0M4LxsveL|9+1x18~O*fC@1!GQ~JY72yT<k`q7QoOvSgZ16-
z@f6%MHiXy1^T%!L*ce=-tXv{lOJ}xv=KWpe&mR6@_zvQ~WB!=lC+i`pMQ3mf$uUYs
zp8212eQ}W}x85#an8L8v=Q>K+Ip@fNO1x_ted757X0WSFmJ#f{WksRCw8Qu3s0ACy
z{=UAILcLbuqiq_zI<BhzIvE}QhEIYU880vY9bMvE)U!pGU#W|ED50C|Ac>C^<28H_
zH=mxvuut<{W+6KxsH5_c1Ci^srR&PTC7AGz_?7~L+3u12>vhNjbzD$8i9LGqR9(y^
zL2S%VhqqdH(ZWr>fy}R{Y}(=eUrwWiu8aXkd6<6{KV_B}aCF1N9q$3nKvI<E9;|A)
zSQ`8@T$$4q$Q)G{Dm5HBD(-f}oAKP?X$>HoqokpQ5p#i*#01?S$+b9Xi(W4|wR?LX
zQL@Xe+tQXAa*OugTAs@!6B;GHB*~h4a9ey^P@H2X%j&+F-<qaZlj368vEjnQp(x2_
zNr_N04=H?P{T9LdcGy6#8~cM>2f==fkG{hfe4xW|NqLj~3|g<n@9ia~gF{JjfuEyr
z=EX95H|t={^ivz5hX=b!gCF_Oe~T@|Ch}B})E#y<7^942h1Xj=vT!-KeaGsIWNlqt
z5G!5NA;s!7ughuKLJuzyKcf)F<(5UYgv=z#qPXN((=!4UPl^JS#dNeBASC>toI%dq
zALlj;LbIju@+aJj1jpmK^}2J+N7jUPC3F_WkOqVCm(PD~M81I%r+HF7w0NiTq&A{`
z@XcKDumE#wF*w~<o|VwUpZrir%xb8!*pb`97qOv@5>5m6WKWwoh|jsjaevgobG)W_
zI_rf$?StGH@S<1IC%)aOZ1s?}Sx^p!jfG}Glb`f}2e79JP~#h%x9f*2QlcsgSO;A_
zzc5DGY608Ou$xp3P)i=LXjLLO1ZT+pFc3ZN^!?Y11W52X>ne(cF}2k@UAQC@9V+0V
zoJ12z6>q=S$i6g{2-VVH?l|&XH17X<Q)ftU5fOoPoI4(GhH#v_N0_u8fep1?my7>q
z+-<>Aks!SxnVutG6Z5xt*$450{p6iNKVYdoWs)_u4X62|Zk+|<DH&E|-z4S0bEXF}
zsVSBw{{4vrI5r;R1L2x$ZBd<Z{exvEsYMgOTS^MQByL_UzB(BL)zZbC_f{bJ6qSXN
zY?G8f!-9nwJtEu0KB#yc^en~J2rPfy@CJIZ|IPR&1!O_Ocqr=%IiqM$2=WMWh>m^&
zZhBd2LwjkJ;IQ`5IhE&D^wnSxt{hEuzxle|L0C+#rmwhJ&t3v96aCj4ys)rMO(pCp
zjoOEN@66u4=(U%ARd<#ax^j-FtqFImA433DU9O-cBkuX0`&-MJk`pFi#+*a(l`)Av
z-Q|?$pMd9kIErJPcPDD2xpkWGd}L|zlNuq&gZsW2t_=k9=RiAGozz~+%MucaC5A!4
zgN_xehoyq3s4jA?W~*b8|ME!;go|)aYsDJbv=^8-lzKdjAVz!WsrBe0EnU`%Ae2v;
zDS*w#u;4Vd8tr}Q@S30QYVN++dK~u{QQm9M*c$qbLhWw;+N;X1Y9WEJ`xaDn9KK1Y
z!jJoIHDQ2-<<FrleOS}5LGx{Tx0P<(n_}uFeX7<dKh945zEPDbZkhBY$41+E!N1j%
z1EJuiZ+Wmc-{fOOZw0DZfp|>uvL*ba#FQnRvN<H7kP&C_mwFD+;TzT|Q&t`?*$t}B
zKec)oqd^-?dc}4$J`P=52ZL(u7xKvwtot^*PZ~~O^1x{B(pmhtw(-P_LH)c0hzkeQ
zh{@jFWWhqQxf~+zRXnFEgw<Zz-!daEV&pmujrI2NSmX_u>&XpOdl&;u5TEbakdc?l
zLm<P1&GG*I3c3)42prKqwXkd>uDbp@)bgP=@!@FK*W#}tOH4Rs2z-zQ<zPz$IpXMF
zjub+uzzcCK9S_}di%1F-`Tmqer~?=Q_WIdMfiR^4f+1Y#iP>*2K+?mTsnUzna@q?6
zKc03t&jn8Qp)1o(Ck0;x;VtN}RJMUeEPpGA8qcsxxBfYKJFkGY(D^;5de7B&5GGPR
z_I5H?9m4CWd{yG#);f*p8Xo_2w@@?LVuw4eQHUOhk-TqPW;lg=EB0mx^1!~AQPx|$
zBuI*UMnoSctesAyPdEV*hUuFx;g#YX&0Qo{W0yt#_8OuypR8Na8x=3u4eg-RN(C`b
z;^4?tBjz7XFp_{)>&8FSfi#7a1#ur^2w1}O$X!m0P5cRRYlTh%{cQ(#7DB`uBP@))
z-Xd)ONQI&bo4W3rQ95M(F!tyWNfXFb0p23PM0V}QnbG7r5Aoo`?FJ1RfBQQ>Hh+x_
z(hgZ&)~q5Mf6mA58F7OIMXKvN*(|FgyUxv!?p721n?j7{`1DI#n;&L98$bBP;#}=X
zwYGxu=tZNv&wbqF2woW?kg%4e#*6JbI<q~mAjJM`8V_tcZ6g%+Ob|+a?KC=?oeSS$
zaSv!R7ye!79(WKv)y{3l;^mlIcb{fHqX-T^@D}MTvHJWFr33AP0rPJL6x$teR>T}4
zD_AfO>Zk%v%dC+HozR~K2g2su54#Yg1SdH{DX19y`8a4^E_78Uf-Fspi{Sn~l>gz`
zZYD_g(~tSUiI%Ztued_8&)-iz{9}XV=3ckVhr07Pmf~1-@mv;_C+7H5gs#1VzNlr#
zmK$;JF8J_ND9$KI{e3`z(tF%$MCfr53M+I0IF@eOLPyUpBoEcPN%^~oDMmSEOOt`;
z3}#SxFCEMO^#O5Qyi-=I`|W^XQ48-cOb_|H<)AxP?HYIo?>^~b!QF1-$F{G;bP#Q1
zQdmrlfKu$;RrCii5eWA$oZxAuV3o+XRaJ@$+TZ9=e3a+1P=%Vn5#uaez@N{@{bK2{
z@iz(O#S&=yT6^924)rT>K(W^SE)}<(Nb&Gcv`z@};vc$Fszb~o%+Ix9uiffTJtNP}
zKh19p9qGH*G;;BTl?tULST~O@1jz&9eF*Xba-E9=!{=AQ_qjsIZzWX$Kse7Mm6U1;
zhv|LHZ9n=RB1d%m<`DzV_v#T(i;Yvhm)ga`-n<*;XwAMs@>K0H{cVNdC-G#||J*Xu
z0Yc7eOP=^gZxJZ_wAhC{;Gi%!LWaY>&E-mHBsn8LcK*?RhChulnkzRKq`{y0DI1=Z
zq@e1{?p4Ml6!Xj(5{e?~Xi^&&LY74uJ|;zuIQ556LJf$kQJ49|qs^L=&BvXQDJL>-
zkno?L2(P5MzY-yhWvL}cWc=}oM;{SI;h{CN+Cq}cl~bu~RIv|AfM_ACcYb!-B*^fQ
zNx^_*kAIge5r&1ek4-29<SR?o{s^RsO^^YfAZ5Mz@??xO{zx!aFsjh#ciZWzPQZ0^
z(~J9y?VROL-gxxr+%2Z3{00R`*P}K8WYl>1U9mr8I&l{c>5$HFi*p^St~=e3djeP*
z(!KGf>JfL7G9>WN<zvrb_&gtZp}K$4!;X0|s&NS$LsKs?;U`sHL*R7$)Qq_GKfJG-
z9^Y{FKrhyLZhKpthdd!1lrc&#OI9`z_B==u6cshz&yEo{jcv3CxoG?C;0-#003x9t
zqo!fAE6PLukP?K>i0BgoyR=kQWTE~bx&7%!>~)CqB%Lb=yZL!HPevWm;}Fl$9`|Mi
zC}{qR%|E?VB82cD;QqwSG(9Y^@if%|^LJ3utG1?-we;b945vi?;S^|fEX+S)@Ufig
zt(efbgYRZlA^EGrzB@ijLkPNmKW&YT-@qH)+Uh4b$v(Bz(1ebO^<3Hv3_-FWqyKRI
z<vKnH6B~US7TA3Aa&~kabd7O$db#fxQr$n}O(qzJ2Kh*YY^8Mvtn`D{EpkiKFzz3C
zzWVVf3yt3m9_up!gBGZ!=jV}5r3oP{yd*8p+QKUfJ(}FO{d6#cM}H3;O(Pii;ZCJ0
zrLv!|vqoHsEYH#g)4g`7K#Qkm-<*~Hhjvp*?-CwdxxcD+yU=tsxFeia{T*~Z$Gu?@
z6bqyA^)(5oLjB)G(Y;%bI8W0#Y*75zXt&=!cm`mI%dcHtR;A108D}?Y|LJ=N4&u-J
znBn1zd0Xw5(ZR0=5^%#o$LhtL;1!P9h(MQZ1KZzy<DeogLT2)_t$3A@+18s;r$UgS
zLJuhPWi)ainAMcjFoWX1?=>6+Kb(`u{XL9$5=LAbV*scOK96=Sh0wwf3rPsl{ErYu
zPPoPSrm^`-jB;|}uvNKS;VaZK8RN~DX;9H^e(cCve#`GsRRHVIhU!0h6DRj`XjyEr
zY*vnSjWoEw@VGVII+RBH&to8fjZc%7oRh@Mnv@p|-E23%QZE5<)E!RvLV$2NP`yRr
zA1)GtY@~}5wtF)(_<1<oU!9@~qE_e&jQ7HG{_{N2*N<;_2b2WtHc;%yex$g=WNC-y
zRq#Zy|HqnWRgd6tMl+B8U2m4rf)EqvDlsZ3+^2*z{u!yL@k*OVNx}`fr;Svt6oxy*
zUQ(zvR*tY^0~RPCrhlF*a>V68Ycr|X#%_aTq-#0VO@sPlP#f1$I<w_>Z3vv~KQod5
zmUg)}LP|g8S^fY|$q0+WYkmn*Tkb(hvhXc-Mx0#xpNiI=>y`eD*?o1X_Ruv(+F*A?
zqh6hd$Uj__D+F1s>VXoRelsJHMpE!-h8;?18iCWIME))8)<{SFO$igiOqvUOrA}ro
zr6q<cD05m3xPS6L%+RyAH2va^xl6x6q0)^{tUnh>`PZgS8Jv5)Ecfrc9FEG0Sp4o1
zpYT(1p>paW2=9)PdYPn_>+7n5{hKHMB?v*qRRJxlgP4SYzRb+i(~Hxs6l#jqn-M(M
z&iy0hgQYhYYm2JC5qPO$og}+5NME{C@7jnAH9(~wfX;rwcp`uraHht8by09gM^yVy
zKZYq$e=*E7hVBiF%O!KZGJ@DjjI=OD6Z@s~K12|}I+u@*-sk3<GrzNCNOjt{O*RjD
zJuu2^eeS0uIl}CZgh7orzUf2ZP@U=eM$(7z#dDQX==^pfoaFw8jo0AyIN%I_Lnv}Y
zV0juD?FD}_A7$#kE18NEjE>d2P7FC?=B$69IJcT`RN=BWZ2Vy7uqaww5>a=$!q9V<
z^r_S6+unz@b!-sJ8zZKFZFBqPW{R%WEJ~GdbR|Y&82yyxYfFC~H1zfTxsU8vdTKn^
z9{~iM%F(5FX&;%SuSAVk?&6^WbLbwsK|mr2`?W%#iodF}{Y<p?uuIxUC6g;`2Ld`y
zJG@J9)+0H~<z~@hRZac0#hBv1c3|@D5xK)P9t(W2kxTdu0i#1CDc^ieI3rdN{MZ?#
zKf@E)u*vvAHp}$gEE6QxY#W7|WPlGz5%w|s_woSXG5UIo@x?L{LN?)v*;oBF!89x5
zmfLxdI`@wPOCFes*Y8!zzWujvmXm?(1@M^5)^kKLXS&e`Cz4CsSIu1cqmDzbn|%K3
zBR&@~e3xji{g@j1DGvL(pf)!3S|7SAv_w)5kN-1N0<)SxIFhGa-!{F{cw6#KOF@7d
z2xP9CMxUhl4<9fA)!)0y>IuoguM6kLrlR#BB1*CxI$(LlTlBxwNE=RgV0=9|gRurv
zBH|x-Mbd|d#Ik~noS^atS|Hl!rWS@OSS+)yYk_V0%vU~=mmr&wCKih(+-CbPcQiSS
zi??^L6{-FCGlJ*DQypVT$ce9}@PzR}1TCuB&ilWdto#5LMkz<3GmeYv&mZAEk$cuS
zi!_pQa$FcYBls_yiiZ;F8nkEx*RvS7u86qCL-z*9Z;Q}*u>{j0%g+Am=*?G+UYI~!
z6;Z(6S+Pq-&OW_7*YlGa8mSn7+2iTR5sm*+{YgCx6%_g$BU`pr8yp(`T)Q2F4W?~n
zj*Hp^vH#NM3==+-&D(l-;;6;#FBP{OeGc%KENM1-WD$6w`r^WW)=1R&?VCPhKqimg
zHOblQ@14p+`5k+fsG-fRc{Pkt%J29T)FwVvav^ZY(21jUgoj+~v7sh(nEOYPM_hRE
zZ~cW|feARKJ%(=s(G)!!-S5be%;)GuPE4DVJn)OFZGYCU#5y4aSv&Gp97hr?TY52%
zmh}B~=w1V>1(}r3RO#=f{NInt;z%H#RqfQgpzhNZ2OT{QJl$)lFpofw_yYgePuYk4
zd&0kuAY8s(3}xjs#8WtWkn=zIv<d$A!M`>MS_csI3i(c4XdJcCSUhx9{+ma1>(IPn
z3CI5$JO2wEH<JMtI%=Pqr(tA<FYAD^+jf|s#NrX4z#o6cUf=){VQ>hm)8LcW0Zp{c
zlk)fZHVZ=%T)zM5EfV2yh>|kkUBIqQyDQrPgE2P91#Ju`tGbQpZegdvU-?%E9$Ccj
zG0))S4K1=J6x^o7-H2Hfdk$Kq!8`r?VQ~y!fUos+4UDWjH`9x1Q}P!10{ZanGs`3{
z+mY<l|Fyn82L5`~V=1lOs9>RV*s}9yJ_C7hG#<kaG2&RUw<8d@FEi>#w@b-g3xCyU
zm%@Ck;hvhb7+E9rP7D*nK>_9?=bm)MdyaQ=-_Rg!6#P1Oo+ohmtiIM-?!(#hYuTr|
zBjRlNl$m#LXs=~|KvMbpKN}k4Zm1m_imWs(YbXHaYfsjP7nLtL-q&C0qtuobycYiB
z8NV2r#!I?`0y0=P^{3RQ8zN-J>zaja)P^i><<c`emF-4Mc{s@2^%aZiv?X1P3c4l2
zJgc*j^BxJ?+3|BPDyQ1<Ln{sq#%x&Ko-9v8xhV+h;hzW}yDj@*>0*WFa~!oAaj>yQ
z72^%1_)ckoz9CWqQ%HBv#{7=3eR8;T)v^1-&zX2E*qWrD3y{ZFXW&VpPx@L5b5Yg~
z)hx@6%EhO?-gPZzsAiv6JMo0$yAXCh!3wEog^>RKC_)OUa$m_#;IlaG#88i?4sBBQ
zr{wY7Lea+`JAD<rKjrws2V!}PZ&vdyH<jIBuk;)xP~#su<zmyccRJ9il2va;?9obE
zTTH=tOVm6+R(o@X7Ox+z?Q!8HW!}Bllz5ZNv2()H=z(eN=c@4Uk2R$VRYLl6%tr>f
z8<PqQtH*{z29-@Peh#wAiH3M<LF`Psh1u2nVH0BMhhBgD=+1hP!NB^0M^p#TZLyUt
zcWVuDQNy$6RJuq4IO46feW=D3oSKsg?h@oTO_Z!PFy(34cab9IwgH@Vn=X`7LeDip
z?s6-%->ro~S0NzY&-{CY^b+dMSLq>MVxs8uwxcPRuUM6uZAOw|`NzTrl~Y$tcTTJH
z`Y~4dpOYK{DQ4HJO<fV`#LQ-N@gwJi*ykfhONR@p-U$xGvY#}@sGHE5ySOzKWDXsn
zsvo}@t{QZU@`{UL^N;>TZ`zCti=>tf8E{*kaYzl5Je5pOh|&<Qc<HAs@j5eZHQ(v7
ze(th`k=VOD(P)PehRNZwP~XaRD0SPfXPX*tjq440Uh&lFK$1?%z14gX$KAo21H7|~
z_4;phhrW1H>%Bj8&L5fKd;rSWj3*5xsL?n0ShpLEPd*(=cyt_6*BjGsyb@&wi4i+q
zGN`UP_j9()h6A5JHTL&<c)tAFeg0sGPUniB5$&Oq)l~Bg%Z&rGb?TX@<!|6oryHb(
zy6NGM<=!g_Uv-o%bbmC-Q+T_~>ddNu%2)uS+wI%;^|P1pmmh#cZp0sEbCs9kQaN;^
zdKJ!z(IvKD&SPaE2MrN)bZhfOiB_r9@t4a=0U7Vb$6}jPH&GL3sxVHPt3^g@<5@qS
zSV@I@iHlCQwaONkykG-IYsXA*BGmUFLirtx_~RCLoo==YaZn0J)i~H>X!_HYihfwn
zu$Wk@=t4GpAvWnOpUg8ZeF(aY$uhrkx9cLD#7Ix+(EHPFS=t6~VUuRQC=``121PZ*
zG+%PvjAI8I#mW?5-FD3M)HH{V;4E!_fiE3Gv4|Tvv_rzMKD=A01e#QE8(jx}3gJQ0
zm)D^aV_T=(aXX4;9$!kFMXsh=kmJZc*C9Jq$t+aAUp>fqhY)zA%h}6;HV9!UO8lv8
z+BLjezPa+_nRUSH4MkH~JGP4)w}n--swZC^3@Wk_U)sh5rX;EE&;aY8`-|L~4c{2g
zKfUaK>Ol?kk~jc$%=IQ~`MD%<kA`)borEA`0m0I1Nwr1#zAn%nHEPt?Qn}^M9#rge
z(tO!T3yoP)4Z1mf_S=bFUsHKU<>=J_$w>7+i!=t*a#{8Lpx)1uhe4~(<h5fw6<QVx
z+O$-$Cd*+96l%G}OBPBF@RlA5s<)M%>S5a&b>o(FFiF#}cthQ;AA+re^Jd4fjbn?x
zm^!LiIepBes`(NOCHua4vdOU-#Gs+ms#>`}U`x4vKb(GX0UGH|%v&)4BE$hqIfK0t
zF#V&7m;Bmt)MpCF#K*^@<@_S4lyGQ+R(|T1fo+S@3}O0u-ei@Rs&%QP&=aSn<wnFZ
zo;#@4hg<pBxQO9$V89g*8dU`^iJPfGxJZ-Phd&Du0XuTIW&CJPrZCvpNWm~GEU9Bc
zJ6VL6{Q7+CX9_jjT{8u*CPb>h*V8ctSzpq3pP~3@4x%%Jv(zJ1AH2VM?D40<jhYC5
z)o;;(H92k@GN#*0=;p_UsP<Ae)Yn&~vr@<x%3nr86SG`7RDO^%;_S9E?A$T&%|>qu
zd>HMudJ3@Cpy2An4$4&j$kph;iOEcXhKs7|v~LKqNo;j%CF}_;X5gW?M;FbErQcUK
zyV(!%T}Npr2J?<J&BsVK()Zf4;N%ASENKjNd6d<(!648lv%U`Bcsj*S%LKrWokGYR
zH)M3cUp-@6V|>a%qeI7}MqpZ##2!`Y*o=-{EvSqCo)xC0xfGB$uBw`o%L6~<!DOzq
z$!scjM}+RXP-3pJxadWadW$6Z%zaty!9t4#{=SE~yBv%&*dId<j_Mg$yKfWAxzS=K
zL05tdT(FpU+3)DeujrN1QzMtk=gr=k;E&pT*ug%UWX81@i%u-R=y*|>P<cu8<n}h`
zjvG+gd>@2VmiYs4CpZV8vs{Sk2VSf1FJERb{`vjh*Om6la>PgpA~>r%;=M_K!fZ2Q
z>03zF@^HBAz-Cc(VD+b&2KM;t!G#^lB+pf+;m0m8=bj0yN!eXP%Y&#DEnAT=DSE5W
zd{==gqebi}IVwGVdp=8~FUo=qN8dz^moO5#bkAfaBg&|&hNs>6g`IorNVCy^PDB2T
zd9+)HY8YzSbNHmw8BEt1N?H01VX6!cqmM@~l}(81lLW1IJN#7jB?VUNtIL`?-XTFd
zk=+ZArqUxEi4&)%_t)rD4Z5Nsd<ed3t>U|V<@2%Z@yH{`m~g8}_3nXNiSas~U!J^S
zu7xm9UUiXiR9BlO*0;A3TWfl4y5i0+Ci)wbCr)}@)J(|9Un*VZ6ISKJyKb}&VG|xJ
zx`kl61Ric226dWX3kx3cZWxQ5J6uS@QN7Y-4#}m`XPyC_ymgEM$C>7muCFd<GQTnh
z0wB_OcZ_3Wv*}A8d-L5|MP=r|S)H|<Q^OIRXGt?cH#?RU^ds}mjdADn&A>@(JuM&>
z(#A;g=*yf(&H+7XH9k)<HjVyj$@wDrQI7nz@55<5)xD!}lGQuR@;)!BYTT9W#<P+P
zb(`YZ(_^ncN8^%`wfmE1oAG0c8yii<NYS|6K#vofn*b#trYtm{@pbpr`Ak!7Ap0Wa
z+jfJnPe>^FCt>`|N7NNB-HSw0KfZfd=O}~qg(7l*2c%A2i=GpHPQ68TXXtCOllGcT
zQ)0Zm2PmsrEF;i7ve>rA-iVH)IrlQFX{EhDJsr1ePG~1wvfwePG%k|+8pm6F5#X0k
zJH-s|V*TZIup^9m!tuur041QmsW_-TzH9yYc#Ng_9dfU>!zmVr>S<UXr<g7*Sv)&g
z{ES&IvxXEtT1r2DhtMG%^E{zVr3^@ivs_X)HSteB=bzxUxEPDhSYmLA@t&x;#*SxO
z{IqdRp)!$%wtrZYKUGD!3E;M;qN+DzSYkp_^v&<0wZ)~X-jIqWMR;5|5(0ue?e1ma
z5ac0FI!Gi*%3C;ieB@Z?kz%7|snx9X41*&>G^Y+1*27bEP}6ZDE<Y6SDFD=C=p&xG
zJ;|^w<hJycCD8X(4vpk(o<l1Eu0?ctVXxi&Dk$?J@;wYID5q0#@9hm#n=o5XR*U^6
zZ{c=Ly3o^c-%k{LM&I&Szlz(8iU}X}sWba=ehvIPo6C|@19yh&(6{06hTWPkbEPPE
zgd{`x`s7ww5)&T;aD}4q!TML()SVfZLS;X)T>8=8-0=u>$ZdJnx$hGM$t9qB8Kfyi
z_<}@zIuo8-r)81R_i-OBnvMo%US;lj&-<zO?aqqzjzD$)Xh>g5V7r-@LZ3fe7KqF>
zqn8pQ%<=-Y&~o<C)HK=flZWZ(GT2xXVllvZ$cVDn&F2edqRLCJxkL7Q<&Q%AHL<9f
z5eD>dJ;LpFIqeW3y-yJnze>VrNqG@wG@0J!WP0fo(~RN3(`%?*ww^3fFt<pM9&qFM
zt~J_jh_orqUV9q@noitH+isA&<dvs19nBW_XYA0?PU-0=3;L?8ie1&|CHAz0AahC_
z0O!IiA~x%vIImrn<<$>eQnUj&g!ZQ2&YgwmJVIDEi@4ZIOk!7Kh^MGR_~k;FzqKz8
z6Qttp3pc+3PcPpQn3^izU1^v4pcu)^{-(?%<+2SsM4Z?3>~Lb^bHoh;hwW|VMwpAC
zl!}$HpS880f}m`V4$U0b7rt)ltG9<N)=2qVb#-pwG%g0Vbx6t!a^reW`5V9FO4doe
zn=jhcgIE7>L*{NFe$fDjucH#oBz*gP2iuw6`wr<wD7zv01GZS76S0XNU1EqaNDX3B
z42Da&!y*IO&7H~>bIwUXL@U~^`!vy89JeTQ!O><kB|LD3ws)8ZgHdkn%kRDLPo@h#
zl#&qy2q3Zh*5p%+2NG_lbH1u?&f|&67wJ;Jeff($aw`8DUtOSRMrf&EKenl?10x&m
zuV;EsTy%bCgptb6AM+)96x(nYwvuEw3)AZDB8|W#ixUq3db`2y#Rtl|LRWc}bLwnR
z`oy_;|I=eslCZzp3*Hl11^CBt_SHSzA&Aipv7~;ThS=WksL3D3i$NSSFXp`5on9WW
zBUTF$tD_mx7d+#dVapAYn@e^2uDVi65hELU_rWASmn(jOFUbW*Ia>r#6DP4YiX*8e
ziS_!a*@C$BUA0!Da|IYaGg+vp2H4PChdybNML(_)xLuB6&O8NM`1;Q2m!W~Dz%I<N
zTbY~1<qE1U=HK4K?be)W5LF;Lk8~+@(#oIsyku4z5Yh2~sqGGlB}YY+m-wkc2Tb2z
z{h`Qk!VTWp*qob#Co3E_4Fdw&im^YXMJ+S6CEn>jSE&37@~E3{uH$k-{w56`xC+QP
zE}KzX!SjGqGx~9&ZLUg)SXIwp-%;d^CJFES8b!2(6WrI+MDRWYhV<P@LF^}Pz4#9V
zHGv<k17|AM-sctB>XYGb-GJ4PdxRfg!mVRq1MWem@(a7>UXP~7L08uz3`tWSjy|75
z9bMaJM!dX7aDT$1c@dUwqC_*UjK7+0a{b!opxX`A;N?YMS~u_a@pocTdYHk6!oz}j
zs{Kg@S53*E)}I!HJWr8AXj!z<LfMhQU*jV|3k=^PBD;o0+}yE_H7%>iV>xK^$8ed5
z>Do_9)7@=Za)bb<*jca|ysU}5$;#bZ$sFoa@pPsjlW1M|g234B&{E;OH86Z{MU5Fy
zA<2iD<=j+2u_-|n*ll7``PF02S<h-cUvFYMZjF`~^k<e0LJ+mPoX)CE@;7hcs=mds
zLxJ_E$LWF%u^-K3eS2`^1f9cJ2WBeF>_m;?PNOD<Z$u%dy(hkJ_H7bgHDGSksCeo*
zrHhMe+pHjVe#abi)kd;v?cL4WF8KNLj<dF{kOn{b{+`pkc;un&-Y`v$3HSEp_*BJw
z!&}A04{$U-@FXRYY*|9MA}VWPEKWbm{~(gffg3ckYK>^{TN`<WoN|(biZ>1hH&Cc)
zpj}z&hcugOC*$f9=R|>I_2UHu5Q=LtOF&C)elD?JYsk#;YsL=Zog;n0Za4jTGg|R)
z%tMfI%dX%s;n(CGzuRfdwu<tO_BC{q)=80NeM)g-tgyk@0@~n{vzV?%0*GIoBWoPB
zNE_Pi5<Kck5UaNEN~~*|M|V5-vC%xxvq1Z&p$a45fx6*$XmTI6$}y1gWRYUAEfGr`
zDo=s{|Ah&sf!)z%fq&a#>kM3x1}D>{)OE}6*))Hr--PtHs-2n>@P?CyfIcxkLiFG{
z=aLTE8Pg8Zr??e=(NL@IZijEuzB0Re`j6Rgi@$9>EKZNb#~nxGaBsQRQ;!A&j@X-i
z*m49-36s|X*m>+27=ljdStJIUb3oof8aC*&Ra#~2kgA}^bhok(U8WA8U?vhPSG8y|
zAeVenO;51d%FU7WXKNRIs5-~{f(c_ayh%%x3?ax)pe*1RbIwf>aH!6~Gw8|ai4j_e
z!BkFc=vlQw_EH#f0mcfdQbJ3r(Me<X&KJ!qRb+gMH<~{v2K)QCHTNWkOI!pDqV`Kd
z`wJcW$Ol>e6p%MbeoLV?+v@+Cqk*}6Pbdr99dbmTT(>Q$0&@58&7d8PwcIHSehzJ6
zkKLphqTah5QXO|5T?7+}2{*IU&M?;xIeOkGIQDZ`Li3^gcZp8R)M_%fIqO{TLBX3M
zk5G~&fg#Aq)Nx)cByQpQX>2SdwCt^;{~OvFH{<vS*kW;Co&Xb$2JeS8u$`j9haOnl
z+P%KidD5_q4We7H@y3~_UkX9CY|!8jJIni&O;+p1qvr<BFvyh5cj@}O<6o=~1x?8}
zk|P{BziRb<C_3)5)+&IbGJk)EH+Xul9Fwl={e}~@3Cjpl#Ow_pS?Vp$={h6e1$WS#
zR7y`+^@Ke})4BwcE`0sLQV$#|!b0O5egZywy?)@Wc-dF7cG_S@G&^Y#Hiv914G43d
z31?@YvY{ncu<$YcuYhuf9ZLqag@$`%8kDZ<L&ruW39%=>CgNExVAzj_AXPa*BuGxm
z&Nz`lJL0LCMP85i(qU+_{`CW;<>SXU{Cg1UV1pW%LD7Z+YJ883i}pr<vod?xbew9`
zJpxMAc}p46rVXZ<UsmR<`|J_wszsm?#>O11x5%PXI*gsK7!~^}`DruZ1%~fSabs-k
z>YJ<Aj3FUT6D#SVXKPveLa(<z5Cms$<n6Ov^#DFcdIS_K+1PBg5q#`8#Nl4tZ>jxu
zn62KzJk|xo+drP2gCQW)eLJg-%du6EB{zcCmTtzF{!pG=S`aJ9dv|~Yi2|D70F|4B
z9assRV!*;w{c9f=lEs0Et7v7idmM9q{gdZ}du$9igMg<17ynvbJq)Yr3Byqtu-Up?
zmM62EKByL*r}PL_^Uv*Fja(KStOtIJS<xfAUj<1G&#n@Fnd8spM2T%~!Ey>UA{CSD
zVhQ)cx4o#YM?^AH9dh*+&5MQtyqnj3){gRF_;k##ZOz0cxWv7og*t~G<{VnqJyLIx
zOGFxsxZ|LM!S)=jIv=Mx4Z}lF4pQjJ1S$UXnE}P#Ym>*W5zR28PmCG^z<M542Irdt
z2Y3V9K>u9IJyEjtJI0~VVdf;wV~aDG<YWPpe?8el0#+rv&Y8JFt=3;zbq2cVaZv1i
zI7(9TOc@XXo6#bOo}$6}Th-p?5se25P-H97JoKt%>T?BjUZ$2Kxa;!Ecf_eJ-7v7i
zgpq)5a}-MQXag;J>NFPCV!=ZfB$Rj(O&ZMIG|8hb+y{sNb}hilFysM8<%@?xkc+w=
z53=JeG{PMK{{i!S=*|-{84L23J52_mk1rL=0qb&>fUPwYs;9=W)Q=m2CLk;4SU3Tt
z?cm^dbdfapt(miwrPamkk51J1pE9;F!~+y|f>$&I`Iasaz<~o09#V9dH>r|8KHsZ)
z{f_t4St#37y%C7AjycKnOB8a1R*z5m)K>4{ECb<mSWKs}isUG*BReD_D|1Muh$+<u
zjPGDb79tkNfA9hgi0?vy&03l8z*ub*43c_q!T$n$R}Q-Ga2=Y3XA{S#qQ7ZGYdbDc
z1+mSgP>-m~#K&*bv6GaP-n*wv4A&Drhe0|DV(qz=4%)xD%Zjb5d4(Rlxca)fH^-r&
zCJQR1X56<k8NW%~%Qd{nf?EWvPhwW|5X4b^VlRs24$ZOP1v9+$+gbOe%c%#5r}`NV
zbZ(92e2fLFKqTY^fqxt%z9lfJ;J@_ML4sqE!=F4D{qCFk{_-(kp!<B>F?In&Ja3Tl
z19o}`D|mp9B(C<JgDcpRSaLP6L)&`5MITwbA&!GCI@^}(Van0vwMVy3Jr`{v`a1l_
z@CrM0AAQRq`yw!lAGQ&Y2z!>_odZ7gYgJzgJef?XBy=sXCSE!{g%B6Fyf;w!O8^iA
zer<1s4V<V9mF>7-!9!Oc@v6po8CuKss~26{<6iy}A_nEwtcU3;2L{;$1~~$gFh1dh
zWf9aP;ZUr%f8B3swMQ_$1}1~s83Vuv$K$e4S#H24@x**o=ku|pxq*)(;PW8)S&Epw
z8L~l(IC?5f^%Wy{)<P0H^4Mow(;SR#+~b(;E0ok6kx4-n#_TDpM(U#ShE~{byW_<}
zWbI`T^k%<kn5BN8&MO+Yox4#rMUFTLZ~-x;9ssAWF2RbVZlFMpqrvog{l#6P<K)Se
zjBI{Xoa+Tntm-BGb$?sB*>#9ZtHVX2amS#KF|X}C<2-6f09$5nbXj=#3<b^ry7#vd
z0EveWYSSKYeZ%V~wQvwhJFYa8L?nq4txzp>aeFNaRoG>Ee}e_Lx~ONN9}I?(?nx>i
zw<iW6+v{N9v%W`^A!aNS@Qhpn*n8Lk1SFM`U{6x#k-lIlzNb&%i9i1>sz3uDgq0fL
zyAHXhIL7^JHQ|Alo8!F8IqDIFVBbo8D5sEwSb1insqV4du}WW?OEkug07tmEL-elY
zxJ{;dLZs^yX)yiO&WDH6>xpb?;L#@L96+T21UpEa1A&rw6a=ua-dTNUdVZ;Z@{-so
z#n}IQ%V#irIngaPT}Gs#v{06njuDFvu}S!kWk=}|qMpq=k*KU%k-7Oa2095y$5NR{
zG2z{rIvb`4ph!DV#3!!d{ii;J%c5sVgYW7la}$>{dTeF%uZQ3lV_O{{O-a&s#b9g#
zqUL`+<dz-2lA{TMTTe>$L_Vtlr?){QI#&=Um*M=s_qn|dhaFnyGleW)V=alJf!B0Z
zVxK$??->oKIqBpWNQ@?O`oTGQkVq802x#Z#w-x29^8nwn0|&@D*5v~_@GPd>s9_6Q
zjaVX2u_HQFL!sCiqMQ7=J2zywv<^8G>RKxaJ-wm>D6oKR8ot<NYvnnp7`0*o)ITrF
zp0n#$Z_&Gz^g|D19UoKu4*8pF+`?2HQFG#ZvEVO`;4D3{4jk!tFynLBr#c>RmHIjC
zUR`~Bc|lv}^Qjc##g)I9vVc_bKTkb_VZW4ECltC9DEEPa<u}eDaM>p@-G7}dFyWE8
zBIQKqUh0WW{BVzXkFWptSoinmCS^Fzd<u3v>*;8FexLL*H`7SVcZA5V1lOC&(*(K-
z)rooYgPl~-1u{x88hqv7JjY+}B={0zeb=ebH2Y6dy7#=CKAqOZ|3%UK*Fx4Z9I_uN
zZ6Xz2@9o{R*ry8qy~$<(5Mjs)ItFt`$S@w9o&V7)UjnSXC9<b8BLQO0nBZh0<C*s6
z7TCX0!-rdZUGzN;6eZp)xVPYdM_8y+qU|U-E-ao<-@DlI_r%<ziiWto!3IguP!B^V
z=t%Kb>b=W6fC;$IRcT(_AjQ@AUx-H)N`!_!=1_Yf2%0hfBUX=vzyVeS;r+~EY<?%|
zIVam6|D73%be*dh1)l&AO(|%L^ZxTw6kt#X?&JI+gy$YDNlb=AQ8S8!Kjjsmr4jFw
z?DLC>cu^OVoJbtw8zo530!PR8%KgVyJc$?4j1ua@355uE;K0P!2r%GF;8zbgFHz%_
zZz=#^C00CQGDEWws$`b66J4M%1D7~{ImPX7fX>gu1hj2no4c}lR}iYriD#vtUEc%k
z&f_&+nnZ*JCQAFSO6XobSptqP@ha0k|EilCF9tnZ2CCPH0p1JB{Cot88Zh|46{&E4
z)biP-48R_%1sh^NPCTm7_g8SA9T@+R0uW(BkT>?FxVFj-UD=}cUfR1}B)ZwjOC%79
zU}FG&iUWwLze_fg%Yo#nre;6b#dPbQgg#ZYFnq~O+MWOn12flqP@L?L->s{zz_6L$
zPWq4&PhI=U$+roks`VD}bX8dn=Q)oplB&hWy#^a;PxPOOL%A6dZAQ#PqQrSNHy(9g
zm>$w%t?%4(>Yr0%9|ZRzblhK9!OwOm0$x|AcqNDJ|MxNnKuVBtlzM7pU*rY$uO5ax
z5M1E{3`DF?_F^v)Bzp!E>IfSgJhR=;bDY3!f<IqJEDu^*nDAsUe>zG*3BjQcdraCt
z_XZSvh?5lHfb>RshMP7dmlQ)q0j-os)CZj0L63qxxC78%Jl$ywpL-)c<ys`&|1_O3
zgL2DAVfbCBvj8Q0v2njSO|3RTm-&Xytzo=i?Flfb8PQsMhypA&fuVAU<W4Vs8EHAQ
zSDXaqc6|d-CK}jdAOHB-MuI|Gs?#Q%<kl3|er-?~|G$+C?1n(*i>FfpVin7W%4S;q
z5*}{4{Ta9bKpES%`_J3~NxQS#D!B9nZSY4<mFt|~c2ti8P$#i7v{%dd*|q?vClz{|
zi^GfjsXL{fA!R+HV()FlwpMG=UR&|!1WXFt#--%*_`jcV0?NFf-GGrE$kZ0}bpF;a
zx>*N@^Bu9?V=C^wP!L>RT}{Ylz>_T&T@-A+(h+vTw*(yT4}VoM51p!u5Rpvva6V2a
zfc9S`ILTDZxwSoKQj%Lry%d5VUfdui(_Aje1wL!gf6)y0!;+~nMKf@(OonzqI(e~?
zg&u<-ntQeG!xG_sUn>HmU<g80<|i2fdUaz4Zx||BBTVzO!%8s3`I}reIl&Z2khEJi
zQMeqyg0r)olGuBi5)qse25#lbQ1Tt}?u-1w<pattI6Ko`$+aiw%LnXDtu=uUNfBV*
zG*CDjbiIJgeHqmXnDH|Ju@kfBm00!-7%KokAIkMgQ1CDEC+Pq{P{f`Vjg5S@FDX;~
zcnJU@ubKpRB5tw%P@L-)eS+cZJ8kJsQdhU3>>||sk5{XdAkG_Q$0Z&LyaFMDS5DO>
z2tqmR&=T*SeN911S`fu*zg}s<3z&r|U-VnkqQQ~4$JNw*VS+Nb%AnsxL?&U%i53nL
z73=fp$<cd_g1^k64L-=HOo|$-PXu=qx&Uc-U+19V+hgz&ovWGE_c7}(_xEmnsP<Xk
zAq5z4c3_*oAVt5gE#b>Wb57Ay+qqnL=!=_B{2`LrO3dn8p2&Raq#1DA(iPi|za+4a
zKz@7t5e!Q<JIQX=N5fMCgE%mELoBt36jQ?QTguL;mH}Hj3b=7p-VD1)>CeSyyo>fO
zocxyvk0e2<ul#X42h`5Tk3nl3|I<-21A-MIR#!#>h4+Cn+eC3xa^56$!`%&}%%K$9
zdyyZ+>EmZAiKv8#^}*Ip1j8ZKjf26G^B^GZDaZ(fl6Q1-`?cKON<CzF$TGKzvMzbz
zVDO>+xMED~0QKw_s{6`;;YgYiZS+WP-TaE=raL7Q>b1F-C_wNw4!=b#BZ(on7Wmi>
zhKh0V`iEPDFQGYu&^OPRR>d+cy3X!B__McgG&l?8zX}bChN*b;FD?KH0vc+Ixb2J`
zgsePk4XoW6_E@|9hyU)k?IGwe4>1lbS>3<{?A$Sk!^TAJ$IC|`#X2$Jp4;6J)t&iR
zR{cekb<y7{{lEdd<uDs$DQIz!bK&#<MA+|cNv>&y0aO@90SbZZWfW=;hp#~u&Y;Zv
zU{8!l#^K&Qw<KKJc>_yoVrY_2HXY>)$^a+*{>o?C;H7J}dGGlsJonCT2Ql!xqg%|K
zGaX7g2{1f3>k24X(T(L7!c`G)S!<HI!8cmcDA(d&;P;OP7BzmW1w)4;LFoq3exB&!
za&&Qvr2Pxq{(Ip(6pT_ne9;EXOJe1e{&;TW;i>Vz+K8aowe_V11(_1UYb_r<OsQRy
z>A#0@4Z;C1004n?k$n=B0>s?j;16Oi*>|iaq@1|xMs{8iw*UIydtCcz+?NFpZKES&
zx01$(^dWKN5EaU;Gla-Yc`Y*)NyKXTH;|0unqmOu9zAs%WR1))xMG80t*71i>`e19
zh;qGT1hg`<oPS9n_6Zb3dk}zlY2@>i<a2-3UDDvvWQ}{#Zw0XJ?SBbD>~0ZreSQl@
z9!F(yp?&QgEp&5;Slt1XW7h%}0j;QP(2d)d^dKMur-YAhGX>AS2s9zN^_@%X#a=52
zASdOU<p)@QZ9Yc|)y1j2t#I5=a@2V)e$Quv2R&(6^#K>N!3}UMiLJO>-yBA}^Kc+f
z9&lLt#(;n<c_d?N$xshu%*d%BM;PZd`VJytJYpQ2K;rsy6<w7%dPF-MWWZ59UU?Ms
zodQBjPI083*=xSs-Zw&zN7il4ETRh>QN)tbb%8z*n)K<*!A+ImT=b=8&@(!PyEv6V
zEP@`z?Y!Cdu5%<G`OdGEU|;A++M7ZrEWB+L6vIbP63Yx?$HHxR`B#@~ADV^SgF_o!
z7G=kh=K5U*A?W_8`D1-rdtwkfSD;<Q398S(o(&^Nh36S<P(awytxVAEyzr~L_07L!
z{(qa20&%)CLlWW`@>1I_gxzO92JQtL&FweM+{DlDfvE`Z#Bx}U3TRt#<Do0UHBs!P
zN~IEza`JdzQ}A(y5HC=R8*Ce#?*+RXY5TG#J8=g&s0kPtaS(=j;#`(IE&}%KkR@DE
z0i>wse|5uz=1yMx35E+qz43#n$&);a2DK~)8xgh>uf!#R-ovjR7$eBzr@<Yg#F<)%
z_zey9zVUBSZ~mj7Ma-q(uKdAyjT7yo0aPdOM}waaZhCggeA5E14Xz{ZCBI+YuT3zb
z0T7ge6d~1_`CZ&-Bi88D5~*cT@rej#5QJ@C&L&20EcSDJRs)=h2XM<8(6S=RU4jGU
z5_vQu&HZnHA$b_o93QrIX=ex|b#9HH=xgIVzBvgi))2!uz+sN?8(695737Jb!YORW
z8mA`tUr=aYW<7FFkx^}k4-iN1x$_5mX7M$K!-Q2Wnl>J$3#RHo(6d)U%FHzHM7O&$
zXEjGq2-xQOgqj6xWBpTco@m?)ym^YssQF8@DZuO7WcRHuNJTo<GwVnmJ?$zLsio2Q
zl8*cmCpEtecDzjuI^Cd_VD<DwJDv(EzIuSB_pFgjRKZl8>d+INXR=SuY9rtq>l>4n
zZhQ=D>(&VHYkfU?TxV0)8Fcp%0`&;B>iP@fNo>$)`%OR5K1_@mWDi`w)g6Y*qtKQH
zq|#wK))al?yWp2%!8@K_?Y4UxEpV(6Cv=unBZZ9zDN?V?1IUa^nTlnaRhXOaXqPpr
zisinBCE-2dpVAY-sHBLEu~ejz-E@kPD#q>NbtU`c$JSRaOVf#LoVxsdl|*$sMUd<X
zASU|z`4!6^YVa@S7>jQ#7G!I#>OR7-etnd1wWTKOZWt9}VZqE}$y@yRbz|_2HdKdf
zEG>$D@G%l=*j}!kMLr|ryS?g<0nsr^U!5ua%H^on&#YUAJ6SC$?UNo^*=uno>Ad7z
zF?L4qjm<56blxXc3@VR!JoQ;yFH-(!(P$B`yi`ip{OFOjl_DUoN?n9$x;q`YcK|sZ
zuQdHrI{f-`;S>YokeJu`n$-h+gAvEgMtw`GxJ@c6i$0Xn`umlb#vj*R+NC?Dh7AoR
zG&(sajdN0BIH+8X5$E~9Wv(TYpa>UFvB!wzOBc6%%o>%rY;ak+v+#BOmVqWaC2=5c
z>~PZD$*sPr%)WZG-*L6jGX(jPi_ZoyJw869F}Nm^&E;^f;iZ_E=Y!{YBCPB-*L9_n
z`gzPa7M2$qzjsQ6)wnM^SPFm=f<xg@>DOn|6l%$wh{}&g<|!{(Wz%w60PgwP$+yL#
zq0*+Rj;U)ryeH(Yg|vqVSGe?Ch19eWe3_1}O-*GDLqlKho2}f3S5t%_mgKzJ+dZrd
z<bb42cOJ7amifLM6@N`nd71m_`xbBT!t9THYDR7+9!{9}+t}?MtZS3p2;)L*kt-Io
zECHhOgpcu=k{rOVF_p99DoB+ng8U>0Vv+K^bv6;O$@iTbR_q+ixQsq5M}yL1mLjLg
zvu`pLX__A=Dcwl4wIFKL5`YT7TKm&TgVLHr8<9gKpyf&IXn}>>47}RJFz;<<CY_r*
z8?$T8RlKqM_^-DZxlLe#Pc}v<=dKQ6U{c{RubtidAHBL}t{+N6vdlB!6Y*__^BM|6
zRfl(Kc6BB}(Q+X!u0Mg3J^0S61+vTXyKo`n#F)?u$L(X^P6V<s0MZn`&K&SL%&UhV
zFK#N`x`#9yUS=U{7*4nlVC{6gAXTMNf9B_?@MaJtGwwRVqwQS)p0DTwbi=|gP*bC!
zFw+Xf9)F<o+L^sR`I(1rqcj?^IO)=rEgO5ZTek#pX<QKD5YNIq?{_g3tR8I=YTHp3
z)B5T?@H??rdP2^g%MSeYS$9del?^3tmh0OQcBH@I1Ub0(wNY-KGw9PwtGC*I29Qly
zFmKT_=<XMx6>eQrz6Ebt)vSo5P<Eq1)N)?er=O`&7#h5UYHJkG!+8uJuHo)Pygcoq
zB;*@Rcp^M}3JL&sxo`u{6%7Mgli(N?q?pEtiws(uyyM<n91a`j9SU8t^-RCO>)?)4
zHDG0(XmXTwZ&>3@xvq{_tTOQn09uI0Cf+@Ze7i~rZX74&D3}dHjFY1%z}0zhVP11a
zLo@hb+4sjrs5lByn`R1eOwN|5l~Yrp-<+b)@Xm?S+=K8`1S#GdABNpXzeA1~)Q;~`
z3n56sn|sZYkGU2P2Z!oI5XZGsR7tu1v3o^#IBJ>U@eU6A?K2v)+3PS7AF+W(df#l`
zDV{~;D|ecGSIxM_^wG$kH%3n1X(F!ycPQad)?ISK<)EfRCBq=DXhKlki4`bVy7?%P
zH%`1Ax1^t7g-U(ZTYP6Ftb*`JR=QB-(Xzzz%iFtik1lZ_OnuqRm3?Rmo+!tnmO1BE
zh{{AS!^i{5x(H+p>=5xgcPOze4OxPF7wiSFRVJ!U?(2_?tNoTJu#2x8Ca<~PyeI38
zNYyutBPeZMRYBg6Htf^MJ=Lk-gO+`Of)8{B-!@~<>~|^^fEe^h=<abL(I{~!1Zli?
z<;BNVDqLJtuThvq6rH@|jULDt>3*~_IBDCp*|HIT^k^fpD>GD2=k0Ux?Ndijsglv)
zIdSQPG5a%`Q?t|%^hj#F0kYoz5(9FC+v^r7Kp?fBSQKVQkK1=?w5E*b8Bq~Dk$mGB
zvV4VE<p&1`E(&7(uk0CEcI*0^W_JHRdmGIuUlR8l!w%Lw=UEnB)VDjF!=v0h<9x-Y
z`Ll9k+5%K@I}3M)JjcQ+%DlHxrB0|W$kgN{y<3J4Nv+?4#}RoR#Qg^+F8RpxI^5ke
ziAxY(3gDs<$p>}@7ne=RzPo9vqRZ;rjn3f-KgUPreX|4{bH7^B1O@fX`7V6+k}mxA
z5q4X7pbme_JD0iZnDPCrtXpCrNNRr;eAP3SId-D!2hliPOEZ)NSHlLyHb;^#{jA0?
z%ketFO?vYnnV(?(JJdI}@RV=+<)BWsV0V1nS!68V@Jd0Fp#l22S6B1qcL}vG9D&CC
zJ_gv`3a@%C-^m59A}JoGvD%S7=hWHrLSGWjKkYgJC{O9{UfHa<>Cf)@!yvM-aJ5cf
zo}2ecofi&s%njQQ;~Y}pIqM9*(<hq>M`G#NFQnqvM8U8vXvkAnOJr+)Dn=^A0VeIx
z;7DjgV9kxW<ueYRs551<Pt+U?hhQ!~EqrQqQUDBCf(t8;LkS|}(NZ<J2YW+=U(zR8
zpVK-j!b)}OPS~dcU(?yZ^~Cg?SA}{L%U|;KA9{hD-B>$jzOcC1h_6R<?Cuf;Pdfip
zFyXAp;k(ylqCP3^SR`2SFKh}jV+0of9~6@#Mr5CYq)!LPpd9)!p^7iwk?WsO3h~^a
zl|(Pz%-c)_?TU`BEgyfw%pHP@yo!1pl0r&IaC%30^NB^o+v9zfm`4t?pnKx`;yq2;
z$&n%{m3r^ObZ}=w>QG~v8Lw|u71?rg6-fP!oxYnd=b2JM`NS0~N6lKvp{MWRy{tbq
zcN@d+Dgj7hVt$um8eDgQP27uSj5~hZXZ@qvTKo?zr`IW*Zs&^mv2dTts^a5p4P`eD
zjy$`(5ZT-f|1Rk}v%DD8d)5m9Pu*$W(ee&IfaC*7W)fR+<?~VTMlDuWfFABX5f+wT
z&B)LG@EGN0V!RgRRkQ<0aPmh71tI8CH)ft4O1F{jv7e`q&5m<Qw^-}~L^o!=j6kMn
zA=6L&U&kYKdEfdL*Kij4yhpz+h!b@09LO^T{dc~fRPN_0m>tfFSXzN!=R_>66AmHX
zCcK$bbCZ<6{m#bAf!%z0;nV-C>$(G>4*&n>oW0K8B3TjQGD_TKr_2bMp@bxrka0&w
zMoFTKA}JzUk>czb4XdoXBN64!KAgMXN9*g`&-b6_pZh$|`~5uc^?JXbal(#{H`pny
zIxCL*sDvLN$jghCyJ(=1pr69IFHVnx{R_EjNI?I@-hJ2bXTB$_CJg75fv4OC->I!U
zx4pZ#+hI2g`u+Nb?|1?=F-jvtf&XLVP)P?JMR&cg&yCod+|#qBGzMN_GOJR<KTFjO
zEPG5h{CHH&u9$%g?|-WVJMC%BmU^-u_lBt-Jm<?kB++3B!pMg{-c9hLqQIv`yo5Ga
zBXw*|6XF3FOjtU*N~_Dc_)nVEuUT`OYk!^1TDkj0Br9Y>;c!@Wi$#_@xOJ>X&fIi-
z*Qt*w6Wp(6(M;nq-WuE$yl%V-ZNG%Eyh(3n7d=K4``DlCfg9s~r}L~EmQq!tSz5Oy
zu2w11Tqs)9)bmbrI=Pi7rhss>6)0|=i9K=gTkbQBy5}QDhI1X3F9fLX^3_f-%t!};
z*kuQFH7DhpmAimOo=QY~VPR?cQ=!GqAETn>@T6vJ?J~PihJDoXUK>OMwk8XHWl1W|
zdrgXELQS{zX`C$pfCs)x2#~fZmF7?9i%O;YF5EOC!8}hMJy@r{%HwdTjL#rdxaQ60
z{#yvqp?HMqk0yrsb3!py_$<@QUGf(@nx9p>E?8v><;Z_IGt+;I{qU7(@m)S%jWJqU
zf(~O*s6*XKN=+%rGWgDp<o$>)SMi2}GcYy0{cr%z#W|}_`!o0e(vLO4HplstsgRbl
zM$s?z6o7$EF9_=jd+Yg|PS^9Kn;eN^#c5J!Z0+E@c~LShUVcm(XlSh#cnp+HI34C{
zWA<``foB&vX5%1z*ud)0v)=jGXT8b_`E#y{O5TQtqZwc#%}@q*7sHS@8#X+AWW$ZA
z)Rfb9CcLI>)-INQoX6R>;H38h$3XH$@OFLw%H9k{%F2ejN|-Bl;WGAx<9$WPKJe*D
zIiWceJ1#y()wfFX4p^`sVWEzIIaAY_{n3lkRuj>laKE+OXO@bUOXb&0xKW1#IWQxy
z`IY=D?Vrn?2hY-M?Y1z8Pmg1EGu2k!g_H04fkn+qk;B~}>iBu9w8ljFU>m%s8}t~0
z-0^Yq-#|13>-9Ko5c{cQI><zGTzLfJD>jF%f)!1KrCg}q%I&sl4h&ub9teN)`>*tq
z41rHIuj9LJ#?=CaWp<wG9Z$Ea_}Fsn1o7RMRe1C<X;ZLHtSRgfDev<&$o}1n7mqFs
znjTQA`h?YDq@@2E&RZk>+GD(6NH>k9{KWU7IEO7YY4WXu5`8~UM|9J|O!Dc#O55lK
zP4FD#Ww}CPznh1fez&`!)(Ut#>%;qx31UA+V()1V?e+qT=39Aj*F3D`G<MEzKIsL!
zQ2R*vG#%2eiE65Rdz}NB6cw0J6zro@0iH1-T%Dq!;t#3vw1PoA#+qAZ_<Kz7nM=12
zs-lgnV<<5~OXgUVVkp~ItsC4*p>V2(YWJd!U+GT+uPfhq<^O>N02o!rsP;Yc-~4iX
zUe3H?>XzHu98zGWH2I&+<?>E+MlTi?fVUbPuhqPuqn3qgj(wjIS=slq@U!(?2g-`g
z12bc{mLx2C;EuJWqKT<rh2rb$(g#4L0Pp9rg3!EB^oQ;8Onf!@#l6xqv?8^SOn&^R
z#y#Qp>nH>-^`?M3U0YIV8z5D$xiQ>K$dZ^~1okhbAouOsU^Y3Y_H*g%z+=8{`=f=Q
zb~h`uz0<W$ih_Fzd82%lC~g~SePV}ipC$j=SKDemy&ulll}+m~u-%joayI>XxZ46q
ze}5h<9K0Saz`<BE_fT8LV15gi&BpVBubx?Bau4lKHpXMF&eeN@yQd6H6z1Q%rr*3Z
zJOU1#Yrm7L0OTkUC~$O<Vb&w2Ztx+9y5UV~RlpqHFJ<b5Ga*62Uj6*>&`asjYIm0+
zxzdk`?(5Kqy#(0balFVV5yZMXoTEKT`u&omq?x_f&{IFy7agusvOecBd!KUhL!Z_G
zH;=Nu+}*0!_mwN-SUuh~LdrWgE$P697RpxbPOahk$^d0$wfpTU)MvPNs5e3D@n-M~
z)q4l<h?BKVO{DSSHoqZVn2Wu$Z^Dbw>AVuEkOGXtI!GS(WKGy8n9`L1kFoSli-T>K
zJFOXy*o9h|R@bvPUs7lRk@ZyM$XkXhuACIgT$MaY?AdchMbvC8siLY@YvG>SlP6>N
z(;>^xWah8)JKx8F-t#Ki^9l#pa=Y`yhRiyDKA8bUpMULnt=AjA3TSBS$eAX4ge|h-
z352i>8fqDZTUcnm_QY7!YWG1!gFLO#wa%{UOM|9wE|Ds}HtCUu=kq=s0b8^CL1pg|
zv(1tS(v*?iCi>EYfN!O727$}2{fO)dJ<`T&tTvdsuCTIaFXCf}DKY_%1Zb6OlC3Ye
z(`JQ{mG@yOvUoysmH`9aw+-QEKsPuPiEs%50Q9=fHv@nk`_*C-Hf{TJnk7VpB;Cc$
z%favKCOrb>_*YWiew)URIaO*^G8L}WX~ZUjXNk-nUkBT)1B=)E4Cb?3_X!;xU_gg@
zIF7)k1EjC^H$$)4Mq)4<KQzg0Gi6YQi$h<t#>G%;4hcT7B}iWR)$gro_UaR94Gl*}
zA~B*UAyKf!95I+z@bRtE9?e@2ebQUe;tR+ws(cj+LK=eSb6;aqXsNoL_l&Du2Pdkh
zF)!~0wS<<>hzT|<h$fDwJ0JETuIM#lZy|27gDq+yL3aHtUwkt8V`hS-AmD_U_^5p&
zWOX{&YXYJr*@(q%7VD7`m#L&DwIp1s$tSo5hq8CED8u^ub)59bW~aQtFppy-M(j6Z
z5W2cDlwGhKVZ-DMxN4sMPiFVe$sunZ&VDRG-W(+u$540w_)cisQ1fj>z44-%KDUk^
z<M&%n?G98#e3qil54$TiViUJm!-_vf1EKJEeR;7B;irA{=*=Hl({vY`8mRs4&_i-R
zS>q##Sz?L%waYiBswuBLB#L<z=`Jq!n&Hda#B>{`9T~PQ+S#S-f_C-Z^&etJeqenk
zE!r2jByR8#jtPn;t_ENV*(fnQ`Q!3tbB+90wY8rlaw^h7wCmh7i$l-8yIZx_IGPyn
zQ^$ne$29UcJouQgw=6j9pRofBrWoQN$C^Q<6`l6)X?jIbZAZzCizMR97(W+x$?^62
zx<|XOXuaXBswG?I3?H!j&uCXhFjU`k%qDa%48(uV>Jx{6XjJa=dWI`jTdLv6LPX?l
zI1R_F`i@0D*xYPQiwO>%uZ!8$Jm7Rak#M8TWKty(6aQ<);FRpTQvysnPO`o>ClSom
zndt*1H9F|qzAPez%pt$^;{`3XEbW^_^)w0F>VcY~B|Evf<zMyy&+($>?8vhvD-!#)
zm9~uYmx<D+?RiKnNb6#8RKUht9FRIF2;}DF70=&qOs2^+Z{_sY@A_@2gL34=zTu2?
z;zPHycy*7rkvj8*I*{S@^-_<Iu;sD}lfQgk?&EfPDDOf&I`sMA2M<sCq+|#H-1<zs
z9&au6<uSWF5hBXFW&7Ne;!V6@BUXRQ9(`{g1o!FsX4EMrxqZ&ii$<HF%TyX%*?iSW
z+;4@DCOd94!T*xsra?u0m;K^IMk#l4B~?I>uU{WSJI%K$@RHEC;<lvDgc_s}K{u1L
zWv1%wk(946#t3=#^7l70*#O`@hSZn^*g7V`rt=w5sMQQ&zz^6v4vOL-M)2g@_2Ysh
zUE)ND$1qfxnLD``oI-hTxic*Xz6G}Hx5E22VqYK*>ylpobewD|lQ<X;5OUDqbj~Gh
zVCi8USujc<Y(0tLe-H>FLF2p^MT_3G$eLL7FaSWl5+7BlUQ+Df*M^;^4Cf?=*G5G*
zb_zU+?TUxEVD0!<<7cw&1q2dzp7L>46!MFlk1t5V)WL~$YtqYU1QufZht>btg&yVN
z{pfMa=V8jNyXsK1Q>Z`Cz$*~Is1^8I#Ue4@sKEcIxO5CAu06{up`t_~2o9D%!u9zN
z(`HZMsE7Y&2ZZ=~Q^T!P6XnjLjzVx{4UE&2j!23r=#zvum{7+AQHjY~+esY9!M?cD
zI>%aEupVOr)`}<J#dk6<(&Bx;%a9e$khM%#$lDZ2`8tAjed_wL;g!};K;gm#&{a_c
zed|ooKFOL)C^rP&ckcwjuY78ouoHHZA&2k0t0g@U5O#5NVh4uCw7HN7CYS0r@kI3%
zZc3^OWtU9wc5S-fgp!2TzMY)fG?P>Uh1af7hr{rY&XQ^)F=biAs=M>68lM+qJQz{@
zzuaf52n9Vp3w_`->~>yHZs97(Ryfoj#pJR|vi~1!9p@oI&G?0wQQU5OERzSJ=&J!!
zkJk5!Xn+47G^B;dyzL<d!^14fYLco!S|HFwwb2RllC<$+4Q3?!PEv5@_qFXt#6|%w
zy478#pjtoOwwl}oeW(BD8br8JbCo#<W#EuRJaP4Bl=~Iy)Z6u<F?9zjY>9JP)YAnw
zAh>0C%?8JG%2%dF>?uQcPD<F%$p6Q=Ok>t`X|skg&ui6NTXT!!1OOl#;}!%%_iu^9
zTQmubX+Qn$uLv*f?pp8ssEYk+<tV3{TV}p1_%b~sM+jfN_awN6FK)GiVdkf;{emiN
zD#|z*uHUmMt;_9v0^GU}*k4MDxJO$pNp{+ioj{@uonps>{srR%wo6arz-Q}m_2ZKP
zI)1%dBG`eQ@dh!8Yr2mrmgfY7zgY3AgX?)gGC&F~1EVAos|Gmjeh0@tv0GXi)T1P^
zXB(DFKm1DKM1U*bo?M4SEJ6fT7Q`s`7|hBg$&r{R37EEyhub~JJl^@OSE<9j9^r&K
zlR4`oC;+hTtHW7vI%uUO?%>LrV-R}t{SJc>qDkr<+}7Vgv2A8#Q8Z;c!-lwa@U3Yy
zWXMPcDtFob!^<|MSTFa2z$ekFT9}jv+6w~cgKoYuVEq2qot?N&4eL0IRjr=x<InL)
zb}pEf2Y~(6mBEB*etJ>9oyZ80ci(yS{39M_)v(2qXqT@|y8?hGgpH?xs>S2H^&bI?
z|2qCO2{PoBXQ^A5S@Z3C1#zH15IXBlwGDS<piVU;?_=7@VBcDy7Gn-OwGU8_=H6~A
zNQdD1SLPg^-d*Dm5B+fGq4xYvZsaK=Dr$*74JYEb)Dv!WB+*(GTxXH#_4eL^YL3>o
z^GmTinFxHji&7xL&(Bx&<CehEDQi{G$06Gc2@$y2WKFHm@tvH*aqwI<(Wd3r8t<Y4
z>S;j@I462F#Igr4kP;BM-n^67ItoyjN9@}-7t(Ju#F@9C*pUajPhsJCkssedGWSz<
znPri7(wvTZ>RQdm%GF)AhkPSS9+fy)Px1o5wEf8DA(e)M9AB{2{k<~UJGi{#Dnum^
z1345C843bHUo?`|6@c{n+&~TbAN<i%I9fbnQY+8L3lz&*FN5-Z)gtC7C82I$#znCJ
z)%w4p0#^hg8`~Z5A_U=DJ#MuOF7y}Uwh&1DNziSJwV07!uWWOT(%`;QyKc*fvU7q!
zu~C0Bkp19+{#}(W;4tD<1~GA5=D#C<a-T0H&La=@?ch-8f_XEYoTc@KB6`0nc9noB
zkvhzX`*e|E2O?!%l<8ja*QM28YN?`r;c?a`4iJr83S4_3k~R$nk=+%lv_r3hBv`z=
zw!<+ZgV*`3NYXRMkbQ}>Rm-1|DjW6>0O)9Nrn_{sZlZ5vkD~c}!7EVgmqe#FGXRu7
z5fzEzLEs5PVh?wd9e+AW`m`@N7+rBsKo9juGhKm>>aq~Jj0-6=NG0(B{07GQKD&2_
zZbvyNIixBbo31sXiQ|rJ1s$MKW~1531_UXzfYZuu@{i|YGXKW6;}JxLFX0hy!Yqm!
z#q#m;K+J)ux`%eUQlqrEy9*#F?^*Zze-TcS8TDO`zKO-Zqj8gy|CwAr8I<|*Y}nGk
zbN81(VDE=jF3Qz`#N>YiowOYZv+tBwcYs2m_PB&~Uiv0?z3rr?_IhUAKFE7@%C7%G
zj)gjggg=O+9`OSN`s;J%e8P?MXkJ~f0@3QuRA9yiJwh{w{0*D+3r>mvt>;P~2Unac
zWxcIaDTx<*(IocEE&p}ScBCn(`j6!CHAH;1k##(@p0m?GWGO6PQFl6zE;^Q&ID}99
zl{x)tvEs@5$T5#DIfWhVGLulWTpkBFava)%X7$e;L?^{Qh(z_VqkaSFKM~Iz?`+u+
z6;-_E4R+uj2h0sNMW@EtKO6&S@$8KVuNVa7z!t##)q*gyoM>aQd8O>}q#?M*f_}h#
z<SYHD&3GgNwWPHZfk-^8VREf_AY+fB<%w}%f9yJc)~Xh=IAnrv=iy^?FqYHjUhN*2
zP?cc^=sOj(SM4R%2P08S|Bv}dyi$RD+=C){aO~u98Hj;-?~px)wPCQEdl&g)%KSfw
z{iqP-cFJ1MnvK3g?%5W3fb;I`;Q%RGXSK`0#3t+3e~o;;i$Y>)M5G7OiAM_!VplvZ
zHg|Qho9{UCIvpxbek&=tRc+KA4@DkVEvj7(VY~p@??cwwu?Hy>v<s`c!pRLz{zvr?
z7h^9c)NoM2x-QTQ8yjzc*$Dn?eeQS!_%{_TJ*oD46m@RKLF;+?tLr>s^OpciF@>Xl
z%MO2_30D+`$9j2BOL3~^*7uwYXxhFvFQ=e#X|Ev%GNk^>^goittig;7?oIMnfk`mu
z45J@lWOQ@(0>V0b7I>TX>Hkx>6NU1XW=v&O^bD3Am$15_0Z8VzvS}^mO0FWmn1Jf@
zC$ZnAp3dwXSJ?bt`Xp8}S{sl>(6p+h`N8&k3w<~a`z?V`^mkcdn+*_n6kc#qI^v+n
z#!jV~u&YBx^9KO8y5RJ`6^%bwPm+a7-N)y#@9i&3?voq`T#nQpOC^X+!w!irKpU~C
z|Coz7+1l@z^5Dp`uCY;JKh92M2pd|TN!(=i0_IdW20d>E!4nL((!F0r7~k7R*(q`b
zgFH2-Y|bT=xIBK_3=yYOEqeW90zE>TeZducZRX$4b#tmEvHj(8<1|)!;EEpY_9l?9
z=^uu(?~Bff{{s)18l2Ia99lBi4>ii*_pIRe7Tw;#rYAebptzz5!tQ^*Kf3v~B=Ds5
zJ)V1&(Qo48%6Hc>?$=)qxJuA5_u_Wx60YL<2j52GN+e(=Stq@u$i2J_=({PiGhqkS
zFZXPS+a4uteB7#9{ZXGg8yQp+-Axm*@6MID{u?ajCwQo|ICGQPlg_~OO+ZLGfSVFV
z+6K*&S;;IkA&S_~3-36ataQc!oUIA9Y<;wywhDSlCx{<Uh}jMyW9yw!f<`MNk8Yh1
zixqgvwKcl!tKu`7D!r3d$blG5MigRumUQ&1I`u_MLR}0oK*<S0)T1$)7}BhxZ5X^5
zxPK3MlejHBpPeDvASuN}BDrLypHU)uFAK;_nvnWPnH5iAwu-Pgd31YX4)-UCG3ses
ze7}z}Y!*LbAp#ukdmik&QTx$o<tlHcYifQ{viZ#RT<SP4Mb3=AV2Y>^Mu{zf5Y0n9
z!btqk<t85vfj5U<8kp)l`!52^STeP2e-Q=L@2qiN;9Y;|+^x%BaI1_W0ZX;2m$-~a
zw@2B%_0GF%1sgo*HBW`{1XbksHOm7Jy-O!_tB&mtVHTfl#h%zB^QdooEh25mm$K?%
z+^{ziLmlTuGbaI-n6Tw3{W7lGf@LR(oxjxgj}phisHbJ?P6p;K3)OXERGJ~#jeT$M
zw@yTeFO~q5`oq@Y{|paykWqQR$Z%-*r6E?jGle9BW<Ej9fo-n3P|f3k!KP`)2;RVd
zrcq7gceHL-%QPn0JPf4Ej_9wP>uF&gp~0b|HRXtscWbt5!#oaS7H-CO$ewVk?8se)
ztvQ@5p7_3e`=c05_3U)8{J$NPaV7OWpHHtr8!_deE4R*x_7Cu9S)vCp7D@kd&rZEZ
zx6pR|fkIX5CxK4*JTo%oT<OH~hsUJ@V`vI<q_i}cp3H5_u8$ue$?MtlpIH)(L@nR2
z0Se67ya|VG^y;pcm#}F_!u}C2Hxp%nr}Bztop*zo+j+*xGH|xcs-J>Zir`Oq&A8f^
z0b{)4zn$FJshog3%kmm%M*Vx8Ao-V6i=7u^%xjt62l<Z7G#r)n-(FE*#h28toEOg$
zvi(@D&}v}LE3wsuZJ*QnG;ZYHklv&maNQ|0(sFg18MLxepft7R_k;0PjhJ<CkyLY|
zRlUPldY63ZNcZh>u9+qLEl$A?l6i02KYBt<CY&OMB(P=6nTr5k=H0V|br+8IWsXeC
zG3#0xgTKYEG#<+O<!}e(PoLLa5-t@)v_P^Aq=eN?3zc?}GS8i*%dWUpt=<#&aC`0!
zS0<zAl6a$v6x0{Hg1t_F1RP9OvCGn;sop>c7xHELHik~@qR;_@yya}D!uYX+9FOl8
zaQOk*0MK^c_Oc}hPKd7Nv6TEov(evT))|~qy-@dA?JVa5)XxG>tWsj3fU2p<Ea9N8
zbqO7@xMMWM&sFj-l;t4FmpUG(jv!3swZ{2Eb6fXT1$Km9-&_lls1~TFEuk+?;NJ7M
z6eqG4X%ocvK9OJS0tmXzL_vXNgYR!#n-NME)`m<oCv4c_J2jNK{uJZhR$nhDVNx0V
zI?I9`SXt3YP${5qhM?1}%1`UMxp|T<bx&KHr->?yzEH^7ZU(+0ePPH8vdFrp4-^<&
zc`Q^V*@3%dU&s7yE{9!PsYq|IHWy%}0h9PYLHljP^&wb08$2Q@rS=%#T%v_ef3^l-
zp5!0M!2v!fS%wF(GVD(<HDC&ps{?;6^Z!26UlDV5AQbZc9rXTUtJdEUDM#U$=<(sG
zZ~lX`f{W{}`%FQ1nE&jU+J(%|_uoC>XRMQJf1~Ak$aKO2#JN99j}#`j67-te>7fK)
zE^?n$3j}R^yxdj)>1hgCildgfp60q<X6oY$f3k=(@YmMFQP=kyu%XX(31zbSqEg@-
zc~zg=SD8zaBzQb_FD**{2b`29ko9=6`>wt${?PGoj)xayN4Bs4GxZSLeRh(C*?}e-
zk1P5M8>rQ9InbI?w`b{JpQ>uLy^)guuDY>)xA$NV8%GHJoi!0Ol~cjwcM&J?EKdn?
zNvyoL0+pp%JDDO7Z*C<CYMEuq(o$c)x_XuZqaxjxE61<Bl>8ldA;_1I>Sym0t%pWa
z6UzYo7A^*$GwqgL)!dIgIsCEXTtJ)Xk6%$ed4=VDUOk2(Jf!MV|4Lx9M4Yi6$oteC
zHen&*>)FDLiYME30G*#vS7zD<Kty#S_>KLmW<Ca8=R77WX8|(u#<D4zt<A&u$)wyR
zK{Pk}sOe92=UyO0;bNFyy(+Et321KF+nEju)yeqe^Y#NTD>DTFF=#0((oN8#FJ<EV
zO^+>Aq3&JZfIJ^aD3-gR{UfYa=ty(a-p(4Z*Vs?V-hP+$OhOELQ4L-5AvmX)CvOzK
zr8B7GD5m#WNO&Rha?9|GS}lIRBXP#opgzQXR9?lR96SR_4s<=xFHoTTY)2e$g8}TK
zM`g?wezY)AlQ1$+RsCc628+dAI5-u#lNAFcS#TbgXTT`OzDB$})UeYV9oTn-B)onM
zeZit*>3Bx!8Yi~G%(?*N%leU<jc=x7z7i#gRwMX|z&Y)}#Ct&O^cK|1(qjPZV7TJO
zO2L4|_`rNG4hEoLMp8@b^ZM7XYDQO|A>UcH5DbkBeJZ|heXsP`19)YoYJ1{sw_VAo
z46NmoY}^8vf8`epCa?*ccBWS9>i6*Apchwe(I{o}bvf@LzGEUH#jhzD+uBc`B3(&f
zdz2r?2@-h<67h#;WbnJ+w#%(g1ID1@_ATZa<(N3UGYwHzPhI?dFw3h6wZ*ECf>coR
z3OqYnZ<@g4pA00V^3iCR>?Rm~=I7pJs_zq9amI;M$V!nyUS(W50%SZrwh~t7l~r&C
zT&jHKJ2!<h&VGsEcMp%^sFZzA<1!#%*vC6@K8l}W9D`xLreDTe&&R07>wd8UypGTD
z_(o2FC8%3oG#zogX*FvsW}WVpba5xcD}ie&=x_AjG;TVP<T)r!a-V`YNHtQj-v%B@
z5m1&g8$6zI1*f-2-nip4{8YX6Dh_p%_DPV$A=vF8V2m!?GeN$m6YL964gzM7PfsFz
z1XFz0C~wumQWW*|xfy^sW22j^V;f(^+cWpoYg+l0BgY`qntmiWlk^?2>}6JpJ`fCi
zr@eAdyrM#~-1}UYrx~$gd9T;ZIDoX^lS23Tej@Vqe;-!4&CR>6MjI%sqQM!*4LJ}D
zoC11qD5QQ?c;|)i@6pq{^1t(mettkWkL@}};yGgmPPg;XS!~6(Pn>(-=;w71vL)M~
z3w*p<yXrHn=cOTEb@uZkzq;hO;>3_;uzGDqC&(8Y^EcUoZ-69zf62hQ)3V?lxAK*-
z8)ta*r9d~!Gx;hvPiFX&Mu6h&H2XVAuOi-xbhx~vZ#WOO1#jv13*V*>SCik*jnopq
ziSC0OVu@j31Y!t?{10&CF63#}w@@Gyhz10KD;!9R@UU=p=J$mWPE0Dba-WnWYK5jL
p$THtU5uwn;N=#?h63=861#uvaa^jdz;8vXiII3@|SFGa_@qdg*5sCl+

literal 0
HcmV?d00001

diff --git a/internal/server/static/writekit-icon.svg b/internal/server/static/writekit-icon.svg
new file mode 100644
index 0000000..386a0aa
--- /dev/null
+++ b/internal/server/static/writekit-icon.svg
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512" width="512" height="512">
+  <defs>
+    <linearGradient id="writekit-gradient" x1="0%" y1="0%" x2="100%" y2="100%">
+      <stop offset="0%" style="stop-color:#10b981"/>
+      <stop offset="100%" style="stop-color:#06b6d4"/>
+    </linearGradient>
+  </defs>
+  
+  <!-- Background circle -->
+  <circle cx="256" cy="256" r="256" fill="url(#writekit-gradient)"/>
+  
+  <!-- Open book icon (scaled and centered) -->
+  <g transform="translate(96, 96) scale(13.33)">
+    <path 
+      fill="none" 
+      stroke="white" 
+      stroke-width="1.5" 
+      stroke-linecap="round" 
+      stroke-linejoin="round" 
+      d="M12 6.042A8.967 8.967 0 006 3.75c-1.052 0-2.062.18-3 .512v14.25A8.987 8.987 0 016 18c2.305 0 4.408.867 6 2.292m0-14.25a8.966 8.966 0 016-2.292c1.052 0 2.062.18 3 .512v14.25A8.987 8.987 0 0018 18a8.967 8.967 0 00-6 2.292m0-14.25v14.25"
+    />
+  </g>
+</svg>
diff --git a/internal/server/studio.go b/internal/server/studio.go
new file mode 100644
index 0000000..3ff11e2
--- /dev/null
+++ b/internal/server/studio.go
@@ -0,0 +1,2052 @@
+package server
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"log"
+	"net/http"
+	"net/url"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/go-chi/chi/v5"
+	"github.com/google/uuid"
+	"github.com/gorilla/websocket"
+	"github.com/writekitapp/writekit/internal/config"
+	"github.com/writekitapp/writekit/internal/db"
+	"github.com/writekitapp/writekit/internal/imaginary"
+	"github.com/writekitapp/writekit/internal/markdown"
+	"github.com/writekitapp/writekit/internal/tenant"
+)
+
+func renderContent(q *tenant.Queries, r *http.Request, content string) string {
+	settings, _ := q.GetSettings(r.Context())
+	codeTheme := "github"
+	if t, ok := settings["code_theme"]; ok && t != "" {
+		codeTheme = t
+	}
+	html, _ := markdown.RenderWithTheme(content, codeTheme)
+	return html
+}
+
+func (s *Server) studioRoutes() chi.Router {
+	r := chi.NewRouter()
+
+	r.Get("/posts", s.listPosts)
+	r.Post("/posts", s.createPost)
+	r.Get("/posts/{slug}", s.getPost)
+	r.Put("/posts/{slug}", s.updatePost)
+	r.Delete("/posts/{slug}", s.deletePost)
+
+	r.Post("/posts/{id}/publish", s.publishPost)
+	r.Post("/posts/{id}/unpublish", s.unpublishPost)
+	r.Get("/posts/{id}/draft", s.getDraft)
+	r.Put("/posts/{id}/draft", s.saveDraft)
+	r.Delete("/posts/{id}/draft", s.discardDraft)
+	r.Get("/posts/{id}/versions", s.listVersions)
+	r.Post("/posts/{id}/versions/{versionId}/restore", s.restoreVersion)
+	r.Post("/posts/{id}/render", s.renderPreview)
+
+	r.Get("/settings", s.getSettings)
+	r.Put("/settings", s.updateSettings)
+
+	r.Get("/interaction-config", s.getStudioInteractionConfig)
+	r.Put("/interaction-config", s.updateInteractionConfig)
+
+	r.Get("/assets", s.listAssets)
+	r.Post("/assets", s.uploadAsset)
+	r.Delete("/assets/{id}", s.deleteAsset)
+
+	r.Get("/api-keys", s.listAPIKeys)
+	r.Post("/api-keys", s.createAPIKey)
+	r.Delete("/api-keys/{key}", s.deleteAPIKey)
+
+	r.Get("/analytics", s.getAnalytics)
+	r.Get("/analytics/posts/{slug}", s.getPostAnalytics)
+
+	// Plugins
+	r.Get("/plugins", s.listPlugins)
+	r.Post("/plugins", s.savePlugin)
+	r.Delete("/plugins/{id}", s.deletePlugin)
+	r.Put("/plugins/{id}/toggle", s.togglePlugin)
+	r.Post("/plugins/compile", s.compilePlugin)
+
+	// Secrets
+	r.Get("/secrets", s.listSecrets)
+	r.Post("/secrets", s.createSecret)
+	r.Delete("/secrets/{key}", s.deleteSecret)
+
+	// Webhooks
+	r.Get("/webhooks", s.listWebhooks)
+	r.Post("/webhooks", s.createWebhook)
+	r.Put("/webhooks/{id}", s.updateWebhook)
+	r.Delete("/webhooks/{id}", s.deleteWebhook)
+	r.Post("/webhooks/{id}/test", s.testWebhook)
+	r.Get("/webhooks/{id}/deliveries", s.listWebhookDeliveries)
+
+	// Jarvis proxy (hooks/templates/lsp/sdk)
+	r.Get("/hooks", s.getHooks)
+	r.Get("/template", s.getTemplate)
+	r.Get("/sdk", s.getSDK)
+	r.Get("/lsp", s.proxyLSP)
+
+	// Code themes
+	r.Get("/code-theme.css", s.codeThemeCSS)
+	r.Get("/code-themes", s.listCodeThemes)
+
+	// Plugin testing
+	r.Post("/plugins/test", s.testPlugin)
+
+	// Billing
+	r.Get("/billing", s.getBilling)
+
+	return r
+}
+
+type postRequest struct {
+	Slug        string   `json:"slug"`
+	Title       string   `json:"title"`
+	Description string   `json:"description"`
+	Content     string   `json:"content"`
+	Date        string   `json:"date"`
+	Draft       bool     `json:"draft"`
+	MembersOnly bool     `json:"members_only"`
+	Tags        []string `json:"tags"`
+}
+
+type postContent struct {
+	Markdown string `json:"markdown"`
+	HTML     string `json:"html"`
+}
+
+type postResponse struct {
+	ID          string       `json:"id"`
+	Slug        string       `json:"slug"`
+	Title       string       `json:"title"`
+	Description string       `json:"description"`
+	CoverImage  string       `json:"cover_image"`
+	Content     *postContent `json:"content,omitempty"`
+	Date        string       `json:"date"`
+	Draft       bool         `json:"draft"`
+	MembersOnly bool         `json:"members_only"`
+	Tags        []string     `json:"tags"`
+	CreatedAt   string       `json:"created_at"`
+	UpdatedAt   string       `json:"updated_at"`
+}
+
+func postToResponse(p *tenant.Post, includeContent bool) postResponse {
+	dateStr := ""
+	if p.PublishedAt != nil {
+		dateStr = p.PublishedAt.Format("2006-01-02")
+	}
+	updatedStr := p.ModifiedAt.Format(time.RFC3339)
+	if p.UpdatedAt != nil {
+		updatedStr = p.UpdatedAt.Format(time.RFC3339)
+	}
+
+	resp := postResponse{
+		ID:          p.ID,
+		Slug:        p.Slug,
+		Title:       p.Title,
+		Description: p.Description,
+		CoverImage:  p.CoverImage,
+		Date:        dateStr,
+		Draft:       !p.IsPublished,
+		MembersOnly: p.MembersOnly,
+		Tags:        p.Tags,
+		CreatedAt:   p.CreatedAt.Format(time.RFC3339),
+		UpdatedAt:   updatedStr,
+	}
+	if includeContent {
+		resp.Content = &postContent{
+			Markdown: p.ContentMD,
+			HTML:     p.ContentHTML,
+		}
+	}
+	if resp.Tags == nil {
+		resp.Tags = []string{}
+	}
+	return resp
+}
+
+func (s *Server) listPosts(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	posts, err := q.ListPosts(r.Context(), true)
+	if err != nil {
+		log.Printf("listPosts error for tenant %s: %v", tenantID, err)
+		jsonError(w, http.StatusInternalServerError, "failed to list posts")
+		return
+	}
+
+	result := make([]postResponse, len(posts))
+	for i, p := range posts {
+		result[i] = postToResponse(&p, false)
+	}
+
+	jsonResponse(w, http.StatusOK, result)
+}
+
+func (s *Server) getPost(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	slug := chi.URLParam(r, "slug")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	post, err := q.GetPost(r.Context(), slug)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get post")
+		return
+	}
+	if post == nil {
+		jsonError(w, http.StatusNotFound, "post not found")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, postToResponse(post, true))
+}
+
+func (s *Server) createPost(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	var req postRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	if req.Title == "" {
+		jsonError(w, http.StatusBadRequest, "title required")
+		return
+	}
+
+	if req.Slug == "" {
+		req.Slug = slugify(req.Title)
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	existing, _ := q.GetPost(r.Context(), req.Slug)
+	if existing != nil {
+		jsonError(w, http.StatusConflict, "post with this slug already exists")
+		return
+	}
+
+	var publishedAt *time.Time
+	if !req.Draft {
+		now := time.Now()
+		if req.Date != "" {
+			if parsed, err := time.Parse("2006-01-02", req.Date); err == nil {
+				now = parsed
+			}
+		}
+		publishedAt = &now
+	}
+
+	post := &tenant.Post{
+		Slug:        req.Slug,
+		Title:       req.Title,
+		Description: req.Description,
+		ContentMD:   req.Content,
+		ContentHTML: renderContent(q, r, req.Content),
+		IsPublished: !req.Draft,
+		MembersOnly: req.MembersOnly,
+		Tags:        req.Tags,
+		PublishedAt: publishedAt,
+	}
+
+	if err := q.CreatePost(r.Context(), post); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to create post")
+		return
+	}
+
+	if post.IsPublished {
+		s.rebuildSite(r.Context(), tenantID, db, r.Host)
+
+		go func() {
+			runner := s.getPluginRunner(tenantID, db)
+			defer runner.Close()
+			pubAt := ""
+			if post.PublishedAt != nil {
+				pubAt = post.PublishedAt.Format(time.RFC3339)
+			}
+			runner.TriggerHook(r.Context(), "post.published", map[string]any{
+				"post": map[string]any{
+					"slug":        post.Slug,
+					"title":       post.Title,
+					"url":         "/" + post.Slug,
+					"excerpt":     post.Description,
+					"publishedAt": pubAt,
+					"tags":        post.Tags,
+				},
+			})
+		}()
+	}
+
+	jsonResponse(w, http.StatusCreated, postToResponse(post, false))
+}
+
+func (s *Server) updatePost(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	slug := chi.URLParam(r, "slug")
+
+	var req postRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	post, err := q.GetPost(r.Context(), slug)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get post")
+		return
+	}
+	if post == nil {
+		jsonError(w, http.StatusNotFound, "post not found")
+		return
+	}
+
+	wasUnpublished := !post.IsPublished
+	oldTitle := post.Title
+	oldTags := post.Tags
+	oldSlug := post.Slug
+
+	if req.Slug != "" && req.Slug != slug {
+		existing, _ := q.GetPost(r.Context(), req.Slug)
+		if existing != nil {
+			jsonError(w, http.StatusConflict, "post with this slug already exists")
+			return
+		}
+		if !contains(post.Aliases, oldSlug) {
+			post.Aliases = append(post.Aliases, oldSlug)
+		}
+		post.Slug = req.Slug
+	}
+
+	if req.Title != "" {
+		post.Title = req.Title
+	}
+	post.Description = req.Description
+	post.ContentMD = req.Content
+	post.IsPublished = !req.Draft
+	post.MembersOnly = req.MembersOnly
+	post.Tags = req.Tags
+
+	post.ContentHTML = renderContent(q, r, req.Content)
+
+	if !req.Draft && post.PublishedAt == nil {
+		now := time.Now()
+		if req.Date != "" {
+			if parsed, err := time.Parse("2006-01-02", req.Date); err == nil {
+				now = parsed
+			}
+		}
+		post.PublishedAt = &now
+	}
+
+	if err := q.UpdatePost(r.Context(), post); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to update post")
+		return
+	}
+
+	if post.IsPublished {
+		s.rebuildSite(r.Context(), tenantID, db, r.Host)
+
+		go func() {
+			runner := s.getPluginRunner(tenantID, db)
+			defer runner.Close()
+
+			pubAt := ""
+			if post.PublishedAt != nil {
+				pubAt = post.PublishedAt.Format(time.RFC3339)
+			}
+
+			if wasUnpublished {
+				runner.TriggerHook(r.Context(), "post.published", map[string]any{
+					"post": map[string]any{
+						"slug":        post.Slug,
+						"title":       post.Title,
+						"url":         "/" + post.Slug,
+						"excerpt":     post.Description,
+						"publishedAt": pubAt,
+						"tags":        post.Tags,
+					},
+				})
+			} else {
+				changes := map[string]any{}
+				if oldTitle != post.Title {
+					changes["title"] = map[string]any{"old": oldTitle, "new": post.Title}
+				}
+				changes["content"] = true
+
+				addedTags := []string{}
+				removedTags := []string{}
+				oldTagSet := make(map[string]bool)
+				for _, t := range oldTags {
+					oldTagSet[t] = true
+				}
+				for _, t := range post.Tags {
+					if !oldTagSet[t] {
+						addedTags = append(addedTags, t)
+					}
+					delete(oldTagSet, t)
+				}
+				for t := range oldTagSet {
+					removedTags = append(removedTags, t)
+				}
+				if len(addedTags) > 0 || len(removedTags) > 0 {
+					changes["tags"] = map[string]any{"added": addedTags, "removed": removedTags}
+				}
+
+				runner.TriggerHook(r.Context(), "post.updated", map[string]any{
+					"post": map[string]any{
+						"slug":        post.Slug,
+						"title":       post.Title,
+						"url":         "/" + post.Slug,
+						"excerpt":     post.Description,
+						"publishedAt": pubAt,
+						"updatedAt":   time.Now().Format(time.RFC3339),
+						"tags":        post.Tags,
+					},
+					"changes": changes,
+				})
+			}
+		}()
+
+		// Trigger webhooks for published posts
+		if wasUnpublished {
+			q.TriggerWebhooks(r.Context(), "post.published", map[string]any{
+				"post": postToResponse(post, false),
+			}, "https://"+r.Host)
+		} else {
+			q.TriggerWebhooks(r.Context(), "post.updated", map[string]any{
+				"post": postToResponse(post, false),
+			}, "https://"+r.Host)
+		}
+	}
+
+	jsonResponse(w, http.StatusOK, postToResponse(post, false))
+}
+
+func (s *Server) deletePost(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	slug := chi.URLParam(r, "slug")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	post, err := q.GetPost(r.Context(), slug)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get post")
+		return
+	}
+	if post == nil {
+		jsonError(w, http.StatusNotFound, "post not found")
+		return
+	}
+
+	wasPublished := post.IsPublished
+	postData := postToResponse(post, false)
+
+	if err := q.DeletePost(r.Context(), post.ID); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to delete post")
+		return
+	}
+
+	if wasPublished {
+		q.DeletePage(r.Context(), "/posts/"+slug)
+		s.rebuildSite(r.Context(), tenantID, db, r.Host)
+
+		// Trigger webhooks for deleted posts
+		q.TriggerWebhooks(r.Context(), "post.deleted", map[string]any{
+			"post": postData,
+		}, "https://"+r.Host)
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+}
+
+func (s *Server) publishPost(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	postID := chi.URLParam(r, "id")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	post, err := q.GetPostByID(r.Context(), postID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get post")
+		return
+	}
+	if post == nil {
+		jsonError(w, http.StatusNotFound, "post not found")
+		return
+	}
+
+	if err := q.Publish(r.Context(), postID); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to publish")
+		return
+	}
+
+	post, _ = q.GetPostByID(r.Context(), postID)
+	s.rebuildSite(r.Context(), tenantID, db, r.Host)
+
+	// Trigger webhooks
+	q.TriggerWebhooks(r.Context(), "post.published", map[string]any{
+		"post": postToResponse(post, false),
+	}, "https://"+r.Host)
+
+	jsonResponse(w, http.StatusOK, postToResponse(post, false))
+}
+
+func (s *Server) unpublishPost(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	postID := chi.URLParam(r, "id")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	post, err := q.GetPostByID(r.Context(), postID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get post")
+		return
+	}
+	if post == nil {
+		jsonError(w, http.StatusNotFound, "post not found")
+		return
+	}
+
+	if err := q.Unpublish(r.Context(), postID); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to unpublish")
+		return
+	}
+
+	q.DeletePage(r.Context(), "/posts/"+post.Slug)
+	s.rebuildSite(r.Context(), tenantID, db, r.Host)
+
+	post, _ = q.GetPostByID(r.Context(), postID)
+	jsonResponse(w, http.StatusOK, postToResponse(post, false))
+}
+
+func (s *Server) getDraft(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	postID := chi.URLParam(r, "id")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	draft, err := q.GetDraft(r.Context(), postID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get draft")
+		return
+	}
+
+	if draft == nil {
+		jsonResponse(w, http.StatusOK, nil)
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, map[string]any{
+		"post_id":      draft.PostID,
+		"slug":         draft.Slug,
+		"title":        draft.Title,
+		"description":  draft.Description,
+		"tags":         draft.Tags,
+		"cover_image":  draft.CoverImage,
+		"members_only": draft.MembersOnly,
+		"content":      draft.ContentMD,
+		"modified_at":  draft.ModifiedAt.Format(time.RFC3339),
+	})
+}
+
+func (s *Server) saveDraft(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	postID := chi.URLParam(r, "id")
+
+	var req struct {
+		Slug        string   `json:"slug"`
+		Title       string   `json:"title"`
+		Description string   `json:"description"`
+		Tags        []string `json:"tags"`
+		CoverImage  string   `json:"cover_image"`
+		MembersOnly bool     `json:"members_only"`
+		Content     string   `json:"content"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	post, err := q.GetPostByID(r.Context(), postID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get post")
+		return
+	}
+	if post == nil {
+		jsonError(w, http.StatusNotFound, "post not found")
+		return
+	}
+
+	draft := &tenant.PostDraft{
+		PostID:      postID,
+		Slug:        req.Slug,
+		Title:       req.Title,
+		Description: req.Description,
+		Tags:        req.Tags,
+		CoverImage:  req.CoverImage,
+		MembersOnly: req.MembersOnly,
+		ContentMD:   req.Content,
+		ContentHTML: renderContent(q, r, req.Content),
+	}
+
+	if draft.Slug == "" {
+		draft.Slug = post.Slug
+	}
+
+	if err := q.SaveDraft(r.Context(), draft); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to save draft")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, map[string]bool{"success": true})
+}
+
+func (s *Server) discardDraft(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	postID := chi.URLParam(r, "id")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	if err := q.DeleteDraft(r.Context(), postID); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to discard draft")
+		return
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+}
+
+func (s *Server) listVersions(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	postID := chi.URLParam(r, "id")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	versions, err := q.ListVersions(r.Context(), postID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to list versions")
+		return
+	}
+
+	result := make([]map[string]any, len(versions))
+	for i, v := range versions {
+		result[i] = map[string]any{
+			"id":         v.ID,
+			"title":      v.Title,
+			"created_at": v.CreatedAt.Format(time.RFC3339),
+		}
+	}
+
+	jsonResponse(w, http.StatusOK, result)
+}
+
+func (s *Server) restoreVersion(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	postID := chi.URLParam(r, "id")
+	versionIDStr := chi.URLParam(r, "versionId")
+
+	versionID, err := strconv.ParseInt(versionIDStr, 10, 64)
+	if err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid version id")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	if err := q.RestoreVersion(r.Context(), postID, versionID); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to restore version")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, map[string]bool{"success": true})
+}
+
+func (s *Server) renderPreview(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	var req struct {
+		Markdown string `json:"markdown"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	settings, _ := q.GetSettings(r.Context())
+	codeTheme := getSettingOr(settings, "code_theme", "github")
+
+	html, err := markdown.RenderWithTheme(req.Markdown, codeTheme)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "render failed")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, map[string]string{"html": html})
+}
+
+func (s *Server) getSettings(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	settings, err := q.GetSettings(r.Context())
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get settings")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, settings)
+}
+
+func (s *Server) updateSettings(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	var settings map[string]string
+	if err := json.NewDecoder(r.Body).Decode(&settings); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	if err := q.SetSettings(r.Context(), settings); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to update settings")
+		return
+	}
+
+	s.rebuildSite(r.Context(), tenantID, db, r.Host)
+
+	jsonResponse(w, http.StatusOK, map[string]bool{"success": true})
+}
+
+func (s *Server) listAssets(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	assets, err := q.ListAssets(r.Context())
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to list assets")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, assets)
+}
+
+func (s *Server) uploadAsset(w http.ResponseWriter, r *http.Request) {
+	if s.storage == nil {
+		jsonError(w, http.StatusServiceUnavailable, "storage not configured")
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	if err := r.ParseMultipartForm(15 << 20); err != nil {
+		jsonError(w, http.StatusBadRequest, "file too large")
+		return
+	}
+
+	file, header, err := r.FormFile("file")
+	if err != nil {
+		jsonError(w, http.StatusBadRequest, "file required")
+		return
+	}
+	defer file.Close()
+
+	contentType := header.Header.Get("Content-Type")
+	isImage := strings.HasPrefix(contentType, "image/")
+
+	var uploadData []byte
+	var finalContentType string
+	var ext string
+
+	if isImage && s.imaginary != nil {
+		processed, err := s.imaginary.Process(file, header.Filename, imaginary.ProcessOptions{
+			Width:   2000,
+			Height:  2000,
+			Quality: 80,
+			Type:    "webp",
+		})
+		if err != nil {
+			jsonError(w, http.StatusInternalServerError, "image processing failed")
+			return
+		}
+		uploadData = processed
+		finalContentType = "image/webp"
+		ext = ".webp"
+	} else {
+		data, err := io.ReadAll(file)
+		if err != nil {
+			jsonError(w, http.StatusInternalServerError, "read failed")
+			return
+		}
+		uploadData = data
+		finalContentType = contentType
+		ext = ""
+		if idx := strings.LastIndex(header.Filename, "."); idx != -1 {
+			ext = header.Filename[idx:]
+		}
+	}
+
+	r2Key := fmt.Sprintf("%s/%s%s", tenantID, uuid.NewString(), ext)
+
+	if err := s.storage.Upload(r.Context(), r2Key, bytes.NewReader(uploadData), finalContentType); err != nil {
+		jsonError(w, http.StatusInternalServerError, "upload failed")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	asset := &tenant.Asset{
+		Filename:    header.Filename,
+		R2Key:       r2Key,
+		ContentType: finalContentType,
+		Size:        int64(len(uploadData)),
+	}
+
+	q := tenant.NewQueries(db)
+	if err := q.CreateAsset(r.Context(), asset); err != nil {
+		s.storage.Delete(r.Context(), r2Key)
+		jsonError(w, http.StatusInternalServerError, "failed to save asset")
+		return
+	}
+
+	assetURL := s.storage.PublicURL(r2Key)
+
+	// Trigger asset.uploaded hook
+	go func() {
+		runner := s.getPluginRunner(tenantID, db)
+		defer runner.Close()
+		runner.TriggerHook(r.Context(), "asset.uploaded", map[string]any{
+			"id":          asset.ID,
+			"url":         assetURL,
+			"contentType": asset.ContentType,
+			"size":        asset.Size,
+		})
+	}()
+
+	jsonResponse(w, http.StatusCreated, map[string]any{
+		"id":           asset.ID,
+		"filename":     asset.Filename,
+		"url":          assetURL,
+		"content_type": asset.ContentType,
+		"size":         asset.Size,
+	})
+}
+
+func (s *Server) deleteAsset(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	assetID := chi.URLParam(r, "id")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	asset, err := q.GetAsset(r.Context(), assetID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get asset")
+		return
+	}
+	if asset == nil {
+		jsonError(w, http.StatusNotFound, "asset not found")
+		return
+	}
+
+	if s.storage != nil {
+		s.storage.Delete(r.Context(), asset.R2Key)
+	}
+
+	if err := q.DeleteAsset(r.Context(), assetID); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to delete asset")
+		return
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+}
+
+func slugify(s string) string {
+	s = strings.ToLower(s)
+	s = strings.ReplaceAll(s, " ", "-")
+	var result strings.Builder
+	for _, r := range s {
+		if (r >= 'a' && r <= 'z') || (r >= '0' && r <= '9') || r == '-' {
+			result.WriteRune(r)
+		}
+	}
+	return result.String()
+}
+
+func (s *Server) listAPIKeys(w http.ResponseWriter, r *http.Request) {
+	if GetDemoInfo(r).IsDemo {
+		jsonResponse(w, http.StatusOK, []any{})
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	keys, err := q.ListAPIKeys(r.Context())
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to list API keys")
+		return
+	}
+
+	result := make([]map[string]any, len(keys))
+	for i, k := range keys {
+		result[i] = map[string]any{
+			"key":          maskKey(k.Key),
+			"name":         k.Name,
+			"created_at":   k.CreatedAt.Format(time.RFC3339),
+			"last_used_at": nil,
+		}
+		if k.LastUsedAt != nil {
+			result[i]["last_used_at"] = k.LastUsedAt.Format(time.RFC3339)
+		}
+	}
+
+	jsonResponse(w, http.StatusOK, result)
+}
+
+func (s *Server) createAPIKey(w http.ResponseWriter, r *http.Request) {
+	if GetDemoInfo(r).IsDemo {
+		jsonError(w, http.StatusForbidden, "API key generation is not available in demo mode")
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	var req struct {
+		Name string `json:"name"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+	if req.Name == "" {
+		jsonError(w, http.StatusBadRequest, "name required")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	key, err := q.CreateAPIKey(r.Context(), req.Name)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to create API key")
+		return
+	}
+
+	jsonResponse(w, http.StatusCreated, map[string]any{
+		"key":        key.Key,
+		"name":       key.Name,
+		"created_at": key.CreatedAt.Format(time.RFC3339),
+	})
+}
+
+func (s *Server) deleteAPIKey(w http.ResponseWriter, r *http.Request) {
+	if GetDemoInfo(r).IsDemo {
+		jsonError(w, http.StatusForbidden, "API key management is not available in demo mode")
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	key := chi.URLParam(r, "key")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	if err := q.DeleteAPIKey(r.Context(), key); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to delete API key")
+		return
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+}
+
+func (s *Server) getStudioInteractionConfig(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	config := q.GetInteractionConfig(r.Context())
+
+	jsonResponse(w, http.StatusOK, config)
+}
+
+func (s *Server) updateInteractionConfig(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	var req struct {
+		CommentsEnabled      *bool   `json:"comments_enabled"`
+		ReactionsEnabled     *bool   `json:"reactions_enabled"`
+		ReactionMode         *string `json:"reaction_mode"`
+		ReactionEmojis       *string `json:"reaction_emojis"`
+		UpvoteIcon           *string `json:"upvote_icon"`
+		ReactionsRequireAuth *bool   `json:"reactions_require_auth"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	settings := make(tenant.Settings)
+
+	if req.CommentsEnabled != nil {
+		settings["comments_enabled"] = boolToStr(*req.CommentsEnabled)
+	}
+	if req.ReactionsEnabled != nil {
+		settings["reactions_enabled"] = boolToStr(*req.ReactionsEnabled)
+	}
+	if req.ReactionMode != nil {
+		settings["reaction_mode"] = *req.ReactionMode
+	}
+	if req.ReactionEmojis != nil {
+		settings["reaction_emojis"] = *req.ReactionEmojis
+	}
+	if req.UpvoteIcon != nil {
+		settings["upvote_icon"] = *req.UpvoteIcon
+	}
+	if req.ReactionsRequireAuth != nil {
+		settings["reactions_require_auth"] = boolToStr(*req.ReactionsRequireAuth)
+	}
+
+	if len(settings) > 0 {
+		if err := q.SetSettings(r.Context(), settings); err != nil {
+			jsonError(w, http.StatusInternalServerError, "failed to update settings")
+			return
+		}
+	}
+
+	config := q.GetInteractionConfig(r.Context())
+	jsonResponse(w, http.StatusOK, config)
+}
+
+func boolToStr(b bool) string {
+	if b {
+		return "true"
+	}
+	return "false"
+}
+
+func maskKey(key string) string {
+	if len(key) <= 8 {
+		return key
+	}
+	return key[:7] + "..." + key[len(key)-4:]
+}
+
+func (s *Server) getAnalytics(w http.ResponseWriter, r *http.Request) {
+	days := 30
+	if d := r.URL.Query().Get("days"); d != "" {
+		if parsed, err := strconv.Atoi(d); err == nil && parsed > 0 && parsed <= 365 {
+			days = parsed
+		}
+	}
+
+	if GetDemoInfo(r).IsDemo {
+		jsonResponse(w, http.StatusOK, generateFakeAnalytics(days))
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	tenantDB, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	t, err := s.database.GetTenantByID(r.Context(), tenantID)
+	if err != nil || t == nil {
+		d, _ := s.database.GetDemoByID(r.Context(), tenantID)
+		if d != nil {
+			t = &db.Tenant{Subdomain: d.Subdomain}
+		}
+	}
+
+	// Enforce tier analytics retention limit
+	tierInfo := config.GetTierInfo(t != nil && t.Premium)
+	if days > tierInfo.Config.AnalyticsRetention {
+		days = tierInfo.Config.AnalyticsRetention
+	}
+
+	hostname := ""
+	if t != nil {
+		hostname = t.Subdomain + "." + s.domain
+	}
+
+	result := &tenant.AnalyticsSummary{
+		ViewsByDay: []tenant.DailyStats{},
+		TopPages:   []tenant.PageStats{},
+		Browsers:   []tenant.NamedStat{},
+		OS:         []tenant.NamedStat{},
+		Devices:    []tenant.NamedStat{},
+		Countries:  []tenant.NamedStat{},
+	}
+
+	q := tenant.NewQueries(tenantDB)
+
+	if s.cloudflare.IsConfigured() && hostname != "" {
+		cfDays := days
+		if cfDays > 14 {
+			cfDays = 14
+		}
+
+		cfData, err := s.cloudflare.GetAnalytics(r.Context(), cfDays, hostname)
+		if err == nil && cfData != nil {
+			result.TotalViews = cfData.TotalRequests
+			result.TotalPageViews = cfData.TotalPageViews
+			result.UniqueVisitors = cfData.UniqueVisitors
+			result.TotalBandwidth = cfData.TotalBandwidth
+
+			for _, d := range cfData.Daily {
+				result.ViewsByDay = append(result.ViewsByDay, tenant.DailyStats{
+					Date:     d.Date,
+					Views:    d.PageViews,
+					Visitors: d.Visitors,
+				})
+			}
+
+			for _, p := range cfData.Paths {
+				result.TopPages = append(result.TopPages, tenant.PageStats{
+					Path:  p.Path,
+					Views: p.Requests,
+				})
+			}
+
+			for _, b := range cfData.Browsers {
+				result.Browsers = append(result.Browsers, tenant.NamedStat{Name: b.Name, Count: b.Count})
+			}
+			for _, o := range cfData.OS {
+				result.OS = append(result.OS, tenant.NamedStat{Name: o.Name, Count: o.Count})
+			}
+			for _, d := range cfData.Devices {
+				result.Devices = append(result.Devices, tenant.NamedStat{Name: d.Name, Count: d.Count})
+			}
+			for _, c := range cfData.Countries {
+				result.Countries = append(result.Countries, tenant.NamedStat{Name: c.Name, Count: c.Count})
+			}
+		}
+
+		if days > 14 {
+			archivedSince := time.Now().AddDate(0, 0, -days).Format("2006-01-02")
+			archivedUntil := time.Now().AddDate(0, 0, -15).Format("2006-01-02")
+			archived, err := q.GetArchivedAnalytics(r.Context(), archivedSince, archivedUntil)
+			if err == nil {
+				for _, a := range archived {
+					result.TotalViews += a.Requests
+					result.TotalPageViews += a.PageViews
+					result.UniqueVisitors += a.UniqueVisitors
+					result.TotalBandwidth += a.Bandwidth
+					result.ViewsByDay = append([]tenant.DailyStats{{
+						Date:     a.Date,
+						Views:    a.PageViews,
+						Visitors: a.UniqueVisitors,
+					}}, result.ViewsByDay...)
+				}
+			}
+		}
+	} else {
+		analytics, err := q.GetAnalytics(r.Context(), days)
+		if err == nil {
+			result = analytics
+		}
+	}
+
+	jsonResponse(w, http.StatusOK, result)
+}
+
+func (s *Server) getPostAnalytics(w http.ResponseWriter, r *http.Request) {
+	days := 30
+	if d := r.URL.Query().Get("days"); d != "" {
+		if parsed, err := strconv.Atoi(d); err == nil && parsed > 0 && parsed <= 365 {
+			days = parsed
+		}
+	}
+
+	if GetDemoInfo(r).IsDemo {
+		jsonResponse(w, http.StatusOK, generateFakePostAnalytics(days))
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	slug := chi.URLParam(r, "slug")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	analytics, err := q.GetPostAnalytics(r.Context(), slug, days)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to get post analytics")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, analytics)
+}
+
+// ═══════════════════════════════════════════════════════════════════════════
+// Plugins
+// ═══════════════════════════════════════════════════════════════════════════
+
+func (s *Server) listPlugins(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	plugins, err := q.ListPlugins(r.Context())
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to list plugins")
+		return
+	}
+
+	result := make([]map[string]any, len(plugins))
+	for i, p := range plugins {
+		result[i] = map[string]any{
+			"id":         p.ID,
+			"name":       p.Name,
+			"language":   p.Language,
+			"source":     p.Source,
+			"hooks":      p.Hooks,
+			"enabled":    p.Enabled,
+			"wasm_size":  p.WasmSize,
+			"created_at": p.CreatedAt.Format(time.RFC3339),
+			"updated_at": p.UpdatedAt.Format(time.RFC3339),
+		}
+	}
+
+	jsonResponse(w, http.StatusOK, result)
+}
+
+func (s *Server) savePlugin(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	var req struct {
+		ID       string   `json:"id"`
+		Name     string   `json:"name"`
+		Language string   `json:"language"`
+		Source   string   `json:"source"`
+		Hooks    []string `json:"hooks"`
+		Enabled  bool     `json:"enabled"`
+		Wasm     []byte   `json:"wasm"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	if req.Name == "" {
+		jsonError(w, http.StatusBadRequest, "name required")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	plugin := &tenant.Plugin{
+		ID:       req.ID,
+		Name:     req.Name,
+		Language: req.Language,
+		Source:   req.Source,
+		Hooks:    req.Hooks,
+		Enabled:  req.Enabled,
+		Wasm:     req.Wasm,
+	}
+
+	q := tenant.NewQueries(db)
+
+	// Check if exists
+	existing, _ := q.GetPlugin(r.Context(), req.ID)
+	if existing != nil {
+		err = q.UpdatePlugin(r.Context(), plugin)
+	} else {
+		// Check tier limit for new plugins
+		t, err := s.database.GetTenantByID(r.Context(), tenantID)
+		if err != nil {
+			jsonError(w, http.StatusInternalServerError, "database error")
+			return
+		}
+		tierInfo := config.GetTierInfo(t != nil && t.Premium)
+
+		count, err := q.CountPlugins(r.Context())
+		if err != nil {
+			jsonError(w, http.StatusInternalServerError, "database error")
+			return
+		}
+		if count >= tierInfo.Config.MaxPlugins {
+			jsonError(w, http.StatusForbidden, fmt.Sprintf("plugin limit reached (%d max on %s tier)", tierInfo.Config.MaxPlugins, tierInfo.Config.Name))
+			return
+		}
+
+		err = q.CreatePlugin(r.Context(), plugin)
+	}
+
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to save plugin")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, map[string]any{"id": plugin.ID})
+}
+
+func (s *Server) deletePlugin(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	id := chi.URLParam(r, "id")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	if err := q.DeletePlugin(r.Context(), id); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to delete plugin")
+		return
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+}
+
+func (s *Server) togglePlugin(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	id := chi.URLParam(r, "id")
+
+	var req struct {
+		Enabled bool `json:"enabled"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	if err := q.TogglePlugin(r.Context(), id, req.Enabled); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to toggle plugin")
+		return
+	}
+
+	jsonResponse(w, http.StatusOK, map[string]bool{"enabled": req.Enabled})
+}
+
+// ═══════════════════════════════════════════════════════════════════════════
+// Secrets
+// ═══════════════════════════════════════════════════════════════════════════
+
+func (s *Server) listSecrets(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	secrets, err := tenant.ListSecrets(db)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to list secrets")
+		return
+	}
+
+	result := make([]map[string]any, len(secrets))
+	for i, s := range secrets {
+		result[i] = map[string]any{
+			"key":        s.Key,
+			"created_at": s.CreatedAt.Format(time.RFC3339),
+		}
+	}
+
+	jsonResponse(w, http.StatusOK, result)
+}
+
+func (s *Server) createSecret(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	var req struct {
+		Key   string `json:"key"`
+		Value string `json:"value"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	if req.Key == "" || req.Value == "" {
+		jsonError(w, http.StatusBadRequest, "key and value required")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	if err := tenant.SetSecret(db, tenantID, req.Key, req.Value); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to create secret")
+		return
+	}
+
+	jsonResponse(w, http.StatusCreated, map[string]string{"key": req.Key})
+}
+
+func (s *Server) deleteSecret(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	key := chi.URLParam(r, "key")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	if err := tenant.DeleteSecret(db, key); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to delete secret")
+		return
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+}
+
+// ═══════════════════════════════════════════════════════════════════════════
+// Jarvis Proxy (compile, hooks, template)
+// ═══════════════════════════════════════════════════════════════════════════
+
+func (s *Server) compilePlugin(w http.ResponseWriter, r *http.Request) {
+	resp, err := http.Post(s.jarvisURL+"/compile", "application/json", r.Body)
+	if err != nil {
+		jsonError(w, http.StatusBadGateway, "compiler unavailable")
+		return
+	}
+	defer resp.Body.Close()
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(resp.StatusCode)
+	io.Copy(w, resp.Body)
+}
+
+func (s *Server) getHooks(w http.ResponseWriter, r *http.Request) {
+	resp, err := http.Get(s.jarvisURL + "/hooks")
+	if err != nil {
+		jsonError(w, http.StatusBadGateway, "compiler unavailable")
+		return
+	}
+	defer resp.Body.Close()
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(resp.StatusCode)
+	io.Copy(w, resp.Body)
+}
+
+func (s *Server) getTemplate(w http.ResponseWriter, r *http.Request) {
+	url := s.jarvisURL + "/template?" + r.URL.RawQuery
+	resp, err := http.Get(url)
+	if err != nil {
+		jsonError(w, http.StatusBadGateway, "compiler unavailable")
+		return
+	}
+	defer resp.Body.Close()
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(resp.StatusCode)
+	io.Copy(w, resp.Body)
+}
+
+var wsUpgrader = websocket.Upgrader{
+	CheckOrigin: func(r *http.Request) bool {
+		return true
+	},
+}
+
+func (s *Server) getSDK(w http.ResponseWriter, r *http.Request) {
+	url := s.jarvisURL + "/sdk"
+	if r.URL.RawQuery != "" {
+		url += "?" + r.URL.RawQuery
+	}
+	resp, err := http.Get(url)
+	if err != nil {
+		jsonError(w, http.StatusBadGateway, "compiler unavailable")
+		return
+	}
+	defer resp.Body.Close()
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(resp.StatusCode)
+	io.Copy(w, resp.Body)
+}
+
+func (s *Server) testPlugin(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	var req struct {
+		Language string         `json:"language"`
+		Source   string         `json:"source"`
+		Hook     string         `json:"hook"`
+		TestData map[string]any `json:"test_data"`
+		Secrets  map[string]string `json:"secrets"` // Override secrets for testing
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request")
+		return
+	}
+
+	if req.Source == "" {
+		jsonError(w, http.StatusBadRequest, "source required")
+		return
+	}
+	if req.Hook == "" {
+		req.Hook = "post.published"
+	}
+
+	// Step 1: Compile the plugin via Jarvis
+	compileReq := map[string]string{
+		"language": req.Language,
+		"source":   req.Source,
+	}
+	compileBody, _ := json.Marshal(compileReq)
+
+	resp, err := http.Post(s.jarvisURL+"/compile", "application/json", bytes.NewReader(compileBody))
+	if err != nil {
+		jsonError(w, http.StatusBadGateway, "compiler unavailable")
+		return
+	}
+	defer resp.Body.Close()
+
+	var compileResult struct {
+		Success bool     `json:"success"`
+		Wasm    []byte   `json:"wasm"`
+		Errors  []string `json:"errors"`
+		TimeMS  int64    `json:"time_ms"`
+	}
+	if err := json.NewDecoder(resp.Body).Decode(&compileResult); err != nil {
+		jsonError(w, http.StatusInternalServerError, "invalid compile response")
+		return
+	}
+
+	if !compileResult.Success {
+		jsonResponse(w, http.StatusOK, map[string]any{
+			"success":     false,
+			"phase":       "compile",
+			"errors":      compileResult.Errors,
+			"compile_ms":  compileResult.TimeMS,
+		})
+		return
+	}
+
+	// Step 2: Get secrets (use overrides if provided, otherwise fetch real ones)
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	secrets := req.Secrets
+	if secrets == nil {
+		secrets, _ = tenant.GetSecretsMap(db, tenantID)
+	}
+
+	// Step 3: Run the plugin with test data
+	runner := tenant.NewTestPluginRunner(db, tenantID, secrets)
+	result := runner.RunTest(r.Context(), compileResult.Wasm, req.Hook, req.TestData)
+
+	jsonResponse(w, http.StatusOK, map[string]any{
+		"success":    result.Success,
+		"phase":      "execute",
+		"output":     result.Output,
+		"logs":       result.Logs,
+		"error":      result.Error,
+		"compile_ms": compileResult.TimeMS,
+		"run_ms":     result.Duration,
+	})
+}
+
+func (s *Server) proxyLSP(w http.ResponseWriter, r *http.Request) {
+	language := r.URL.Query().Get("language")
+	if language == "" {
+		language = "typescript"
+	}
+
+	clientConn, err := wsUpgrader.Upgrade(w, r, nil)
+	if err != nil {
+		return
+	}
+	defer clientConn.Close()
+
+	jarvisWS := strings.Replace(s.jarvisURL, "http://", "ws://", 1)
+	jarvisWS = strings.Replace(jarvisWS, "https://", "wss://", 1)
+	jarvisURL := jarvisWS + "/lsp?language=" + url.QueryEscape(language)
+
+	serverConn, _, err := websocket.DefaultDialer.Dial(jarvisURL, nil)
+	if err != nil {
+		clientConn.WriteMessage(websocket.TextMessage, []byte(`{"error": "LSP server unavailable"}`))
+		return
+	}
+	defer serverConn.Close()
+
+	done := make(chan struct{})
+
+	go func() {
+		defer close(done)
+		for {
+			msgType, msg, err := serverConn.ReadMessage()
+			if err != nil {
+				return
+			}
+			if err := clientConn.WriteMessage(msgType, msg); err != nil {
+				return
+			}
+		}
+	}()
+
+	go func() {
+		for {
+			msgType, msg, err := clientConn.ReadMessage()
+			if err != nil {
+				return
+			}
+			if err := serverConn.WriteMessage(msgType, msg); err != nil {
+				return
+			}
+		}
+	}()
+
+	<-done
+}
+
+// ═══════════════════════════════════════════════════════════════════════════
+// Code Themes
+// ═══════════════════════════════════════════════════════════════════════════
+
+func (s *Server) codeThemeCSS(w http.ResponseWriter, r *http.Request) {
+	theme := r.URL.Query().Get("theme")
+	if theme == "" {
+		theme = "github"
+	}
+
+	css, err := markdown.GenerateHljsCSS(theme)
+	if err != nil {
+		http.Error(w, "invalid theme", http.StatusBadRequest)
+		return
+	}
+
+	w.Header().Set("Content-Type", "text/css")
+	w.Header().Set("Cache-Control", "public, max-age=31536000")
+	w.Write([]byte(css))
+}
+
+func (s *Server) listCodeThemes(w http.ResponseWriter, r *http.Request) {
+	themes := markdown.ListThemes()
+	jsonResponse(w, http.StatusOK, themes)
+}
+
+func contains(slice []string, item string) bool {
+	for _, s := range slice {
+		if s == item {
+			return true
+		}
+	}
+	return false
+}
+
+// ═══════════════════════════════════════════════════════════════════════════
+// Webhooks
+// ═══════════════════════════════════════════════════════════════════════════
+
+func (s *Server) listWebhooks(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	webhooks, err := q.ListWebhooks(r.Context())
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to list webhooks")
+		return
+	}
+
+	if webhooks == nil {
+		webhooks = []tenant.Webhook{}
+	}
+
+	jsonResponse(w, http.StatusOK, webhooks)
+}
+
+func (s *Server) createWebhook(w http.ResponseWriter, r *http.Request) {
+	if GetDemoInfo(r).IsDemo {
+		jsonError(w, http.StatusForbidden, "Webhook management is not available in demo mode")
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	var req struct {
+		Name   string   `json:"name"`
+		URL    string   `json:"url"`
+		Events []string `json:"events"`
+		Secret string   `json:"secret"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request body")
+		return
+	}
+
+	if req.Name == "" || req.URL == "" || len(req.Events) == 0 {
+		jsonError(w, http.StatusBadRequest, "name, url, and events are required")
+		return
+	}
+
+	// Validate URL
+	if _, err := url.ParseRequestURI(req.URL); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid URL")
+		return
+	}
+
+	// Check tier limit
+	t, err := s.database.GetTenantByID(r.Context(), tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+	tierInfo := config.GetTierInfo(t != nil && t.Premium)
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+
+	count, err := q.CountWebhooks(r.Context())
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+	if count >= tierInfo.Config.MaxWebhooks {
+		jsonError(w, http.StatusForbidden, fmt.Sprintf("webhook limit reached (%d max on %s tier)", tierInfo.Config.MaxWebhooks, tierInfo.Config.Name))
+		return
+	}
+
+	webhook, err := q.CreateWebhook(r.Context(), req.Name, req.URL, req.Events, req.Secret)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to create webhook")
+		return
+	}
+
+	jsonResponse(w, http.StatusCreated, webhook)
+}
+
+func (s *Server) updateWebhook(w http.ResponseWriter, r *http.Request) {
+	if GetDemoInfo(r).IsDemo {
+		jsonError(w, http.StatusForbidden, "Webhook management is not available in demo mode")
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	webhookID := chi.URLParam(r, "id")
+
+	var req struct {
+		Name    string   `json:"name"`
+		URL     string   `json:"url"`
+		Events  []string `json:"events"`
+		Secret  string   `json:"secret"`
+		Enabled bool     `json:"enabled"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		jsonError(w, http.StatusBadRequest, "invalid request body")
+		return
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	if err := q.UpdateWebhook(r.Context(), webhookID, req.Name, req.URL, req.Events, req.Secret, req.Enabled); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to update webhook")
+		return
+	}
+
+	webhook, _ := q.GetWebhook(r.Context(), webhookID)
+	jsonResponse(w, http.StatusOK, webhook)
+}
+
+func (s *Server) deleteWebhook(w http.ResponseWriter, r *http.Request) {
+	if GetDemoInfo(r).IsDemo {
+		jsonError(w, http.StatusForbidden, "Webhook management is not available in demo mode")
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	webhookID := chi.URLParam(r, "id")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	if err := q.DeleteWebhook(r.Context(), webhookID); err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to delete webhook")
+		return
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+}
+
+func (s *Server) testWebhook(w http.ResponseWriter, r *http.Request) {
+	if GetDemoInfo(r).IsDemo {
+		jsonError(w, http.StatusForbidden, "Webhook testing is not available in demo mode")
+		return
+	}
+
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	webhookID := chi.URLParam(r, "id")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	webhook, err := q.GetWebhook(r.Context(), webhookID)
+	if err != nil || webhook == nil {
+		jsonError(w, http.StatusNotFound, "webhook not found")
+		return
+	}
+
+	// Trigger a test event
+	testData := map[string]any{
+		"post": map[string]any{
+			"id":          "test-id",
+			"slug":        "test-post",
+			"title":       "Test Post",
+			"description": "This is a test webhook delivery",
+			"url":         "https://example.com/posts/test-post",
+			"tags":        []string{"test"},
+		},
+	}
+
+	q.TriggerWebhooks(r.Context(), "post.test", testData, "")
+
+	jsonResponse(w, http.StatusOK, map[string]string{"status": "triggered"})
+}
+
+func (s *Server) listWebhookDeliveries(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+	webhookID := chi.URLParam(r, "id")
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	deliveries, err := q.ListWebhookDeliveries(r.Context(), webhookID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "failed to list deliveries")
+		return
+	}
+
+	if deliveries == nil {
+		deliveries = []tenant.WebhookDelivery{}
+	}
+
+	jsonResponse(w, http.StatusOK, deliveries)
+}
+
+func (s *Server) getBilling(w http.ResponseWriter, r *http.Request) {
+	tenantID := r.Context().Value(tenantIDKey).(string)
+
+	t, err := s.database.GetTenantByID(r.Context(), tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	premium := false
+	if t != nil {
+		premium = t.Premium
+	}
+
+	db, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		jsonError(w, http.StatusInternalServerError, "database error")
+		return
+	}
+
+	q := tenant.NewQueries(db)
+	webhookCount, _ := q.CountWebhooks(r.Context())
+	pluginCount, _ := q.CountPlugins(r.Context())
+
+	usage := config.Usage{
+		Webhooks: webhookCount,
+		Plugins:  pluginCount,
+	}
+
+	jsonResponse(w, http.StatusOK, config.GetAllTiers(premium, usage))
+}
diff --git a/internal/server/sync.go b/internal/server/sync.go
new file mode 100644
index 0000000..78e6418
--- /dev/null
+++ b/internal/server/sync.go
@@ -0,0 +1,113 @@
+package server
+
+import (
+	"context"
+	"log"
+	"time"
+
+	"github.com/writekitapp/writekit/internal/tenant"
+)
+
+func (s *Server) StartAnalyticsSync() {
+	if !s.cloudflare.IsConfigured() {
+		return
+	}
+
+	go s.runAnalyticsSync()
+}
+
+func (s *Server) runAnalyticsSync() {
+	ticker := time.NewTicker(24 * time.Hour)
+	defer ticker.Stop()
+
+	s.syncYesterdayAnalytics()
+
+	for range ticker.C {
+		s.syncYesterdayAnalytics()
+	}
+}
+
+func (s *Server) syncYesterdayAnalytics() {
+	ctx := context.Background()
+	yesterday := time.Now().AddDate(0, 0, -1).Format("2006-01-02")
+
+	tenants, err := s.database.ListTenants(ctx)
+	if err != nil {
+		log.Printf("analytics sync: list tenants: %v", err)
+		return
+	}
+
+	for _, t := range tenants {
+		s.syncTenantAnalytics(ctx, t.ID, t.Subdomain, yesterday)
+	}
+
+	demos, err := s.database.ListActiveDemos(ctx)
+	if err != nil {
+		log.Printf("analytics sync: list demos: %v", err)
+		return
+	}
+
+	for _, d := range demos {
+		s.syncTenantAnalytics(ctx, d.ID, d.Subdomain, yesterday)
+	}
+}
+
+func (s *Server) syncTenantAnalytics(ctx context.Context, tenantID, subdomain, date string) {
+	hostname := subdomain + "." + s.domain
+
+	tenantDB, err := s.tenantPool.Get(tenantID)
+	if err != nil {
+		log.Printf("analytics sync: get tenant db %s: %v", tenantID, err)
+		return
+	}
+
+	q := tenant.NewQueries(tenantDB)
+
+	has, err := q.HasArchivedDate(ctx, date)
+	if err != nil {
+		log.Printf("analytics sync: check archived %s: %v", tenantID, err)
+		return
+	}
+	if has {
+		return
+	}
+
+	cfData, err := s.cloudflare.GetAnalytics(ctx, 1, hostname)
+	if err != nil {
+		log.Printf("analytics sync: fetch cf data %s: %v", tenantID, err)
+		return
+	}
+
+	if cfData == nil || len(cfData.Daily) == 0 {
+		return
+	}
+
+	day := cfData.Daily[0]
+	archived := &tenant.ArchivedDay{
+		Date:           day.Date,
+		Requests:       day.Requests,
+		PageViews:      day.PageViews,
+		UniqueVisitors: day.Visitors,
+		Bandwidth:      day.Bandwidth,
+	}
+
+	for _, b := range cfData.Browsers {
+		archived.Browsers = append(archived.Browsers, tenant.NamedStat{Name: b.Name, Count: b.Count})
+	}
+	for _, o := range cfData.OS {
+		archived.OS = append(archived.OS, tenant.NamedStat{Name: o.Name, Count: o.Count})
+	}
+	for _, d := range cfData.Devices {
+		archived.Devices = append(archived.Devices, tenant.NamedStat{Name: d.Name, Count: d.Count})
+	}
+	for _, c := range cfData.Countries {
+		archived.Countries = append(archived.Countries, tenant.NamedStat{Name: c.Name, Count: c.Count})
+	}
+	for _, p := range cfData.Paths {
+		archived.Paths = append(archived.Paths, tenant.PageStats{Path: p.Path, Views: p.Requests})
+	}
+
+	if err := q.SaveDailyAnalytics(ctx, archived); err != nil {
+		log.Printf("analytics sync: save archived %s: %v", tenantID, err)
+	}
+}
diff --git a/internal/server/templates/404.html b/internal/server/templates/404.html
new file mode 100644
index 0000000..6ae8347
--- /dev/null
+++ b/internal/server/templates/404.html
@@ -0,0 +1,64 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>404 — WriteKit</title>
+  <link rel="icon" type="image/x-icon" href="/assets/writekit-icon.ico" />
+  <link rel="icon" type="image/svg+xml" href="/assets/writekit-icon.svg" />
+  <style>
+    *{margin:0;padding:0;box-sizing:border-box}
+    :root{--bg:#fafafa;--text:#0a0a0a;--muted:#737373;--border:#e5e5e5;--primary:#10b981}
+    body{font-family:system-ui,-apple-system,sans-serif;background:var(--bg);color:var(--text);line-height:1.6}
+    .mono{font-family:'SF Mono','Fira Code','Consolas',monospace}
+    .layout{display:grid;grid-template-columns:200px 1fr;min-height:100vh}
+    aside{padding:2rem 1.5rem;border-right:1px solid var(--border);position:sticky;top:0;height:100vh;display:flex;flex-direction:column}
+    .sidebar-logo{font-family:'SF Mono','Fira Code',monospace;font-weight:600;font-size:14px;letter-spacing:-0.02em;margin-bottom:0.25rem}
+    .sidebar-tagline{font-family:'SF Mono','Fira Code',monospace;font-size:10px;color:var(--muted);text-transform:uppercase;letter-spacing:0.05em;margin-bottom:2.5rem}
+    .sidebar-nav{display:flex;flex-direction:column;gap:0.25rem}
+    .sidebar-nav a{font-family:'SF Mono','Fira Code',monospace;font-size:12px;color:var(--muted);text-decoration:none;padding:0.5rem 0;transition:color 0.15s}
+    .sidebar-nav a:hover{color:var(--text)}
+    .sidebar-footer{margin-top:auto}
+    .env-badge{font-family:'SF Mono','Fira Code',monospace;display:inline-block;padding:0.35rem 0.75rem;border:1px solid var(--primary);font-size:10px;text-transform:uppercase;letter-spacing:0.05em;color:var(--primary)}
+    main{display:flex;align-items:center;justify-content:center;min-height:100vh;padding:2rem}
+    .error-content{text-align:center;max-width:400px}
+    .error-code{font-family:'SF Mono','Fira Code',monospace;font-size:120px;font-weight:600;letter-spacing:-0.05em;line-height:1;color:var(--border);margin-bottom:1rem}
+    .error-title{font-size:1.5rem;font-weight:500;letter-spacing:-0.02em;margin-bottom:0.75rem}
+    .error-message{font-family:'SF Mono','Fira Code',monospace;font-size:13px;color:var(--muted);margin-bottom:2rem;line-height:1.7}
+    .error-actions{display:flex;gap:1rem;justify-content:center;flex-wrap:wrap}
+    .btn-primary{padding:12px 24px;background:var(--text);color:var(--bg);text-decoration:none;font-family:'SF Mono','Fira Code',monospace;font-size:13px;transition:all 0.2s}
+    .btn-primary:hover{transform:translateY(-1px);box-shadow:0 4px 12px rgba(0,0,0,0.15)}
+    .btn-secondary{padding:12px 24px;background:transparent;color:var(--text);border:1px solid var(--border);text-decoration:none;font-family:'SF Mono','Fira Code',monospace;font-size:13px;transition:all 0.15s}
+    .btn-secondary:hover{border-color:var(--text)}
+    @media(max-width:900px){.layout{grid-template-columns:1fr}aside{display:none}}
+  </style>
+</head>
+<body>
+  <div class="layout">
+    <aside>
+      <div>
+        <div class="sidebar-logo">WriteKit</div>
+        <div class="sidebar-tagline">Blogging Platform</div>
+      </div>
+      <nav class="sidebar-nav">
+        <a href="/">Home</a>
+        <a href="/signup" style="color:var(--primary)">Create Blog →</a>
+      </nav>
+      <div class="sidebar-footer">
+        <div class="env-badge">ALPHA</div>
+      </div>
+    </aside>
+    <main>
+      <div class="error-content">
+        <div class="error-code">404</div>
+        <h1 class="error-title">Page not found</h1>
+        <p class="error-message">The page you're looking for doesn't exist or may have been moved.</p>
+        <div class="error-actions">
+          <a href="/" class="btn-primary">Go Home</a>
+          <a href="/signup" class="btn-secondary">Create a Blog</a>
+        </div>
+      </div>
+    </main>
+  </div>
+</body>
+</html>
diff --git a/internal/server/templates/expired.html b/internal/server/templates/expired.html
new file mode 100644
index 0000000..00d7079
--- /dev/null
+++ b/internal/server/templates/expired.html
@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8"/>
+<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+<title>Demo Expired — WriteKit</title>
+<link rel="icon" type="image/x-icon" href="/assets/writekit-icon.ico"/>
+<link rel="icon" type="image/svg+xml" href="/assets/writekit-icon.svg"/>
+<style>
+*{margin:0;padding:0;box-sizing:border-box}
+:root{--bg:#fafafa;--text:#0a0a0a;--muted:#737373;--border:#e5e5e5;--primary:#10b981}
+body{font-family:'SF Mono','Fira Code','Consolas',monospace;background:var(--bg);color:var(--text);min-height:100vh;display:flex;align-items:center;justify-content:center;padding:2rem}
+.container{max-width:480px;width:100%}
+.header{margin-bottom:3rem}
+.logo{font-weight:600;font-size:14px;letter-spacing:-0.02em;margin-bottom:0.5rem}
+.subdomain{font-size:12px;color:var(--muted)}
+.title{font-family:system-ui,-apple-system,sans-serif;font-size:2rem;font-weight:400;letter-spacing:-0.03em;margin-bottom:1rem}
+.description{color:var(--muted);line-height:1.6;margin-bottom:2.5rem}
+.section{margin-bottom:2rem}
+.signup-btn{display:block;width:100%;padding:1rem 1.5rem;background:linear-gradient(135deg,#10b981,#06b6d4);color:white;text-decoration:none;font-family:inherit;font-size:14px;font-weight:500;text-align:center;border:none;cursor:pointer;transition:transform 0.2s,box-shadow 0.2s}
+.signup-btn:hover{transform:translateY(-2px);box-shadow:0 8px 24px rgba(16,185,129,0.3)}
+.signup-note{font-size:11px;color:var(--muted);margin-top:0.75rem;text-align:center}
+.divider{display:flex;align-items:center;gap:1rem;margin:2rem 0;color:var(--muted);font-size:12px}
+.divider::before,.divider::after{content:'';flex:1;height:1px;background:var(--border)}
+.secondary-actions{display:flex;gap:1rem}
+.secondary-btn{flex:1;display:flex;align-items:center;justify-content:center;gap:0.5rem;padding:0.875rem 1rem;background:transparent;color:var(--text);text-decoration:none;font-family:inherit;font-size:13px;border:1px solid var(--border);transition:all 0.15s}
+.secondary-btn:hover{border-color:var(--text);background:var(--border)}
+.secondary-btn svg{width:16px;height:16px}
+</style>
+</head>
+<body>
+<div class="container">
+<div class="header">
+<div class="logo">WriteKit</div>
+<div class="subdomain">{{SUBDOMAIN_TEXT}}</div>
+</div>
+<h1 class="title">Demo Expired</h1>
+<p class="description">Your demo session has ended. Want to keep your blog? Sign up to make it permanent — it's free.</p>
+<div class="section">
+<a href="/signup" class="signup-btn">Keep My Blog — Sign Up Free</a>
+<p class="signup-note">No credit card required</p>
+</div>
+<div class="divider">or</div>
+<div class="secondary-actions">
+<a href="/discord" class="secondary-btn">
+<svg viewBox="0 0 24 24" fill="currentColor"><path d="M20.317 4.37a19.791 19.791 0 0 0-4.885-1.515.074.074 0 0 0-.079.037c-.21.375-.444.864-.608 1.25a18.27 18.27 0 0 0-5.487 0 12.64 12.64 0 0 0-.617-1.25.077.077 0 0 0-.079-.037A19.736 19.736 0 0 0 3.677 4.37a.07.07 0 0 0-.032.027C.533 9.046-.32 13.58.099 18.057a.082.082 0 0 0 .031.057 19.9 19.9 0 0 0 5.993 3.03.078.078 0 0 0 .084-.028 14.09 14.09 0 0 0 1.226-1.994.076.076 0 0 0-.041-.106 13.107 13.107 0 0 1-1.872-.892.077.077 0 0 1-.008-.128 10.2 10.2 0 0 0 .372-.292.074.074 0 0 1 .077-.01c3.928 1.793 8.18 1.793 12.062 0a.074.074 0 0 1 .078.01c.12.098.246.198.373.292a.077.077 0 0 1-.006.127 12.299 12.299 0 0 1-1.873.892.077.077 0 0 0-.041.107c.36.698.772 1.362 1.225 1.993a.076.076 0 0 0 .084.028 19.839 19.839 0 0 0 6.002-3.03.077.077 0 0 0 .032-.054c.5-5.177-.838-9.674-3.549-13.66a.061.061 0 0 0-.031-.03zM8.02 15.33c-1.183 0-2.157-1.085-2.157-2.419 0-1.333.956-2.419 2.157-2.419 1.21 0 2.176 1.096 2.157 2.42 0 1.333-.956 2.418-2.157 2.418zm7.975 0c-1.183 0-2.157-1.085-2.157-2.419 0-1.333.955-2.419 2.157-2.419 1.21 0 2.176 1.096 2.157 2.42 0 1.333-.946 2.418-2.157 2.418z"/></svg>
+Join Discord
+</a>
+<a href="/" class="secondary-btn">
+<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path stroke-linecap="round" stroke-linejoin="round" d="M4 4v5h.582m15.356 2A8.001 8.001 0 004.582 9m0 0H9m11 11v-5h-.581m0 0a8.003 8.003 0 01-15.357-2m15.357 2H15"/></svg>
+Try Again
+</a>
+</div>
+</div>
+</body>
+</html>
diff --git a/internal/server/templates/index.html b/internal/server/templates/index.html
new file mode 100644
index 0000000..9250a17
--- /dev/null
+++ b/internal/server/templates/index.html
@@ -0,0 +1,484 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>WriteKit — Full Blogging Platform. Lightweight. Yours.</title>
+  <link rel="icon" type="image/x-icon" href="/assets/writekit-icon.ico" />
+  <link rel="icon" type="image/svg+xml" href="/assets/writekit-icon.svg" />
+  <link rel="icon" type="image/png" sizes="32x32" href="/assets/favicon-32x32.png" />
+  <link rel="icon" type="image/png" sizes="16x16" href="/assets/favicon-16x16.png" />
+  <link rel="apple-touch-icon" sizes="180x180" href="/assets/apple-touch-icon.png" />
+  <style>
+    *{margin:0;padding:0;box-sizing:border-box}
+    :root{--bg:#fafafa;--text:#0a0a0a;--muted:#737373;--border:#e5e5e5;--accent:{{ACCENT}};--primary:#10b981}
+    body{font-family:system-ui,-apple-system,sans-serif;background:var(--bg);color:var(--text);line-height:1.6}
+    .mono{font-family:'SF Mono','Fira Code','Consolas',monospace}
+    .layout{display:grid;grid-template-columns:200px 1fr;min-height:100vh}
+    aside{padding:2rem 1.5rem;border-right:1px solid var(--border);position:sticky;top:0;height:100vh;display:flex;flex-direction:column}
+    .sidebar-logo{font-family:'SF Mono','Fira Code',monospace;font-weight:600;font-size:14px;letter-spacing:-0.02em;margin-bottom:0.25rem}
+    .sidebar-tagline{font-family:'SF Mono','Fira Code',monospace;font-size:10px;color:var(--muted);text-transform:uppercase;letter-spacing:0.05em;margin-bottom:2.5rem}
+    .sidebar-nav{display:flex;flex-direction:column;gap:0.25rem}
+    .sidebar-nav a{font-family:'SF Mono','Fira Code',monospace;font-size:12px;color:var(--muted);text-decoration:none;padding:0.5rem 0;transition:color 0.15s}
+    .sidebar-nav a:hover{color:var(--text)}
+    .sidebar-divider{height:1px;background:var(--border);margin:1rem 0}
+    .sidebar-label{font-family:'SF Mono','Fira Code',monospace;font-size:10px;color:var(--muted);text-transform:uppercase;letter-spacing:0.1em;margin-bottom:0.5rem}
+    .sidebar-footer{margin-top:auto}
+    .env-badge{font-family:'SF Mono','Fira Code',monospace;display:inline-block;padding:0.35rem 0.75rem;border:1px solid var(--accent);font-size:10px;text-transform:uppercase;letter-spacing:0.05em;color:var(--accent)}
+    .version-badge{font-family:'SF Mono','Fira Code',monospace;font-size:10px;color:var(--muted);opacity:0.5;margin-top:0.5rem;cursor:default;transition:opacity 0.15s}
+    .version-badge:hover{opacity:1}
+    main{min-width:0}
+    .hero{position:relative;padding:5rem 3rem 4rem;border-bottom:1px solid var(--border);overflow:hidden}
+    .hero-canvas{position:absolute;top:0;right:0;width:45%;height:100%;opacity:0.6;mask-image:linear-gradient(to left,black,transparent);-webkit-mask-image:linear-gradient(to left,black,transparent)}
+    .hero>*:not(.hero-canvas){position:relative;z-index:1}
+    .hero-label{font-family:'SF Mono','Fira Code',monospace;font-size:11px;color:var(--muted);text-transform:uppercase;letter-spacing:0.15em;margin-bottom:1.5rem}
+    .hero h1{font-family:system-ui,-apple-system,sans-serif;font-size:clamp(2rem,4vw,3rem);font-weight:500;letter-spacing:-0.03em;line-height:1.15;margin-bottom:1.5rem;max-width:600px}
+    .hero-sub{font-family:'SF Mono','Fira Code',monospace;font-size:13px;color:var(--muted);max-width:550px;line-height:1.7}
+    .hero-sub code{color:var(--text);background:var(--border);padding:0.15em 0.4em;font-size:0.95em}
+    .section{padding:4rem 3rem;border-bottom:1px solid var(--border)}
+    .section-label{font-family:'SF Mono','Fira Code',monospace;font-size:11px;color:var(--muted);text-transform:uppercase;letter-spacing:0.15em;margin-bottom:2rem}
+    .hero-cta{margin-top:2.5rem}
+    .hero-cta .demo-btn{width:auto;padding:14px 32px;font-size:14px}
+    .hero-cta .demo-note{text-align:left}
+    .section-features{border-top:1px solid var(--border);border-bottom:1px solid var(--border);margin-top:-1px}
+    .features-grid{display:grid;grid-template-columns:repeat(4,1fr);gap:1px;background:var(--border)}
+    .feature{background:var(--bg);padding:2rem}
+    .feature-num{font-family:'SF Mono','Fira Code',monospace;font-size:11px;color:var(--muted);margin-bottom:0.75rem}
+    .feature h3{font-size:1rem;font-weight:500;margin-bottom:0.5rem;letter-spacing:-0.01em}
+    .feature p{font-family:'SF Mono','Fira Code',monospace;font-size:11px;color:var(--muted);line-height:1.6}
+    .demo-btn{width:100%;margin-top:16px;padding:12px 24px;background:var(--text);color:var(--bg);border:none;font-family:'SF Mono','Fira Code',monospace;font-size:13px;cursor:pointer;transition:all 0.2s}
+    .demo-btn:hover:not(:disabled){transform:translateY(-1px);box-shadow:0 4px 12px rgba(0,0,0,0.15)}
+    .demo-btn:disabled{opacity:0.4;cursor:not-allowed}
+    .demo-note{margin-top:1rem;font-family:'SF Mono','Fira Code',monospace;font-size:11px;color:var(--muted);text-align:center}
+    .mission{max-width:650px}
+    .mission h2{font-size:1.5rem;font-weight:400;letter-spacing:-0.02em;line-height:1.5;margin-bottom:1.5rem}
+    .mission p{font-family:'SF Mono','Fira Code',monospace;font-size:13px;color:var(--muted);line-height:1.7}
+    .section-cta{text-align:center;padding:5rem 3rem;margin-top:-1px}
+    .cta-content h2{font-size:1.75rem;font-weight:500;letter-spacing:-0.02em;margin-bottom:0.75rem}
+    .cta-content p{font-family:'SF Mono','Fira Code',monospace;font-size:13px;color:var(--muted);margin-bottom:2rem}
+    .cta-buttons{display:flex;gap:1rem;justify-content:center;flex-wrap:wrap}
+    .cta-primary{padding:14px 32px;background:var(--text);color:var(--bg);text-decoration:none;font-family:'SF Mono','Fira Code',monospace;font-size:14px;transition:all 0.2s}
+    .cta-primary:hover{transform:translateY(-1px);box-shadow:0 4px 12px rgba(0,0,0,0.15)}
+    .cta-secondary{padding:14px 32px;background:transparent;color:var(--text);border:1px solid var(--border);font-family:'SF Mono','Fira Code',monospace;font-size:14px;cursor:pointer;transition:all 0.2s}
+    .cta-secondary:hover{border-color:var(--text)}
+    footer{padding:4rem 3rem;background:var(--text);color:var(--bg);margin-top:-1px}
+    .footer-content{display:flex;justify-content:space-between;align-items:flex-start;gap:3rem;max-width:900px}
+    .footer-brand{flex:1}
+    .footer-logo{font-family:'SF Mono','Fira Code',monospace;font-weight:600;font-size:16px;margin-bottom:0.5rem}
+    .footer-tagline{font-family:'SF Mono','Fira Code',monospace;font-size:12px;color:var(--muted);margin-bottom:1.5rem}
+    .footer-copy{font-family:'SF Mono','Fira Code',monospace;font-size:11px;color:var(--muted)}
+    .footer-links{display:flex;gap:3rem}
+    .footer-col h4{font-family:'SF Mono','Fira Code',monospace;font-size:11px;text-transform:uppercase;letter-spacing:0.1em;color:var(--muted);margin-bottom:1rem;font-weight:normal}
+    .footer-col a{display:flex;align-items:center;gap:0.5rem;font-family:'SF Mono','Fira Code',monospace;font-size:13px;color:var(--bg);text-decoration:none;padding:0.35rem 0;transition:opacity 0.15s}
+    .footer-col a:hover{opacity:0.7}
+    .footer-col a svg{width:16px;height:16px}
+    .demo-modal{display:none;position:fixed;inset:0;z-index:1000;align-items:center;justify-content:center}
+    .demo-modal.active{display:flex}
+    .demo-modal-backdrop{position:absolute;inset:0;background:rgba(0,0,0,0.5);backdrop-filter:blur(4px)}
+    .demo-modal-content{position:relative;background:white;border:1px solid var(--border);width:100%;max-width:420px;margin:1rem;box-shadow:0 25px 50px -12px rgba(0,0,0,0.25)}
+    .demo-step{display:none;padding:2rem}
+    .demo-step.active{display:block;animation:fadeIn 0.3s ease}
+    .demo-step-header{margin-bottom:1.5rem}
+    .demo-step-indicator{font-family:'SF Mono','Fira Code',monospace;font-size:11px;color:var(--muted);text-transform:uppercase;letter-spacing:0.1em;display:block;margin-bottom:0.75rem}
+    .demo-step-header h2{font-size:1.25rem;font-weight:500;margin-bottom:0.5rem}
+    .demo-step-header p{font-family:'SF Mono','Fira Code',monospace;font-size:12px;color:var(--muted)}
+    .demo-name-input{width:100%;padding:14px 16px;border:1px solid var(--border);font-family:inherit;font-size:15px;outline:none;transition:border-color 0.15s}
+    .demo-name-input:focus{border-color:var(--text)}
+    .demo-step-footer{display:flex;justify-content:flex-end;gap:0.75rem;margin-top:1.5rem}
+    .demo-next,.demo-launch{padding:12px 24px;background:var(--text);color:var(--bg);border:none;font-family:'SF Mono','Fira Code',monospace;font-size:13px;cursor:pointer;transition:all 0.2s}
+    .demo-next:hover:not(:disabled),.demo-launch:hover:not(:disabled){transform:translateY(-1px);box-shadow:0 4px 12px rgba(0,0,0,0.15)}
+    .demo-next:disabled,.demo-launch:disabled{opacity:0.4;cursor:not-allowed}
+    .demo-back{padding:12px 24px;background:transparent;color:var(--muted);border:1px solid var(--border);font-family:'SF Mono','Fira Code',monospace;font-size:13px;cursor:pointer;transition:all 0.15s}
+    .demo-back:hover{border-color:var(--text);color:var(--text)}
+    .demo-launch{background:linear-gradient(135deg,#10b981,#06b6d4)}
+    .demo-launch:hover:not(:disabled){box-shadow:0 8px 24px rgba(16,185,129,0.3)}
+    .color-picker{display:flex;gap:0.75rem;flex-wrap:wrap}
+    .color-swatch{width:48px;height:48px;border:2px solid transparent;cursor:pointer;transition:all 0.15s;position:relative}
+    .color-swatch:hover{transform:scale(1.1)}
+    .color-swatch.selected{border-color:var(--text)}
+    .color-swatch.selected::after{content:'✓';position:absolute;inset:0;display:flex;align-items:center;justify-content:center;color:white;font-size:18px;text-shadow:0 1px 2px rgba(0,0,0,0.3)}
+    .launch-progress{margin-top:1.5rem;padding:1rem;background:#f5f5f5;border:1px solid var(--border)}
+    .launch-progress.active{display:block;animation:fadeIn 0.3s ease}
+    .progress-step{display:flex;align-items:center;gap:0.75rem;padding:0.5rem 0;font-family:'SF Mono','Fira Code',monospace;font-size:12px;color:var(--muted)}
+    .progress-step.active{color:var(--text)}
+    .progress-step.done{color:var(--primary)}
+    .progress-dot{width:8px;height:8px;background:var(--border);transition:all 0.3s}
+    .progress-step.active .progress-dot{background:var(--text);animation:pulse 1s infinite}
+    .progress-step.done .progress-dot{background:var(--primary)}
+    .launch-success{text-align:center;padding:2rem}
+    .launch-success.active{display:block;animation:successPop 0.5s cubic-bezier(0.34,1.56,0.64,1)}
+    .success-icon{width:48px;height:48px;background:linear-gradient(135deg,#10b981,#06b6d4);display:flex;align-items:center;justify-content:center;margin:0 auto 1rem}
+    .success-icon svg{width:24px;height:24px;color:white}
+    .success-url{font-family:'SF Mono','Fira Code',monospace;font-size:14px;font-weight:500;margin-bottom:0.5rem}
+    .success-redirect{font-family:'SF Mono','Fira Code',monospace;font-size:12px;color:var(--muted)}
+    .demo-modal .launch-progress{display:block;margin-top:0;padding:0;background:transparent;border:none}
+    .demo-modal .launch-success{display:block;padding:1rem 0}
+    @keyframes fadeIn{from{opacity:0;transform:translateY(-10px)}to{opacity:1;transform:translateY(0)}}
+    @keyframes pulse{0%,100%{transform:scale(1)}50%{transform:scale(1.3)}}
+    @keyframes successPop{0%{transform:scale(0.8);opacity:0}100%{transform:scale(1);opacity:1}}
+    @media(max-width:1024px){.features-grid{grid-template-columns:repeat(2,1fr)}}
+    @media(max-width:900px){.layout{grid-template-columns:1fr}aside{position:relative;height:auto;border-right:none;border-bottom:1px solid var(--border);flex-direction:row;align-items:center;justify-content:space-between;padding:1rem 1.5rem}.sidebar-tagline{margin-bottom:0}.sidebar-nav,.sidebar-divider,.sidebar-label,.sidebar-footer{display:none}.hero,.section{padding:3rem 2rem}footer{padding:3rem 2rem}.footer-content{flex-direction:column}}
+    @media(max-width:768px){.features-grid{grid-template-columns:1fr}}
+    @media(max-width:480px){.hero,.section{padding:2rem 1.5rem}.footer-links{flex-direction:column;gap:2rem}}
+  </style>
+</head>
+<body>
+  <div class="layout">
+    <aside>
+      <div>
+        <div class="sidebar-logo">WriteKit</div>
+        <div class="sidebar-tagline">Blogging Platform</div>
+      </div>
+      <nav class="sidebar-nav">
+        <a href="#why">Why WriteKit</a>
+        <a href="#features">Features</a>
+        <a href="/signup" style="color:var(--primary)">Create Blog →</a>
+      </nav>
+      <div class="sidebar-divider"></div>
+      <div class="sidebar-label">Resources</div>
+      <nav class="sidebar-nav">
+        <a href="/docs">Documentation</a>
+        <a href="/discord">Discord</a>
+      </nav>
+      <div class="sidebar-footer">
+        <div class="env-badge">ALPHA</div>
+        <div class="version-badge" title="{{COMMIT}}">{{VERSION}}</div>
+      </div>
+    </aside>
+    <main>
+      <section class="hero">
+        <canvas class="hero-canvas" id="dither-canvas"></canvas>
+        <p class="hero-label">Blog Hosting for Developers / 2025</p>
+        <h1>Your Words,<br>Your Platform</h1>
+        <p class="hero-sub">Spin up a beautiful, fast blog in seconds. <code>SQLite</code>-powered, <code>markdown</code>-native, infinitely customizable.</p>
+        <div class="hero-cta">
+          <button class="demo-btn" id="try-demo">Try Demo</button>
+          <p class="demo-note">{{DEMO_MINUTES}} minute demo. <a href="/signup" style="color:var(--primary)">Create a real blog</a> instead.</p>
+        </div>
+      </section>
+      <section class="section" id="why">
+        <p class="section-label">Why WriteKit</p>
+        <div class="mission">
+          <h2>We built WriteKit because blogging platforms got complicated.</h2>
+          <p>Ghost is heavy. Hashnode is bloated. Medium doesn't care about developers. Hugo outputs static sites — great, until you want comments, logins and analytics without bolting on five services.<br><br>WriteKit is a fully featured platform for developers. Comments, reactions, search, analytics, monetization, API — everything works out of the box. Deploy in seconds, own your data forever.</p>
+        </div>
+      </section>
+      <section class="section-features" id="features">
+        <div class="features-grid">
+          <div class="feature"><p class="feature-num">01</p><h3>Comments & Reactions</h3><p>Threaded comments and emoji reactions. No Disqus, no third-party scripts.</p></div>
+          <div class="feature"><p class="feature-num">02</p><h3>Full-text Search</h3><p>SQLite FTS5 powers instant search. Fast, local, no external service.</p></div>
+          <div class="feature"><p class="feature-num">03</p><h3>Privacy-first Analytics</h3><p>Views, referrers, browsers — no cookies, no tracking pixels.</p></div>
+          <div class="feature"><p class="feature-num">04</p><h3>REST API</h3><p>Full programmatic access. Create posts, manage content, build integrations.</p></div>
+          <div class="feature"><p class="feature-num">05</p><h3>Markdown Native</h3><p>Write how you already write. YAML frontmatter, syntax highlighting.</p></div>
+          <div class="feature"><p class="feature-num">06</p><h3>Custom Domains</h3><p>Your domain or *.writekit.dev. SSL included automatically.</p></div>
+          <div class="feature"><p class="feature-num">07</p><h3>Own Your Data</h3><p>Export anytime. JSON, Markdown, full backup. No lock-in ever.</p></div>
+          <div class="feature"><p class="feature-num">08</p><h3>One-click Deploy</h3><p>No DevOps required. One button, your instance is live.</p></div>
+        </div>
+      </section>
+      <section class="section section-cta" id="cta">
+        <div class="cta-content">
+          <h2>Ready to start writing?</h2>
+          <p>Deploy your blog in seconds. No credit card required.</p>
+          <div class="cta-buttons">
+            <a href="/signup" class="cta-primary">Create Your Blog</a>
+            <button class="cta-secondary" id="try-demo-bottom">Try Demo First</button>
+          </div>
+        </div>
+      </section>
+      <div class="demo-modal" id="demo-modal">
+        <div class="demo-modal-backdrop"></div>
+        <div class="demo-modal-content">
+          <div class="demo-step active" data-step="1">
+            <div class="demo-step-header">
+              <span class="demo-step-indicator">1 / 2</span>
+              <h2>What's your name?</h2>
+              <p>We'll use this to personalize your blog.</p>
+            </div>
+            <input type="text" id="demo-name" class="demo-name-input" placeholder="Your name" autofocus autocomplete="off">
+            <div class="demo-step-footer">
+              <button class="demo-back" id="demo-skip">Skip</button>
+              <button class="demo-next" id="demo-next-1" disabled>Next →</button>
+            </div>
+          </div>
+          <div class="demo-step" data-step="2">
+            <div class="demo-step-header">
+              <span class="demo-step-indicator">2 / 2</span>
+              <h2>Pick a color</h2>
+              <p>Choose an accent color for your blog.</p>
+            </div>
+            <div class="color-picker">
+              <button class="color-swatch selected" data-color="#10b981" style="background:#10b981" title="Emerald"></button>
+              <button class="color-swatch" data-color="#3b82f6" style="background:#3b82f6" title="Blue"></button>
+              <button class="color-swatch" data-color="#8b5cf6" style="background:#8b5cf6" title="Purple"></button>
+              <button class="color-swatch" data-color="#f97316" style="background:#f97316" title="Orange"></button>
+              <button class="color-swatch" data-color="#ef4444" style="background:#ef4444" title="Rose"></button>
+              <button class="color-swatch" data-color="#64748b" style="background:#64748b" title="Slate"></button>
+            </div>
+            <div class="demo-step-footer">
+              <button class="demo-back" id="demo-back-2">← Back</button>
+              <button class="demo-launch" id="demo-launch">Launch Demo</button>
+            </div>
+          </div>
+          <div class="demo-step" data-step="3">
+            <div class="demo-step-header"><h2>Launching your demo...</h2></div>
+            <div class="launch-progress active">
+              <div class="progress-step" data-step="1"><span class="progress-dot"></span><span>Creating database...</span></div>
+              <div class="progress-step" data-step="2"><span class="progress-dot"></span><span>Configuring settings...</span></div>
+              <div class="progress-step" data-step="3"><span class="progress-dot"></span><span>Adding welcome post...</span></div>
+              <div class="progress-step" data-step="4"><span class="progress-dot"></span><span>Ready!</span></div>
+            </div>
+          </div>
+          <div class="demo-step" data-step="4">
+            <div class="launch-success active">
+              <div class="success-icon"><svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2"><path stroke-linecap="round" stroke-linejoin="round" d="M5 13l4 4L19 7"/></svg></div>
+              <div class="success-url" id="success-url"></div>
+              <div class="success-redirect">Redirecting you now...</div>
+            </div>
+          </div>
+        </div>
+      </div>
+      <footer>
+        <div class="footer-content">
+          <div class="footer-brand">
+            <div class="footer-logo">WriteKit</div>
+            <div class="footer-tagline">Your Words, Your Platform</div>
+            <div class="footer-copy">&copy; 2025 WriteKit. All rights reserved.</div>
+          </div>
+          <div class="footer-links">
+            <div class="footer-col">
+              <h4>Product</h4>
+              <a href="#features">Features</a>
+              <a href="/signup">Create Blog</a>
+              <a href="/docs">Documentation</a>
+            </div>
+            <div class="footer-col">
+              <h4>Community</h4>
+              <a href="/discord"><svg viewBox="0 0 24 24" fill="currentColor"><path d="M20.317 4.37a19.791 19.791 0 0 0-4.885-1.515.074.074 0 0 0-.079.037c-.21.375-.444.864-.608 1.25a18.27 18.27 0 0 0-5.487 0 12.64 12.64 0 0 0-.617-1.25.077.077 0 0 0-.079-.037A19.736 19.736 0 0 0 3.677 4.37a.07.07 0 0 0-.032.027C.533 9.046-.32 13.58.099 18.057a.082.082 0 0 0 .031.057 19.9 19.9 0 0 0 5.993 3.03.078.078 0 0 0 .084-.028 14.09 14.09 0 0 0 1.226-1.994.076.076 0 0 0-.041-.106 13.107 13.107 0 0 1-1.872-.892.077.077 0 0 1-.008-.128 10.2 10.2 0 0 0 .372-.292.074.074 0 0 1 .077-.01c3.928 1.793 8.18 1.793 12.062 0a.074.074 0 0 1 .078.01c.12.098.246.198.373.292a.077.077 0 0 1-.006.127 12.299 12.299 0 0 1-1.873.892.077.077 0 0 0-.041.107c.36.698.772 1.362 1.225 1.993a.076.076 0 0 0 .084.028 19.839 19.839 0 0 0 6.002-3.03.077.077 0 0 0 .032-.054c.5-5.177-.838-9.674-3.549-13.66a.061.061 0 0 0-.031-.03zM8.02 15.33c-1.183 0-2.157-1.085-2.157-2.419 0-1.333.956-2.419 2.157-2.419 1.21 0 2.176 1.096 2.157 2.42 0 1.333-.956 2.418-2.157 2.418zm7.975 0c-1.183 0-2.157-1.085-2.157-2.419 0-1.333.955-2.419 2.157-2.419 1.21 0 2.176 1.096 2.157 2.42 0 1.333-.946 2.418-2.157 2.418z"/></svg>Discord</a>
+            </div>
+          </div>
+        </div>
+      </footer>
+    </main>
+  </div>
+  <script>
+    const $ = s => document.querySelector(s)
+    const $$ = s => document.querySelectorAll(s)
+    const sleep = ms => new Promise(r => setTimeout(r, ms))
+
+    const modal = $('#demo-modal')
+    const backdrop = modal.querySelector('.demo-modal-backdrop')
+    const nameInput = $('#demo-name')
+    const nextBtn = $('#demo-next-1')
+    const backBtn = $('#demo-back-2')
+    const launchBtn = $('#demo-launch')
+    const successUrl = $('#success-url')
+    const colorSwatches = $$('.color-swatch')
+
+    let demoName = ''
+    let demoColor = '#10b981'
+
+    const openDemoModal = () => {
+      modal.classList.add('active')
+      setTimeout(() => nameInput.focus(), 100)
+    }
+
+    const resetModal = () => {
+      nameInput.value = ''
+      demoName = ''
+      nextBtn.disabled = true
+      goToModalStep(1)
+      colorSwatches.forEach(s => s.classList.remove('selected'))
+      colorSwatches[0].classList.add('selected')
+      demoColor = '#10b981'
+    }
+
+    const goToModalStep = step => {
+      modal.querySelectorAll('.demo-step').forEach(el => el.classList.remove('active'))
+      modal.querySelector(`.demo-step[data-step="${step}"]`).classList.add('active')
+      if (step === 1) setTimeout(() => nameInput.focus(), 100)
+    }
+
+    const setProgressStep = n => {
+      modal.querySelectorAll('.progress-step').forEach(el => {
+        const step = parseInt(el.dataset.step)
+        el.classList.remove('active', 'done')
+        if (step < n) el.classList.add('done')
+        if (step === n) el.classList.add('active')
+      })
+    }
+
+    const launchDemo = async () => {
+      if (!demoName) return
+      launchBtn.disabled = true
+      launchBtn.textContent = 'Launching...'
+      goToModalStep(3)
+      setProgressStep(1)
+
+      try {
+        const res = await fetch('/api/demo', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ name: demoName, color: demoColor })
+        })
+        const data = await res.json()
+
+        if (res.ok && data.url) {
+          setProgressStep(2)
+          await sleep(150)
+          setProgressStep(3)
+          await sleep(150)
+          setProgressStep(4)
+          await sleep(150)
+          goToModalStep(4)
+          successUrl.textContent = data.url
+          await sleep(300)
+          location.href = data.url
+        } else {
+          goToModalStep(2)
+          launchBtn.disabled = false
+          launchBtn.textContent = 'Launch Demo'
+          alert(data.error || 'Failed to create demo')
+        }
+      } catch {
+        goToModalStep(2)
+        launchBtn.disabled = false
+        launchBtn.textContent = 'Launch Demo'
+        alert('Error creating demo')
+      }
+    }
+
+    $('#try-demo').addEventListener('click', openDemoModal)
+    $('#try-demo-bottom').addEventListener('click', openDemoModal)
+
+    backdrop.addEventListener('click', () => {
+      if (!launchBtn.disabled || modal.querySelector('.demo-step[data-step="1"].active') || modal.querySelector('.demo-step[data-step="2"].active')) {
+        modal.classList.remove('active')
+        resetModal()
+      }
+    })
+
+    document.addEventListener('keydown', e => {
+      if (e.key === 'Escape' && modal.classList.contains('active')) {
+        if (modal.querySelector('.demo-step[data-step="1"].active') || modal.querySelector('.demo-step[data-step="2"].active')) {
+          modal.classList.remove('active')
+          resetModal()
+        }
+      }
+      if (e.key === 'Enter' && modal.classList.contains('active')) {
+        if (modal.querySelector('.demo-step[data-step="1"].active') && !nextBtn.disabled) goToModalStep(2)
+        else if (modal.querySelector('.demo-step[data-step="2"].active')) launchDemo()
+      }
+    })
+
+    nameInput.addEventListener('input', () => {
+      demoName = nameInput.value.trim()
+      nextBtn.disabled = !demoName.length
+    })
+
+    nextBtn.addEventListener('click', () => goToModalStep(2))
+    backBtn.addEventListener('click', () => goToModalStep(1))
+    launchBtn.addEventListener('click', launchDemo)
+
+    $('#demo-skip').addEventListener('click', () => {
+      demoName = 'Demo User'
+      launchDemo()
+    })
+
+    colorSwatches.forEach(swatch => {
+      swatch.addEventListener('click', () => {
+        colorSwatches.forEach(s => s.classList.remove('selected'))
+        swatch.classList.add('selected')
+        demoColor = swatch.dataset.color
+      })
+    })
+
+    $$('a[href^="#"]').forEach(anchor => {
+      anchor.addEventListener('click', e => {
+        e.preventDefault()
+        document.querySelector(anchor.getAttribute('href'))?.scrollIntoView({ behavior: 'smooth' })
+      })
+    })
+
+    ;(() => {
+      const settings = { pixelSize: 8, gridSize: 4, speed: 0.05, colorShift: 0.6, colors: { bright: [0.063, 0.725, 0.506], mid: [0.047, 0.545, 0.38], dark: [0.031, 0.363, 0.253], bg: [0.2, 0.2, 0.2] } }
+      const canvas = $('#dither-canvas')
+      if (!canvas) return
+      const gl = canvas.getContext('webgl2')
+      if (!gl) return
+
+      const vs = `#version 300 es
+        in vec2 a_position;
+        out vec2 v_uv;
+        void main() { v_uv = a_position * 0.5 + 0.5; gl_Position = vec4(a_position, 0.0, 1.0); }`
+
+      const fs = `#version 300 es
+        precision highp float;
+        in vec2 v_uv;
+        out vec4 fragColor;
+        uniform vec2 u_resolution;
+        uniform float u_time, u_pixelSize, u_gridSize, u_speed, u_colorShift;
+        uniform vec3 u_color1, u_color2, u_color3, u_bgColor;
+        float bayer8(vec2 p) { ivec2 P = ivec2(mod(floor(p), 8.0)); int i = P.x + P.y * 8; int b[64] = int[64](0,32,8,40,2,34,10,42,48,16,56,24,50,18,58,26,12,44,4,36,14,46,6,38,60,28,52,20,62,30,54,22,3,35,11,43,1,33,9,41,51,19,59,27,49,17,57,25,15,47,7,39,13,45,5,37,63,31,55,23,61,29,53,21); return float(b[i]) / 64.0; }
+        float hash(vec2 p) { return fract(sin(dot(p, vec2(127.1, 311.7))) * 43758.5453); }
+        float noise(vec2 p) { vec2 i = floor(p), f = fract(p); f = f * f * (3.0 - 2.0 * f); return mix(mix(hash(i), hash(i + vec2(1.0, 0.0)), f.x), mix(hash(i + vec2(0.0, 1.0)), hash(i + vec2(1.0, 1.0)), f.x), f.y); }
+        float fbm(vec2 p) { float v = 0.0, a = 0.5; for (int i = 0; i < 5; i++) { v += a * noise(p); p *= 2.0; a *= 0.5; } return v; }
+        void main() {
+          vec2 pixelUV = floor(v_uv * u_resolution / u_pixelSize) * u_pixelSize / u_resolution;
+          vec2 p = pixelUV * 3.0; float t = u_time * u_speed;
+          float pattern = fbm(p + vec2(t * 0.5, t * 0.3)) * 0.5 + fbm(p * 1.5 - vec2(t * 0.4, -t * 0.2)) * 0.3 + fbm(p * 0.5 + vec2(-t * 0.3, t * 0.5)) * 0.2 + 0.1 * sin(p.x * 2.0 + t) * sin(p.y * 2.0 - t * 0.7);
+          float luma = clamp(smoothstep(0.1, 0.9, pow(pattern, 0.7)) + u_colorShift * sin(u_time * 0.3) * 0.3, 0.0, 1.0);
+          float threshold = bayer8(floor(v_uv * u_resolution / u_gridSize));
+          float level = luma * 3.0; int band = int(floor(level)); float frac = fract(level);
+          vec3 result = band >= 2 ? (frac > threshold ? u_color1 : u_color2) : band == 1 ? (frac > threshold ? u_color2 : u_color3) : (frac > threshold ? u_color3 : u_bgColor);
+          fragColor = vec4(result, 1.0);
+        }`
+
+      const createShader = (type, src) => { const s = gl.createShader(type); gl.shaderSource(s, src); gl.compileShader(s); return gl.getShaderParameter(s, gl.COMPILE_STATUS) ? s : null }
+      const vertexShader = createShader(gl.VERTEX_SHADER, vs)
+      const fragmentShader = createShader(gl.FRAGMENT_SHADER, fs)
+      const program = gl.createProgram()
+      gl.attachShader(program, vertexShader)
+      gl.attachShader(program, fragmentShader)
+      gl.linkProgram(program)
+      if (!gl.getProgramParameter(program, gl.LINK_STATUS)) return
+
+      const vao = gl.createVertexArray()
+      gl.bindVertexArray(vao)
+      const buf = gl.createBuffer()
+      gl.bindBuffer(gl.ARRAY_BUFFER, buf)
+      gl.bufferData(gl.ARRAY_BUFFER, new Float32Array([-1, -1, 1, -1, -1, 1, 1, 1]), gl.STATIC_DRAW)
+      const posLoc = gl.getAttribLocation(program, 'a_position')
+      gl.enableVertexAttribArray(posLoc)
+      gl.vertexAttribPointer(posLoc, 2, gl.FLOAT, false, 0, 0)
+
+      const u = { resolution: gl.getUniformLocation(program, 'u_resolution'), time: gl.getUniformLocation(program, 'u_time'), pixelSize: gl.getUniformLocation(program, 'u_pixelSize'), gridSize: gl.getUniformLocation(program, 'u_gridSize'), speed: gl.getUniformLocation(program, 'u_speed'), colorShift: gl.getUniformLocation(program, 'u_colorShift'), color1: gl.getUniformLocation(program, 'u_color1'), color2: gl.getUniformLocation(program, 'u_color2'), color3: gl.getUniformLocation(program, 'u_color3'), bgColor: gl.getUniformLocation(program, 'u_bgColor') }
+
+      gl.useProgram(program)
+      gl.uniform3fv(u.color1, settings.colors.bright)
+      gl.uniform3fv(u.color2, settings.colors.mid)
+      gl.uniform3fv(u.color3, settings.colors.dark)
+      gl.uniform3fv(u.bgColor, settings.colors.bg)
+
+      const resize = () => { const dpr = Math.min(devicePixelRatio, 2); canvas.width = canvas.offsetWidth * dpr; canvas.height = canvas.offsetHeight * dpr }
+      resize()
+      addEventListener('resize', resize)
+
+      const render = time => {
+        time *= 0.001
+        gl.viewport(0, 0, canvas.width, canvas.height)
+        gl.useProgram(program)
+        gl.bindVertexArray(vao)
+        gl.uniform2f(u.resolution, canvas.width, canvas.height)
+        gl.uniform1f(u.time, time)
+        gl.uniform1f(u.pixelSize, settings.pixelSize)
+        gl.uniform1f(u.gridSize, settings.gridSize)
+        gl.uniform1f(u.speed, settings.speed)
+        gl.uniform1f(u.colorShift, settings.colorShift)
+        gl.drawArrays(gl.TRIANGLE_STRIP, 0, 4)
+        requestAnimationFrame(render)
+      }
+      requestAnimationFrame(render)
+    })()
+  </script>
+</body>
+</html>
diff --git a/internal/server/templates/signup.html b/internal/server/templates/signup.html
new file mode 100644
index 0000000..335c2e2
--- /dev/null
+++ b/internal/server/templates/signup.html
@@ -0,0 +1,472 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8"/>
+<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+<title>Sign Up — WriteKit</title>
+<link rel="icon" type="image/x-icon" href="/assets/writekit-icon.ico"/>
+<link rel="icon" type="image/svg+xml" href="/assets/writekit-icon.svg"/>
+<style>
+*{margin:0;padding:0;box-sizing:border-box}
+:root{--bg:#0a0a0a;--bg-elevated:#111111;--bg-subtle:#1a1a1a;--text:#fafafa;--text-muted:#737373;--text-dim:#525252;--border:#262626;--border-focus:#404040;--accent:{{ACCENT}};--emerald:#10b981;--cyan:#06b6d4;--red:#ef4444}
+html,body{height:100%}
+body{font-family:'SF Mono','Fira Code','Consolas',monospace;background:var(--bg);color:var(--text);line-height:1.6;overflow:hidden}
+.layout{display:grid;grid-template-columns:280px 1fr;height:100vh}
+.sidebar{background:var(--bg);border-right:1px solid var(--border);padding:2.5rem 2rem;display:flex;flex-direction:column}
+.sidebar-header{margin-bottom:3rem}
+.logo{font-size:15px;font-weight:600;letter-spacing:-0.02em;margin-bottom:0.35rem}
+.tagline{font-size:10px;color:var(--text-muted);text-transform:uppercase;letter-spacing:0.1em}
+.sidebar-content{flex:1;display:flex;flex-direction:column;justify-content:center}
+.step-indicator{display:flex;flex-direction:column;gap:1rem}
+.step-item{display:flex;align-items:center;gap:1rem;font-size:12px;color:var(--text-dim);transition:all 0.4s ease}
+.step-item.active{color:var(--text)}
+.step-item.completed{color:var(--emerald)}
+.step-dot{width:8px;height:8px;border:1px solid var(--border);background:transparent;transition:all 0.4s ease}
+.step-item.active .step-dot{background:var(--text);border-color:var(--text);box-shadow:0 0 12px rgba(250,250,250,0.3)}
+.step-item.completed .step-dot{background:var(--emerald);border-color:var(--emerald)}
+.sidebar-footer{margin-top:auto}
+.env-badge{display:inline-block;padding:0.35rem 0.75rem;border:1px solid var(--accent);font-size:10px;text-transform:uppercase;letter-spacing:0.08em;color:var(--accent)}
+.main{display:flex;align-items:center;justify-content:center;padding:2rem;position:relative;overflow:hidden}
+.main::before{content:'';position:absolute;inset:0;background-image:linear-gradient(var(--border) 1px,transparent 1px),linear-gradient(90deg,var(--border) 1px,transparent 1px);background-size:60px 60px;opacity:0.3;mask-image:radial-gradient(ellipse at center,black 0%,transparent 70%)}
+.step-container{position:relative;width:100%;max-width:480px;z-index:1}
+.step{position:absolute;width:100%;opacity:0;visibility:hidden;transform:translateY(30px);transition:all 0.5s cubic-bezier(0.16,1,0.3,1)}
+.step.active{position:relative;opacity:1;visibility:visible;transform:translateY(0)}
+.step.exit-up{transform:translateY(-30px)}
+.step-header{margin-bottom:2.5rem}
+.step-label{font-size:11px;color:var(--text-dim);text-transform:uppercase;letter-spacing:0.15em;margin-bottom:1rem;display:flex;align-items:center;gap:0.5rem}
+.step-label::before{content:'>';color:var(--emerald)}
+.step-title{font-size:clamp(1.75rem,3vw,2.25rem);font-weight:500;letter-spacing:-0.03em;line-height:1.2;margin-bottom:0.75rem}
+.step-desc{font-size:13px;color:var(--text-muted);line-height:1.7}
+.auth-buttons{display:flex;flex-direction:column;gap:0.75rem}
+.auth-btn{display:flex;align-items:center;justify-content:center;gap:0.75rem;padding:1rem 1.5rem;border:1px solid var(--border);background:var(--bg-elevated);color:var(--text);font-family:inherit;font-size:13px;font-weight:500;cursor:pointer;transition:all 0.2s ease;text-decoration:none}
+.auth-btn:hover{border-color:var(--border-focus);background:var(--bg-subtle)}
+.auth-btn.primary{background:var(--text);color:var(--bg);border-color:var(--text)}
+.auth-btn.primary:hover{background:#e5e5e5;border-color:#e5e5e5;transform:translateY(-2px);box-shadow:0 8px 24px rgba(250,250,250,0.15)}
+.auth-btn svg{width:20px;height:20px;flex-shrink:0}
+.auth-divider{display:flex;align-items:center;gap:1rem;margin:0.5rem 0}
+.auth-divider::before,.auth-divider::after{content:'';flex:1;height:1px;background:var(--border)}
+.auth-divider span{font-size:11px;color:var(--text-dim);text-transform:uppercase;letter-spacing:0.1em}
+.user-greeting{display:flex;flex-direction:column}
+.user-avatar{width:64px;height:64px;border-radius:50%;margin-bottom:1.5rem;border:2px solid var(--border);display:none;object-fit:cover}
+.user-avatar.loaded{display:block;animation:avatarPop 0.5s cubic-bezier(0.34,1.56,0.64,1)}
+@keyframes avatarPop{0%{transform:scale(0);opacity:0}100%{transform:scale(1);opacity:1}}
+.subdomain-form{margin-bottom:1.5rem}
+.input-row{display:flex;align-items:stretch;border:1px solid var(--border);background:var(--bg-elevated);transition:all 0.2s ease}
+.input-row:focus-within{border-color:var(--border-focus)}
+.input-row.valid{border-color:var(--emerald)}
+.input-row.invalid{border-color:var(--red)}
+.subdomain-input{flex:1;padding:1rem 1.25rem;background:transparent;border:none;color:var(--text);font-family:inherit;font-size:15px;outline:none}
+.subdomain-input::placeholder{color:var(--text-dim)}
+.subdomain-suffix{padding:1rem 1.25rem;background:var(--bg-subtle);color:var(--text-muted);font-size:15px;display:flex;align-items:center;border-left:1px solid var(--border)}
+.input-status{height:1.5rem;margin-top:0.75rem;font-size:12px;display:flex;align-items:center;gap:0.5rem}
+.input-status.available{color:var(--emerald)}
+.input-status.unavailable{color:var(--red)}
+.input-status.checking{color:var(--text-muted)}
+.input-status .dot{width:6px;height:6px;background:currentColor;animation:pulse 1s infinite}
+@keyframes pulse{0%,100%{opacity:1}50%{opacity:0.4}}
+.btn-row{display:flex;gap:0.75rem}
+.btn{padding:1rem 2rem;font-family:inherit;font-size:13px;font-weight:500;cursor:pointer;transition:all 0.2s ease;border:1px solid var(--border);background:var(--bg-elevated);color:var(--text)}
+.btn:hover:not(:disabled){border-color:var(--border-focus);background:var(--bg-subtle)}
+.btn:disabled{opacity:0.4;cursor:not-allowed}
+.btn.primary{flex:1;background:linear-gradient(135deg,var(--emerald),var(--cyan));border:none;color:white}
+.btn.primary:hover:not(:disabled){transform:translateY(-2px);box-shadow:0 8px 24px rgba(16,185,129,0.3)}
+.btn.primary:disabled{background:var(--border);transform:none;box-shadow:none}
+.btn-back{width:48px;padding:1rem;display:flex;align-items:center;justify-content:center}
+.btn-back svg{width:16px;height:16px}
+.progress-steps{background:var(--bg-elevated);border:1px solid var(--border);padding:1.5rem}
+.progress-step{display:flex;align-items:center;gap:1rem;padding:0.75rem 0;font-size:13px;color:var(--text-dim);transition:all 0.4s ease}
+.progress-step.active{color:var(--text)}
+.progress-step.done{color:var(--emerald)}
+.progress-step .dot{width:8px;height:8px;background:var(--border);flex-shrink:0;transition:all 0.3s ease}
+.progress-step.active .dot{background:var(--text);animation:progressPulse 1s infinite}
+.progress-step.done .dot{background:var(--emerald)}
+@keyframes progressPulse{0%,100%{transform:scale(1);box-shadow:0 0 0 0 rgba(250,250,250,0.4)}50%{transform:scale(1.2);box-shadow:0 0 12px 2px rgba(250,250,250,0.2)}}
+.success-content{text-align:center}
+.success-icon{width:72px;height:72px;margin:0 auto 2rem;background:linear-gradient(135deg,var(--emerald),var(--cyan));display:flex;align-items:center;justify-content:center;animation:successPop 0.6s cubic-bezier(0.34,1.56,0.64,1)}
+@keyframes successPop{0%{transform:scale(0);opacity:0}50%{transform:scale(1.1)}100%{transform:scale(1);opacity:1}}
+.success-icon svg{width:32px;height:32px;color:white;animation:checkDraw 0.4s 0.3s ease-out both}
+@keyframes checkDraw{0%{stroke-dashoffset:24;opacity:0}100%{stroke-dashoffset:0;opacity:1}}
+.success-icon svg path{stroke-dasharray:24;stroke-dashoffset:24;animation:checkDraw 0.4s 0.3s ease-out forwards}
+.success-url{font-size:18px;font-weight:600;margin-bottom:0.5rem;background:linear-gradient(135deg,var(--emerald),var(--cyan));-webkit-background-clip:text;-webkit-text-fill-color:transparent;background-clip:text}
+.success-redirect{font-size:12px;color:var(--text-muted);display:flex;align-items:center;justify-content:center;gap:0.5rem}
+.success-redirect .dot{width:6px;height:6px;background:var(--text-muted);animation:pulse 1s infinite}
+.back-link{position:absolute;top:2rem;left:2rem;font-size:12px;color:var(--text-muted);text-decoration:none;display:flex;align-items:center;gap:0.5rem;transition:color 0.2s;z-index:10}
+.back-link:hover{color:var(--text)}
+.back-link svg{width:14px;height:14px}
+.keyboard-hint{position:absolute;bottom:2rem;left:50%;transform:translateX(-50%);font-size:11px;color:var(--text-dim);display:flex;align-items:center;gap:0.5rem}
+.key{padding:0.25rem 0.5rem;background:var(--bg-subtle);border:1px solid var(--border);font-size:10px}
+.color-picker{margin-bottom:2rem}
+.color-options{display:flex;gap:0.75rem;flex-wrap:wrap;margin-bottom:1.5rem}
+.color-option{width:48px;height:48px;border:2px solid transparent;background:var(--color);cursor:pointer;transition:all 0.2s ease;position:relative}
+.color-option:hover{transform:scale(1.1)}
+.color-option.selected{border-color:var(--text);box-shadow:0 0 0 2px var(--bg),0 0 0 4px var(--color)}
+.color-option.selected::after{content:'✓';position:absolute;inset:0;display:flex;align-items:center;justify-content:center;color:white;font-size:18px;text-shadow:0 1px 2px rgba(0,0,0,0.3)}
+.color-preview{display:flex;align-items:center;gap:1rem}
+.preview-label{font-size:11px;color:var(--text-dim);text-transform:uppercase;letter-spacing:0.1em}
+.preview-box{flex:1;height:8px;background:var(--bg-subtle);border:1px solid var(--border);overflow:hidden}
+.preview-accent{height:100%;width:60%;background:var(--emerald);transition:background 0.3s ease,width 0.3s ease}
+@media(max-width:900px){.layout{grid-template-columns:1fr}.sidebar{display:none}.main{padding:1.5rem}.back-link{position:relative;top:auto;left:auto;margin-bottom:2rem}.keyboard-hint{display:none}}
+@media(max-width:480px){.step-title{font-size:1.5rem}.auth-btn{padding:0.875rem 1.25rem}}
+</style>
+</head>
+<body>
+<div class="layout">
+<aside class="sidebar">
+<div class="sidebar-header">
+<div class="logo">WriteKit</div>
+<div class="tagline">Blogging Platform</div>
+</div>
+<div class="sidebar-content">
+<div class="step-indicator">
+<div class="step-item active" data-step="1"><span class="step-dot"></span><span>Sign in</span></div>
+<div class="step-item" data-step="2"><span class="step-dot"></span><span>Personalize</span></div>
+<div class="step-item" data-step="3"><span class="step-dot"></span><span>Choose subdomain</span></div>
+<div class="step-item" data-step="4"><span class="step-dot"></span><span>Launch</span></div>
+</div>
+</div>
+<div class="sidebar-footer">
+<div class="env-badge">ALPHA</div>
+</div>
+</aside>
+<main class="main">
+<a href="/" class="back-link">
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2"><path stroke-linecap="round" stroke-linejoin="round" d="M10 19l-7-7m0 0l7-7m-7 7h18"/></svg>
+Back to home
+</a>
+<div class="step-container">
+<div class="step active" id="step-auth">
+<div class="step-header">
+<div class="step-label">Step 1</div>
+<h1 class="step-title">Start your blog</h1>
+<p class="step-desc">Sign in to create your WriteKit instance. Your blog will be ready in seconds.</p>
+</div>
+<div class="auth-buttons">
+<a href="/auth/github?callback=/signup/complete" class="auth-btn primary">
+<svg viewBox="0 0 24 24" fill="currentColor"><path d="M12 0c-6.626 0-12 5.373-12 12 0 5.302 3.438 9.8 8.207 11.387.599.111.793-.261.793-.577v-2.234c-3.338.726-4.033-1.416-4.033-1.416-.546-1.387-1.333-1.756-1.333-1.756-1.089-.745.083-.729.083-.729 1.205.084 1.839 1.237 1.839 1.237 1.07 1.834 2.807 1.304 3.492.997.107-.775.418-1.305.762-1.604-2.665-.305-5.467-1.334-5.467-5.931 0-1.311.469-2.381 1.236-3.221-.124-.303-.535-1.524.117-3.176 0 0 1.008-.322 3.301 1.23.957-.266 1.983-.399 3.003-.404 1.02.005 2.047.138 3.006.404 2.291-1.552 3.297-1.23 3.297-1.23.653 1.653.242 2.874.118 3.176.77.84 1.235 1.911 1.235 3.221 0 4.609-2.807 5.624-5.479 5.921.43.372.823 1.102.823 2.222v3.293c0 .319.192.694.801.576 4.765-1.589 8.199-6.086 8.199-11.386 0-6.627-5.373-12-12-12z"/></svg>
+Continue with GitHub
+</a>
+<div class="auth-divider"><span>or</span></div>
+<a href="/auth/google?callback=/signup/complete" class="auth-btn">
+<svg viewBox="0 0 24 24"><path fill="#4285F4" d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09z"/><path fill="#34A853" d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z"/><path fill="#FBBC05" d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z"/><path fill="#EA4335" d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z"/></svg>
+Continue with Google
+</a>
+<a href="/auth/discord?callback=/signup/complete" class="auth-btn">
+<svg viewBox="0 0 24 24" fill="#5865F2"><path d="M20.317 4.37a19.791 19.791 0 0 0-4.885-1.515.074.074 0 0 0-.079.037c-.21.375-.444.864-.608 1.25a18.27 18.27 0 0 0-5.487 0 12.64 12.64 0 0 0-.617-1.25.077.077 0 0 0-.079-.037A19.736 19.736 0 0 0 3.677 4.37a.07.07 0 0 0-.032.027C.533 9.046-.32 13.58.099 18.057a.082.082 0 0 0 .031.057 19.9 19.9 0 0 0 5.993 3.03.078.078 0 0 0 .084-.028 14.09 14.09 0 0 0 1.226-1.994.076.076 0 0 0-.041-.106 13.107 13.107 0 0 1-1.872-.892.077.077 0 0 1-.008-.128 10.2 10.2 0 0 0 .372-.292.074.074 0 0 1 .077-.01c3.928 1.793 8.18 1.793 12.062 0a.074.074 0 0 1 .078.01c.12.098.246.198.373.292a.077.077 0 0 1-.006.127 12.299 12.299 0 0 1-1.873.892.077.077 0 0 0-.041.107c.36.698.772 1.362 1.225 1.993a.076.076 0 0 0 .084.028 19.839 19.839 0 0 0 6.002-3.03.077.077 0 0 0 .032-.054c.5-5.177-.838-9.674-3.549-13.66a.061.061 0 0 0-.031-.03zM8.02 15.33c-1.183 0-2.157-1.085-2.157-2.419 0-1.333.956-2.419 2.157-2.419 1.21 0 2.176 1.096 2.157 2.42 0 1.333-.956 2.418-2.157 2.418zm7.975 0c-1.183 0-2.157-1.085-2.157-2.419 0-1.333.955-2.419 2.157-2.419 1.21 0 2.176 1.096 2.157 2.42 0 1.333-.946 2.418-2.157 2.418z"/></svg>
+Continue with Discord
+</a>
+</div>
+</div>
+<div class="step" id="step-personalize">
+<div class="step-header">
+<div class="user-greeting">
+<img class="user-avatar" id="personalize-avatar" alt=""/>
+<div class="step-label">Step 2</div>
+<h1 class="step-title" id="personalize-title">Pick your style</h1>
+</div>
+<p class="step-desc">Choose an accent color for your blog. You can change this anytime in settings.</p>
+</div>
+<div class="color-picker">
+<div class="color-options">
+<button type="button" class="color-option" data-color="#10b981" style="--color:#10b981" title="Emerald"></button>
+<button type="button" class="color-option" data-color="#06b6d4" style="--color:#06b6d4" title="Cyan"></button>
+<button type="button" class="color-option" data-color="#8b5cf6" style="--color:#8b5cf6" title="Violet"></button>
+<button type="button" class="color-option" data-color="#ec4899" style="--color:#ec4899" title="Pink"></button>
+<button type="button" class="color-option" data-color="#f97316" style="--color:#f97316" title="Orange"></button>
+<button type="button" class="color-option" data-color="#eab308" style="--color:#eab308" title="Yellow"></button>
+<button type="button" class="color-option" data-color="#ef4444" style="--color:#ef4444" title="Red"></button>
+<button type="button" class="color-option" data-color="#64748b" style="--color:#64748b" title="Slate"></button>
+</div>
+<div class="color-preview">
+<span class="preview-label">Preview</span>
+<div class="preview-box" id="color-preview"><div class="preview-accent"></div></div>
+</div>
+</div>
+<div class="btn-row">
+<button class="btn btn-back" id="btn-personalize-back" type="button" title="Use different account">
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2"><path stroke-linecap="round" stroke-linejoin="round" d="M10 19l-7-7m0 0l7-7m-7 7h18"/></svg>
+</button>
+<button class="btn primary" id="btn-personalize-next">Continue</button>
+</div>
+</div>
+<div class="step" id="step-subdomain">
+<div class="step-header">
+<div class="user-greeting" id="user-greeting">
+<img class="user-avatar" id="user-avatar" alt=""/>
+<div class="step-label">Step 3</div>
+<h1 class="step-title" id="greeting-title">Choose your subdomain</h1>
+</div>
+<p class="step-desc">Pick a memorable address for your blog. You can add a custom domain later.</p>
+</div>
+<div class="subdomain-form">
+<div class="input-row" id="input-row">
+<input type="text" class="subdomain-input" id="subdomain" placeholder="myblog" autocomplete="off" spellcheck="false" autofocus/>
+<span class="subdomain-suffix" id="domain-suffix">.writekit.dev</span>
+</div>
+<div class="input-status" id="status"></div>
+</div>
+<div class="btn-row">
+<button class="btn btn-back" id="btn-back" type="button">
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2"><path stroke-linecap="round" stroke-linejoin="round" d="M10 19l-7-7m0 0l7-7m-7 7h18"/></svg>
+</button>
+<button class="btn primary" id="btn-launch" disabled>Create my blog</button>
+</div>
+</div>
+<div class="step" id="step-provisioning">
+<div class="step-header">
+<div class="step-label">Step 4</div>
+<h1 class="step-title">Launching your blog</h1>
+<p class="step-desc">Setting everything up. This only takes a few seconds.</p>
+</div>
+<div class="progress-steps" id="progress-steps">
+<div class="progress-step" data-step="1"><span class="dot"></span><span>Reserving subdomain...</span></div>
+<div class="progress-step" data-step="2"><span class="dot"></span><span>Spinning up container...</span></div>
+<div class="progress-step" data-step="3"><span class="dot"></span><span>Configuring SSL...</span></div>
+<div class="progress-step" data-step="4"><span class="dot"></span><span>Almost ready...</span></div>
+</div>
+</div>
+<div class="step" id="step-success">
+<div class="success-content">
+<div class="success-icon">
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2.5"><path stroke-linecap="round" stroke-linejoin="round" d="M5 13l4 4L19 7"/></svg>
+</div>
+<div class="step-title">You're all set!</div>
+<div class="success-url" id="success-url"></div>
+<div class="success-redirect"><span class="dot"></span><span>Redirecting to your studio...</span></div>
+</div>
+</div>
+</div>
+<div class="keyboard-hint">Press <span class="key">Enter</span> to continue</div>
+</main>
+</div>
+<script>
+const $ = s => document.getElementById(s)
+const $$ = s => document.querySelectorAll(s)
+
+const steps = { auth: $('step-auth'), personalize: $('step-personalize'), subdomain: $('step-subdomain'), provisioning: $('step-provisioning'), success: $('step-success') }
+const stepIndicators = $$('.step-item')
+const subdomainInput = $('subdomain')
+const inputRow = $('input-row')
+const status = $('status')
+const btnLaunch = $('btn-launch')
+const btnBack = $('btn-back')
+const successUrl = $('success-url')
+const userAvatar = $('user-avatar')
+const greetingTitle = $('greeting-title')
+const personalizeAvatar = $('personalize-avatar')
+const personalizeTitle = $('personalize-title')
+const colorOptions = $$('.color-option')
+const previewAccent = document.querySelector('.preview-accent')
+const btnPersonalizeNext = $('btn-personalize-next')
+const btnPersonalizeBack = $('btn-personalize-back')
+
+let currentStep = 'auth'
+let currentSubdomain = ''
+let isAvailable = false
+let debounceTimer
+let currentUser = null
+let selectedColor = '#10b981'
+
+const sleep = ms => new Promise(r => setTimeout(r, ms))
+
+const fetchUserInfo = async token => {
+  try {
+    const res = await fetch(`/api/auth/user?token=${encodeURIComponent(token)}`)
+    if (!res.ok) {
+      sessionStorage.removeItem('signup_token')
+      return false
+    }
+    const user = await res.json()
+    currentUser = user
+    const firstName = user.name?.split(' ')[0] ?? ''
+    if (user.avatar_url) {
+      userAvatar.src = user.avatar_url
+      userAvatar.onload = () => userAvatar.classList.add('loaded')
+      personalizeAvatar.src = user.avatar_url
+      personalizeAvatar.onload = () => personalizeAvatar.classList.add('loaded')
+    }
+    if (firstName) {
+      greetingTitle.textContent = `Hey ${firstName}!`
+      personalizeTitle.textContent = `Pick your style, ${firstName}`
+    }
+    return true
+  } catch {
+    sessionStorage.removeItem('signup_token')
+    return false
+  }
+}
+
+const goToStep = stepName => {
+  const currentEl = steps[currentStep]
+  const nextEl = steps[stepName]
+  const stepOrder = ['auth', 'personalize', 'subdomain', 'provisioning', 'success']
+  const nextIndex = stepOrder.indexOf(stepName)
+
+  stepIndicators.forEach((indicator, i) => {
+    indicator.classList.remove('active', 'completed')
+    if (i < nextIndex) indicator.classList.add('completed')
+    else if (i === nextIndex) indicator.classList.add('active')
+  })
+
+  currentEl.classList.add('exit-up')
+  currentEl.classList.remove('active')
+
+  setTimeout(() => {
+    currentEl.classList.remove('exit-up')
+    nextEl.classList.add('active')
+    currentStep = stepName
+    if (stepName === 'subdomain') setTimeout(() => subdomainInput.focus(), 100)
+  }, 150)
+}
+
+const checkAvailability = async subdomain => {
+  if (subdomain !== currentSubdomain) return
+  try {
+    const res = await fetch(`/api/demo/check?subdomain=${encodeURIComponent(subdomain)}`)
+    const data = await res.json()
+    if (subdomain !== currentSubdomain) return
+    if (data.domain) $('domain-suffix').textContent = '.' + data.domain
+    if (data.available) {
+      status.textContent = `${subdomain}.${data.domain} is available`
+      status.className = 'input-status available'
+      inputRow.className = 'input-row valid'
+      btnLaunch.disabled = false
+      isAvailable = true
+    } else {
+      status.textContent = data.reason || 'Not available'
+      status.className = 'input-status unavailable'
+      inputRow.className = 'input-row invalid'
+      btnLaunch.disabled = true
+      isAvailable = false
+    }
+  } catch {
+    status.textContent = 'Error checking availability'
+    status.className = 'input-status unavailable'
+    btnLaunch.disabled = true
+    isAvailable = false
+  }
+}
+
+const animateProgress = async url => {
+  const progressSteps = $$('#progress-steps .progress-step')
+  let ready = false
+  let redirecting = false
+
+  const pollUrl = async () => {
+    const start = Date.now()
+    while (!ready && Date.now() - start < 30000) {
+      try {
+        const res = await fetch(url + '/health', { method: 'HEAD' })
+        if (res.ok || res.status === 307 || res.status === 302) ready = true
+      } catch { await sleep(300) }
+    }
+  }
+
+  const doRedirect = () => {
+    if (redirecting) return
+    redirecting = true
+    progressSteps.forEach(s => { s.classList.remove('active'); s.classList.add('done') })
+    successUrl.textContent = url.replace('https://', '')
+    goToStep('success')
+    const token = sessionStorage.getItem('signup_token')
+    setTimeout(() => { window.location.href = url + '/auth/callback?token=' + encodeURIComponent(token) + '&redirect=/studio' }, 400)
+  }
+
+  pollUrl().then(() => { if (ready) doRedirect() })
+
+  for (let i = 0; i < progressSteps.length; i++) {
+    if (ready) return doRedirect()
+    progressSteps[i].classList.add('active')
+    await sleep(300)
+    progressSteps[i].classList.remove('active')
+    progressSteps[i].classList.add('done')
+  }
+
+  while (!ready) await sleep(100)
+  doRedirect()
+}
+
+const launchBlog = async () => {
+  if (!isAvailable || !currentSubdomain) return
+  const token = sessionStorage.getItem('signup_token')
+  if (!token) { goToStep('auth'); return }
+
+  btnLaunch.disabled = true
+  goToStep('provisioning')
+
+  try {
+    const res = await fetch('/api/signup/tenant', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${token}` },
+      body: JSON.stringify({ subdomain: currentSubdomain, accent_color: selectedColor })
+    })
+    if (res.status === 401) { sessionStorage.removeItem('signup_token'); goToStep('auth'); return }
+    const data = await res.json()
+    if (res.ok && data.url) {
+      await animateProgress(data.url)
+    } else {
+      goToStep('subdomain')
+      status.textContent = data.error || 'Failed to create blog'
+      status.className = 'input-status unavailable'
+    }
+  } catch {
+    goToStep('subdomain')
+    status.textContent = 'Error creating blog'
+    status.className = 'input-status unavailable'
+  }
+}
+
+;(async () => {
+  const urlParams = new URLSearchParams(window.location.search)
+  const urlToken = urlParams.get('token')
+  const storedToken = sessionStorage.getItem('signup_token')
+
+  if (urlToken) {
+    sessionStorage.setItem('signup_token', urlToken)
+    window.history.replaceState({}, '', '/signup')
+    if (await fetchUserInfo(urlToken)) goToStep('personalize')
+  } else if (storedToken) {
+    if (await fetchUserInfo(storedToken)) goToStep('personalize')
+  }
+
+  colorOptions[0]?.classList.add('selected')
+})()
+
+subdomainInput.addEventListener('input', () => {
+  const value = subdomainInput.value.toLowerCase().replace(/[^a-z0-9-]/g, '')
+  if (value !== subdomainInput.value) subdomainInput.value = value
+  currentSubdomain = value
+
+  if (!value) {
+    status.textContent = ''
+    status.className = 'input-status'
+    inputRow.className = 'input-row'
+    btnLaunch.disabled = true
+    isAvailable = false
+    return
+  }
+
+  clearTimeout(debounceTimer)
+  status.innerHTML = '<span class="dot"></span> Checking...'
+  status.className = 'input-status checking'
+  inputRow.className = 'input-row'
+  btnLaunch.disabled = true
+  debounceTimer = setTimeout(() => checkAvailability(value), 300)
+})
+
+colorOptions.forEach(option => {
+  option.addEventListener('click', () => {
+    colorOptions.forEach(o => o.classList.remove('selected'))
+    option.classList.add('selected')
+    selectedColor = option.dataset.color
+    previewAccent.style.background = selectedColor
+  })
+})
+
+btnPersonalizeBack.addEventListener('click', () => { sessionStorage.removeItem('signup_token'); goToStep('auth') })
+btnPersonalizeNext.addEventListener('click', () => goToStep('subdomain'))
+btnBack.addEventListener('click', () => goToStep('personalize'))
+btnLaunch.addEventListener('click', launchBlog)
+document.addEventListener('keydown', e => { if (e.key === 'Enter' && currentStep === 'subdomain' && isAvailable) launchBlog() })
+</script>
+</body>
+</html>
diff --git a/internal/storage/s3.go b/internal/storage/s3.go
new file mode 100644
index 0000000..b32e397
--- /dev/null
+++ b/internal/storage/s3.go
@@ -0,0 +1,113 @@
+package storage
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"os"
+	"time"
+
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/config"
+	"github.com/aws/aws-sdk-go-v2/credentials"
+	"github.com/aws/aws-sdk-go-v2/service/s3"
+)
+
+type S3Client struct {
+	s3        *s3.Client
+	presign   *s3.PresignClient
+	bucket    string
+	publicURL string
+}
+
+type S3Config struct {
+	Endpoint  string
+	AccessKey string
+	SecretKey string
+	Bucket    string
+	PublicURL string
+	Region    string
+}
+
+func NewS3Client(cfg S3Config) (*S3Client, error) {
+	awsCfg, err := config.LoadDefaultConfig(context.Background(),
+		config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(cfg.AccessKey, cfg.SecretKey, "")),
+		config.WithRegion(cfg.Region),
+	)
+	if err != nil {
+		return nil, err
+	}
+
+	client := s3.NewFromConfig(awsCfg, func(o *s3.Options) {
+		if cfg.Endpoint != "" {
+			o.BaseEndpoint = aws.String(cfg.Endpoint)
+		}
+	})
+
+	return &S3Client{
+		s3:        client,
+		presign:   s3.NewPresignClient(client),
+		bucket:    cfg.Bucket,
+		publicURL: cfg.PublicURL,
+	}, nil
+}
+
+func NewR2Client() (*S3Client, error) {
+	accountID := os.Getenv("R2_ACCOUNT_ID")
+	accessKey := os.Getenv("R2_ACCESS_KEY_ID")
+	secretKey := os.Getenv("R2_SECRET_ACCESS_KEY")
+	bucket := os.Getenv("R2_BUCKET")
+	publicURL := os.Getenv("R2_PUBLIC_URL")
+
+	if accountID == "" || accessKey == "" || secretKey == "" {
+		return nil, fmt.Errorf("R2 credentials not configured")
+	}
+
+	endpoint := os.Getenv("R2_ENDPOINT")
+	if endpoint == "" {
+		endpoint = fmt.Sprintf("https://%s.r2.cloudflarestorage.com", accountID)
+	}
+
+	return NewS3Client(S3Config{
+		Endpoint:  endpoint,
+		AccessKey: accessKey,
+		SecretKey: secretKey,
+		Bucket:    bucket,
+		PublicURL: publicURL,
+		Region:    "auto",
+	})
+}
+
+func (c *S3Client) Upload(ctx context.Context, key string, body io.Reader, contentType string) error {
+	_, err := c.s3.PutObject(ctx, &s3.PutObjectInput{
+		Bucket:      aws.String(c.bucket),
+		Key:         aws.String(key),
+		Body:        body,
+		ContentType: aws.String(contentType),
+	})
+	return err
+}
+
+func (c *S3Client) Delete(ctx context.Context, key string) error {
+	_, err := c.s3.DeleteObject(ctx, &s3.DeleteObjectInput{
+		Bucket: aws.String(c.bucket),
+		Key:    aws.String(key),
+	})
+	return err
+}
+
+func (c *S3Client) PresignUpload(ctx context.Context, key string, contentType string, expires time.Duration) (string, error) {
+	req, err := c.presign.PresignPutObject(ctx, &s3.PutObjectInput{
+		Bucket:      aws.String(c.bucket),
+		Key:         aws.String(key),
+		ContentType: aws.String(contentType),
+	}, s3.WithPresignExpires(expires))
+	if err != nil {
+		return "", err
+	}
+	return req.URL, nil
+}
+
+func (c *S3Client) PublicURL(key string) string {
+	return fmt.Sprintf("%s/%s", c.publicURL, key)
+}
diff --git a/internal/storage/storage.go b/internal/storage/storage.go
new file mode 100644
index 0000000..b00e29c
--- /dev/null
+++ b/internal/storage/storage.go
@@ -0,0 +1,14 @@
+package storage
+
+import (
+	"context"
+	"io"
+	"time"
+)
+
+type Client interface {
+	Upload(ctx context.Context, key string, body io.Reader, contentType string) error
+	Delete(ctx context.Context, key string) error
+	PresignUpload(ctx context.Context, key string, contentType string, expires time.Duration) (string, error)
+	PublicURL(key string) string
+}
diff --git a/internal/tenant/analytics.go b/internal/tenant/analytics.go
new file mode 100644
index 0000000..5bf1efc
--- /dev/null
+++ b/internal/tenant/analytics.go
@@ -0,0 +1,279 @@
+package tenant
+
+import (
+	"context"
+	"database/sql"
+	"encoding/json"
+	"time"
+)
+
+type PageView struct {
+	ID        int64
+	Path      string
+	PostSlug  string
+	Referrer  string
+	UserAgent string
+	CreatedAt time.Time
+}
+
+type AnalyticsSummary struct {
+	TotalViews      int64           `json:"total_views"`
+	TotalPageViews  int64           `json:"total_page_views"`
+	UniqueVisitors  int64           `json:"unique_visitors"`
+	TotalBandwidth  int64           `json:"total_bandwidth"`
+	ViewsChange     float64         `json:"views_change"`
+	TopPages        []PageStats     `json:"top_pages"`
+	TopReferrers    []ReferrerStats `json:"top_referrers"`
+	ViewsByDay      []DailyStats    `json:"views_by_day"`
+	Browsers        []NamedStat     `json:"browsers"`
+	OS              []NamedStat     `json:"os"`
+	Devices         []NamedStat     `json:"devices"`
+	Countries       []NamedStat     `json:"countries"`
+}
+
+type PageStats struct {
+	Path  string `json:"path"`
+	Views int64  `json:"views"`
+}
+
+type ReferrerStats struct {
+	Referrer string `json:"referrer"`
+	Views    int64  `json:"views"`
+}
+
+type DailyStats struct {
+	Date     string `json:"date"`
+	Views    int64  `json:"views"`
+	Visitors int64  `json:"visitors"`
+}
+
+type NamedStat struct {
+	Name  string `json:"name"`
+	Count int64  `json:"count"`
+}
+
+type ArchivedDay struct {
+	Date           string      `json:"date"`
+	Requests       int64       `json:"requests"`
+	PageViews      int64       `json:"page_views"`
+	UniqueVisitors int64       `json:"unique_visitors"`
+	Bandwidth      int64       `json:"bandwidth"`
+	Browsers       []NamedStat `json:"browsers"`
+	OS             []NamedStat `json:"os"`
+	Devices        []NamedStat `json:"devices"`
+	Countries      []NamedStat `json:"countries"`
+	Paths          []PageStats `json:"paths"`
+}
+
+func (q *Queries) RecordPageView(ctx context.Context, path, postSlug, referrer, userAgent string) error {
+	_, err := q.db.ExecContext(ctx, `INSERT INTO page_views (path, post_slug, referrer, user_agent, visitor_hash, utm_source, utm_medium, utm_campaign, device_type, browser, os, country)
+		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+		path, nullStr(postSlug), nullStr(referrer), nullStr(userAgent), sql.NullString{}, sql.NullString{}, sql.NullString{}, sql.NullString{}, sql.NullString{}, sql.NullString{}, sql.NullString{}, sql.NullString{})
+	return err
+}
+
+func (q *Queries) GetAnalytics(ctx context.Context, days int) (*AnalyticsSummary, error) {
+	if days <= 0 {
+		days = 30
+	}
+
+	since := time.Now().AddDate(0, 0, -days).Format("2006-01-02")
+
+	var totalCount, uniqueCount int64
+	err := q.db.QueryRowContext(ctx, `SELECT COUNT(*), COUNT(DISTINCT visitor_hash) FROM page_views WHERE created_at >= ?`, since).
+		Scan(&totalCount, &uniqueCount)
+	if err != nil {
+		return nil, err
+	}
+
+	topPagesRows, err := q.db.QueryContext(ctx, `SELECT path, COUNT(*) as views FROM page_views WHERE created_at >= ? GROUP BY path ORDER BY views DESC LIMIT ?`, since, 10)
+	if err != nil {
+		return nil, err
+	}
+	defer topPagesRows.Close()
+
+	var topPages []PageStats
+	for topPagesRows.Next() {
+		var p PageStats
+		if err := topPagesRows.Scan(&p.Path, &p.Views); err != nil {
+			return nil, err
+		}
+		topPages = append(topPages, p)
+	}
+
+	topRefRows, err := q.db.QueryContext(ctx, `SELECT COALESCE(referrer, 'Direct') as referrer, COUNT(*) as views FROM page_views WHERE created_at >= ? AND referrer != '' GROUP BY referrer ORDER BY views DESC LIMIT ?`, since, 10)
+	if err != nil {
+		return nil, err
+	}
+	defer topRefRows.Close()
+
+	var topReferrers []ReferrerStats
+	for topRefRows.Next() {
+		var r ReferrerStats
+		if err := topRefRows.Scan(&r.Referrer, &r.Views); err != nil {
+			return nil, err
+		}
+		topReferrers = append(topReferrers, r)
+	}
+
+	viewsByDayRows, err := q.db.QueryContext(ctx, `SELECT DATE(created_at) as date, COUNT(*) as views FROM page_views WHERE created_at >= ? GROUP BY date ORDER BY date ASC`, since)
+	if err != nil {
+		return nil, err
+	}
+	defer viewsByDayRows.Close()
+
+	var viewsByDay []DailyStats
+	for viewsByDayRows.Next() {
+		var d DailyStats
+		var date any
+		if err := viewsByDayRows.Scan(&date, &d.Views); err != nil {
+			return nil, err
+		}
+		if s, ok := date.(string); ok {
+			d.Date = s
+		}
+		viewsByDay = append(viewsByDay, d)
+	}
+
+	return &AnalyticsSummary{
+		TotalViews:     totalCount,
+		TotalPageViews: totalCount,
+		UniqueVisitors: uniqueCount,
+		TopPages:       topPages,
+		TopReferrers:   topReferrers,
+		ViewsByDay:     viewsByDay,
+	}, nil
+}
+
+func (q *Queries) GetPostAnalytics(ctx context.Context, slug string, days int) (*AnalyticsSummary, error) {
+	if days <= 0 {
+		days = 30
+	}
+
+	since := time.Now().AddDate(0, 0, -days).Format("2006-01-02")
+
+	var totalViews int64
+	err := q.db.QueryRowContext(ctx, `SELECT COUNT(*) FROM page_views WHERE post_slug = ? AND created_at >= ?`, slug, since).Scan(&totalViews)
+	if err != nil {
+		return nil, err
+	}
+
+	viewsByDayRows, err := q.db.QueryContext(ctx, `SELECT DATE(created_at) as date, COUNT(*) as views FROM page_views WHERE post_slug = ? AND created_at >= ? GROUP BY date ORDER BY date ASC`, slug, since)
+	if err != nil {
+		return nil, err
+	}
+	defer viewsByDayRows.Close()
+
+	var viewsByDay []DailyStats
+	for viewsByDayRows.Next() {
+		var d DailyStats
+		var date any
+		if err := viewsByDayRows.Scan(&date, &d.Views); err != nil {
+			return nil, err
+		}
+		if s, ok := date.(string); ok {
+			d.Date = s
+		}
+		viewsByDay = append(viewsByDay, d)
+	}
+
+	refRows, err := q.db.QueryContext(ctx, `SELECT COALESCE(referrer, 'Direct') as referrer, COUNT(*) as views FROM page_views WHERE post_slug = ? AND created_at >= ? AND referrer != '' GROUP BY referrer ORDER BY views DESC LIMIT ?`, slug, since, 10)
+	if err != nil {
+		return nil, err
+	}
+	defer refRows.Close()
+
+	var topReferrers []ReferrerStats
+	for refRows.Next() {
+		var r ReferrerStats
+		if err := refRows.Scan(&r.Referrer, &r.Views); err != nil {
+			return nil, err
+		}
+		topReferrers = append(topReferrers, r)
+	}
+
+	return &AnalyticsSummary{
+		TotalViews:   totalViews,
+		TopReferrers: topReferrers,
+		ViewsByDay:   viewsByDay,
+	}, nil
+}
+
+func (q *Queries) SaveDailyAnalytics(ctx context.Context, day *ArchivedDay) error {
+	browsers, _ := json.Marshal(day.Browsers)
+	os, _ := json.Marshal(day.OS)
+	devices, _ := json.Marshal(day.Devices)
+	countries, _ := json.Marshal(day.Countries)
+	paths, _ := json.Marshal(day.Paths)
+
+	_, err := q.db.ExecContext(ctx, `INSERT INTO daily_analytics (date, requests, page_views, unique_visitors, bandwidth, browsers, os, devices, countries, paths)
+		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+		ON CONFLICT(date) DO UPDATE SET
+			requests = excluded.requests, page_views = excluded.page_views, unique_visitors = excluded.unique_visitors,
+			bandwidth = excluded.bandwidth, browsers = excluded.browsers, os = excluded.os, devices = excluded.devices,
+			countries = excluded.countries, paths = excluded.paths`,
+		day.Date, day.Requests, day.PageViews, day.UniqueVisitors, day.Bandwidth,
+		nullStr(string(browsers)), nullStr(string(os)), nullStr(string(devices)), nullStr(string(countries)), nullStr(string(paths)))
+	return err
+}
+
+func (q *Queries) GetArchivedAnalytics(ctx context.Context, since, until string) ([]ArchivedDay, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT date, requests, page_views, unique_visitors, bandwidth, browsers, os, devices, countries, paths
+		FROM daily_analytics WHERE date >= ? AND date <= ? ORDER BY date ASC`, since, until)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var days []ArchivedDay
+	for rows.Next() {
+		var d ArchivedDay
+		var requests, pageViews, uniqueVisitors, bandwidth sql.NullInt64
+		var browsers, os, devices, countries, paths sql.NullString
+
+		if err := rows.Scan(&d.Date, &requests, &pageViews, &uniqueVisitors, &bandwidth, &browsers, &os, &devices, &countries, &paths); err != nil {
+			return nil, err
+		}
+
+		d.Requests = requests.Int64
+		d.PageViews = pageViews.Int64
+		d.UniqueVisitors = uniqueVisitors.Int64
+		d.Bandwidth = bandwidth.Int64
+
+		if browsers.Valid {
+			json.Unmarshal([]byte(browsers.String), &d.Browsers)
+		}
+		if os.Valid {
+			json.Unmarshal([]byte(os.String), &d.OS)
+		}
+		if devices.Valid {
+			json.Unmarshal([]byte(devices.String), &d.Devices)
+		}
+		if countries.Valid {
+			json.Unmarshal([]byte(countries.String), &d.Countries)
+		}
+		if paths.Valid {
+			json.Unmarshal([]byte(paths.String), &d.Paths)
+		}
+		days = append(days, d)
+	}
+	return days, rows.Err()
+}
+
+func (q *Queries) GetOldestArchivedDate(ctx context.Context) (string, error) {
+	var date any
+	err := q.db.QueryRowContext(ctx, `SELECT MIN(date) FROM daily_analytics`).Scan(&date)
+	if err != nil || date == nil {
+		return "", err
+	}
+	if s, ok := date.(string); ok {
+		return s, nil
+	}
+	return "", nil
+}
+
+func (q *Queries) HasArchivedDate(ctx context.Context, date string) (bool, error) {
+	var count int64
+	err := q.db.QueryRowContext(ctx, `SELECT COUNT(*) FROM daily_analytics WHERE date = ?`, date).Scan(&count)
+	return count > 0, err
+}
diff --git a/internal/tenant/apikeys.go b/internal/tenant/apikeys.go
new file mode 100644
index 0000000..bfd8ae6
--- /dev/null
+++ b/internal/tenant/apikeys.go
@@ -0,0 +1,94 @@
+package tenant
+
+import (
+	"context"
+	"crypto/rand"
+	"database/sql"
+	"encoding/hex"
+	"time"
+)
+
+func (q *Queries) ListAPIKeys(ctx context.Context) ([]APIKey, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT key, name, created_at, last_used_at FROM api_keys ORDER BY created_at DESC`)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var keys []APIKey
+	for rows.Next() {
+		k, err := scanAPIKey(rows)
+		if err != nil {
+			return nil, err
+		}
+		keys = append(keys, k)
+	}
+	return keys, rows.Err()
+}
+
+func (q *Queries) CreateAPIKey(ctx context.Context, name string) (*APIKey, error) {
+	key, err := generateAPIKey()
+	if err != nil {
+		return nil, err
+	}
+
+	now := time.Now().UTC().Format(time.RFC3339)
+	_, err = q.db.ExecContext(ctx, `INSERT INTO api_keys (key, name, created_at) VALUES (?, ?, ?)`, key, name, now)
+	if err != nil {
+		return nil, err
+	}
+
+	return &APIKey{
+		Key:       key,
+		Name:      name,
+		CreatedAt: time.Now().UTC(),
+	}, nil
+}
+
+func (q *Queries) ValidateAPIKey(ctx context.Context, key string) (bool, error) {
+	var dummy int64
+	err := q.db.QueryRowContext(ctx, `SELECT 1 FROM api_keys WHERE key = ?`, key).Scan(&dummy)
+	if err == sql.ErrNoRows {
+		return false, nil
+	}
+	if err != nil {
+		return false, nil
+	}
+
+	go func() {
+		now := time.Now().UTC().Format(time.RFC3339)
+		q.db.ExecContext(ctx, `UPDATE api_keys SET last_used_at = ? WHERE key = ?`, now, key)
+	}()
+
+	return true, nil
+}
+
+func (q *Queries) DeleteAPIKey(ctx context.Context, key string) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM api_keys WHERE key = ?`, key)
+	return err
+}
+
+func scanAPIKey(s scanner) (APIKey, error) {
+	var k APIKey
+	var createdAt, lastUsedAt sql.NullString
+
+	err := s.Scan(&k.Key, &k.Name, &createdAt, &lastUsedAt)
+	if err != nil {
+		return k, err
+	}
+
+	k.CreatedAt = parseTime(createdAt.String)
+	if lastUsedAt.Valid {
+		t := parseTime(lastUsedAt.String)
+		k.LastUsedAt = &t
+	}
+	return k, nil
+}
+
+func generateAPIKey() (string, error) {
+	b := make([]byte, 24)
+	if _, err := rand.Read(b); err != nil {
+		return "", err
+	}
+	return "wk_" + hex.EncodeToString(b), nil
+}
diff --git a/internal/tenant/assets.go b/internal/tenant/assets.go
new file mode 100644
index 0000000..73f3db6
--- /dev/null
+++ b/internal/tenant/assets.go
@@ -0,0 +1,80 @@
+package tenant
+
+import (
+	"context"
+	"database/sql"
+	"time"
+
+	"github.com/google/uuid"
+)
+
+func (q *Queries) ListAssets(ctx context.Context) ([]Asset, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT id, filename, r2_key, content_type, size, width, height, created_at
+		FROM assets ORDER BY created_at DESC`)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var assets []Asset
+	for rows.Next() {
+		a, err := scanAsset(rows)
+		if err != nil {
+			return nil, err
+		}
+		assets = append(assets, a)
+	}
+	return assets, rows.Err()
+}
+
+func (q *Queries) GetAsset(ctx context.Context, id string) (*Asset, error) {
+	row := q.db.QueryRowContext(ctx, `SELECT id, filename, r2_key, content_type, size, width, height, created_at
+		FROM assets WHERE id = ?`, id)
+
+	a, err := scanAsset(row)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &a, nil
+}
+
+func (q *Queries) CreateAsset(ctx context.Context, a *Asset) error {
+	if a.ID == "" {
+		a.ID = uuid.NewString()
+	}
+	now := time.Now().UTC().Format(time.RFC3339)
+	_, err := q.db.ExecContext(ctx, `INSERT INTO assets (id, filename, r2_key, content_type, size, width, height, created_at)
+		VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
+		a.ID, a.Filename, a.R2Key, nullStr(a.ContentType), nullInt64(a.Size), nullInt64(int64(a.Width)), nullInt64(int64(a.Height)), now)
+	return err
+}
+
+func (q *Queries) DeleteAsset(ctx context.Context, id string) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM assets WHERE id = ?`, id)
+	return err
+}
+
+func scanAsset(s scanner) (Asset, error) {
+	var a Asset
+	var contentType, createdAt sql.NullString
+	var size, width, height sql.NullInt64
+
+	err := s.Scan(&a.ID, &a.Filename, &a.R2Key, &contentType, &size, &width, &height, &createdAt)
+	if err != nil {
+		return a, err
+	}
+
+	a.ContentType = contentType.String
+	a.Size = size.Int64
+	a.Width = int(width.Int64)
+	a.Height = int(height.Int64)
+	a.CreatedAt = parseTime(createdAt.String)
+	return a, nil
+}
+
+func nullInt64(v int64) sql.NullInt64 {
+	return sql.NullInt64{Int64: v, Valid: v != 0}
+}
diff --git a/internal/tenant/comments.go b/internal/tenant/comments.go
new file mode 100644
index 0000000..6e40ef5
--- /dev/null
+++ b/internal/tenant/comments.go
@@ -0,0 +1,70 @@
+package tenant
+
+import (
+	"context"
+	"database/sql"
+)
+
+func (q *Queries) ListComments(ctx context.Context, postSlug string) ([]Comment, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT id, user_id, post_slug, content, content_html, parent_id, created_at, updated_at
+		FROM comments WHERE post_slug = ? ORDER BY created_at ASC`, postSlug)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var comments []Comment
+	for rows.Next() {
+		c, err := scanComment(rows)
+		if err != nil {
+			return nil, err
+		}
+		comments = append(comments, c)
+	}
+	return comments, rows.Err()
+}
+
+func (q *Queries) GetComment(ctx context.Context, id int64) (*Comment, error) {
+	row := q.db.QueryRowContext(ctx, `SELECT id, user_id, post_slug, content, content_html, parent_id, created_at, updated_at
+		FROM comments WHERE id = ?`, id)
+
+	c, err := scanComment(row)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &c, nil
+}
+
+func (q *Queries) CreateComment(ctx context.Context, c *Comment) error {
+	result, err := q.db.ExecContext(ctx, `INSERT INTO comments (user_id, post_slug, content, content_html, parent_id)
+		VALUES (?, ?, ?, ?, ?)`,
+		c.UserID, c.PostSlug, c.Content, nullStr(c.ContentHTML), c.ParentID)
+	if err != nil {
+		return err
+	}
+	c.ID, _ = result.LastInsertId()
+	return nil
+}
+
+func (q *Queries) DeleteComment(ctx context.Context, id int64) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM comments WHERE id = ?`, id)
+	return err
+}
+
+func scanComment(s scanner) (Comment, error) {
+	var c Comment
+	var contentHTML, createdAt, updatedAt sql.NullString
+
+	err := s.Scan(&c.ID, &c.UserID, &c.PostSlug, &c.Content, &contentHTML, &c.ParentID, &createdAt, &updatedAt)
+	if err != nil {
+		return c, err
+	}
+
+	c.ContentHTML = contentHTML.String
+	c.CreatedAt = parseTime(createdAt.String)
+	c.UpdatedAt = parseTime(updatedAt.String)
+	return c, nil
+}
diff --git a/internal/tenant/members.go b/internal/tenant/members.go
new file mode 100644
index 0000000..4624941
--- /dev/null
+++ b/internal/tenant/members.go
@@ -0,0 +1,63 @@
+package tenant
+
+import (
+	"context"
+	"database/sql"
+	"time"
+)
+
+func (q *Queries) UpsertMember(ctx context.Context, m *Member) error {
+	_, err := q.db.ExecContext(ctx, `INSERT INTO members (user_id, email, name, tier, status, expires_at, synced_at)
+		VALUES (?, ?, ?, ?, ?, ?, CURRENT_TIMESTAMP)
+		ON CONFLICT(user_id) DO UPDATE SET
+			email = excluded.email, name = excluded.name, tier = excluded.tier,
+			status = excluded.status, expires_at = excluded.expires_at, synced_at = CURRENT_TIMESTAMP`,
+		m.UserID, m.Email, nullStr(m.Name), m.Tier, m.Status, timeToStr(m.ExpiresAt))
+	return err
+}
+
+func (q *Queries) GetMember(ctx context.Context, userID string) (*Member, error) {
+	row := q.db.QueryRowContext(ctx, `SELECT user_id, email, name, tier, status, expires_at, synced_at
+		FROM members WHERE user_id = ?`, userID)
+
+	m, err := scanMember(row)
+	if err == sql.ErrNoRows {
+		return nil, err
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &m, nil
+}
+
+func (q *Queries) IsMember(ctx context.Context, userID string) bool {
+	var count int64
+	err := q.db.QueryRowContext(ctx, `SELECT COUNT(*) FROM members
+		WHERE user_id = ? AND status = 'active'
+		AND (expires_at IS NULL OR expires_at > datetime('now'))`, userID).Scan(&count)
+	return err == nil && count > 0
+}
+
+func (q *Queries) DeleteMember(ctx context.Context, userID string) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM members WHERE user_id = ?`, userID)
+	return err
+}
+
+func scanMember(s scanner) (Member, error) {
+	var m Member
+	var name, expiresAt, syncedAt sql.NullString
+
+	err := s.Scan(&m.UserID, &m.Email, &name, &m.Tier, &m.Status, &expiresAt, &syncedAt)
+	if err != nil {
+		return m, err
+	}
+
+	m.Name = name.String
+	m.SyncedAt = parseTime(syncedAt.String)
+	if expiresAt.Valid {
+		if t, err := time.Parse(time.RFC3339, expiresAt.String); err == nil {
+			m.ExpiresAt = &t
+		}
+	}
+	return m, nil
+}
diff --git a/internal/tenant/models.go b/internal/tenant/models.go
new file mode 100644
index 0000000..f19b067
--- /dev/null
+++ b/internal/tenant/models.go
@@ -0,0 +1,124 @@
+package tenant
+
+import "time"
+
+type Post struct {
+	ID          string
+	Slug        string
+	Title       string
+	Description string
+	Tags        []string
+	CoverImage  string
+	ContentMD   string
+	ContentHTML string
+	IsPublished bool
+	MembersOnly bool
+	PublishedAt *time.Time
+	UpdatedAt   *time.Time
+	Aliases     []string
+	CreatedAt   time.Time
+	ModifiedAt  time.Time
+}
+
+type PostDraft struct {
+	PostID      string
+	Slug        string
+	Title       string
+	Description string
+	Tags        []string
+	CoverImage  string
+	MembersOnly bool
+	ContentMD   string
+	ContentHTML string
+	ModifiedAt  time.Time
+}
+
+type PostVersion struct {
+	ID          int64
+	PostID      string
+	Slug        string
+	Title       string
+	Description string
+	Tags        []string
+	CoverImage  string
+	ContentMD   string
+	ContentHTML string
+	CreatedAt   time.Time
+}
+
+type Asset struct {
+	ID          string
+	Filename    string
+	R2Key       string
+	ContentType string
+	Size        int64
+	Width       int
+	Height      int
+	CreatedAt   time.Time
+}
+
+type Settings map[string]string
+
+type Member struct {
+	UserID    string
+	Email     string
+	Name      string
+	Tier      string
+	Status    string
+	ExpiresAt *time.Time
+	SyncedAt  time.Time
+}
+
+type Comment struct {
+	ID          int64
+	UserID      string
+	PostSlug    string
+	Content     string
+	ContentHTML string
+	ParentID    *int64
+	CreatedAt   time.Time
+	UpdatedAt   time.Time
+}
+
+type Reaction struct {
+	ID        int64
+	UserID    string
+	AnonID    string
+	PostSlug  string
+	Emoji     string
+	CreatedAt time.Time
+}
+
+type User struct {
+	ID        string
+	Email     string
+	Name      string
+	AvatarURL string
+	CreatedAt time.Time
+}
+
+type Session struct {
+	Token     string
+	UserID    string
+	ExpiresAt time.Time
+}
+
+type APIKey struct {
+	Key        string
+	Name       string
+	CreatedAt  time.Time
+	LastUsedAt *time.Time
+}
+
+type Plugin struct {
+	ID        string
+	Name      string
+	Language  string
+	Source    string
+	Wasm      []byte
+	WasmSize  int
+	Hooks     []string
+	Enabled   bool
+	CreatedAt time.Time
+	UpdatedAt time.Time
+}
diff --git a/internal/tenant/pages.go b/internal/tenant/pages.go
new file mode 100644
index 0000000..8a2a4b2
--- /dev/null
+++ b/internal/tenant/pages.go
@@ -0,0 +1,39 @@
+package tenant
+
+import (
+	"context"
+	"database/sql"
+	"time"
+)
+
+func (q *Queries) GetPage(ctx context.Context, path string) ([]byte, string, error) {
+	var html []byte
+	var etag sql.NullString
+	err := q.db.QueryRowContext(ctx, `SELECT html, etag FROM pages WHERE path = ?`, path).Scan(&html, &etag)
+	if err == sql.ErrNoRows {
+		return nil, "", nil
+	}
+	if err != nil {
+		return nil, "", err
+	}
+	return html, etag.String, nil
+}
+
+func (q *Queries) SetPage(ctx context.Context, path string, html []byte, etag string) error {
+	now := time.Now().UTC().Format(time.RFC3339)
+	_, err := q.db.ExecContext(ctx, `INSERT INTO pages (path, html, etag, built_at)
+		VALUES (?, ?, ?, ?)
+		ON CONFLICT(path) DO UPDATE SET html = excluded.html, etag = excluded.etag, built_at = excluded.built_at`,
+		path, html, nullStr(etag), now)
+	return err
+}
+
+func (q *Queries) DeleteAllPages(ctx context.Context) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM pages`)
+	return err
+}
+
+func (q *Queries) DeletePage(ctx context.Context, path string) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM pages WHERE path = ?`, path)
+	return err
+}
diff --git a/internal/tenant/plugins.go b/internal/tenant/plugins.go
new file mode 100644
index 0000000..d69f1ec
--- /dev/null
+++ b/internal/tenant/plugins.go
@@ -0,0 +1,136 @@
+package tenant
+
+import (
+	"context"
+	"database/sql"
+	"encoding/json"
+)
+
+func (q *Queries) CountPlugins(ctx context.Context) (int, error) {
+	var count int
+	err := q.db.QueryRowContext(ctx, `SELECT COUNT(*) FROM plugins`).Scan(&count)
+	return count, err
+}
+
+func (q *Queries) ListPlugins(ctx context.Context) ([]Plugin, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT id, name, language, source, hooks, enabled, LENGTH(wasm) as wasm_size, created_at, updated_at
+		FROM plugins ORDER BY name`)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var plugins []Plugin
+	for rows.Next() {
+		p, err := scanPluginList(rows)
+		if err != nil {
+			return nil, err
+		}
+		plugins = append(plugins, p)
+	}
+	return plugins, rows.Err()
+}
+
+func (q *Queries) GetPlugin(ctx context.Context, id string) (*Plugin, error) {
+	row := q.db.QueryRowContext(ctx, `SELECT id, name, language, source, wasm, hooks, enabled, created_at, updated_at
+		FROM plugins WHERE id = ?`, id)
+
+	p, err := scanPlugin(row)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &p, nil
+}
+
+func (q *Queries) CreatePlugin(ctx context.Context, p *Plugin) error {
+	hooks, _ := json.Marshal(p.Hooks)
+	_, err := q.db.ExecContext(ctx, `INSERT INTO plugins (id, name, language, source, wasm, hooks, enabled)
+		VALUES (?, ?, ?, ?, ?, ?, ?)`,
+		p.ID, p.Name, p.Language, p.Source, p.Wasm, string(hooks), boolToInt(p.Enabled))
+	return err
+}
+
+func (q *Queries) UpdatePlugin(ctx context.Context, p *Plugin) error {
+	hooks, _ := json.Marshal(p.Hooks)
+	_, err := q.db.ExecContext(ctx, `UPDATE plugins SET
+		name = ?, language = ?, source = ?, wasm = ?, hooks = ?, enabled = ?, updated_at = CURRENT_TIMESTAMP
+		WHERE id = ?`,
+		p.Name, p.Language, p.Source, p.Wasm, string(hooks), boolToInt(p.Enabled), p.ID)
+	return err
+}
+
+func (q *Queries) DeletePlugin(ctx context.Context, id string) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM plugins WHERE id = ?`, id)
+	return err
+}
+
+func (q *Queries) GetPluginsByHook(ctx context.Context, hook string) ([]Plugin, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT id, name, language, source, wasm, hooks, enabled, created_at, updated_at
+		FROM plugins WHERE enabled = 1 AND hooks LIKE ?`, "%"+hook+"%")
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var plugins []Plugin
+	for rows.Next() {
+		p, err := scanPlugin(rows)
+		if err != nil {
+			return nil, err
+		}
+		for _, h := range p.Hooks {
+			if h == hook {
+				plugins = append(plugins, p)
+				break
+			}
+		}
+	}
+	return plugins, rows.Err()
+}
+
+func (q *Queries) TogglePlugin(ctx context.Context, id string, enabled bool) error {
+	_, err := q.db.ExecContext(ctx, `UPDATE plugins SET enabled = ?, updated_at = CURRENT_TIMESTAMP WHERE id = ?`,
+		boolToInt(enabled), id)
+	return err
+}
+
+func scanPlugin(s scanner) (Plugin, error) {
+	var p Plugin
+	var hooks string
+	var enabled sql.NullInt64
+	var createdAt, updatedAt sql.NullString
+
+	err := s.Scan(&p.ID, &p.Name, &p.Language, &p.Source, &p.Wasm, &hooks, &enabled, &createdAt, &updatedAt)
+	if err != nil {
+		return p, err
+	}
+
+	p.Enabled = enabled.Int64 == 1
+	p.CreatedAt = parseTime(createdAt.String)
+	p.UpdatedAt = parseTime(updatedAt.String)
+	json.Unmarshal([]byte(hooks), &p.Hooks)
+	return p, nil
+}
+
+func scanPluginList(s scanner) (Plugin, error) {
+	var p Plugin
+	var hooks string
+	var enabled sql.NullInt64
+	var wasmSize sql.NullInt64
+	var createdAt, updatedAt sql.NullString
+
+	err := s.Scan(&p.ID, &p.Name, &p.Language, &p.Source, &hooks, &enabled, &wasmSize, &createdAt, &updatedAt)
+	if err != nil {
+		return p, err
+	}
+
+	p.Enabled = enabled.Int64 == 1
+	p.WasmSize = int(wasmSize.Int64)
+	p.CreatedAt = parseTime(createdAt.String)
+	p.UpdatedAt = parseTime(updatedAt.String)
+	json.Unmarshal([]byte(hooks), &p.Hooks)
+	return p, nil
+}
diff --git a/internal/tenant/pool.go b/internal/tenant/pool.go
new file mode 100644
index 0000000..ebe6b9f
--- /dev/null
+++ b/internal/tenant/pool.go
@@ -0,0 +1,176 @@
+package tenant
+
+import (
+	"container/list"
+	"database/sql"
+	"sync"
+	"time"
+)
+
+const (
+	maxOpenConns     = 500
+	cacheTTL         = 5 * time.Minute
+	cacheCleanupFreq = time.Minute
+)
+
+type conn struct {
+	db       *sql.DB
+	tenantID string
+}
+
+// Pool manages SQLite connections for tenants with LRU eviction.
+type Pool struct {
+	dataDir  string
+	mu       sync.Mutex
+	conns    map[string]*list.Element
+	lru      *list.List
+	inMemory map[string]bool
+}
+
+func NewPool(dataDir string) *Pool {
+	return &Pool{
+		dataDir:  dataDir,
+		conns:    make(map[string]*list.Element),
+		lru:      list.New(),
+		inMemory: make(map[string]bool),
+	}
+}
+
+func (p *Pool) MarkAsDemo(tenantID string) {
+	p.mu.Lock()
+	defer p.mu.Unlock()
+	p.inMemory[tenantID] = true
+}
+
+func (p *Pool) Get(tenantID string) (*sql.DB, error) {
+	p.mu.Lock()
+	defer p.mu.Unlock()
+
+	if elem, ok := p.conns[tenantID]; ok {
+		p.lru.MoveToFront(elem)
+		return elem.Value.(*conn).db, nil
+	}
+
+	useInMemory := p.inMemory[tenantID]
+	db, err := openDB(p.dataDir, tenantID, useInMemory)
+	if err != nil {
+		return nil, err
+	}
+
+	for p.lru.Len() >= maxOpenConns {
+		p.evictOldest()
+	}
+
+	c := &conn{db: db, tenantID: tenantID}
+	elem := p.lru.PushFront(c)
+	p.conns[tenantID] = elem
+
+	return db, nil
+}
+
+func (p *Pool) evictOldest() {
+	elem := p.lru.Back()
+	if elem == nil {
+		return
+	}
+	c := elem.Value.(*conn)
+	c.db.Close()
+	delete(p.conns, c.tenantID)
+	delete(p.inMemory, c.tenantID)
+	p.lru.Remove(elem)
+}
+
+func (p *Pool) Evict(tenantID string) {
+	p.mu.Lock()
+	defer p.mu.Unlock()
+
+	if elem, ok := p.conns[tenantID]; ok {
+		c := elem.Value.(*conn)
+		c.db.Close()
+		delete(p.conns, tenantID)
+		p.lru.Remove(elem)
+	}
+	delete(p.inMemory, tenantID)
+}
+
+func (p *Pool) Close() {
+	p.mu.Lock()
+	defer p.mu.Unlock()
+
+	for p.lru.Len() > 0 {
+		p.evictOldest()
+	}
+}
+
+type cacheEntry struct {
+	tenantID  string
+	expiresAt time.Time
+}
+
+// Cache stores subdomain to tenant ID mappings.
+type Cache struct {
+	mu    sync.RWMutex
+	items map[string]cacheEntry
+	stop  chan struct{}
+}
+
+func NewCache() *Cache {
+	c := &Cache{
+		items: make(map[string]cacheEntry),
+		stop:  make(chan struct{}),
+	}
+	go c.cleanup()
+	return c
+}
+
+func (c *Cache) Get(subdomain string) (string, bool) {
+	c.mu.RLock()
+	defer c.mu.RUnlock()
+
+	entry, ok := c.items[subdomain]
+	if !ok || time.Now().After(entry.expiresAt) {
+		return "", false
+	}
+	return entry.tenantID, true
+}
+
+func (c *Cache) Set(subdomain, tenantID string) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	c.items[subdomain] = cacheEntry{
+		tenantID:  tenantID,
+		expiresAt: time.Now().Add(cacheTTL),
+	}
+}
+
+func (c *Cache) Delete(subdomain string) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	delete(c.items, subdomain)
+}
+
+func (c *Cache) cleanup() {
+	ticker := time.NewTicker(cacheCleanupFreq)
+	defer ticker.Stop()
+
+	for {
+		select {
+		case <-ticker.C:
+			c.mu.Lock()
+			now := time.Now()
+			for k, v := range c.items {
+				if now.After(v.expiresAt) {
+					delete(c.items, k)
+				}
+			}
+			c.mu.Unlock()
+		case <-c.stop:
+			return
+		}
+	}
+}
+
+func (c *Cache) Close() {
+	close(c.stop)
+}
diff --git a/internal/tenant/posts.go b/internal/tenant/posts.go
new file mode 100644
index 0000000..18594d9
--- /dev/null
+++ b/internal/tenant/posts.go
@@ -0,0 +1,481 @@
+package tenant
+
+import (
+	"context"
+	"database/sql"
+	"encoding/json"
+	"time"
+
+	"github.com/google/uuid"
+)
+
+func (q *Queries) ListPosts(ctx context.Context, includeUnpublished bool) ([]Post, error) {
+	query := `SELECT id, slug, title, description, tags, cover_image, content_md, content_html,
+		is_published, members_only, published_at, updated_at, aliases, created_at, modified_at
+		FROM posts ORDER BY COALESCE(published_at, created_at) DESC`
+	if !includeUnpublished {
+		query = `SELECT id, slug, title, description, tags, cover_image, content_md, content_html,
+			is_published, members_only, published_at, updated_at, aliases, created_at, modified_at
+			FROM posts WHERE is_published = 1 ORDER BY COALESCE(published_at, created_at) DESC`
+	}
+
+	rows, err := q.db.QueryContext(ctx, query)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var posts []Post
+	for rows.Next() {
+		p, err := scanPost(rows)
+		if err != nil {
+			return nil, err
+		}
+		posts = append(posts, p)
+	}
+	return posts, rows.Err()
+}
+
+type ListPostsOptions struct {
+	Limit  int
+	Offset int
+	Tag    string
+}
+
+type ListPostsResult struct {
+	Posts []Post
+	Total int
+}
+
+func (q *Queries) ListPostsPaginated(ctx context.Context, opts ListPostsOptions) (*ListPostsResult, error) {
+	if opts.Limit <= 0 {
+		opts.Limit = 20
+	}
+	if opts.Limit > 100 {
+		opts.Limit = 100
+	}
+
+	var args []any
+	where := "WHERE is_published = 1"
+
+	if opts.Tag != "" {
+		where += " AND tags LIKE ?"
+		args = append(args, "%\""+opts.Tag+"\"%")
+	}
+
+	var total int
+	countQuery := "SELECT COUNT(*) FROM posts " + where
+	err := q.db.QueryRowContext(ctx, countQuery, args...).Scan(&total)
+	if err != nil {
+		return nil, err
+	}
+
+	query := `SELECT id, slug, title, description, tags, cover_image, content_md, content_html,
+		is_published, members_only, published_at, updated_at, aliases, created_at, modified_at
+		FROM posts ` + where + ` ORDER BY COALESCE(published_at, created_at) DESC LIMIT ? OFFSET ?`
+	args = append(args, opts.Limit, opts.Offset)
+
+	rows, err := q.db.QueryContext(ctx, query, args...)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var posts []Post
+	for rows.Next() {
+		p, err := scanPost(rows)
+		if err != nil {
+			return nil, err
+		}
+		posts = append(posts, p)
+	}
+
+	return &ListPostsResult{Posts: posts, Total: total}, rows.Err()
+}
+
+func (q *Queries) GetPost(ctx context.Context, slug string) (*Post, error) {
+	row := q.db.QueryRowContext(ctx, `SELECT id, slug, title, description, tags, cover_image, content_md, content_html,
+		is_published, members_only, published_at, updated_at, aliases, created_at, modified_at
+		FROM posts WHERE slug = ?`, slug)
+
+	p, err := scanPost(row)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &p, nil
+}
+
+func (q *Queries) GetPostByID(ctx context.Context, id string) (*Post, error) {
+	row := q.db.QueryRowContext(ctx, `SELECT id, slug, title, description, tags, cover_image, content_md, content_html,
+		is_published, members_only, published_at, updated_at, aliases, created_at, modified_at
+		FROM posts WHERE id = ?`, id)
+
+	p, err := scanPost(row)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &p, nil
+}
+
+func (q *Queries) GetPostByAlias(ctx context.Context, alias string) (*Post, error) {
+	pattern := "%\"" + alias + "\"%"
+	row := q.db.QueryRowContext(ctx, `SELECT id, slug, title, description, tags, cover_image, content_md, content_html,
+		is_published, members_only, published_at, updated_at, aliases, created_at, modified_at
+		FROM posts WHERE aliases LIKE ? LIMIT 1`, pattern)
+
+	p, err := scanPost(row)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &p, nil
+}
+
+func (q *Queries) CreatePost(ctx context.Context, p *Post) error {
+	if p.ID == "" {
+		p.ID = uuid.NewString()
+	}
+	now := time.Now().UTC().Format(time.RFC3339)
+
+	_, err := q.db.ExecContext(ctx, `INSERT INTO posts (id, slug, title, description, tags, cover_image, content_md, content_html,
+		is_published, members_only, published_at, updated_at, aliases, created_at, modified_at)
+		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+		p.ID, p.Slug, nullStr(p.Title), nullStr(p.Description), jsonStr(p.Tags), nullStr(p.CoverImage),
+		nullStr(p.ContentMD), nullStr(p.ContentHTML), boolToInt(p.IsPublished), boolToInt(p.MembersOnly),
+		timeToStr(p.PublishedAt), timeToStr(p.UpdatedAt), jsonStr(p.Aliases), now, now)
+	if err != nil {
+		return err
+	}
+
+	q.IndexPost(ctx, p)
+	return nil
+}
+
+func (q *Queries) UpdatePost(ctx context.Context, p *Post) error {
+	now := time.Now().UTC().Format(time.RFC3339)
+
+	_, err := q.db.ExecContext(ctx, `UPDATE posts SET
+		slug = ?, title = ?, description = ?, tags = ?, cover_image = ?, content_md = ?, content_html = ?,
+		is_published = ?, members_only = ?, published_at = ?, updated_at = ?, aliases = ?, modified_at = ?
+		WHERE id = ?`,
+		p.Slug, nullStr(p.Title), nullStr(p.Description), jsonStr(p.Tags), nullStr(p.CoverImage),
+		nullStr(p.ContentMD), nullStr(p.ContentHTML), boolToInt(p.IsPublished), boolToInt(p.MembersOnly),
+		timeToStr(p.PublishedAt), timeToStr(p.UpdatedAt), jsonStr(p.Aliases), now, p.ID)
+	if err != nil {
+		return err
+	}
+
+	q.IndexPost(ctx, p)
+	return nil
+}
+
+func (q *Queries) DeletePost(ctx context.Context, id string) error {
+	post, _ := q.GetPostByID(ctx, id)
+	_, err := q.db.ExecContext(ctx, `DELETE FROM posts WHERE id = ?`, id)
+	if err == nil && post != nil {
+		q.RemoveFromIndex(ctx, post.Slug, "post")
+	}
+	return err
+}
+
+func (q *Queries) GetDraft(ctx context.Context, postID string) (*PostDraft, error) {
+	row := q.db.QueryRowContext(ctx, `SELECT post_id, slug, title, description, tags, cover_image, members_only, content_md, content_html, modified_at
+		FROM post_drafts WHERE post_id = ?`, postID)
+
+	d, err := scanDraft(row)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &d, nil
+}
+
+func (q *Queries) SaveDraft(ctx context.Context, d *PostDraft) error {
+	now := time.Now().UTC().Format(time.RFC3339)
+	_, err := q.db.ExecContext(ctx, `INSERT INTO post_drafts (post_id, slug, title, description, tags, cover_image, members_only, content_md, content_html, modified_at)
+		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+		ON CONFLICT(post_id) DO UPDATE SET
+			slug = excluded.slug, title = excluded.title, description = excluded.description, tags = excluded.tags,
+			cover_image = excluded.cover_image, members_only = excluded.members_only, content_md = excluded.content_md,
+			content_html = excluded.content_html, modified_at = excluded.modified_at`,
+		d.PostID, d.Slug, nullStr(d.Title), nullStr(d.Description), jsonStr(d.Tags), nullStr(d.CoverImage),
+		boolToInt(d.MembersOnly), nullStr(d.ContentMD), nullStr(d.ContentHTML), now)
+	return err
+}
+
+func (q *Queries) DeleteDraft(ctx context.Context, postID string) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM post_drafts WHERE post_id = ?`, postID)
+	return err
+}
+
+func (q *Queries) HasDraft(ctx context.Context, postID string) (bool, error) {
+	var count int64
+	err := q.db.QueryRowContext(ctx, `SELECT COUNT(*) FROM post_drafts WHERE post_id = ?`, postID).Scan(&count)
+	return count > 0, err
+}
+
+func (q *Queries) CreateVersion(ctx context.Context, p *Post) error {
+	now := time.Now().UTC().Format(time.RFC3339)
+	_, err := q.db.ExecContext(ctx, `INSERT INTO post_versions (post_id, slug, title, description, tags, cover_image, content_md, content_html, created_at)
+		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+		p.ID, p.Slug, nullStr(p.Title), nullStr(p.Description), jsonStr(p.Tags), nullStr(p.CoverImage),
+		nullStr(p.ContentMD), nullStr(p.ContentHTML), now)
+	return err
+}
+
+func (q *Queries) ListVersions(ctx context.Context, postID string) ([]PostVersion, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT id, post_id, slug, title, description, tags, cover_image, content_md, content_html, created_at
+		FROM post_versions WHERE post_id = ? ORDER BY created_at DESC`, postID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var versions []PostVersion
+	for rows.Next() {
+		v, err := scanVersion(rows)
+		if err != nil {
+			return nil, err
+		}
+		versions = append(versions, v)
+	}
+	return versions, rows.Err()
+}
+
+func (q *Queries) GetVersion(ctx context.Context, versionID int64) (*PostVersion, error) {
+	row := q.db.QueryRowContext(ctx, `SELECT id, post_id, slug, title, description, tags, cover_image, content_md, content_html, created_at
+		FROM post_versions WHERE id = ?`, versionID)
+
+	v, err := scanVersion(row)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &v, nil
+}
+
+func (q *Queries) PruneVersions(ctx context.Context, postID string, keepCount int) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM post_versions AS pv
+		WHERE pv.post_id = ?1 AND pv.id NOT IN (
+			SELECT sub.id FROM post_versions AS sub WHERE sub.post_id = ?1 ORDER BY sub.created_at DESC LIMIT ?2
+		)`, postID, keepCount)
+	return err
+}
+
+func (q *Queries) Publish(ctx context.Context, postID string) error {
+	post, err := q.GetPostByID(ctx, postID)
+	if err != nil || post == nil {
+		return err
+	}
+
+	draft, err := q.GetDraft(ctx, postID)
+	if err != nil {
+		return err
+	}
+
+	now := time.Now().UTC()
+
+	if draft != nil {
+		if draft.Slug != post.Slug {
+			if !contains(post.Aliases, post.Slug) {
+				post.Aliases = append(post.Aliases, post.Slug)
+			}
+		}
+		post.Slug = draft.Slug
+		post.Title = draft.Title
+		post.Description = draft.Description
+		post.Tags = draft.Tags
+		post.CoverImage = draft.CoverImage
+		post.MembersOnly = draft.MembersOnly
+		post.ContentMD = draft.ContentMD
+		post.ContentHTML = draft.ContentHTML
+	}
+
+	if post.PublishedAt == nil {
+		post.PublishedAt = &now
+	}
+	post.UpdatedAt = &now
+	post.IsPublished = true
+
+	if err := q.UpdatePost(ctx, post); err != nil {
+		return err
+	}
+	if err := q.CreateVersion(ctx, post); err != nil {
+		return err
+	}
+	if err := q.DeleteDraft(ctx, postID); err != nil {
+		return err
+	}
+	return q.PruneVersions(ctx, postID, 10)
+}
+
+func (q *Queries) Unpublish(ctx context.Context, postID string) error {
+	now := time.Now().UTC().Format(time.RFC3339)
+	_, err := q.db.ExecContext(ctx, `UPDATE posts SET is_published = 0, modified_at = ? WHERE id = ?`, now, postID)
+	return err
+}
+
+func (q *Queries) RestoreVersion(ctx context.Context, postID string, versionID int64) error {
+	version, err := q.GetVersion(ctx, versionID)
+	if err != nil || version == nil {
+		return err
+	}
+
+	return q.SaveDraft(ctx, &PostDraft{
+		PostID:      postID,
+		Slug:        version.Slug,
+		Title:       version.Title,
+		Description: version.Description,
+		Tags:        version.Tags,
+		CoverImage:  version.CoverImage,
+		ContentMD:   version.ContentMD,
+		ContentHTML: version.ContentHTML,
+	})
+}
+
+type scanner interface {
+	Scan(dest ...any) error
+}
+
+func scanPost(s scanner) (Post, error) {
+	var p Post
+	var title, desc, tags, cover, md, html, pubAt, updAt, aliases, createdAt, modAt sql.NullString
+	var isPub, memOnly sql.NullInt64
+
+	err := s.Scan(&p.ID, &p.Slug, &title, &desc, &tags, &cover, &md, &html,
+		&isPub, &memOnly, &pubAt, &updAt, &aliases, &createdAt, &modAt)
+	if err != nil {
+		return p, err
+	}
+
+	p.Title = title.String
+	p.Description = desc.String
+	p.Tags = parseJSON[[]string](tags.String)
+	p.CoverImage = cover.String
+	p.ContentMD = md.String
+	p.ContentHTML = html.String
+	p.IsPublished = isPub.Int64 == 1
+	p.MembersOnly = memOnly.Int64 == 1
+	p.PublishedAt = parseTimePtr(pubAt.String)
+	p.UpdatedAt = parseTimePtr(updAt.String)
+	p.Aliases = parseJSON[[]string](aliases.String)
+	p.CreatedAt = parseTime(createdAt.String)
+	p.ModifiedAt = parseTime(modAt.String)
+	return p, nil
+}
+
+func scanDraft(s scanner) (PostDraft, error) {
+	var d PostDraft
+	var title, desc, tags, cover, md, html, modAt sql.NullString
+	var memOnly sql.NullInt64
+
+	err := s.Scan(&d.PostID, &d.Slug, &title, &desc, &tags, &cover, &memOnly, &md, &html, &modAt)
+	if err != nil {
+		return d, err
+	}
+
+	d.Title = title.String
+	d.Description = desc.String
+	d.Tags = parseJSON[[]string](tags.String)
+	d.CoverImage = cover.String
+	d.MembersOnly = memOnly.Int64 == 1
+	d.ContentMD = md.String
+	d.ContentHTML = html.String
+	d.ModifiedAt = parseTime(modAt.String)
+	return d, nil
+}
+
+func scanVersion(s scanner) (PostVersion, error) {
+	var v PostVersion
+	var title, desc, tags, cover, md, html, createdAt sql.NullString
+
+	err := s.Scan(&v.ID, &v.PostID, &v.Slug, &title, &desc, &tags, &cover, &md, &html, &createdAt)
+	if err != nil {
+		return v, err
+	}
+
+	v.Title = title.String
+	v.Description = desc.String
+	v.Tags = parseJSON[[]string](tags.String)
+	v.CoverImage = cover.String
+	v.ContentMD = md.String
+	v.ContentHTML = html.String
+	v.CreatedAt = parseTime(createdAt.String)
+	return v, nil
+}
+
+func nullStr(s string) sql.NullString {
+	return sql.NullString{String: s, Valid: s != ""}
+}
+
+func boolToInt(b bool) int {
+	if b {
+		return 1
+	}
+	return 0
+}
+
+func jsonStr[T any](v T) sql.NullString {
+	b, _ := json.Marshal(v)
+	s := string(b)
+	if s == "null" || s == "[]" {
+		return sql.NullString{}
+	}
+	return sql.NullString{String: s, Valid: true}
+}
+
+func parseJSON[T any](s string) T {
+	var v T
+	if s != "" {
+		json.Unmarshal([]byte(s), &v)
+	}
+	return v
+}
+
+func parseTime(s string) time.Time {
+	if s == "" {
+		return time.Time{}
+	}
+	for _, layout := range []string{time.RFC3339, "2006-01-02", "2006-01-02 15:04:05"} {
+		if t, err := time.Parse(layout, s); err == nil {
+			return t
+		}
+	}
+	return time.Time{}
+}
+
+func parseTimePtr(s string) *time.Time {
+	t := parseTime(s)
+	if t.IsZero() {
+		return nil
+	}
+	return &t
+}
+
+func timeToStr(t *time.Time) sql.NullString {
+	if t == nil {
+		return sql.NullString{}
+	}
+	return sql.NullString{String: t.UTC().Format(time.RFC3339), Valid: true}
+}
+
+func contains(slice []string, item string) bool {
+	for _, s := range slice {
+		if s == item {
+			return true
+		}
+	}
+	return false
+}
diff --git a/internal/tenant/queries.go b/internal/tenant/queries.go
new file mode 100644
index 0000000..e836b83
--- /dev/null
+++ b/internal/tenant/queries.go
@@ -0,0 +1,24 @@
+package tenant
+
+import (
+	"context"
+	"database/sql"
+)
+
+type DB interface {
+	ExecContext(ctx context.Context, query string, args ...any) (sql.Result, error)
+	QueryContext(ctx context.Context, query string, args ...any) (*sql.Rows, error)
+	QueryRowContext(ctx context.Context, query string, args ...any) *sql.Row
+}
+
+type Queries struct {
+	db DB
+}
+
+func NewQueries(db *sql.DB) *Queries {
+	return &Queries{db: db}
+}
+
+func (q *Queries) WithTx(tx *sql.Tx) *Queries {
+	return &Queries{db: tx}
+}
diff --git a/internal/tenant/reactions.go b/internal/tenant/reactions.go
new file mode 100644
index 0000000..40d5ba5
--- /dev/null
+++ b/internal/tenant/reactions.go
@@ -0,0 +1,159 @@
+package tenant
+
+import (
+	"context"
+	"database/sql"
+)
+
+func (q *Queries) ListReactions(ctx context.Context, postSlug string) ([]Reaction, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT id, user_id, anon_id, post_slug, emoji, created_at
+		FROM reactions WHERE post_slug = ?`, postSlug)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var reactions []Reaction
+	for rows.Next() {
+		r, err := scanReaction(rows)
+		if err != nil {
+			return nil, err
+		}
+		reactions = append(reactions, r)
+	}
+	return reactions, rows.Err()
+}
+
+func (q *Queries) GetReactionCounts(ctx context.Context, postSlug string) (map[string]int, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT emoji, COUNT(*) as count FROM reactions WHERE post_slug = ? GROUP BY emoji`, postSlug)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	counts := make(map[string]int)
+	for rows.Next() {
+		var emoji string
+		var count int64
+		if err := rows.Scan(&emoji, &count); err != nil {
+			return nil, err
+		}
+		counts[emoji] = int(count)
+	}
+	return counts, rows.Err()
+}
+
+func (q *Queries) ToggleReaction(ctx context.Context, userID, anonID, postSlug, emoji string) (bool, error) {
+	var exists bool
+
+	if userID != "" {
+		var dummy int64
+		err := q.db.QueryRowContext(ctx, `SELECT 1 FROM reactions WHERE user_id = ? AND post_slug = ? AND emoji = ?`,
+			userID, postSlug, emoji).Scan(&dummy)
+		exists = err == nil
+	} else if anonID != "" {
+		var dummy int64
+		err := q.db.QueryRowContext(ctx, `SELECT 1 FROM reactions WHERE anon_id = ? AND post_slug = ? AND emoji = ?`,
+			anonID, postSlug, emoji).Scan(&dummy)
+		exists = err == nil
+	} else {
+		return false, nil
+	}
+
+	if !exists {
+		if userID != "" {
+			_, err := q.db.ExecContext(ctx, `INSERT INTO reactions (user_id, post_slug, emoji) VALUES (?, ?, ?)`,
+				userID, postSlug, emoji)
+			return true, err
+		}
+		_, err := q.db.ExecContext(ctx, `INSERT INTO reactions (anon_id, post_slug, emoji) VALUES (?, ?, ?)`,
+			anonID, postSlug, emoji)
+		return true, err
+	}
+
+	if userID != "" {
+		_, err := q.db.ExecContext(ctx, `DELETE FROM reactions WHERE user_id = ? AND post_slug = ? AND emoji = ?`,
+			userID, postSlug, emoji)
+		return false, err
+	}
+	_, err := q.db.ExecContext(ctx, `DELETE FROM reactions WHERE anon_id = ? AND post_slug = ? AND emoji = ?`,
+		anonID, postSlug, emoji)
+	return false, err
+}
+
+func (q *Queries) GetUserReactions(ctx context.Context, userID, postSlug string) ([]string, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT emoji FROM reactions WHERE user_id = ? AND post_slug = ?`, userID, postSlug)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var emojis []string
+	for rows.Next() {
+		var emoji string
+		if err := rows.Scan(&emoji); err != nil {
+			return nil, err
+		}
+		emojis = append(emojis, emoji)
+	}
+	return emojis, rows.Err()
+}
+
+func (q *Queries) GetAnonReactions(ctx context.Context, anonID, postSlug string) ([]string, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT emoji FROM reactions WHERE anon_id = ? AND post_slug = ?`, anonID, postSlug)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var emojis []string
+	for rows.Next() {
+		var emoji string
+		if err := rows.Scan(&emoji); err != nil {
+			return nil, err
+		}
+		emojis = append(emojis, emoji)
+	}
+	return emojis, rows.Err()
+}
+
+func (q *Queries) HasUserReacted(ctx context.Context, userID, postSlug string) (bool, error) {
+	var dummy int64
+	err := q.db.QueryRowContext(ctx, `SELECT 1 FROM reactions WHERE user_id = ? AND post_slug = ? LIMIT 1`,
+		userID, postSlug).Scan(&dummy)
+	if err == sql.ErrNoRows {
+		return false, nil
+	}
+	if err != nil {
+		return false, nil
+	}
+	return true, nil
+}
+
+func (q *Queries) HasAnonReacted(ctx context.Context, anonID, postSlug string) (bool, error) {
+	var dummy int64
+	err := q.db.QueryRowContext(ctx, `SELECT 1 FROM reactions WHERE anon_id = ? AND post_slug = ? LIMIT 1`,
+		anonID, postSlug).Scan(&dummy)
+	if err == sql.ErrNoRows {
+		return false, nil
+	}
+	if err != nil {
+		return false, nil
+	}
+	return true, nil
+}
+
+func scanReaction(s scanner) (Reaction, error) {
+	var r Reaction
+	var userID, anonID, createdAt sql.NullString
+
+	err := s.Scan(&r.ID, &userID, &anonID, &r.PostSlug, &r.Emoji, &createdAt)
+	if err != nil {
+		return r, err
+	}
+
+	r.UserID = userID.String
+	r.AnonID = anonID.String
+	r.CreatedAt = parseTime(createdAt.String)
+	return r, nil
+}
diff --git a/internal/tenant/runner.go b/internal/tenant/runner.go
new file mode 100644
index 0000000..1662851
--- /dev/null
+++ b/internal/tenant/runner.go
@@ -0,0 +1,621 @@
+package tenant
+
+import (
+	"bytes"
+	"context"
+	"database/sql"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"sync"
+	"time"
+
+	extism "github.com/extism/go-sdk"
+)
+
+type PluginRunner struct {
+	db       *sql.DB
+	q        *Queries
+	tenantID string
+	cache    map[string]*extism.Plugin
+	mu       sync.RWMutex
+}
+
+func NewPluginRunner(db *sql.DB, tenantID string) *PluginRunner {
+	return &PluginRunner{
+		db:       db,
+		q:        NewQueries(db),
+		tenantID: tenantID,
+		cache:    make(map[string]*extism.Plugin),
+	}
+}
+
+type HookEvent struct {
+	Hook string         `json:"hook"`
+	Data map[string]any `json:"data"`
+}
+
+type PluginResult struct {
+	PluginID string `json:"plugin_id"`
+	Success  bool   `json:"success"`
+	Output   string `json:"output,omitempty"`
+	Error    string `json:"error,omitempty"`
+	Duration int64  `json:"duration_ms"`
+}
+
+// TriggerHook executes plugins for an event hook (fire-and-forget)
+func (r *PluginRunner) TriggerHook(ctx context.Context, hook string, data map[string]any) []PluginResult {
+	plugins, err := r.q.GetPluginsByHook(ctx, hook)
+	if err != nil || len(plugins) == 0 {
+		return nil
+	}
+
+	secrets, _ := GetSecretsMap(r.db, r.tenantID)
+
+	var results []PluginResult
+	for _, p := range plugins {
+		result := r.runPlugin(ctx, &p, hook, data, secrets)
+		results = append(results, result)
+	}
+	return results
+}
+
+// ValidationResult represents the result of a validation hook
+type ValidationResult struct {
+	Allowed bool   `json:"allowed"`
+	Reason  string `json:"reason,omitempty"`
+}
+
+// TriggerValidation executes a validation hook and returns whether the action is allowed
+// Returns (allowed, reason, error). If no plugins exist, allowed defaults to true.
+func (r *PluginRunner) TriggerValidation(ctx context.Context, hook string, data map[string]any) (bool, string, error) {
+	plugins, err := r.q.GetPluginsByHook(ctx, hook)
+	if err != nil {
+		return true, "", err // Default to allowed on error
+	}
+	if len(plugins) == 0 {
+		return true, "", nil // Default to allowed if no plugins
+	}
+
+	secrets, _ := GetSecretsMap(r.db, r.tenantID)
+
+	// Run first enabled plugin only (validation is exclusive)
+	for _, p := range plugins {
+		result := r.runPlugin(ctx, &p, hook, data, secrets)
+		if !result.Success {
+			// Plugin failed to run, default to allowed
+			continue
+		}
+
+		var validation ValidationResult
+		if err := json.Unmarshal([]byte(result.Output), &validation); err != nil {
+			continue // Invalid output, skip this plugin
+		}
+
+		if !validation.Allowed {
+			return false, validation.Reason, nil
+		}
+	}
+
+	return true, "", nil
+}
+
+// TriggerTransform executes a transform hook and returns the transformed data
+// If no plugins exist or all fail, returns the original data unchanged.
+func (r *PluginRunner) TriggerTransform(ctx context.Context, hook string, data map[string]any) (map[string]any, error) {
+	plugins, err := r.q.GetPluginsByHook(ctx, hook)
+	if err != nil || len(plugins) == 0 {
+		return data, nil
+	}
+
+	secrets, _ := GetSecretsMap(r.db, r.tenantID)
+	current := data
+
+	// Chain transforms - each plugin receives output of previous
+	for _, p := range plugins {
+		result := r.runPlugin(ctx, &p, hook, current, secrets)
+		if !result.Success {
+			continue // Skip failed plugins
+		}
+
+		var transformed map[string]any
+		if err := json.Unmarshal([]byte(result.Output), &transformed); err != nil {
+			continue // Invalid output, skip
+		}
+
+		current = transformed
+	}
+
+	return current, nil
+}
+
+func (r *PluginRunner) runPlugin(ctx context.Context, p *Plugin, hook string, data map[string]any, secrets map[string]string) PluginResult {
+	start := time.Now()
+	result := PluginResult{PluginID: p.ID}
+
+	plugin, err := r.getOrCreatePlugin(p, secrets)
+	if err != nil {
+		result.Error = err.Error()
+		result.Duration = time.Since(start).Milliseconds()
+		return result
+	}
+
+	input, _ := json.Marshal(data)
+
+	funcName := hookToFunction(hook)
+	_, output, err := plugin.Call(funcName, input)
+	if err != nil {
+		result.Error = err.Error()
+	} else {
+		result.Success = true
+		result.Output = string(output)
+	}
+
+	result.Duration = time.Since(start).Milliseconds()
+	return result
+}
+
+func (r *PluginRunner) getOrCreatePlugin(p *Plugin, secrets map[string]string) (*extism.Plugin, error) {
+	r.mu.RLock()
+	cached, ok := r.cache[p.ID]
+	r.mu.RUnlock()
+
+	if ok {
+		return cached, nil
+	}
+
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if cached, ok = r.cache[p.ID]; ok {
+		return cached, nil
+	}
+
+	manifest := extism.Manifest{
+		Wasm: []extism.Wasm{
+			extism.WasmData{Data: p.Wasm},
+		},
+		AllowedHosts: []string{"*"},
+		Config:       secrets,
+	}
+
+	config := extism.PluginConfig{
+		EnableWasi: true,
+	}
+
+	plugin, err := extism.NewPlugin(context.Background(), manifest, config, r.hostFunctions())
+	if err != nil {
+		return nil, fmt.Errorf("create plugin: %w", err)
+	}
+
+	r.cache[p.ID] = plugin
+	return plugin, nil
+}
+
+func (r *PluginRunner) hostFunctions() []extism.HostFunction {
+	return []extism.HostFunction{
+		r.httpRequestHost(),
+		r.kvGetHost(),
+		r.kvSetHost(),
+		r.logHost(),
+	}
+}
+
+func (r *PluginRunner) httpRequestHost() extism.HostFunction {
+	return extism.NewHostFunctionWithStack(
+		"http_request",
+		func(ctx context.Context, p *extism.CurrentPlugin, stack []uint64) {
+			input, err := p.ReadBytes(stack[0])
+			if err != nil {
+				return
+			}
+
+			var req struct {
+				URL     string            `json:"url"`
+				Method  string            `json:"method"`
+				Headers map[string]string `json:"headers"`
+				Body    string            `json:"body"`
+			}
+			if err := json.Unmarshal(input, &req); err != nil {
+				return
+			}
+
+			if req.Method == "" {
+				req.Method = "GET"
+			}
+
+			httpReq, err := http.NewRequestWithContext(ctx, req.Method, req.URL, bytes.NewBufferString(req.Body))
+			if err != nil {
+				return
+			}
+
+			for k, v := range req.Headers {
+				httpReq.Header.Set(k, v)
+			}
+
+			client := &http.Client{Timeout: 30 * time.Second}
+			resp, err := client.Do(httpReq)
+			if err != nil {
+				errResp, _ := json.Marshal(map[string]any{"error": err.Error()})
+				offset, _ := p.WriteBytes(errResp)
+				stack[0] = offset
+				return
+			}
+			defer resp.Body.Close()
+
+			body, _ := io.ReadAll(resp.Body)
+
+			headers := make(map[string]string)
+			for k := range resp.Header {
+				headers[k] = resp.Header.Get(k)
+			}
+
+			result, _ := json.Marshal(map[string]any{
+				"status":  resp.StatusCode,
+				"headers": headers,
+				"body":    string(body),
+			})
+
+			offset, _ := p.WriteBytes(result)
+			stack[0] = offset
+		},
+		[]extism.ValueType{extism.ValueTypeI64},
+		[]extism.ValueType{extism.ValueTypeI64},
+	)
+}
+
+func (r *PluginRunner) kvGetHost() extism.HostFunction {
+	return extism.NewHostFunctionWithStack(
+		"kv_get",
+		func(ctx context.Context, p *extism.CurrentPlugin, stack []uint64) {
+			key, err := p.ReadString(stack[0])
+			if err != nil {
+				return
+			}
+
+			value, _ := GetSecret(r.db, r.tenantID, "kv:"+key)
+			offset, _ := p.WriteString(value)
+			stack[0] = offset
+		},
+		[]extism.ValueType{extism.ValueTypeI64},
+		[]extism.ValueType{extism.ValueTypeI64},
+	)
+}
+
+func (r *PluginRunner) kvSetHost() extism.HostFunction {
+	return extism.NewHostFunctionWithStack(
+		"kv_set",
+		func(ctx context.Context, p *extism.CurrentPlugin, stack []uint64) {
+			input, err := p.ReadBytes(stack[0])
+			if err != nil {
+				return
+			}
+
+			var kv struct {
+				Key   string `json:"key"`
+				Value string `json:"value"`
+			}
+			if err := json.Unmarshal(input, &kv); err != nil {
+				return
+			}
+
+			SetSecret(r.db, r.tenantID, "kv:"+kv.Key, kv.Value)
+			stack[0] = 0
+		},
+		[]extism.ValueType{extism.ValueTypeI64},
+		[]extism.ValueType{extism.ValueTypeI64},
+	)
+}
+
+func (r *PluginRunner) logHost() extism.HostFunction {
+	return extism.NewHostFunctionWithStack(
+		"log",
+		func(ctx context.Context, p *extism.CurrentPlugin, stack []uint64) {
+			msg, _ := p.ReadString(stack[0])
+			fmt.Printf("[plugin] %s\n", msg)
+			stack[0] = 0
+		},
+		[]extism.ValueType{extism.ValueTypeI64},
+		[]extism.ValueType{extism.ValueTypeI64},
+	)
+}
+
+func (r *PluginRunner) InvalidateCache(pluginID string) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if plugin, ok := r.cache[pluginID]; ok {
+		plugin.Close(context.Background())
+		delete(r.cache, pluginID)
+	}
+}
+
+func (r *PluginRunner) Close() {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	for _, plugin := range r.cache {
+		plugin.Close(context.Background())
+	}
+	r.cache = make(map[string]*extism.Plugin)
+}
+
+// HookPattern defines how a hook should be executed
+type HookPattern string
+
+const (
+	PatternEvent      HookPattern = "event"      // Fire-and-forget notifications
+	PatternValidation HookPattern = "validation" // Returns allowed/rejected decision
+	PatternTransform  HookPattern = "transform"  // Modifies and returns data
+)
+
+// HookInfo contains metadata about a hook
+type HookInfo struct {
+	Name        string
+	Pattern     HookPattern
+	Description string
+}
+
+// AvailableHooks lists all supported hooks with metadata
+var AvailableHooks = []HookInfo{
+	// Content hooks
+	{Name: "post.published", Pattern: PatternEvent, Description: "Triggered when a post is published"},
+	{Name: "post.updated", Pattern: PatternEvent, Description: "Triggered when a post is updated"},
+	{Name: "content.render", Pattern: PatternTransform, Description: "Transform HTML before display"},
+
+	// Engagement hooks
+	{Name: "comment.validate", Pattern: PatternValidation, Description: "Validate comment before creation"},
+	{Name: "comment.created", Pattern: PatternEvent, Description: "Triggered when a comment is created"},
+	{Name: "member.subscribed", Pattern: PatternEvent, Description: "Triggered when a member subscribes"},
+
+	// Utility hooks
+	{Name: "asset.uploaded", Pattern: PatternEvent, Description: "Triggered when an asset is uploaded"},
+	{Name: "analytics.sync", Pattern: PatternEvent, Description: "Triggered during analytics sync"},
+}
+
+// GetHookPattern returns the pattern for a given hook
+func GetHookPattern(hook string) HookPattern {
+	for _, h := range AvailableHooks {
+		if h.Name == hook {
+			return h.Pattern
+		}
+	}
+	return PatternEvent
+}
+
+// GetHookNames returns just the hook names (for API responses)
+func GetHookNames() []string {
+	names := make([]string, len(AvailableHooks))
+	for i, h := range AvailableHooks {
+		names[i] = h.Name
+	}
+	return names
+}
+
+// TestPluginRunner runs plugins for testing with log capture
+type TestPluginRunner struct {
+	db       *sql.DB
+	tenantID string
+	secrets  map[string]string
+	logs     []string
+}
+
+// TestResult contains the result of a plugin test run
+type TestResult struct {
+	Success  bool     `json:"success"`
+	Output   string   `json:"output,omitempty"`
+	Logs     []string `json:"logs"`
+	Error    string   `json:"error,omitempty"`
+	Duration int64    `json:"duration_ms"`
+}
+
+func NewTestPluginRunner(db *sql.DB, tenantID string, secrets map[string]string) *TestPluginRunner {
+	return &TestPluginRunner{
+		db:       db,
+		tenantID: tenantID,
+		secrets:  secrets,
+		logs:     []string{},
+	}
+}
+
+func (r *TestPluginRunner) RunTest(ctx context.Context, wasm []byte, hook string, data map[string]any) TestResult {
+	start := time.Now()
+	result := TestResult{Logs: []string{}}
+
+	manifest := extism.Manifest{
+		Wasm: []extism.Wasm{
+			extism.WasmData{Data: wasm},
+		},
+		AllowedHosts: []string{"*"},
+		Config:       r.secrets,
+	}
+
+	config := extism.PluginConfig{
+		EnableWasi: true,
+	}
+
+	plugin, err := extism.NewPlugin(ctx, manifest, config, r.testHostFunctions())
+	if err != nil {
+		result.Error = fmt.Sprintf("Failed to create plugin: %v", err)
+		result.Duration = time.Since(start).Milliseconds()
+		return result
+	}
+	defer plugin.Close(ctx)
+
+	input, _ := json.Marshal(data)
+	funcName := hookToFunction(hook)
+
+	_, output, err := plugin.Call(funcName, input)
+	if err != nil {
+		result.Error = err.Error()
+	} else {
+		result.Success = true
+		result.Output = string(output)
+	}
+
+	result.Logs = r.logs
+	result.Duration = time.Since(start).Milliseconds()
+	return result
+}
+
+func (r *TestPluginRunner) testHostFunctions() []extism.HostFunction {
+	return []extism.HostFunction{
+		r.testHttpRequestHost(),
+		r.testKvGetHost(),
+		r.testKvSetHost(),
+		r.testLogHost(),
+	}
+}
+
+func (r *TestPluginRunner) testHttpRequestHost() extism.HostFunction {
+	return extism.NewHostFunctionWithStack(
+		"http_request",
+		func(ctx context.Context, p *extism.CurrentPlugin, stack []uint64) {
+			input, err := p.ReadBytes(stack[0])
+			if err != nil {
+				return
+			}
+
+			var req struct {
+				URL     string            `json:"url"`
+				Method  string            `json:"method"`
+				Headers map[string]string `json:"headers"`
+				Body    string            `json:"body"`
+			}
+			if err := json.Unmarshal(input, &req); err != nil {
+				return
+			}
+
+			if req.Method == "" {
+				req.Method = "GET"
+			}
+
+			r.logs = append(r.logs, fmt.Sprintf("[HTTP] %s %s", req.Method, req.URL))
+
+			httpReq, err := http.NewRequestWithContext(ctx, req.Method, req.URL, bytes.NewBufferString(req.Body))
+			if err != nil {
+				errResp, _ := json.Marshal(map[string]any{"error": err.Error()})
+				offset, _ := p.WriteBytes(errResp)
+				stack[0] = offset
+				return
+			}
+
+			for k, v := range req.Headers {
+				httpReq.Header.Set(k, v)
+			}
+
+			client := &http.Client{Timeout: 30 * time.Second}
+			resp, err := client.Do(httpReq)
+			if err != nil {
+				r.logs = append(r.logs, fmt.Sprintf("[HTTP] Error: %v", err))
+				errResp, _ := json.Marshal(map[string]any{"error": err.Error()})
+				offset, _ := p.WriteBytes(errResp)
+				stack[0] = offset
+				return
+			}
+			defer resp.Body.Close()
+
+			body, _ := io.ReadAll(resp.Body)
+
+			r.logs = append(r.logs, fmt.Sprintf("[HTTP] Response: %d (%d bytes)", resp.StatusCode, len(body)))
+
+			headers := make(map[string]string)
+			for k := range resp.Header {
+				headers[k] = resp.Header.Get(k)
+			}
+
+			result, _ := json.Marshal(map[string]any{
+				"status":  resp.StatusCode,
+				"headers": headers,
+				"body":    string(body),
+			})
+
+			offset, _ := p.WriteBytes(result)
+			stack[0] = offset
+		},
+		[]extism.ValueType{extism.ValueTypeI64},
+		[]extism.ValueType{extism.ValueTypeI64},
+	)
+}
+
+func (r *TestPluginRunner) testKvGetHost() extism.HostFunction {
+	return extism.NewHostFunctionWithStack(
+		"kv_get",
+		func(ctx context.Context, p *extism.CurrentPlugin, stack []uint64) {
+			key, err := p.ReadString(stack[0])
+			if err != nil {
+				return
+			}
+
+			value, _ := GetSecret(r.db, r.tenantID, "kv:"+key)
+			r.logs = append(r.logs, fmt.Sprintf("[KV] GET %s", key))
+			offset, _ := p.WriteString(value)
+			stack[0] = offset
+		},
+		[]extism.ValueType{extism.ValueTypeI64},
+		[]extism.ValueType{extism.ValueTypeI64},
+	)
+}
+
+func (r *TestPluginRunner) testKvSetHost() extism.HostFunction {
+	return extism.NewHostFunctionWithStack(
+		"kv_set",
+		func(ctx context.Context, p *extism.CurrentPlugin, stack []uint64) {
+			input, err := p.ReadBytes(stack[0])
+			if err != nil {
+				return
+			}
+
+			var kv struct {
+				Key   string `json:"key"`
+				Value string `json:"value"`
+			}
+			if err := json.Unmarshal(input, &kv); err != nil {
+				return
+			}
+
+			r.logs = append(r.logs, fmt.Sprintf("[KV] SET %s = %s", kv.Key, kv.Value))
+			SetSecret(r.db, r.tenantID, "kv:"+kv.Key, kv.Value)
+			stack[0] = 0
+		},
+		[]extism.ValueType{extism.ValueTypeI64},
+		[]extism.ValueType{extism.ValueTypeI64},
+	)
+}
+
+func (r *TestPluginRunner) testLogHost() extism.HostFunction {
+	return extism.NewHostFunctionWithStack(
+		"log",
+		func(ctx context.Context, p *extism.CurrentPlugin, stack []uint64) {
+			msg, _ := p.ReadString(stack[0])
+			r.logs = append(r.logs, fmt.Sprintf("[LOG] %s", msg))
+			stack[0] = 0
+		},
+		[]extism.ValueType{extism.ValueTypeI64},
+		[]extism.ValueType{extism.ValueTypeI64},
+	)
+}
+
+func hookToFunction(hook string) string {
+	switch hook {
+	case "post.published":
+		return "on_post_published"
+	case "post.updated":
+		return "on_post_updated"
+	case "content.render":
+		return "render_content"
+	case "comment.validate":
+		return "validate_comment"
+	case "comment.created":
+		return "on_comment_created"
+	case "member.subscribed":
+		return "on_member_subscribed"
+	case "asset.uploaded":
+		return "on_asset_uploaded"
+	case "analytics.sync":
+		return "on_analytics_sync"
+	default:
+		return "run"
+	}
+}
diff --git a/internal/tenant/search.go b/internal/tenant/search.go
new file mode 100644
index 0000000..4da313d
--- /dev/null
+++ b/internal/tenant/search.go
@@ -0,0 +1,67 @@
+package tenant
+
+import (
+	"context"
+)
+
+type SearchResult struct {
+	Slug       string
+	Collection string
+	Title      string
+	Snippet    string
+	Type       string
+	URL        string
+	Date       string
+}
+
+func (q *Queries) Search(ctx context.Context, query string, limit int) ([]SearchResult, error) {
+	if limit <= 0 {
+		limit = 20
+	}
+
+	rows, err := q.db.QueryContext(ctx,
+		`SELECT slug, collection_slug, title, snippet(search_index, 4, '<mark>', '</mark>', '...', 32), type, url, date
+		FROM search_index
+		WHERE search_index MATCH ?
+		ORDER BY rank
+		LIMIT ?`, query, limit)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var results []SearchResult
+	for rows.Next() {
+		var r SearchResult
+		if err := rows.Scan(&r.Slug, &r.Collection, &r.Title, &r.Snippet, &r.Type, &r.URL, &r.Date); err != nil {
+			return nil, err
+		}
+		results = append(results, r)
+	}
+	return results, rows.Err()
+}
+
+func (q *Queries) IndexPost(ctx context.Context, p *Post) error {
+	q.db.ExecContext(ctx, `DELETE FROM search_index WHERE slug = ? AND type = 'post'`, p.Slug)
+
+	if !p.IsPublished {
+		return nil
+	}
+
+	dateStr := ""
+	if p.PublishedAt != nil {
+		dateStr = p.PublishedAt.Format("2006-01-02")
+	}
+
+	_, err := q.db.ExecContext(ctx,
+		`INSERT INTO search_index (slug, collection_slug, title, description, content, type, url, date)
+		VALUES (?, ?, ?, ?, ?, 'post', ?, ?)`,
+		p.Slug, "", p.Title, p.Description, p.ContentMD,
+		"/posts/"+p.Slug, dateStr)
+	return err
+}
+
+func (q *Queries) RemoveFromIndex(ctx context.Context, slug, itemType string) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM search_index WHERE slug = ? AND type = ?`, slug, itemType)
+	return err
+}
diff --git a/internal/tenant/secrets.go b/internal/tenant/secrets.go
new file mode 100644
index 0000000..f1952fa
--- /dev/null
+++ b/internal/tenant/secrets.go
@@ -0,0 +1,202 @@
+package tenant
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/rand"
+	"crypto/sha256"
+	"database/sql"
+	"encoding/hex"
+	"fmt"
+	"os"
+	"time"
+)
+
+type Secret struct {
+	Key       string
+	CreatedAt time.Time
+	UpdatedAt time.Time
+}
+
+var masterKey []byte
+
+func init() {
+	key := os.Getenv("SECRETS_MASTER_KEY")
+	if key == "" {
+		key = "writekit-dev-key-change-in-prod"
+	}
+	hash := sha256.Sum256([]byte(key))
+	masterKey = hash[:]
+}
+
+func deriveKey(tenantID string) []byte {
+	combined := append(masterKey, []byte(tenantID)...)
+	hash := sha256.Sum256(combined)
+	return hash[:]
+}
+
+func encrypt(plaintext []byte, tenantID string) (ciphertext, nonce []byte, err error) {
+	key := deriveKey(tenantID)
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	gcm, err := cipher.NewGCM(block)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	nonce = make([]byte, gcm.NonceSize())
+	if _, err := rand.Read(nonce); err != nil {
+		return nil, nil, err
+	}
+
+	ciphertext = gcm.Seal(nil, nonce, plaintext, nil)
+	return ciphertext, nonce, nil
+}
+
+func decrypt(ciphertext, nonce []byte, tenantID string) ([]byte, error) {
+	key := deriveKey(tenantID)
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+
+	gcm, err := cipher.NewGCM(block)
+	if err != nil {
+		return nil, err
+	}
+
+	return gcm.Open(nil, nonce, ciphertext, nil)
+}
+
+func ensureSecretsTable(db *sql.DB) error {
+	_, err := db.Exec(`
+		CREATE TABLE IF NOT EXISTS secrets (
+			key TEXT PRIMARY KEY,
+			value BLOB NOT NULL,
+			nonce BLOB NOT NULL,
+			created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+			updated_at TEXT DEFAULT CURRENT_TIMESTAMP
+		)
+	`)
+	return err
+}
+
+func SetSecret(db *sql.DB, tenantID, key, value string) error {
+	if err := ensureSecretsTable(db); err != nil {
+		return err
+	}
+
+	ciphertext, nonce, err := encrypt([]byte(value), tenantID)
+	if err != nil {
+		return fmt.Errorf("encrypt: %w", err)
+	}
+
+	_, err = db.Exec(`
+		INSERT INTO secrets (key, value, nonce, updated_at)
+		VALUES (?, ?, ?, CURRENT_TIMESTAMP)
+		ON CONFLICT(key) DO UPDATE SET
+			value = excluded.value,
+			nonce = excluded.nonce,
+			updated_at = CURRENT_TIMESTAMP
+	`, key, ciphertext, nonce)
+	return err
+}
+
+func GetSecret(db *sql.DB, tenantID, key string) (string, error) {
+	if err := ensureSecretsTable(db); err != nil {
+		return "", err
+	}
+
+	var ciphertext, nonce []byte
+	err := db.QueryRow(`SELECT value, nonce FROM secrets WHERE key = ?`, key).Scan(&ciphertext, &nonce)
+	if err == sql.ErrNoRows {
+		return "", nil
+	}
+	if err != nil {
+		return "", err
+	}
+
+	plaintext, err := decrypt(ciphertext, nonce, tenantID)
+	if err != nil {
+		return "", fmt.Errorf("decrypt: %w", err)
+	}
+
+	return string(plaintext), nil
+}
+
+func DeleteSecret(db *sql.DB, key string) error {
+	if err := ensureSecretsTable(db); err != nil {
+		return err
+	}
+
+	_, err := db.Exec(`DELETE FROM secrets WHERE key = ?`, key)
+	return err
+}
+
+func ListSecrets(db *sql.DB) ([]Secret, error) {
+	if err := ensureSecretsTable(db); err != nil {
+		return nil, err
+	}
+
+	rows, err := db.Query(`SELECT key, created_at, updated_at FROM secrets ORDER BY key`)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var secrets []Secret
+	for rows.Next() {
+		var s Secret
+		var createdAt, updatedAt string
+		if err := rows.Scan(&s.Key, &createdAt, &updatedAt); err != nil {
+			return nil, err
+		}
+		s.CreatedAt, _ = time.Parse(time.RFC3339, createdAt)
+		s.UpdatedAt, _ = time.Parse(time.RFC3339, updatedAt)
+		secrets = append(secrets, s)
+	}
+	return secrets, rows.Err()
+}
+
+func GetSecretsMap(db *sql.DB, tenantID string) (map[string]string, error) {
+	if err := ensureSecretsTable(db); err != nil {
+		return nil, err
+	}
+
+	rows, err := db.Query(`SELECT key, value, nonce FROM secrets`)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	secrets := make(map[string]string)
+	for rows.Next() {
+		var key string
+		var ciphertext, nonce []byte
+		if err := rows.Scan(&key, &ciphertext, &nonce); err != nil {
+			return nil, err
+		}
+		plaintext, err := decrypt(ciphertext, nonce, tenantID)
+		if err != nil {
+			continue
+		}
+		secrets[key] = string(plaintext)
+	}
+	return secrets, rows.Err()
+}
+
+func MaskSecret(value string) string {
+	if len(value) <= 8 {
+		return "••••••••"
+	}
+	return value[:4] + "••••" + value[len(value)-4:]
+}
+
+func GenerateSecretID() string {
+	b := make([]byte, 16)
+	rand.Read(b)
+	return hex.EncodeToString(b)
+}
diff --git a/internal/tenant/settings.go b/internal/tenant/settings.go
new file mode 100644
index 0000000..9ec0898
--- /dev/null
+++ b/internal/tenant/settings.go
@@ -0,0 +1,84 @@
+package tenant
+
+import (
+	"context"
+)
+
+func (q *Queries) GetSettings(ctx context.Context) (Settings, error) {
+	rows, err := q.db.QueryContext(ctx, `SELECT key, value FROM site_settings`)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	settings := make(Settings)
+	for rows.Next() {
+		var key, value string
+		if err := rows.Scan(&key, &value); err != nil {
+			return nil, err
+		}
+		settings[key] = value
+	}
+	return settings, rows.Err()
+}
+
+func (q *Queries) GetSetting(ctx context.Context, key string) (string, error) {
+	var value string
+	err := q.db.QueryRowContext(ctx, `SELECT value FROM site_settings WHERE key = ?`, key).Scan(&value)
+	if err != nil {
+		return "", err
+	}
+	return value, nil
+}
+
+func (q *Queries) SetSetting(ctx context.Context, key, value string) error {
+	_, err := q.db.ExecContext(ctx, `INSERT INTO site_settings (key, value, updated_at)
+		VALUES (?, ?, CURRENT_TIMESTAMP)
+		ON CONFLICT(key) DO UPDATE SET value = excluded.value, updated_at = CURRENT_TIMESTAMP`, key, value)
+	return err
+}
+
+func (q *Queries) SetSettings(ctx context.Context, settings Settings) error {
+	for key, value := range settings {
+		if err := q.SetSetting(ctx, key, value); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (q *Queries) DeleteSetting(ctx context.Context, key string) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM site_settings WHERE key = ?`, key)
+	return err
+}
+
+var defaultSettings = map[string]string{
+	"comments_enabled":       "true",
+	"reactions_enabled":      "true",
+	"reaction_mode":          "upvote",
+	"reaction_emojis":        "👍,❤️,😂,😮,😢",
+	"upvote_icon":            "👍",
+	"reactions_require_auth": "false",
+}
+
+func (q *Queries) GetSettingWithDefault(ctx context.Context, key string) string {
+	value, err := q.GetSetting(ctx, key)
+	if err != nil || value == "" {
+		if def, ok := defaultSettings[key]; ok {
+			return def
+		}
+		return ""
+	}
+	return value
+}
+
+func (q *Queries) GetInteractionConfig(ctx context.Context) map[string]any {
+	return map[string]any{
+		"comments_enabled":       q.GetSettingWithDefault(ctx, "comments_enabled") == "true",
+		"reactions_enabled":      q.GetSettingWithDefault(ctx, "reactions_enabled") == "true",
+		"reaction_mode":          q.GetSettingWithDefault(ctx, "reaction_mode"),
+		"reaction_emojis":        q.GetSettingWithDefault(ctx, "reaction_emojis"),
+		"upvote_icon":            q.GetSettingWithDefault(ctx, "upvote_icon"),
+		"reactions_require_auth": q.GetSettingWithDefault(ctx, "reactions_require_auth") == "true",
+	}
+}
diff --git a/internal/tenant/sqlite.go b/internal/tenant/sqlite.go
new file mode 100644
index 0000000..cfc178f
--- /dev/null
+++ b/internal/tenant/sqlite.go
@@ -0,0 +1,273 @@
+package tenant
+
+import (
+	"database/sql"
+	"fmt"
+	"os"
+	"path/filepath"
+
+	_ "modernc.org/sqlite"
+)
+
+func openDB(dataDir, tenantID string, inMemory bool) (*sql.DB, error) {
+	var dsn string
+	if inMemory {
+		// named in-memory DB with shared cache so all 'connections' share the same database
+		dsn = "file:" + tenantID + "?mode=memory&cache=shared&_pragma=busy_timeout(5000)"
+	} else {
+		dbPath := filepath.Join(dataDir, tenantID+".db")
+		if err := os.MkdirAll(dataDir, 0755); err != nil {
+			return nil, err
+		}
+		dsn = dbPath + "?_pragma=journal_mode(WAL)&_pragma=busy_timeout(5000)"
+	}
+
+	db, err := sql.Open("sqlite", dsn)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := initSchema(db); err != nil {
+		db.Close()
+		return nil, err
+	}
+
+	return db, nil
+}
+
+func initSchema(db *sql.DB) error {
+	schema := `
+	CREATE TABLE IF NOT EXISTS posts (
+		id TEXT PRIMARY KEY,
+		slug TEXT UNIQUE NOT NULL,
+		title TEXT,
+		description TEXT,
+		tags TEXT,
+		cover_image TEXT,
+		content_md TEXT,
+		content_html TEXT,
+		is_published INTEGER DEFAULT 0,
+		members_only INTEGER DEFAULT 0,
+		published_at TEXT,
+		updated_at TEXT,
+		aliases TEXT,
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+		modified_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+	CREATE INDEX IF NOT EXISTS idx_posts_slug ON posts(slug);
+	CREATE INDEX IF NOT EXISTS idx_posts_published ON posts(published_at DESC) WHERE is_published = 1;
+
+	CREATE TABLE IF NOT EXISTS post_drafts (
+		post_id TEXT PRIMARY KEY REFERENCES posts(id) ON DELETE CASCADE,
+		slug TEXT NOT NULL,
+		title TEXT,
+		description TEXT,
+		tags TEXT,
+		cover_image TEXT,
+		members_only INTEGER DEFAULT 0,
+		content_md TEXT,
+		content_html TEXT,
+		modified_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+
+	CREATE TABLE IF NOT EXISTS post_versions (
+		id INTEGER PRIMARY KEY AUTOINCREMENT,
+		post_id TEXT NOT NULL REFERENCES posts(id) ON DELETE CASCADE,
+		slug TEXT NOT NULL,
+		title TEXT,
+		description TEXT,
+		tags TEXT,
+		cover_image TEXT,
+		content_md TEXT,
+		content_html TEXT,
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+	CREATE INDEX IF NOT EXISTS idx_post_versions_post ON post_versions(post_id);
+
+	CREATE TABLE IF NOT EXISTS pages (
+		path TEXT PRIMARY KEY,
+		html BLOB,
+		etag TEXT,
+		built_at TEXT
+	);
+
+	CREATE TABLE IF NOT EXISTS assets (
+		id TEXT PRIMARY KEY,
+		filename TEXT NOT NULL,
+		r2_key TEXT NOT NULL,
+		content_type TEXT,
+		size INTEGER,
+		width INTEGER,
+		height INTEGER,
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+
+	CREATE TABLE IF NOT EXISTS site_settings (
+		key TEXT PRIMARY KEY,
+		value TEXT NOT NULL,
+		updated_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+
+	CREATE TABLE IF NOT EXISTS users (
+		id TEXT PRIMARY KEY,
+		email TEXT NOT NULL,
+		name TEXT,
+		avatar_url TEXT,
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+
+	CREATE TABLE IF NOT EXISTS sessions (
+		token TEXT PRIMARY KEY,
+		user_id TEXT NOT NULL REFERENCES users(id),
+		expires_at TEXT NOT NULL
+	);
+	CREATE INDEX IF NOT EXISTS idx_sessions_expires ON sessions(expires_at);
+
+	CREATE TABLE IF NOT EXISTS comments (
+		id INTEGER PRIMARY KEY AUTOINCREMENT,
+		user_id TEXT NOT NULL REFERENCES users(id),
+		post_slug TEXT NOT NULL,
+		content TEXT NOT NULL,
+		content_html TEXT,
+		parent_id INTEGER REFERENCES comments(id),
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+		updated_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+	CREATE INDEX IF NOT EXISTS idx_comments_post ON comments(post_slug);
+	CREATE INDEX IF NOT EXISTS idx_comments_parent ON comments(parent_id);
+
+	CREATE TABLE IF NOT EXISTS reactions (
+		id INTEGER PRIMARY KEY AUTOINCREMENT,
+		user_id TEXT REFERENCES users(id),
+		anon_id TEXT,
+		post_slug TEXT NOT NULL,
+		emoji TEXT NOT NULL,
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+		UNIQUE(user_id, post_slug, emoji),
+		UNIQUE(anon_id, post_slug, emoji)
+	);
+	CREATE INDEX IF NOT EXISTS idx_reactions_post ON reactions(post_slug);
+
+	CREATE TABLE IF NOT EXISTS page_views (
+		id INTEGER PRIMARY KEY AUTOINCREMENT,
+		path TEXT NOT NULL,
+		post_slug TEXT,
+		referrer TEXT,
+		user_agent TEXT,
+		visitor_hash TEXT,
+		utm_source TEXT,
+		utm_medium TEXT,
+		utm_campaign TEXT,
+		device_type TEXT,
+		browser TEXT,
+		os TEXT,
+		country TEXT,
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+	CREATE INDEX IF NOT EXISTS idx_page_views_path ON page_views(path);
+	CREATE INDEX IF NOT EXISTS idx_page_views_created ON page_views(created_at);
+	CREATE INDEX IF NOT EXISTS idx_page_views_visitor ON page_views(visitor_hash);
+
+	CREATE TABLE IF NOT EXISTS daily_analytics (
+		date TEXT PRIMARY KEY,
+		requests INTEGER DEFAULT 0,
+		page_views INTEGER DEFAULT 0,
+		unique_visitors INTEGER DEFAULT 0,
+		bandwidth INTEGER DEFAULT 0,
+		browsers TEXT,
+		os TEXT,
+		devices TEXT,
+		countries TEXT,
+		paths TEXT,
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+
+	CREATE TABLE IF NOT EXISTS members (
+		user_id TEXT PRIMARY KEY REFERENCES users(id),
+		email TEXT NOT NULL,
+		name TEXT,
+		tier TEXT NOT NULL,
+		status TEXT NOT NULL,
+		expires_at TEXT,
+		synced_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+
+	CREATE TABLE IF NOT EXISTS api_keys (
+		key TEXT PRIMARY KEY,
+		name TEXT NOT NULL,
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+		last_used_at TEXT
+	);
+
+	CREATE TABLE IF NOT EXISTS components (
+		id TEXT PRIMARY KEY,
+		name TEXT NOT NULL UNIQUE,
+		type TEXT NOT NULL,
+		source TEXT NOT NULL,
+		compiled TEXT,
+		client_directive TEXT DEFAULT 'load',
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+		updated_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+
+	CREATE TABLE IF NOT EXISTS plugins (
+		id TEXT PRIMARY KEY,
+		name TEXT NOT NULL,
+		language TEXT NOT NULL,
+		source TEXT NOT NULL,
+		wasm BLOB,
+		hooks TEXT NOT NULL,
+		enabled INTEGER DEFAULT 1,
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+		updated_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+
+	CREATE TABLE IF NOT EXISTS webhooks (
+		id TEXT PRIMARY KEY,
+		name TEXT NOT NULL,
+		url TEXT NOT NULL,
+		events TEXT NOT NULL,
+		secret TEXT,
+		enabled INTEGER DEFAULT 1,
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+		last_triggered_at TEXT,
+		last_status TEXT
+	);
+
+	CREATE TABLE IF NOT EXISTS webhook_deliveries (
+		id INTEGER PRIMARY KEY AUTOINCREMENT,
+		webhook_id TEXT NOT NULL REFERENCES webhooks(id) ON DELETE CASCADE,
+		event TEXT NOT NULL,
+		payload TEXT,
+		status TEXT NOT NULL,
+		response_code INTEGER,
+		response_body TEXT,
+		attempts INTEGER DEFAULT 1,
+		created_at TEXT DEFAULT CURRENT_TIMESTAMP
+	);
+	CREATE INDEX IF NOT EXISTS idx_webhook_deliveries_webhook ON webhook_deliveries(webhook_id, created_at DESC);
+	`
+
+	_, err := db.Exec(schema)
+	if err != nil {
+		return fmt.Errorf("init schema: %w", err)
+	}
+
+	_, err = db.Exec(`
+		CREATE VIRTUAL TABLE IF NOT EXISTS search_index USING fts5(
+			slug UNINDEXED,
+			collection_slug UNINDEXED,
+			title,
+			description,
+			content,
+			type UNINDEXED,
+			url UNINDEXED,
+			date UNINDEXED
+		)
+	`)
+	if err != nil {
+		return fmt.Errorf("init fts5: %w", err)
+	}
+
+	return nil
+}
diff --git a/internal/tenant/sync.go b/internal/tenant/sync.go
new file mode 100644
index 0000000..d7cbd31
--- /dev/null
+++ b/internal/tenant/sync.go
@@ -0,0 +1,31 @@
+package tenant
+
+import (
+	"context"
+	"time"
+)
+
+type MemberSyncer struct {
+	pool *Pool
+}
+
+func NewMemberSyncer(pool *Pool) *MemberSyncer {
+	return &MemberSyncer{pool: pool}
+}
+
+func (s *MemberSyncer) SyncMember(ctx context.Context, tenantID, userID, email, name, tier, status string, expiresAt *time.Time) error {
+	db, err := s.pool.Get(tenantID)
+	if err != nil {
+		return err
+	}
+
+	q := NewQueries(db)
+	return q.UpsertMember(ctx, &Member{
+		UserID:    userID,
+		Email:     email,
+		Name:      name,
+		Tier:      tier,
+		Status:    status,
+		ExpiresAt: expiresAt,
+	})
+}
diff --git a/internal/tenant/users.go b/internal/tenant/users.go
new file mode 100644
index 0000000..9aa87eb
--- /dev/null
+++ b/internal/tenant/users.go
@@ -0,0 +1,117 @@
+package tenant
+
+import (
+	"context"
+	"crypto/rand"
+	"database/sql"
+	"encoding/hex"
+	"time"
+
+	"github.com/google/uuid"
+)
+
+func (q *Queries) GetUserByID(ctx context.Context, id string) (*User, error) {
+	row := q.db.QueryRowContext(ctx, `SELECT id, email, name, avatar_url, created_at FROM users WHERE id = ?`, id)
+
+	u, err := scanUser(row)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &u, nil
+}
+
+func (q *Queries) GetUserByEmail(ctx context.Context, email string) (*User, error) {
+	row := q.db.QueryRowContext(ctx, `SELECT id, email, name, avatar_url, created_at FROM users WHERE email = ?`, email)
+
+	u, err := scanUser(row)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &u, nil
+}
+
+func (q *Queries) CreateUser(ctx context.Context, u *User) error {
+	if u.ID == "" {
+		u.ID = uuid.NewString()
+	}
+	_, err := q.db.ExecContext(ctx, `INSERT INTO users (id, email, name, avatar_url) VALUES (?, ?, ?, ?)`,
+		u.ID, u.Email, nullStr(u.Name), nullStr(u.AvatarURL))
+	return err
+}
+
+func (q *Queries) ValidateSession(ctx context.Context, token string) (*Session, error) {
+	var s Session
+	var expiresAt string
+	err := q.db.QueryRowContext(ctx, `SELECT token, user_id, expires_at FROM sessions WHERE token = ?`, token).
+		Scan(&s.Token, &s.UserID, &expiresAt)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	s.ExpiresAt, _ = time.Parse(time.RFC3339, expiresAt)
+	if time.Now().After(s.ExpiresAt) {
+		q.db.ExecContext(ctx, `DELETE FROM sessions WHERE token = ?`, token)
+		return nil, nil
+	}
+
+	return &s, nil
+}
+
+func (q *Queries) CreateSession(ctx context.Context, userID string) (*Session, error) {
+	token, err := generateToken()
+	if err != nil {
+		return nil, err
+	}
+
+	expires := time.Now().Add(30 * 24 * time.Hour)
+	expiresStr := expires.UTC().Format(time.RFC3339)
+
+	_, err = q.db.ExecContext(ctx, `INSERT INTO sessions (token, user_id, expires_at) VALUES (?, ?, ?)`,
+		token, userID, expiresStr)
+	if err != nil {
+		return nil, err
+	}
+
+	return &Session{
+		Token:     token,
+		UserID:    userID,
+		ExpiresAt: expires,
+	}, nil
+}
+
+func (q *Queries) DeleteSession(ctx context.Context, token string) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM sessions WHERE token = ?`, token)
+	return err
+}
+
+func scanUser(s scanner) (User, error) {
+	var u User
+	var name, avatarURL, createdAt sql.NullString
+
+	err := s.Scan(&u.ID, &u.Email, &name, &avatarURL, &createdAt)
+	if err != nil {
+		return u, err
+	}
+
+	u.Name = name.String
+	u.AvatarURL = avatarURL.String
+	u.CreatedAt = parseTime(createdAt.String)
+	return u, nil
+}
+
+func generateToken() (string, error) {
+	b := make([]byte, 32)
+	if _, err := rand.Read(b); err != nil {
+		return "", err
+	}
+	return hex.EncodeToString(b), nil
+}
diff --git a/internal/tenant/webhooks.go b/internal/tenant/webhooks.go
new file mode 100644
index 0000000..ae53f26
--- /dev/null
+++ b/internal/tenant/webhooks.go
@@ -0,0 +1,308 @@
+package tenant
+
+import (
+	"bytes"
+	"context"
+	"crypto/hmac"
+	"crypto/sha256"
+	"database/sql"
+	"encoding/hex"
+	"encoding/json"
+	"net/http"
+	"time"
+
+	"github.com/google/uuid"
+)
+
+type Webhook struct {
+	ID              string     `json:"id"`
+	Name            string     `json:"name"`
+	URL             string     `json:"url"`
+	Events          []string   `json:"events"`
+	Secret          string     `json:"secret,omitempty"`
+	Enabled         bool       `json:"enabled"`
+	CreatedAt       time.Time  `json:"created_at"`
+	LastTriggeredAt *time.Time `json:"last_triggered_at"`
+	LastStatus      *string    `json:"last_status"`
+}
+
+type WebhookDelivery struct {
+	ID           int64     `json:"id"`
+	WebhookID    string    `json:"webhook_id"`
+	Event        string    `json:"event"`
+	Payload      string    `json:"payload"`
+	Status       string    `json:"status"`
+	ResponseCode *int      `json:"response_code"`
+	ResponseBody *string   `json:"response_body"`
+	Attempts     int       `json:"attempts"`
+	CreatedAt    time.Time `json:"created_at"`
+}
+
+type WebhookPayload struct {
+	Event     string    `json:"event"`
+	Timestamp time.Time `json:"timestamp"`
+	Data      any       `json:"data"`
+}
+
+func (q *Queries) CountWebhooks(ctx context.Context) (int, error) {
+	var count int
+	err := q.db.QueryRowContext(ctx, `SELECT COUNT(*) FROM webhooks`).Scan(&count)
+	return count, err
+}
+
+func (q *Queries) CreateWebhook(ctx context.Context, name, url string, events []string, secret string) (*Webhook, error) {
+	id := uuid.New().String()
+	eventsJSON, _ := json.Marshal(events)
+
+	_, err := q.db.ExecContext(ctx, `
+		INSERT INTO webhooks (id, name, url, events, secret, enabled, created_at)
+		VALUES (?, ?, ?, ?, ?, 1, CURRENT_TIMESTAMP)
+	`, id, name, url, string(eventsJSON), secret)
+	if err != nil {
+		return nil, err
+	}
+
+	return q.GetWebhook(ctx, id)
+}
+
+func (q *Queries) GetWebhook(ctx context.Context, id string) (*Webhook, error) {
+	var w Webhook
+	var eventsJSON string
+	var lastTriggeredAt, lastStatus sql.NullString
+	var createdAtStr string
+
+	err := q.db.QueryRowContext(ctx, `
+		SELECT id, name, url, events, secret, enabled, created_at, last_triggered_at, last_status
+		FROM webhooks WHERE id = ?
+	`, id).Scan(&w.ID, &w.Name, &w.URL, &eventsJSON, &w.Secret, &w.Enabled, &createdAtStr, &lastTriggeredAt, &lastStatus)
+	if err == sql.ErrNoRows {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	json.Unmarshal([]byte(eventsJSON), &w.Events)
+	w.CreatedAt, _ = time.Parse(time.RFC3339, createdAtStr)
+	if lastTriggeredAt.Valid {
+		t, _ := time.Parse(time.RFC3339, lastTriggeredAt.String)
+		w.LastTriggeredAt = &t
+	}
+	if lastStatus.Valid {
+		w.LastStatus = &lastStatus.String
+	}
+
+	return &w, nil
+}
+
+func (q *Queries) ListWebhooks(ctx context.Context) ([]Webhook, error) {
+	rows, err := q.db.QueryContext(ctx, `
+		SELECT id, name, url, events, secret, enabled, created_at, last_triggered_at, last_status
+		FROM webhooks ORDER BY created_at DESC
+	`)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var webhooks []Webhook
+	for rows.Next() {
+		var w Webhook
+		var eventsJSON string
+		var lastTriggeredAt, lastStatus sql.NullString
+		var createdAtStr string
+
+		if err := rows.Scan(&w.ID, &w.Name, &w.URL, &eventsJSON, &w.Secret, &w.Enabled, &createdAtStr, &lastTriggeredAt, &lastStatus); err != nil {
+			return nil, err
+		}
+
+		json.Unmarshal([]byte(eventsJSON), &w.Events)
+		w.CreatedAt, _ = time.Parse(time.RFC3339, createdAtStr)
+		if lastTriggeredAt.Valid {
+			t, _ := time.Parse(time.RFC3339, lastTriggeredAt.String)
+			w.LastTriggeredAt = &t
+		}
+		if lastStatus.Valid {
+			w.LastStatus = &lastStatus.String
+		}
+
+		webhooks = append(webhooks, w)
+	}
+
+	return webhooks, rows.Err()
+}
+
+func (q *Queries) UpdateWebhook(ctx context.Context, id, name, url string, events []string, secret string, enabled bool) error {
+	eventsJSON, _ := json.Marshal(events)
+
+	_, err := q.db.ExecContext(ctx, `
+		UPDATE webhooks SET name = ?, url = ?, events = ?, secret = ?, enabled = ?
+		WHERE id = ?
+	`, name, url, string(eventsJSON), secret, enabled, id)
+	return err
+}
+
+func (q *Queries) DeleteWebhook(ctx context.Context, id string) error {
+	_, err := q.db.ExecContext(ctx, `DELETE FROM webhooks WHERE id = ?`, id)
+	return err
+}
+
+func (q *Queries) ListWebhooksByEvent(ctx context.Context, event string) ([]Webhook, error) {
+	webhooks, err := q.ListWebhooks(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	var result []Webhook
+	for _, w := range webhooks {
+		if !w.Enabled {
+			continue
+		}
+		for _, e := range w.Events {
+			if e == event {
+				result = append(result, w)
+				break
+			}
+		}
+	}
+	return result, nil
+}
+
+func (q *Queries) TriggerWebhooks(ctx context.Context, event string, data any, baseURL string) {
+	webhooks, err := q.ListWebhooksByEvent(ctx, event)
+	if err != nil || len(webhooks) == 0 {
+		return
+	}
+
+	payload := WebhookPayload{
+		Event:     event,
+		Timestamp: time.Now().UTC(),
+		Data:      data,
+	}
+	payloadJSON, _ := json.Marshal(payload)
+
+	for _, w := range webhooks {
+		go q.deliverWebhook(ctx, w, event, payloadJSON)
+	}
+}
+
+func (q *Queries) deliverWebhook(ctx context.Context, w Webhook, event string, payloadJSON []byte) {
+	client := &http.Client{Timeout: 10 * time.Second}
+
+	req, err := http.NewRequestWithContext(ctx, "POST", w.URL, bytes.NewReader(payloadJSON))
+	if err != nil {
+		q.logDelivery(ctx, w.ID, event, string(payloadJSON), "failed", nil, stringPtr(err.Error()))
+		return
+	}
+
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("User-Agent", "WriteKit-Webhook/1.0")
+
+	if w.Secret != "" {
+		mac := hmac.New(sha256.New, []byte(w.Secret))
+		mac.Write(payloadJSON)
+		signature := hex.EncodeToString(mac.Sum(nil))
+		req.Header.Set("X-WriteKit-Signature", signature)
+	}
+
+	resp, err := client.Do(req)
+	if err != nil {
+		q.logDelivery(ctx, w.ID, event, string(payloadJSON), "failed", nil, stringPtr(err.Error()))
+		q.updateWebhookStatus(ctx, w.ID, "failed")
+		return
+	}
+	defer resp.Body.Close()
+
+	var respBody string
+	buf := make([]byte, 1024)
+	n, _ := resp.Body.Read(buf)
+	respBody = string(buf[:n])
+
+	status := "success"
+	if resp.StatusCode >= 400 {
+		status = "failed"
+	}
+
+	q.logDelivery(ctx, w.ID, event, string(payloadJSON), status, &resp.StatusCode, &respBody)
+	q.updateWebhookStatus(ctx, w.ID, status)
+}
+
+func (q *Queries) logDelivery(ctx context.Context, webhookID, event, payload, status string, responseCode *int, responseBody *string) {
+	q.db.ExecContext(ctx, `
+		INSERT INTO webhook_deliveries (webhook_id, event, payload, status, response_code, response_body, created_at)
+		VALUES (?, ?, ?, ?, ?, ?, CURRENT_TIMESTAMP)
+	`, webhookID, event, truncate(payload, 1024), status, responseCode, truncate(ptrToString(responseBody), 1024))
+
+	// Cleanup old deliveries - keep last 50 per webhook
+	q.db.ExecContext(ctx, `
+		DELETE FROM webhook_deliveries
+		WHERE webhook_id = ? AND id NOT IN (
+			SELECT id FROM webhook_deliveries WHERE webhook_id = ?
+			ORDER BY created_at DESC LIMIT 50
+		)
+	`, webhookID, webhookID)
+}
+
+func (q *Queries) updateWebhookStatus(ctx context.Context, webhookID, status string) {
+	q.db.ExecContext(ctx, `
+		UPDATE webhooks SET last_triggered_at = CURRENT_TIMESTAMP, last_status = ?
+		WHERE id = ?
+	`, status, webhookID)
+}
+
+func (q *Queries) ListWebhookDeliveries(ctx context.Context, webhookID string) ([]WebhookDelivery, error) {
+	rows, err := q.db.QueryContext(ctx, `
+		SELECT id, webhook_id, event, payload, status, response_code, response_body, attempts, created_at
+		FROM webhook_deliveries
+		WHERE webhook_id = ?
+		ORDER BY created_at DESC
+		LIMIT 50
+	`, webhookID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+
+	var deliveries []WebhookDelivery
+	for rows.Next() {
+		var d WebhookDelivery
+		var createdAtStr string
+		var respCode sql.NullInt64
+		var respBody sql.NullString
+
+		if err := rows.Scan(&d.ID, &d.WebhookID, &d.Event, &d.Payload, &d.Status, &respCode, &respBody, &d.Attempts, &createdAtStr); err != nil {
+			return nil, err
+		}
+
+		d.CreatedAt, _ = time.Parse(time.RFC3339, createdAtStr)
+		if respCode.Valid {
+			code := int(respCode.Int64)
+			d.ResponseCode = &code
+		}
+		if respBody.Valid {
+			d.ResponseBody = &respBody.String
+		}
+
+		deliveries = append(deliveries, d)
+	}
+
+	return deliveries, rows.Err()
+}
+
+func truncate(s string, max int) string {
+	if len(s) <= max {
+		return s
+	}
+	return s[:max]
+}
+
+func stringPtr(s string) *string {
+	return &s
+}
+
+func ptrToString(p *string) string {
+	if p == nil {
+		return ""
+	}
+	return *p
+}
diff --git a/main.go b/main.go
new file mode 100644
index 0000000..2d6b75f
--- /dev/null
+++ b/main.go
@@ -0,0 +1,50 @@
+package main
+
+import (
+	"log"
+	"net/http"
+	"os"
+
+	"github.com/writekitapp/writekit/internal/db"
+	"github.com/writekitapp/writekit/internal/server"
+	"github.com/writekitapp/writekit/internal/storage"
+	"github.com/writekitapp/writekit/internal/tenant"
+)
+
+func main() {
+	database, err := db.Connect("./internal/db/migrations")
+	if err != nil {
+		log.Fatalf("postgres: %v", err)
+	}
+	defer database.Close()
+
+	dataDir := os.Getenv("DATA_DIR")
+	if dataDir == "" {
+		dataDir = "./data"
+	}
+
+	pool := tenant.NewPool(dataDir)
+	defer pool.Close()
+
+	cache := tenant.NewCache()
+	defer cache.Close()
+
+	var storageClient storage.Client
+	if os.Getenv("R2_ACCOUNT_ID") != "" {
+		storageClient, err = storage.NewR2Client()
+		if err != nil {
+			log.Printf("storage: %v (continuing without storage)", err)
+		}
+	}
+
+	srv := server.New(database, pool, cache, storageClient)
+	srv.StartAnalyticsSync()
+
+	port := os.Getenv("PORT")
+	if port == "" {
+		port = "8080"
+	}
+
+	log.Printf("listening on :%s", port)
+	log.Fatal(http.ListenAndServe(":"+port, srv))
+}
diff --git a/studio/embed.go b/studio/embed.go
new file mode 100644
index 0000000..b4cf0fa
--- /dev/null
+++ b/studio/embed.go
@@ -0,0 +1,20 @@
+package studio
+
+import (
+	"embed"
+	"io/fs"
+	"net/http"
+	"path"
+)
+
+//go:embed dist/*
+var distFS embed.FS
+
+func Handler() http.Handler {
+	sub, _ := fs.Sub(distFS, "dist")
+	return http.FileServer(http.FS(sub))
+}
+
+func Read(name string) ([]byte, error) {
+	return distFS.ReadFile(path.Join("dist", name))
+}
diff --git a/studio/index.html b/studio/index.html
new file mode 100644
index 0000000..cd33dee
--- /dev/null
+++ b/studio/index.html
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>WriteKit Studio</title>
+    <style>
+      :root { --accent: #3b82f6; }
+      @media (prefers-color-scheme: dark) { html { color-scheme: dark; } }
+    </style>
+  </head>
+  <body>
+    <div id="root"></div>
+    <script type="module" src="/src/main.tsx"></script>
+  </body>
+</html>
diff --git a/studio/package-lock.json b/studio/package-lock.json
new file mode 100644
index 0000000..754f39e
--- /dev/null
+++ b/studio/package-lock.json
@@ -0,0 +1,3732 @@
+{
+  "name": "writekit-studio",
+  "version": "0.0.1",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "writekit-studio",
+      "version": "0.0.1",
+      "dependencies": {
+        "@iconify-json/logos": "^1.2.10",
+        "@iconify-json/lucide": "^1.2.82",
+        "@monaco-editor/react": "^4.7.0",
+        "@nanostores/query": "^0.3.4",
+        "@nanostores/react": "^1.0.0",
+        "@nanostores/router": "^1.0.0",
+        "@tiptap/extension-code-block-lowlight": "^3.15.1",
+        "@tiptap/extension-image": "^3.15.1",
+        "@tiptap/extension-link": "^3.15.1",
+        "@tiptap/extension-placeholder": "^3.15.1",
+        "@tiptap/extension-table": "^3.15.1",
+        "@tiptap/extension-task-item": "^3.15.1",
+        "@tiptap/extension-task-list": "^3.15.1",
+        "@tiptap/markdown": "^3.15.1",
+        "@tiptap/pm": "^3.15.1",
+        "@tiptap/react": "^3.15.1",
+        "@tiptap/starter-kit": "^3.15.1",
+        "@tiptap/suggestion": "^3.15.2",
+        "@unocss/reset": "^66.5.12",
+        "chart.js": "^4.5.1",
+        "lowlight": "^3.3.0",
+        "monaco-editor": "^0.55.1",
+        "nanostores": "^1.1.0",
+        "react": "^19.0.0",
+        "react-dom": "^19.0.0",
+        "tippy.js": "^6.3.7",
+        "unocss": "^66.5.12"
+      },
+      "devDependencies": {
+        "@iconify-json/simple-icons": "^1.2.65",
+        "@types/react": "^19.0.0",
+        "@types/react-dom": "^19.0.0",
+        "@vitejs/plugin-react": "^5.1.0",
+        "typescript": "^5.7.0",
+        "vite": "^7.3.0"
+      }
+    },
+    "node_modules/@antfu/install-pkg": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/@antfu/install-pkg/-/install-pkg-1.1.0.tgz",
+      "integrity": "sha512-MGQsmw10ZyI+EJo45CdSER4zEb+p31LpDAFp2Z3gkSd1yqVZGi0Ebx++YTEMonJy4oChEMLsxZ64j8FH6sSqtQ==",
+      "license": "MIT",
+      "dependencies": {
+        "package-manager-detector": "^1.3.0",
+        "tinyexec": "^1.0.1"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@babel/code-frame": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz",
+      "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/helper-validator-identifier": "^7.27.1",
+        "js-tokens": "^4.0.0",
+        "picocolors": "^1.1.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/compat-data": {
+      "version": "7.28.5",
+      "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.28.5.tgz",
+      "integrity": "sha512-6uFXyCayocRbqhZOB+6XcuZbkMNimwfVGFji8CTZnCzOHVGvDqzvitu1re2AU5LROliz7eQPhB8CpAMvnx9EjA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/core": {
+      "version": "7.28.5",
+      "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.28.5.tgz",
+      "integrity": "sha512-e7jT4DxYvIDLk1ZHmU/m/mB19rex9sv0c2ftBtjSBv+kVM/902eh0fINUzD7UwLLNR+jU585GxUJ8/EBfAM5fw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/code-frame": "^7.27.1",
+        "@babel/generator": "^7.28.5",
+        "@babel/helper-compilation-targets": "^7.27.2",
+        "@babel/helper-module-transforms": "^7.28.3",
+        "@babel/helpers": "^7.28.4",
+        "@babel/parser": "^7.28.5",
+        "@babel/template": "^7.27.2",
+        "@babel/traverse": "^7.28.5",
+        "@babel/types": "^7.28.5",
+        "@jridgewell/remapping": "^2.3.5",
+        "convert-source-map": "^2.0.0",
+        "debug": "^4.1.0",
+        "gensync": "^1.0.0-beta.2",
+        "json5": "^2.2.3",
+        "semver": "^6.3.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/babel"
+      }
+    },
+    "node_modules/@babel/generator": {
+      "version": "7.28.5",
+      "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.28.5.tgz",
+      "integrity": "sha512-3EwLFhZ38J4VyIP6WNtt2kUdW9dokXA9Cr4IVIFHuCpZ3H8/YFOl5JjZHisrn1fATPBmKKqXzDFvh9fUwHz6CQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/parser": "^7.28.5",
+        "@babel/types": "^7.28.5",
+        "@jridgewell/gen-mapping": "^0.3.12",
+        "@jridgewell/trace-mapping": "^0.3.28",
+        "jsesc": "^3.0.2"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-compilation-targets": {
+      "version": "7.27.2",
+      "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.27.2.tgz",
+      "integrity": "sha512-2+1thGUUWWjLTYTHZWK1n8Yga0ijBz1XAhUXcKy81rd5g6yh7hGqMp45v7cadSbEHc9G3OTv45SyneRN3ps4DQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/compat-data": "^7.27.2",
+        "@babel/helper-validator-option": "^7.27.1",
+        "browserslist": "^4.24.0",
+        "lru-cache": "^5.1.1",
+        "semver": "^6.3.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-globals": {
+      "version": "7.28.0",
+      "resolved": "https://registry.npmjs.org/@babel/helper-globals/-/helper-globals-7.28.0.tgz",
+      "integrity": "sha512-+W6cISkXFa1jXsDEdYA8HeevQT/FULhxzR99pxphltZcVaugps53THCeiWA8SguxxpSp3gKPiuYfSWopkLQ4hw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-module-imports": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.27.1.tgz",
+      "integrity": "sha512-0gSFWUPNXNopqtIPQvlD5WgXYI5GY2kP2cCvoT8kczjbfcfuIljTbcWrulD1CIPIX2gt1wghbDy08yE1p+/r3w==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/traverse": "^7.27.1",
+        "@babel/types": "^7.27.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-module-transforms": {
+      "version": "7.28.3",
+      "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.28.3.tgz",
+      "integrity": "sha512-gytXUbs8k2sXS9PnQptz5o0QnpLL51SwASIORY6XaBKF88nsOT0Zw9szLqlSGQDP/4TljBAD5y98p2U1fqkdsw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/helper-module-imports": "^7.27.1",
+        "@babel/helper-validator-identifier": "^7.27.1",
+        "@babel/traverse": "^7.28.3"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "peerDependencies": {
+        "@babel/core": "^7.0.0"
+      }
+    },
+    "node_modules/@babel/helper-plugin-utils": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.27.1.tgz",
+      "integrity": "sha512-1gn1Up5YXka3YYAHGKpbideQ5Yjf1tDa9qYcgysz+cNCXukyLl6DjPXhD3VRwSb8c0J9tA4b2+rHEZtc6R0tlw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-string-parser": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz",
+      "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-validator-identifier": {
+      "version": "7.28.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.28.5.tgz",
+      "integrity": "sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-validator-option": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.27.1.tgz",
+      "integrity": "sha512-YvjJow9FxbhFFKDSuFnVCe2WxXk1zWc22fFePVNEaWJEu8IrZVlda6N0uHwzZrUM1il7NC9Mlp4MaJYbYd9JSg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helpers": {
+      "version": "7.28.4",
+      "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.28.4.tgz",
+      "integrity": "sha512-HFN59MmQXGHVyYadKLVumYsA9dBFun/ldYxipEjzA4196jpLZd8UjEEBLkbEkvfYreDqJhZxYAWFPtrfhNpj4w==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/template": "^7.27.2",
+        "@babel/types": "^7.28.4"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/parser": {
+      "version": "7.28.5",
+      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.28.5.tgz",
+      "integrity": "sha512-KKBU1VGYR7ORr3At5HAtUQ+TV3SzRCXmA/8OdDZiLDBIZxVyzXuztPjfLd3BV1PRAQGCMWWSHYhL0F8d5uHBDQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/types": "^7.28.5"
+      },
+      "bin": {
+        "parser": "bin/babel-parser.js"
+      },
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@babel/plugin-transform-react-jsx-self": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-jsx-self/-/plugin-transform-react-jsx-self-7.27.1.tgz",
+      "integrity": "sha512-6UzkCs+ejGdZ5mFFC/OCUrv028ab2fp1znZmCZjAOBKiBK2jXD1O+BPSfX8X2qjJ75fZBMSnQn3Rq2mrBJK2mw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/helper-plugin-utils": "^7.27.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "peerDependencies": {
+        "@babel/core": "^7.0.0-0"
+      }
+    },
+    "node_modules/@babel/plugin-transform-react-jsx-source": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-jsx-source/-/plugin-transform-react-jsx-source-7.27.1.tgz",
+      "integrity": "sha512-zbwoTsBruTeKB9hSq73ha66iFeJHuaFkUbwvqElnygoNbj/jHRsSeokowZFN3CZ64IvEqcmmkVe89OPXc7ldAw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/helper-plugin-utils": "^7.27.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      },
+      "peerDependencies": {
+        "@babel/core": "^7.0.0-0"
+      }
+    },
+    "node_modules/@babel/template": {
+      "version": "7.27.2",
+      "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.27.2.tgz",
+      "integrity": "sha512-LPDZ85aEJyYSd18/DkjNh4/y1ntkE5KwUHWTiqgRxruuZL2F1yuHligVHLvcHY2vMHXttKFpJn6LwfI7cw7ODw==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/code-frame": "^7.27.1",
+        "@babel/parser": "^7.27.2",
+        "@babel/types": "^7.27.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/traverse": {
+      "version": "7.28.5",
+      "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.28.5.tgz",
+      "integrity": "sha512-TCCj4t55U90khlYkVV/0TfkJkAkUg3jZFA3Neb7unZT8CPok7iiRfaX0F+WnqWqt7OxhOn0uBKXCw4lbL8W0aQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/code-frame": "^7.27.1",
+        "@babel/generator": "^7.28.5",
+        "@babel/helper-globals": "^7.28.0",
+        "@babel/parser": "^7.28.5",
+        "@babel/template": "^7.27.2",
+        "@babel/types": "^7.28.5",
+        "debug": "^4.3.1"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/types": {
+      "version": "7.28.5",
+      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.28.5.tgz",
+      "integrity": "sha512-qQ5m48eI/MFLQ5PxQj4PFaprjyCTLI37ElWMmNs0K8Lk3dVeOdNpB3ks8jc7yM5CDmVC73eMVk/trk3fgmrUpA==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/helper-string-parser": "^7.27.1",
+        "@babel/helper-validator-identifier": "^7.28.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@esbuild/aix-ppc64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.27.2.tgz",
+      "integrity": "sha512-GZMB+a0mOMZs4MpDbj8RJp4cw+w1WV5NYD6xzgvzUJ5Ek2jerwfO2eADyI6ExDSUED+1X8aMbegahsJi+8mgpw==",
+      "cpu": [
+        "ppc64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "aix"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-arm": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.27.2.tgz",
+      "integrity": "sha512-DVNI8jlPa7Ujbr1yjU2PfUSRtAUZPG9I1RwW4F4xFB1Imiu2on0ADiI/c3td+KmDtVKNbi+nffGDQMfcIMkwIA==",
+      "cpu": [
+        "arm"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-arm64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.27.2.tgz",
+      "integrity": "sha512-pvz8ZZ7ot/RBphf8fv60ljmaoydPU12VuXHImtAs0XhLLw+EXBi2BLe3OYSBslR4rryHvweW5gmkKFwTiFy6KA==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-x64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.27.2.tgz",
+      "integrity": "sha512-z8Ank4Byh4TJJOh4wpz8g2vDy75zFL0TlZlkUkEwYXuPSgX8yzep596n6mT7905kA9uHZsf/o2OJZubl2l3M7A==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/darwin-arm64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.27.2.tgz",
+      "integrity": "sha512-davCD2Zc80nzDVRwXTcQP/28fiJbcOwvdolL0sOiOsbwBa72kegmVU0Wrh1MYrbuCL98Omp5dVhQFWRKR2ZAlg==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/darwin-x64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.27.2.tgz",
+      "integrity": "sha512-ZxtijOmlQCBWGwbVmwOF/UCzuGIbUkqB1faQRf5akQmxRJ1ujusWsb3CVfk/9iZKr2L5SMU5wPBi1UWbvL+VQA==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/freebsd-arm64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.27.2.tgz",
+      "integrity": "sha512-lS/9CN+rgqQ9czogxlMcBMGd+l8Q3Nj1MFQwBZJyoEKI50XGxwuzznYdwcav6lpOGv5BqaZXqvBSiB/kJ5op+g==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/freebsd-x64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.27.2.tgz",
+      "integrity": "sha512-tAfqtNYb4YgPnJlEFu4c212HYjQWSO/w/h/lQaBK7RbwGIkBOuNKQI9tqWzx7Wtp7bTPaGC6MJvWI608P3wXYA==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-arm": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.27.2.tgz",
+      "integrity": "sha512-vWfq4GaIMP9AIe4yj1ZUW18RDhx6EPQKjwe7n8BbIecFtCQG4CfHGaHuh7fdfq+y3LIA2vGS/o9ZBGVxIDi9hw==",
+      "cpu": [
+        "arm"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-arm64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.27.2.tgz",
+      "integrity": "sha512-hYxN8pr66NsCCiRFkHUAsxylNOcAQaxSSkHMMjcpx0si13t1LHFphxJZUiGwojB1a/Hd5OiPIqDdXONia6bhTw==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-ia32": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.27.2.tgz",
+      "integrity": "sha512-MJt5BRRSScPDwG2hLelYhAAKh9imjHK5+NE/tvnRLbIqUWa+0E9N4WNMjmp/kXXPHZGqPLxggwVhz7QP8CTR8w==",
+      "cpu": [
+        "ia32"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-loong64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.27.2.tgz",
+      "integrity": "sha512-lugyF1atnAT463aO6KPshVCJK5NgRnU4yb3FUumyVz+cGvZbontBgzeGFO1nF+dPueHD367a2ZXe1NtUkAjOtg==",
+      "cpu": [
+        "loong64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-mips64el": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.27.2.tgz",
+      "integrity": "sha512-nlP2I6ArEBewvJ2gjrrkESEZkB5mIoaTswuqNFRv/WYd+ATtUpe9Y09RnJvgvdag7he0OWgEZWhviS1OTOKixw==",
+      "cpu": [
+        "mips64el"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-ppc64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.27.2.tgz",
+      "integrity": "sha512-C92gnpey7tUQONqg1n6dKVbx3vphKtTHJaNG2Ok9lGwbZil6DrfyecMsp9CrmXGQJmZ7iiVXvvZH6Ml5hL6XdQ==",
+      "cpu": [
+        "ppc64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-riscv64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.27.2.tgz",
+      "integrity": "sha512-B5BOmojNtUyN8AXlK0QJyvjEZkWwy/FKvakkTDCziX95AowLZKR6aCDhG7LeF7uMCXEJqwa8Bejz5LTPYm8AvA==",
+      "cpu": [
+        "riscv64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-s390x": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.27.2.tgz",
+      "integrity": "sha512-p4bm9+wsPwup5Z8f4EpfN63qNagQ47Ua2znaqGH6bqLlmJ4bx97Y9JdqxgGZ6Y8xVTixUnEkoKSHcpRlDnNr5w==",
+      "cpu": [
+        "s390x"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-x64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.27.2.tgz",
+      "integrity": "sha512-uwp2Tip5aPmH+NRUwTcfLb+W32WXjpFejTIOWZFw/v7/KnpCDKG66u4DLcurQpiYTiYwQ9B7KOeMJvLCu/OvbA==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/netbsd-arm64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.27.2.tgz",
+      "integrity": "sha512-Kj6DiBlwXrPsCRDeRvGAUb/LNrBASrfqAIok+xB0LxK8CHqxZ037viF13ugfsIpePH93mX7xfJp97cyDuTZ3cw==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "netbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/netbsd-x64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.27.2.tgz",
+      "integrity": "sha512-HwGDZ0VLVBY3Y+Nw0JexZy9o/nUAWq9MlV7cahpaXKW6TOzfVno3y3/M8Ga8u8Yr7GldLOov27xiCnqRZf0tCA==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "netbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openbsd-arm64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.27.2.tgz",
+      "integrity": "sha512-DNIHH2BPQ5551A7oSHD0CKbwIA/Ox7+78/AWkbS5QoRzaqlev2uFayfSxq68EkonB+IKjiuxBFoV8ESJy8bOHA==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openbsd-x64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.27.2.tgz",
+      "integrity": "sha512-/it7w9Nb7+0KFIzjalNJVR5bOzA9Vay+yIPLVHfIQYG/j+j9VTH84aNB8ExGKPU4AzfaEvN9/V4HV+F+vo8OEg==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openharmony-arm64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.27.2.tgz",
+      "integrity": "sha512-LRBbCmiU51IXfeXk59csuX/aSaToeG7w48nMwA6049Y4J4+VbWALAuXcs+qcD04rHDuSCSRKdmY63sruDS5qag==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openharmony"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/sunos-x64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.27.2.tgz",
+      "integrity": "sha512-kMtx1yqJHTmqaqHPAzKCAkDaKsffmXkPHThSfRwZGyuqyIeBvf08KSsYXl+abf5HDAPMJIPnbBfXvP2ZC2TfHg==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "sunos"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-arm64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.27.2.tgz",
+      "integrity": "sha512-Yaf78O/B3Kkh+nKABUF++bvJv5Ijoy9AN1ww904rOXZFLWVc5OLOfL56W+C8F9xn5JQZa3UX6m+IktJnIb1Jjg==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-ia32": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.27.2.tgz",
+      "integrity": "sha512-Iuws0kxo4yusk7sw70Xa2E2imZU5HoixzxfGCdxwBdhiDgt9vX9VUCBhqcwY7/uh//78A1hMkkROMJq9l27oLQ==",
+      "cpu": [
+        "ia32"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-x64": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.27.2.tgz",
+      "integrity": "sha512-sRdU18mcKf7F+YgheI/zGf5alZatMUTKj/jNS6l744f9u3WFu4v7twcUI9vu4mknF4Y9aDlblIie0IM+5xxaqQ==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@floating-ui/core": {
+      "version": "1.7.3",
+      "resolved": "https://registry.npmjs.org/@floating-ui/core/-/core-1.7.3.tgz",
+      "integrity": "sha512-sGnvb5dmrJaKEZ+LDIpguvdX3bDlEllmv4/ClQ9awcmCZrlx5jQyyMWFM5kBI+EyNOCDDiKk8il0zeuX3Zlg/w==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "@floating-ui/utils": "^0.2.10"
+      }
+    },
+    "node_modules/@floating-ui/dom": {
+      "version": "1.7.4",
+      "resolved": "https://registry.npmjs.org/@floating-ui/dom/-/dom-1.7.4.tgz",
+      "integrity": "sha512-OOchDgh4F2CchOX94cRVqhvy7b3AFb+/rQXyswmzmGakRfkMgoWVjfnLWkRirfLEfuD4ysVW16eXzwt3jHIzKA==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "@floating-ui/core": "^1.7.3",
+        "@floating-ui/utils": "^0.2.10"
+      }
+    },
+    "node_modules/@floating-ui/utils": {
+      "version": "0.2.10",
+      "resolved": "https://registry.npmjs.org/@floating-ui/utils/-/utils-0.2.10.tgz",
+      "integrity": "sha512-aGTxbpbg8/b5JfU1HXSrbH3wXZuLPJcNEcZQFMxLs3oSzgtVu6nFPkbbGGUvBcUjKV2YyB9Wxxabo+HEH9tcRQ==",
+      "license": "MIT",
+      "optional": true
+    },
+    "node_modules/@iconify-json/logos": {
+      "version": "1.2.10",
+      "resolved": "https://registry.npmjs.org/@iconify-json/logos/-/logos-1.2.10.tgz",
+      "integrity": "sha512-qxaXKJ6fu8jzTMPQdHtNxlfx6tBQ0jXRbHZIYy5Ilh8Lx9US9FsAdzZWUR8MXV8PnWTKGDFO4ZZee9VwerCyMA==",
+      "license": "CC0-1.0",
+      "dependencies": {
+        "@iconify/types": "*"
+      }
+    },
+    "node_modules/@iconify-json/lucide": {
+      "version": "1.2.82",
+      "resolved": "https://registry.npmjs.org/@iconify-json/lucide/-/lucide-1.2.82.tgz",
+      "integrity": "sha512-fHZWegspOZonl5GNTvOkHsjnTMdSslFh3EzpzUtRyLxO8bOonqk2OTU3hCl0k4VXzViMjqpRK3X1sotnuBXkFA==",
+      "license": "ISC",
+      "dependencies": {
+        "@iconify/types": "*"
+      }
+    },
+    "node_modules/@iconify-json/simple-icons": {
+      "version": "1.2.65",
+      "resolved": "https://registry.npmjs.org/@iconify-json/simple-icons/-/simple-icons-1.2.65.tgz",
+      "integrity": "sha512-v/O0UeqrDz6ASuRVE5g2Puo5aWyej4M/CxX6WYDBARgswwxK0mp3VQbGgPFEAAUU9QN02IjTgjMuO021gpWf2w==",
+      "dev": true,
+      "license": "CC0-1.0",
+      "dependencies": {
+        "@iconify/types": "*"
+      }
+    },
+    "node_modules/@iconify/types": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/@iconify/types/-/types-2.0.0.tgz",
+      "integrity": "sha512-+wluvCrRhXrhyOmRDJ3q8mux9JkKy5SJ/v8ol2tu4FVjyYvtEzkc/3pK15ET6RKg4b4w4BmTk1+gsCUhf21Ykg==",
+      "license": "MIT"
+    },
+    "node_modules/@iconify/utils": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/@iconify/utils/-/utils-3.1.0.tgz",
+      "integrity": "sha512-Zlzem1ZXhI1iHeeERabLNzBHdOa4VhQbqAcOQaMKuTuyZCpwKbC2R4Dd0Zo3g9EAc+Y4fiarO8HIHRAth7+skw==",
+      "license": "MIT",
+      "dependencies": {
+        "@antfu/install-pkg": "^1.1.0",
+        "@iconify/types": "^2.0.0",
+        "mlly": "^1.8.0"
+      }
+    },
+    "node_modules/@jridgewell/gen-mapping": {
+      "version": "0.3.13",
+      "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.13.tgz",
+      "integrity": "sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==",
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/sourcemap-codec": "^1.5.0",
+        "@jridgewell/trace-mapping": "^0.3.24"
+      }
+    },
+    "node_modules/@jridgewell/remapping": {
+      "version": "2.3.5",
+      "resolved": "https://registry.npmjs.org/@jridgewell/remapping/-/remapping-2.3.5.tgz",
+      "integrity": "sha512-LI9u/+laYG4Ds1TDKSJW2YPrIlcVYOwi2fUC6xB43lueCjgxV4lffOCZCtYFiH6TNOX+tQKXx97T4IKHbhyHEQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/gen-mapping": "^0.3.5",
+        "@jridgewell/trace-mapping": "^0.3.24"
+      }
+    },
+    "node_modules/@jridgewell/resolve-uri": {
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz",
+      "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@jridgewell/sourcemap-codec": {
+      "version": "1.5.5",
+      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz",
+      "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==",
+      "license": "MIT"
+    },
+    "node_modules/@jridgewell/trace-mapping": {
+      "version": "0.3.31",
+      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.31.tgz",
+      "integrity": "sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==",
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/resolve-uri": "^3.1.0",
+        "@jridgewell/sourcemap-codec": "^1.4.14"
+      }
+    },
+    "node_modules/@kurkle/color": {
+      "version": "0.3.4",
+      "resolved": "https://registry.npmjs.org/@kurkle/color/-/color-0.3.4.tgz",
+      "integrity": "sha512-M5UknZPHRu3DEDWoipU6sE8PdkZ6Z/S+v4dD+Ke8IaNlpdSQah50lz1KtcFBa2vsdOnwbbnxJwVM4wty6udA5w==",
+      "license": "MIT"
+    },
+    "node_modules/@monaco-editor/loader": {
+      "version": "1.7.0",
+      "resolved": "https://registry.npmjs.org/@monaco-editor/loader/-/loader-1.7.0.tgz",
+      "integrity": "sha512-gIwR1HrJrrx+vfyOhYmCZ0/JcWqG5kbfG7+d3f/C1LXk2EvzAbHSg3MQ5lO2sMlo9izoAZ04shohfKLVT6crVA==",
+      "license": "MIT",
+      "dependencies": {
+        "state-local": "^1.0.6"
+      }
+    },
+    "node_modules/@monaco-editor/react": {
+      "version": "4.7.0",
+      "resolved": "https://registry.npmjs.org/@monaco-editor/react/-/react-4.7.0.tgz",
+      "integrity": "sha512-cyzXQCtO47ydzxpQtCGSQGOC8Gk3ZUeBXFAxD+CWXYFo5OqZyZUonFl0DwUlTyAfRHntBfw2p3w4s9R6oe1eCA==",
+      "license": "MIT",
+      "dependencies": {
+        "@monaco-editor/loader": "^1.5.0"
+      },
+      "peerDependencies": {
+        "monaco-editor": ">= 0.25.0 < 1",
+        "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0",
+        "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0"
+      }
+    },
+    "node_modules/@nanostores/query": {
+      "version": "0.3.4",
+      "resolved": "https://registry.npmjs.org/@nanostores/query/-/query-0.3.4.tgz",
+      "integrity": "sha512-Gw5HsKflUDefhcZpVwVoIfw2Hz2+8FsInpVQOQ45EWz2FijaJll5aQWSE5JbYUsU/uAnYuKm5NM5ZgBH9HhniQ==",
+      "license": "MIT",
+      "dependencies": {
+        "nanoevents": "^9.0.0"
+      },
+      "engines": {
+        "node": "^14.0.0 || ^16.0.0 || >=18.0.0"
+      },
+      "peerDependencies": {
+        "nanostores": ">=0.10"
+      }
+    },
+    "node_modules/@nanostores/react": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/@nanostores/react/-/react-1.0.0.tgz",
+      "integrity": "sha512-eDduyNy+lbQJMg6XxZ/YssQqF6b4OXMFEZMYKPJCCmBevp1lg0g+4ZRi94qGHirMtsNfAWKNwsjOhC+q1gvC+A==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "engines": {
+        "node": "^20.0.0 || >=22.0.0"
+      },
+      "peerDependencies": {
+        "nanostores": "^0.9.0 || ^0.10.0 || ^0.11.0 || ^1.0.0",
+        "react": ">=18.0.0"
+      }
+    },
+    "node_modules/@nanostores/router": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/@nanostores/router/-/router-1.0.0.tgz",
+      "integrity": "sha512-U1pT7u18Yk9yrir/im2sEo8bZcWWWMnOGFoqS2JOkN1vuAntUWNIeUC+8/Q6qPjgatIHGl9IEWB0U7+WdkjzMQ==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "engines": {
+        "node": "^20.0.0 || >=22.0.0"
+      },
+      "peerDependencies": {
+        "nanostores": "^0.9.0 || ^0.10.0 || ^0.11.0 || ^1.0.0"
+      }
+    },
+    "node_modules/@polka/url": {
+      "version": "1.0.0-next.29",
+      "resolved": "https://registry.npmjs.org/@polka/url/-/url-1.0.0-next.29.tgz",
+      "integrity": "sha512-wwQAWhWSuHaag8c4q/KN/vCoeOJYshAIvMQwD4GpSb3OiZklFfvAgmj0VCBBImRpuF/aFgIRzllXlVX93Jevww==",
+      "license": "MIT"
+    },
+    "node_modules/@popperjs/core": {
+      "version": "2.11.8",
+      "resolved": "https://registry.npmjs.org/@popperjs/core/-/core-2.11.8.tgz",
+      "integrity": "sha512-P1st0aksCrn9sGZhp8GMYwBnQsbvAWsZAX44oXNNvLHGqAOcoVxmjZiohstwQ7SqKnbR47akdNi+uleWD8+g6A==",
+      "license": "MIT",
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/popperjs"
+      }
+    },
+    "node_modules/@quansync/fs": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/@quansync/fs/-/fs-1.0.0.tgz",
+      "integrity": "sha512-4TJ3DFtlf1L5LDMaM6CanJ/0lckGNtJcMjQ1NAV6zDmA0tEHKZtxNKin8EgPaVX1YzljbxckyT2tJrpQKAtngQ==",
+      "license": "MIT",
+      "dependencies": {
+        "quansync": "^1.0.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sxzz"
+      }
+    },
+    "node_modules/@remirror/core-constants": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/@remirror/core-constants/-/core-constants-3.0.0.tgz",
+      "integrity": "sha512-42aWfPrimMfDKDi4YegyS7x+/0tlzaqwPQCULLanv3DMIlu96KTJR0fM5isWX2UViOqlGnX6YFgqWepcX+XMNg==",
+      "license": "MIT"
+    },
+    "node_modules/@rolldown/pluginutils": {
+      "version": "1.0.0-beta.53",
+      "resolved": "https://registry.npmjs.org/@rolldown/pluginutils/-/pluginutils-1.0.0-beta.53.tgz",
+      "integrity": "sha512-vENRlFU4YbrwVqNDZ7fLvy+JR1CRkyr01jhSiDpE1u6py3OMzQfztQU2jxykW3ALNxO4kSlqIDeYyD0Y9RcQeQ==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/@rollup/rollup-android-arm-eabi": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.54.0.tgz",
+      "integrity": "sha512-OywsdRHrFvCdvsewAInDKCNyR3laPA2mc9bRYJ6LBp5IyvF3fvXbbNR0bSzHlZVFtn6E0xw2oZlyjg4rKCVcng==",
+      "cpu": [
+        "arm"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ]
+    },
+    "node_modules/@rollup/rollup-android-arm64": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.54.0.tgz",
+      "integrity": "sha512-Skx39Uv+u7H224Af+bDgNinitlmHyQX1K/atIA32JP3JQw6hVODX5tkbi2zof/E69M1qH2UoN3Xdxgs90mmNYw==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ]
+    },
+    "node_modules/@rollup/rollup-darwin-arm64": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.54.0.tgz",
+      "integrity": "sha512-k43D4qta/+6Fq+nCDhhv9yP2HdeKeP56QrUUTW7E6PhZP1US6NDqpJj4MY0jBHlJivVJD5P8NxrjuobZBJTCRw==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ]
+    },
+    "node_modules/@rollup/rollup-darwin-x64": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.54.0.tgz",
+      "integrity": "sha512-cOo7biqwkpawslEfox5Vs8/qj83M/aZCSSNIWpVzfU2CYHa2G3P1UN5WF01RdTHSgCkri7XOlTdtk17BezlV3A==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ]
+    },
+    "node_modules/@rollup/rollup-freebsd-arm64": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.54.0.tgz",
+      "integrity": "sha512-miSvuFkmvFbgJ1BevMa4CPCFt5MPGw094knM64W9I0giUIMMmRYcGW/JWZDriaw/k1kOBtsWh1z6nIFV1vPNtA==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ]
+    },
+    "node_modules/@rollup/rollup-freebsd-x64": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.54.0.tgz",
+      "integrity": "sha512-KGXIs55+b/ZfZsq9aR026tmr/+7tq6VG6MsnrvF4H8VhwflTIuYh+LFUlIsRdQSgrgmtM3fVATzEAj4hBQlaqQ==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.54.0.tgz",
+      "integrity": "sha512-EHMUcDwhtdRGlXZsGSIuXSYwD5kOT9NVnx9sqzYiwAc91wfYOE1g1djOEDseZJKKqtHAHGwnGPQu3kytmfaXLQ==",
+      "cpu": [
+        "arm"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm-musleabihf": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.54.0.tgz",
+      "integrity": "sha512-+pBrqEjaakN2ySv5RVrj/qLytYhPKEUwk+e3SFU5jTLHIcAtqh2rLrd/OkbNuHJpsBgxsD8ccJt5ga/SeG0JmA==",
+      "cpu": [
+        "arm"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm64-gnu": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.54.0.tgz",
+      "integrity": "sha512-NSqc7rE9wuUaRBsBp5ckQ5CVz5aIRKCwsoa6WMF7G01sX3/qHUw/z4pv+D+ahL1EIKy6Enpcnz1RY8pf7bjwng==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm64-musl": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.54.0.tgz",
+      "integrity": "sha512-gr5vDbg3Bakga5kbdpqx81m2n9IX8M6gIMlQQIXiLTNeQW6CucvuInJ91EuCJ/JYvc+rcLLsDFcfAD1K7fMofg==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-loong64-gnu": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.54.0.tgz",
+      "integrity": "sha512-gsrtB1NA3ZYj2vq0Rzkylo9ylCtW/PhpLEivlgWe0bpgtX5+9j9EZa0wtZiCjgu6zmSeZWyI/e2YRX1URozpIw==",
+      "cpu": [
+        "loong64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-ppc64-gnu": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.54.0.tgz",
+      "integrity": "sha512-y3qNOfTBStmFNq+t4s7Tmc9hW2ENtPg8FeUD/VShI7rKxNW7O4fFeaYbMsd3tpFlIg1Q8IapFgy7Q9i2BqeBvA==",
+      "cpu": [
+        "ppc64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-riscv64-gnu": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.54.0.tgz",
+      "integrity": "sha512-89sepv7h2lIVPsFma8iwmccN7Yjjtgz0Rj/Ou6fEqg3HDhpCa+Et+YSufy27i6b0Wav69Qv4WBNl3Rs6pwhebQ==",
+      "cpu": [
+        "riscv64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-riscv64-musl": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.54.0.tgz",
+      "integrity": "sha512-ZcU77ieh0M2Q8Ur7D5X7KvK+UxbXeDHwiOt/CPSBTI1fBmeDMivW0dPkdqkT4rOgDjrDDBUed9x4EgraIKoR2A==",
+      "cpu": [
+        "riscv64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-s390x-gnu": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.54.0.tgz",
+      "integrity": "sha512-2AdWy5RdDF5+4YfG/YesGDDtbyJlC9LHmL6rZw6FurBJ5n4vFGupsOBGfwMRjBYH7qRQowT8D/U4LoSvVwOhSQ==",
+      "cpu": [
+        "s390x"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-x64-gnu": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.54.0.tgz",
+      "integrity": "sha512-WGt5J8Ij/rvyqpFexxk3ffKqqbLf9AqrTBbWDk7ApGUzaIs6V+s2s84kAxklFwmMF/vBNGrVdYgbblCOFFezMQ==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-x64-musl": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.54.0.tgz",
+      "integrity": "sha512-JzQmb38ATzHjxlPHuTH6tE7ojnMKM2kYNzt44LO/jJi8BpceEC8QuXYA908n8r3CNuG/B3BV8VR3Hi1rYtmPiw==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-openharmony-arm64": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.54.0.tgz",
+      "integrity": "sha512-huT3fd0iC7jigGh7n3q/+lfPcXxBi+om/Rs3yiFxjvSxbSB6aohDFXbWvlspaqjeOh+hx7DDHS+5Es5qRkWkZg==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openharmony"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-arm64-msvc": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.54.0.tgz",
+      "integrity": "sha512-c2V0W1bsKIKfbLMBu/WGBz6Yci8nJ/ZJdheE0EwB73N3MvHYKiKGs3mVilX4Gs70eGeDaMqEob25Tw2Gb9Nqyw==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-ia32-msvc": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.54.0.tgz",
+      "integrity": "sha512-woEHgqQqDCkAzrDhvDipnSirm5vxUXtSKDYTVpZG3nUdW/VVB5VdCYA2iReSj/u3yCZzXID4kuKG7OynPnB3WQ==",
+      "cpu": [
+        "ia32"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-x64-gnu": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.54.0.tgz",
+      "integrity": "sha512-dzAc53LOuFvHwbCEOS0rPbXp6SIhAf2txMP5p6mGyOXXw5mWY8NGGbPMPrs4P1WItkfApDathBj/NzMLUZ9rtQ==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-x64-msvc": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.54.0.tgz",
+      "integrity": "sha512-hYT5d3YNdSh3mbCU1gwQyPgQd3T2ne0A3KG8KSBdav5TiBg6eInVmV+TeR5uHufiIgSFg0XsOWGW5/RhNcSvPg==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@tiptap/core": {
+      "version": "3.15.2",
+      "resolved": "https://registry.npmjs.org/@tiptap/core/-/core-3.15.2.tgz",
+      "integrity": "sha512-daQFS0miVXnyyLtD0BuziTZimHLK8bwudC7N0Vpv/xSesuX/nqJzIIlmDu+mIw4ROx44fat8cGBD1I3FANA+Mg==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/pm": "^3.15.2"
+      }
+    },
+    "node_modules/@tiptap/extension-blockquote": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-blockquote/-/extension-blockquote-3.15.1.tgz",
+      "integrity": "sha512-/EgpLiXaROF0JaU+F8eV1igsKHiDFukoNBdy5yATQV1+O5DjS252OZeblCg6oVGDyXcLUjGfbsgM5tjQkrAjaQ==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-bold": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-bold/-/extension-bold-3.15.1.tgz",
+      "integrity": "sha512-iP8gnkPjY/V4JKKtgJunUyqbNobTEF4N2XiLqSjzlzZOTifBTF8I2zRzgIdk4ZYkMXY+w5RLXQ4FgHg9/EoJ/w==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-bubble-menu": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-bubble-menu/-/extension-bubble-menu-3.15.1.tgz",
+      "integrity": "sha512-3UdVQSBs79N9TUyq0R9dbMB91Y5L1F7pWBnLuIoAj/ty+LfF7YZEkY9q6Il3EqRbxVNEucjOfp4Nuss+ZKceKw==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "@floating-ui/dom": "^1.0.0"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/pm": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-bullet-list": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-bullet-list/-/extension-bullet-list-3.15.1.tgz",
+      "integrity": "sha512-ZTVaJ/xaQCmLydT6B1hS7Jduq4cCDcotfyMX6+qy7jr+QGBek2ZMcDYNPrsgX84rZfKVSa7CLpyQQyGn3rzJCw==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/extension-list": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-code": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-code/-/extension-code-3.15.1.tgz",
+      "integrity": "sha512-cKcx1YT+PmuDgPlDTFiajY0jm3sgVbhSy1gpG3BJeochtGJkVAEBs/I6WFnDTrTk/mU/5XdFwMRD4HEuAOg5XA==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-code-block": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-code-block/-/extension-code-block-3.15.1.tgz",
+      "integrity": "sha512-KCUCZVaXmx5lgBbadPefjkyNybmL1fvSZuzgj0aPX8+3eSd3e1UaZ4YX210y7bGmKUceVHz7HARhkEyp/zlCTg==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/pm": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-code-block-lowlight": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-code-block-lowlight/-/extension-code-block-lowlight-3.15.1.tgz",
+      "integrity": "sha512-CjgDA5zD64fwE1In+aHOI2oSpb3qtCU+pzos2oG3uUTjPr22Gl6OD1B0vrTXpyJZb6MQoZP88h+JlIGCxNoDZw==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/extension-code-block": "^3.15.1",
+        "@tiptap/pm": "^3.15.1",
+        "highlight.js": "^11",
+        "lowlight": "^2 || ^3"
+      }
+    },
+    "node_modules/@tiptap/extension-document": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-document/-/extension-document-3.15.1.tgz",
+      "integrity": "sha512-iq7+S+8NFKSoJ/hMBmsKOYXOt4ipEppDewIs5T9BUBwnYJMIRZqkqxHP7iiM3z71igFUdmc1yFVqkkLZpkTU+A==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-dropcursor": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-dropcursor/-/extension-dropcursor-3.15.1.tgz",
+      "integrity": "sha512-M2AQL1OoR1+OMVCp3QjT/vn0iaWwkM9cYXV2/4Z8JxdXzlzR2xZr4AphydDeZlMFdsVFBgaBqasDNsBRLKiJCQ==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/extensions": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-floating-menu": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-floating-menu/-/extension-floating-menu-3.15.1.tgz",
+      "integrity": "sha512-JiHpIPubGu2P2ffR+QhJpaQaLg/+rGWcGZRcxn7hwjwPFl0TrL6QN/cCz/mmjTy//1PCEKOFvUSStxO6uSOApQ==",
+      "license": "MIT",
+      "optional": true,
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@floating-ui/dom": "^1.0.0",
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/pm": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-gapcursor": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-gapcursor/-/extension-gapcursor-3.15.1.tgz",
+      "integrity": "sha512-T+jJJ7zXYPa86sWA8D+YJkweuFsXHYyhc6S6DMXknsPr1R/yE9wDNpQSRQ56QjaN91bm/g4GYnjBCI9dzvvO/Q==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/extensions": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-hard-break": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-hard-break/-/extension-hard-break-3.15.1.tgz",
+      "integrity": "sha512-fXtpI/bNyfe8yRBI92ru537p7t0SVod+vu5jYcgUOMnc/wS1nCtVYe9KBgntgg8D2bHcZA/Vf41Ft4hsOCFdlw==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-heading": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-heading/-/extension-heading-3.15.1.tgz",
+      "integrity": "sha512-p0RANqElYFQTyVKqGJKAoqCT7v4WcGD57OgG06zugESWZHYU8ngoFlok7zSnh27ZdXN8+RWZguXqH+ciZGXt5w==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-horizontal-rule": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-horizontal-rule/-/extension-horizontal-rule-3.15.1.tgz",
+      "integrity": "sha512-qm4PSJ0AT1tVynd29lWy/wVR3YwmBu59MP0AtPWd7Uv0jcprGGkDZiaSdxDcCWK1Xj7yvfUxZmV7Z/uu6zFdWQ==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/pm": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-image": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-image/-/extension-image-3.15.1.tgz",
+      "integrity": "sha512-mR4d0iWhPWD8AaBbnGlWgCUWHoMdebOOKa2v8BZd+VvmXFj+2MOZmXmBhQWK77fjp43hzJY4F6dC5tbzR4PxBw==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-italic": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-italic/-/extension-italic-3.15.1.tgz",
+      "integrity": "sha512-MZoxmvqge02ZR897hz7i5npXK7PksjYqkjMOC8BTdH3rpU2X2ExbSBXIl1vYM1ClcgDyVE42Q/I5oG4fQY2wDg==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-link": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-link/-/extension-link-3.15.1.tgz",
+      "integrity": "sha512-BZtbpTo5xr4QpM+w8MNafqLaCklbt90Zzg+KMfXApWGv+v1anxAiTt6r1E7uOn5GaGpxvTi/64l1gubdcQCbfQ==",
+      "license": "MIT",
+      "dependencies": {
+        "linkifyjs": "^4.3.2"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/pm": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-list": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-list/-/extension-list-3.15.1.tgz",
+      "integrity": "sha512-/uAv+eXMH6TcLocJbHtU4NshOqii8gNTm/rcetvftExdeSGYbGnZur8E+VV6JJIoQbngKJY4RQ5p6ybKpBplRQ==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/pm": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-list-item": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-list-item/-/extension-list-item-3.15.1.tgz",
+      "integrity": "sha512-+7QQsKFOecNOE/E4g2J6v77oMLdk5ZR3ZnCIDTIz6pZz4Fx0/B0LusMwWMbDip/H67pbYpVMBM3WeYrYgsLcOg==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/extension-list": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-list-keymap": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-list-keymap/-/extension-list-keymap-3.15.1.tgz",
+      "integrity": "sha512-mtT7GjR84QrLyrtq3ZcxkHOngATHYaR5w0ZFFnZmwHBWYxLn0cRpvz78i8XScMJSW+PugdRLkxQOumGa9UtQYQ==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/extension-list": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-ordered-list": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-ordered-list/-/extension-ordered-list-3.15.1.tgz",
+      "integrity": "sha512-feY4Z/boXbeobsXf7cYWtSur7M0SWPluj86T4TJ9t61hoW/YxYBEVD14ZHqx20ggYSlFqxX5j25oHaX+ulcPQg==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/extension-list": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-paragraph": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-paragraph/-/extension-paragraph-3.15.1.tgz",
+      "integrity": "sha512-GGgNyzZ9hasse9iFpxKsUniaIel8Wk2VpMw2tbFfELjK6EM0XaiO+nmMivP55dwA8nRY/DjMm8PB3czgMJ73Lg==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-placeholder": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-placeholder/-/extension-placeholder-3.15.1.tgz",
+      "integrity": "sha512-3GWsNQnxwoIbujepg1heeSGr2pC7ADmtERZ1rzeb6t6CDJb+OdW4oS0cWQU1BWKFw4y202SRpa6A7tnCf3KwOQ==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/extensions": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-strike": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-strike/-/extension-strike-3.15.1.tgz",
+      "integrity": "sha512-um0P7xdIrw+8J/WUx3MYmkKk07e74OMkPc1hXKg6YU8yZGpBQXAWHwo8OM7WqfDrs7tMMMTK3zIzZkl5K/jkdw==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-table": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-table/-/extension-table-3.15.1.tgz",
+      "integrity": "sha512-iamQ9lpNlLq2wjvWDUM/q09MQUKqi7Mk4EqBpEC3TzNLVty2fPmtp5jNc51A0vK3GVPIOfGo8KMsOgmXPOsBMg==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/pm": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-task-item": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-task-item/-/extension-task-item-3.15.1.tgz",
+      "integrity": "sha512-zLx4b27nK8DtlP2gj79UgGEcpLuKIFLkXDLMQBZF1t/HZqWRKJqIGK5d1Dd+7L3dJqaUJ3nqT09c46mZmHAxTw==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/extension-list": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-task-list": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-task-list/-/extension-task-list-3.15.1.tgz",
+      "integrity": "sha512-6Do7N5uSpYxGJDf+rcihEFOhGeGXVSL2/3CtcR2RBHkTcu1VqaH+7kYPdar9IlLnyoy1QX4l+dPhutI2PjUNVQ==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/extension-list": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-text": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-text/-/extension-text-3.15.1.tgz",
+      "integrity": "sha512-jwKD5xVGhriQ3ZoA2aMbLmat7FmmHkqv5O807vjnHhQmYqinsFVQ/hc2YsulMtqex9I5qWXji4CTtF7p04USRQ==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extension-underline": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extension-underline/-/extension-underline-3.15.1.tgz",
+      "integrity": "sha512-/gWo7CkCLD5wVOPJ0AlgNhqkdoOSOq1UjJmqNoPve5oBq/WXkz2/c0k+xCgDBisCJQPrR/fK1POWd5RKFl0rQg==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/extensions": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/extensions/-/extensions-3.15.1.tgz",
+      "integrity": "sha512-u+tXN6szdmiruNPr/Ltk7n++A44lJBiUhMHGw0KjtucJtlEIl6fG7xgabzvKzPPy+WQJCjWbQjMdYabXoo6tEw==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/pm": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/markdown": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/markdown/-/markdown-3.15.1.tgz",
+      "integrity": "sha512-PREJVXYgRsWvfRUyBapNZ/PEoXUJLXCC2DJrCXNPhFNqZnq78b8odKqs5ovPFDaxjGiZtWwxPEEOtsgRVxMPkA==",
+      "license": "MIT",
+      "dependencies": {
+        "marked": "^15.0.12"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/pm": "^3.15.1"
+      }
+    },
+    "node_modules/@tiptap/markdown/node_modules/marked": {
+      "version": "15.0.12",
+      "resolved": "https://registry.npmjs.org/marked/-/marked-15.0.12.tgz",
+      "integrity": "sha512-8dD6FusOQSrpv9Z1rdNMdlSgQOIP880DHqnohobOmYLElGEqAL/JvxvuxZO16r4HtjTlfPRDC1hbvxC9dPN2nA==",
+      "license": "MIT",
+      "bin": {
+        "marked": "bin/marked.js"
+      },
+      "engines": {
+        "node": ">= 18"
+      }
+    },
+    "node_modules/@tiptap/pm": {
+      "version": "3.15.2",
+      "resolved": "https://registry.npmjs.org/@tiptap/pm/-/pm-3.15.2.tgz",
+      "integrity": "sha512-O4ZQ++sY9jiAxeyHaNjJNewAuVMD2HWn1pGQZe1wMha6evmTvwPE31eLHDaraZ3xbB2BfCFPrNzgF9rg2Wxznw==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-changeset": "^2.3.0",
+        "prosemirror-collab": "^1.3.1",
+        "prosemirror-commands": "^1.6.2",
+        "prosemirror-dropcursor": "^1.8.1",
+        "prosemirror-gapcursor": "^1.3.2",
+        "prosemirror-history": "^1.4.1",
+        "prosemirror-inputrules": "^1.4.0",
+        "prosemirror-keymap": "^1.2.2",
+        "prosemirror-markdown": "^1.13.1",
+        "prosemirror-menu": "^1.2.4",
+        "prosemirror-model": "^1.24.1",
+        "prosemirror-schema-basic": "^1.2.3",
+        "prosemirror-schema-list": "^1.5.0",
+        "prosemirror-state": "^1.4.3",
+        "prosemirror-tables": "^1.6.4",
+        "prosemirror-trailing-node": "^3.0.0",
+        "prosemirror-transform": "^1.10.2",
+        "prosemirror-view": "^1.38.1"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      }
+    },
+    "node_modules/@tiptap/react": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/react/-/react-3.15.1.tgz",
+      "integrity": "sha512-c4s1kQ0/xzIxiIUxo+tgGqWjl94OnSXsQtVTbN66km4DiCZqG2VreuN3jR/FFRP3bcQODmcyPyozSY7wRRvfmA==",
+      "license": "MIT",
+      "dependencies": {
+        "@types/use-sync-external-store": "^0.0.6",
+        "fast-equals": "^5.3.3",
+        "use-sync-external-store": "^1.4.0"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "optionalDependencies": {
+        "@tiptap/extension-bubble-menu": "^3.15.1",
+        "@tiptap/extension-floating-menu": "^3.15.1"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/pm": "^3.15.1",
+        "@types/react": "^17.0.0 || ^18.0.0 || ^19.0.0",
+        "@types/react-dom": "^17.0.0 || ^18.0.0 || ^19.0.0",
+        "react": "^17.0.0 || ^18.0.0 || ^19.0.0",
+        "react-dom": "^17.0.0 || ^18.0.0 || ^19.0.0"
+      }
+    },
+    "node_modules/@tiptap/starter-kit": {
+      "version": "3.15.1",
+      "resolved": "https://registry.npmjs.org/@tiptap/starter-kit/-/starter-kit-3.15.1.tgz",
+      "integrity": "sha512-AGUCasz1sLJQH8WU4D9sR3WYMgQHwa72gf8ZoJOmhPOlfCWdAqOdzIWPEKD+luCKDD8tjsQskSboRWT791w+ig==",
+      "license": "MIT",
+      "dependencies": {
+        "@tiptap/core": "^3.15.1",
+        "@tiptap/extension-blockquote": "^3.15.1",
+        "@tiptap/extension-bold": "^3.15.1",
+        "@tiptap/extension-bullet-list": "^3.15.1",
+        "@tiptap/extension-code": "^3.15.1",
+        "@tiptap/extension-code-block": "^3.15.1",
+        "@tiptap/extension-document": "^3.15.1",
+        "@tiptap/extension-dropcursor": "^3.15.1",
+        "@tiptap/extension-gapcursor": "^3.15.1",
+        "@tiptap/extension-hard-break": "^3.15.1",
+        "@tiptap/extension-heading": "^3.15.1",
+        "@tiptap/extension-horizontal-rule": "^3.15.1",
+        "@tiptap/extension-italic": "^3.15.1",
+        "@tiptap/extension-link": "^3.15.1",
+        "@tiptap/extension-list": "^3.15.1",
+        "@tiptap/extension-list-item": "^3.15.1",
+        "@tiptap/extension-list-keymap": "^3.15.1",
+        "@tiptap/extension-ordered-list": "^3.15.1",
+        "@tiptap/extension-paragraph": "^3.15.1",
+        "@tiptap/extension-strike": "^3.15.1",
+        "@tiptap/extension-text": "^3.15.1",
+        "@tiptap/extension-underline": "^3.15.1",
+        "@tiptap/extensions": "^3.15.1",
+        "@tiptap/pm": "^3.15.1"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      }
+    },
+    "node_modules/@tiptap/suggestion": {
+      "version": "3.15.2",
+      "resolved": "https://registry.npmjs.org/@tiptap/suggestion/-/suggestion-3.15.2.tgz",
+      "integrity": "sha512-lhBVpC83DfT2gv8gdPkyU5bt1aBUa4yvmtYkOgyGCSUvXfAMf1+l0hqMEXhAb+iNQBC7+2Ozui7n+MpjsIknNA==",
+      "license": "MIT",
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/ueberdosis"
+      },
+      "peerDependencies": {
+        "@tiptap/core": "^3.15.2",
+        "@tiptap/pm": "^3.15.2"
+      }
+    },
+    "node_modules/@types/babel__core": {
+      "version": "7.20.5",
+      "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz",
+      "integrity": "sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/parser": "^7.20.7",
+        "@babel/types": "^7.20.7",
+        "@types/babel__generator": "*",
+        "@types/babel__template": "*",
+        "@types/babel__traverse": "*"
+      }
+    },
+    "node_modules/@types/babel__generator": {
+      "version": "7.27.0",
+      "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.27.0.tgz",
+      "integrity": "sha512-ufFd2Xi92OAVPYsy+P4n7/U7e68fex0+Ee8gSG9KX7eo084CWiQ4sdxktvdl0bOPupXtVJPY19zk6EwWqUQ8lg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/types": "^7.0.0"
+      }
+    },
+    "node_modules/@types/babel__template": {
+      "version": "7.4.4",
+      "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz",
+      "integrity": "sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/parser": "^7.1.0",
+        "@babel/types": "^7.0.0"
+      }
+    },
+    "node_modules/@types/babel__traverse": {
+      "version": "7.28.0",
+      "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.28.0.tgz",
+      "integrity": "sha512-8PvcXf70gTDZBgt9ptxJ8elBeBjcLOAcOtoO/mPJjtji1+CdGbHgm77om1GrsPxsiE+uXIpNSK64UYaIwQXd4Q==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/types": "^7.28.2"
+      }
+    },
+    "node_modules/@types/estree": {
+      "version": "1.0.8",
+      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz",
+      "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==",
+      "license": "MIT"
+    },
+    "node_modules/@types/hast": {
+      "version": "3.0.4",
+      "resolved": "https://registry.npmjs.org/@types/hast/-/hast-3.0.4.tgz",
+      "integrity": "sha512-WPs+bbQw5aCj+x6laNGWLH3wviHtoCv/P3+otBhbOhJgG8qtpdAMlTCxLtsTWA7LH1Oh/bFCHsBn0TPS5m30EQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@types/unist": "*"
+      }
+    },
+    "node_modules/@types/linkify-it": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/@types/linkify-it/-/linkify-it-5.0.0.tgz",
+      "integrity": "sha512-sVDA58zAw4eWAffKOaQH5/5j3XeayukzDk+ewSsnv3p4yJEZHCCzMDiZM8e0OUrRvmpGZ85jf4yDHkHsgBNr9Q==",
+      "license": "MIT"
+    },
+    "node_modules/@types/markdown-it": {
+      "version": "14.1.2",
+      "resolved": "https://registry.npmjs.org/@types/markdown-it/-/markdown-it-14.1.2.tgz",
+      "integrity": "sha512-promo4eFwuiW+TfGxhi+0x3czqTYJkG8qB17ZUJiVF10Xm7NLVRSLUsfRTU/6h1e24VvRnXCx+hG7li58lkzog==",
+      "license": "MIT",
+      "dependencies": {
+        "@types/linkify-it": "^5",
+        "@types/mdurl": "^2"
+      }
+    },
+    "node_modules/@types/mdurl": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/@types/mdurl/-/mdurl-2.0.0.tgz",
+      "integrity": "sha512-RGdgjQUZba5p6QEFAVx2OGb8rQDL/cPRG7GiedRzMcJ1tYnUANBncjbSB1NRGwbvjcPeikRABz2nshyPk1bhWg==",
+      "license": "MIT"
+    },
+    "node_modules/@types/react": {
+      "version": "19.2.7",
+      "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.7.tgz",
+      "integrity": "sha512-MWtvHrGZLFttgeEj28VXHxpmwYbor/ATPYbBfSFZEIRK0ecCFLl2Qo55z52Hss+UV9CRN7trSeq1zbgx7YDWWg==",
+      "license": "MIT",
+      "dependencies": {
+        "csstype": "^3.2.2"
+      }
+    },
+    "node_modules/@types/react-dom": {
+      "version": "19.2.3",
+      "resolved": "https://registry.npmjs.org/@types/react-dom/-/react-dom-19.2.3.tgz",
+      "integrity": "sha512-jp2L/eY6fn+KgVVQAOqYItbF0VY/YApe5Mz2F0aykSO8gx31bYCZyvSeYxCHKvzHG5eZjc+zyaS5BrBWya2+kQ==",
+      "license": "MIT",
+      "peerDependencies": {
+        "@types/react": "^19.2.0"
+      }
+    },
+    "node_modules/@types/trusted-types": {
+      "version": "2.0.7",
+      "resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.7.tgz",
+      "integrity": "sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw==",
+      "license": "MIT",
+      "optional": true
+    },
+    "node_modules/@types/unist": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/@types/unist/-/unist-3.0.3.tgz",
+      "integrity": "sha512-ko/gIFJRv177XgZsZcBwnqJN5x/Gien8qNOn0D5bQU/zAzVf9Zt3BlcUiLqhV9y4ARk0GbT3tnUiPNgnTXzc/Q==",
+      "license": "MIT"
+    },
+    "node_modules/@types/use-sync-external-store": {
+      "version": "0.0.6",
+      "resolved": "https://registry.npmjs.org/@types/use-sync-external-store/-/use-sync-external-store-0.0.6.tgz",
+      "integrity": "sha512-zFDAD+tlpf2r4asuHEj0XH6pY6i0g5NeAHPn+15wk3BV6JA69eERFXC1gyGThDkVa1zCyKr5jox1+2LbV/AMLg==",
+      "license": "MIT"
+    },
+    "node_modules/@unocss/astro": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/astro/-/astro-66.5.12.tgz",
+      "integrity": "sha512-ynhlljsTGTHAcQHbpqxe3IXEDXjPm9IdeDWAhPet7UiGXhW230vEZ+1/OoARqLysVSVz4pPb81MDgS167Oo4Nw==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12",
+        "@unocss/reset": "66.5.12",
+        "@unocss/vite": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      },
+      "peerDependencies": {
+        "vite": "^2.9.0 || ^3.0.0-0 || ^4.0.0 || ^5.0.0-0 || ^6.0.0-0 || ^7.0.0-0 || ^8.0.0-0"
+      },
+      "peerDependenciesMeta": {
+        "vite": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/@unocss/cli": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/cli/-/cli-66.5.12.tgz",
+      "integrity": "sha512-aqjhYSiYneGfzXH6iYCY4StVN1QyeRKLhuBPkJO7gzad+1RNeqH2se1l4c5Fnvf+1rU9xRM8cw1CUSIn9UOxYQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/remapping": "^2.3.5",
+        "@unocss/config": "66.5.12",
+        "@unocss/core": "66.5.12",
+        "@unocss/preset-uno": "66.5.12",
+        "cac": "^6.7.14",
+        "chokidar": "^5.0.0",
+        "colorette": "^2.0.20",
+        "consola": "^3.4.2",
+        "magic-string": "^0.30.21",
+        "pathe": "^2.0.3",
+        "perfect-debounce": "^2.0.0",
+        "tinyglobby": "^0.2.15",
+        "unplugin-utils": "^0.3.1"
+      },
+      "bin": {
+        "unocss": "bin/unocss.mjs"
+      },
+      "engines": {
+        "node": ">=14"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/config": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/config/-/config-66.5.12.tgz",
+      "integrity": "sha512-rgV7Jj1nBZsLgk/FIFMDzKVLzIZlbKT5T0SB+odo9xZUsN5xwZZMl7I8TfZj5VxQaYqFEgSpS/Y4QCWlZ+7scQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12",
+        "unconfig": "^7.4.2"
+      },
+      "engines": {
+        "node": ">=14"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/core": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/core/-/core-66.5.12.tgz",
+      "integrity": "sha512-/m6su0OXcCYRwIMf8sobBjZTC25iBLUnQVcfyvHOJwLJzOMr8dtNmZbqTs7+Kouz40jlPF7pR+ufFrN+s5ZD7g==",
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/extractor-arbitrary-variants": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/extractor-arbitrary-variants/-/extractor-arbitrary-variants-66.5.12.tgz",
+      "integrity": "sha512-UGzHhLaaSu/YT0rmXtdoE1ttLvwWsI/RVTwNNy3QnL/y4Hvmo7T1MtG5Ri5btfqfDWPzrQLQiTvI8loGCD8lFQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/inspector": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/inspector/-/inspector-66.5.12.tgz",
+      "integrity": "sha512-X8Ygo842Yy0g46JNlgUGvqDhvr5BuVfFwMJeWSFJBYHzPKsZFxTU29aGxNDNDascTnNdWjZZqerPpG5esa+K2Q==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12",
+        "@unocss/rule-utils": "66.5.12",
+        "colorette": "^2.0.20",
+        "gzip-size": "^6.0.0",
+        "sirv": "^3.0.2",
+        "vue-flow-layout": "^0.2.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/postcss": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/postcss/-/postcss-66.5.12.tgz",
+      "integrity": "sha512-fTGrn19I45jzoP9Jsxty9/PXix3PFftj3tgrIsYjZ0R4tpCffW0s7X/iEl3GwfR45kpe5NlQ5ghskd3CFHUp+Q==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/config": "66.5.12",
+        "@unocss/core": "66.5.12",
+        "@unocss/rule-utils": "66.5.12",
+        "css-tree": "^3.1.0",
+        "postcss": "^8.5.6",
+        "tinyglobby": "^0.2.15"
+      },
+      "engines": {
+        "node": ">=14"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      },
+      "peerDependencies": {
+        "postcss": "^8.4.21"
+      }
+    },
+    "node_modules/@unocss/preset-attributify": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/preset-attributify/-/preset-attributify-66.5.12.tgz",
+      "integrity": "sha512-9h/Zgiztzjp1Zf/c/DHAgm1bvzh5oLxAHhPMHmEFjNO335vEjd+PUZBzXXymKM+VoBlMz5DADpAVlTvq1N1aJA==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/preset-icons": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/preset-icons/-/preset-icons-66.5.12.tgz",
+      "integrity": "sha512-3bgkN8tTrcOSGuBcJSDrtDfBt7WU3chFjfw7zo4ign+Z0L6qANB2O62AOdOMJOxKjlppJ6a8AceHthhPZP2PDA==",
+      "license": "MIT",
+      "dependencies": {
+        "@iconify/utils": "^3.1.0",
+        "@unocss/core": "66.5.12",
+        "ofetch": "^1.5.1"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/preset-mini": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/preset-mini/-/preset-mini-66.5.12.tgz",
+      "integrity": "sha512-JEyhb0vKIguaZnrGw0CXcgU6/9cWubVL8BTiLl26hsC+6vFHVSnaDHIWOJ8sTShzEQjPSxKDlAj/lGQCC2+88Q==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12",
+        "@unocss/extractor-arbitrary-variants": "66.5.12",
+        "@unocss/rule-utils": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/preset-tagify": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/preset-tagify/-/preset-tagify-66.5.12.tgz",
+      "integrity": "sha512-gzQ+986lNxpqMeGxeYlDRpfrzcRt2DFjVpfmuNYD6daK4AFRbetQbhynnZyf8zwf++2YUDGf6xI9TfTTSG2QQA==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/preset-typography": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/preset-typography/-/preset-typography-66.5.12.tgz",
+      "integrity": "sha512-ckOD1coTCLXhO3oDCINqm0W292dgtYWtUYeQneNARJz3jjdNqANFPOP/y9Kpfe7WGNegVySRlDizi/L6VSdqJQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12",
+        "@unocss/rule-utils": "66.5.12"
+      }
+    },
+    "node_modules/@unocss/preset-uno": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/preset-uno/-/preset-uno-66.5.12.tgz",
+      "integrity": "sha512-jTLhDeRqhTrCSbEgCQIg0K0PLFDtukG4eeOH5ff7Q4CtmkmsCUK0pqeXegi6ZCyatDwm72qc2WABMSqDMBdhtw==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12",
+        "@unocss/preset-wind3": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/preset-web-fonts": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/preset-web-fonts/-/preset-web-fonts-66.5.12.tgz",
+      "integrity": "sha512-NSUf+H5X0jZ1PLWW6D5ldBERERpbH8VvkpJJhxNTCS54Lj5vJiZ1S06UYxBB57vuUOaHpQOGTbKUSc204LCqdw==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12",
+        "ofetch": "^1.5.1"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/preset-wind": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/preset-wind/-/preset-wind-66.5.12.tgz",
+      "integrity": "sha512-wp1/8JqQriv1AqpxskKbZYD9TNqZLQ9VBr7nNN6OkiPXBE1egEwnyb/fY+sS7IpEgwi4N9uehwQgk0/xs84SWg==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12",
+        "@unocss/preset-wind3": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/preset-wind3": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/preset-wind3/-/preset-wind3-66.5.12.tgz",
+      "integrity": "sha512-SUzX12aQcM1ikzfv4rqwd/xuXtK5GKvhV0/JjvtG/kDTMGaKv161F2ytduj+2pBHtpJO5fUmreCD5ycTUIkxhQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12",
+        "@unocss/preset-mini": "66.5.12",
+        "@unocss/rule-utils": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/preset-wind4": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/preset-wind4/-/preset-wind4-66.5.12.tgz",
+      "integrity": "sha512-JVddnLJ6NOk7hOXA0Y8SYbQEu+JpURbE9o/IHVCkRClVRkE81b9KgJf7WQa/8KIr1O20wRRFdt9QRH4m3pZJ/A==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12",
+        "@unocss/extractor-arbitrary-variants": "66.5.12",
+        "@unocss/rule-utils": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/reset": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/reset/-/reset-66.5.12.tgz",
+      "integrity": "sha512-wGTMu1sXVdxnzAonzHk/yUsyDyGrr8OiXCDSC7pVNep6eXhhf0g85v/Gx9FoAjZRyCppm6ePDWXtWYS8zglfCQ==",
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/rule-utils": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/rule-utils/-/rule-utils-66.5.12.tgz",
+      "integrity": "sha512-2UQvdjS6nD3QHLEwcXlDhXFNiOUQDuOC+itX4tjqvnjP/hj5A99WEUHemb8WEHAlHAt7khe9591+BkHHo3BX/w==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "^66.5.12",
+        "magic-string": "^0.30.21"
+      },
+      "engines": {
+        "node": ">=14"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/transformer-attributify-jsx": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/transformer-attributify-jsx/-/transformer-attributify-jsx-66.5.12.tgz",
+      "integrity": "sha512-h88voRNzSDDBf8In9A/wT0x7IlpRSnOnS62hBIcWk3Ci6w2+I/5eMFP+Rl1kY3zAz4hJ1/Ei6d9Rup3eS5037w==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/parser": "7.27.7",
+        "@babel/traverse": "7.27.7",
+        "@unocss/core": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/transformer-attributify-jsx/node_modules/@babel/parser": {
+      "version": "7.27.7",
+      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.27.7.tgz",
+      "integrity": "sha512-qnzXzDXdr/po3bOTbTIQZ7+TxNKxpkN5IifVLXS+r7qwynkZfPyjZfE7hCXbo7IoO9TNcSyibgONsf2HauUd3Q==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/types": "^7.27.7"
+      },
+      "bin": {
+        "parser": "bin/babel-parser.js"
+      },
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@unocss/transformer-attributify-jsx/node_modules/@babel/traverse": {
+      "version": "7.27.7",
+      "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.27.7.tgz",
+      "integrity": "sha512-X6ZlfR/O/s5EQ/SnUSLzr+6kGnkg8HXGMzpgsMsrJVcfDtH1vIp6ctCN4eZ1LS5c0+te5Cb6Y514fASjMRJ1nw==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/code-frame": "^7.27.1",
+        "@babel/generator": "^7.27.5",
+        "@babel/parser": "^7.27.7",
+        "@babel/template": "^7.27.2",
+        "@babel/types": "^7.27.7",
+        "debug": "^4.3.1",
+        "globals": "^11.1.0"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@unocss/transformer-compile-class": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/transformer-compile-class/-/transformer-compile-class-66.5.12.tgz",
+      "integrity": "sha512-EV9LCrIfwUrevHOAhcQD/4HO5NdDzd1ALXNSDbaRxPjDVquWIRs/DujUmihyV2wqu2qEnkOumC+kyDPfZ7/u3w==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/transformer-directives": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/transformer-directives/-/transformer-directives-66.5.12.tgz",
+      "integrity": "sha512-oRTqR2a5du6b1md549JUX8doXcXY0XNTkiar7R0HZInF4ic0BbjG+nflifd1UtTbI1TUOtcZLQHm+/4tQqM4MA==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12",
+        "@unocss/rule-utils": "66.5.12",
+        "css-tree": "^3.1.0"
+      }
+    },
+    "node_modules/@unocss/transformer-variant-group": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/transformer-variant-group/-/transformer-variant-group-66.5.12.tgz",
+      "integrity": "sha512-iNHzliFCIVjbbmM9PVexqFhPa1t6C/6Ma3ZtkQRMq9KD2YsLvxdabvESEbjHA3iooR+bjPkiROC9whyRLWnyqQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/core": "66.5.12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@unocss/vite": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/@unocss/vite/-/vite-66.5.12.tgz",
+      "integrity": "sha512-BSbUmUCLF3303Cu0y+gbhibXkXPpcR6lVFNN2g06EXTDNJEoS/1VKvZEUBU8RP8d1mLkv5mqN4FzdltZ+vA3uw==",
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/remapping": "^2.3.5",
+        "@unocss/config": "66.5.12",
+        "@unocss/core": "66.5.12",
+        "@unocss/inspector": "66.5.12",
+        "chokidar": "^5.0.0",
+        "magic-string": "^0.30.21",
+        "pathe": "^2.0.3",
+        "tinyglobby": "^0.2.15",
+        "unplugin-utils": "^0.3.1"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      },
+      "peerDependencies": {
+        "vite": "^2.9.0 || ^3.0.0-0 || ^4.0.0 || ^5.0.0-0 || ^6.0.0-0 || ^7.0.0-0 || ^8.0.0-0"
+      }
+    },
+    "node_modules/@vitejs/plugin-react": {
+      "version": "5.1.2",
+      "resolved": "https://registry.npmjs.org/@vitejs/plugin-react/-/plugin-react-5.1.2.tgz",
+      "integrity": "sha512-EcA07pHJouywpzsoTUqNh5NwGayl2PPVEJKUSinGGSxFGYn+shYbqMGBg6FXDqgXum9Ou/ecb+411ssw8HImJQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@babel/core": "^7.28.5",
+        "@babel/plugin-transform-react-jsx-self": "^7.27.1",
+        "@babel/plugin-transform-react-jsx-source": "^7.27.1",
+        "@rolldown/pluginutils": "1.0.0-beta.53",
+        "@types/babel__core": "^7.20.5",
+        "react-refresh": "^0.18.0"
+      },
+      "engines": {
+        "node": "^20.19.0 || >=22.12.0"
+      },
+      "peerDependencies": {
+        "vite": "^4.2.0 || ^5.0.0 || ^6.0.0 || ^7.0.0"
+      }
+    },
+    "node_modules/acorn": {
+      "version": "8.15.0",
+      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz",
+      "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
+      "license": "MIT",
+      "bin": {
+        "acorn": "bin/acorn"
+      },
+      "engines": {
+        "node": ">=0.4.0"
+      }
+    },
+    "node_modules/argparse": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz",
+      "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==",
+      "license": "Python-2.0"
+    },
+    "node_modules/baseline-browser-mapping": {
+      "version": "2.9.11",
+      "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.9.11.tgz",
+      "integrity": "sha512-Sg0xJUNDU1sJNGdfGWhVHX0kkZ+HWcvmVymJbj6NSgZZmW/8S9Y2HQ5euytnIgakgxN6papOAWiwDo1ctFDcoQ==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "bin": {
+        "baseline-browser-mapping": "dist/cli.js"
+      }
+    },
+    "node_modules/browserslist": {
+      "version": "4.28.1",
+      "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.28.1.tgz",
+      "integrity": "sha512-ZC5Bd0LgJXgwGqUknZY/vkUQ04r8NXnJZ3yYi4vDmSiZmC/pdSN0NbNRPxZpbtO4uAfDUAFffO8IZoM3Gj8IkA==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/browserslist"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "baseline-browser-mapping": "^2.9.0",
+        "caniuse-lite": "^1.0.30001759",
+        "electron-to-chromium": "^1.5.263",
+        "node-releases": "^2.0.27",
+        "update-browserslist-db": "^1.2.0"
+      },
+      "bin": {
+        "browserslist": "cli.js"
+      },
+      "engines": {
+        "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7"
+      }
+    },
+    "node_modules/cac": {
+      "version": "6.7.14",
+      "resolved": "https://registry.npmjs.org/cac/-/cac-6.7.14.tgz",
+      "integrity": "sha512-b6Ilus+c3RrdDk+JhLKUAQfzzgLEPy6wcXqS7f/xe1EETvsDP6GORG7SFuOs6cID5YkqchW/LXZbX5bc8j7ZcQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/caniuse-lite": {
+      "version": "1.0.30001762",
+      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001762.tgz",
+      "integrity": "sha512-PxZwGNvH7Ak8WX5iXzoK1KPZttBXNPuaOvI2ZYU7NrlM+d9Ov+TUvlLOBNGzVXAntMSMMlJPd+jY6ovrVjSmUw==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/caniuse-lite"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "CC-BY-4.0"
+    },
+    "node_modules/chart.js": {
+      "version": "4.5.1",
+      "resolved": "https://registry.npmjs.org/chart.js/-/chart.js-4.5.1.tgz",
+      "integrity": "sha512-GIjfiT9dbmHRiYi6Nl2yFCq7kkwdkp1W/lp2J99rX0yo9tgJGn3lKQATztIjb5tVtevcBtIdICNWqlq5+E8/Pw==",
+      "license": "MIT",
+      "dependencies": {
+        "@kurkle/color": "^0.3.0"
+      },
+      "engines": {
+        "pnpm": ">=8"
+      }
+    },
+    "node_modules/chokidar": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-5.0.0.tgz",
+      "integrity": "sha512-TQMmc3w+5AxjpL8iIiwebF73dRDF4fBIieAqGn9RGCWaEVwQ6Fb2cGe31Yns0RRIzii5goJ1Y7xbMwo1TxMplw==",
+      "license": "MIT",
+      "dependencies": {
+        "readdirp": "^5.0.0"
+      },
+      "engines": {
+        "node": ">= 20.19.0"
+      },
+      "funding": {
+        "url": "https://paulmillr.com/funding/"
+      }
+    },
+    "node_modules/colorette": {
+      "version": "2.0.20",
+      "resolved": "https://registry.npmjs.org/colorette/-/colorette-2.0.20.tgz",
+      "integrity": "sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==",
+      "license": "MIT"
+    },
+    "node_modules/confbox": {
+      "version": "0.1.8",
+      "resolved": "https://registry.npmjs.org/confbox/-/confbox-0.1.8.tgz",
+      "integrity": "sha512-RMtmw0iFkeR4YV+fUOSucriAQNb9g8zFR52MWCtl+cCZOFRNL6zeB395vPzFhEjjn4fMxXudmELnl/KF/WrK6w==",
+      "license": "MIT"
+    },
+    "node_modules/consola": {
+      "version": "3.4.2",
+      "resolved": "https://registry.npmjs.org/consola/-/consola-3.4.2.tgz",
+      "integrity": "sha512-5IKcdX0nnYavi6G7TtOhwkYzyjfJlatbjMjuLSfE2kYT5pMDOilZ4OvMhi637CcDICTmz3wARPoyhqyX1Y+XvA==",
+      "license": "MIT",
+      "engines": {
+        "node": "^14.18.0 || >=16.10.0"
+      }
+    },
+    "node_modules/convert-source-map": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz",
+      "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/crelt": {
+      "version": "1.0.6",
+      "resolved": "https://registry.npmjs.org/crelt/-/crelt-1.0.6.tgz",
+      "integrity": "sha512-VQ2MBenTq1fWZUH9DJNGti7kKv6EeAuYr3cLwxUWhIu1baTaXh4Ib5W2CqHVqib4/MqbYGJqiL3Zb8GJZr3l4g==",
+      "license": "MIT"
+    },
+    "node_modules/css-tree": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/css-tree/-/css-tree-3.1.0.tgz",
+      "integrity": "sha512-0eW44TGN5SQXU1mWSkKwFstI/22X2bG1nYzZTYMAWjylYURhse752YgbE4Cx46AC+bAvI+/dYTPRk1LqSUnu6w==",
+      "license": "MIT",
+      "dependencies": {
+        "mdn-data": "2.12.2",
+        "source-map-js": "^1.0.1"
+      },
+      "engines": {
+        "node": "^10 || ^12.20.0 || ^14.13.0 || >=15.0.0"
+      }
+    },
+    "node_modules/csstype": {
+      "version": "3.2.3",
+      "resolved": "https://registry.npmjs.org/csstype/-/csstype-3.2.3.tgz",
+      "integrity": "sha512-z1HGKcYy2xA8AGQfwrn0PAy+PB7X/GSj3UVJW9qKyn43xWa+gl5nXmU4qqLMRzWVLFC8KusUX8T/0kCiOYpAIQ==",
+      "license": "MIT"
+    },
+    "node_modules/debug": {
+      "version": "4.4.3",
+      "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
+      "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
+      "license": "MIT",
+      "dependencies": {
+        "ms": "^2.1.3"
+      },
+      "engines": {
+        "node": ">=6.0"
+      },
+      "peerDependenciesMeta": {
+        "supports-color": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/defu": {
+      "version": "6.1.4",
+      "resolved": "https://registry.npmjs.org/defu/-/defu-6.1.4.tgz",
+      "integrity": "sha512-mEQCMmwJu317oSz8CwdIOdwf3xMif1ttiM8LTufzc3g6kR+9Pe236twL8j3IYT1F7GfRgGcW6MWxzZjLIkuHIg==",
+      "license": "MIT"
+    },
+    "node_modules/dequal": {
+      "version": "2.0.3",
+      "resolved": "https://registry.npmjs.org/dequal/-/dequal-2.0.3.tgz",
+      "integrity": "sha512-0je+qPKHEMohvfRTCEo3CrPG6cAzAYgmzKyxRiYSSDkS6eGJdyVJm7WaYA5ECaAD9wLB2T4EEeymA5aFVcYXCA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/destr": {
+      "version": "2.0.5",
+      "resolved": "https://registry.npmjs.org/destr/-/destr-2.0.5.tgz",
+      "integrity": "sha512-ugFTXCtDZunbzasqBxrK93Ik/DRYsO6S/fedkWEMKqt04xZ4csmnmwGDBAb07QWNaGMAmnTIemsYZCksjATwsA==",
+      "license": "MIT"
+    },
+    "node_modules/devlop": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/devlop/-/devlop-1.1.0.tgz",
+      "integrity": "sha512-RWmIqhcFf1lRYBvNmr7qTNuyCt/7/ns2jbpp1+PalgE/rDQcBT0fioSMUpJ93irlUhC5hrg4cYqe6U+0ImW0rA==",
+      "license": "MIT",
+      "dependencies": {
+        "dequal": "^2.0.0"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/wooorm"
+      }
+    },
+    "node_modules/dompurify": {
+      "version": "3.2.7",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.2.7.tgz",
+      "integrity": "sha512-WhL/YuveyGXJaerVlMYGWhvQswa7myDG17P7Vu65EWC05o8vfeNbvNf4d/BOvH99+ZW+LlQsc1GDKMa1vNK6dw==",
+      "license": "(MPL-2.0 OR Apache-2.0)",
+      "optionalDependencies": {
+        "@types/trusted-types": "^2.0.7"
+      }
+    },
+    "node_modules/duplexer": {
+      "version": "0.1.2",
+      "resolved": "https://registry.npmjs.org/duplexer/-/duplexer-0.1.2.tgz",
+      "integrity": "sha512-jtD6YG370ZCIi/9GTaJKQxWTZD045+4R4hTk/x1UyoqadyJ9x9CgSi1RlVDQF8U2sxLLSnFkCaMihqljHIWgMg==",
+      "license": "MIT"
+    },
+    "node_modules/electron-to-chromium": {
+      "version": "1.5.267",
+      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.267.tgz",
+      "integrity": "sha512-0Drusm6MVRXSOJpGbaSVgcQsuB4hEkMpHXaVstcPmhu5LIedxs1xNK/nIxmQIU/RPC0+1/o0AVZfBTkTNJOdUw==",
+      "dev": true,
+      "license": "ISC"
+    },
+    "node_modules/entities": {
+      "version": "4.5.0",
+      "resolved": "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz",
+      "integrity": "sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==",
+      "license": "BSD-2-Clause",
+      "engines": {
+        "node": ">=0.12"
+      },
+      "funding": {
+        "url": "https://github.com/fb55/entities?sponsor=1"
+      }
+    },
+    "node_modules/esbuild": {
+      "version": "0.27.2",
+      "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.27.2.tgz",
+      "integrity": "sha512-HyNQImnsOC7X9PMNaCIeAm4ISCQXs5a5YasTXVliKv4uuBo1dKrG0A+uQS8M5eXjVMnLg3WgXaKvprHlFJQffw==",
+      "hasInstallScript": true,
+      "license": "MIT",
+      "bin": {
+        "esbuild": "bin/esbuild"
+      },
+      "engines": {
+        "node": ">=18"
+      },
+      "optionalDependencies": {
+        "@esbuild/aix-ppc64": "0.27.2",
+        "@esbuild/android-arm": "0.27.2",
+        "@esbuild/android-arm64": "0.27.2",
+        "@esbuild/android-x64": "0.27.2",
+        "@esbuild/darwin-arm64": "0.27.2",
+        "@esbuild/darwin-x64": "0.27.2",
+        "@esbuild/freebsd-arm64": "0.27.2",
+        "@esbuild/freebsd-x64": "0.27.2",
+        "@esbuild/linux-arm": "0.27.2",
+        "@esbuild/linux-arm64": "0.27.2",
+        "@esbuild/linux-ia32": "0.27.2",
+        "@esbuild/linux-loong64": "0.27.2",
+        "@esbuild/linux-mips64el": "0.27.2",
+        "@esbuild/linux-ppc64": "0.27.2",
+        "@esbuild/linux-riscv64": "0.27.2",
+        "@esbuild/linux-s390x": "0.27.2",
+        "@esbuild/linux-x64": "0.27.2",
+        "@esbuild/netbsd-arm64": "0.27.2",
+        "@esbuild/netbsd-x64": "0.27.2",
+        "@esbuild/openbsd-arm64": "0.27.2",
+        "@esbuild/openbsd-x64": "0.27.2",
+        "@esbuild/openharmony-arm64": "0.27.2",
+        "@esbuild/sunos-x64": "0.27.2",
+        "@esbuild/win32-arm64": "0.27.2",
+        "@esbuild/win32-ia32": "0.27.2",
+        "@esbuild/win32-x64": "0.27.2"
+      }
+    },
+    "node_modules/escalade": {
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz",
+      "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/escape-string-regexp": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz",
+      "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/fast-equals": {
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/fast-equals/-/fast-equals-5.4.0.tgz",
+      "integrity": "sha512-jt2DW/aNFNwke7AUd+Z+e6pz39KO5rzdbbFCg2sGafS4mk13MI7Z8O5z9cADNn5lhGODIgLwug6TZO2ctf7kcw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/fdir": {
+      "version": "6.5.0",
+      "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.5.0.tgz",
+      "integrity": "sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=12.0.0"
+      },
+      "peerDependencies": {
+        "picomatch": "^3 || ^4"
+      },
+      "peerDependenciesMeta": {
+        "picomatch": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/fsevents": {
+      "version": "2.3.3",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
+      "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
+      "hasInstallScript": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+      }
+    },
+    "node_modules/gensync": {
+      "version": "1.0.0-beta.2",
+      "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz",
+      "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/globals": {
+      "version": "11.12.0",
+      "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz",
+      "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/gzip-size": {
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/gzip-size/-/gzip-size-6.0.0.tgz",
+      "integrity": "sha512-ax7ZYomf6jqPTQ4+XCpUGyXKHk5WweS+e05MBO4/y3WJ5RkmPXNKvX+bx1behVILVwr6JSQvZAku021CHPXG3Q==",
+      "license": "MIT",
+      "dependencies": {
+        "duplexer": "^0.1.2"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/highlight.js": {
+      "version": "11.11.1",
+      "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-11.11.1.tgz",
+      "integrity": "sha512-Xwwo44whKBVCYoliBQwaPvtd/2tYFkRQtXDWj1nackaV2JPXx3L0+Jvd8/qCJ2p+ML0/XVkJ2q+Mr+UVdpJK5w==",
+      "license": "BSD-3-Clause",
+      "engines": {
+        "node": ">=12.0.0"
+      }
+    },
+    "node_modules/jiti": {
+      "version": "2.6.1",
+      "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.6.1.tgz",
+      "integrity": "sha512-ekilCSN1jwRvIbgeg/57YFh8qQDNbwDb9xT/qu2DAHbFFZUicIl4ygVaAvzveMhMVr3LnpSKTNnwt8PoOfmKhQ==",
+      "license": "MIT",
+      "bin": {
+        "jiti": "lib/jiti-cli.mjs"
+      }
+    },
+    "node_modules/js-tokens": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
+      "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==",
+      "license": "MIT"
+    },
+    "node_modules/jsesc": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.1.0.tgz",
+      "integrity": "sha512-/sM3dO2FOzXjKQhJuo0Q173wf2KOo8t4I8vHy6lF9poUp7bKT0/NHE8fPX23PwfhnykfqnC2xRxOnVw5XuGIaA==",
+      "license": "MIT",
+      "bin": {
+        "jsesc": "bin/jsesc"
+      },
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/json5": {
+      "version": "2.2.3",
+      "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz",
+      "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==",
+      "dev": true,
+      "license": "MIT",
+      "bin": {
+        "json5": "lib/cli.js"
+      },
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/linkify-it": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-5.0.0.tgz",
+      "integrity": "sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==",
+      "license": "MIT",
+      "dependencies": {
+        "uc.micro": "^2.0.0"
+      }
+    },
+    "node_modules/linkifyjs": {
+      "version": "4.3.2",
+      "resolved": "https://registry.npmjs.org/linkifyjs/-/linkifyjs-4.3.2.tgz",
+      "integrity": "sha512-NT1CJtq3hHIreOianA8aSXn6Cw0JzYOuDQbOrSPe7gqFnCpKP++MQe3ODgO3oh2GJFORkAAdqredOa60z63GbA==",
+      "license": "MIT"
+    },
+    "node_modules/lowlight": {
+      "version": "3.3.0",
+      "resolved": "https://registry.npmjs.org/lowlight/-/lowlight-3.3.0.tgz",
+      "integrity": "sha512-0JNhgFoPvP6U6lE/UdVsSq99tn6DhjjpAj5MxG49ewd2mOBVtwWYIT8ClyABhq198aXXODMU6Ox8DrGy/CpTZQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@types/hast": "^3.0.0",
+        "devlop": "^1.0.0",
+        "highlight.js": "~11.11.0"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/wooorm"
+      }
+    },
+    "node_modules/lru-cache": {
+      "version": "5.1.1",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz",
+      "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "yallist": "^3.0.2"
+      }
+    },
+    "node_modules/magic-string": {
+      "version": "0.30.21",
+      "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.21.tgz",
+      "integrity": "sha512-vd2F4YUyEXKGcLHoq+TEyCjxueSeHnFxyyjNp80yg0XV4vUhnDer/lvvlqM/arB5bXQN5K2/3oinyCRyx8T2CQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/sourcemap-codec": "^1.5.5"
+      }
+    },
+    "node_modules/markdown-it": {
+      "version": "14.1.0",
+      "resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-14.1.0.tgz",
+      "integrity": "sha512-a54IwgWPaeBCAAsv13YgmALOF1elABB08FxO9i+r4VFk5Vl4pKokRPeX8u5TCgSsPi6ec1otfLjdOpVcgbpshg==",
+      "license": "MIT",
+      "dependencies": {
+        "argparse": "^2.0.1",
+        "entities": "^4.4.0",
+        "linkify-it": "^5.0.0",
+        "mdurl": "^2.0.0",
+        "punycode.js": "^2.3.1",
+        "uc.micro": "^2.1.0"
+      },
+      "bin": {
+        "markdown-it": "bin/markdown-it.mjs"
+      }
+    },
+    "node_modules/marked": {
+      "version": "14.0.0",
+      "resolved": "https://registry.npmjs.org/marked/-/marked-14.0.0.tgz",
+      "integrity": "sha512-uIj4+faQ+MgHgwUW1l2PsPglZLOLOT1uErt06dAPtx2kjteLAkbsd/0FiYg/MGS+i7ZKLb7w2WClxHkzOOuryQ==",
+      "license": "MIT",
+      "bin": {
+        "marked": "bin/marked.js"
+      },
+      "engines": {
+        "node": ">= 18"
+      }
+    },
+    "node_modules/mdn-data": {
+      "version": "2.12.2",
+      "resolved": "https://registry.npmjs.org/mdn-data/-/mdn-data-2.12.2.tgz",
+      "integrity": "sha512-IEn+pegP1aManZuckezWCO+XZQDplx1366JoVhTpMpBB1sPey/SbveZQUosKiKiGYjg1wH4pMlNgXbCiYgihQA==",
+      "license": "CC0-1.0"
+    },
+    "node_modules/mdurl": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/mdurl/-/mdurl-2.0.0.tgz",
+      "integrity": "sha512-Lf+9+2r+Tdp5wXDXC4PcIBjTDtq4UKjCPMQhKIuzpJNW0b96kVqSwW0bT7FhRSfmAiFYgP+SCRvdrDozfh0U5w==",
+      "license": "MIT"
+    },
+    "node_modules/mlly": {
+      "version": "1.8.0",
+      "resolved": "https://registry.npmjs.org/mlly/-/mlly-1.8.0.tgz",
+      "integrity": "sha512-l8D9ODSRWLe2KHJSifWGwBqpTZXIXTeo8mlKjY+E2HAakaTeNpqAyBZ8GSqLzHgw4XmHmC8whvpjJNMbFZN7/g==",
+      "license": "MIT",
+      "dependencies": {
+        "acorn": "^8.15.0",
+        "pathe": "^2.0.3",
+        "pkg-types": "^1.3.1",
+        "ufo": "^1.6.1"
+      }
+    },
+    "node_modules/monaco-editor": {
+      "version": "0.55.1",
+      "resolved": "https://registry.npmjs.org/monaco-editor/-/monaco-editor-0.55.1.tgz",
+      "integrity": "sha512-jz4x+TJNFHwHtwuV9vA9rMujcZRb0CEilTEwG2rRSpe/A7Jdkuj8xPKttCgOh+v/lkHy7HsZ64oj+q3xoAFl9A==",
+      "license": "MIT",
+      "dependencies": {
+        "dompurify": "3.2.7",
+        "marked": "14.0.0"
+      }
+    },
+    "node_modules/mrmime": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/mrmime/-/mrmime-2.0.1.tgz",
+      "integrity": "sha512-Y3wQdFg2Va6etvQ5I82yUhGdsKrcYox6p7FfL1LbK2J4V01F9TGlepTIhnK24t7koZibmg82KGglhA1XK5IsLQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/ms": {
+      "version": "2.1.3",
+      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
+      "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
+      "license": "MIT"
+    },
+    "node_modules/nanoevents": {
+      "version": "9.1.0",
+      "resolved": "https://registry.npmjs.org/nanoevents/-/nanoevents-9.1.0.tgz",
+      "integrity": "sha512-Jd0fILWG44a9luj8v5kED4WI+zfkkgwKyRQKItTtlPfEsh7Lznfi1kr8/iZ+XAIss4Qq5GqRB0qtWbaz9ceO/A==",
+      "license": "MIT",
+      "engines": {
+        "node": "^18.0.0 || >=20.0.0"
+      }
+    },
+    "node_modules/nanoid": {
+      "version": "3.3.11",
+      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.11.tgz",
+      "integrity": "sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "bin": {
+        "nanoid": "bin/nanoid.cjs"
+      },
+      "engines": {
+        "node": "^10 || ^12 || ^13.7 || ^14 || >=15.0.1"
+      }
+    },
+    "node_modules/nanostores": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/nanostores/-/nanostores-1.1.0.tgz",
+      "integrity": "sha512-yJBmDJr18xy47dbNVlHcgdPrulSn1nhSE6Ns9vTG+Nx9VPT6iV1MD6aQFp/t52zpf82FhLLTXAXr30NuCnxvwA==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "engines": {
+        "node": "^20.0.0 || >=22.0.0"
+      }
+    },
+    "node_modules/node-fetch-native": {
+      "version": "1.6.7",
+      "resolved": "https://registry.npmjs.org/node-fetch-native/-/node-fetch-native-1.6.7.tgz",
+      "integrity": "sha512-g9yhqoedzIUm0nTnTqAQvueMPVOuIY16bqgAJJC8XOOubYFNwz6IER9qs0Gq2Xd0+CecCKFjtdDTMA4u4xG06Q==",
+      "license": "MIT"
+    },
+    "node_modules/node-releases": {
+      "version": "2.0.27",
+      "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.27.tgz",
+      "integrity": "sha512-nmh3lCkYZ3grZvqcCH+fjmQ7X+H0OeZgP40OierEaAptX4XofMh5kwNbWh7lBduUzCcV/8kZ+NDLCwm2iorIlA==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/ofetch": {
+      "version": "1.5.1",
+      "resolved": "https://registry.npmjs.org/ofetch/-/ofetch-1.5.1.tgz",
+      "integrity": "sha512-2W4oUZlVaqAPAil6FUg/difl6YhqhUR7x2eZY4bQCko22UXg3hptq9KLQdqFClV+Wu85UX7hNtdGTngi/1BxcA==",
+      "license": "MIT",
+      "dependencies": {
+        "destr": "^2.0.5",
+        "node-fetch-native": "^1.6.7",
+        "ufo": "^1.6.1"
+      }
+    },
+    "node_modules/orderedmap": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/orderedmap/-/orderedmap-2.1.1.tgz",
+      "integrity": "sha512-TvAWxi0nDe1j/rtMcWcIj94+Ffe6n7zhow33h40SKxmsmozs6dz/e+EajymfoFcHd7sxNn8yHM8839uixMOV6g==",
+      "license": "MIT"
+    },
+    "node_modules/package-manager-detector": {
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/package-manager-detector/-/package-manager-detector-1.6.0.tgz",
+      "integrity": "sha512-61A5ThoTiDG/C8s8UMZwSorAGwMJ0ERVGj2OjoW5pAalsNOg15+iQiPzrLJ4jhZ1HJzmC2PIHT2oEiH3R5fzNA==",
+      "license": "MIT"
+    },
+    "node_modules/pathe": {
+      "version": "2.0.3",
+      "resolved": "https://registry.npmjs.org/pathe/-/pathe-2.0.3.tgz",
+      "integrity": "sha512-WUjGcAqP1gQacoQe+OBJsFA7Ld4DyXuUIjZ5cc75cLHvJ7dtNsTugphxIADwspS+AraAUePCKrSVtPLFj/F88w==",
+      "license": "MIT"
+    },
+    "node_modules/perfect-debounce": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/perfect-debounce/-/perfect-debounce-2.0.0.tgz",
+      "integrity": "sha512-fkEH/OBiKrqqI/yIgjR92lMfs2K8105zt/VT6+7eTjNwisrsh47CeIED9z58zI7DfKdH3uHAn25ziRZn3kgAow==",
+      "license": "MIT"
+    },
+    "node_modules/picocolors": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz",
+      "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==",
+      "license": "ISC"
+    },
+    "node_modules/picomatch": {
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+      "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/jonschlinkert"
+      }
+    },
+    "node_modules/pkg-types": {
+      "version": "1.3.1",
+      "resolved": "https://registry.npmjs.org/pkg-types/-/pkg-types-1.3.1.tgz",
+      "integrity": "sha512-/Jm5M4RvtBFVkKWRu2BLUTNP8/M2a+UwuAX+ae4770q1qVGtfjG+WTCupoZixokjmHiry8uI+dlY8KXYV5HVVQ==",
+      "license": "MIT",
+      "dependencies": {
+        "confbox": "^0.1.8",
+        "mlly": "^1.7.4",
+        "pathe": "^2.0.1"
+      }
+    },
+    "node_modules/postcss": {
+      "version": "8.5.6",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.6.tgz",
+      "integrity": "sha512-3Ybi1tAuwAP9s0r1UQ2J4n5Y0G05bJkpUIO0/bI9MhwmD70S5aTWbXGBwxHrelT+XM1k6dM0pk+SwNkpTRN7Pg==",
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/postcss"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "nanoid": "^3.3.11",
+        "picocolors": "^1.1.1",
+        "source-map-js": "^1.2.1"
+      },
+      "engines": {
+        "node": "^10 || ^12 || >=14"
+      }
+    },
+    "node_modules/prosemirror-changeset": {
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/prosemirror-changeset/-/prosemirror-changeset-2.3.1.tgz",
+      "integrity": "sha512-j0kORIBm8ayJNl3zQvD1TTPHJX3g042et6y/KQhZhnPrruO8exkTgG8X+NRpj7kIyMMEx74Xb3DyMIBtO0IKkQ==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-transform": "^1.0.0"
+      }
+    },
+    "node_modules/prosemirror-collab": {
+      "version": "1.3.1",
+      "resolved": "https://registry.npmjs.org/prosemirror-collab/-/prosemirror-collab-1.3.1.tgz",
+      "integrity": "sha512-4SnynYR9TTYaQVXd/ieUvsVV4PDMBzrq2xPUWutHivDuOshZXqQ5rGbZM84HEaXKbLdItse7weMGOUdDVcLKEQ==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-state": "^1.0.0"
+      }
+    },
+    "node_modules/prosemirror-commands": {
+      "version": "1.7.1",
+      "resolved": "https://registry.npmjs.org/prosemirror-commands/-/prosemirror-commands-1.7.1.tgz",
+      "integrity": "sha512-rT7qZnQtx5c0/y/KlYaGvtG411S97UaL6gdp6RIZ23DLHanMYLyfGBV5DtSnZdthQql7W+lEVbpSfwtO8T+L2w==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-model": "^1.0.0",
+        "prosemirror-state": "^1.0.0",
+        "prosemirror-transform": "^1.10.2"
+      }
+    },
+    "node_modules/prosemirror-dropcursor": {
+      "version": "1.8.2",
+      "resolved": "https://registry.npmjs.org/prosemirror-dropcursor/-/prosemirror-dropcursor-1.8.2.tgz",
+      "integrity": "sha512-CCk6Gyx9+Tt2sbYk5NK0nB1ukHi2ryaRgadV/LvyNuO3ena1payM2z6Cg0vO1ebK8cxbzo41ku2DE5Axj1Zuiw==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-state": "^1.0.0",
+        "prosemirror-transform": "^1.1.0",
+        "prosemirror-view": "^1.1.0"
+      }
+    },
+    "node_modules/prosemirror-gapcursor": {
+      "version": "1.4.0",
+      "resolved": "https://registry.npmjs.org/prosemirror-gapcursor/-/prosemirror-gapcursor-1.4.0.tgz",
+      "integrity": "sha512-z00qvurSdCEWUIulij/isHaqu4uLS8r/Fi61IbjdIPJEonQgggbJsLnstW7Lgdk4zQ68/yr6B6bf7sJXowIgdQ==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-keymap": "^1.0.0",
+        "prosemirror-model": "^1.0.0",
+        "prosemirror-state": "^1.0.0",
+        "prosemirror-view": "^1.0.0"
+      }
+    },
+    "node_modules/prosemirror-history": {
+      "version": "1.5.0",
+      "resolved": "https://registry.npmjs.org/prosemirror-history/-/prosemirror-history-1.5.0.tgz",
+      "integrity": "sha512-zlzTiH01eKA55UAf1MEjtssJeHnGxO0j4K4Dpx+gnmX9n+SHNlDqI2oO1Kv1iPN5B1dm5fsljCfqKF9nFL6HRg==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-state": "^1.2.2",
+        "prosemirror-transform": "^1.0.0",
+        "prosemirror-view": "^1.31.0",
+        "rope-sequence": "^1.3.0"
+      }
+    },
+    "node_modules/prosemirror-inputrules": {
+      "version": "1.5.1",
+      "resolved": "https://registry.npmjs.org/prosemirror-inputrules/-/prosemirror-inputrules-1.5.1.tgz",
+      "integrity": "sha512-7wj4uMjKaXWAQ1CDgxNzNtR9AlsuwzHfdFH1ygEHA2KHF2DOEaXl1CJfNPAKCg9qNEh4rum975QLaCiQPyY6Fw==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-state": "^1.0.0",
+        "prosemirror-transform": "^1.0.0"
+      }
+    },
+    "node_modules/prosemirror-keymap": {
+      "version": "1.2.3",
+      "resolved": "https://registry.npmjs.org/prosemirror-keymap/-/prosemirror-keymap-1.2.3.tgz",
+      "integrity": "sha512-4HucRlpiLd1IPQQXNqeo81BGtkY8Ai5smHhKW9jjPKRc2wQIxksg7Hl1tTI2IfT2B/LgX6bfYvXxEpJl7aKYKw==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-state": "^1.0.0",
+        "w3c-keyname": "^2.2.0"
+      }
+    },
+    "node_modules/prosemirror-markdown": {
+      "version": "1.13.2",
+      "resolved": "https://registry.npmjs.org/prosemirror-markdown/-/prosemirror-markdown-1.13.2.tgz",
+      "integrity": "sha512-FPD9rHPdA9fqzNmIIDhhnYQ6WgNoSWX9StUZ8LEKapaXU9i6XgykaHKhp6XMyXlOWetmaFgGDS/nu/w9/vUc5g==",
+      "license": "MIT",
+      "dependencies": {
+        "@types/markdown-it": "^14.0.0",
+        "markdown-it": "^14.0.0",
+        "prosemirror-model": "^1.25.0"
+      }
+    },
+    "node_modules/prosemirror-menu": {
+      "version": "1.2.5",
+      "resolved": "https://registry.npmjs.org/prosemirror-menu/-/prosemirror-menu-1.2.5.tgz",
+      "integrity": "sha512-qwXzynnpBIeg1D7BAtjOusR+81xCp53j7iWu/IargiRZqRjGIlQuu1f3jFi+ehrHhWMLoyOQTSRx/IWZJqOYtQ==",
+      "license": "MIT",
+      "dependencies": {
+        "crelt": "^1.0.0",
+        "prosemirror-commands": "^1.0.0",
+        "prosemirror-history": "^1.0.0",
+        "prosemirror-state": "^1.0.0"
+      }
+    },
+    "node_modules/prosemirror-model": {
+      "version": "1.25.4",
+      "resolved": "https://registry.npmjs.org/prosemirror-model/-/prosemirror-model-1.25.4.tgz",
+      "integrity": "sha512-PIM7E43PBxKce8OQeezAs9j4TP+5yDpZVbuurd1h5phUxEKIu+G2a+EUZzIC5nS1mJktDJWzbqS23n1tsAf5QA==",
+      "license": "MIT",
+      "dependencies": {
+        "orderedmap": "^2.0.0"
+      }
+    },
+    "node_modules/prosemirror-schema-basic": {
+      "version": "1.2.4",
+      "resolved": "https://registry.npmjs.org/prosemirror-schema-basic/-/prosemirror-schema-basic-1.2.4.tgz",
+      "integrity": "sha512-ELxP4TlX3yr2v5rM7Sb70SqStq5NvI15c0j9j/gjsrO5vaw+fnnpovCLEGIcpeGfifkuqJwl4fon6b+KdrODYQ==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-model": "^1.25.0"
+      }
+    },
+    "node_modules/prosemirror-schema-list": {
+      "version": "1.5.1",
+      "resolved": "https://registry.npmjs.org/prosemirror-schema-list/-/prosemirror-schema-list-1.5.1.tgz",
+      "integrity": "sha512-927lFx/uwyQaGwJxLWCZRkjXG0p48KpMj6ueoYiu4JX05GGuGcgzAy62dfiV8eFZftgyBUvLx76RsMe20fJl+Q==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-model": "^1.0.0",
+        "prosemirror-state": "^1.0.0",
+        "prosemirror-transform": "^1.7.3"
+      }
+    },
+    "node_modules/prosemirror-state": {
+      "version": "1.4.4",
+      "resolved": "https://registry.npmjs.org/prosemirror-state/-/prosemirror-state-1.4.4.tgz",
+      "integrity": "sha512-6jiYHH2CIGbCfnxdHbXZ12gySFY/fz/ulZE333G6bPqIZ4F+TXo9ifiR86nAHpWnfoNjOb3o5ESi7J8Uz1jXHw==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-model": "^1.0.0",
+        "prosemirror-transform": "^1.0.0",
+        "prosemirror-view": "^1.27.0"
+      }
+    },
+    "node_modules/prosemirror-tables": {
+      "version": "1.8.5",
+      "resolved": "https://registry.npmjs.org/prosemirror-tables/-/prosemirror-tables-1.8.5.tgz",
+      "integrity": "sha512-V/0cDCsHKHe/tfWkeCmthNUcEp1IVO3p6vwN8XtwE9PZQLAZJigbw3QoraAdfJPir4NKJtNvOB8oYGKRl+t0Dw==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-keymap": "^1.2.3",
+        "prosemirror-model": "^1.25.4",
+        "prosemirror-state": "^1.4.4",
+        "prosemirror-transform": "^1.10.5",
+        "prosemirror-view": "^1.41.4"
+      }
+    },
+    "node_modules/prosemirror-trailing-node": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/prosemirror-trailing-node/-/prosemirror-trailing-node-3.0.0.tgz",
+      "integrity": "sha512-xiun5/3q0w5eRnGYfNlW1uU9W6x5MoFKWwq/0TIRgt09lv7Hcser2QYV8t4muXbEr+Fwo0geYn79Xs4GKywrRQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@remirror/core-constants": "3.0.0",
+        "escape-string-regexp": "^4.0.0"
+      },
+      "peerDependencies": {
+        "prosemirror-model": "^1.22.1",
+        "prosemirror-state": "^1.4.2",
+        "prosemirror-view": "^1.33.8"
+      }
+    },
+    "node_modules/prosemirror-transform": {
+      "version": "1.10.5",
+      "resolved": "https://registry.npmjs.org/prosemirror-transform/-/prosemirror-transform-1.10.5.tgz",
+      "integrity": "sha512-RPDQCxIDhIBb1o36xxwsaeAvivO8VLJcgBtzmOwQ64bMtsVFh5SSuJ6dWSxO1UsHTiTXPCgQm3PDJt7p6IOLbw==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-model": "^1.21.0"
+      }
+    },
+    "node_modules/prosemirror-view": {
+      "version": "1.41.4",
+      "resolved": "https://registry.npmjs.org/prosemirror-view/-/prosemirror-view-1.41.4.tgz",
+      "integrity": "sha512-WkKgnyjNncri03Gjaz3IFWvCAE94XoiEgvtr0/r2Xw7R8/IjK3sKLSiDoCHWcsXSAinVaKlGRZDvMCsF1kbzjA==",
+      "license": "MIT",
+      "dependencies": {
+        "prosemirror-model": "^1.20.0",
+        "prosemirror-state": "^1.0.0",
+        "prosemirror-transform": "^1.1.0"
+      }
+    },
+    "node_modules/punycode.js": {
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/punycode.js/-/punycode.js-2.3.1.tgz",
+      "integrity": "sha512-uxFIHU0YlHYhDQtV4R9J6a52SLx28BCjT+4ieh7IGbgwVJWO+km431c4yRlREUAsAmt/uMjQUyQHNEPf0M39CA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/quansync": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/quansync/-/quansync-1.0.0.tgz",
+      "integrity": "sha512-5xZacEEufv3HSTPQuchrvV6soaiACMFnq1H8wkVioctoH3TRha9Sz66lOxRwPK/qZj7HPiSveih9yAyh98gvqA==",
+      "funding": [
+        {
+          "type": "individual",
+          "url": "https://github.com/sponsors/antfu"
+        },
+        {
+          "type": "individual",
+          "url": "https://github.com/sponsors/sxzz"
+        }
+      ],
+      "license": "MIT"
+    },
+    "node_modules/react": {
+      "version": "19.2.3",
+      "resolved": "https://registry.npmjs.org/react/-/react-19.2.3.tgz",
+      "integrity": "sha512-Ku/hhYbVjOQnXDZFv2+RibmLFGwFdeeKHFcOTlrt7xplBnya5OGn/hIRDsqDiSUcfORsDC7MPxwork8jBwsIWA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/react-dom": {
+      "version": "19.2.3",
+      "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.2.3.tgz",
+      "integrity": "sha512-yELu4WmLPw5Mr/lmeEpox5rw3RETacE++JgHqQzd2dg+YbJuat3jH4ingc+WPZhxaoFzdv9y33G+F7Nl5O0GBg==",
+      "license": "MIT",
+      "dependencies": {
+        "scheduler": "^0.27.0"
+      },
+      "peerDependencies": {
+        "react": "^19.2.3"
+      }
+    },
+    "node_modules/react-refresh": {
+      "version": "0.18.0",
+      "resolved": "https://registry.npmjs.org/react-refresh/-/react-refresh-0.18.0.tgz",
+      "integrity": "sha512-QgT5//D3jfjJb6Gsjxv0Slpj23ip+HtOpnNgnb2S5zU3CB26G/IDPGoy4RJB42wzFE46DRsstbW6tKHoKbhAxw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/readdirp": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-5.0.0.tgz",
+      "integrity": "sha512-9u/XQ1pvrQtYyMpZe7DXKv2p5CNvyVwzUB6uhLAnQwHMSgKMBR62lc7AHljaeteeHXn11XTAaLLUVZYVZyuRBQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 20.19.0"
+      },
+      "funding": {
+        "type": "individual",
+        "url": "https://paulmillr.com/funding/"
+      }
+    },
+    "node_modules/rollup": {
+      "version": "4.54.0",
+      "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.54.0.tgz",
+      "integrity": "sha512-3nk8Y3a9Ea8szgKhinMlGMhGMw89mqule3KWczxhIzqudyHdCIOHw8WJlj/r329fACjKLEh13ZSk7oE22kyeIw==",
+      "license": "MIT",
+      "dependencies": {
+        "@types/estree": "1.0.8"
+      },
+      "bin": {
+        "rollup": "dist/bin/rollup"
+      },
+      "engines": {
+        "node": ">=18.0.0",
+        "npm": ">=8.0.0"
+      },
+      "optionalDependencies": {
+        "@rollup/rollup-android-arm-eabi": "4.54.0",
+        "@rollup/rollup-android-arm64": "4.54.0",
+        "@rollup/rollup-darwin-arm64": "4.54.0",
+        "@rollup/rollup-darwin-x64": "4.54.0",
+        "@rollup/rollup-freebsd-arm64": "4.54.0",
+        "@rollup/rollup-freebsd-x64": "4.54.0",
+        "@rollup/rollup-linux-arm-gnueabihf": "4.54.0",
+        "@rollup/rollup-linux-arm-musleabihf": "4.54.0",
+        "@rollup/rollup-linux-arm64-gnu": "4.54.0",
+        "@rollup/rollup-linux-arm64-musl": "4.54.0",
+        "@rollup/rollup-linux-loong64-gnu": "4.54.0",
+        "@rollup/rollup-linux-ppc64-gnu": "4.54.0",
+        "@rollup/rollup-linux-riscv64-gnu": "4.54.0",
+        "@rollup/rollup-linux-riscv64-musl": "4.54.0",
+        "@rollup/rollup-linux-s390x-gnu": "4.54.0",
+        "@rollup/rollup-linux-x64-gnu": "4.54.0",
+        "@rollup/rollup-linux-x64-musl": "4.54.0",
+        "@rollup/rollup-openharmony-arm64": "4.54.0",
+        "@rollup/rollup-win32-arm64-msvc": "4.54.0",
+        "@rollup/rollup-win32-ia32-msvc": "4.54.0",
+        "@rollup/rollup-win32-x64-gnu": "4.54.0",
+        "@rollup/rollup-win32-x64-msvc": "4.54.0",
+        "fsevents": "~2.3.2"
+      }
+    },
+    "node_modules/rope-sequence": {
+      "version": "1.3.4",
+      "resolved": "https://registry.npmjs.org/rope-sequence/-/rope-sequence-1.3.4.tgz",
+      "integrity": "sha512-UT5EDe2cu2E/6O4igUr5PSFs23nvvukicWHx6GnOPlHAiiYbzNuCRQCuiUdHJQcqKalLKlrYJnjY0ySGsXNQXQ==",
+      "license": "MIT"
+    },
+    "node_modules/scheduler": {
+      "version": "0.27.0",
+      "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.27.0.tgz",
+      "integrity": "sha512-eNv+WrVbKu1f3vbYJT/xtiF5syA5HPIMtf9IgY/nKg0sWqzAUEvqY/xm7OcZc/qafLx/iO9FgOmeSAp4v5ti/Q==",
+      "license": "MIT"
+    },
+    "node_modules/semver": {
+      "version": "6.3.1",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
+      "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==",
+      "dev": true,
+      "license": "ISC",
+      "bin": {
+        "semver": "bin/semver.js"
+      }
+    },
+    "node_modules/sirv": {
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/sirv/-/sirv-3.0.2.tgz",
+      "integrity": "sha512-2wcC/oGxHis/BoHkkPwldgiPSYcpZK3JU28WoMVv55yHJgcZ8rlXvuG9iZggz+sU1d4bRgIGASwyWqjxu3FM0g==",
+      "license": "MIT",
+      "dependencies": {
+        "@polka/url": "^1.0.0-next.24",
+        "mrmime": "^2.0.0",
+        "totalist": "^3.0.0"
+      },
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/source-map-js": {
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.1.tgz",
+      "integrity": "sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA==",
+      "license": "BSD-3-Clause",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/state-local": {
+      "version": "1.0.7",
+      "resolved": "https://registry.npmjs.org/state-local/-/state-local-1.0.7.tgz",
+      "integrity": "sha512-HTEHMNieakEnoe33shBYcZ7NX83ACUjCu8c40iOGEZsngj9zRnkqS9j1pqQPXwobB0ZcVTk27REb7COQ0UR59w==",
+      "license": "MIT"
+    },
+    "node_modules/tinyexec": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/tinyexec/-/tinyexec-1.0.2.tgz",
+      "integrity": "sha512-W/KYk+NFhkmsYpuHq5JykngiOCnxeVL8v8dFnqxSD8qEEdRfXk1SDM6JzNqcERbcGYj9tMrDQBYV9cjgnunFIg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/tinyglobby": {
+      "version": "0.2.15",
+      "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.15.tgz",
+      "integrity": "sha512-j2Zq4NyQYG5XMST4cbs02Ak8iJUdxRM0XI5QyxXuZOzKOINmWurp3smXu3y5wDcJrptwpSjgXHzIQxR0omXljQ==",
+      "license": "MIT",
+      "dependencies": {
+        "fdir": "^6.5.0",
+        "picomatch": "^4.0.3"
+      },
+      "engines": {
+        "node": ">=12.0.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/SuperchupuDev"
+      }
+    },
+    "node_modules/tippy.js": {
+      "version": "6.3.7",
+      "resolved": "https://registry.npmjs.org/tippy.js/-/tippy.js-6.3.7.tgz",
+      "integrity": "sha512-E1d3oP2emgJ9dRQZdf3Kkn0qJgI6ZLpyS5z6ZkY1DF3kaQaBsGZsndEpHwx+eC+tYM41HaSNvNtLx8tU57FzTQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@popperjs/core": "^2.9.0"
+      }
+    },
+    "node_modules/totalist": {
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/totalist/-/totalist-3.0.1.tgz",
+      "integrity": "sha512-sf4i37nQ2LBx4m3wB74y+ubopq6W/dIzXg0FDGjsYnZHVa1Da8FH853wlL2gtUhg+xJXjfk3kUZS3BRoQeoQBQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/typescript": {
+      "version": "5.9.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.3.tgz",
+      "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "bin": {
+        "tsc": "bin/tsc",
+        "tsserver": "bin/tsserver"
+      },
+      "engines": {
+        "node": ">=14.17"
+      }
+    },
+    "node_modules/uc.micro": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-2.1.0.tgz",
+      "integrity": "sha512-ARDJmphmdvUk6Glw7y9DQ2bFkKBHwQHLi2lsaH6PPmz/Ka9sFOBsBluozhDltWmnv9u/cF6Rt87znRTPV+yp/A==",
+      "license": "MIT"
+    },
+    "node_modules/ufo": {
+      "version": "1.6.1",
+      "resolved": "https://registry.npmjs.org/ufo/-/ufo-1.6.1.tgz",
+      "integrity": "sha512-9a4/uxlTWJ4+a5i0ooc1rU7C7YOw3wT+UGqdeNNHWnOF9qcMBgLRS+4IYUqbczewFx4mLEig6gawh7X6mFlEkA==",
+      "license": "MIT"
+    },
+    "node_modules/unconfig": {
+      "version": "7.4.2",
+      "resolved": "https://registry.npmjs.org/unconfig/-/unconfig-7.4.2.tgz",
+      "integrity": "sha512-nrMlWRQ1xdTjSnSUqvYqJzbTBFugoqHobQj58B2bc8qxHKBBHMNNsWQFP3Cd3/JZK907voM2geYPWqD4VK3MPQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@quansync/fs": "^1.0.0",
+        "defu": "^6.1.4",
+        "jiti": "^2.6.1",
+        "quansync": "^1.0.0",
+        "unconfig-core": "7.4.2"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/unconfig-core": {
+      "version": "7.4.2",
+      "resolved": "https://registry.npmjs.org/unconfig-core/-/unconfig-core-7.4.2.tgz",
+      "integrity": "sha512-VgPCvLWugINbXvMQDf8Jh0mlbvNjNC6eSUziHsBCMpxR05OPrNrvDnyatdMjRgcHaaNsCqz+wjNXxNw1kRLHUg==",
+      "license": "MIT",
+      "dependencies": {
+        "@quansync/fs": "^1.0.0",
+        "quansync": "^1.0.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/unocss": {
+      "version": "66.5.12",
+      "resolved": "https://registry.npmjs.org/unocss/-/unocss-66.5.12.tgz",
+      "integrity": "sha512-3WdSuM+SOjVpXDtffTuSvYTMuufpFzBehu2b4Tr7DcoIUxGouZn3mdxCLx3PiEuK0ih40Fo7Sjm+J4mccHfwLg==",
+      "license": "MIT",
+      "dependencies": {
+        "@unocss/astro": "66.5.12",
+        "@unocss/cli": "66.5.12",
+        "@unocss/core": "66.5.12",
+        "@unocss/postcss": "66.5.12",
+        "@unocss/preset-attributify": "66.5.12",
+        "@unocss/preset-icons": "66.5.12",
+        "@unocss/preset-mini": "66.5.12",
+        "@unocss/preset-tagify": "66.5.12",
+        "@unocss/preset-typography": "66.5.12",
+        "@unocss/preset-uno": "66.5.12",
+        "@unocss/preset-web-fonts": "66.5.12",
+        "@unocss/preset-wind": "66.5.12",
+        "@unocss/preset-wind3": "66.5.12",
+        "@unocss/preset-wind4": "66.5.12",
+        "@unocss/transformer-attributify-jsx": "66.5.12",
+        "@unocss/transformer-compile-class": "66.5.12",
+        "@unocss/transformer-directives": "66.5.12",
+        "@unocss/transformer-variant-group": "66.5.12",
+        "@unocss/vite": "66.5.12"
+      },
+      "engines": {
+        "node": ">=14"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      },
+      "peerDependencies": {
+        "@unocss/webpack": "66.5.12",
+        "vite": "^2.9.0 || ^3.0.0-0 || ^4.0.0 || ^5.0.0-0 || ^6.0.0-0 || ^7.0.0-0 || ^8.0.0-0"
+      },
+      "peerDependenciesMeta": {
+        "@unocss/webpack": {
+          "optional": true
+        },
+        "vite": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/unplugin-utils": {
+      "version": "0.3.1",
+      "resolved": "https://registry.npmjs.org/unplugin-utils/-/unplugin-utils-0.3.1.tgz",
+      "integrity": "sha512-5lWVjgi6vuHhJ526bI4nlCOmkCIF3nnfXkCMDeMJrtdvxTs6ZFCM8oNufGTsDbKv/tJ/xj8RpvXjRuPBZJuJog==",
+      "license": "MIT",
+      "dependencies": {
+        "pathe": "^2.0.3",
+        "picomatch": "^4.0.3"
+      },
+      "engines": {
+        "node": ">=20.19.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sxzz"
+      }
+    },
+    "node_modules/update-browserslist-db": {
+      "version": "1.2.3",
+      "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.2.3.tgz",
+      "integrity": "sha512-Js0m9cx+qOgDxo0eMiFGEueWztz+d4+M3rGlmKPT+T4IS/jP4ylw3Nwpu6cpTTP8R1MAC1kF4VbdLt3ARf209w==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/browserslist"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "escalade": "^3.2.0",
+        "picocolors": "^1.1.1"
+      },
+      "bin": {
+        "update-browserslist-db": "cli.js"
+      },
+      "peerDependencies": {
+        "browserslist": ">= 4.21.0"
+      }
+    },
+    "node_modules/use-sync-external-store": {
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/use-sync-external-store/-/use-sync-external-store-1.6.0.tgz",
+      "integrity": "sha512-Pp6GSwGP/NrPIrxVFAIkOQeyw8lFenOHijQWkUTrDvrF4ALqylP2C/KCkeS9dpUM3KvYRQhna5vt7IL95+ZQ9w==",
+      "license": "MIT",
+      "peerDependencies": {
+        "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0"
+      }
+    },
+    "node_modules/vite": {
+      "version": "7.3.0",
+      "resolved": "https://registry.npmjs.org/vite/-/vite-7.3.0.tgz",
+      "integrity": "sha512-dZwN5L1VlUBewiP6H9s2+B3e3Jg96D0vzN+Ry73sOefebhYr9f94wwkMNN/9ouoU8pV1BqA1d1zGk8928cx0rg==",
+      "license": "MIT",
+      "dependencies": {
+        "esbuild": "^0.27.0",
+        "fdir": "^6.5.0",
+        "picomatch": "^4.0.3",
+        "postcss": "^8.5.6",
+        "rollup": "^4.43.0",
+        "tinyglobby": "^0.2.15"
+      },
+      "bin": {
+        "vite": "bin/vite.js"
+      },
+      "engines": {
+        "node": "^20.19.0 || >=22.12.0"
+      },
+      "funding": {
+        "url": "https://github.com/vitejs/vite?sponsor=1"
+      },
+      "optionalDependencies": {
+        "fsevents": "~2.3.3"
+      },
+      "peerDependencies": {
+        "@types/node": "^20.19.0 || >=22.12.0",
+        "jiti": ">=1.21.0",
+        "less": "^4.0.0",
+        "lightningcss": "^1.21.0",
+        "sass": "^1.70.0",
+        "sass-embedded": "^1.70.0",
+        "stylus": ">=0.54.8",
+        "sugarss": "^5.0.0",
+        "terser": "^5.16.0",
+        "tsx": "^4.8.1",
+        "yaml": "^2.4.2"
+      },
+      "peerDependenciesMeta": {
+        "@types/node": {
+          "optional": true
+        },
+        "jiti": {
+          "optional": true
+        },
+        "less": {
+          "optional": true
+        },
+        "lightningcss": {
+          "optional": true
+        },
+        "sass": {
+          "optional": true
+        },
+        "sass-embedded": {
+          "optional": true
+        },
+        "stylus": {
+          "optional": true
+        },
+        "sugarss": {
+          "optional": true
+        },
+        "terser": {
+          "optional": true
+        },
+        "tsx": {
+          "optional": true
+        },
+        "yaml": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/vue-flow-layout": {
+      "version": "0.2.0",
+      "resolved": "https://registry.npmjs.org/vue-flow-layout/-/vue-flow-layout-0.2.0.tgz",
+      "integrity": "sha512-zKgsWWkXq0xrus7H4Mc+uFs1ESrmdTXlO0YNbR6wMdPaFvosL3fMB8N7uTV308UhGy9UvTrGhIY7mVz9eN+L0Q==",
+      "license": "MIT"
+    },
+    "node_modules/w3c-keyname": {
+      "version": "2.2.8",
+      "resolved": "https://registry.npmjs.org/w3c-keyname/-/w3c-keyname-2.2.8.tgz",
+      "integrity": "sha512-dpojBhNsCNN7T82Tm7k26A6G9ML3NkhDsnw9n/eoxSRlVBB4CEtIQ/KTCLI2Fwf3ataSXRhYFkQi3SlnFwPvPQ==",
+      "license": "MIT"
+    },
+    "node_modules/yallist": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",
+      "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==",
+      "dev": true,
+      "license": "ISC"
+    }
+  }
+}
diff --git a/studio/package.json b/studio/package.json
new file mode 100644
index 0000000..b6f8feb
--- /dev/null
+++ b/studio/package.json
@@ -0,0 +1,49 @@
+{
+  "name": "writekit-studio",
+  "private": true,
+  "version": "0.0.1",
+  "type": "module",
+  "scripts": {
+    "dev": "vite",
+    "build": "tsc --noEmit && vite build",
+    "preview": "vite preview",
+    "typecheck": "tsc --noEmit"
+  },
+  "dependencies": {
+    "@iconify-json/logos": "^1.2.10",
+    "@iconify-json/lucide": "^1.2.82",
+    "@monaco-editor/react": "^4.7.0",
+    "@nanostores/query": "^0.3.4",
+    "@nanostores/react": "^1.0.0",
+    "@nanostores/router": "^1.0.0",
+    "@tiptap/extension-code-block-lowlight": "^3.15.1",
+    "@tiptap/extension-image": "^3.15.1",
+    "@tiptap/extension-link": "^3.15.1",
+    "@tiptap/extension-placeholder": "^3.15.1",
+    "@tiptap/extension-table": "^3.15.1",
+    "@tiptap/extension-task-item": "^3.15.1",
+    "@tiptap/extension-task-list": "^3.15.1",
+    "@tiptap/markdown": "^3.15.1",
+    "@tiptap/pm": "^3.15.1",
+    "@tiptap/react": "^3.15.1",
+    "@tiptap/starter-kit": "^3.15.1",
+    "@tiptap/suggestion": "^3.15.2",
+    "@unocss/reset": "^66.5.12",
+    "chart.js": "^4.5.1",
+    "lowlight": "^3.3.0",
+    "monaco-editor": "^0.55.1",
+    "nanostores": "^1.1.0",
+    "react": "^19.0.0",
+    "react-dom": "^19.0.0",
+    "tippy.js": "^6.3.7",
+    "unocss": "^66.5.12"
+  },
+  "devDependencies": {
+    "@iconify-json/simple-icons": "^1.2.65",
+    "@types/react": "^19.0.0",
+    "@types/react-dom": "^19.0.0",
+    "@vitejs/plugin-react": "^5.1.0",
+    "typescript": "^5.7.0",
+    "vite": "^7.3.0"
+  }
+}
diff --git a/studio/src/App.tsx b/studio/src/App.tsx
new file mode 100644
index 0000000..6909294
--- /dev/null
+++ b/studio/src/App.tsx
@@ -0,0 +1,92 @@
+import { lazy, Suspense } from 'react'
+import { useStore } from '@nanostores/react'
+import { $router } from './stores/router'
+import { Sidebar, Header } from './components/layout'
+import { Toasts } from './components/ui'
+import { Icons } from './components/shared/Icons'
+import {
+  PostsPageSkeleton,
+  AnalyticsPageSkeleton,
+  SettingsPageSkeleton,
+  GeneralPageSkeleton,
+  DesignPageSkeleton,
+  EngagementPageSkeleton,
+  APIPageSkeleton,
+  BillingPageSkeleton,
+  HomePageSkeleton,
+} from './components/shared'
+
+const HomePage = lazy(() => import('./pages/HomePage'))
+const PostsPage = lazy(() => import('./pages/PostsPage'))
+const PostEditorPage = lazy(() => import('./pages/PostEditorPage'))
+const AnalyticsPage = lazy(() => import('./pages/AnalyticsPage'))
+const GeneralPage = lazy(() => import('./pages/GeneralPage'))
+const DesignPage = lazy(() => import('./pages/DesignPage'))
+const DomainPage = lazy(() => import('./pages/DomainPage'))
+const EngagementPage = lazy(() => import('./pages/EngagementPage'))
+const MonetizationPage = lazy(() => import('./pages/MonetizationPage'))
+const PluginsPage = lazy(() => import('./pages/PluginsPage'))
+const APIPage = lazy(() => import('./pages/APIPage'))
+const DataPage = lazy(() => import('./pages/DataPage'))
+const BillingPage = lazy(() => import('./pages/BillingPage'))
+
+const routes = {
+  home: { Component: HomePage, Skeleton: HomePageSkeleton },
+  postNew: { Component: PostEditorPage, Skeleton: SettingsPageSkeleton, fullWidth: true },
+  postEdit: { Component: PostEditorPage, Skeleton: SettingsPageSkeleton, fullWidth: true },
+  posts: { Component: PostsPage, Skeleton: PostsPageSkeleton },
+  analytics: { Component: AnalyticsPage, Skeleton: AnalyticsPageSkeleton },
+  general: { Component: GeneralPage, Skeleton: GeneralPageSkeleton },
+  design: { Component: DesignPage, Skeleton: DesignPageSkeleton },
+  domain: { Component: DomainPage, Skeleton: SettingsPageSkeleton },
+  engagement: { Component: EngagementPage, Skeleton: EngagementPageSkeleton },
+  monetization: { Component: MonetizationPage, Skeleton: SettingsPageSkeleton },
+  plugins: { Component: PluginsPage, Skeleton: SettingsPageSkeleton },
+  api: { Component: APIPage, Skeleton: APIPageSkeleton },
+  data: { Component: DataPage, Skeleton: SettingsPageSkeleton },
+  billing: { Component: BillingPage, Skeleton: BillingPageSkeleton },
+} as const
+
+function Router() {
+  const page = useStore($router)
+  const routeKey = page?.route ?? 'home'
+
+  const route = routes[routeKey as keyof typeof routes] || routes.home
+  const { Component: PageComponent, Skeleton } = route
+
+  return (
+    <Suspense fallback={<Skeleton />}>
+      <PageComponent />
+    </Suspense>
+  )
+}
+
+export default function App() {
+  const page = useStore($router)
+  const routeKey = page?.route ?? 'home'
+  const route = routes[routeKey as keyof typeof routes]
+  const isFullWidth = route && 'fullWidth' in route && route.fullWidth
+
+  return (
+    <div className="min-h-screen bg-bg text-text font-sans antialiased">
+      <Header className={isFullWidth ? 'hidden' : ''} />
+      <a
+        href="/"
+        target="_blank"
+        className={`fixed top-4 right-4 z-40 items-center gap-2 px-3 py-1.5 text-xs text-muted border border-border bg-surface hover:text-text hover:border-muted transition-colors ${isFullWidth ? 'hidden' : 'hidden lg:flex'}`}
+      >
+        <Icons.ExternalLink className="text-sm" />
+        <span>View Site</span>
+      </a>
+      <div className="flex">
+        <div className={`fixed left-0 top-0 h-screen ${isFullWidth ? 'hidden' : 'hidden lg:block'}`}>
+          <Sidebar />
+        </div>
+        <main className={isFullWidth ? 'flex-1' : 'flex-1 lg:ml-56 p-6 lg:p-10'}>
+          <Router />
+        </main>
+      </div>
+      <Toasts />
+    </div>
+  )
+}
diff --git a/studio/src/api.ts b/studio/src/api.ts
new file mode 100644
index 0000000..4dd28e2
--- /dev/null
+++ b/studio/src/api.ts
@@ -0,0 +1,77 @@
+import type { Post, Settings, InteractionConfig, Asset, APIKey, AnalyticsSummary } from './types'
+
+const BASE = '/api/studio'
+
+async function request<T>(path: string, options?: RequestInit): Promise<T> {
+  const res = await fetch(`${BASE}${path}`, {
+    ...options,
+    headers: {
+      'Content-Type': 'application/json',
+      ...options?.headers,
+    },
+  })
+  if (!res.ok) {
+    const error = await res.json().catch(() => ({ error: res.statusText }))
+    throw new Error(error.error || 'Request failed')
+  }
+  if (res.status === 204) return undefined as T
+  return res.json()
+}
+
+export const api = {
+  posts: {
+    list: () => request<Post[]>('/posts'),
+    get: (slug: string) => request<Post>(`/posts/${slug}`),
+    create: (data: Partial<Post>) => request<Post>('/posts', {
+      method: 'POST',
+      body: JSON.stringify(data),
+    }),
+    update: (slug: string, data: Partial<Post>) => request<Post>(`/posts/${slug}`, {
+      method: 'PUT',
+      body: JSON.stringify(data),
+    }),
+    delete: (slug: string) => request<void>(`/posts/${slug}`, { method: 'DELETE' }),
+  },
+
+  settings: {
+    get: () => request<Settings>('/settings'),
+    update: (data: Settings) => request<{ success: boolean }>('/settings', {
+      method: 'PUT',
+      body: JSON.stringify(data),
+    }),
+  },
+
+  interactions: {
+    get: () => request<InteractionConfig>('/interaction-config'),
+    update: (data: Partial<InteractionConfig>) => request<InteractionConfig>('/interaction-config', {
+      method: 'PUT',
+      body: JSON.stringify(data),
+    }),
+  },
+
+  assets: {
+    list: () => request<Asset[]>('/assets'),
+    upload: async (file: File): Promise<Asset> => {
+      const form = new FormData()
+      form.append('file', file)
+      const res = await fetch(`${BASE}/assets`, { method: 'POST', body: form })
+      if (!res.ok) throw new Error('Upload failed')
+      return res.json()
+    },
+    delete: (id: string) => request<void>(`/assets/${id}`, { method: 'DELETE' }),
+  },
+
+  apiKeys: {
+    list: () => request<APIKey[]>('/api-keys'),
+    create: (name: string) => request<APIKey>('/api-keys', {
+      method: 'POST',
+      body: JSON.stringify({ name }),
+    }),
+    delete: (key: string) => request<void>(`/api-keys/${key}`, { method: 'DELETE' }),
+  },
+
+  analytics: {
+    get: (days = 30) => request<AnalyticsSummary>(`/analytics?days=${days}`),
+    getPost: (slug: string, days = 30) => request<AnalyticsSummary>(`/analytics/posts/${slug}?days=${days}`),
+  },
+}
diff --git a/studio/src/components/editor/MetadataPanel.tsx b/studio/src/components/editor/MetadataPanel.tsx
new file mode 100644
index 0000000..65e4118
--- /dev/null
+++ b/studio/src/components/editor/MetadataPanel.tsx
@@ -0,0 +1,198 @@
+import { useState } from 'react'
+import { useStore } from '@nanostores/react'
+import { $editorPost, $versions, $isNewPost, restoreVersion } from '../../stores/editor'
+import { addToast } from '../../stores/app'
+import { Icons } from '../shared/Icons'
+import { Input, Textarea, Toggle } from '../ui'
+
+interface MetadataPanelProps {
+  onClose: () => void
+}
+
+export function MetadataPanel({ onClose }: MetadataPanelProps) {
+  const post = useStore($editorPost)
+  const versions = useStore($versions)
+  const isNew = useStore($isNewPost)
+  const [restoringId, setRestoringId] = useState<number | null>(null)
+
+  const handleTagsChange = (value: string) => {
+    const tags = value.split(',').map(t => t.trim()).filter(Boolean)
+    $editorPost.setKey('tags', tags)
+  }
+
+  const handleRestore = async (versionId: number) => {
+    if (!confirm('Restore this version? Your current draft will be replaced.')) return
+    setRestoringId(versionId)
+    const success = await restoreVersion(versionId)
+    setRestoringId(null)
+    if (success) {
+      addToast('Version restored', 'success')
+    } else {
+      addToast('Failed to restore version', 'error')
+    }
+  }
+
+  const formatDate = (dateStr: string) => {
+    const date = new Date(dateStr)
+    return date.toLocaleDateString('en-US', {
+      month: 'short',
+      day: 'numeric',
+      hour: 'numeric',
+      minute: '2-digit'
+    })
+  }
+
+  return (
+    <div className="w-80 flex-none border-l border-border bg-surface overflow-y-auto">
+      <div className="p-4 border-b border-border">
+        <div className="flex items-center justify-between">
+          <h3 className="font-medium">Post Settings</h3>
+          <button
+            onClick={onClose}
+            className="p-1 text-muted hover:text-text rounded"
+          >
+            <Icons.Close className="w-4 h-4" />
+          </button>
+        </div>
+      </div>
+
+      <div className="p-4 space-y-5">
+        {/* Slug */}
+        <div>
+          <label className="label">URL Slug</label>
+          <Input
+            value={post.slug}
+            onChange={v => $editorPost.setKey('slug', v.toLowerCase().replace(/[^a-z0-9-]/g, '-'))}
+            placeholder="my-post-title"
+          />
+          <p className="text-xs text-muted mt-1">/posts/{post.slug || 'my-post-title'}</p>
+        </div>
+
+        {/* Description */}
+        <div>
+          <label className="label">Description</label>
+          <Textarea
+            value={post.description}
+            onChange={v => $editorPost.setKey('description', v)}
+            placeholder="Brief summary for SEO and social shares..."
+            rows={3}
+          />
+        </div>
+
+        {/* Cover Image */}
+        <div>
+          <label className="label">Cover Image</label>
+          {post.cover_image ? (
+            <div className="space-y-2">
+              <div className="relative aspect-video bg-border/50 overflow-hidden rounded">
+                <img
+                  src={post.cover_image}
+                  alt="Cover"
+                  className="w-full h-full object-cover"
+                />
+                <button
+                  onClick={() => $editorPost.setKey('cover_image', '')}
+                  className="absolute top-2 right-2 p-1 bg-bg/80 hover:bg-bg rounded text-muted hover:text-text transition-colors"
+                  title="Remove cover"
+                >
+                  <Icons.Close className="w-4 h-4" />
+                </button>
+              </div>
+            </div>
+          ) : (
+            <Input
+              value={post.cover_image || ''}
+              onChange={v => $editorPost.setKey('cover_image', v)}
+              placeholder="https://example.com/image.jpg"
+            />
+          )}
+          <p className="text-xs text-muted mt-1">Used for social sharing and post headers</p>
+        </div>
+
+        {/* Date */}
+        <div>
+          <label className="label">Date</label>
+          <Input
+            type="date"
+            value={post.date}
+            onChange={v => $editorPost.setKey('date', v)}
+          />
+        </div>
+
+        {/* Tags */}
+        <div>
+          <label className="label">Tags</label>
+          <Input
+            value={post.tags.join(', ')}
+            onChange={handleTagsChange}
+            placeholder="react, typescript, tutorial"
+          />
+          <p className="text-xs text-muted mt-1">Comma-separated</p>
+        </div>
+
+        {/* Divider */}
+        <div className="border-t border-border pt-4">
+          <h4 className="text-xs font-medium text-muted uppercase tracking-wide mb-3">Publishing</h4>
+
+          {/* Draft Toggle */}
+          <div className="flex items-center justify-between py-2">
+            <div>
+              <div className="text-sm font-medium">Draft</div>
+              <div className="text-xs text-muted">Not visible to readers</div>
+            </div>
+            <Toggle
+              checked={post.draft}
+              onChange={v => $editorPost.setKey('draft', v)}
+            />
+          </div>
+
+          {/* Members Only Toggle */}
+          <div className="flex items-center justify-between py-2">
+            <div>
+              <div className="text-sm font-medium">Members only</div>
+              <div className="text-xs text-muted">Requires login to view</div>
+            </div>
+            <Toggle
+              checked={post.members_only}
+              onChange={v => $editorPost.setKey('members_only', v)}
+            />
+          </div>
+        </div>
+
+        {/* Version History */}
+        {!isNew && versions.length > 0 && (
+          <div className="border-t border-border pt-4">
+            <h4 className="text-xs font-medium text-muted uppercase tracking-wide mb-3">
+              <Icons.History className="w-3.5 h-3.5 inline-block mr-1.5 -mt-0.5" />
+              Version History
+            </h4>
+            <div className="space-y-2">
+              {versions.map((version) => (
+                <div
+                  key={version.id}
+                  className="flex items-center justify-between py-2 px-2 -mx-2 rounded hover:bg-bg"
+                >
+                  <div className="min-w-0">
+                    <div className="text-sm truncate">{version.title}</div>
+                    <div className="text-xs text-muted">{formatDate(version.created_at)}</div>
+                  </div>
+                  <button
+                    className="px-2 py-1 text-xs text-muted hover:text-text hover:bg-bg/50 rounded transition-colors disabled:opacity-50"
+                    onClick={() => handleRestore(version.id)}
+                    disabled={restoringId !== null}
+                  >
+                    {restoringId === version.id ? (
+                      <Icons.Loader className="w-3 h-3 animate-spin" />
+                    ) : (
+                      'Restore'
+                    )}
+                  </button>
+                </div>
+              ))}
+            </div>
+          </div>
+        )}
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/components/editor/PluginEditor.tsx b/studio/src/components/editor/PluginEditor.tsx
new file mode 100644
index 0000000..81c9b0c
--- /dev/null
+++ b/studio/src/components/editor/PluginEditor.tsx
@@ -0,0 +1,722 @@
+import { useEffect, useRef, useCallback, useState } from 'react'
+import Editor, { type Monaco } from '@monaco-editor/react'
+import type { editor, languages, IDisposable, Position } from 'monaco-editor'
+
+interface PluginEditorProps {
+  language: 'typescript' | 'go'
+  value: string
+  onChange: (value: string) => void
+  height?: string
+  secretKeys?: string[]
+  hook?: string
+}
+
+interface SDKFunction {
+  name: string
+  signature: string
+  insertText: string
+  documentation: string
+}
+
+interface SDKNamespace {
+  functions?: SDKFunction[]
+}
+
+interface SDKField {
+  name: string
+  type: string
+  doc?: string
+}
+
+interface SDKEventType {
+  fields: SDKField[]
+}
+
+interface SDKSchema {
+  Runner: SDKNamespace
+  events?: Record<string, SDKEventType>
+  nestedTypes?: Record<string, SDKField[]>
+}
+
+const LANGUAGE_MAP: Record<string, string> = {
+  typescript: 'typescript',
+  go: 'go',
+}
+
+// TypeScript SDK type definitions - well-formatted for hover display
+const getTypeScriptSDK = (secretKeys: string[]) => {
+  const secretsType = secretKeys.length > 0
+    ? `{\n${secretKeys.map(k => `    /** Secret: ${k} */\n    ${k}: string;`).join('\n')}\n  }`
+    : 'Record<string, string>'
+
+  return `
+/**
+ * Runner provides all plugin capabilities
+ */
+declare namespace Runner {
+  /** Log a message (visible in plugin logs) */
+  function log(message: string): void;
+
+  /** Make an HTTP request to external services */
+  function httpRequest(options: HttpRequestOptions): HttpResponse;
+
+  /** Access your configured secrets */
+  const secrets: ${secretsType};
+}
+
+/** Options for making HTTP requests */
+interface HttpRequestOptions {
+  /** The URL to request */
+  url: string;
+  /** HTTP method (default: GET) */
+  method?: "GET" | "POST" | "PUT" | "DELETE" | "PATCH";
+  /** HTTP headers to send */
+  headers?: Record<string, string>;
+  /** Request body (for POST/PUT/PATCH) */
+  body?: string;
+}
+
+/** Response from an HTTP request */
+interface HttpResponse {
+  /** HTTP status code */
+  status: number;
+  /** Response headers */
+  headers: Record<string, string>;
+  /** Response body as string */
+  body: string;
+}
+
+/** Result for validation hooks (comment.validate, etc.) */
+interface ValidationResult {
+  /** Whether the action is allowed */
+  allowed: boolean;
+  /** Reason for rejection (shown to user if allowed=false) */
+  reason?: string;
+}
+
+/** Blog post information */
+interface Post {
+  /** URL-safe identifier */
+  slug: string;
+  /** Post title */
+  title: string;
+  /** Full URL to the post */
+  url: string;
+  /** Short excerpt of the content */
+  excerpt: string;
+  /** ISO date when published */
+  publishedAt: string;
+  /** ISO date when last updated */
+  updatedAt?: string;
+  /** Post tags */
+  tags: string[];
+  /** Estimated reading time in minutes */
+  readingTime: number;
+}
+
+/** Author information */
+interface Author {
+  /** Author's display name */
+  name: string;
+  /** Author's email */
+  email: string;
+  /** URL to author's avatar image */
+  avatar?: string;
+}
+
+/** Blog information */
+interface Blog {
+  /** Blog name */
+  name: string;
+  /** Blog URL */
+  url: string;
+}
+
+/**
+ * Event fired when a post is published
+ * @example
+ * export function onPostPublished(event: PostPublishedEvent): void {
+ *   Runner.log(\`Published: \${event.post.title}\`);
+ * }
+ */
+interface PostPublishedEvent {
+  /** The published post */
+  post: Post;
+  /** The post author */
+  author: Author;
+  /** The blog where it was published */
+  blog: Blog;
+}
+
+/**
+ * Event fired when a post is updated
+ */
+interface PostUpdatedEvent {
+  /** The updated post */
+  post: Post;
+  /** The author who made the update */
+  author: Author;
+  /** What changed in this update */
+  changes: {
+    /** Title change (old and new values) */
+    title?: { old: string; new: string };
+    /** Whether content was modified */
+    content?: boolean;
+    /** Tags that were added or removed */
+    tags?: { added: string[]; removed: string[] };
+  };
+}
+
+/** Comment information */
+interface Comment {
+  /** Unique comment ID */
+  id: string;
+  /** Comment content (may contain markdown) */
+  content: string;
+  /** Commenter's display name */
+  authorName: string;
+  /** Commenter's email */
+  authorEmail: string;
+  /** Slug of the post being commented on */
+  postSlug: string;
+  /** Parent comment ID for replies */
+  parentId?: string;
+  /** ISO date when created */
+  createdAt: string;
+}
+
+/**
+ * Event fired when a comment is created
+ */
+interface CommentCreatedEvent {
+  /** The new comment */
+  comment: Comment;
+  /** The post being commented on */
+  post: {
+    slug: string;
+    title: string;
+    url: string;
+  };
+}
+
+/** Member/subscriber information */
+interface Member {
+  /** Member's email */
+  email: string;
+  /** Member's name (if provided) */
+  name?: string;
+  /** ISO date when subscribed */
+  subscribedAt: string;
+}
+
+/** Subscription tier information */
+interface Tier {
+  /** Tier name (e.g., "Free", "Premium") */
+  name: string;
+  /** Monthly price in cents (0 for free tier) */
+  price: number;
+}
+
+/**
+ * Event fired when a member subscribes
+ */
+interface MemberSubscribedEvent {
+  /** The new member */
+  member: Member;
+  /** The subscription tier they signed up for */
+  tier: Tier;
+}
+
+/**
+ * Event fired when an asset (image, file) is uploaded
+ */
+interface AssetUploadedEvent {
+  /** Unique asset ID */
+  id: string;
+  /** Public URL to access the asset */
+  url: string;
+  /** MIME type (e.g., "image/png") */
+  contentType: string;
+  /** File size in bytes */
+  size: number;
+  /** Image width in pixels (for images only) */
+  width?: number;
+  /** Image height in pixels (for images only) */
+  height?: number;
+}
+
+/**
+ * Event fired when analytics data is synced
+ */
+interface AnalyticsSyncEvent {
+  /** Time period for this analytics data */
+  period: {
+    /** ISO date for period start */
+    start: string;
+    /** ISO date for period end */
+    end: string;
+  };
+  /** Total pageviews in this period */
+  pageviews: number;
+  /** Unique visitors in this period */
+  visitors: number;
+  /** Top pages by view count */
+  topPages: Array<{
+    /** Page path (e.g., "/posts/my-post") */
+    path: string;
+    /** Number of views */
+    views: number;
+  }>;
+}
+
+/**
+ * Input for comment validation hook
+ * Return ValidationResult to allow or reject the comment
+ */
+interface CommentInput {
+  /** Comment content to validate */
+  content: string;
+  /** Commenter's name */
+  authorName: string;
+  /** Commenter's email */
+  authorEmail: string;
+  /** Post slug being commented on */
+  postSlug: string;
+  /** Parent comment ID (for replies) */
+  parentId?: string;
+}
+
+/**
+ * Input for content rendering hook
+ */
+interface ContentRenderInput {
+  /** HTML content to transform */
+  html: string;
+  /** Post metadata */
+  post: {
+    slug: string;
+    title: string;
+    tags: string[];
+  };
+}
+
+/**
+ * Output for content rendering hook
+ */
+interface ContentRenderOutput {
+  /** Transformed HTML content */
+  html: string;
+}
+`
+}
+
+const defineWriteKitTheme = (monaco: Monaco) => {
+  monaco.editor.defineTheme('writekit-dark', {
+    base: 'vs-dark',
+    inherit: false,
+    rules: [
+      // Base text - warm gray for readability
+      { token: '', foreground: 'c4c4c4' },
+
+      // Comments - muted, italic
+      { token: 'comment', foreground: '525252', fontStyle: 'italic' },
+      { token: 'comment.doc', foreground: '5c5c5c', fontStyle: 'italic' },
+
+      // Keywords - subtle off-white, not too bright
+      { token: 'keyword', foreground: 'd4d4d4' },
+      { token: 'keyword.control', foreground: 'd4d4d4' },
+      { token: 'keyword.operator', foreground: '9ca3af' },
+
+      // Strings - emerald accent (WriteKit brand)
+      { token: 'string', foreground: '34d399' },
+      { token: 'string.key', foreground: 'a3a3a3' },
+      { token: 'string.escape', foreground: '6ee7b7' },
+
+      // Numbers - muted amber for contrast
+      { token: 'number', foreground: 'fbbf24' },
+      { token: 'number.hex', foreground: 'f59e0b' },
+
+      // Types/Interfaces - cyan accent
+      { token: 'type', foreground: '22d3ee' },
+      { token: 'type.identifier', foreground: '22d3ee' },
+      { token: 'class', foreground: '22d3ee' },
+      { token: 'interface', foreground: '67e8f9' },
+      { token: 'namespace', foreground: '22d3ee' },
+
+      // Functions - clean white for emphasis
+      { token: 'function', foreground: 'f5f5f5' },
+      { token: 'function.declaration', foreground: 'ffffff' },
+      { token: 'method', foreground: 'f5f5f5' },
+
+      // Variables and parameters
+      { token: 'variable', foreground: 'c4c4c4' },
+      { token: 'variable.predefined', foreground: '67e8f9' },
+      { token: 'parameter', foreground: 'e5e5e5' },
+      { token: 'property', foreground: 'a3a3a3' },
+
+      // Constants - emerald like strings
+      { token: 'constant', foreground: '34d399' },
+      { token: 'constant.language', foreground: 'fb923c' },
+
+      // Operators and delimiters - subdued
+      { token: 'operator', foreground: '737373' },
+      { token: 'delimiter', foreground: '525252' },
+      { token: 'delimiter.bracket', foreground: '737373' },
+
+      // HTML/JSX
+      { token: 'tag', foreground: '22d3ee' },
+      { token: 'attribute.name', foreground: 'a3a3a3' },
+      { token: 'attribute.value', foreground: '34d399' },
+
+      // Regex
+      { token: 'regexp', foreground: 'f472b6' },
+    ],
+    colors: {
+      // Editor chrome - slightly lighter than pure dark
+      'editor.background': '#1c1c1e',
+      'editor.foreground': '#c4c4c4',
+
+      // Line highlighting - subtle
+      'editor.lineHighlightBackground': '#232326',
+      'editor.lineHighlightBorder': '#00000000',
+
+      // Selection - emerald tint
+      'editor.selectionBackground': '#10b98135',
+      'editor.inactiveSelectionBackground': '#10b98118',
+      'editor.selectionHighlightBackground': '#10b98115',
+
+      // Cursor - emerald brand color
+      'editorCursor.foreground': '#10b981',
+
+      // Line numbers - muted
+      'editorLineNumber.foreground': '#3f3f46',
+      'editorLineNumber.activeForeground': '#71717a',
+
+      // Indent guides
+      'editorIndentGuide.background1': '#27272a',
+      'editorIndentGuide.activeBackground1': '#3f3f46',
+
+      // Bracket matching
+      'editorBracketMatch.background': '#10b98125',
+      'editorBracketMatch.border': '#10b98170',
+
+      // Whitespace
+      'editorWhitespace.foreground': '#2e2e33',
+
+      // Scrollbar - subtle
+      'scrollbarSlider.background': '#3f3f4660',
+      'scrollbarSlider.hoverBackground': '#52525b80',
+      'scrollbarSlider.activeBackground': '#71717a80',
+
+      // Widgets (autocomplete, hover)
+      'editorWidget.background': '#1e1e21',
+      'editorWidget.border': '#3f3f46',
+      'editorSuggestWidget.background': '#1e1e21',
+      'editorSuggestWidget.border': '#3f3f46',
+      'editorSuggestWidget.selectedBackground': '#2a2a2e',
+      'editorSuggestWidget.highlightForeground': '#34d399',
+      'editorHoverWidget.background': '#1e1e21',
+      'editorHoverWidget.border': '#3f3f46',
+
+      // Input fields
+      'input.background': '#1e1e21',
+      'input.border': '#3f3f46',
+      'input.foreground': '#c4c4c4',
+
+      // Focus
+      'focusBorder': '#10b981',
+    },
+  })
+}
+
+export function PluginEditor({ language, value, onChange, height = '500px', secretKeys = [], hook = 'post.published' }: PluginEditorProps) {
+  const editorRef = useRef<editor.IStandaloneCodeEditor | null>(null)
+  const monacoRef = useRef<Monaco | null>(null)
+  const disposablesRef = useRef<IDisposable[]>([])
+  const [sdkSchema, setSdkSchema] = useState<SDKSchema | null>(null)
+
+  // Fetch SDK schema when language changes
+  useEffect(() => {
+    fetch(`/api/studio/sdk?language=${language}`)
+      .then(r => r.json())
+      .then(setSdkSchema)
+      .catch(() => {})
+  }, [language])
+
+  // Helper to get fields for a type from nested types or event fields
+  const getFieldsForType = useCallback((typeName: string): SDKField[] => {
+    if (!sdkSchema) return []
+    // Check nested types first
+    if (sdkSchema.nestedTypes?.[typeName]) {
+      return sdkSchema.nestedTypes[typeName]
+    }
+    return []
+  }, [sdkSchema])
+
+  // Track TypeScript lib disposable separately
+  const tsLibDisposableRef = useRef<IDisposable | null>(null)
+
+  // Update TypeScript SDK when secrets change
+  useEffect(() => {
+    const monaco = monacoRef.current
+    if (!monaco || language !== 'typescript') return
+
+    // Dispose previous SDK lib if it exists
+    if (tsLibDisposableRef.current) {
+      tsLibDisposableRef.current.dispose()
+    }
+
+    // Add updated SDK with new secrets
+    const sdk = getTypeScriptSDK(secretKeys)
+    tsLibDisposableRef.current = monaco.languages.typescript.typescriptDefaults.addExtraLib(
+      sdk,
+      'file:///node_modules/@writekit/sdk/index.d.ts'
+    )
+
+    return () => {
+      if (tsLibDisposableRef.current) {
+        tsLibDisposableRef.current.dispose()
+      }
+    }
+  }, [language, secretKeys])
+
+  // Register completion providers when SDK schema or language changes
+  useEffect(() => {
+    const monaco = monacoRef.current
+    if (!monaco || !sdkSchema) return
+
+    // Dispose previous providers
+    disposablesRef.current.forEach(d => d.dispose())
+    disposablesRef.current = []
+
+    // Register Go completion providers
+    if (language === 'go') {
+      const langId = LANGUAGE_MAP[language]
+
+      // Completion provider for Runner. and event.
+      const completionProvider = monaco.languages.registerCompletionItemProvider(langId, {
+        triggerCharacters: ['.'],
+        provideCompletionItems: (model: editor.ITextModel, position: Position) => {
+          const textBefore = model.getValueInRange({
+            startLineNumber: position.lineNumber,
+            startColumn: 1,
+            endLineNumber: position.lineNumber,
+            endColumn: position.column
+          })
+
+          const suggestions: languages.CompletionItem[] = []
+          const range = {
+            startLineNumber: position.lineNumber,
+            startColumn: position.column,
+            endLineNumber: position.lineNumber,
+            endColumn: position.column
+          }
+
+          // Runner. completions
+          if (textBefore.endsWith('Runner.')) {
+            // Add functions
+            sdkSchema.Runner.functions?.forEach(fn => {
+              suggestions.push({
+                label: fn.name,
+                kind: monaco.languages.CompletionItemKind.Method,
+                insertText: fn.insertText,
+                insertTextRules: monaco.languages.CompletionItemInsertTextRule.InsertAsSnippet,
+                documentation: { value: `**${fn.signature}**\n\n${fn.documentation}` },
+                detail: fn.signature,
+                range
+              })
+            })
+            // Add secrets namespace
+            suggestions.push({
+              label: 'Secrets',
+              kind: monaco.languages.CompletionItemKind.Module,
+              insertText: 'Secrets',
+              documentation: { value: 'Access your configured secrets' },
+              detail: 'namespace',
+              range
+            })
+          }
+
+          // Runner.Secrets. completions (dynamic based on user's secrets)
+          if (textBefore.endsWith('Runner.Secrets.')) {
+            secretKeys.forEach(key => {
+              // Convert to PascalCase for Go/C#
+              const secretName = key.split('_').map(s => s.charAt(0).toUpperCase() + s.slice(1).toLowerCase()).join('')
+              suggestions.push({
+                label: secretName,
+                kind: monaco.languages.CompletionItemKind.Constant,
+                insertText: secretName,
+                documentation: { value: `Secret: \`${key}\`` },
+                detail: 'string',
+                range
+              })
+            })
+          }
+
+          // event. completions (based on current hook)
+          if (textBefore.endsWith('event.')) {
+            const eventType = sdkSchema.events?.[hook]
+            if (eventType) {
+              eventType.fields.forEach(field => {
+                suggestions.push({
+                  label: field.name,
+                  kind: monaco.languages.CompletionItemKind.Field,
+                  insertText: field.name,
+                  documentation: { value: field.doc || `${field.type}` },
+                  detail: field.type,
+                  range
+                })
+              })
+            }
+          }
+
+          // Nested type completions (e.g., event.Post.)
+          // Match patterns like: event.Post. or event.Author.
+          const nestedMatch = textBefore.match(/event\.(\w+)\.$/)
+          if (nestedMatch) {
+            const parentField = nestedMatch[1]
+            // Find the type of this field from the event
+            const eventType = sdkSchema.events?.[hook]
+            const field = eventType?.fields.find(f => f.name === parentField)
+            if (field) {
+              // Get nested type fields
+              const nestedFields = getFieldsForType(field.type)
+              nestedFields.forEach(nestedField => {
+                suggestions.push({
+                  label: nestedField.name,
+                  kind: monaco.languages.CompletionItemKind.Field,
+                  insertText: nestedField.name,
+                  documentation: { value: nestedField.doc || `${nestedField.type}` },
+                  detail: nestedField.type,
+                  range
+                })
+              })
+            }
+          }
+
+          return { suggestions }
+        }
+      })
+
+      disposablesRef.current.push(completionProvider)
+
+      // Hover provider
+      const hoverProvider = monaco.languages.registerHoverProvider(langId, {
+        provideHover: (model: editor.ITextModel, position: Position) => {
+          const word = model.getWordAtPosition(position)
+          if (!word) return null
+
+          // Check Runner functions
+          const runnerFn = sdkSchema.Runner.functions?.find(f => f.name === word.word)
+          if (runnerFn) {
+            return {
+              contents: [
+                { value: `**Runner.${runnerFn.name}**` },
+                { value: `\`\`\`\n${runnerFn.signature}\n\`\`\`` },
+                { value: runnerFn.documentation }
+              ]
+            }
+          }
+
+          return null
+        }
+      })
+
+      disposablesRef.current.push(hoverProvider)
+    }
+
+    return () => {
+      disposablesRef.current.forEach(d => d.dispose())
+      disposablesRef.current = []
+    }
+  }, [language, sdkSchema, secretKeys, hook, getFieldsForType])
+
+  // Configure Monaco before editor mounts
+  const handleBeforeMount = useCallback((monaco: Monaco) => {
+    // Define theme for all languages
+    defineWriteKitTheme(monaco)
+
+    // TypeScript-specific configuration
+    if (language === 'typescript') {
+      // Configure TypeScript compiler options
+      // Don't set 'lib' explicitly - let Monaco use defaults which include all ES libs
+      // This ensures JSON, Array, Object, Math, etc. are available
+      monaco.languages.typescript.typescriptDefaults.setCompilerOptions({
+        target: monaco.languages.typescript.ScriptTarget.ES2020,
+        module: monaco.languages.typescript.ModuleKind.ESNext,
+        strict: true,
+        noEmit: true,
+        esModuleInterop: true,
+        skipLibCheck: true,
+        allowNonTsExtensions: true,
+      })
+
+      // Enable full diagnostics for hover info and error checking
+      monaco.languages.typescript.typescriptDefaults.setDiagnosticsOptions({
+        noSemanticValidation: false,
+        noSyntaxValidation: false,
+      })
+
+      // Eager model sync ensures types are available immediately
+      monaco.languages.typescript.typescriptDefaults.setEagerModelSync(true)
+
+      // Add WriteKit SDK types
+      const sdk = getTypeScriptSDK(secretKeys)
+      monaco.languages.typescript.typescriptDefaults.addExtraLib(
+        sdk,
+        'file:///node_modules/@writekit/sdk/index.d.ts'
+      )
+    }
+  }, [language, secretKeys])
+
+  const handleMount = useCallback((editor: editor.IStandaloneCodeEditor, monaco: Monaco) => {
+    editorRef.current = editor
+    monacoRef.current = monaco
+    // Theme is already defined in beforeMount, just apply it
+    monaco.editor.setTheme('writekit-dark')
+  }, [])
+
+  const isFullHeight = height === '100%'
+
+  return (
+    <div className={`overflow-hidden ${isFullHeight ? 'h-full' : 'border border-border'}`}>
+      <Editor
+        height={height}
+        language={LANGUAGE_MAP[language]}
+        value={value}
+        onChange={v => onChange(v || '')}
+        beforeMount={handleBeforeMount}
+        onMount={handleMount}
+        theme="vs-dark"
+        options={{
+          minimap: { enabled: false },
+          fontSize: 14,
+          fontFamily: '"JetBrains Mono", "SF Mono", Consolas, monospace',
+          lineNumbers: 'on',
+          scrollBeyondLastLine: false,
+          automaticLayout: true,
+          tabSize: language === 'go' ? 4 : 2,
+          padding: { top: 16, bottom: 16 },
+          renderLineHighlight: 'line',
+          renderLineHighlightOnlyWhenFocus: true,
+          overviewRulerLanes: 0,
+          hideCursorInOverviewRuler: true,
+          cursorBlinking: 'blink',
+          cursorSmoothCaretAnimation: 'off',
+          smoothScrolling: true,
+          suggestOnTriggerCharacters: true,
+          scrollbar: {
+            vertical: 'auto',
+            horizontal: 'auto',
+            verticalScrollbarSize: 10,
+            horizontalScrollbarSize: 10,
+            useShadows: false,
+          },
+          bracketPairColorization: {
+            enabled: true,
+          },
+        }}
+      />
+    </div>
+  )
+}
diff --git a/studio/src/components/editor/PostEditor.tsx b/studio/src/components/editor/PostEditor.tsx
new file mode 100644
index 0000000..1931b1f
--- /dev/null
+++ b/studio/src/components/editor/PostEditor.tsx
@@ -0,0 +1,354 @@
+import { useEditor, EditorContent } from '@tiptap/react'
+import { BubbleMenu } from '@tiptap/react/menus'
+import StarterKit from '@tiptap/starter-kit'
+import Link from '@tiptap/extension-link'
+import Image from '@tiptap/extension-image'
+import Placeholder from '@tiptap/extension-placeholder'
+import { Table, TableRow, TableCell, TableHeader } from '@tiptap/extension-table'
+import TaskList from '@tiptap/extension-task-list'
+import TaskItem from '@tiptap/extension-task-item'
+import CodeBlockLowlight from '@tiptap/extension-code-block-lowlight'
+import { Markdown } from '@tiptap/markdown'
+import { common, createLowlight } from 'lowlight'
+import { useEffect, useRef, useState, useCallback } from 'react'
+import { useStore } from '@nanostores/react'
+import { $editorPost, broadcastPreview } from '../../stores/editor'
+import { $settings } from '../../stores/settings'
+import { Icons } from '../shared/Icons'
+import { SlashCommands } from './SlashCommands'
+
+const lowlight = createLowlight(common)
+
+interface PostEditorProps {
+  onChange?: (markdown: string) => void
+}
+
+async function uploadImage(file: File): Promise<string | null> {
+  const formData = new FormData()
+  formData.append('file', file)
+
+  try {
+    const response = await fetch('/studio/assets', {
+      method: 'POST',
+      body: formData,
+    })
+
+    if (!response.ok) return null
+
+    const data = await response.json()
+    return data.url
+  } catch {
+    return null
+  }
+}
+
+export function PostEditor({ onChange }: PostEditorProps) {
+  const post = useStore($editorPost)
+  const settings = useStore($settings)
+  const isInitialMount = useRef(true)
+  const skipNextUpdate = useRef(false)
+  const wrapperRef = useRef<HTMLDivElement>(null)
+  const [linkUrl, setLinkUrl] = useState('')
+  const [showLinkInput, setShowLinkInput] = useState(false)
+  const [isDragging, setIsDragging] = useState(false)
+
+  const editor = useEditor({
+    extensions: [
+      StarterKit.configure({
+        codeBlock: false,
+        link: false,
+      }),
+      Link.configure({
+        openOnClick: false,
+        autolink: true,
+      }),
+      Image.configure({
+        allowBase64: true,
+        inline: false,
+      }),
+      Placeholder.configure({
+        placeholder: 'Start writing...',
+      }),
+      Table.configure({
+        resizable: true,
+      }),
+      TableRow,
+      TableCell,
+      TableHeader,
+      TaskList,
+      TaskItem.configure({
+        nested: true,
+      }),
+      CodeBlockLowlight.configure({
+        lowlight,
+      }),
+      Markdown,
+      SlashCommands,
+    ],
+    content: post.content || '',
+    contentType: 'markdown',
+    editorProps: {
+      attributes: {
+        class: 'prose max-w-none focus:outline-none min-h-[50vh] p-6',
+        style: 'font-size: 1.0625rem; line-height: 1.7;',
+      },
+      handleDrop: (_view, event, _slice, moved) => {
+        if (moved || !event.dataTransfer?.files.length) return false
+
+        const file = event.dataTransfer.files[0]
+        if (!file.type.startsWith('image/')) return false
+
+        event.preventDefault()
+        handleImageUpload(file)
+        return true
+      },
+      handlePaste: (_view, event) => {
+        const items = event.clipboardData?.items
+        if (!items) return false
+
+        for (const item of items) {
+          if (item.type.startsWith('image/')) {
+            event.preventDefault()
+            const file = item.getAsFile()
+            if (file) handleImageUpload(file)
+            return true
+          }
+        }
+        return false
+      },
+    },
+    onUpdate: ({ editor }) => {
+      if (skipNextUpdate.current) {
+        skipNextUpdate.current = false
+        return
+      }
+      const markdown = editor.getMarkdown()
+      onChange?.(markdown)
+      broadcastPreview(markdown)
+    },
+  })
+
+  const handleImageUpload = useCallback(async (file: File) => {
+    if (!editor) return
+
+    const url = await uploadImage(file)
+    if (url) {
+      editor.chain().focus().setImage({ src: url }).run()
+    }
+  }, [editor])
+
+  const handleDragOver = useCallback((e: React.DragEvent) => {
+    e.preventDefault()
+    if (e.dataTransfer.types.includes('Files')) {
+      setIsDragging(true)
+    }
+  }, [])
+
+  const handleDragLeave = useCallback((e: React.DragEvent) => {
+    if (e.currentTarget === e.target || !wrapperRef.current?.contains(e.relatedTarget as Node)) {
+      setIsDragging(false)
+    }
+  }, [])
+
+  const handleDrop = useCallback((e: React.DragEvent) => {
+    e.preventDefault()
+    setIsDragging(false)
+  }, [])
+
+  const handleWrapperClick = useCallback((e: React.MouseEvent) => {
+    if (e.target === wrapperRef.current && editor) {
+      editor.chain().focus().run()
+    }
+  }, [editor])
+
+  const setLink = useCallback(() => {
+    if (!editor) return
+
+    if (linkUrl === '') {
+      editor.chain().focus().extendMarkRange('link').unsetLink().run()
+    } else {
+      const url = linkUrl.startsWith('http') ? linkUrl : `https://${linkUrl}`
+      editor.chain().focus().extendMarkRange('link').setLink({ href: url }).run()
+    }
+    setShowLinkInput(false)
+    setLinkUrl('')
+  }, [editor, linkUrl])
+
+  const openLinkInput = useCallback(() => {
+    if (!editor) return
+    const previousUrl = editor.getAttributes('link').href || ''
+    setLinkUrl(previousUrl)
+    setShowLinkInput(true)
+  }, [editor])
+
+  useEffect(() => {
+    if (!editor) return
+
+    if (isInitialMount.current) {
+      isInitialMount.current = false
+      return
+    }
+
+    const currentContent = editor.getMarkdown()
+    if (currentContent !== post.content) {
+      skipNextUpdate.current = true
+      editor.commands.setContent(post.content || '', { contentType: 'markdown' })
+    }
+  }, [editor, post.content])
+
+  useEffect(() => {
+    const codeTheme = settings.code_theme || 'github'
+    const id = 'code-theme-css'
+    let link = document.getElementById(id) as HTMLLinkElement | null
+
+    if (!link) {
+      link = document.createElement('link')
+      link.id = id
+      link.rel = 'stylesheet'
+      document.head.appendChild(link)
+    }
+
+    link.href = `/api/studio/code-theme.css?theme=${codeTheme}`
+  }, [settings.code_theme])
+
+  if (!editor) return null
+
+  return (
+    <div
+      ref={wrapperRef}
+      className={`editor-wrapper h-full overflow-auto cursor-text relative ${isDragging ? 'bg-accent/5' : ''}`}
+      onClick={handleWrapperClick}
+      onDragOver={handleDragOver}
+      onDragLeave={handleDragLeave}
+      onDrop={handleDrop}
+    >
+      {isDragging && (
+        <div className="absolute inset-0 flex items-center justify-center pointer-events-none z-10">
+          <div className="px-4 py-2 bg-accent text-white text-sm font-medium rounded">
+            Drop image to upload
+          </div>
+        </div>
+      )}
+
+      <BubbleMenu
+        editor={editor}
+        className="flex items-center gap-0.5 p-1 bg-surface border border-border shadow-lg rounded"
+      >
+        {showLinkInput ? (
+          <div className="flex items-center gap-1 px-1">
+            <input
+              type="text"
+              value={linkUrl}
+              onChange={(e) => setLinkUrl(e.target.value)}
+              onKeyDown={(e) => {
+                if (e.key === 'Enter') {
+                  e.preventDefault()
+                  setLink()
+                }
+                if (e.key === 'Escape') {
+                  setShowLinkInput(false)
+                  setLinkUrl('')
+                }
+              }}
+              placeholder="Enter URL..."
+              className="w-48 px-2 py-1 text-xs bg-bg border border-border rounded focus:outline-none focus:border-accent"
+              autoFocus
+            />
+            <button
+              onClick={setLink}
+              className="p-1.5 text-accent hover:bg-accent/10 rounded"
+            >
+              <Icons.Check className="w-3.5 h-3.5" />
+            </button>
+            <button
+              onClick={() => {
+                setShowLinkInput(false)
+                setLinkUrl('')
+              }}
+              className="p-1.5 text-muted hover:bg-bg rounded"
+            >
+              <Icons.Close className="w-3.5 h-3.5" />
+            </button>
+          </div>
+        ) : (
+          <>
+            <ToolbarButton
+              onClick={() => editor.chain().focus().toggleBold().run()}
+              isActive={editor.isActive('bold')}
+              title="Bold (Ctrl+B)"
+            >
+              <Icons.Bold className="w-3.5 h-3.5" />
+            </ToolbarButton>
+            <ToolbarButton
+              onClick={() => editor.chain().focus().toggleItalic().run()}
+              isActive={editor.isActive('italic')}
+              title="Italic (Ctrl+I)"
+            >
+              <Icons.Italic className="w-3.5 h-3.5" />
+            </ToolbarButton>
+            <ToolbarButton
+              onClick={() => editor.chain().focus().toggleStrike().run()}
+              isActive={editor.isActive('strike')}
+              title="Strikethrough"
+            >
+              <Icons.Strikethrough className="w-3.5 h-3.5" />
+            </ToolbarButton>
+            <ToolbarButton
+              onClick={() => editor.chain().focus().toggleCode().run()}
+              isActive={editor.isActive('code')}
+              title="Inline Code (Ctrl+E)"
+            >
+              <Icons.CodeInline className="w-3.5 h-3.5" />
+            </ToolbarButton>
+
+            <div className="w-px h-4 bg-border mx-1" />
+
+            <ToolbarButton
+              onClick={openLinkInput}
+              isActive={editor.isActive('link')}
+              title="Add Link (Ctrl+K)"
+            >
+              <Icons.Link className="w-3.5 h-3.5" />
+            </ToolbarButton>
+            {editor.isActive('link') && (
+              <ToolbarButton
+                onClick={() => editor.chain().focus().unsetLink().run()}
+                title="Remove Link"
+              >
+                <Icons.LinkOff className="w-3.5 h-3.5" />
+              </ToolbarButton>
+            )}
+          </>
+        )}
+      </BubbleMenu>
+
+      <EditorContent editor={editor} />
+    </div>
+  )
+}
+
+function ToolbarButton({
+  onClick,
+  isActive,
+  title,
+  children,
+}: {
+  onClick: () => void
+  isActive?: boolean
+  title: string
+  children: React.ReactNode
+}) {
+  return (
+    <button
+      onClick={onClick}
+      title={title}
+      className={`p-1.5 rounded transition-colors ${
+        isActive
+          ? 'bg-accent/10 text-accent'
+          : 'text-muted hover:text-text hover:bg-bg'
+      }`}
+    >
+      {children}
+    </button>
+  )
+}
diff --git a/studio/src/components/editor/SlashCommands.tsx b/studio/src/components/editor/SlashCommands.tsx
new file mode 100644
index 0000000..4344633
--- /dev/null
+++ b/studio/src/components/editor/SlashCommands.tsx
@@ -0,0 +1,270 @@
+import { Extension } from '@tiptap/core'
+import { ReactRenderer } from '@tiptap/react'
+import Suggestion, { type SuggestionOptions } from '@tiptap/suggestion'
+import tippy, { type Instance as TippyInstance } from 'tippy.js'
+import {
+  forwardRef,
+  useEffect,
+  useImperativeHandle,
+  useState,
+  useCallback,
+} from 'react'
+import { Icons } from '../shared/Icons'
+
+interface CommandItem {
+  title: string
+  description: string
+  icon: React.ReactNode
+  command: (props: { editor: any; range: any }) => void
+}
+
+const commands: CommandItem[] = [
+  {
+    title: 'Heading 1',
+    description: 'Large section heading',
+    icon: <Icons.Heading1 className="w-4 h-4" />,
+    command: ({ editor, range }) => {
+      editor.chain().focus().deleteRange(range).setNode('heading', { level: 1 }).run()
+    },
+  },
+  {
+    title: 'Heading 2',
+    description: 'Medium section heading',
+    icon: <Icons.Heading2 className="w-4 h-4" />,
+    command: ({ editor, range }) => {
+      editor.chain().focus().deleteRange(range).setNode('heading', { level: 2 }).run()
+    },
+  },
+  {
+    title: 'Heading 3',
+    description: 'Small section heading',
+    icon: <Icons.Heading3 className="w-4 h-4" />,
+    command: ({ editor, range }) => {
+      editor.chain().focus().deleteRange(range).setNode('heading', { level: 3 }).run()
+    },
+  },
+  {
+    title: 'Bullet List',
+    description: 'Create a bullet list',
+    icon: <Icons.List className="w-4 h-4" />,
+    command: ({ editor, range }) => {
+      editor.chain().focus().deleteRange(range).toggleBulletList().run()
+    },
+  },
+  {
+    title: 'Numbered List',
+    description: 'Create a numbered list',
+    icon: <Icons.ListOrdered className="w-4 h-4" />,
+    command: ({ editor, range }) => {
+      editor.chain().focus().deleteRange(range).toggleOrderedList().run()
+    },
+  },
+  {
+    title: 'Task List',
+    description: 'Create a task list with checkboxes',
+    icon: <Icons.Check className="w-4 h-4" />,
+    command: ({ editor, range }) => {
+      editor.chain().focus().deleteRange(range).toggleTaskList().run()
+    },
+  },
+  {
+    title: 'Code Block',
+    description: 'Insert a code block',
+    icon: <Icons.Code className="w-4 h-4" />,
+    command: ({ editor, range }) => {
+      editor.chain().focus().deleteRange(range).toggleCodeBlock().run()
+    },
+  },
+  {
+    title: 'Blockquote',
+    description: 'Insert a quote',
+    icon: <Icons.Quote className="w-4 h-4" />,
+    command: ({ editor, range }) => {
+      editor.chain().focus().deleteRange(range).toggleBlockquote().run()
+    },
+  },
+  {
+    title: 'Horizontal Rule',
+    description: 'Insert a divider',
+    icon: <span className="w-4 h-4 flex items-center justify-center">—</span>,
+    command: ({ editor, range }) => {
+      editor.chain().focus().deleteRange(range).setHorizontalRule().run()
+    },
+  },
+  {
+    title: 'Image',
+    description: 'Insert an image from URL',
+    icon: <Icons.Image className="w-4 h-4" />,
+    command: ({ editor, range }) => {
+      const url = window.prompt('Enter image URL:')
+      if (url) {
+        editor.chain().focus().deleteRange(range).setImage({ src: url }).run()
+      }
+    },
+  },
+]
+
+interface CommandListProps {
+  items: CommandItem[]
+  command: (item: CommandItem) => void
+}
+
+interface CommandListRef {
+  onKeyDown: (props: { event: KeyboardEvent }) => boolean
+}
+
+const CommandList = forwardRef<CommandListRef, CommandListProps>(
+  ({ items, command }, ref) => {
+    const [selectedIndex, setSelectedIndex] = useState(0)
+
+    const selectItem = useCallback(
+      (index: number) => {
+        const item = items[index]
+        if (item) {
+          command(item)
+        }
+      },
+      [items, command]
+    )
+
+    useEffect(() => {
+      setSelectedIndex(0)
+    }, [items])
+
+    useImperativeHandle(ref, () => ({
+      onKeyDown: ({ event }) => {
+        if (event.key === 'ArrowUp') {
+          setSelectedIndex((prev) => (prev + items.length - 1) % items.length)
+          return true
+        }
+
+        if (event.key === 'ArrowDown') {
+          setSelectedIndex((prev) => (prev + 1) % items.length)
+          return true
+        }
+
+        if (event.key === 'Enter') {
+          selectItem(selectedIndex)
+          return true
+        }
+
+        return false
+      },
+    }))
+
+    if (items.length === 0) {
+      return (
+        <div className="bg-surface border border-border shadow-lg rounded p-2 text-sm text-muted">
+          No results
+        </div>
+      )
+    }
+
+    return (
+      <div className="bg-surface border border-border shadow-lg rounded py-1 min-w-[200px] max-h-[300px] overflow-y-auto">
+        {items.map((item, index) => (
+          <button
+            key={item.title}
+            onClick={() => selectItem(index)}
+            className={`w-full flex items-center gap-3 px-3 py-2 text-left text-sm transition-colors ${
+              index === selectedIndex
+                ? 'bg-accent/10 text-text'
+                : 'text-muted hover:bg-bg hover:text-text'
+            }`}
+          >
+            <span className="flex-shrink-0 text-muted">{item.icon}</span>
+            <div className="flex-1 min-w-0">
+              <div className="font-medium text-text">{item.title}</div>
+              <div className="text-xs text-muted truncate">{item.description}</div>
+            </div>
+          </button>
+        ))}
+      </div>
+    )
+  }
+)
+
+CommandList.displayName = 'CommandList'
+
+const suggestion: Omit<SuggestionOptions<CommandItem>, 'editor'> = {
+  items: ({ query }) => {
+    return commands.filter((item) =>
+      item.title.toLowerCase().includes(query.toLowerCase())
+    )
+  },
+
+  render: () => {
+    let component: ReactRenderer<CommandListRef> | null = null
+    let popup: TippyInstance[] | null = null
+
+    return {
+      onStart: (props) => {
+        component = new ReactRenderer(CommandList, {
+          props,
+          editor: props.editor,
+        })
+
+        if (!props.clientRect) return
+
+        popup = tippy('body', {
+          getReferenceClientRect: props.clientRect as () => DOMRect,
+          appendTo: () => document.body,
+          content: component.element,
+          showOnCreate: true,
+          interactive: true,
+          trigger: 'manual',
+          placement: 'bottom-start',
+        })
+      },
+
+      onUpdate: (props) => {
+        component?.updateProps(props)
+
+        if (!props.clientRect) return
+
+        popup?.[0]?.setProps({
+          getReferenceClientRect: props.clientRect as () => DOMRect,
+        })
+      },
+
+      onKeyDown: (props) => {
+        if (props.event.key === 'Escape') {
+          popup?.[0]?.hide()
+          return true
+        }
+
+        return component?.ref?.onKeyDown(props) ?? false
+      },
+
+      onExit: () => {
+        popup?.[0]?.destroy()
+        component?.destroy()
+      },
+    }
+  },
+}
+
+export const SlashCommands = Extension.create({
+  name: 'slashCommands',
+
+  addOptions() {
+    return {
+      suggestion: {
+        char: '/',
+        command: ({ editor, range, props }: { editor: any; range: any; props: CommandItem }) => {
+          props.command({ editor, range })
+        },
+      },
+    }
+  },
+
+  addProseMirrorPlugins() {
+    return [
+      Suggestion({
+        editor: this.editor,
+        ...suggestion,
+        ...this.options.suggestion,
+      }),
+    ]
+  },
+})
diff --git a/studio/src/components/editor/SourceEditor.tsx b/studio/src/components/editor/SourceEditor.tsx
new file mode 100644
index 0000000..5a13b75
--- /dev/null
+++ b/studio/src/components/editor/SourceEditor.tsx
@@ -0,0 +1,105 @@
+import { useCallback, useRef } from 'react'
+import Editor, { type Monaco } from '@monaco-editor/react'
+import type { editor } from 'monaco-editor'
+import { useStore } from '@nanostores/react'
+import { $editorPost } from '../../stores/editor'
+
+interface SourceEditorProps {
+  onChange?: (markdown: string) => void
+}
+
+const defineWriteKitTheme = (monaco: Monaco) => {
+  monaco.editor.defineTheme('writekit-dark', {
+    base: 'vs-dark',
+    inherit: false,
+    rules: [
+      { token: '', foreground: 'c4c4c4' },
+      { token: 'comment', foreground: '525252', fontStyle: 'italic' },
+      { token: 'keyword', foreground: 'd4d4d4' },
+      { token: 'string', foreground: '34d399' },
+      { token: 'number', foreground: 'fbbf24' },
+      { token: 'type', foreground: '22d3ee' },
+      { token: 'function', foreground: 'f5f5f5' },
+      { token: 'variable', foreground: 'c4c4c4' },
+      { token: 'operator', foreground: '737373' },
+      { token: 'delimiter', foreground: '525252' },
+      { token: 'tag', foreground: '22d3ee' },
+      { token: 'attribute.name', foreground: 'a3a3a3' },
+      { token: 'attribute.value', foreground: '34d399' },
+      { token: 'string.link', foreground: '34d399', fontStyle: 'underline' },
+    ],
+    colors: {
+      'editor.background': '#1c1c1e',
+      'editor.foreground': '#c4c4c4',
+      'editor.lineHighlightBackground': '#232326',
+      'editor.lineHighlightBorder': '#00000000',
+      'editor.selectionBackground': '#10b98135',
+      'editor.inactiveSelectionBackground': '#10b98118',
+      'editorCursor.foreground': '#10b981',
+      'editorLineNumber.foreground': '#3f3f46',
+      'editorLineNumber.activeForeground': '#71717a',
+      'editorIndentGuide.background1': '#27272a',
+      'editorIndentGuide.activeBackground1': '#3f3f46',
+      'scrollbarSlider.background': '#3f3f4660',
+      'scrollbarSlider.hoverBackground': '#52525b80',
+      'editorWidget.background': '#1e1e21',
+      'editorWidget.border': '#3f3f46',
+    },
+  })
+}
+
+export function SourceEditor({ onChange }: SourceEditorProps) {
+  const post = useStore($editorPost)
+  const editorRef = useRef<editor.IStandaloneCodeEditor | null>(null)
+
+  const handleBeforeMount = useCallback((monaco: Monaco) => {
+    defineWriteKitTheme(monaco)
+  }, [])
+
+  const handleMount = useCallback((editor: editor.IStandaloneCodeEditor, monaco: Monaco) => {
+    editorRef.current = editor
+    monaco.editor.setTheme('writekit-dark')
+  }, [])
+
+  const handleChange = useCallback((value: string | undefined) => {
+    onChange?.(value || '')
+  }, [onChange])
+
+  return (
+    <div className="h-full overflow-hidden">
+      <Editor
+        height="100%"
+        language="markdown"
+        value={post.content}
+        onChange={handleChange}
+        beforeMount={handleBeforeMount}
+        onMount={handleMount}
+        theme="vs-dark"
+        options={{
+          minimap: { enabled: false },
+          fontSize: 14,
+          fontFamily: '"JetBrains Mono", "SF Mono", Consolas, monospace',
+          lineNumbers: 'on',
+          scrollBeyondLastLine: false,
+          automaticLayout: true,
+          tabSize: 2,
+          padding: { top: 16, bottom: 16 },
+          renderLineHighlight: 'line',
+          renderLineHighlightOnlyWhenFocus: true,
+          wordWrap: 'on',
+          lineHeight: 1.6,
+          overviewRulerLanes: 0,
+          hideCursorInOverviewRuler: true,
+          cursorBlinking: 'blink',
+          smoothScrolling: true,
+          scrollbar: {
+            vertical: 'auto',
+            horizontal: 'hidden',
+            verticalScrollbarSize: 10,
+            useShadows: false,
+          },
+        }}
+      />
+    </div>
+  )
+}
diff --git a/studio/src/components/editor/index.ts b/studio/src/components/editor/index.ts
new file mode 100644
index 0000000..d942b92
--- /dev/null
+++ b/studio/src/components/editor/index.ts
@@ -0,0 +1,4 @@
+export { PluginEditor } from './PluginEditor'
+export { PostEditor } from './PostEditor'
+export { SourceEditor } from './SourceEditor'
+export { MetadataPanel } from './MetadataPanel'
diff --git a/studio/src/components/layout/Header.tsx b/studio/src/components/layout/Header.tsx
new file mode 100644
index 0000000..adef630
--- /dev/null
+++ b/studio/src/components/layout/Header.tsx
@@ -0,0 +1,76 @@
+import { useState } from 'react'
+import { useStore } from '@nanostores/react'
+import { $router } from '../../stores/router'
+import { Icons, type IconComponent } from '../shared/Icons'
+
+interface NavItem {
+  route: string
+  label: string
+  Icon: IconComponent
+}
+
+const navItems: NavItem[] = [
+  { route: 'posts', label: 'Posts', Icon: Icons.Posts },
+  { route: 'analytics', label: 'Analytics', Icon: Icons.Analytics },
+  { route: 'general', label: 'General', Icon: Icons.Settings },
+  { route: 'design', label: 'Design', Icon: Icons.Design },
+  { route: 'domain', label: 'Domain', Icon: Icons.Domain },
+  { route: 'engagement', label: 'Engagement', Icon: Icons.Engagement },
+  { route: 'monetization', label: 'Monetization', Icon: Icons.Monetization },
+  { route: 'api', label: 'API Keys', Icon: Icons.ApiKeys },
+  { route: 'data', label: 'Data', Icon: Icons.Data },
+  { route: 'billing', label: 'Billing', Icon: Icons.Billing },
+]
+
+interface HeaderProps {
+  className?: string
+}
+
+export function Header({ className = '' }: HeaderProps) {
+  const [menuOpen, setMenuOpen] = useState(false)
+  const page = useStore($router)
+  const currentRoute = page?.route ?? 'posts'
+
+  return (
+    <header className={`lg:hidden bg-surface border-b border-border sticky top-0 z-50 ${className}`}>
+      <div className="h-14 flex items-center justify-between px-4">
+        <a href="/" className="block">
+          <div className="text-[15px] font-bold tracking-tight text-text">WriteKit</div>
+          <div className="text-[11px] font-medium text-muted tracking-wide">Studio</div>
+        </a>
+        <button
+          onClick={() => setMenuOpen(!menuOpen)}
+          className="w-9 h-9 flex items-center justify-center hover:bg-border transition-colors"
+        >
+          {menuOpen ? <Icons.Close className="text-lg" /> : <Icons.Menu className="text-lg" />}
+        </button>
+      </div>
+
+      {menuOpen && (
+        <nav className="p-2 border-t border-border bg-surface">
+          {navItems.map(item => (
+            <a
+              key={item.route}
+              href={`/studio/${item.route}`}
+              onClick={() => setMenuOpen(false)}
+              className={currentRoute === item.route ? 'nav-item-active' : 'nav-item'}
+            >
+              <item.Icon className={`text-sm ${currentRoute === item.route ? 'text-accent opacity-100' : 'opacity-50'}`} />
+              <span>{item.label}</span>
+            </a>
+          ))}
+          <div className="border-t border-border mt-2 pt-2">
+            <a
+              href="/"
+              target="_blank"
+              className="nav-item"
+            >
+              <Icons.ExternalLink className="text-sm opacity-50" />
+              <span>View Site</span>
+            </a>
+          </div>
+        </nav>
+      )}
+    </header>
+  )
+}
diff --git a/studio/src/components/layout/Sidebar.tsx b/studio/src/components/layout/Sidebar.tsx
new file mode 100644
index 0000000..0255fc9
--- /dev/null
+++ b/studio/src/components/layout/Sidebar.tsx
@@ -0,0 +1,102 @@
+import { useStore } from '@nanostores/react'
+import { $router } from '../../stores/router'
+import { Icons, type IconComponent } from '../shared/Icons'
+
+interface NavItem {
+  route: string
+  label: string
+  Icon: IconComponent
+}
+
+interface NavSection {
+  title: string
+  items: NavItem[]
+}
+
+const navigation: NavSection[] = [
+  {
+    title: '',
+    items: [
+      { route: 'home', label: 'Home', Icon: Icons.Home },
+    ],
+  },
+  {
+    title: 'Content',
+    items: [
+      { route: 'posts', label: 'Posts', Icon: Icons.Posts },
+      { route: 'analytics', label: 'Analytics', Icon: Icons.Analytics },
+    ],
+  },
+  {
+    title: 'Site',
+    items: [
+      { route: 'general', label: 'General', Icon: Icons.Settings },
+      { route: 'design', label: 'Design', Icon: Icons.Design },
+      { route: 'domain', label: 'Domain', Icon: Icons.Domain },
+    ],
+  },
+  {
+    title: 'Readers',
+    items: [
+      { route: 'engagement', label: 'Engagement', Icon: Icons.Engagement },
+      { route: 'monetization', label: 'Monetization', Icon: Icons.Monetization },
+    ],
+  },
+  {
+    title: 'Developer',
+    items: [
+      { route: 'plugins', label: 'Plugins', Icon: Icons.Code },
+      { route: 'api', label: 'API Keys', Icon: Icons.ApiKeys },
+      { route: 'data', label: 'Data', Icon: Icons.Data },
+    ],
+  },
+  {
+    title: 'Account',
+    items: [
+      { route: 'billing', label: 'Billing', Icon: Icons.Billing },
+    ],
+  },
+]
+
+export function Sidebar() {
+  const page = useStore($router)
+  const currentRoute = page?.route ?? 'posts'
+
+  return (
+    <aside className="w-56 h-screen bg-bg border-r border-border flex flex-col">
+      <div className="px-4 py-6">
+        <a href="/" className="block group">
+          <div className="text-[15px] font-bold tracking-tight text-text">
+            WriteKit
+          </div>
+          <div className="text-[11px] font-medium text-muted tracking-wide">
+            Studio
+          </div>
+        </a>
+      </div>
+
+      <nav className="flex-1 overflow-y-auto px-3">
+        {navigation.map((section, idx) => (
+          <div key={section.title || idx} className="mb-1">
+            {section.title && <div className="nav-section">{section.title}</div>}
+            <div className="space-y-0.5">
+              {section.items.map(item => {
+                const href = item.route === 'home' ? '/studio' : `/studio/${item.route}`
+                return (
+                  <a
+                    key={item.route}
+                    href={href}
+                    className={currentRoute === item.route ? 'nav-item-active' : 'nav-item'}
+                  >
+                    <item.Icon className={`text-sm ${currentRoute === item.route ? 'text-accent opacity-100' : 'opacity-50'}`} />
+                    <span>{item.label}</span>
+                  </a>
+                )
+              })}
+            </div>
+          </div>
+        ))}
+      </nav>
+    </aside>
+  )
+}
diff --git a/studio/src/components/layout/index.ts b/studio/src/components/layout/index.ts
new file mode 100644
index 0000000..fd6b0e5
--- /dev/null
+++ b/studio/src/components/layout/index.ts
@@ -0,0 +1,2 @@
+export { Sidebar } from './Sidebar'
+export { Header } from './Header'
diff --git a/studio/src/components/shared/Breadcrumb.tsx b/studio/src/components/shared/Breadcrumb.tsx
new file mode 100644
index 0000000..02e9dff
--- /dev/null
+++ b/studio/src/components/shared/Breadcrumb.tsx
@@ -0,0 +1,45 @@
+import { useStore } from '@nanostores/react'
+import { $router } from '../../stores/router'
+import { Icons } from './Icons'
+
+const routeLabels: Record<string, string> = {
+  home: 'Home',
+  posts: 'Posts',
+  postNew: 'New Post',
+  postEdit: 'Edit Post',
+  analytics: 'Analytics',
+  general: 'General',
+  design: 'Design',
+  domain: 'Domain',
+  engagement: 'Engagement',
+  monetization: 'Monetization',
+  plugins: 'Plugins',
+  api: 'API Keys',
+  data: 'Data',
+  billing: 'Billing',
+}
+
+interface BreadcrumbProps {
+  title?: string
+}
+
+export function Breadcrumb({ title }: BreadcrumbProps) {
+  const page = useStore($router)
+  const routeKey = page?.route ?? 'home'
+  const displayTitle = title || routeLabels[routeKey] || ''
+  const isHome = routeKey === 'home'
+
+  if (isHome) {
+    return <span className="font-medium text-text">{displayTitle}</span>
+  }
+
+  return (
+    <div className="flex items-center gap-1.5 text-sm">
+      <a href="/studio" className="text-muted hover:text-text transition-colors">
+        Studio
+      </a>
+      <Icons.ChevronRight className="text-muted opacity-50" />
+      <span className="font-medium text-text">{displayTitle}</span>
+    </div>
+  )
+}
diff --git a/studio/src/components/shared/BreakdownList.tsx b/studio/src/components/shared/BreakdownList.tsx
new file mode 100644
index 0000000..9c86179
--- /dev/null
+++ b/studio/src/components/shared/BreakdownList.tsx
@@ -0,0 +1,51 @@
+import type { IconComponent } from './Icons'
+
+interface BreakdownItem {
+  label: string
+  value: number
+  percentage: number
+  Icon?: IconComponent
+  flagUrl?: string
+}
+
+interface BreakdownListProps {
+  items: BreakdownItem[]
+  limit?: number
+}
+
+export function BreakdownList({ items, limit = 6 }: BreakdownListProps) {
+  const displayItems = items.slice(0, limit)
+
+  return (
+    <div className="space-y-3">
+      {displayItems.map(item => (
+        <div key={item.label} className="flex items-center gap-3">
+          {item.flagUrl ? (
+            <div className="w-5 h-5 flex-shrink-0 rounded-sm overflow-hidden bg-border">
+              <img
+                src={item.flagUrl}
+                alt={item.label}
+                className="w-full h-full object-cover"
+                loading="lazy"
+              />
+            </div>
+          ) : item.Icon ? (
+            <item.Icon className="text-sm flex-shrink-0 opacity-50" />
+          ) : null}
+          <div className="flex-1 min-w-0 space-y-1">
+            <div className="flex items-center justify-between text-sm">
+              <span className="text-text truncate">{item.label}</span>
+              <span className="text-muted ml-2 flex-shrink-0">{item.percentage.toFixed(0)}%</span>
+            </div>
+            <div className="h-1.5 bg-border overflow-hidden">
+              <div
+                className="h-full bg-accent"
+                style={{ width: `${Math.min(item.percentage, 100)}%` }}
+              />
+            </div>
+          </div>
+        </div>
+      ))}
+    </div>
+  )
+}
diff --git a/studio/src/components/shared/EmptyState.tsx b/studio/src/components/shared/EmptyState.tsx
new file mode 100644
index 0000000..7e997d9
--- /dev/null
+++ b/studio/src/components/shared/EmptyState.tsx
@@ -0,0 +1,24 @@
+import type { ReactNode } from 'react'
+import type { IconComponent } from './Icons'
+
+interface EmptyStateProps {
+  Icon: IconComponent
+  title: string
+  description?: string
+  action?: ReactNode
+}
+
+export function EmptyState({ Icon, title, description, action }: EmptyStateProps) {
+  return (
+    <div className="card text-center py-12">
+      <div className="w-16 h-16 mx-auto mb-4 bg-border flex items-center justify-center">
+        <Icon className="text-muted text-2xl" />
+      </div>
+      <h3 className="text-sm font-medium text-text mb-1">{title}</h3>
+      {description && (
+        <p className="text-xs text-muted mb-4">{description}</p>
+      )}
+      {action}
+    </div>
+  )
+}
diff --git a/studio/src/components/shared/Field.tsx b/studio/src/components/shared/Field.tsx
new file mode 100644
index 0000000..b201f03
--- /dev/null
+++ b/studio/src/components/shared/Field.tsx
@@ -0,0 +1,27 @@
+import { Input, Textarea } from '../ui'
+
+interface FieldProps {
+  label: string
+  value: string
+  onChange: (value: string) => void
+  placeholder?: string
+  multiline?: boolean
+  hint?: string
+}
+
+export function Field({ label, value, onChange, placeholder, multiline, hint }: FieldProps) {
+  const InputComponent = multiline ? Textarea : Input
+  return (
+    <div>
+      <label className="label">{label}</label>
+      <InputComponent
+        value={value}
+        onChange={onChange}
+        placeholder={placeholder}
+      />
+      {hint && (
+        <p className="text-xs text-muted mt-1">{hint}</p>
+      )}
+    </div>
+  )
+}
diff --git a/studio/src/components/shared/Icons.tsx b/studio/src/components/shared/Icons.tsx
new file mode 100644
index 0000000..e5569e2
--- /dev/null
+++ b/studio/src/components/shared/Icons.tsx
@@ -0,0 +1,316 @@
+import type { ComponentProps, ReactElement } from 'react'
+
+export type IconProps = ComponentProps<'span'>
+export type IconComponent = (props: IconProps) => ReactElement
+
+function createIcon(className: string): IconComponent {
+  return function Icon(props: IconProps) {
+    return <span {...props} className={`${className}${props.className ? ' ' + props.className : ''}`} />
+  }
+}
+
+export const Icons = {
+  // Navigation
+  Home: createIcon('i-lucide-home'),
+  Posts: createIcon('i-lucide-file-text'),
+  Analytics: createIcon('i-lucide-bar-chart-2'),
+  Settings: createIcon('i-lucide-settings'),
+  Design: createIcon('i-lucide-palette'),
+  Domain: createIcon('i-lucide-globe'),
+  Engagement: createIcon('i-lucide-message-circle'),
+  Monetization: createIcon('i-lucide-credit-card'),
+  ApiKeys: createIcon('i-lucide-key'),
+  Data: createIcon('i-lucide-database'),
+  Billing: createIcon('i-lucide-receipt'),
+  ExternalLink: createIcon('i-lucide-external-link'),
+
+  // Actions
+  Plus: createIcon('i-lucide-plus'),
+  Edit: createIcon('i-lucide-pencil'),
+  Trash: createIcon('i-lucide-trash-2'),
+  Copy: createIcon('i-lucide-copy'),
+  Download: createIcon('i-lucide-download'),
+  Upload: createIcon('i-lucide-upload'),
+  Refresh: createIcon('i-lucide-refresh-cw'),
+  Search: createIcon('i-lucide-search'),
+  Close: createIcon('i-lucide-x'),
+  Menu: createIcon('i-lucide-menu'),
+  Check: createIcon('i-lucide-check'),
+  CheckCircle: createIcon('i-lucide-check-circle'),
+  AlertCircle: createIcon('i-lucide-alert-circle'),
+  Info: createIcon('i-lucide-info'),
+  Eye: createIcon('i-lucide-eye'),
+  Loader: createIcon('i-lucide-loader-2'),
+  ArrowLeft: createIcon('i-lucide-arrow-left'),
+  Key: createIcon('i-lucide-key'),
+  Play: createIcon('i-lucide-play'),
+  Save: createIcon('i-lucide-save'),
+
+  // Content
+  PenTool: createIcon('i-lucide-pen-tool'),
+  Image: createIcon('i-lucide-image'),
+  Link: createIcon('i-lucide-link'),
+  Crown: createIcon('i-lucide-crown'),
+  Ghost: createIcon('i-lucide-ghost'),
+
+  // Languages
+  TypeScript: createIcon('i-logos-typescript-icon'),
+  Go: createIcon('i-logos-go'),
+  CSharp: createIcon('i-logos-c-sharp'),
+  JavaScript: createIcon('i-logos-javascript'),
+  Rust: createIcon('i-logos-rust'),
+  Python: createIcon('i-logos-python'),
+
+  // Text formatting
+  Bold: createIcon('i-lucide-bold'),
+  Italic: createIcon('i-lucide-italic'),
+  Strikethrough: createIcon('i-lucide-strikethrough'),
+  CodeInline: createIcon('i-lucide-code'),
+  Heading1: createIcon('i-lucide-heading-1'),
+  Heading2: createIcon('i-lucide-heading-2'),
+  Heading3: createIcon('i-lucide-heading-3'),
+  List: createIcon('i-lucide-list'),
+  ListOrdered: createIcon('i-lucide-list-ordered'),
+  Quote: createIcon('i-lucide-quote'),
+  LinkOff: createIcon('i-lucide-link-2-off'),
+
+  // UI
+  ChevronDown: createIcon('i-lucide-chevron-down'),
+  ChevronUp: createIcon('i-lucide-chevron-up'),
+  ChevronRight: createIcon('i-lucide-chevron-right'),
+  Send: createIcon('i-lucide-send'),
+  Undo: createIcon('i-lucide-undo'),
+  History: createIcon('i-lucide-history'),
+  EyeOff: createIcon('i-lucide-eye-off'),
+  MoreHorizontal: createIcon('i-lucide-more-horizontal'),
+  TrendingUp: createIcon('i-lucide-trending-up'),
+  TrendingDown: createIcon('i-lucide-trending-down'),
+  AlertTriangle: createIcon('i-lucide-alert-triangle'),
+  Clock: createIcon('i-lucide-clock'),
+  ArrowRight: createIcon('i-lucide-arrow-right'),
+
+  // Code / Developer
+  Code: createIcon('i-lucide-code-2'),
+  WordPress: createIcon('i-lucide-pen-tool'),
+
+  // Devices
+  Desktop: createIcon('i-lucide-monitor'),
+  Mobile: createIcon('i-lucide-smartphone'),
+  Tablet: createIcon('i-lucide-tablet'),
+
+  // Browsers
+  Chrome: createIcon('i-simple-icons-googlechrome'),
+  Firefox: createIcon('i-simple-icons-firefox'),
+  Safari: createIcon('i-simple-icons-safari'),
+  Edge: createIcon('i-simple-icons-microsoftedge'),
+  Opera: createIcon('i-simple-icons-opera'),
+  Brave: createIcon('i-simple-icons-brave'),
+  Vivaldi: createIcon('i-simple-icons-vivaldi'),
+  Arc: createIcon('i-simple-icons-arc'),
+  Samsung: createIcon('i-simple-icons-samsung'),
+
+  // Operating Systems
+  Windows: createIcon('i-simple-icons-windows'),
+  MacOS: createIcon('i-simple-icons-apple'),
+  Linux: createIcon('i-simple-icons-linux'),
+  Android: createIcon('i-simple-icons-android'),
+  iOS: createIcon('i-simple-icons-apple'),
+  ChromeOS: createIcon('i-simple-icons-googlechrome'),
+  Ubuntu: createIcon('i-simple-icons-ubuntu'),
+
+  // Referrer brand icons
+  Google: createIcon('i-simple-icons-google'),
+  Bing: createIcon('i-simple-icons-bing'),
+  DuckDuckGo: createIcon('i-simple-icons-duckduckgo'),
+  Twitter: createIcon('i-simple-icons-x'),
+  Facebook: createIcon('i-simple-icons-facebook'),
+  LinkedIn: createIcon('i-simple-icons-linkedin'),
+  Instagram: createIcon('i-simple-icons-instagram'),
+  Pinterest: createIcon('i-simple-icons-pinterest'),
+  Reddit: createIcon('i-simple-icons-reddit'),
+  GitHub: createIcon('i-simple-icons-github'),
+  DevTo: createIcon('i-simple-icons-devdotto'),
+  HackerNews: createIcon('i-simple-icons-ycombinator'),
+  YouTube: createIcon('i-simple-icons-youtube'),
+  Medium: createIcon('i-simple-icons-medium'),
+  Substack: createIcon('i-simple-icons-substack'),
+  Mastodon: createIcon('i-simple-icons-mastodon'),
+  Bluesky: createIcon('i-simple-icons-bluesky'),
+  Discord: createIcon('i-simple-icons-discord'),
+  Slack: createIcon('i-simple-icons-slack'),
+  ProductHunt: createIcon('i-simple-icons-producthunt'),
+  StackOverflow: createIcon('i-simple-icons-stackoverflow'),
+  Direct: createIcon('i-lucide-globe'),
+  Mail: createIcon('i-lucide-mail'),
+  RSS: createIcon('i-lucide-rss'),
+} as const
+
+const referrerIconMap: Record<string, IconComponent> = {
+  'direct': Icons.Direct,
+  'google': Icons.Google,
+  'bing': Icons.Bing,
+  'duckduckgo': Icons.DuckDuckGo,
+  'twitter': Icons.Twitter,
+  'x.com': Icons.Twitter,
+  't.co': Icons.Twitter,
+  'facebook': Icons.Facebook,
+  'linkedin': Icons.LinkedIn,
+  'instagram': Icons.Instagram,
+  'pinterest': Icons.Pinterest,
+  'reddit': Icons.Reddit,
+  'github': Icons.GitHub,
+  'dev.to': Icons.DevTo,
+  'hacker news': Icons.HackerNews,
+  'ycombinator': Icons.HackerNews,
+  'youtube': Icons.YouTube,
+  'youtu.be': Icons.YouTube,
+  'medium': Icons.Medium,
+  'substack': Icons.Substack,
+  'mastodon': Icons.Mastodon,
+  'bluesky': Icons.Bluesky,
+  'bsky': Icons.Bluesky,
+  'discord': Icons.Discord,
+  'slack': Icons.Slack,
+  'producthunt': Icons.ProductHunt,
+  'product hunt': Icons.ProductHunt,
+  'stackoverflow': Icons.StackOverflow,
+  'stack overflow': Icons.StackOverflow,
+}
+
+export function getReferrerIcon(name: string): IconComponent {
+  if (!name || name === 'Direct') return Icons.Direct
+  const lower = name.toLowerCase()
+  for (const [key, icon] of Object.entries(referrerIconMap)) {
+    if (lower.includes(key)) return icon
+  }
+  return Icons.Link
+}
+
+const countryNameToCode: Record<string, string> = {
+  'united states': 'us',
+  'united kingdom': 'gb',
+  'canada': 'ca',
+  'australia': 'au',
+  'germany': 'de',
+  'france': 'fr',
+  'japan': 'jp',
+  'china': 'cn',
+  'india': 'in',
+  'brazil': 'br',
+  'mexico': 'mx',
+  'spain': 'es',
+  'italy': 'it',
+  'netherlands': 'nl',
+  'sweden': 'se',
+  'norway': 'no',
+  'denmark': 'dk',
+  'finland': 'fi',
+  'poland': 'pl',
+  'russia': 'ru',
+  'ukraine': 'ua',
+  'south korea': 'kr',
+  'taiwan': 'tw',
+  'singapore': 'sg',
+  'hong kong': 'hk',
+  'indonesia': 'id',
+  'thailand': 'th',
+  'vietnam': 'vn',
+  'philippines': 'ph',
+  'malaysia': 'my',
+  'new zealand': 'nz',
+  'ireland': 'ie',
+  'switzerland': 'ch',
+  'austria': 'at',
+  'belgium': 'be',
+  'portugal': 'pt',
+  'czech republic': 'cz',
+  'czechia': 'cz',
+  'romania': 'ro',
+  'hungary': 'hu',
+  'greece': 'gr',
+  'turkey': 'tr',
+  'israel': 'il',
+  'united arab emirates': 'ae',
+  'saudi arabia': 'sa',
+  'south africa': 'za',
+  'argentina': 'ar',
+  'chile': 'cl',
+  'colombia': 'co',
+  'peru': 'pe',
+  'egypt': 'eg',
+  'nigeria': 'ng',
+  'kenya': 'ke',
+  'pakistan': 'pk',
+  'bangladesh': 'bd',
+  'sri lanka': 'lk',
+}
+
+export function getCountryCode(name: string): string | null {
+  if (!name) return null
+  const lower = name.toLowerCase()
+  return countryNameToCode[lower] || null
+}
+
+export function getCountryFlagUrl(name: string, size: number = 24): string | null {
+  const code = getCountryCode(name)
+  if (!code) return null
+  return `https://flagcdn.com/w${size}/${code}.png`
+}
+
+const browserIconMap: Record<string, IconComponent> = {
+  'chrome': Icons.Chrome,
+  'firefox': Icons.Firefox,
+  'safari': Icons.Safari,
+  'edge': Icons.Edge,
+  'opera': Icons.Opera,
+  'brave': Icons.Brave,
+  'vivaldi': Icons.Vivaldi,
+  'arc': Icons.Arc,
+  'samsung': Icons.Samsung,
+}
+
+export function getBrowserIcon(name: string): IconComponent | null {
+  if (!name) return null
+  const lower = name.toLowerCase()
+  for (const [key, icon] of Object.entries(browserIconMap)) {
+    if (lower.includes(key)) return icon
+  }
+  return null
+}
+
+const deviceIconMap: Record<string, IconComponent> = {
+  'desktop': Icons.Desktop,
+  'mobile': Icons.Mobile,
+  'tablet': Icons.Tablet,
+  'phone': Icons.Mobile,
+}
+
+export function getDeviceIcon(name: string): IconComponent | null {
+  if (!name) return null
+  const lower = name.toLowerCase()
+  for (const [key, icon] of Object.entries(deviceIconMap)) {
+    if (lower.includes(key)) return icon
+  }
+  return null
+}
+
+const osIconMap: Record<string, IconComponent> = {
+  'windows': Icons.Windows,
+  'macos': Icons.MacOS,
+  'mac os': Icons.MacOS,
+  'ios': Icons.iOS,
+  'android': Icons.Android,
+  'linux': Icons.Linux,
+  'ubuntu': Icons.Ubuntu,
+  'chrome os': Icons.ChromeOS,
+  'chromeos': Icons.ChromeOS,
+}
+
+export function getOSIcon(name: string): IconComponent | null {
+  if (!name) return null
+  const lower = name.toLowerCase()
+  for (const [key, icon] of Object.entries(osIconMap)) {
+    if (lower.includes(key)) return icon
+  }
+  return null
+}
diff --git a/studio/src/components/shared/LoadingState.tsx b/studio/src/components/shared/LoadingState.tsx
new file mode 100644
index 0000000..9bb4d42
--- /dev/null
+++ b/studio/src/components/shared/LoadingState.tsx
@@ -0,0 +1,9 @@
+import { Icons } from './Icons'
+
+export function LoadingState() {
+  return (
+    <div className="flex items-center justify-center py-12">
+      <Icons.Loader className="animate-spin text-muted text-2xl" />
+    </div>
+  )
+}
diff --git a/studio/src/components/shared/PageHeader.tsx b/studio/src/components/shared/PageHeader.tsx
new file mode 100644
index 0000000..42d1f36
--- /dev/null
+++ b/studio/src/components/shared/PageHeader.tsx
@@ -0,0 +1,16 @@
+import type { ReactNode } from 'react'
+import { Breadcrumb } from './Breadcrumb'
+
+interface PageHeaderProps {
+  title?: string
+  children?: ReactNode
+}
+
+export function PageHeader({ title, children }: PageHeaderProps) {
+  return (
+    <div className="flex items-center justify-between mb-6">
+      <Breadcrumb title={title} />
+      {children && <div className="flex items-center gap-2">{children}</div>}
+    </div>
+  )
+}
diff --git a/studio/src/components/shared/SaveBar.tsx b/studio/src/components/shared/SaveBar.tsx
new file mode 100644
index 0000000..c74239c
--- /dev/null
+++ b/studio/src/components/shared/SaveBar.tsx
@@ -0,0 +1,39 @@
+import { Button } from '../ui'
+
+interface SaveBarProps {
+  onSave: () => void
+  loading?: boolean
+  disabled?: boolean
+  changes?: string[]
+}
+
+export function SaveBar({ onSave, loading, disabled, changes = [] }: SaveBarProps) {
+  return (
+    <div className="fixed bottom-0 left-0 right-0 z-50 border-t border-border bg-bg/95 backdrop-blur-sm">
+      <div className="max-w-4xl mx-auto px-6 py-3 flex items-center justify-between">
+        <div className="flex items-center gap-2">
+          <div className="w-2 h-2 rounded-full bg-amber-500 animate-pulse" />
+          <span className="text-sm">
+            {changes.length > 0 ? (
+              <>
+                <span className="text-muted">Changed: </span>
+                <span className="font-medium">{changes.slice(0, 3).join(', ')}</span>
+                {changes.length > 3 && <span className="text-muted"> +{changes.length - 3} more</span>}
+              </>
+            ) : (
+              <span className="text-muted">Unsaved changes</span>
+            )}
+          </span>
+        </div>
+        <Button
+          variant="primary"
+          onClick={onSave}
+          loading={loading}
+          disabled={disabled}
+        >
+          Save
+        </Button>
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/components/shared/Section.tsx b/studio/src/components/shared/Section.tsx
new file mode 100644
index 0000000..00c0ea1
--- /dev/null
+++ b/studio/src/components/shared/Section.tsx
@@ -0,0 +1,21 @@
+import type { ReactNode } from 'react'
+
+interface SectionProps {
+  title: string
+  description?: string
+  children: ReactNode
+}
+
+export function Section({ title, description, children }: SectionProps) {
+  return (
+    <div className="section">
+      <div className="mb-4">
+        <h2 className="text-sm font-medium text-text">{title}</h2>
+        {description && (
+          <p className="text-xs text-muted mt-1">{description}</p>
+        )}
+      </div>
+      <div className="space-y-4">{children}</div>
+    </div>
+  )
+}
diff --git a/studio/src/components/shared/Skeleton.tsx b/studio/src/components/shared/Skeleton.tsx
new file mode 100644
index 0000000..3056bbc
--- /dev/null
+++ b/studio/src/components/shared/Skeleton.tsx
@@ -0,0 +1,596 @@
+import { PageHeader } from './PageHeader'
+
+interface SkeletonProps {
+  className?: string
+}
+
+export function Skeleton({ className = '' }: SkeletonProps) {
+  return <div className={`bg-border/60 animate-shimmer ${className}`} />
+}
+
+export function SkeletonText({ className = '' }: SkeletonProps) {
+  return <Skeleton className={`h-4 rounded ${className}`} />
+}
+
+export function SkeletonCard({ className = '' }: SkeletonProps) {
+  return <Skeleton className={`h-24 ${className}`} />
+}
+
+// Page header skeleton with optional action button placeholder
+interface PageHeaderSkeletonProps {
+  showAction?: boolean
+}
+
+export function PageHeaderSkeleton({ showAction = true }: PageHeaderSkeletonProps) {
+  return (
+    <PageHeader>
+      {showAction && <Skeleton className="w-28 h-9" />}
+    </PageHeader>
+  )
+}
+
+export function PostsPageSkeleton() {
+  return (
+    <div>
+      <PageHeader>
+        <Skeleton className="w-24 h-9" />
+      </PageHeader>
+
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        <div className="relative">
+          <div className="absolute top-0 bottom-0 border-l border-border" style={{ left: '33.333%' }} />
+          <div className="absolute top-0 bottom-0 border-l border-border" style={{ left: '66.666%' }} />
+
+          <div className="grid grid-cols-3">
+            <div className="py-4 pl-6 lg:pl-10 pr-6">
+              <div className="text-xs text-muted mb-0.5">Total Posts</div>
+              <Skeleton className="w-10 h-6" />
+            </div>
+            <div className="py-4 px-6">
+              <div className="text-xs text-muted mb-0.5">Published</div>
+              <Skeleton className="w-10 h-6" />
+            </div>
+            <div className="py-4 pr-6 lg:pr-10 pl-6">
+              <div className="text-xs text-muted mb-0.5">Total Views</div>
+              <Skeleton className="w-16 h-6" />
+            </div>
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        <div className="px-6 lg:px-10 py-4 flex flex-col sm:flex-row sm:items-center gap-4">
+          <div className="flex bg-border/50 border border-border">
+            {['All', 'Published', 'Drafts'].map((label, i) => (
+              <div
+                key={label}
+                className={`px-3 py-1.5 text-xs font-medium tracking-wide text-muted ${
+                  i === 0 ? 'bg-surface border-x border-border/50' : ''
+                }`}
+              >
+                {label}
+              </div>
+            ))}
+          </div>
+          <div className="flex-1 sm:max-w-xs sm:ml-auto">
+            <Skeleton className="h-10" />
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {[1, 2, 3, 4, 5].map(i => (
+          <div key={i} className={`flex items-center gap-4 px-6 lg:px-10 py-4 ${i > 1 ? 'border-t border-border' : ''}`}>
+            <div className="flex-1 min-w-0 space-y-2">
+              <div className="flex items-center gap-2.5">
+                {i <= 2 && <Skeleton className="w-12 h-5" />}
+                <SkeletonText className={i <= 2 ? 'w-40' : 'w-56'} />
+              </div>
+              <div className="flex items-center gap-3">
+                <SkeletonText className="w-24 h-3" />
+                <SkeletonText className="w-16 h-3" />
+              </div>
+            </div>
+            <Skeleton className="w-8 h-8" />
+          </div>
+        ))}
+      </div>
+    </div>
+  )
+}
+
+export function AnalyticsPageSkeleton() {
+  return (
+    <div>
+      <PageHeader>
+        <div className="flex bg-border/50 border border-border">
+          {['7d', '30d', '90d'].map((label, i) => (
+            <div
+              key={label}
+              className={`px-3 py-1.5 text-xs font-medium tracking-wide text-muted ${
+                i === 0 ? 'bg-surface border-x border-border/50' : ''
+              }`}
+            >
+              {label}
+            </div>
+          ))}
+        </div>
+      </PageHeader>
+
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        <div className="relative">
+          <div className="absolute top-0 bottom-0 left-1/2 border-l border-border lg:hidden" />
+          <div className="hidden lg:block absolute top-0 bottom-0 border-l border-border" style={{ left: '25%' }} />
+          <div className="hidden lg:block absolute top-0 bottom-0 border-l border-border" style={{ left: '50%' }} />
+          <div className="hidden lg:block absolute top-0 bottom-0 border-l border-border" style={{ left: '75%' }} />
+
+          <div className="grid grid-cols-2 lg:grid-cols-4">
+            <div className="py-5 pl-6 lg:pl-10 pr-6">
+              <div className="text-xs text-muted mb-1">Total Views</div>
+              <Skeleton className="w-20 h-8" />
+              <div className="text-xs mt-1 text-muted">
+                <Skeleton className="w-24 h-3 inline-block" />
+              </div>
+            </div>
+            <div className="py-5 px-6 lg:pr-6">
+              <div className="text-xs text-muted mb-1">Page Views</div>
+              <Skeleton className="w-16 h-8" />
+            </div>
+            <div className="py-5 px-6 lg:pl-6 border-t border-border lg:border-t-0">
+              <div className="text-xs text-muted mb-1">Unique Visitors</div>
+              <Skeleton className="w-14 h-8" />
+            </div>
+            <div className="py-5 pr-6 lg:pr-10 pl-6 border-t border-border lg:border-t-0">
+              <div className="text-xs text-muted mb-1">Bandwidth</div>
+              <Skeleton className="w-16 h-8" />
+            </div>
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        <div className="px-6 lg:px-10 py-6">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide mb-4">Views Over Time</div>
+          <Skeleton className="h-48" />
+        </div>
+
+        <div className="border-t border-border" />
+
+        <div className="relative">
+          <div className="hidden lg:block absolute top-0 bottom-0 left-1/2 border-l border-border" />
+          <div className="grid lg:grid-cols-2">
+            <div className="py-6 pl-6 lg:pl-10 pr-6 border-b border-border lg:border-b-0">
+              <div className="text-xs font-medium text-muted uppercase tracking-wide mb-4">Top Pages</div>
+              {[1, 2, 3].map(j => (
+                <div key={j} className="space-y-2 mb-3">
+                  <div className="flex justify-between">
+                    <SkeletonText className="w-32" />
+                    <SkeletonText className="w-8" />
+                  </div>
+                  <Skeleton className="h-1.5" />
+                </div>
+              ))}
+            </div>
+            <div className="py-6 pr-6 lg:pr-10 pl-6">
+              <div className="text-xs font-medium text-muted uppercase tracking-wide mb-4">Top Referrers</div>
+              {[1, 2, 3].map(j => (
+                <div key={j} className="space-y-2 mb-3">
+                  <div className="flex justify-between">
+                    <SkeletonText className="w-24" />
+                    <SkeletonText className="w-8" />
+                  </div>
+                  <Skeleton className="h-1.5" />
+                </div>
+              ))}
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+  )
+}
+
+// Generic settings page skeleton
+export function SettingsPageSkeleton() {
+  return (
+    <div className="space-y-6">
+      <PageHeaderSkeleton showAction={false} />
+      {[1, 2].map(i => (
+        <div key={i} className="card p-6 space-y-4">
+          <div className="space-y-1">
+            <SkeletonText className="w-24" />
+            <SkeletonText className="w-48 h-3" />
+          </div>
+          <div className="space-y-4">
+            {[1, 2, 3].map(j => (
+              <div key={j} className="space-y-1">
+                <SkeletonText className="w-16 h-3" />
+                <Skeleton className="h-10" />
+              </div>
+            ))}
+          </div>
+        </div>
+      ))}
+    </div>
+  )
+}
+
+// General page skeleton - 3 sections with fields
+export function GeneralPageSkeleton() {
+  return (
+    <div className="space-y-6 pb-20">
+      <PageHeaderSkeleton showAction={false} />
+      {/* Site Information */}
+      <div className="card p-6 space-y-4">
+        <div className="space-y-1">
+          <h3 className="text-sm font-medium text-text">Site Information</h3>
+          <p className="text-xs text-muted">Basic details about your blog</p>
+        </div>
+        <div className="space-y-4">
+          <div className="space-y-1">
+            <span className="text-xs text-muted">Site Title</span>
+            <Skeleton className="h-10" />
+          </div>
+          <div className="space-y-1">
+            <span className="text-xs text-muted">Description</span>
+            <Skeleton className="h-20" />
+          </div>
+        </div>
+      </div>
+      {/* Author */}
+      <div className="card p-6 space-y-4">
+        <div className="space-y-1">
+          <h3 className="text-sm font-medium text-text">Author</h3>
+          <p className="text-xs text-muted">Information displayed on your posts</p>
+        </div>
+        <div className="space-y-4">
+          {['Name', 'Email', 'Avatar URL', 'Bio'].map((label, i) => (
+            <div key={label} className="space-y-1">
+              <span className="text-xs text-muted">{label}</span>
+              <Skeleton className={i === 3 ? 'h-20' : 'h-10'} />
+            </div>
+          ))}
+        </div>
+      </div>
+      {/* Social Links */}
+      <div className="card p-6 space-y-4">
+        <div className="space-y-1">
+          <h3 className="text-sm font-medium text-text">Social Links</h3>
+          <p className="text-xs text-muted">Links to your social profiles</p>
+        </div>
+        <div className="space-y-4">
+          {['Twitter', 'GitHub', 'LinkedIn', 'Website'].map(label => (
+            <div key={label} className="space-y-1">
+              <span className="text-xs text-muted">{label}</span>
+              <Skeleton className="h-10" />
+            </div>
+          ))}
+        </div>
+      </div>
+    </div>
+  )
+}
+
+// Design page skeleton - preview, colors, grids
+export function DesignPageSkeleton() {
+  return (
+    <div className="space-y-8 pb-20">
+      <PageHeaderSkeleton showAction={false} />
+      {/* Live Preview */}
+      <div>
+        <span className="text-xs text-muted block mb-3">Live Preview</span>
+        <Skeleton className="h-64 border border-border" />
+      </div>
+      {/* Accent Color */}
+      <div>
+        <span className="text-xs text-muted block mb-3">Accent Color</span>
+        <div className="flex items-center gap-3">
+          <Skeleton className="w-12 h-12" />
+          <Skeleton className="w-32 h-10" />
+          <div className="flex gap-1.5">
+            {[1, 2, 3, 4, 5, 6].map(i => (
+              <Skeleton key={i} className="w-7 h-7" />
+            ))}
+          </div>
+        </div>
+      </div>
+      {/* Typography */}
+      <div>
+        <span className="text-xs text-muted block mb-3">Typography</span>
+        <div className="grid grid-cols-2 gap-2">
+          {[1, 2, 3, 4, 5, 6].map(i => (
+            <Skeleton key={i} className="h-20 border border-border" />
+          ))}
+        </div>
+      </div>
+      {/* Code Theme */}
+      <div>
+        <span className="text-xs text-muted block mb-3">Code Theme</span>
+        <div className="grid grid-cols-2 gap-2">
+          {[1, 2, 3, 4, 5].map(i => (
+            <Skeleton key={i} className="h-24 border border-border" />
+          ))}
+        </div>
+      </div>
+      {/* Layout */}
+      <div>
+        <span className="text-xs text-muted block mb-3">Layout</span>
+        <div className="grid grid-cols-3 gap-3">
+          {[1, 2, 3].map(i => (
+            <Skeleton key={i} className="h-28 border border-border" />
+          ))}
+        </div>
+      </div>
+    </div>
+  )
+}
+
+// Engagement page skeleton - toggles and options
+export function EngagementPageSkeleton() {
+  return (
+    <div className="space-y-6 pb-20">
+      <PageHeaderSkeleton showAction={false} />
+      {/* Comments section */}
+      <div className="card p-6 space-y-4">
+        <div className="space-y-1">
+          <h3 className="text-sm font-medium text-text">Comments</h3>
+          <p className="text-xs text-muted">Let readers comment on your posts</p>
+        </div>
+        <div className="flex items-center justify-between">
+          <div className="space-y-1">
+            <span className="text-sm text-text">Enable Comments</span>
+            <SkeletonText className="w-48 h-3" />
+          </div>
+          <Skeleton className="w-12 h-6 rounded-full" />
+        </div>
+      </div>
+      {/* Reactions section */}
+      <div className="card p-6 space-y-4">
+        <div className="space-y-1">
+          <h3 className="text-sm font-medium text-text">Reactions</h3>
+          <p className="text-xs text-muted">Let readers react to posts</p>
+        </div>
+        <div className="flex items-center justify-between">
+          <div className="space-y-1">
+            <span className="text-sm text-text">Enable Reactions</span>
+            <SkeletonText className="w-44 h-3" />
+          </div>
+          <Skeleton className="w-12 h-6 rounded-full" />
+        </div>
+      </div>
+    </div>
+  )
+}
+
+export function APIPageSkeleton() {
+  return (
+    <div>
+      <PageHeader>
+        <Skeleton className="w-28 h-9" />
+      </PageHeader>
+
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Your API Keys</div>
+          <div className="text-xs text-muted mt-0.5">Use these keys to authenticate API requests</div>
+        </div>
+        <div className="border-t border-border">
+          {[1, 2].map(i => (
+            <div key={i} className={`flex flex-col sm:flex-row sm:items-center gap-4 px-6 lg:px-10 py-4 ${i > 1 ? 'border-t border-border' : ''}`}>
+              <div className="flex-1 min-w-0 space-y-2">
+                <SkeletonText className="w-24" />
+                <div className="flex items-center gap-3">
+                  <SkeletonText className="w-20 h-3" />
+                  <SkeletonText className="w-28 h-3" />
+                  <SkeletonText className="w-24 h-3" />
+                </div>
+              </div>
+              <Skeleton className="w-16 h-8" />
+            </div>
+          ))}
+        </div>
+
+        <div className="border-t border-border" />
+
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Webhooks</div>
+          <div className="text-xs text-muted mt-0.5">Get notified when posts are published, updated, or deleted</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6 space-y-3">
+          <div className="border border-border p-4 space-y-3">
+            <div className="flex items-center gap-2">
+              <Skeleton className="w-2 h-2 rounded-full" />
+              <SkeletonText className="w-24" />
+            </div>
+            <SkeletonText className="w-48 h-3" />
+            <div className="flex gap-1">
+              <Skeleton className="w-20 h-5" />
+              <Skeleton className="w-16 h-5" />
+            </div>
+          </div>
+          <Skeleton className="w-28 h-9" />
+        </div>
+
+        <div className="border-t border-border" />
+
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">API Reference</div>
+          <div className="text-xs text-muted mt-0.5">Base URL: <Skeleton className="w-32 h-3 inline-block" /></div>
+        </div>
+        <div className="px-6 lg:px-10 py-6 space-y-2">
+          {['GET', 'POST', 'GET', 'PUT', 'DELETE'].map((method, i) => (
+            <div key={i} className="flex items-center gap-3 px-4 py-3 border border-border">
+              <Skeleton className={`w-12 h-5 ${method === 'GET' ? 'bg-success/15' : method === 'POST' ? 'bg-blue-500/15' : method === 'PUT' ? 'bg-warning/15' : 'bg-danger/15'}`} />
+              <SkeletonText className="w-32" />
+              <SkeletonText className="flex-1 hidden sm:block" />
+              <Skeleton className="w-4 h-4" />
+            </div>
+          ))}
+        </div>
+      </div>
+    </div>
+  )
+}
+
+export function HomePageSkeleton() {
+  return (
+    <div>
+      <PageHeader>
+        <Skeleton className="w-24 h-9" />
+      </PageHeader>
+
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        <div className="relative">
+          <div className="absolute top-0 bottom-0 border-l border-border" style={{ left: '33.333%' }} />
+          <div className="absolute top-0 bottom-0 border-l border-border" style={{ left: '66.666%' }} />
+
+          <div className="grid grid-cols-3">
+            <div className="py-5 pl-6 lg:pl-10 pr-6">
+              <div className="text-xs text-muted mb-1">Views</div>
+              <Skeleton className="w-16 h-8" />
+              <div className="text-xs mt-1 text-muted">
+                <Skeleton className="w-24 h-3 inline-block" />
+              </div>
+            </div>
+            <div className="py-5 px-6">
+              <div className="text-xs text-muted mb-1">Visitors</div>
+              <Skeleton className="w-12 h-8" />
+            </div>
+            <div className="py-5 pr-6 lg:pr-10 pl-6">
+              <div className="text-xs text-muted mb-1">Posts</div>
+              <Skeleton className="w-8 h-8" />
+              <SkeletonText className="w-16 h-3 mt-1" />
+            </div>
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        <div className="relative">
+          <div className="absolute top-0 bottom-0 left-1/2 border-l border-border" />
+
+          <div className="grid grid-cols-2">
+            <div className="pl-6 lg:pl-10 pr-6 py-6 space-y-6">
+              <div>
+                <div className="mb-3">
+                  <span className="text-xs font-medium text-muted uppercase tracking-wide">Continue Writing</span>
+                </div>
+                <div className="space-y-1">
+                  {[1, 2].map(i => (
+                    <div key={i} className="flex items-center justify-between py-2">
+                      <div className="flex items-center gap-2.5">
+                        <Skeleton className="w-3.5 h-3.5" />
+                        <SkeletonText className="w-32" />
+                      </div>
+                      <div className="flex items-center gap-2">
+                        <SkeletonText className="w-10 h-3" />
+                        <Skeleton className="w-4 h-4" />
+                      </div>
+                    </div>
+                  ))}
+                </div>
+              </div>
+              <div>
+                <div className="mb-3">
+                  <span className="text-xs font-medium text-muted uppercase tracking-wide">Recent Posts</span>
+                </div>
+                <div className="space-y-1">
+                  {[1, 2, 3, 4].map(i => (
+                    <div key={i} className="flex items-center justify-between py-2">
+                      <div className="flex items-center gap-2.5">
+                        <Skeleton className="w-3.5 h-3.5" />
+                        <SkeletonText className="w-40" />
+                      </div>
+                      <div className="flex items-center gap-3 text-xs text-muted">
+                        <SkeletonText className="w-6 h-3" />
+                        <SkeletonText className="w-12 h-3" />
+                      </div>
+                    </div>
+                  ))}
+                </div>
+              </div>
+            </div>
+
+            <div className="pr-6 lg:pr-10 pl-6 py-6">
+              <div className="mb-3">
+                <span className="text-xs font-medium text-muted uppercase tracking-wide">Top Referrers</span>
+              </div>
+              <div className="space-y-3">
+                {[1, 2, 3, 4, 5].map(i => (
+                  <div key={i} className="space-y-2">
+                    <div className="flex justify-between">
+                      <SkeletonText className="w-24" />
+                      <SkeletonText className="w-8" />
+                    </div>
+                    <Skeleton className="h-1.5" />
+                  </div>
+                ))}
+              </div>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+  )
+}
+
+export function BillingPageSkeleton() {
+  return (
+    <div>
+      <PageHeader />
+
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Current Plan</div>
+        </div>
+        <div className="px-6 lg:px-10 pb-6">
+          <div className="p-4 border border-border">
+            <div className="flex items-center justify-between">
+              <div className="space-y-2">
+                <Skeleton className="w-24 h-6" />
+                <SkeletonText className="w-32 h-3" />
+              </div>
+              <Skeleton className="w-32 h-9" />
+            </div>
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Upgrade to Pro</div>
+        </div>
+        <div className="px-6 lg:px-10 pb-6">
+          <div className="flex items-center justify-center gap-3 mb-6">
+            <Skeleton className="w-20 h-8" />
+            <Skeleton className="w-24 h-8" />
+          </div>
+          <div className="max-w-md mx-auto p-6 border border-border">
+            <div className="text-center mb-6 space-y-2">
+              <SkeletonText className="w-12 mx-auto" />
+              <Skeleton className="w-24 h-10 mx-auto" />
+            </div>
+            <div className="space-y-3 mb-6">
+              {[1, 2, 3, 4, 5].map(i => (
+                <div key={i} className="flex items-center gap-2">
+                  <Skeleton className="w-4 h-4" />
+                  <SkeletonText className="w-40" />
+                </div>
+              ))}
+            </div>
+            <Skeleton className="w-full h-10" />
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Feature Comparison</div>
+        </div>
+        <div className="px-6 lg:px-10 pb-6">
+          <Skeleton className="w-full h-64" />
+        </div>
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/components/shared/StatCard.tsx b/studio/src/components/shared/StatCard.tsx
new file mode 100644
index 0000000..979d44d
--- /dev/null
+++ b/studio/src/components/shared/StatCard.tsx
@@ -0,0 +1,26 @@
+interface StatCardProps {
+  label: string
+  value: string
+  icon?: string
+  change?: string
+  positive?: boolean
+}
+
+export function StatCard({ label, value, icon, change, positive }: StatCardProps) {
+  return (
+    <div className="card">
+      {icon && (
+        <div className="w-10 h-10 bg-accent/10 flex items-center justify-center mb-3">
+          <span className={`${icon} text-accent text-lg`} />
+        </div>
+      )}
+      <div className="text-xs text-muted uppercase tracking-wide mb-1">{label}</div>
+      <div className="text-2xl font-semibold text-text">{value}</div>
+      {change && (
+        <div className={`text-xs mt-1 ${positive ? 'text-success' : 'text-danger'}`}>
+          {change}
+        </div>
+      )}
+    </div>
+  )
+}
diff --git a/studio/src/components/shared/index.ts b/studio/src/components/shared/index.ts
new file mode 100644
index 0000000..dab9ff4
--- /dev/null
+++ b/studio/src/components/shared/index.ts
@@ -0,0 +1,23 @@
+export { Section } from './Section'
+export { Field } from './Field'
+export { StatCard } from './StatCard'
+export { BreakdownList } from './BreakdownList'
+export { EmptyState } from './EmptyState'
+export { LoadingState } from './LoadingState'
+export { SaveBar } from './SaveBar'
+export { Breadcrumb } from './Breadcrumb'
+export { PageHeader } from './PageHeader'
+export {
+  Skeleton,
+  SkeletonText,
+  SkeletonCard,
+  PostsPageSkeleton,
+  AnalyticsPageSkeleton,
+  SettingsPageSkeleton,
+  GeneralPageSkeleton,
+  DesignPageSkeleton,
+  EngagementPageSkeleton,
+  APIPageSkeleton,
+  BillingPageSkeleton,
+  HomePageSkeleton,
+} from './Skeleton'
diff --git a/studio/src/components/ui/ActionMenu.tsx b/studio/src/components/ui/ActionMenu.tsx
new file mode 100644
index 0000000..ea3b485
--- /dev/null
+++ b/studio/src/components/ui/ActionMenu.tsx
@@ -0,0 +1,92 @@
+import { useState, useRef, useEffect } from 'react'
+import type { IconComponent } from '../shared/Icons'
+import { Icons } from '../shared/Icons'
+
+export interface ActionMenuItem {
+  label: string
+  Icon?: IconComponent
+  onClick?: () => void
+  href?: string
+  external?: boolean
+  variant?: 'default' | 'danger'
+}
+
+interface ActionMenuProps {
+  items: ActionMenuItem[]
+  className?: string
+}
+
+export function ActionMenu({ items, className = '' }: ActionMenuProps) {
+  const [open, setOpen] = useState(false)
+  const containerRef = useRef<HTMLDivElement>(null)
+
+  useEffect(() => {
+    function handleClickOutside(e: MouseEvent) {
+      if (containerRef.current && !containerRef.current.contains(e.target as Node)) {
+        setOpen(false)
+      }
+    }
+    document.addEventListener('mousedown', handleClickOutside)
+    return () => document.removeEventListener('mousedown', handleClickOutside)
+  }, [])
+
+  return (
+    <div ref={containerRef} className={`relative ${className}`} data-action-menu>
+      <button
+        type="button"
+        onClick={(e) => {
+          e.preventDefault()
+          e.stopPropagation()
+          setOpen(!open)
+        }}
+        className="p-2 text-muted/60 hover:text-text hover:bg-bg rounded transition-all duration-150"
+        aria-label="Actions"
+      >
+        <Icons.MoreHorizontal className="w-4 h-4" />
+      </button>
+
+      {open && (
+        <div className="absolute right-0 top-full mt-1 w-36 bg-surface border border-border shadow-lg z-[100] py-1">
+          {items.map((item, i) => {
+            const itemClass = `w-full flex items-center gap-2.5 px-3 py-2 text-sm transition-colors ${
+              item.variant === 'danger'
+                ? 'text-danger hover:bg-danger/5'
+                : 'text-text hover:bg-bg'
+            }`
+
+            if (item.href) {
+              return (
+                <a
+                  key={i}
+                  href={item.href}
+                  target={item.external ? '_blank' : undefined}
+                  rel={item.external ? 'noopener noreferrer' : undefined}
+                  className={itemClass}
+                  onClick={() => setOpen(false)}
+                >
+                  {item.Icon && <item.Icon className="w-3.5 h-3.5 opacity-60" />}
+                  {item.label}
+                </a>
+              )
+            }
+
+            return (
+              <button
+                key={i}
+                type="button"
+                onClick={() => {
+                  setOpen(false)
+                  item.onClick?.()
+                }}
+                className={itemClass}
+              >
+                {item.Icon && <item.Icon className="w-3.5 h-3.5 opacity-70" />}
+                {item.label}
+              </button>
+            )
+          })}
+        </div>
+      )}
+    </div>
+  )
+}
diff --git a/studio/src/components/ui/Badge.tsx b/studio/src/components/ui/Badge.tsx
new file mode 100644
index 0000000..f110645
--- /dev/null
+++ b/studio/src/components/ui/Badge.tsx
@@ -0,0 +1,20 @@
+type BadgeVariant = 'draft' | 'published' | 'default'
+
+interface BadgeProps {
+  variant?: BadgeVariant
+  children: string
+}
+
+const variantClasses: Record<BadgeVariant, string> = {
+  draft: 'badge-draft',
+  published: 'badge-published',
+  default: 'badge text-muted border-border',
+}
+
+export function Badge({ variant = 'default', children }: BadgeProps) {
+  return (
+    <span className={variantClasses[variant]}>
+      {children}
+    </span>
+  )
+}
diff --git a/studio/src/components/ui/Button.tsx b/studio/src/components/ui/Button.tsx
new file mode 100644
index 0000000..c4d6531
--- /dev/null
+++ b/studio/src/components/ui/Button.tsx
@@ -0,0 +1,63 @@
+import type { ButtonHTMLAttributes, AnchorHTMLAttributes, ReactNode } from 'react'
+import { Icons, type IconComponent } from '../shared/Icons'
+
+type ButtonVariant = 'primary' | 'secondary' | 'danger' | 'ghost'
+
+type ButtonBaseProps = {
+  variant?: ButtonVariant
+  loading?: boolean
+  Icon?: IconComponent
+  children: ReactNode
+}
+
+type ButtonAsButton = ButtonBaseProps & ButtonHTMLAttributes<HTMLButtonElement> & { href?: never }
+type ButtonAsLink = ButtonBaseProps & AnchorHTMLAttributes<HTMLAnchorElement> & { href: string }
+
+type ButtonProps = ButtonAsButton | ButtonAsLink
+
+const variantClasses: Record<ButtonVariant, string> = {
+  primary: 'btn-primary',
+  secondary: 'btn-secondary',
+  danger: 'btn-danger',
+  ghost: 'btn-ghost',
+}
+
+export function Button({
+  variant = 'secondary',
+  loading = false,
+  Icon,
+  children,
+  className = '',
+  ...props
+}: ButtonProps) {
+  const content = (
+    <>
+      {loading ? (
+        <Icons.Loader className="animate-spin text-xs" />
+      ) : Icon ? (
+        <Icon className="text-xs opacity-70" />
+      ) : null}
+      <span>{children}</span>
+    </>
+  )
+
+  if ('href' in props && props.href) {
+    const { href, ...linkProps } = props
+    return (
+      <a href={href} className={`${variantClasses[variant]} ${className}`} {...linkProps}>
+        {content}
+      </a>
+    )
+  }
+
+  const { disabled, ...buttonProps } = props as ButtonAsButton
+  return (
+    <button
+      className={`${variantClasses[variant]} ${className}`}
+      disabled={disabled || loading}
+      {...buttonProps}
+    >
+      {content}
+    </button>
+  )
+}
diff --git a/studio/src/components/ui/Dropdown.tsx b/studio/src/components/ui/Dropdown.tsx
new file mode 100644
index 0000000..52a0bb4
--- /dev/null
+++ b/studio/src/components/ui/Dropdown.tsx
@@ -0,0 +1,86 @@
+import { useState, useRef, useEffect } from 'react'
+import type { IconComponent } from '../shared/Icons'
+import { Icons } from '../shared/Icons'
+
+export interface DropdownOption<T extends string = string> {
+  value: T
+  label: string
+  Icon?: IconComponent
+  description?: string
+}
+
+interface DropdownProps<T extends string = string> {
+  value: T
+  onChange: (value: T) => void
+  options: DropdownOption<T>[]
+  placeholder?: string
+  className?: string
+}
+
+export function Dropdown<T extends string = string>({
+  value,
+  onChange,
+  options,
+  placeholder = 'Select...',
+  className = '',
+}: DropdownProps<T>) {
+  const [open, setOpen] = useState(false)
+  const containerRef = useRef<HTMLDivElement>(null)
+
+  const selected = options.find(opt => opt.value === value)
+
+  useEffect(() => {
+    function handleClickOutside(e: MouseEvent) {
+      if (containerRef.current && !containerRef.current.contains(e.target as Node)) {
+        setOpen(false)
+      }
+    }
+    document.addEventListener('mousedown', handleClickOutside)
+    return () => document.removeEventListener('mousedown', handleClickOutside)
+  }, [])
+
+  return (
+    <div ref={containerRef} className={`relative ${className}`}>
+      <button
+        type="button"
+        onClick={() => setOpen(!open)}
+        className="w-full flex items-center justify-between gap-2 px-3 py-2 text-sm bg-bg border border-border transition-colors hover:border-muted focus:outline-none focus:border-muted"
+      >
+        <span className="flex items-center gap-2 min-w-0">
+          {selected?.Icon && <selected.Icon className="w-4 h-4 flex-shrink-0" />}
+          <span className="truncate">{selected?.label || placeholder}</span>
+        </span>
+        <Icons.ChevronDown className={`w-4 h-4 flex-shrink-0 text-muted transition-transform ${open ? 'rotate-180' : ''}`} />
+      </button>
+
+      {open && (
+        <div className="absolute z-50 w-full mt-1 bg-surface border border-border shadow-lg max-h-60 overflow-auto">
+          {options.map((opt) => (
+            <button
+              key={opt.value}
+              type="button"
+              onClick={() => {
+                onChange(opt.value)
+                setOpen(false)
+              }}
+              className={`w-full flex items-start gap-2 px-3 py-2 text-sm text-left transition-colors ${
+                opt.value === value ? 'bg-accent/5 border-l-2 border-l-accent' : 'hover:bg-bg'
+              }`}
+            >
+              {opt.Icon && <opt.Icon className="w-4 h-4 flex-shrink-0 mt-0.5" />}
+              <div className="min-w-0 flex-1">
+                <div className="truncate">{opt.label}</div>
+                {opt.description && (
+                  <div className="text-xs text-muted truncate">{opt.description}</div>
+                )}
+              </div>
+              {opt.value === value && (
+                <Icons.Check className="w-4 h-4 flex-shrink-0 text-accent" />
+              )}
+            </button>
+          ))}
+        </div>
+      )}
+    </div>
+  )
+}
diff --git a/studio/src/components/ui/Input.tsx b/studio/src/components/ui/Input.tsx
new file mode 100644
index 0000000..74d8647
--- /dev/null
+++ b/studio/src/components/ui/Input.tsx
@@ -0,0 +1,50 @@
+import type { InputHTMLAttributes, TextareaHTMLAttributes } from 'react'
+import type { IconComponent } from '../shared/Icons'
+
+interface InputProps extends Omit<InputHTMLAttributes<HTMLInputElement>, 'onChange'> {
+  value: string
+  onChange: (value: string) => void
+  Icon?: IconComponent
+}
+
+interface TextareaProps extends Omit<TextareaHTMLAttributes<HTMLTextAreaElement>, 'onChange'> {
+  value: string
+  onChange: (value: string) => void
+  rows?: number
+}
+
+export function Input({ value, onChange, Icon, className = '', ...props }: InputProps) {
+  if (Icon) {
+    return (
+      <div className="relative">
+        <Icon className="absolute left-3 top-1/2 -translate-y-1/2 text-muted text-sm" />
+        <input
+          className={`input pl-9 ${className}`}
+          value={value}
+          onChange={e => onChange(e.target.value)}
+          {...props}
+        />
+      </div>
+    )
+  }
+  return (
+    <input
+      className={`input ${className}`}
+      value={value}
+      onChange={e => onChange(e.target.value)}
+      {...props}
+    />
+  )
+}
+
+export function Textarea({ value, onChange, rows = 4, className = '', ...props }: TextareaProps) {
+  return (
+    <textarea
+      className={`input resize-none ${className}`}
+      value={value}
+      onChange={e => onChange(e.target.value)}
+      rows={rows}
+      {...props}
+    />
+  )
+}
diff --git a/studio/src/components/ui/Modal.tsx b/studio/src/components/ui/Modal.tsx
new file mode 100644
index 0000000..41c28f9
--- /dev/null
+++ b/studio/src/components/ui/Modal.tsx
@@ -0,0 +1,51 @@
+import type { ReactNode } from 'react'
+import { useEffect } from 'react'
+import { Icons } from '../shared/Icons'
+
+interface ModalProps {
+  open: boolean
+  onClose: () => void
+  title: string
+  children: ReactNode
+}
+
+export function Modal({ open, onClose, title, children }: ModalProps) {
+  useEffect(() => {
+    const handleEscape = (e: KeyboardEvent) => {
+      if (e.key === 'Escape') onClose()
+    }
+    if (open) {
+      document.addEventListener('keydown', handleEscape)
+      document.body.style.overflow = 'hidden'
+    }
+    return () => {
+      document.removeEventListener('keydown', handleEscape)
+      document.body.style.overflow = ''
+    }
+  }, [open, onClose])
+
+  if (!open) return null
+
+  return (
+    <div className="fixed inset-0 z-50 flex items-center justify-center">
+      <div
+        className="absolute inset-0 bg-black/50"
+        onClick={onClose}
+      />
+      <div className="relative bg-surface border border-border shadow-lg w-full max-w-md mx-4">
+        <div className="flex items-center justify-between p-4 border-b border-border">
+          <h2 className="text-sm font-medium text-text">{title}</h2>
+          <button
+            onClick={onClose}
+            className="btn-ghost p-1 -m-1"
+          >
+            <Icons.Close />
+          </button>
+        </div>
+        <div className="p-4">
+          {children}
+        </div>
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/components/ui/Select.tsx b/studio/src/components/ui/Select.tsx
new file mode 100644
index 0000000..f5be218
--- /dev/null
+++ b/studio/src/components/ui/Select.tsx
@@ -0,0 +1,33 @@
+interface SelectOption {
+  value: string
+  label: string
+}
+
+interface SelectProps {
+  value: string
+  onChange: (value: string) => void
+  options: SelectOption[]
+  placeholder?: string
+  className?: string
+}
+
+export function Select({ value, onChange, options, placeholder, className = '' }: SelectProps) {
+  return (
+    <select
+      value={value}
+      onChange={e => onChange(e.target.value)}
+      className={`input ${className}`}
+    >
+      {placeholder && (
+        <option value="" disabled>
+          {placeholder}
+        </option>
+      )}
+      {options.map(opt => (
+        <option key={opt.value} value={opt.value}>
+          {opt.label}
+        </option>
+      ))}
+    </select>
+  )
+}
diff --git a/studio/src/components/ui/Tabs.tsx b/studio/src/components/ui/Tabs.tsx
new file mode 100644
index 0000000..eddcbde
--- /dev/null
+++ b/studio/src/components/ui/Tabs.tsx
@@ -0,0 +1,74 @@
+import { useRef, useState, useLayoutEffect } from 'react'
+import type { IconComponent } from '../shared/Icons'
+
+export interface Tab<T extends string = string> {
+  value: T
+  label: string
+  Icon?: IconComponent
+}
+
+interface TabsProps<T extends string = string> {
+  value: T
+  onChange: (value: T) => void
+  tabs: Tab<T>[]
+  className?: string
+}
+
+export function Tabs<T extends string = string>({
+  value,
+  onChange,
+  tabs,
+  className = '',
+}: TabsProps<T>) {
+  const containerRef = useRef<HTMLDivElement>(null)
+  const [indicatorStyle, setIndicatorStyle] = useState({ left: 0, width: 0 })
+
+  useLayoutEffect(() => {
+    const container = containerRef.current
+    if (!container) return
+
+    const activeIndex = tabs.findIndex(tab => tab.value === value)
+    const buttons = container.querySelectorAll('button')
+    const activeButton = buttons[activeIndex]
+
+    if (activeButton) {
+      setIndicatorStyle({
+        left: activeButton.offsetLeft,
+        width: activeButton.offsetWidth,
+      })
+    }
+  }, [value, tabs])
+
+  return (
+    <div
+      ref={containerRef}
+      className={`relative flex bg-border/50 border border-border ${className}`}
+    >
+      <div
+        className="absolute inset-y-0 bg-surface border-x border-border/50 transition-all duration-200 ease-out"
+        style={{
+          left: indicatorStyle.left,
+          width: indicatorStyle.width,
+        }}
+      />
+      {tabs.map((tab) => {
+        const isActive = tab.value === value
+        return (
+          <button
+            key={tab.value}
+            type="button"
+            onClick={() => onChange(tab.value)}
+            className={`relative z-10 inline-flex items-center gap-1.5 px-3 py-1.5 text-xs font-medium tracking-wide transition-colors duration-150 ${
+              isActive
+                ? 'text-text'
+                : 'text-muted hover:text-text/70'
+            }`}
+          >
+            {tab.Icon && <tab.Icon className="w-3.5 h-3.5" />}
+            <span>{tab.label}</span>
+          </button>
+        )
+      })}
+    </div>
+  )
+}
diff --git a/studio/src/components/ui/Toast.tsx b/studio/src/components/ui/Toast.tsx
new file mode 100644
index 0000000..021d67b
--- /dev/null
+++ b/studio/src/components/ui/Toast.tsx
@@ -0,0 +1,33 @@
+import { useStore } from '@nanostores/react'
+import { $toasts, removeToast } from '../../stores/app'
+import { Icons } from '../shared/Icons'
+
+export function Toasts() {
+  const toasts = useStore($toasts)
+
+  if (toasts.length === 0) return null
+
+  return (
+    <div className="fixed bottom-4 right-4 z-50 space-y-2">
+      {toasts.map(toast => (
+        <div
+          key={toast.id}
+          className={`flex items-center gap-3 px-4 py-3 border shadow-lg ${
+            toast.type === 'success'
+              ? 'bg-success text-white border-success'
+              : 'bg-danger text-white border-danger'
+          }`}
+        >
+          {toast.type === 'success' ? <Icons.CheckCircle /> : <Icons.AlertCircle />}
+          <span className="text-sm font-medium">{toast.message}</span>
+          <button
+            onClick={() => removeToast(toast.id)}
+            className="ml-2 opacity-70 hover:opacity-100"
+          >
+            <Icons.Close className="text-sm" />
+          </button>
+        </div>
+      ))}
+    </div>
+  )
+}
diff --git a/studio/src/components/ui/Toggle.tsx b/studio/src/components/ui/Toggle.tsx
new file mode 100644
index 0000000..8397fbc
--- /dev/null
+++ b/studio/src/components/ui/Toggle.tsx
@@ -0,0 +1,29 @@
+interface ToggleProps {
+  checked: boolean
+  onChange: (checked: boolean) => void
+  label?: string
+  description?: string
+}
+
+export function Toggle({ checked, onChange, label, description }: ToggleProps) {
+  return (
+    <label className="flex items-start gap-3 cursor-pointer">
+      <div className="relative mt-0.5">
+        <input
+          type="checkbox"
+          checked={checked}
+          onChange={e => onChange(e.target.checked)}
+          className="sr-only peer"
+        />
+        <div className="w-10 h-6 bg-border rounded-full peer-checked:bg-accent transition-colors" />
+        <div className="absolute left-1 top-1 w-4 h-4 bg-white rounded-full shadow transition-transform peer-checked:translate-x-4" />
+      </div>
+      <div className="flex-1">
+        <div className="text-sm font-medium text-text">{label || ""}</div>
+        {description && (
+          <div className="text-xs text-muted mt-0.5">{description}</div>
+        )}
+      </div>
+    </label>
+  )
+}
diff --git a/studio/src/components/ui/UsageIndicator.tsx b/studio/src/components/ui/UsageIndicator.tsx
new file mode 100644
index 0000000..7f51f70
--- /dev/null
+++ b/studio/src/components/ui/UsageIndicator.tsx
@@ -0,0 +1,42 @@
+interface UsageIndicatorProps {
+  used: number
+  max: number
+  label: string
+}
+
+export function UsageIndicator({ used, max, label }: UsageIndicatorProps) {
+  const atLimit = used >= max
+  const segments = Array.from({ length: max }, (_, i) => i < used)
+
+  return (
+    <div className={`flex items-center gap-3 px-3 py-2 rounded-md border ${atLimit ? 'bg-warning/5 border-warning/30' : 'bg-accent/5 border-accent/20'}`}>
+      {/* Segmented dots */}
+      <div className="flex gap-1.5">
+        {segments.map((filled, i) => (
+          <div
+            key={i}
+            className={`
+              w-2.5 h-2.5 rounded-full transition-all duration-200
+              ${filled
+                ? atLimit
+                  ? 'bg-warning shadow-[0_0_6px_rgba(245,158,11,0.5)]'
+                  : 'bg-accent shadow-[0_0_6px_rgba(16,185,129,0.4)]'
+                : 'bg-border'
+              }
+            `}
+          />
+        ))}
+      </div>
+
+      {/* Count */}
+      <div className="flex items-baseline gap-1">
+        <span className={`text-sm font-bold tabular-nums ${atLimit ? 'text-warning' : 'text-accent'}`}>
+          {used}
+        </span>
+        <span className="text-muted text-xs font-medium">/</span>
+        <span className="text-muted text-xs font-medium tabular-nums">{max}</span>
+        <span className="text-muted text-xs ml-0.5">{label}</span>
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/components/ui/index.ts b/studio/src/components/ui/index.ts
new file mode 100644
index 0000000..b96055c
--- /dev/null
+++ b/studio/src/components/ui/index.ts
@@ -0,0 +1,11 @@
+export { Button } from './Button'
+export { Input, Textarea } from './Input'
+export { Toggle } from './Toggle'
+export { Modal } from './Modal'
+export { Toasts } from './Toast'
+export { Select } from './Select'
+export { Dropdown, type DropdownOption } from './Dropdown'
+export { Tabs, type Tab } from './Tabs'
+export { Badge } from './Badge'
+export { ActionMenu, type ActionMenuItem } from './ActionMenu'
+export { UsageIndicator } from './UsageIndicator'
diff --git a/studio/src/main.tsx b/studio/src/main.tsx
new file mode 100644
index 0000000..a838e39
--- /dev/null
+++ b/studio/src/main.tsx
@@ -0,0 +1,11 @@
+import { StrictMode } from 'react'
+import { createRoot } from 'react-dom/client'
+import '@unocss/reset/tailwind.css'
+import 'virtual:uno.css'
+import App from './App'
+
+createRoot(document.getElementById('root')!).render(
+  <StrictMode>
+    <App />
+  </StrictMode>,
+)
diff --git a/studio/src/pages/APIPage.tsx b/studio/src/pages/APIPage.tsx
new file mode 100644
index 0000000..5d77600
--- /dev/null
+++ b/studio/src/pages/APIPage.tsx
@@ -0,0 +1,749 @@
+import { useStore } from '@nanostores/react'
+import { useState } from 'react'
+import { $apiKeys, createAPIKey, $deleteAPIKey, $creating } from '../stores/apiKeys'
+import { $webhooks, createWebhook, updateWebhook, $deleteWebhook, testWebhook, fetchWebhookDeliveries } from '../stores/webhooks'
+import { $billing } from '../stores/billing'
+import { addToast } from '../stores/app'
+import { EmptyState, APIPageSkeleton, PageHeader } from '../components/shared'
+import { Icons } from '../components/shared/Icons'
+import { Button, Input, Modal, UsageIndicator } from '../components/ui'
+import type { Webhook, WebhookDelivery, WebhookEvent } from '../types'
+
+type HttpMethod = 'GET' | 'POST' | 'PUT' | 'DELETE'
+
+interface QueryParam {
+  name: string
+  description: string
+  default?: string
+  options?: string[]  // For select dropdowns
+}
+
+interface Endpoint {
+  method: HttpMethod
+  path: string
+  description: string
+  queryParams?: QueryParam[]
+  requestBody?: string
+  responseExample: string
+}
+
+const endpoints: Endpoint[] = [
+  {
+    method: 'GET',
+    path: '/api/v1/posts',
+    description: 'List published posts with pagination',
+    queryParams: [
+      { name: 'limit', description: 'Results per page (max 100)', default: '20' },
+      { name: 'offset', description: 'Skip N results', default: '0' },
+      { name: 'tag', description: 'Filter by tag' },
+      { name: 'include', description: 'Include extra fields', options: ['', 'content'] },
+    ],
+    responseExample: `{
+  "posts": [
+    {
+      "id": "uuid",
+      "slug": "hello-world",
+      "title": "Hello World",
+      "description": "My first post",
+      "tags": ["intro"],
+      "date": "2024-01-15",
+      "draft": false
+    }
+  ],
+  "total": 42,
+  "limit": 20,
+  "offset": 0
+}`,
+  },
+  {
+    method: 'POST',
+    path: '/api/v1/posts',
+    description: 'Create a new post',
+    requestBody: `{
+  "title": "My New Post",
+  "slug": "my-new-post",
+  "content": "# Markdown content",
+  "description": "Optional description",
+  "tags": ["tutorial"],
+  "draft": false
+}`,
+    responseExample: `{
+  "id": "uuid",
+  "slug": "my-new-post",
+  "title": "My New Post",
+  ...
+}`,
+  },
+  {
+    method: 'GET',
+    path: '/api/v1/posts/{slug}',
+    description: 'Get a single post by slug (includes content)',
+    responseExample: `{
+  "id": "uuid",
+  "slug": "hello-world",
+  "title": "Hello World",
+  "description": "My first post",
+  "content": {
+    "markdown": "# Full markdown...",
+    "html": "<h1>Full markdown...</h1>"
+  },
+  "tags": ["intro"],
+  "date": "2024-01-15"
+}`,
+  },
+  {
+    method: 'PUT',
+    path: '/api/v1/posts/{slug}',
+    description: 'Update an existing post',
+    requestBody: `{
+  "title": "Updated Title",
+  "content": "# Updated content"
+}`,
+    responseExample: `{
+  "id": "uuid",
+  "slug": "hello-world",
+  "title": "Updated Title",
+  ...
+}`,
+  },
+  {
+    method: 'DELETE',
+    path: '/api/v1/posts/{slug}',
+    description: 'Delete a post permanently',
+    responseExample: `204 No Content`,
+  },
+  {
+    method: 'GET',
+    path: '/api/v1/settings',
+    description: 'Get public site configuration',
+    responseExample: `{
+  "site_name": "My Blog",
+  "site_description": "A developer blog",
+  "author_name": "Jane Doe",
+  "author_bio": "Software engineer",
+  "twitter_handle": "janedoe",
+  "accent_color": "#10b981"
+}`,
+  },
+]
+
+const methodColors: Record<HttpMethod, string> = {
+  GET: 'bg-success/15 text-success',
+  POST: 'bg-blue-500/15 text-blue-500',
+  PUT: 'bg-warning/15 text-warning',
+  DELETE: 'bg-danger/15 text-danger',
+}
+
+const webhookEvents: { value: WebhookEvent; label: string }[] = [
+  { value: 'post.published', label: 'Post Published' },
+  { value: 'post.updated', label: 'Post Updated' },
+  { value: 'post.deleted', label: 'Post Deleted' },
+]
+
+function EndpointCard({ endpoint, baseUrl, apiKey }: { endpoint: Endpoint; baseUrl: string; apiKey?: string }) {
+  const [expanded, setExpanded] = useState(false)
+  const [slugInput, setSlugInput] = useState('hello-world')
+  const [requestBody, setRequestBody] = useState(endpoint.requestBody || '')
+  const [queryParams, setQueryParams] = useState<Record<string, string>>(() => {
+    const initial: Record<string, string> = {}
+    endpoint.queryParams?.forEach(p => {
+      initial[p.name] = p.default || ''
+    })
+    return initial
+  })
+  const [response, setResponse] = useState<{ status: number; body: string; time: number } | null>(null)
+  const [loading, setLoading] = useState(false)
+
+  const basePath = endpoint.path.replace('{slug}', slugInput)
+  const queryString = Object.entries(queryParams)
+    .filter(([_, v]) => v !== '')
+    .map(([k, v]) => `${k}=${encodeURIComponent(v)}`)
+    .join('&')
+  const actualPath = queryString ? `${basePath}?${queryString}` : basePath
+  const fullUrl = `${baseUrl}${actualPath}`
+
+  const curlExample = endpoint.requestBody
+    ? `curl -X ${endpoint.method} "${fullUrl}" \\
+  -H "Authorization: Bearer ${apiKey || 'YOUR_API_KEY'}" \\
+  -H "Content-Type: application/json" \\
+  -d '${endpoint.requestBody.replace(/\n\s*/g, ' ')}'`
+    : `curl -X ${endpoint.method} "${fullUrl}" \\
+  -H "Authorization: Bearer ${apiKey || 'YOUR_API_KEY'}"`
+
+  const copyCode = (code: string) => {
+    navigator.clipboard.writeText(code)
+    addToast('Copied to clipboard', 'success')
+  }
+
+  const updateQueryParam = (name: string, value: string) => {
+    setQueryParams(prev => ({ ...prev, [name]: value }))
+  }
+
+  const sendRequest = async () => {
+    setLoading(true)
+    setResponse(null)
+    const start = Date.now()
+    try {
+      const headers: Record<string, string> = {
+        'Content-Type': 'application/json',
+      }
+      if (apiKey) {
+        headers['Authorization'] = `Bearer ${apiKey}`
+      }
+      const res = await fetch(actualPath, {
+        method: endpoint.method,
+        headers,
+        body: endpoint.requestBody ? requestBody : undefined,
+      })
+      const time = Date.now() - start
+      let body: string
+      try {
+        const json = await res.json()
+        body = JSON.stringify(json, null, 2)
+      } catch {
+        body = res.status === 204 ? '(No Content)' : await res.text()
+      }
+      setResponse({ status: res.status, body, time })
+    } catch (err) {
+      setResponse({ status: 0, body: `Error: ${err instanceof Error ? err.message : 'Request failed'}`, time: Date.now() - start })
+    } finally {
+      setLoading(false)
+    }
+  }
+
+  return (
+    <div className="border border-border hover:border-muted transition-colors">
+      <button
+        onClick={() => setExpanded(!expanded)}
+        className="group w-full flex items-center gap-3 px-4 py-3 text-left hover:bg-muted/5 transition-colors cursor-pointer"
+      >
+        <span className={`px-2 py-0.5 text-xs font-mono font-medium ${methodColors[endpoint.method]}`}>
+          {endpoint.method}
+        </span>
+        <code className="text-sm font-mono flex-1 group-hover:text-accent transition-colors">{endpoint.path}</code>
+        <span className="text-xs text-muted hidden sm:block">{endpoint.description}</span>
+        <Icons.ChevronRight className={`text-muted transition-transform group-hover:text-text ${expanded ? 'rotate-90' : ''}`} />
+      </button>
+
+      {expanded && (
+        <div className="border-t border-border bg-muted/5 p-4 space-y-4">
+          <p className="text-sm text-muted">{endpoint.description}</p>
+
+          {endpoint.path.includes('{slug}') && (
+            <div className="flex items-center gap-2">
+              <label className="text-xs text-muted w-16">slug:</label>
+              <Input
+                value={slugInput}
+                onChange={setSlugInput}
+                className="max-w-48 text-sm"
+                placeholder="post-slug"
+              />
+            </div>
+          )}
+
+          {endpoint.queryParams && endpoint.queryParams.length > 0 && (
+            <div className="space-y-2">
+              <div className="text-xs text-muted">Query Parameters</div>
+              {endpoint.queryParams.map(param => (
+                <div key={param.name} className="flex items-center gap-2">
+                  <label className="text-xs text-muted w-16 shrink-0">{param.name}:</label>
+                  {param.options ? (
+                    <select
+                      value={queryParams[param.name] || ''}
+                      onChange={e => updateQueryParam(param.name, e.target.value)}
+                      className="px-2 py-1.5 text-sm bg-surface border border-border focus:border-accent focus:outline-none"
+                    >
+                      {param.options.map(opt => (
+                        <option key={opt} value={opt}>{opt || '(none)'}</option>
+                      ))}
+                    </select>
+                  ) : (
+                    <Input
+                      value={queryParams[param.name] || ''}
+                      onChange={v => updateQueryParam(param.name, v)}
+                      className="max-w-32 text-sm"
+                      placeholder={param.default || ''}
+                    />
+                  )}
+                  <span className="text-xs text-muted">{param.description}</span>
+                </div>
+              ))}
+            </div>
+          )}
+
+          {endpoint.requestBody && (
+            <div>
+              <div className="text-xs text-muted mb-2">Request Body</div>
+              <textarea
+                value={requestBody}
+                onChange={e => setRequestBody(e.target.value)}
+                className="w-full p-3 bg-surface border border-border text-xs font-mono resize-y min-h-32"
+                spellCheck={false}
+              />
+            </div>
+          )}
+
+          <Button
+            variant="primary"
+            Icon={loading ? undefined : Icons.Play}
+            onClick={sendRequest}
+            loading={loading}
+          >
+            {loading ? 'Sending...' : 'Try it'}
+          </Button>
+
+          {response && (
+            <div>
+              <div className="flex items-center gap-3 mb-2">
+                <span className="text-xs text-muted">Response</span>
+                <span className={`px-2 py-0.5 text-xs font-mono ${response.status >= 200 && response.status < 300 ? 'bg-success/15 text-success' : response.status >= 400 ? 'bg-danger/15 text-danger' : 'bg-warning/15 text-warning'}`}>
+                  {response.status || 'Error'}
+                </span>
+                <span className="text-xs text-muted">{response.time}ms</span>
+              </div>
+              <pre className="p-3 bg-surface border border-border text-xs font-mono max-h-64 overflow-y-auto whitespace-pre-wrap break-words">
+                {response.body}
+              </pre>
+            </div>
+          )}
+
+          <div>
+            <div className="text-xs text-muted mb-2">Example Response</div>
+            <pre className="p-3 bg-surface border border-border text-xs font-mono overflow-x-auto">
+              {endpoint.responseExample}
+            </pre>
+          </div>
+
+          <div>
+            <div className="flex items-center justify-between mb-2">
+              <span className="text-xs text-muted">cURL</span>
+              <button onClick={() => copyCode(curlExample)} className="text-xs text-muted hover:text-text">
+                <Icons.Copy className="inline mr-1" />Copy
+              </button>
+            </div>
+            <pre className="p-3 bg-surface border border-border text-xs font-mono overflow-x-auto whitespace-pre-wrap">
+              {curlExample}
+            </pre>
+          </div>
+        </div>
+      )}
+    </div>
+  )
+}
+
+function WebhookCard({ webhook, onEdit, onDelete, onTest }: {
+  webhook: Webhook
+  onEdit: () => void
+  onDelete: () => void
+  onTest: () => void
+}) {
+  const [showLogs, setShowLogs] = useState(false)
+  const [deliveries, setDeliveries] = useState<WebhookDelivery[]>([])
+  const [loadingLogs, setLoadingLogs] = useState(false)
+
+  const loadDeliveries = async () => {
+    setLoadingLogs(true)
+    try {
+      const data = await fetchWebhookDeliveries(webhook.id)
+      setDeliveries(data)
+      setShowLogs(true)
+    } catch {
+      addToast('Failed to load delivery logs', 'error')
+    } finally {
+      setLoadingLogs(false)
+    }
+  }
+
+  return (
+    <div className="border border-border p-4">
+      <div className="flex items-start justify-between gap-4">
+        <div className="min-w-0 flex-1">
+          <div className="flex items-center gap-2 mb-1">
+            <span className={`w-2 h-2 rounded-full ${webhook.enabled ? (webhook.last_status === 'success' ? 'bg-success' : webhook.last_status === 'failed' ? 'bg-danger' : 'bg-muted') : 'bg-muted'}`} />
+            <span className="font-medium text-sm">{webhook.name}</span>
+            {!webhook.enabled && <span className="text-xs text-muted">(disabled)</span>}
+          </div>
+          <code className="text-xs text-muted break-all">{webhook.url}</code>
+          <div className="flex flex-wrap gap-1 mt-2">
+            {webhook.events.map(event => (
+              <span key={event} className="px-1.5 py-0.5 text-xs bg-muted/20 text-muted">
+                {event}
+              </span>
+            ))}
+          </div>
+        </div>
+        <div className="flex items-center gap-1">
+          <button onClick={loadDeliveries} className="p-1.5 text-muted hover:text-text" title="View logs">
+            <Icons.List className="w-4 h-4" />
+          </button>
+          <button onClick={onTest} className="p-1.5 text-muted hover:text-text" title="Test">
+            <Icons.Play className="w-4 h-4" />
+          </button>
+          <button onClick={onEdit} className="p-1.5 text-muted hover:text-text" title="Edit">
+            <Icons.Edit className="w-4 h-4" />
+          </button>
+          <button onClick={onDelete} className="p-1.5 text-danger hover:text-danger/80" title="Delete">
+            <Icons.Trash className="w-4 h-4" />
+          </button>
+        </div>
+      </div>
+
+      {showLogs && (
+        <div className="mt-4 pt-4 border-t border-border">
+          <div className="flex items-center justify-between mb-2">
+            <span className="text-xs font-medium text-muted">Recent Deliveries</span>
+            <button onClick={() => setShowLogs(false)} className="text-xs text-muted hover:text-text">Close</button>
+          </div>
+          {loadingLogs ? (
+            <div className="text-xs text-muted">Loading...</div>
+          ) : deliveries.length === 0 ? (
+            <div className="text-xs text-muted">No deliveries yet</div>
+          ) : (
+            <div className="space-y-2 max-h-48 overflow-y-auto">
+              {deliveries.slice(0, 10).map(d => (
+                <div key={d.id} className="flex items-center gap-2 text-xs">
+                  <span className={`w-2 h-2 rounded-full ${d.status === 'success' ? 'bg-success' : 'bg-danger'}`} />
+                  <span className="text-muted">{d.event}</span>
+                  <span className="text-muted">•</span>
+                  <span className={d.status === 'success' ? 'text-success' : 'text-danger'}>
+                    {d.response_code || d.status}
+                  </span>
+                  <span className="text-muted ml-auto">
+                    {new Date(d.created_at).toLocaleString()}
+                  </span>
+                </div>
+              ))}
+            </div>
+          )}
+        </div>
+      )}
+    </div>
+  )
+}
+
+export default function APIPage() {
+  const { data: keys } = useStore($apiKeys)
+  const { data: webhooks } = useStore($webhooks)
+  const { data: billing } = useStore($billing)
+  const creating = useStore($creating)
+  const deleteKey = useStore($deleteAPIKey)
+  const deleteWebhookMutation = useStore($deleteWebhook)
+
+  const [showCreateKey, setShowCreateKey] = useState(false)
+  const [newKeyName, setNewKeyName] = useState('')
+  const [createdKey, setCreatedKey] = useState<string | null>(null)
+  const [deleteKeyModal, setDeleteKeyModal] = useState<string | null>(null)
+
+  const [showWebhookModal, setShowWebhookModal] = useState(false)
+  const [editingWebhook, setEditingWebhook] = useState<Webhook | null>(null)
+  const [webhookForm, setWebhookForm] = useState({ name: '', url: '', events: [] as WebhookEvent[], secret: '', enabled: true })
+  const [deleteWebhookModal, setDeleteWebhookModal] = useState<string | null>(null)
+  const [savingWebhook, setSavingWebhook] = useState(false)
+
+  const handleCreateKey = async () => {
+    if (!newKeyName.trim()) return
+    try {
+      const result = await createAPIKey(newKeyName)
+      setCreatedKey(result.key)
+      setNewKeyName('')
+      setShowCreateKey(false)
+      addToast('API key created', 'success')
+    } catch {
+      addToast('Failed to create API key', 'error')
+    }
+  }
+
+  const handleDeleteKey = async () => {
+    if (!deleteKeyModal) return
+    try {
+      await deleteKey.mutate(deleteKeyModal)
+      addToast('API key deleted', 'success')
+      setDeleteKeyModal(null)
+    } catch {
+      addToast('Failed to delete API key', 'error')
+    }
+  }
+
+  const copyKey = (key: string) => {
+    navigator.clipboard.writeText(key)
+    addToast('Copied to clipboard', 'success')
+  }
+
+  const formatDate = (dateStr: string | null) => {
+    if (!dateStr) return 'Never'
+    return new Date(dateStr).toLocaleDateString('en-US', { month: 'short', day: 'numeric', year: 'numeric' })
+  }
+
+  const openWebhookModal = (webhook?: Webhook) => {
+    if (webhook) {
+      setEditingWebhook(webhook)
+      setWebhookForm({ name: webhook.name, url: webhook.url, events: webhook.events, secret: webhook.secret || '', enabled: webhook.enabled })
+    } else {
+      setEditingWebhook(null)
+      setWebhookForm({ name: '', url: '', events: [], secret: '', enabled: true })
+    }
+    setShowWebhookModal(true)
+  }
+
+  const handleSaveWebhook = async () => {
+    if (!webhookForm.name || !webhookForm.url || webhookForm.events.length === 0) {
+      addToast('Name, URL, and at least one event are required', 'error')
+      return
+    }
+    setSavingWebhook(true)
+    try {
+      if (editingWebhook) {
+        await updateWebhook(editingWebhook.id, webhookForm)
+        addToast('Webhook updated', 'success')
+      } else {
+        await createWebhook(webhookForm)
+        addToast('Webhook created', 'success')
+      }
+      setShowWebhookModal(false)
+    } catch {
+      addToast('Failed to save webhook', 'error')
+    } finally {
+      setSavingWebhook(false)
+    }
+  }
+
+  const handleDeleteWebhook = async () => {
+    if (!deleteWebhookModal) return
+    try {
+      await deleteWebhookMutation.mutate(deleteWebhookModal)
+      addToast('Webhook deleted', 'success')
+      setDeleteWebhookModal(null)
+    } catch {
+      addToast('Failed to delete webhook', 'error')
+    }
+  }
+
+  const handleTestWebhook = async (id: string) => {
+    try {
+      await testWebhook(id)
+      addToast('Test webhook sent', 'success')
+    } catch {
+      addToast('Failed to send test webhook', 'error')
+    }
+  }
+
+  const toggleEvent = (event: WebhookEvent) => {
+    setWebhookForm(f => ({
+      ...f,
+      events: f.events.includes(event) ? f.events.filter(e => e !== event) : [...f.events, event]
+    }))
+  }
+
+  if (!keys) return <APIPageSkeleton />
+
+  const baseUrl = window.location.origin
+  const firstKey = keys.length > 0 ? keys[0].key : undefined
+
+  return (
+    <div>
+      <PageHeader>
+        <Button variant="primary" Icon={Icons.Plus} onClick={() => setShowCreateKey(true)}>
+          Create Key
+        </Button>
+      </PageHeader>
+
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        {createdKey && (
+          <div className="px-6 lg:px-10 py-4 bg-success/10 border-b border-success">
+            <div className="flex items-center gap-2 mb-2">
+              <Icons.CheckCircle className="text-success" />
+              <span className="text-sm font-medium">API Key Created</span>
+            </div>
+            <p className="text-xs text-muted mb-3">Copy this key now. You won't be able to see it again.</p>
+            <div className="flex items-center gap-2">
+              <code className="flex-1 p-2 bg-surface border border-border text-xs font-mono truncate">{createdKey}</code>
+              <Button variant="secondary" Icon={Icons.Copy} onClick={() => copyKey(createdKey)}>Copy</Button>
+            </div>
+            <button onClick={() => setCreatedKey(null)} className="mt-2 text-xs text-muted hover:text-text">Dismiss</button>
+          </div>
+        )}
+
+        {/* API Keys */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Your API Keys</div>
+          <div className="text-xs text-muted mt-0.5">Use these keys to authenticate API requests</div>
+        </div>
+        <div className="border-t border-border">
+          {keys.length === 0 ? (
+            <div className="px-6 lg:px-10 py-12">
+              <EmptyState
+                Icon={Icons.ApiKeys}
+                title="No API keys"
+                description="Create an API key to access the API"
+                action={<Button variant="primary" Icon={Icons.Plus} onClick={() => setShowCreateKey(true)}>Create Key</Button>}
+              />
+            </div>
+          ) : (
+            keys.map((key, i) => (
+              <div key={key.key} className={`flex flex-col sm:flex-row sm:items-center gap-4 px-6 lg:px-10 py-4 ${i > 0 ? 'border-t border-border' : ''}`}>
+                <div className="flex-1 min-w-0">
+                  <div className="text-sm font-medium">{key.name}</div>
+                  <div className="flex flex-wrap items-center gap-x-3 gap-y-1 text-xs text-muted mt-1">
+                    <code className="font-mono">{key.key.slice(0, 8)}...{key.key.slice(-4)}</code>
+                    <span className="hidden sm:inline">•</span>
+                    <span>Created {formatDate(key.created_at)}</span>
+                    <span className="hidden sm:inline">•</span>
+                    <span>Last used {formatDate(key.last_used_at)}</span>
+                  </div>
+                </div>
+                <Button variant="ghost" Icon={Icons.Trash} className="text-danger hover:text-danger self-start sm:self-center" onClick={() => setDeleteKeyModal(key.key)}>Delete</Button>
+              </div>
+            ))
+          )}
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Webhooks */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="flex items-center justify-between">
+            <div>
+              <div className="text-xs font-medium text-muted uppercase tracking-wide">Webhooks</div>
+              <div className="text-xs text-muted mt-0.5">Get notified when posts are published, updated, or deleted</div>
+            </div>
+            {billing && (
+              <UsageIndicator
+                used={billing.usage.webhooks}
+                max={billing.tiers[billing.current_tier].max_webhooks}
+                label="used"
+              />
+            )}
+          </div>
+        </div>
+        <div className="px-6 lg:px-10 py-6 space-y-3">
+          {webhooks && webhooks.length > 0 ? (
+            webhooks.map(webhook => (
+              <WebhookCard
+                key={webhook.id}
+                webhook={webhook}
+                onEdit={() => openWebhookModal(webhook)}
+                onDelete={() => setDeleteWebhookModal(webhook.id)}
+                onTest={() => handleTestWebhook(webhook.id)}
+              />
+            ))
+          ) : (
+            <div className="text-sm text-muted">No webhooks configured</div>
+          )}
+          {billing && billing.usage.webhooks >= billing.tiers[billing.current_tier].max_webhooks ? (
+            <div className="flex items-center gap-3 p-3 border border-warning/30 bg-warning/5">
+              <Icons.AlertCircle className="text-warning flex-shrink-0" />
+              <span className="text-sm text-muted">Webhook limit reached.</span>
+              <Button variant="primary" href="/studio/billing">Upgrade</Button>
+            </div>
+          ) : (
+            <Button variant="secondary" Icon={Icons.Plus} onClick={() => openWebhookModal()}>Add Webhook</Button>
+          )}
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* API Reference */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">API Reference</div>
+          <div className="text-xs text-muted mt-0.5">Base URL: <code className="text-text">{baseUrl}</code></div>
+        </div>
+        <div className="px-6 lg:px-10 py-6 space-y-2">
+          {endpoints.map((endpoint) => (
+            <EndpointCard key={`${endpoint.method}-${endpoint.path}`} endpoint={endpoint} baseUrl={baseUrl} apiKey={firstKey} />
+          ))}
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Authentication */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Authentication</div>
+          <div className="text-xs text-muted mt-0.5">How to authenticate your requests</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          <p className="text-sm text-muted mb-3">All API requests require a Bearer token in the Authorization header:</p>
+          <pre className="p-3 bg-surface border border-border text-xs font-mono overflow-x-auto">
+            Authorization: Bearer {firstKey ? `${firstKey.slice(0, 8)}...` : 'YOUR_API_KEY'}
+          </pre>
+          <p className="text-xs text-muted mt-3">Keep API keys secure and never expose them in client-side code.</p>
+        </div>
+      </div>
+
+      {/* Create Key Modal */}
+      <Modal open={showCreateKey} onClose={() => setShowCreateKey(false)} title="Create API Key">
+        <div className="space-y-4">
+          <div className="space-y-1">
+            <label className="label">Key Name</label>
+            <Input value={newKeyName} onChange={setNewKeyName} placeholder="My API Key" />
+            <p className="text-xs text-muted">A name to identify this key</p>
+          </div>
+          <div className="flex justify-end gap-2">
+            <Button variant="secondary" onClick={() => setShowCreateKey(false)}>Cancel</Button>
+            <Button variant="primary" onClick={handleCreateKey} loading={creating} disabled={!newKeyName.trim()}>Create</Button>
+          </div>
+        </div>
+      </Modal>
+
+      {/* Delete Key Modal */}
+      <Modal open={!!deleteKeyModal} onClose={() => setDeleteKeyModal(null)} title="Delete API Key">
+        <p className="text-sm text-muted mb-4">Are you sure? Applications using this key will stop working.</p>
+        <div className="flex justify-end gap-2">
+          <Button variant="secondary" onClick={() => setDeleteKeyModal(null)}>Cancel</Button>
+          <Button variant="danger" onClick={handleDeleteKey} loading={deleteKey.loading}>Delete</Button>
+        </div>
+      </Modal>
+
+      {/* Webhook Modal */}
+      <Modal open={showWebhookModal} onClose={() => setShowWebhookModal(false)} title={editingWebhook ? 'Edit Webhook' : 'Add Webhook'}>
+        <div className="space-y-4">
+          <div className="space-y-1">
+            <label className="label">Name</label>
+            <Input value={webhookForm.name} onChange={v => setWebhookForm(f => ({ ...f, name: v }))} placeholder="Discord Notification" />
+          </div>
+          <div className="space-y-1">
+            <label className="label">URL</label>
+            <Input value={webhookForm.url} onChange={v => setWebhookForm(f => ({ ...f, url: v }))} placeholder="https://your-server.com/webhook" />
+          </div>
+          <div className="space-y-2">
+            <label className="label">Events</label>
+            <div className="flex flex-wrap gap-2">
+              {webhookEvents.map(e => (
+                <button
+                  key={e.value}
+                  onClick={() => toggleEvent(e.value)}
+                  className={`px-3 py-1.5 text-xs border transition-colors ${webhookForm.events.includes(e.value) ? 'border-accent bg-accent/10 text-accent' : 'border-border text-muted hover:border-muted'}`}
+                >
+                  {e.label}
+                </button>
+              ))}
+            </div>
+          </div>
+          <div className="space-y-1">
+            <label className="label">Secret (optional)</label>
+            <Input value={webhookForm.secret} onChange={v => setWebhookForm(f => ({ ...f, secret: v }))} placeholder="For HMAC signature verification" />
+            <p className="text-xs text-muted">Used to sign payloads with X-WriteKit-Signature header</p>
+          </div>
+          {editingWebhook && (
+            <label className="flex items-center gap-2 text-sm">
+              <input type="checkbox" checked={webhookForm.enabled} onChange={e => setWebhookForm(f => ({ ...f, enabled: e.target.checked }))} />
+              Enabled
+            </label>
+          )}
+          <div className="flex justify-end gap-2">
+            <Button variant="secondary" onClick={() => setShowWebhookModal(false)}>Cancel</Button>
+            <Button variant="primary" onClick={handleSaveWebhook} loading={savingWebhook}>{editingWebhook ? 'Save' : 'Create'}</Button>
+          </div>
+        </div>
+      </Modal>
+
+      {/* Delete Webhook Modal */}
+      <Modal open={!!deleteWebhookModal} onClose={() => setDeleteWebhookModal(null)} title="Delete Webhook">
+        <p className="text-sm text-muted mb-4">Are you sure you want to delete this webhook?</p>
+        <div className="flex justify-end gap-2">
+          <Button variant="secondary" onClick={() => setDeleteWebhookModal(null)}>Cancel</Button>
+          <Button variant="danger" onClick={handleDeleteWebhook} loading={deleteWebhookMutation.loading}>Delete</Button>
+        </div>
+      </Modal>
+    </div>
+  )
+}
diff --git a/studio/src/pages/AnalyticsPage.tsx b/studio/src/pages/AnalyticsPage.tsx
new file mode 100644
index 0000000..75db680
--- /dev/null
+++ b/studio/src/pages/AnalyticsPage.tsx
@@ -0,0 +1,318 @@
+import { useEffect, useRef } from 'react'
+import { useStore } from '@nanostores/react'
+import { Chart, LineController, LineElement, PointElement, LinearScale, CategoryScale, Filler, Tooltip } from 'chart.js'
+import { $analytics, $days } from '../stores/analytics'
+import { BreakdownList, AnalyticsPageSkeleton, EmptyState, PageHeader } from '../components/shared'
+import { Tabs } from '../components/ui'
+import { Icons, getReferrerIcon, getCountryFlagUrl, getBrowserIcon, getDeviceIcon, getOSIcon } from '../components/shared/Icons'
+
+Chart.register(LineController, LineElement, PointElement, LinearScale, CategoryScale, Filler, Tooltip)
+
+const periodTabs = [
+  { value: '7', label: '7d' },
+  { value: '30', label: '30d' },
+  { value: '90', label: '90d' },
+]
+
+function formatBytes(bytes: number): string {
+  if (bytes === 0) return '0 B'
+  const k = 1024
+  const sizes = ['B', 'KB', 'MB', 'GB']
+  const i = Math.floor(Math.log(bytes) / Math.log(k))
+  return `${parseFloat((bytes / Math.pow(k, i)).toFixed(1))} ${sizes[i]}`
+}
+
+function formatChange(change: number): { text: string; positive: boolean } {
+  const sign = change >= 0 ? '+' : ''
+  return {
+    text: `${sign}${change.toFixed(1)}%`,
+    positive: change >= 0,
+  }
+}
+
+export default function AnalyticsPage() {
+  const { data, error } = useStore($analytics)
+  const days = useStore($days)
+  const chartRef = useRef<HTMLCanvasElement>(null)
+  const chartInstance = useRef<Chart | null>(null)
+  const prevDataRef = useRef(data)
+
+  useEffect(() => {
+    if (!data?.views_by_day?.length || !chartRef.current) return
+
+    if (chartInstance.current) {
+      chartInstance.current.destroy()
+    }
+
+    const ctx = chartRef.current.getContext('2d')
+    if (!ctx) return
+
+    const sortedData = [...data.views_by_day].sort((a, b) => a.date.localeCompare(b.date))
+
+    const fontFamily = '"SF Mono", "JetBrains Mono", "Fira Code", Consolas, monospace'
+
+    chartInstance.current = new Chart(ctx, {
+      type: 'line',
+      data: {
+        labels: sortedData.map(d => new Date(d.date).toLocaleDateString('en-US', { month: 'short', day: 'numeric' })),
+        datasets: [{
+          data: sortedData.map(d => d.views),
+          borderColor: '#10b981',
+          backgroundColor: 'rgba(16, 185, 129, 0.08)',
+          borderWidth: 2,
+          fill: true,
+          tension: 0.3,
+          pointRadius: 3,
+          pointBackgroundColor: '#10b981',
+          pointBorderColor: '#10b981',
+          pointHoverRadius: 6,
+          pointHoverBackgroundColor: '#10b981',
+          pointHoverBorderColor: '#ffffff',
+          pointHoverBorderWidth: 2,
+        }]
+      },
+      options: {
+        responsive: true,
+        maintainAspectRatio: false,
+        interaction: {
+          intersect: false,
+          mode: 'index',
+        },
+        plugins: {
+          tooltip: {
+            backgroundColor: '#0a0a0a',
+            titleColor: '#fafafa',
+            bodyColor: '#fafafa',
+            titleFont: { family: fontFamily, size: 11 },
+            bodyFont: { family: fontFamily, size: 12 },
+            padding: 10,
+            cornerRadius: 0,
+            displayColors: false,
+            callbacks: {
+              label: (ctx) => `${(ctx.parsed.y ?? 0).toLocaleString()} views`
+            }
+          }
+        },
+        scales: {
+          x: {
+            grid: { display: false },
+            border: { display: false },
+            ticks: {
+              color: '#737373',
+              font: { family: fontFamily, size: 10 },
+              padding: 8,
+              maxRotation: 0,
+            }
+          },
+          y: {
+            grid: { color: '#e5e5e5' },
+            border: { display: false },
+            ticks: {
+              color: '#737373',
+              font: { family: fontFamily, size: 10 },
+              padding: 12,
+            },
+            beginAtZero: true
+          }
+        }
+      }
+    })
+
+    return () => {
+      if (chartInstance.current) {
+        chartInstance.current.destroy()
+      }
+    }
+  }, [data])
+
+  // Keep previous data while loading to prevent flickering
+  if (data) {
+    prevDataRef.current = data
+  }
+  const displayData = data || prevDataRef.current
+
+  if (error && !displayData) return <EmptyState Icon={Icons.AlertCircle} title="Failed to load analytics" description={error.message} />
+  if (!displayData) return <AnalyticsPageSkeleton />
+
+  const change = formatChange(displayData.views_change)
+
+  return (
+    <div>
+      <PageHeader>
+        <Tabs
+          value={String(days)}
+          onChange={(v) => $days.set(Number(v))}
+          tabs={periodTabs}
+        />
+      </PageHeader>
+
+      {/* Panel container - full-bleed borders */}
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        {/* Stats row - 4 columns on lg, 2 on mobile */}
+        <div className="relative">
+          {/* Vertical dividers at column boundaries (lg: 4 cols, mobile: 2 cols) */}
+          <div className="absolute top-0 bottom-0 left-1/2 border-l border-border lg:hidden" />
+          <div className="hidden lg:block absolute top-0 bottom-0 border-l border-border" style={{ left: '25%' }} />
+          <div className="hidden lg:block absolute top-0 bottom-0 border-l border-border" style={{ left: '50%' }} />
+          <div className="hidden lg:block absolute top-0 bottom-0 border-l border-border" style={{ left: '75%' }} />
+
+          <div className="grid grid-cols-2 lg:grid-cols-4">
+            <div className="py-5 pl-6 lg:pl-10 pr-6">
+              <div className="text-xs text-muted mb-1">Total Views</div>
+              <div className="text-2xl font-semibold tracking-tight">{displayData.total_views.toLocaleString()}</div>
+              <div className={`text-xs mt-1 ${change.positive ? 'text-success' : 'text-danger'}`}>
+                {change.text} vs last period
+              </div>
+            </div>
+            <div className="py-5 px-6 lg:pr-6">
+              <div className="text-xs text-muted mb-1">Page Views</div>
+              <div className="text-2xl font-semibold tracking-tight">{displayData.total_page_views.toLocaleString()}</div>
+            </div>
+            <div className="py-5 px-6 lg:pl-6 border-t border-border lg:border-t-0">
+              <div className="text-xs text-muted mb-1">Unique Visitors</div>
+              <div className="text-2xl font-semibold tracking-tight">{displayData.unique_visitors.toLocaleString()}</div>
+            </div>
+            <div className="py-5 pr-6 lg:pr-10 pl-6 border-t border-border lg:border-t-0">
+              <div className="text-xs text-muted mb-1">Bandwidth</div>
+              <div className="text-2xl font-semibold tracking-tight">{formatBytes(displayData.total_bandwidth)}</div>
+            </div>
+          </div>
+        </div>
+
+        {/* Horizontal divider */}
+        <div className="border-t border-border" />
+
+        {/* Chart section */}
+        {displayData.views_by_day.length > 0 && (
+          <>
+            <div className="px-6 lg:px-10 py-6">
+              <div className="text-xs font-medium text-muted uppercase tracking-wide mb-4">Views Over Time</div>
+              <div className="h-48">
+                <canvas ref={chartRef} />
+              </div>
+            </div>
+            <div className="border-t border-border" />
+          </>
+        )}
+
+        {/* Breakdown sections - 2 columns */}
+        <div className="relative">
+          {/* Vertical divider at center on lg */}
+          <div className="hidden lg:block absolute top-0 bottom-0 left-1/2 border-l border-border" />
+
+          <div className="grid lg:grid-cols-2">
+            {/* Top Pages */}
+            {displayData.top_pages.length > 0 && (
+              <div className="py-6 pl-6 lg:pl-10 pr-6 border-b border-border lg:border-b-0">
+                <div className="text-xs font-medium text-muted uppercase tracking-wide mb-4">Top Pages</div>
+                <BreakdownList
+                  items={displayData.top_pages.map(p => ({
+                    label: p.path,
+                    value: p.views,
+                    percentage: (p.views / displayData.total_page_views) * 100,
+                  }))}
+                />
+              </div>
+            )}
+
+            {/* Top Referrers */}
+            {displayData.top_referrers.length > 0 && (
+              <div className="py-6 pr-6 lg:pr-10 pl-6 border-b border-border lg:border-b-0">
+                <div className="text-xs font-medium text-muted uppercase tracking-wide mb-4">Top Referrers</div>
+                <BreakdownList
+                  items={displayData.top_referrers.map(r => {
+                    const label = r.referrer || 'Direct'
+                    return {
+                      label,
+                      value: r.views,
+                      percentage: (r.views / displayData.total_views) * 100,
+                      Icon: getReferrerIcon(label),
+                    }
+                  })}
+                />
+              </div>
+            )}
+          </div>
+        </div>
+
+        {/* Row 2: Browsers & Devices */}
+        {(displayData.browsers.length > 0 || displayData.devices.length > 0) && (
+          <>
+            <div className="border-t border-border" />
+            <div className="relative">
+              <div className="hidden lg:block absolute top-0 bottom-0 left-1/2 border-l border-border" />
+              <div className="grid lg:grid-cols-2">
+                {displayData.browsers.length > 0 && (
+                  <div className="py-6 pl-6 lg:pl-10 pr-6 border-b border-border lg:border-b-0">
+                    <div className="text-xs font-medium text-muted uppercase tracking-wide mb-4">Browsers</div>
+                    <BreakdownList
+                      items={displayData.browsers.map(b => ({
+                        label: b.name,
+                        value: b.count,
+                        percentage: (b.count / displayData.unique_visitors) * 100,
+                        Icon: getBrowserIcon(b.name) || undefined,
+                      }))}
+                    />
+                  </div>
+                )}
+
+                {displayData.devices.length > 0 && (
+                  <div className="py-6 pr-6 lg:pr-10 pl-6 border-b border-border lg:border-b-0">
+                    <div className="text-xs font-medium text-muted uppercase tracking-wide mb-4">Devices</div>
+                    <BreakdownList
+                      items={displayData.devices.map(d => ({
+                        label: d.name,
+                        value: d.count,
+                        percentage: (d.count / displayData.unique_visitors) * 100,
+                        Icon: getDeviceIcon(d.name) || undefined,
+                      }))}
+                    />
+                  </div>
+                )}
+              </div>
+            </div>
+          </>
+        )}
+
+        {/* Row 3: Countries & OS */}
+        {(displayData.countries.length > 0 || displayData.os.length > 0) && (
+          <>
+            <div className="border-t border-border" />
+            <div className="relative">
+              <div className="hidden lg:block absolute top-0 bottom-0 left-1/2 border-l border-border" />
+              <div className="grid lg:grid-cols-2">
+                {displayData.countries.length > 0 && (
+                  <div className="py-6 pl-6 lg:pl-10 pr-6 border-b border-border lg:border-b-0">
+                    <div className="text-xs font-medium text-muted uppercase tracking-wide mb-4">Countries</div>
+                    <BreakdownList
+                      items={displayData.countries.map(c => ({
+                        label: c.name,
+                        value: c.count,
+                        percentage: (c.count / displayData.unique_visitors) * 100,
+                        flagUrl: getCountryFlagUrl(c.name, 40) || undefined,
+                      }))}
+                    />
+                  </div>
+                )}
+
+                {displayData.os.length > 0 && (
+                  <div className="py-6 pr-6 lg:pr-10 pl-6">
+                    <div className="text-xs font-medium text-muted uppercase tracking-wide mb-4">Operating Systems</div>
+                    <BreakdownList
+                      items={displayData.os.map(o => ({
+                        label: o.name,
+                        value: o.count,
+                        percentage: (o.count / displayData.unique_visitors) * 100,
+                        Icon: getOSIcon(o.name) || undefined,
+                      }))}
+                    />
+                  </div>
+                )}
+              </div>
+            </div>
+          </>
+        )}
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/pages/BillingPage.tsx b/studio/src/pages/BillingPage.tsx
new file mode 100644
index 0000000..be5d3eb
--- /dev/null
+++ b/studio/src/pages/BillingPage.tsx
@@ -0,0 +1,251 @@
+import { useState } from 'react'
+import { useStore } from '@nanostores/react'
+import { PageHeader, BillingPageSkeleton } from '../components/shared'
+import { Icons } from '../components/shared/Icons'
+import { Button } from '../components/ui'
+import { $billing } from '../stores/billing'
+import type { Tier, TierConfig } from '../types'
+
+type BillingCycle = 'monthly' | 'annual'
+
+function formatPrice(cents: number): string {
+  return `$${(cents / 100).toFixed(0)}`
+}
+
+function getFeatureList(config: TierConfig, tier: Tier): { name: string; included: boolean }[] {
+  if (tier === 'free') {
+    return [
+      { name: 'Unlimited posts', included: true },
+      { name: 'Comments & reactions', included: true },
+      { name: 'writekit.dev subdomain', included: true },
+      { name: `${config.analytics_retention}-day analytics`, included: true },
+      { name: `API access (${config.api_rate_limit} req/hr)`, included: true },
+      { name: `${config.max_webhooks} webhooks`, included: true },
+      { name: `${config.max_plugins} plugins`, included: true },
+      { name: 'Custom domain', included: false },
+      { name: 'Remove "Powered by" badge', included: false },
+    ]
+  }
+  return [
+    { name: 'Unlimited posts', included: true },
+    { name: 'Comments & reactions', included: true },
+    { name: 'writekit.dev subdomain', included: true },
+    { name: 'Custom domain', included: true },
+    { name: 'No "Powered by" badge', included: true },
+    { name: `${config.analytics_retention}-day analytics`, included: true },
+    { name: `API access (${config.api_rate_limit} req/hr)`, included: true },
+    { name: `${config.max_webhooks} webhooks`, included: true },
+    { name: `${config.max_plugins} plugins`, included: true },
+    { name: 'Priority support', included: true },
+  ]
+}
+
+export default function BillingPage() {
+  const { data: billing } = useStore($billing)
+  const [billingCycle, setBillingCycle] = useState<BillingCycle>('annual')
+
+  if (!billing) return <BillingPageSkeleton />
+
+  const currentTier = billing.current_tier
+  const currentConfig = billing.tiers[currentTier]
+  const proConfig = billing.tiers.pro
+  const proFeatures = getFeatureList(proConfig, 'pro')
+
+  const annualSavings = (proConfig.monthly_price * 12 - proConfig.annual_price) / 100
+
+  return (
+    <div>
+      <PageHeader />
+
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        {/* Current Plan */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Current Plan</div>
+        </div>
+        <div className="px-6 lg:px-10 pb-6">
+          <div className="p-4 border border-accent bg-accent/5">
+            <div className="flex items-center justify-between">
+              <div>
+                <div className="flex items-center gap-2">
+                  <span className="text-lg font-medium">{currentConfig.name}</span>
+                  <span className="px-2 py-0.5 bg-accent/20 text-accent text-xs font-medium">Active</span>
+                </div>
+                <div className="text-sm text-muted mt-1">{currentConfig.description}</div>
+              </div>
+              {currentTier === 'free' && (
+                <Button variant="primary" href="#upgrade">Upgrade to Pro</Button>
+              )}
+            </div>
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Upgrade Section */}
+        {currentTier === 'free' && (
+          <>
+            <div id="upgrade" className="px-6 lg:px-10 py-5">
+              <div className="text-xs font-medium text-muted uppercase tracking-wide">Upgrade to Pro</div>
+              <div className="text-xs text-muted mt-0.5">Get custom domain, extended analytics, and more</div>
+            </div>
+
+            <div className="px-6 lg:px-10 pb-6">
+              {/* Billing Toggle */}
+              <div className="flex items-center justify-center gap-3 mb-6">
+                <button
+                  onClick={() => setBillingCycle('monthly')}
+                  className={`px-3 py-1.5 text-sm font-medium transition-colors ${
+                    billingCycle === 'monthly' ? 'text-text' : 'text-muted hover:text-text'
+                  }`}
+                >
+                  Monthly
+                </button>
+                <button
+                  onClick={() => setBillingCycle('annual')}
+                  className={`px-3 py-1.5 text-sm font-medium transition-colors flex items-center gap-2 ${
+                    billingCycle === 'annual' ? 'text-text' : 'text-muted hover:text-text'
+                  }`}
+                >
+                  Annual
+                  <span className="px-1.5 py-0.5 bg-success/20 text-success text-xs">
+                    Save ${annualSavings}
+                  </span>
+                </button>
+              </div>
+
+              {/* Pro Plan Card */}
+              <div className="max-w-md mx-auto p-6 border border-border">
+                <div className="text-center mb-6">
+                  <div className="text-sm font-medium text-muted mb-2">Pro</div>
+                  <div className="text-4xl font-semibold tracking-tight">
+                    {formatPrice(billingCycle === 'monthly' ? proConfig.monthly_price : proConfig.annual_price)}
+                    <span className="text-base font-normal text-muted">
+                      /{billingCycle === 'monthly' ? 'mo' : 'yr'}
+                    </span>
+                  </div>
+                  {billingCycle === 'annual' && (
+                    <div className="text-xs text-muted mt-1">
+                      {formatPrice(Math.round(proConfig.annual_price / 12))}/mo billed annually
+                    </div>
+                  )}
+                </div>
+
+                <ul className="space-y-3 mb-6">
+                  {proFeatures.map((feature) => (
+                    <li key={feature.name} className="flex items-center gap-2 text-sm">
+                      <Icons.Check className="text-success flex-shrink-0" />
+                      <span>{feature.name}</span>
+                    </li>
+                  ))}
+                </ul>
+
+                <Button variant="primary" className="w-full">
+                  Upgrade to Pro
+                </Button>
+
+                <p className="text-xs text-muted text-center mt-3">
+                  Secure payment via Lemon Squeezy. Cancel anytime.
+                </p>
+              </div>
+            </div>
+
+            <div className="border-t border-border" />
+          </>
+        )}
+
+        {/* Feature Comparison */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Feature Comparison</div>
+        </div>
+        <div className="px-6 lg:px-10 pb-6">
+          <div className="border border-border overflow-hidden">
+            <table className="w-full text-sm">
+              <thead>
+                <tr className="border-b border-border bg-muted/5">
+                  <th className="text-left px-4 py-3 font-medium">Feature</th>
+                  <th className="text-center px-4 py-3 font-medium w-24">Free</th>
+                  <th className="text-center px-4 py-3 font-medium w-24">Pro</th>
+                </tr>
+              </thead>
+              <tbody>
+                <tr className="border-b border-border">
+                  <td className="px-4 py-3">Custom domain</td>
+                  <td className="text-center px-4 py-3"><Icons.Close className="text-muted/50 inline" /></td>
+                  <td className="text-center px-4 py-3"><Icons.Check className="text-success inline" /></td>
+                </tr>
+                <tr className="border-b border-border">
+                  <td className="px-4 py-3">"Powered by WriteKit" badge</td>
+                  <td className="text-center px-4 py-3 text-muted">Required</td>
+                  <td className="text-center px-4 py-3 text-muted">Hidden</td>
+                </tr>
+                <tr className="border-b border-border">
+                  <td className="px-4 py-3">Analytics retention</td>
+                  <td className="text-center px-4 py-3 text-muted">{billing.tiers.free.analytics_retention} days</td>
+                  <td className="text-center px-4 py-3 text-muted">{billing.tiers.pro.analytics_retention} days</td>
+                </tr>
+                <tr className="border-b border-border">
+                  <td className="px-4 py-3">API rate limit</td>
+                  <td className="text-center px-4 py-3 text-muted">{billing.tiers.free.api_rate_limit}/hr</td>
+                  <td className="text-center px-4 py-3 text-muted">{billing.tiers.pro.api_rate_limit}/hr</td>
+                </tr>
+                <tr className="border-b border-border">
+                  <td className="px-4 py-3">Webhooks</td>
+                  <td className="text-center px-4 py-3 text-muted">{billing.tiers.free.max_webhooks}</td>
+                  <td className="text-center px-4 py-3 text-muted">{billing.tiers.pro.max_webhooks}</td>
+                </tr>
+                <tr className="border-b border-border">
+                  <td className="px-4 py-3">Plugins</td>
+                  <td className="text-center px-4 py-3 text-muted">{billing.tiers.free.max_plugins}</td>
+                  <td className="text-center px-4 py-3 text-muted">{billing.tiers.pro.max_plugins}</td>
+                </tr>
+                <tr className="border-b border-border">
+                  <td className="px-4 py-3">Posts</td>
+                  <td className="text-center px-4 py-3 text-muted">Unlimited</td>
+                  <td className="text-center px-4 py-3 text-muted">Unlimited</td>
+                </tr>
+                <tr>
+                  <td className="px-4 py-3">Support</td>
+                  <td className="text-center px-4 py-3 text-muted">Community</td>
+                  <td className="text-center px-4 py-3 text-muted">Priority</td>
+                </tr>
+              </tbody>
+            </table>
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* FAQ */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Questions</div>
+        </div>
+        <div className="px-6 lg:px-10 pb-6 space-y-4">
+          <div>
+            <div className="text-sm font-medium mb-1">Can I cancel anytime?</div>
+            <div className="text-sm text-muted">
+              Yes. Cancel anytime and keep access until the end of your billing period.
+            </div>
+          </div>
+          <div>
+            <div className="text-sm font-medium mb-1">Can I switch from monthly to annual?</div>
+            <div className="text-sm text-muted">
+              Yes. Switch anytime and we'll prorate your payment.
+            </div>
+          </div>
+          <div>
+            <div className="text-sm font-medium mb-1">What happens to my content if I downgrade?</div>
+            <div className="text-sm text-muted">
+              Your content stays. Custom domain will stop working, badge will appear, and analytics older than 7 days won't be accessible.
+            </div>
+          </div>
+          <div>
+            <div className="text-sm font-medium mb-1">Can I export my data?</div>
+            <div className="text-sm text-muted">
+              Yes. Export all your posts, settings, and assets anytime from the Data page. Your data is always yours.
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/pages/DataPage.tsx b/studio/src/pages/DataPage.tsx
new file mode 100644
index 0000000..8741a42
--- /dev/null
+++ b/studio/src/pages/DataPage.tsx
@@ -0,0 +1,106 @@
+import { PageHeader } from '../components/shared'
+import { Icons } from '../components/shared/Icons'
+import { Button } from '../components/ui'
+
+export default function DataPage() {
+  const handleExport = () => {
+    window.location.href = '/api/studio/export'
+  }
+
+  return (
+    <div>
+      <PageHeader />
+
+      {/* Panel container - full-bleed borders */}
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        {/* Import */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Import</div>
+          <div className="text-xs text-muted mt-0.5">Import posts from other platforms</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6 space-y-4">
+          <div className="p-4 border border-dashed border-border text-center">
+            <Icons.Upload className="text-2xl text-muted mb-2" />
+            <p className="text-sm font-medium mb-1">Upload files</p>
+            <p className="text-xs text-muted mb-3">
+              Supports Markdown files or JSON exports
+            </p>
+            <Button variant="secondary" Icon={Icons.Upload}>
+              Choose Files
+            </Button>
+          </div>
+          <div className="grid grid-cols-1 sm:grid-cols-2 gap-2">
+            <button className="p-3 border border-border text-left hover:border-muted transition-colors">
+              <div className="flex items-center gap-2 mb-1">
+                <Icons.Ghost className="text-muted" />
+                <span className="text-sm font-medium">Ghost</span>
+              </div>
+              <p className="text-xs text-muted">Import from Ghost JSON export</p>
+            </button>
+            <button className="p-3 border border-border text-left hover:border-muted transition-colors">
+              <div className="flex items-center gap-2 mb-1">
+                <Icons.PenTool className="text-muted" />
+                <span className="text-sm font-medium">Substack</span>
+              </div>
+              <p className="text-xs text-muted">Import from Substack export</p>
+            </button>
+            <button className="p-3 border border-border text-left hover:border-muted transition-colors">
+              <div className="flex items-center gap-2 mb-1">
+                <Icons.Posts className="text-muted" />
+                <span className="text-sm font-medium">Markdown</span>
+              </div>
+              <p className="text-xs text-muted">Import Markdown files</p>
+            </button>
+            <button className="p-3 border border-border text-left hover:border-muted transition-colors">
+              <div className="flex items-center gap-2 mb-1">
+                <Icons.WordPress className="text-muted" />
+                <span className="text-sm font-medium">WordPress</span>
+              </div>
+              <p className="text-xs text-muted">Import from WordPress XML</p>
+            </button>
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Export */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Export</div>
+          <div className="text-xs text-muted mt-0.5">Download all your blog data</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6 space-y-3">
+          <p className="text-sm text-muted">
+            Export all your posts, settings, and assets as a ZIP file. This includes:
+          </p>
+          <ul className="text-sm text-muted space-y-1 list-disc list-inside">
+            <li>All posts as Markdown files</li>
+            <li>Settings as JSON</li>
+            <li>Uploaded images and assets</li>
+          </ul>
+          <Button variant="secondary" Icon={Icons.Download} onClick={handleExport}>
+            Export All Data
+          </Button>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Danger Zone */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Danger Zone</div>
+          <div className="text-xs text-muted mt-0.5">Irreversible actions</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          <div className="p-4 border border-danger/30 bg-danger/5">
+            <h4 className="text-sm font-medium text-danger mb-2">Delete All Content</h4>
+            <p className="text-xs text-muted mb-3">
+              Permanently delete all posts and assets. This cannot be undone.
+            </p>
+            <Button variant="danger" Icon={Icons.Trash}>
+              Delete All Content
+            </Button>
+          </div>
+        </div>
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/pages/DesignPage.preview.css b/studio/src/pages/DesignPage.preview.css
new file mode 100644
index 0000000..19ea445
--- /dev/null
+++ b/studio/src/pages/DesignPage.preview.css
@@ -0,0 +1,236 @@
+/* Blog Preview Styles - mirrors writekit/internal/build/assets/css/style.css */
+
+.blog-preview {
+  /* Base colors - light mode */
+  --text: #18181b;
+  --text-muted: #71717a;
+  --bg: #ffffff;
+  --bg-secondary: #fafafa;
+  --border: #e4e4e7;
+
+  /* Defaults (cozy) */
+  --content-spacing: 1.75rem;
+  --paragraph-spacing: 1.25rem;
+  --heading-spacing: 2.5rem;
+  --line-height: 1.7;
+
+  background: var(--bg);
+  color: var(--text);
+  font-family: var(--font-body);
+  line-height: 1.6;
+  overflow: hidden;
+}
+
+/* Compactness: Compact */
+.blog-preview.compactness-compact {
+  --content-spacing: 1.25rem;
+  --paragraph-spacing: 0.875rem;
+  --heading-spacing: 1.75rem;
+  --line-height: 1.55;
+}
+
+/* Compactness: Cozy (default) */
+.blog-preview.compactness-cozy {
+  --content-spacing: 1.75rem;
+  --paragraph-spacing: 1.25rem;
+  --heading-spacing: 2.5rem;
+  --line-height: 1.7;
+}
+
+/* Compactness: Spacious */
+.blog-preview.compactness-spacious {
+  --content-spacing: 2.25rem;
+  --paragraph-spacing: 1.5rem;
+  --heading-spacing: 3rem;
+  --line-height: 1.85;
+}
+
+/* Preview Chrome (browser frame) */
+.preview-chrome {
+  display: flex;
+  align-items: center;
+  gap: 0.5rem;
+  padding: 0.5rem 0.75rem;
+  background: var(--bg-secondary);
+  border-bottom: 1px solid var(--border);
+}
+
+.preview-chrome-dots {
+  display: flex;
+  gap: 0.375rem;
+}
+
+.preview-chrome-dot {
+  width: 0.625rem;
+  height: 0.625rem;
+  border-radius: 50%;
+}
+
+.preview-chrome-dot.red { background: #ef4444; }
+.preview-chrome-dot.yellow { background: #eab308; }
+.preview-chrome-dot.green { background: #22c55e; }
+
+.preview-chrome-url {
+  font-size: 0.625rem;
+  color: var(--text-muted);
+  margin-left: 0.5rem;
+}
+
+/* Header */
+.preview-header {
+  display: flex;
+  align-items: center;
+  justify-content: space-between;
+  padding: 0.875rem 1rem;
+}
+
+.preview-site-name {
+  font-weight: 600;
+  font-size: 0.6875rem;
+  color: var(--text);
+  letter-spacing: -0.01em;
+}
+
+.preview-nav {
+  display: flex;
+  gap: 0.875rem;
+  font-size: 0.625rem;
+  color: var(--text-muted);
+  font-weight: 450;
+}
+
+.preview-nav a {
+  color: var(--text-muted);
+  text-decoration: none;
+}
+
+.preview-nav a:hover {
+  color: var(--text);
+}
+
+/* Layout: Minimal */
+.blog-preview.layout-minimal .preview-header {
+  justify-content: center;
+}
+
+.blog-preview.layout-minimal .preview-nav {
+  display: none;
+}
+
+.blog-preview.layout-minimal .preview-footer {
+  border-top: none;
+  opacity: 0.7;
+}
+
+/* Layout: Magazine */
+.blog-preview.layout-magazine .preview-posts {
+  display: grid;
+  grid-template-columns: repeat(2, 1fr);
+  gap: 0.625rem;
+  padding: 1rem;
+}
+
+.blog-preview.layout-magazine .preview-post-card {
+  border: 1px solid var(--border);
+  padding: 0.75rem;
+  background: var(--bg);
+  transition: border-color 0.2s, box-shadow 0.2s;
+}
+
+.blog-preview.layout-magazine .preview-post-card:hover {
+  border-color: var(--accent);
+  box-shadow: 0 2px 6px rgba(0, 0, 0, 0.04);
+}
+
+/* Post Content */
+.preview-content {
+  padding: 1rem;
+}
+
+.preview-date {
+  font-size: 0.5625rem;
+  color: var(--text-muted);
+  margin-bottom: 0.25rem;
+}
+
+.preview-title {
+  font-size: 0.875rem;
+  font-weight: 700;
+  margin: 0 0 0.375rem;
+  line-height: 1.2;
+  letter-spacing: -0.02em;
+}
+
+.preview-description {
+  font-size: 0.625rem;
+  color: var(--text-muted);
+  line-height: 1.5;
+  margin-bottom: var(--paragraph-spacing);
+}
+
+/* Prose styling */
+.preview-prose {
+  line-height: var(--line-height);
+}
+
+.preview-prose p {
+  margin: 0 0 var(--paragraph-spacing);
+  font-size: 0.625rem;
+  color: var(--text-muted);
+}
+
+/* Code block */
+.preview-code {
+  margin: var(--content-spacing) 0;
+  padding: 0.5rem 0.75rem;
+  font-family: 'SF Mono', 'Fira Code', Consolas, monospace;
+  font-size: 0.5625rem;
+  border-radius: 0.25rem;
+  border: 1px solid var(--border);
+  overflow: hidden;
+  line-height: 1.6;
+}
+
+/* Tags - matches real blog: subtle background */
+.preview-tags {
+  display: flex;
+  gap: 0.375rem;
+  margin-top: var(--paragraph-spacing);
+}
+
+.preview-tag {
+  font-size: 0.5rem;
+  color: var(--text-muted);
+  background: var(--bg-secondary);
+  padding: 0.125rem 0.375rem;
+  border-radius: 0.125rem;
+}
+
+/* Footer */
+.preview-footer {
+  padding: 0.625rem 1rem;
+  text-align: center;
+  font-size: 0.5rem;
+  color: var(--text-muted);
+  border-top: 1px solid var(--border);
+}
+
+/* Magazine post card (simplified) */
+.preview-post-card .preview-title {
+  font-size: 0.6875rem;
+  font-weight: 600;
+  letter-spacing: -0.015em;
+}
+
+.preview-post-card .preview-date {
+  font-size: 0.5rem;
+}
+
+.preview-post-card .preview-description {
+  font-size: 0.5rem;
+  display: -webkit-box;
+  -webkit-line-clamp: 2;
+  -webkit-box-orient: vertical;
+  overflow: hidden;
+  line-height: 1.55;
+}
diff --git a/studio/src/pages/DesignPage.tsx b/studio/src/pages/DesignPage.tsx
new file mode 100644
index 0000000..e658fbd
--- /dev/null
+++ b/studio/src/pages/DesignPage.tsx
@@ -0,0 +1,474 @@
+import { useStore } from '@nanostores/react'
+import { useEffect, useState } from 'react'
+import { $settings, $settingsData, $hasChanges, $saveSettings, $changedFields } from '../stores/settings'
+import { addToast } from '../stores/app'
+import { SaveBar, DesignPageSkeleton } from '../components/shared'
+import './DesignPage.preview.css'
+
+const fontConfigs = {
+  system: { family: 'system-ui, -apple-system, sans-serif', url: '' },
+  inter: { family: "'Inter', sans-serif", url: 'https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap' },
+  georgia: { family: 'Georgia, serif', url: '' },
+  merriweather: { family: "'Merriweather', serif", url: 'https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&display=swap' },
+  'source-serif': { family: "'Source Serif 4', serif", url: 'https://fonts.googleapis.com/css2?family=Source+Serif+4:wght@400;600&display=swap' },
+  'jetbrains-mono': { family: "'JetBrains Mono', monospace", url: 'https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;500&display=swap' },
+}
+
+const themePreviewColors: Record<string, { label: string; bg: string; text: string; keyword: string; string: string; comment: string }> = {
+  github:            { label: 'GitHub Light',     bg: '#f6f8fa', text: '#24292e', keyword: '#d73a49', string: '#032f62', comment: '#6a737d' },
+  'github-dark':     { label: 'GitHub Dark',      bg: '#0d1117', text: '#c9d1d9', keyword: '#ff7b72', string: '#a5d6ff', comment: '#8b949e' },
+  vs:                { label: 'VS Light',         bg: '#ffffff', text: '#000000', keyword: '#0000ff', string: '#a31515', comment: '#008000' },
+  xcode:             { label: 'Xcode Light',      bg: '#ffffff', text: '#000000', keyword: '#aa0d91', string: '#c41a16', comment: '#007400' },
+  'xcode-dark':      { label: 'Xcode Dark',       bg: '#1f1f24', text: '#ffffff', keyword: '#fc5fa3', string: '#fc6a5d', comment: '#6c7986' },
+  'solarized-light': { label: 'Solarized Light',  bg: '#fdf6e3', text: '#657b83', keyword: '#859900', string: '#2aa198', comment: '#93a1a1' },
+  'solarized-dark':  { label: 'Solarized Dark',   bg: '#002b36', text: '#839496', keyword: '#859900', string: '#2aa198', comment: '#586e75' },
+  'gruvbox-light':   { label: 'Gruvbox Light',    bg: '#fbf1c7', text: '#3c3836', keyword: '#9d0006', string: '#79740e', comment: '#928374' },
+  gruvbox:           { label: 'Gruvbox Dark',     bg: '#282828', text: '#ebdbb2', keyword: '#fb4934', string: '#b8bb26', comment: '#928374' },
+  nord:              { label: 'Nord',             bg: '#2e3440', text: '#d8dee9', keyword: '#81a1c1', string: '#a3be8c', comment: '#616e88' },
+  onedark:           { label: 'One Dark',         bg: '#282c34', text: '#abb2bf', keyword: '#c678dd', string: '#98c379', comment: '#5c6370' },
+  dracula:           { label: 'Dracula',          bg: '#282a36', text: '#f8f8f2', keyword: '#ff79c6', string: '#f1fa8c', comment: '#6272a4' },
+  monokai:           { label: 'Monokai',          bg: '#272822', text: '#f8f8f2', keyword: '#f92672', string: '#e6db74', comment: '#75715e' },
+}
+
+const defaultDarkColors = { bg: '#1e1e1e', text: '#d4d4d4', keyword: '#569cd6', string: '#ce9178', comment: '#6a9955' }
+const defaultLightColors = { bg: '#ffffff', text: '#000000', keyword: '#0000ff', string: '#a31515', comment: '#008000' }
+
+function getThemeColors(theme: string) {
+  if (themePreviewColors[theme]) return themePreviewColors[theme]
+  const isDark = theme.includes('dark') || ['monokai', 'dracula', 'nord', 'gruvbox', 'onedark', 'vim', 'emacs'].some(d => theme.includes(d))
+  return { label: theme, ...(isDark ? defaultDarkColors : defaultLightColors) }
+}
+
+function formatThemeLabel(theme: string): string {
+  if (themePreviewColors[theme]) return themePreviewColors[theme].label
+  return theme.split(/[-_]/).map(w => w.charAt(0).toUpperCase() + w.slice(1)).join(' ')
+}
+
+const fonts = [
+  { value: 'system', label: 'System Default' },
+  { value: 'inter', label: 'Inter' },
+  { value: 'georgia', label: 'Georgia' },
+  { value: 'merriweather', label: 'Merriweather' },
+  { value: 'source-serif', label: 'Source Serif' },
+  { value: 'jetbrains-mono', label: 'JetBrains Mono' },
+]
+
+
+const layouts = [
+  { value: 'default', label: 'Classic' },
+  { value: 'minimal', label: 'Minimal' },
+  { value: 'magazine', label: 'Magazine' },
+]
+
+function useFontLoader(fontKey: string) {
+  useEffect(() => {
+    const config = fontConfigs[fontKey as keyof typeof fontConfigs]
+    if (!config?.url) return
+
+    const existing = document.querySelector(`link[href="${config.url}"]`)
+    if (existing) return
+
+    const link = document.createElement('link')
+    link.rel = 'stylesheet'
+    link.href = config.url
+    document.head.appendChild(link)
+  }, [fontKey])
+}
+
+function CodePreview({ theme }: { theme: string }) {
+  const colors = getThemeColors(theme)
+
+  return (
+    <div
+      className="p-3 text-xs font-mono overflow-hidden"
+      style={{ background: colors.bg, color: colors.text }}
+    >
+      <div><span style={{ color: colors.keyword }}>function</span> greet(name) {'{'}</div>
+      <div className="pl-4"><span style={{ color: colors.keyword }}>return</span> <span style={{ color: colors.string }}>`Hello, ${'{'}name{'}'}`</span></div>
+      <div>{'}'}</div>
+      <div style={{ color: colors.comment }}>// Welcome to your blog</div>
+    </div>
+  )
+}
+
+function LayoutPreview({ layout, selected }: { layout: string; selected: boolean }) {
+  const accent = selected ? 'var(--color-accent)' : 'var(--color-border)'
+  const mutedBar = selected ? 'var(--color-accent)' : 'var(--color-muted)'
+
+  if (layout === 'minimal') {
+    return (
+      <svg viewBox="0 0 120 80" className="w-full h-auto">
+        <rect x="45" y="8" width="30" height="4" rx="1" fill={mutedBar} opacity="0.5" />
+        <rect x="30" y="20" width="60" height="6" rx="1" fill={accent} />
+        <rect x="20" y="32" width="80" height="3" rx="1" fill={mutedBar} opacity="0.3" />
+        <rect x="25" y="40" width="70" height="3" rx="1" fill={mutedBar} opacity="0.3" />
+        <rect x="30" y="48" width="60" height="3" rx="1" fill={mutedBar} opacity="0.3" />
+        <rect x="50" y="64" width="20" height="3" rx="1" fill={mutedBar} opacity="0.2" />
+      </svg>
+    )
+  }
+
+  if (layout === 'magazine') {
+    return (
+      <svg viewBox="0 0 120 80" className="w-full h-auto">
+        <rect x="8" y="8" width="30" height="4" rx="1" fill={mutedBar} opacity="0.5" />
+        <rect x="8" y="20" width="32" height="24" rx="2" fill={accent} opacity="0.3" />
+        <rect x="44" y="20" width="32" height="24" rx="2" fill={accent} opacity="0.3" />
+        <rect x="80" y="20" width="32" height="24" rx="2" fill={accent} opacity="0.3" />
+        <rect x="8" y="48" width="28" height="3" rx="1" fill={mutedBar} opacity="0.4" />
+        <rect x="44" y="48" width="28" height="3" rx="1" fill={mutedBar} opacity="0.4" />
+        <rect x="80" y="48" width="28" height="3" rx="1" fill={mutedBar} opacity="0.4" />
+        <rect x="8" y="54" width="20" height="2" rx="1" fill={mutedBar} opacity="0.2" />
+        <rect x="44" y="54" width="20" height="2" rx="1" fill={mutedBar} opacity="0.2" />
+        <rect x="80" y="54" width="20" height="2" rx="1" fill={mutedBar} opacity="0.2" />
+      </svg>
+    )
+  }
+
+  // Default layout
+  return (
+    <svg viewBox="0 0 120 80" className="w-full h-auto">
+      <rect x="8" y="8" width="30" height="4" rx="1" fill={mutedBar} opacity="0.5" />
+      <rect x="85" y="8" width="27" height="4" rx="1" fill={mutedBar} opacity="0.3" />
+      <rect x="8" y="24" width="70" height="6" rx="1" fill={accent} />
+      <rect x="8" y="36" width="90" height="3" rx="1" fill={mutedBar} opacity="0.3" />
+      <rect x="8" y="44" width="85" height="3" rx="1" fill={mutedBar} opacity="0.3" />
+      <rect x="8" y="52" width="75" height="3" rx="1" fill={mutedBar} opacity="0.3" />
+      <rect x="8" y="64" width="50" height="3" rx="1" fill={mutedBar} opacity="0.2" />
+    </svg>
+  )
+}
+
+function PreviewCodeBlock({ theme }: { theme: string }) {
+  const colors = getThemeColors(theme)
+  return (
+    <div className="preview-code" style={{ background: colors.bg, color: colors.text }}>
+      <div><span style={{ color: colors.keyword }}>const</span> api = <span style={{ color: colors.keyword }}>await</span> fetch(<span style={{ color: colors.string }}>'/posts'</span>)</div>
+    </div>
+  )
+}
+
+function PreviewPostCard() {
+  return (
+    <div className="preview-post-card">
+      <div className="preview-date">Jan 15, 2024</div>
+      <h3 className="preview-title">Building APIs</h3>
+      <p className="preview-description">A deep dive into REST patterns and best practices.</p>
+    </div>
+  )
+}
+
+function LivePreview({ settings }: { settings: Record<string, string> }) {
+  const fontKey = settings.font || 'system'
+  const fontConfig = fontConfigs[fontKey as keyof typeof fontConfigs] || fontConfigs.system
+  const codeTheme = settings.code_theme || 'github'
+  const accent = settings.accent_color || '#10b981'
+  const layout = settings.layout || 'default'
+  const compactness = settings.compactness || 'cozy'
+
+  useFontLoader(fontKey)
+
+  return (
+    <div
+      className={`blog-preview layout-${layout} compactness-${compactness} border border-border`}
+      style={{ '--accent': accent, '--font-body': fontConfig.family } as React.CSSProperties}
+    >
+      {/* Browser chrome */}
+      <div className="preview-chrome">
+        <div className="preview-chrome-dots">
+          <div className="preview-chrome-dot red" />
+          <div className="preview-chrome-dot yellow" />
+          <div className="preview-chrome-dot green" />
+        </div>
+        <span className="preview-chrome-url">yourblog.writekit.dev</span>
+      </div>
+
+      {/* Header */}
+      <header className="preview-header">
+        <span className="preview-site-name">Your Blog</span>
+        <nav className="preview-nav">
+          <a href="#">Posts</a>
+          <span>About</span>
+        </nav>
+      </header>
+
+      {/* Content - varies by layout */}
+      {layout === 'magazine' ? (
+        <div className="preview-posts">
+          <PreviewPostCard />
+          <PreviewPostCard />
+        </div>
+      ) : (
+        <div className="preview-content">
+          <div className="preview-date">Jan 15, 2024</div>
+          <h3 className="preview-title">Building Better APIs</h3>
+          <p className="preview-description">
+            A deep dive into REST design patterns and best practices for modern web development.
+          </p>
+          <div className="preview-prose">
+            <PreviewCodeBlock theme={codeTheme} />
+          </div>
+          <div className="preview-tags">
+            <span className="preview-tag">typescript</span>
+            <span className="preview-tag">react</span>
+          </div>
+        </div>
+      )}
+
+      {/* Footer */}
+      <footer className="preview-footer">
+        &copy; 2024 Your Blog
+      </footer>
+    </div>
+  )
+}
+
+export default function DesignPage() {
+  const settings = useStore($settings)
+  const { data } = useStore($settingsData)
+  const hasChanges = useStore($hasChanges)
+  const changedFields = useStore($changedFields)
+  const saveSettings = useStore($saveSettings)
+  const [availableThemes, setAvailableThemes] = useState<string[]>(Object.keys(themePreviewColors))
+
+  useEffect(() => {
+    fetch('/api/studio/code-themes')
+      .then(r => r.json())
+      .then((themes: string[]) => setAvailableThemes(themes))
+      .catch(() => {})
+  }, [])
+
+  // Load all fonts for previews
+  Object.keys(fontConfigs).forEach(useFontLoader)
+
+  const handleSave = async () => {
+    try {
+      await saveSettings.mutate(settings)
+      addToast('Settings saved', 'success')
+    } catch {
+      addToast('Failed to save settings', 'error')
+    }
+  }
+
+  if (!data) return <DesignPageSkeleton />
+
+  return (
+    <div className="pb-20">
+      <div className="mb-6">
+        <h1 className="text-xl font-semibold">Design</h1>
+        <p className="text-sm text-muted mt-1">Customize how your blog looks</p>
+      </div>
+
+      {/* Panel container - full-bleed borders */}
+      <div className="-mx-6 lg:-mx-10">
+        {/* Live Preview */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Live Preview</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          <LivePreview settings={settings as Record<string, string>} />
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Presets */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Quick Presets</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          <div className="grid grid-cols-1 sm:grid-cols-3 gap-3">
+            {([
+              { name: 'Developer', desc: 'Monospace, dark code, minimal', font: 'jetbrains-mono', code_theme: 'onedark', layout: 'minimal', compactness: 'compact', accent_color: '#10b981' },
+              { name: 'Writer', desc: 'Serif, light code, spacious', font: 'merriweather', code_theme: 'github', layout: 'default', compactness: 'spacious', accent_color: '#6366f1' },
+              { name: 'Magazine', desc: 'Sans-serif, grid layout', font: 'inter', code_theme: 'nord', layout: 'magazine', compactness: 'cozy', accent_color: '#f59e0b' },
+            ] as const).map(preset => (
+              <button
+                key={preset.name}
+                onClick={() => {
+                  $settings.setKey('font', preset.font)
+                  $settings.setKey('code_theme', preset.code_theme)
+                  $settings.setKey('layout', preset.layout)
+                  $settings.setKey('compactness', preset.compactness)
+                  $settings.setKey('accent_color', preset.accent_color)
+                }}
+                className="p-4 border border-border text-left hover:border-accent hover:bg-accent/5 transition-colors"
+              >
+                <div className="font-medium text-sm">{preset.name}</div>
+                <div className="text-xs text-muted mt-1">{preset.desc}</div>
+              </button>
+            ))}
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Accent Color */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Accent Color</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          <div className="flex flex-wrap items-center gap-3">
+            <input
+              type="color"
+              value={settings.accent_color ?? '#10b981'}
+              onChange={e => $settings.setKey('accent_color', e.target.value)}
+              className="w-12 h-12 border border-border cursor-pointer bg-transparent"
+            />
+            <input
+              type="text"
+              value={settings.accent_color ?? '#10b981'}
+              onChange={e => $settings.setKey('accent_color', e.target.value)}
+              className="input w-32 font-mono text-sm"
+              placeholder="#10b981"
+            />
+            <div className="flex gap-1.5">
+              {['#10b981', '#6366f1', '#f59e0b', '#ef4444', '#8b5cf6', '#06b6d4'].map(color => (
+                <button
+                  key={color}
+                  onClick={() => $settings.setKey('accent_color', color)}
+                  className={`w-7 h-7 border-2 transition-transform hover:scale-110 ${
+                    settings.accent_color === color ? 'border-text scale-110' : 'border-transparent'
+                  }`}
+                  style={{ background: color }}
+                />
+              ))}
+            </div>
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Typography */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Typography</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          <div className="grid grid-cols-1 sm:grid-cols-2 gap-2">
+            {fonts.map(font => {
+              const config = fontConfigs[font.value as keyof typeof fontConfigs]
+              return (
+                <button
+                  key={font.value}
+                  onClick={() => $settings.setKey('font', font.value)}
+                  className={`p-4 border text-left transition-all ${
+                    settings.font === font.value
+                      ? 'border-accent bg-accent/5'
+                      : 'border-border hover:border-muted'
+                  }`}
+                >
+                  <div
+                    className="text-lg mb-1 truncate"
+                    style={{ fontFamily: config?.family }}
+                  >
+                    The quick brown fox
+                  </div>
+                  <div className="text-xs text-muted">{font.label}</div>
+                </button>
+              )
+            })}
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Code Theme */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Code Theme</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          <div className="grid grid-cols-1 sm:grid-cols-2 gap-2">
+            {availableThemes.map(theme => (
+              <button
+                key={theme}
+                onClick={() => $settings.setKey('code_theme', theme)}
+                className={`border text-left transition-all overflow-hidden ${
+                  settings.code_theme === theme
+                    ? 'border-accent ring-1 ring-accent'
+                    : 'border-border hover:border-muted'
+                }`}
+              >
+                <CodePreview theme={theme} />
+                <div className="px-3 py-2 text-xs border-t border-border">{formatThemeLabel(theme)}</div>
+              </button>
+            ))}
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Layout */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Layout</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          <div className="grid grid-cols-3 gap-3">
+            {layouts.map(layout => (
+              <button
+                key={layout.value}
+                onClick={() => $settings.setKey('layout', layout.value)}
+                className={`border p-4 transition-all ${
+                  settings.layout === layout.value
+                    ? 'border-accent bg-accent/5'
+                    : 'border-border hover:border-muted'
+                }`}
+              >
+                <div className="mb-3">
+                  <LayoutPreview
+                    layout={layout.value}
+                    selected={settings.layout === layout.value}
+                  />
+                </div>
+                <div className="text-sm font-medium">{layout.label}</div>
+              </button>
+            ))}
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Density */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Content Density</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          <div className="flex border border-border divide-x divide-border">
+            {([
+              { value: 'compact', label: 'Compact', lines: 4 },
+              { value: 'cozy', label: 'Cozy', lines: 3 },
+              { value: 'spacious', label: 'Spacious', lines: 2 },
+            ] as const).map(option => (
+              <button
+                key={option.value}
+                onClick={() => $settings.setKey('compactness', option.value)}
+                className={`flex-1 py-4 px-3 transition-colors ${
+                  settings.compactness === option.value
+                    ? 'bg-accent/10'
+                    : 'hover:bg-secondary/50'
+                }`}
+              >
+                <div className="flex flex-col items-center gap-1 mb-2">
+                  {Array.from({ length: option.lines }).map((_, i) => (
+                    <div
+                      key={i}
+                      className={`h-1 rounded-full transition-colors ${
+                        settings.compactness === option.value ? 'bg-accent' : 'bg-muted/40'
+                      }`}
+                      style={{ width: `${60 - i * 10}%` }}
+                    />
+                  ))}
+                </div>
+                <div className={`text-sm ${
+                  settings.compactness === option.value ? 'font-medium' : ''
+                }`}>
+                  {option.label}
+                </div>
+              </button>
+            ))}
+          </div>
+        </div>
+      </div>
+
+      {hasChanges && <SaveBar onSave={handleSave} loading={saveSettings.loading} changes={changedFields} />}
+    </div>
+  )
+}
diff --git a/studio/src/pages/DomainPage.tsx b/studio/src/pages/DomainPage.tsx
new file mode 100644
index 0000000..231f101
--- /dev/null
+++ b/studio/src/pages/DomainPage.tsx
@@ -0,0 +1,82 @@
+import { Field, PageHeader } from '../components/shared'
+import { Icons } from '../components/shared/Icons'
+import { Button } from '../components/ui'
+
+export default function DomainPage() {
+  return (
+    <div>
+      <PageHeader />
+
+      {/* Panel container - full-bleed borders */}
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        {/* Subdomain */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Subdomain</div>
+          <div className="text-xs text-muted mt-0.5">Your default blog address</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6 space-y-3">
+          <div className="flex items-center gap-2">
+            <input
+              type="text"
+              className="input flex-1"
+              placeholder="myblog"
+              defaultValue=""
+            />
+            <span className="text-sm text-muted">.writekit.dev</span>
+          </div>
+          <p className="text-xs text-muted">
+            This is your default blog URL. You can also add a custom domain below.
+          </p>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Custom Domain */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Custom Domain</div>
+          <div className="text-xs text-muted mt-0.5">Use your own domain for your blog</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6 space-y-4">
+          <Field
+            label="Domain"
+            value=""
+            onChange={() => {}}
+            placeholder="blog.example.com"
+            hint="Enter your custom domain without https://"
+          />
+          <div className="p-4 bg-border/30 space-y-3">
+            <h4 className="text-sm font-medium">DNS Configuration</h4>
+            <p className="text-xs text-muted">
+              Point your domain to our servers by adding these DNS records:
+            </p>
+            <div className="space-y-2 overflow-x-auto">
+              <div className="flex items-center gap-4 p-2 bg-surface border border-border text-xs font-mono min-w-max">
+                <span className="text-muted w-16">Type</span>
+                <span className="text-muted w-24">Name</span>
+                <span className="text-text">Value</span>
+              </div>
+              <div className="flex items-center gap-4 p-2 bg-surface border border-border text-xs font-mono min-w-max">
+                <span className="w-16">CNAME</span>
+                <span className="w-24">blog</span>
+                <span>cname.writekit.dev</span>
+              </div>
+            </div>
+          </div>
+          <div className="flex flex-wrap items-center gap-4">
+            <div className="flex items-center gap-2">
+              <span className="w-2 h-2 rounded-full bg-warning" />
+              <span className="text-sm text-muted">DNS: Pending</span>
+            </div>
+            <div className="flex items-center gap-2">
+              <span className="w-2 h-2 rounded-full bg-muted" />
+              <span className="text-sm text-muted">SSL: Not configured</span>
+            </div>
+          </div>
+          <Button variant="secondary" Icon={Icons.Refresh}>
+            Check DNS
+          </Button>
+        </div>
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/pages/EngagementPage.tsx b/studio/src/pages/EngagementPage.tsx
new file mode 100644
index 0000000..c57d8d4
--- /dev/null
+++ b/studio/src/pages/EngagementPage.tsx
@@ -0,0 +1,118 @@
+import { useStore } from '@nanostores/react'
+import { $interactions, $interactionsData, $hasInteractionChanges, $saveInteractions, $changedInteractionFields } from '../stores/interactions'
+import { addToast } from '../stores/app'
+import { SaveBar, EngagementPageSkeleton, PageHeader } from '../components/shared'
+import { Toggle, Input } from '../components/ui'
+
+export default function EngagementPage() {
+  const config = useStore($interactions)
+  const { data } = useStore($interactionsData)
+  const hasChanges = useStore($hasInteractionChanges)
+  const changedFields = useStore($changedInteractionFields)
+  const saveInteractions = useStore($saveInteractions)
+
+  const handleSave = async () => {
+    try {
+      await saveInteractions.mutate(config)
+      addToast('Settings saved', 'success')
+    } catch {
+      addToast('Failed to save settings', 'error')
+    }
+  }
+
+  if (!data) return <EngagementPageSkeleton />
+
+  return (
+    <div className="pb-20">
+      <PageHeader />
+
+      {/* Panel container - full-bleed borders */}
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        {/* Comments - single row toggle */}
+        <div className="px-6 lg:px-10 py-5 flex items-center justify-between gap-4">
+          <div>
+            <div className="text-sm font-medium">Comments</div>
+            <div className="text-xs text-muted mt-0.5">Allow readers to comment on your posts</div>
+          </div>
+          <Toggle
+            checked={config.comments_enabled}
+            onChange={v => $interactions.setKey('comments_enabled', v)}
+          />
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Reactions - toggle with expandable options */}
+        <div className="px-6 lg:px-10 py-5 flex items-center justify-between gap-4">
+          <div>
+            <div className="text-sm font-medium">Reactions</div>
+            <div className="text-xs text-muted mt-0.5">Let readers react to your posts</div>
+          </div>
+          <Toggle
+            checked={config.reactions_enabled}
+            onChange={v => $interactions.setKey('reactions_enabled', v)}
+          />
+        </div>
+
+        {config.reactions_enabled && (
+          <div className="px-6 lg:px-10 py-6 space-y-4">
+            <div className="space-y-1">
+              <label className="label">Reaction Mode</label>
+              <div className="flex gap-2">
+                {['emoji', 'upvote'].map(mode => (
+                  <button
+                    key={mode}
+                    onClick={() => $interactions.setKey('reaction_mode', mode)}
+                    className={`flex-1 p-3 border capitalize transition-colors ${
+                      config.reaction_mode === mode
+                        ? 'border-accent bg-accent/5'
+                        : 'border-border hover:border-muted'
+                    }`}
+                  >
+                    {mode}
+                  </button>
+                ))}
+              </div>
+            </div>
+
+            {config.reaction_mode === 'emoji' && (
+              <div className="space-y-1">
+                <label className="label">Reaction Emojis</label>
+                <Input
+                  value={config.reaction_emojis}
+                  onChange={v => $interactions.setKey('reaction_emojis', v)}
+                  placeholder="👍 ❤️ 🎉 🤔"
+                />
+                <p className="text-xs text-muted">Space-separated list of emoji reactions</p>
+              </div>
+            )}
+
+            {config.reaction_mode === 'upvote' && (
+              <div className="space-y-1">
+                <label className="label">Upvote Icon</label>
+                <Input
+                  value={config.upvote_icon}
+                  onChange={v => $interactions.setKey('upvote_icon', v)}
+                  placeholder="👍"
+                />
+              </div>
+            )}
+
+            <div className="flex items-center justify-between gap-4 pt-2">
+              <div>
+                <div className="text-sm font-medium">Require Authentication</div>
+                <div className="text-xs text-muted mt-0.5">Users must be logged in to react</div>
+              </div>
+              <Toggle
+                checked={config.reactions_require_auth}
+                onChange={v => $interactions.setKey('reactions_require_auth', v)}
+              />
+            </div>
+          </div>
+        )}
+      </div>
+
+      {hasChanges && <SaveBar onSave={handleSave} loading={saveInteractions.loading} changes={changedFields} />}
+    </div>
+  )
+}
diff --git a/studio/src/pages/GeneralPage.tsx b/studio/src/pages/GeneralPage.tsx
new file mode 100644
index 0000000..6a5c9c6
--- /dev/null
+++ b/studio/src/pages/GeneralPage.tsx
@@ -0,0 +1,125 @@
+import { useStore } from '@nanostores/react'
+import { $settings, $settingsData, $hasChanges, $saveSettings, $changedFields } from '../stores/settings'
+import { addToast } from '../stores/app'
+import { Field, SaveBar, GeneralPageSkeleton, PageHeader } from '../components/shared'
+
+export default function GeneralPage() {
+  const settings = useStore($settings)
+  const { data } = useStore($settingsData)
+  const hasChanges = useStore($hasChanges)
+  const changedFields = useStore($changedFields)
+  const saveSettings = useStore($saveSettings)
+
+  const handleSave = async () => {
+    try {
+      await saveSettings.mutate(settings)
+      addToast('Settings saved', 'success')
+    } catch {
+      addToast('Failed to save settings', 'error')
+    }
+  }
+
+  if (!data) return <GeneralPageSkeleton />
+
+  return (
+    <div className="pb-20">
+      <PageHeader />
+
+      {/* Panel container - full-bleed borders */}
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        {/* Site Information */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Site Information</div>
+          <div className="text-xs text-muted mt-0.5">Basic details about your blog</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6 space-y-4">
+          <Field
+            label="Site Name"
+            value={settings.site_name ?? ''}
+            onChange={v => $settings.setKey('site_name', v)}
+            placeholder="My Blog"
+          />
+          <Field
+            label="Description"
+            value={settings.site_description ?? ''}
+            onChange={v => $settings.setKey('site_description', v)}
+            placeholder="A short description of your blog"
+            multiline
+          />
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Author */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Author</div>
+          <div className="text-xs text-muted mt-0.5">Information about the blog author</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6 space-y-4">
+          <Field
+            label="Name"
+            value={settings.author_name ?? ''}
+            onChange={v => $settings.setKey('author_name', v)}
+            placeholder="John Doe"
+          />
+          <Field
+            label="Role"
+            value={settings.author_role ?? ''}
+            onChange={v => $settings.setKey('author_role', v)}
+            placeholder="Software Engineer"
+          />
+          <Field
+            label="Bio"
+            value={settings.author_bio ?? ''}
+            onChange={v => $settings.setKey('author_bio', v)}
+            placeholder="A short bio about yourself"
+            multiline
+          />
+          <Field
+            label="Photo URL"
+            value={settings.author_photo ?? ''}
+            onChange={v => $settings.setKey('author_photo', v)}
+            placeholder="https://example.com/photo.jpg"
+            hint="URL to your profile photo"
+          />
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Social Links */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Social Links</div>
+          <div className="text-xs text-muted mt-0.5">Connect your social profiles</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6 space-y-4">
+          <Field
+            label="Twitter Handle"
+            value={settings.twitter_handle ?? ''}
+            onChange={v => $settings.setKey('twitter_handle', v)}
+            placeholder="@username"
+          />
+          <Field
+            label="GitHub Handle"
+            value={settings.github_handle ?? ''}
+            onChange={v => $settings.setKey('github_handle', v)}
+            placeholder="username"
+          />
+          <Field
+            label="LinkedIn Handle"
+            value={settings.linkedin_handle ?? ''}
+            onChange={v => $settings.setKey('linkedin_handle', v)}
+            placeholder="username"
+          />
+          <Field
+            label="Email"
+            value={settings.email ?? ''}
+            onChange={v => $settings.setKey('email', v)}
+            placeholder="hello@example.com"
+          />
+        </div>
+      </div>
+
+      {hasChanges && <SaveBar onSave={handleSave} loading={saveSettings.loading} changes={changedFields} />}
+    </div>
+  )
+}
diff --git a/studio/src/pages/HomePage.tsx b/studio/src/pages/HomePage.tsx
new file mode 100644
index 0000000..689de2b
--- /dev/null
+++ b/studio/src/pages/HomePage.tsx
@@ -0,0 +1,229 @@
+import { useStore } from '@nanostores/react'
+import { $posts } from '../stores/posts'
+import { $analytics } from '../stores/analytics'
+import { Button } from '../components/ui'
+import { BreakdownList, EmptyState, HomePageSkeleton, PageHeader } from '../components/shared'
+import { Icons, getReferrerIcon } from '../components/shared/Icons'
+
+function formatChange(change: number): { text: string; positive: boolean } {
+  const sign = change >= 0 ? '+' : ''
+  return {
+    text: `${sign}${change.toFixed(1)}%`,
+    positive: change >= 0,
+  }
+}
+
+function formatRelativeTime(dateStr: string) {
+  const date = new Date(dateStr)
+  const now = new Date()
+  const diffMs = now.getTime() - date.getTime()
+  const diffMins = Math.floor(diffMs / 60000)
+  const diffHours = Math.floor(diffMs / 3600000)
+  const diffDays = Math.floor(diffMs / 86400000)
+
+  if (diffMins < 1) return 'Just now'
+  if (diffMins < 60) return `${diffMins}m ago`
+  if (diffHours < 24) return `${diffHours}h ago`
+  if (diffDays < 7) return `${diffDays}d ago`
+  return date.toLocaleDateString('en-US', { month: 'short', day: 'numeric' })
+}
+
+function formatDate(dateStr: string) {
+  return new Date(dateStr).toLocaleDateString('en-US', {
+    month: 'short',
+    day: 'numeric',
+  })
+}
+
+function formatViews(views: number) {
+  if (views >= 1000) return `${(views / 1000).toFixed(1)}k`
+  return views.toString()
+}
+
+export default function HomePage() {
+  const { data: posts, error: postsError } = useStore($posts)
+  const { data: analytics } = useStore($analytics)
+
+  if (!posts) return <HomePageSkeleton />
+  if (postsError) return <EmptyState Icon={Icons.AlertCircle} title="Failed to load data" description={postsError.message} />
+
+  const drafts = posts
+    .filter(p => p.draft)
+    .sort((a, b) => new Date(b.updated_at).getTime() - new Date(a.updated_at).getTime())
+    .slice(0, 3)
+
+  const published = posts
+    .filter(p => !p.draft)
+    .sort((a, b) => new Date(b.date).getTime() - new Date(a.date).getTime())
+    .slice(0, 5)
+
+  const publishedCount = posts.filter(p => !p.draft).length
+  const draftCount = posts.filter(p => p.draft).length
+
+  const getPostViews = (slug: string): number => {
+    if (!analytics?.top_pages) return 0
+    const page = analytics.top_pages.find(p => p.path === `/posts/${slug}`)
+    return page?.views || 0
+  }
+
+  const change = analytics ? formatChange(analytics.views_change) : null
+
+  if (posts.length === 0) {
+    return (
+      <div className="space-y-6">
+        <PageHeader />
+        <EmptyState
+          Icon={Icons.PenTool}
+          title="Welcome to WriteKit"
+          description="Create your first post to get started"
+          action={<Button variant="primary" Icon={Icons.Plus} href="/studio/posts/new">Write Your First Post</Button>}
+        />
+      </div>
+    )
+  }
+
+  return (
+    <div>
+      <PageHeader>
+        <Button variant="primary" Icon={Icons.Plus} href="/studio/posts/new">New Post</Button>
+      </PageHeader>
+
+      {/* Panel container - uses negative margins for full-bleed borders */}
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        {/* Stats row */}
+        <div className="relative">
+          {/* Vertical dividers at column boundaries */}
+          <div className="absolute top-0 bottom-0 border-l border-border" style={{ left: '33.333%' }} />
+          <div className="absolute top-0 bottom-0 border-l border-border" style={{ left: '66.666%' }} />
+
+          <div className="grid grid-cols-3">
+            <div className="py-5 pl-6 lg:pl-10 pr-6">
+              <div className="text-xs text-muted mb-1">Views</div>
+              <div className="text-2xl font-semibold tracking-tight">{analytics?.total_views.toLocaleString() || '0'}</div>
+              {change && (
+                <div className={`text-xs mt-1 ${change.positive ? 'text-success' : 'text-danger'}`}>
+                  {change.text} vs last period
+                </div>
+              )}
+            </div>
+            <div className="py-5 px-6">
+              <div className="text-xs text-muted mb-1">Visitors</div>
+              <div className="text-2xl font-semibold tracking-tight">{analytics?.unique_visitors.toLocaleString() || '0'}</div>
+            </div>
+            <div className="py-5 pr-6 lg:pr-10 pl-6">
+              <div className="text-xs text-muted mb-1">Posts</div>
+              <div className="text-2xl font-semibold tracking-tight">{publishedCount}</div>
+              {draftCount > 0 && (
+                <div className="text-xs text-muted mt-1">{draftCount} draft{draftCount > 1 ? 's' : ''}</div>
+              )}
+            </div>
+          </div>
+        </div>
+
+        {/* Full-bleed horizontal divider */}
+        <div className="border-t border-border" />
+
+        {/* Content sections with vertical divider */}
+        <div className="relative">
+          {/* Vertical divider at exact center */}
+          <div className="absolute top-0 bottom-0 left-1/2 border-l border-border" />
+
+          <div className="grid grid-cols-2">
+            {/* Left column: Posts */}
+            <div className="pl-6 lg:pl-10 pr-6 py-6 space-y-6">
+              {/* Drafts */}
+              {drafts.length > 0 && (
+                <div>
+                  <div className="mb-3">
+                    <span className="text-xs font-medium text-muted uppercase tracking-wide">Continue Writing</span>
+                  </div>
+                  <div className="space-y-1">
+                    {drafts.map((post) => (
+                      <a
+                        key={post.id}
+                        href={`/studio/posts/${post.slug}/edit`}
+                        className="group flex items-center justify-between py-2 transition-colors"
+                      >
+                        <div className="flex items-center gap-2.5 min-w-0">
+                          <Icons.Ghost className="text-muted opacity-40 flex-shrink-0 text-sm" />
+                          <span className="text-sm text-text truncate group-hover:text-accent transition-colors">
+                            {post.title || 'Untitled'}
+                          </span>
+                        </div>
+                        <div className="flex items-center gap-2 flex-shrink-0">
+                          <span className="text-xs text-muted">{formatRelativeTime(post.updated_at)}</span>
+                          <Icons.ArrowRight className="w-4 h-4 text-muted group-hover:text-accent transition-colors" />
+                        </div>
+                      </a>
+                    ))}
+                  </div>
+                </div>
+              )}
+
+              {/* Recent posts */}
+              {published.length > 0 && (
+                <div>
+                  <div className="mb-3">
+                    <span className="text-xs font-medium text-muted uppercase tracking-wide">Recent Posts</span>
+                  </div>
+                  <div className="space-y-1">
+                    {published.map((post) => {
+                      const views = getPostViews(post.slug)
+                      return (
+                        <a
+                          key={post.id}
+                          href={`/studio/posts/${post.slug}/edit`}
+                          className="group flex items-center justify-between py-2 transition-colors"
+                        >
+                          <div className="flex items-center gap-2.5 min-w-0">
+                            <Icons.Clock className="text-muted opacity-40 flex-shrink-0 text-sm" />
+                            <span className="text-sm text-text truncate group-hover:text-accent transition-colors">
+                              {post.title}
+                            </span>
+                          </div>
+                          <div className="flex items-center gap-3 flex-shrink-0 text-xs text-muted">
+                            {views > 0 && (
+                              <span className="flex items-center gap-1">
+                                <Icons.Eye className="opacity-50 text-xs" />
+                                {formatViews(views)}
+                              </span>
+                            )}
+                            <span>{formatDate(post.date)}</span>
+                            <Icons.ChevronRight className="w-4 h-4 opacity-0 group-hover:opacity-50 transition-opacity" />
+                          </div>
+                        </a>
+                      )
+                    })}
+                  </div>
+                </div>
+              )}
+            </div>
+
+            {/* Right column: Referrers */}
+            <div className="pr-6 lg:pr-10 pl-6 py-6">
+              <div className="mb-3">
+                <span className="text-xs font-medium text-muted uppercase tracking-wide">Top Referrers</span>
+              </div>
+              {analytics && analytics.top_referrers.length > 0 ? (
+                <BreakdownList
+                  items={analytics.top_referrers.slice(0, 5).map(r => {
+                    const label = r.referrer || 'Direct'
+                    return {
+                      label,
+                      value: r.views,
+                      percentage: (r.views / analytics.total_views) * 100,
+                      Icon: getReferrerIcon(label),
+                    }
+                  })}
+                  limit={5}
+                />
+              ) : (
+                <div className="text-sm text-muted py-8">No referrer data yet</div>
+              )}
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/pages/MonetizationPage.tsx b/studio/src/pages/MonetizationPage.tsx
new file mode 100644
index 0000000..c103456
--- /dev/null
+++ b/studio/src/pages/MonetizationPage.tsx
@@ -0,0 +1,75 @@
+import { EmptyState, PageHeader } from '../components/shared'
+import { Icons } from '../components/shared/Icons'
+import { Button } from '../components/ui'
+
+export default function MonetizationPage() {
+  return (
+    <div>
+      <PageHeader />
+
+      {/* Panel container - full-bleed borders */}
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        {/* Membership Tiers */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Membership Tiers</div>
+          <div className="text-xs text-muted mt-0.5">Create subscription tiers for your readers</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          <EmptyState
+            Icon={Icons.Crown}
+            title="No tiers created"
+            description="Create membership tiers to offer exclusive content"
+            action={<Button variant="primary" Icon={Icons.Plus}>Create Tier</Button>}
+          />
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Pricing */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="text-xs font-medium text-muted uppercase tracking-wide">Pricing</div>
+          <div className="text-xs text-muted mt-0.5">Set up payments for your membership</div>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          <div className="p-4 bg-border/30">
+            <div className="flex items-center gap-3 mb-3">
+              <Icons.Info className="text-muted" />
+              <span className="text-sm font-medium">Payment Integration</span>
+            </div>
+            <p className="text-xs text-muted mb-4">
+              Connect your Stripe account to start accepting payments from your members.
+            </p>
+            <Button variant="secondary" Icon={Icons.Monetization}>
+              Connect Stripe
+            </Button>
+          </div>
+        </div>
+
+        {/* Member-Only Content - inline toggle rows */}
+        <div className="border-t border-border px-6 lg:px-10 py-5 flex items-center justify-between gap-4">
+          <div>
+            <div className="text-sm font-medium">Free Preview</div>
+            <div className="text-xs text-muted mt-0.5">Show a preview before the paywall</div>
+          </div>
+          <label className="relative inline-flex cursor-pointer">
+            <input type="checkbox" className="sr-only peer" />
+            <div className="w-9 h-5 bg-border rounded-full peer peer-checked:bg-accent transition-colors" />
+            <div className="absolute left-0.5 top-0.5 w-4 h-4 bg-surface rounded-full transition-transform peer-checked:translate-x-4" />
+          </label>
+        </div>
+
+        <div className="border-t border-border px-6 lg:px-10 py-5 flex items-center justify-between gap-4">
+          <div>
+            <div className="text-sm font-medium">Show Member Count</div>
+            <div className="text-xs text-muted mt-0.5">Display number of members publicly</div>
+          </div>
+          <label className="relative inline-flex cursor-pointer">
+            <input type="checkbox" className="sr-only peer" />
+            <div className="w-9 h-5 bg-border rounded-full peer peer-checked:bg-accent transition-colors" />
+            <div className="absolute left-0.5 top-0.5 w-4 h-4 bg-surface rounded-full transition-transform peer-checked:translate-x-4" />
+          </label>
+        </div>
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/pages/PluginsPage.tsx b/studio/src/pages/PluginsPage.tsx
new file mode 100644
index 0000000..fc9f207
--- /dev/null
+++ b/studio/src/pages/PluginsPage.tsx
@@ -0,0 +1,784 @@
+import { useState, useEffect } from 'react'
+import { useStore } from '@nanostores/react'
+import { $plugins, $currentPlugin, $compileResult, $isCompiling, $savePlugin, $deletePlugin, $togglePlugin, compilePlugin, type Plugin } from '../stores/plugins'
+import { $secrets, $createSecret, $deleteSecret } from '../stores/secrets'
+import { $hooks, fetchTemplate } from '../stores/hooks'
+import { $billing } from '../stores/billing'
+import { addToast } from '../stores/app'
+import { SettingsPageSkeleton, EmptyState, PageHeader } from '../components/shared'
+import { Icons } from '../components/shared/Icons'
+import { Button, Input, Modal, Toggle, Tabs, Dropdown, UsageIndicator } from '../components/ui'
+import type { Tab } from '../components/ui'
+import { PluginEditor } from '../components/editor'
+
+interface TestResult {
+  success: boolean
+  phase: 'compile' | 'execute'
+  output?: string
+  logs?: string[]
+  errors?: string[]
+  error?: string
+  compile_ms?: number
+  run_ms?: number
+}
+
+const LANGUAGE_TABS: Tab<'typescript' | 'go'>[] = [
+  { value: 'typescript', label: 'TypeScript', Icon: Icons.TypeScript },
+  { value: 'go', label: 'Go', Icon: Icons.Go },
+]
+
+export default function PluginsPage() {
+  const { data: plugins } = useStore($plugins)
+  const { data: secrets } = useStore($secrets)
+  const { data: hooks } = useStore($hooks)
+  const { data: billing } = useStore($billing)
+  const currentPlugin = useStore($currentPlugin)
+  const compileResult = useStore($compileResult)
+  const isCompiling = useStore($isCompiling)
+
+  const [view, setView] = useState<'list' | 'edit'>('list')
+  const [editingId, setEditingId] = useState<string | null>(null)
+  const [showSecretsPanel, setShowSecretsPanel] = useState(false)
+  const [showTestPanel, setShowTestPanel] = useState(false)
+  const [showSecretModal, setShowSecretModal] = useState(false)
+  const [newSecretKey, setNewSecretKey] = useState('')
+  const [newSecretValue, setNewSecretValue] = useState('')
+  const [isTesting, setIsTesting] = useState(false)
+  const [testResult, setTestResult] = useState<TestResult | null>(null)
+  const [testData, setTestData] = useState<string>('')
+
+  const handleNew = async () => {
+    const template = await fetchTemplate('post.published', 'typescript')
+    $currentPlugin.set({
+      name: '',
+      language: 'typescript',
+      source: template,
+      hooks: ['post.published'],
+      enabled: true,
+    })
+    setEditingId(null)
+    setView('edit')
+  }
+
+  const handleEdit = (plugin: Plugin) => {
+    $currentPlugin.set(plugin)
+    setEditingId(plugin.id)
+    setView('edit')
+  }
+
+  const handleLanguageChange = async (lang: string) => {
+    const prevLang = currentPlugin.language
+    $currentPlugin.setKey('language', lang as Plugin['language'])
+
+    // Update template if this is a new plugin or source matches the old template
+    const currentHook = currentPlugin.hooks?.[0] || 'post.published'
+    if (!editingId) {
+      const template = await fetchTemplate(currentHook, lang)
+      $currentPlugin.setKey('source', template)
+    } else {
+      // Check if current source is the default template for the old language
+      const oldTemplate = await fetchTemplate(currentHook, prevLang || 'typescript')
+      if (currentPlugin.source === oldTemplate) {
+        const newTemplate = await fetchTemplate(currentHook, lang)
+        $currentPlugin.setKey('source', newTemplate)
+      }
+    }
+  }
+
+  const handleHookChange = async (hook: string) => {
+    const prevHook = currentPlugin.hooks?.[0]
+    $currentPlugin.setKey('hooks', [hook])
+
+    // Update test data for new hook from backend
+    const hookInfo = hooks?.find(h => h.name === hook)
+    if (hookInfo?.test_data) {
+      setTestData(JSON.stringify(hookInfo.test_data, null, 2))
+    }
+    setTestResult(null)
+
+    // Update template if this is a new plugin or source matches the old template
+    const lang = currentPlugin.language || 'typescript'
+    if (!editingId) {
+      const template = await fetchTemplate(hook, lang)
+      $currentPlugin.setKey('source', template)
+    } else {
+      // Check if current source is the default template for the old hook
+      const oldTemplate = await fetchTemplate(prevHook || 'post.published', lang)
+      if (currentPlugin.source === oldTemplate) {
+        const newTemplate = await fetchTemplate(hook, lang)
+        $currentPlugin.setKey('source', newTemplate)
+      }
+    }
+  }
+
+  const handleTest = async () => {
+    if (!currentPlugin.source) return
+
+    setIsTesting(true)
+    setTestResult(null)
+
+    try {
+      let testDataObj = {}
+      try {
+        testDataObj = testData ? JSON.parse(testData) : {}
+      } catch {
+        addToast('Invalid test data JSON', 'error')
+        setIsTesting(false)
+        return
+      }
+
+      const res = await fetch('/api/studio/plugins/test', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          language: currentPlugin.language || 'typescript',
+          source: currentPlugin.source,
+          hook: currentPlugin.hooks?.[0] || 'post.published',
+          test_data: testDataObj,
+        }),
+      })
+
+      const result = await res.json()
+      setTestResult(result)
+
+      if (result.success) {
+        addToast('Test passed', 'success')
+      } else if (result.phase === 'compile') {
+        addToast('Compilation failed', 'error')
+      } else {
+        addToast('Execution failed', 'error')
+      }
+    } catch {
+      addToast('Test request failed', 'error')
+    } finally {
+      setIsTesting(false)
+    }
+  }
+
+  // Initialize test data when entering edit mode
+  useEffect(() => {
+    if (view === 'edit' && hooks && hooks.length > 0) {
+      const hook = currentPlugin.hooks?.[0] || 'post.published'
+      const hookInfo = hooks.find(h => h.name === hook)
+      if (hookInfo?.test_data) {
+        setTestData(JSON.stringify(hookInfo.test_data, null, 2))
+      }
+      setTestResult(null)
+    }
+    // eslint-disable-next-line react-hooks/exhaustive-deps
+  }, [view, hooks])
+
+  const handleCompile = async () => {
+    const result = await compilePlugin(currentPlugin.language!, currentPlugin.source!)
+    if (result.success) {
+      addToast('Compiled successfully', 'success')
+    } else {
+      addToast('Compilation failed', 'error')
+    }
+  }
+
+  const handleSave = async () => {
+    if (!currentPlugin.name) {
+      addToast('Plugin name is required', 'error')
+      return
+    }
+
+    const result = await compilePlugin(currentPlugin.language!, currentPlugin.source!)
+    if (!result.success) {
+      addToast('Fix compilation errors before saving', 'error')
+      return
+    }
+
+    try {
+      await $savePlugin.mutate({
+        ...(currentPlugin as Plugin),
+        id: editingId || crypto.randomUUID(),
+        wasm: result.wasm,
+      })
+      addToast('Plugin saved', 'success')
+      setView('list')
+    } catch (err) {
+      console.error('Save plugin error:', err)
+      addToast(`Failed to save plugin: ${err instanceof Error ? err.message : 'Unknown error'}`, 'error')
+    }
+  }
+
+  const handleDelete = async (id: string) => {
+    if (!confirm('Delete this plugin?')) return
+    try {
+      await $deletePlugin.mutate(id)
+      addToast('Plugin deleted', 'success')
+    } catch {
+      addToast('Failed to delete plugin', 'error')
+    }
+  }
+
+  const handleToggle = async (id: string, enabled: boolean) => {
+    await $togglePlugin.mutate({ id, enabled })
+  }
+
+  const handleAddSecret = async () => {
+    if (!newSecretKey || !newSecretValue) return
+    try {
+      await $createSecret.mutate({ key: newSecretKey, value: newSecretValue })
+      addToast('Secret added', 'success')
+      setNewSecretKey('')
+      setNewSecretValue('')
+      setShowSecretModal(false)
+    } catch {
+      addToast('Failed to add secret', 'error')
+    }
+  }
+
+  const handleDeleteSecret = async (key: string) => {
+    if (!confirm(`Delete secret "${key}"?`)) return
+    try {
+      await $deleteSecret.mutate(key)
+      addToast('Secret deleted', 'success')
+    } catch {
+      addToast('Failed to delete secret', 'error')
+    }
+  }
+
+  if (!plugins || !secrets || !hooks) return <SettingsPageSkeleton />
+
+  // ═══════════════════════════════════════════════════════════════════════════
+  // EDIT VIEW - Full-screen editor experience
+  // ═══════════════════════════════════════════════════════════════════════════
+  if (view === 'edit') {
+    return (
+      <div className="fixed inset-0 z-40 flex flex-col bg-bg">
+        {/* Header Bar */}
+        <div className="flex-none border-b border-border bg-surface px-4 py-3">
+          <div className="flex items-center justify-between gap-4">
+            {/* Left: Back + Name */}
+            <div className="flex items-center gap-3 flex-1 min-w-0">
+              <button
+                onClick={() => setView('list')}
+                className="p-1.5 -ml-1.5 text-muted hover:text-text hover:bg-bg rounded transition-colors"
+                title="Back to plugins"
+              >
+                <Icons.ArrowLeft className="w-5 h-5" />
+              </button>
+              <input
+                type="text"
+                value={currentPlugin.name || ''}
+                onChange={e => $currentPlugin.setKey('name', e.target.value)}
+                placeholder="Plugin name..."
+                className="flex-1 min-w-0 text-lg font-medium bg-transparent border-none outline-none placeholder:text-muted/50"
+              />
+            </div>
+
+            {/* Right: Actions */}
+            <div className="flex items-center gap-2 flex-none">
+              <button
+                onClick={() => { setShowTestPanel(!showTestPanel); setShowSecretsPanel(false) }}
+                className={`flex items-center gap-1.5 px-3 py-1.5 text-sm rounded transition-colors ${
+                  showTestPanel ? 'bg-accent/10 text-accent' : 'text-muted hover:text-text hover:bg-bg'
+                }`}
+              >
+                <Icons.Play className="w-4 h-4" />
+                <span className="hidden sm:inline">Test</span>
+              </button>
+              <button
+                onClick={() => { setShowSecretsPanel(!showSecretsPanel); setShowTestPanel(false) }}
+                className={`flex items-center gap-1.5 px-3 py-1.5 text-sm rounded transition-colors ${
+                  showSecretsPanel ? 'bg-accent/10 text-accent' : 'text-muted hover:text-text hover:bg-bg'
+                }`}
+              >
+                <Icons.Key className="w-4 h-4" />
+                <span className="hidden sm:inline">Secrets</span>
+                {secrets?.length ? (
+                  <span className="ml-1 px-1.5 py-0.5 text-xs bg-bg rounded-full">{secrets.length}</span>
+                ) : null}
+              </button>
+              <div className="w-px h-6 bg-border mx-1" />
+              <Button variant="secondary" onClick={handleCompile} disabled={isCompiling}>
+                {isCompiling ? (
+                  <>
+                    <Icons.Loader className="w-4 h-4 animate-spin" />
+                    <span className="hidden sm:inline ml-1.5">Compiling...</span>
+                  </>
+                ) : (
+                  <>
+                    <Icons.Check className="w-4 h-4" />
+                    <span className="hidden sm:inline ml-1.5">Compile</span>
+                  </>
+                )}
+              </Button>
+              <Button variant="primary" onClick={handleSave} disabled={isCompiling}>
+                <Icons.Save className="w-4 h-4" />
+                <span className="hidden sm:inline ml-1.5">Save</span>
+              </Button>
+            </div>
+          </div>
+
+          {/* Configuration Row */}
+          <div className="flex items-center gap-4 mt-3">
+            <Tabs
+              value={(currentPlugin.language || 'typescript') as 'typescript' | 'go'}
+              onChange={handleLanguageChange}
+              tabs={LANGUAGE_TABS}
+            />
+            <div className="w-px h-6 bg-border" />
+            <div className="flex items-center gap-2">
+              <label className="text-xs text-muted">Hook</label>
+              <Dropdown
+                value={currentPlugin.hooks?.[0] || 'post.published'}
+                onChange={handleHookChange}
+                options={(hooks || []).map(h => ({ value: h.name, label: h.label, description: h.description }))}
+                className="w-56"
+              />
+            </div>
+          </div>
+        </div>
+
+        {/* Main Content Area */}
+        <div className="flex-1 flex min-h-0 overflow-hidden">
+          {/* Editor */}
+          <div className="flex-1 flex flex-col min-w-0">
+            <div className="flex-1 min-h-0">
+              <PluginEditor
+                language={currentPlugin.language || 'typescript'}
+                value={currentPlugin.source || ''}
+                onChange={v => $currentPlugin.setKey('source', v)}
+                height="100%"
+                secretKeys={secrets?.map(s => s.key) || []}
+                hook={currentPlugin.hooks?.[0] || 'post.published'}
+              />
+            </div>
+
+            {/* Compile Status Bar */}
+            {compileResult && (
+              <div className={`flex-none px-4 py-2 text-sm font-mono border-t ${
+                compileResult.success
+                  ? 'bg-success/5 text-success border-success/20'
+                  : 'bg-danger/5 text-danger border-danger/20'
+              }`}>
+                {compileResult.success ? (
+                  <div className="flex items-center gap-2">
+                    <Icons.Check className="w-4 h-4" />
+                    <span>Compiled successfully</span>
+                    <span className="text-muted">·</span>
+                    <span className="text-muted">{(compileResult.size! / 1024).toFixed(1)} KB</span>
+                    <span className="text-muted">·</span>
+                    <span className="text-muted">{compileResult.time_ms}ms</span>
+                  </div>
+                ) : (
+                  <div className="flex items-start gap-2">
+                    <Icons.AlertCircle className="w-4 h-4 mt-0.5 flex-none" />
+                    <pre className="whitespace-pre-wrap overflow-auto max-h-32">{compileResult.errors?.join('\n')}</pre>
+                  </div>
+                )}
+              </div>
+            )}
+          </div>
+
+          {/* Test Panel (Slide-in) */}
+          {showTestPanel && (
+            <div className="w-96 flex-none border-l border-border bg-surface overflow-y-auto flex flex-col">
+              <div className="p-4 border-b border-border flex-none">
+                <div className="flex items-center justify-between mb-2">
+                  <h3 className="font-medium">Test Plugin</h3>
+                  <button
+                    onClick={() => setShowTestPanel(false)}
+                    className="p-1 text-muted hover:text-text rounded"
+                  >
+                    <Icons.Close className="w-4 h-4" />
+                  </button>
+                </div>
+                <p className="text-xs text-muted">
+                  Run your plugin with test data to verify it works correctly.
+                </p>
+              </div>
+
+              <div className="flex-1 flex flex-col min-h-0 overflow-hidden">
+                {/* Test Data Input */}
+                <div className="p-4 border-b border-border flex-none">
+                  <label className="text-xs font-medium text-muted uppercase tracking-wide mb-2 block">
+                    Test Data (JSON)
+                  </label>
+                  <textarea
+                    value={testData}
+                    onChange={e => setTestData(e.target.value)}
+                    className="w-full h-40 p-3 text-xs font-mono bg-bg border border-border rounded resize-none focus:outline-none focus:border-accent"
+                    placeholder="{}"
+                  />
+                </div>
+
+                {/* Run Button */}
+                <div className="p-4 border-b border-border flex-none">
+                  <Button
+                    variant="primary"
+                    className="w-full"
+                    onClick={handleTest}
+                    disabled={isTesting}
+                  >
+                    {isTesting ? (
+                      <>
+                        <Icons.Loader className="w-4 h-4 animate-spin" />
+                        Running...
+                      </>
+                    ) : (
+                      <>
+                        <Icons.Play className="w-4 h-4" />
+                        Run Test
+                      </>
+                    )}
+                  </Button>
+                </div>
+
+                {/* Test Results */}
+                {testResult && (
+                  <div className="flex-1 overflow-y-auto p-4">
+                    <div className={`mb-4 p-3 rounded ${
+                      testResult.success
+                        ? 'bg-success/10 text-success border border-success/20'
+                        : 'bg-danger/10 text-danger border border-danger/20'
+                    }`}>
+                      <div className="flex items-center gap-2 text-sm font-medium">
+                        {testResult.success ? (
+                          <>
+                            <Icons.Check className="w-4 h-4" />
+                            Test Passed
+                          </>
+                        ) : (
+                          <>
+                            <Icons.AlertCircle className="w-4 h-4" />
+                            Test Failed ({testResult.phase})
+                          </>
+                        )}
+                      </div>
+                      {(testResult.compile_ms != null || testResult.run_ms != null) && (
+                        <div className="text-xs mt-1 opacity-80">
+                          {testResult.compile_ms != null && <span>Compile: {testResult.compile_ms}ms</span>}
+                          {testResult.compile_ms != null && testResult.run_ms != null && <span> · </span>}
+                          {testResult.run_ms != null && <span>Run: {testResult.run_ms}ms</span>}
+                        </div>
+                      )}
+                    </div>
+
+                    {/* Errors */}
+                    {testResult.errors && testResult.errors.length > 0 && (
+                      <div className="mb-4">
+                        <label className="text-xs font-medium text-muted uppercase tracking-wide mb-2 block">
+                          Compile Errors
+                        </label>
+                        <pre className="p-3 text-xs font-mono bg-danger/5 text-danger border border-danger/20 rounded overflow-x-auto whitespace-pre-wrap">
+                          {testResult.errors.join('\n')}
+                        </pre>
+                      </div>
+                    )}
+
+                    {testResult.error && (
+                      <div className="mb-4">
+                        <label className="text-xs font-medium text-muted uppercase tracking-wide mb-2 block">
+                          Runtime Error
+                        </label>
+                        <pre className="p-3 text-xs font-mono bg-danger/5 text-danger border border-danger/20 rounded overflow-x-auto whitespace-pre-wrap">
+                          {testResult.error}
+                        </pre>
+                      </div>
+                    )}
+
+                    {/* Logs */}
+                    {testResult.logs && testResult.logs.length > 0 && (
+                      <div className="mb-4">
+                        <label className="text-xs font-medium text-muted uppercase tracking-wide mb-2 block">
+                          Logs
+                        </label>
+                        <div className="p-3 text-xs font-mono bg-bg border border-border rounded overflow-x-auto">
+                          {testResult.logs.map((log, i) => (
+                            <div key={i} className={`${
+                              log.startsWith('[HTTP]') ? 'text-cyan-500' :
+                              log.startsWith('[KV]') ? 'text-yellow-500' :
+                              log.startsWith('[LOG]') ? 'text-text' : 'text-muted'
+                            }`}>
+                              {log}
+                            </div>
+                          ))}
+                        </div>
+                      </div>
+                    )}
+
+                    {/* Output */}
+                    {testResult.output && (
+                      <div>
+                        <label className="text-xs font-medium text-muted uppercase tracking-wide mb-2 block">
+                          Output
+                        </label>
+                        <pre className="p-3 text-xs font-mono bg-bg border border-border rounded overflow-x-auto whitespace-pre-wrap">
+                          {testResult.output}
+                        </pre>
+                      </div>
+                    )}
+                  </div>
+                )}
+              </div>
+            </div>
+          )}
+
+          {/* Secrets Panel (Slide-in) */}
+          {showSecretsPanel && (
+            <div className="w-72 flex-none border-l border-border bg-surface overflow-y-auto">
+              <div className="p-4">
+                <div className="flex items-center justify-between mb-4">
+                  <h3 className="font-medium">Secrets</h3>
+                  <button
+                    onClick={() => setShowSecretsPanel(false)}
+                    className="p-1 text-muted hover:text-text rounded"
+                  >
+                    <Icons.Close className="w-4 h-4" />
+                  </button>
+                </div>
+
+                <p className="text-xs text-muted mb-4">
+                  Access secrets in your code as <code className="px-1 py-0.5 bg-bg rounded">Runner.secrets.KEY_NAME</code>
+                </p>
+
+                {secrets?.length ? (
+                  <div className="space-y-2 mb-4">
+                    {secrets.map(s => (
+                      <div key={s.key} className="flex items-center justify-between p-2 bg-bg rounded group">
+                        <code className="text-xs font-mono truncate">{s.key}</code>
+                        <button
+                          onClick={() => handleDeleteSecret(s.key)}
+                          className="p-1 text-muted hover:text-danger opacity-0 group-hover:opacity-100 transition-opacity"
+                        >
+                          <Icons.Trash className="w-3.5 h-3.5" />
+                        </button>
+                      </div>
+                    ))}
+                  </div>
+                ) : (
+                  <div className="py-6 text-center text-sm text-muted">
+                    <Icons.Key className="w-8 h-8 mx-auto mb-2 opacity-30" />
+                    <p>No secrets yet</p>
+                  </div>
+                )}
+
+                <Button variant="secondary" className="w-full" onClick={() => setShowSecretModal(true)}>
+                  <Icons.Plus className="w-4 h-4" />
+                  Add Secret
+                </Button>
+              </div>
+            </div>
+          )}
+        </div>
+
+        {/* Secret Modal */}
+        <Modal open={showSecretModal} onClose={() => setShowSecretModal(false)} title="Add Secret">
+          <div className="space-y-4">
+            <div>
+              <label className="label">Key</label>
+              <Input
+                value={newSecretKey}
+                onChange={v => setNewSecretKey(v.toUpperCase().replace(/[^A-Z0-9_]/g, ''))}
+                placeholder="SLACK_WEBHOOK"
+              />
+              <p className="text-xs text-muted mt-1.5">Use UPPER_SNAKE_CASE</p>
+            </div>
+            <div>
+              <label className="label">Value</label>
+              <Input
+                type="password"
+                value={newSecretValue}
+                onChange={setNewSecretValue}
+                placeholder="https://hooks.slack.com/..."
+              />
+            </div>
+            <div className="flex justify-end gap-2 pt-2">
+              <Button variant="secondary" onClick={() => setShowSecretModal(false)}>Cancel</Button>
+              <Button variant="primary" onClick={handleAddSecret}>Add Secret</Button>
+            </div>
+          </div>
+        </Modal>
+      </div>
+    )
+  }
+
+  // ═══════════════════════════════════════════════════════════════════════════
+  // LIST VIEW - Plugin management
+  // ═══════════════════════════════════════════════════════════════════════════
+  return (
+    <div>
+      <PageHeader>
+        {billing && billing.usage.plugins >= billing.tiers[billing.current_tier].max_plugins ? (
+          <div className="flex items-center gap-3">
+            <span className="text-sm text-muted">Plugin limit reached</span>
+            <Button variant="primary" href="/studio/billing">Upgrade</Button>
+          </div>
+        ) : (
+          <Button variant="primary" onClick={handleNew}>
+            <Icons.Plus className="w-4 h-4" />
+            New Plugin
+          </Button>
+        )}
+      </PageHeader>
+
+      {/* Panel container - full-bleed borders */}
+      <div className="-mx-6 lg:-mx-10">
+        {/* Plugin List */}
+        <div className="px-6 lg:px-10 py-5">
+          <div className="flex items-center justify-between">
+            <div className="text-xs font-medium text-muted uppercase tracking-wide">Your Plugins</div>
+            {billing && (
+              <UsageIndicator
+                used={billing.usage.plugins}
+                max={billing.tiers[billing.current_tier].max_plugins}
+                label="used"
+              />
+            )}
+          </div>
+        </div>
+        <div className="border-t border-border">
+          {!plugins?.length ? (
+            <div className="px-6 lg:px-10 py-12">
+              <EmptyState
+                Icon={Icons.Code}
+                title="No plugins yet"
+                description="Create plugins to add notifications, integrations, content moderation, and more"
+              />
+              <div className="flex justify-center mt-6">
+                <Button variant="primary" onClick={handleNew}>
+                  <Icons.Plus className="w-4 h-4" />
+                  Create your first plugin
+                </Button>
+              </div>
+            </div>
+          ) : (
+            plugins.map((plugin, i) => {
+              const hookInfo = hooks?.find(h => h.name === plugin.hooks[0])
+              const langTab = LANGUAGE_TABS.find(l => l.value === plugin.language)
+              const LangIcon = langTab?.Icon
+
+              return (
+                <div
+                  key={plugin.id}
+                  className={`group flex items-center justify-between px-6 lg:px-10 py-4 hover:bg-surface/50 transition-colors ${i > 0 ? 'border-t border-border' : ''}`}
+                >
+                  <div className="flex items-center gap-4 min-w-0">
+                    <div
+                      className={`w-2.5 h-2.5 rounded-full flex-none ${
+                        plugin.enabled ? 'bg-success' : 'bg-border'
+                      }`}
+                      title={plugin.enabled ? 'Enabled' : 'Disabled'}
+                    />
+                    <div className="min-w-0">
+                      <div className="font-medium truncate">{plugin.name}</div>
+                      <div className="flex items-center gap-2 text-xs text-muted mt-0.5">
+                        <span>{hookInfo?.label || plugin.hooks[0]}</span>
+                        <span>·</span>
+                        <span className="flex items-center gap-1">
+                          {LangIcon && <LangIcon className="w-3.5 h-3.5" />}
+                          {langTab?.label || plugin.language}
+                        </span>
+                        {plugin.wasm_size ? (
+                          <>
+                            <span>·</span>
+                            <span>{(plugin.wasm_size / 1024).toFixed(1)} KB</span>
+                          </>
+                        ) : null}
+                      </div>
+                    </div>
+                  </div>
+
+                  <div className="flex items-center gap-1">
+                    <Toggle
+                      checked={plugin.enabled}
+                      onChange={v => handleToggle(plugin.id, v)}
+                    />
+                    <button
+                      onClick={() => handleEdit(plugin)}
+                      className="p-2 text-muted hover:text-text hover:bg-bg rounded transition-colors"
+                      title="Edit"
+                    >
+                      <Icons.Edit className="w-4 h-4" />
+                    </button>
+                    <button
+                      onClick={() => handleDelete(plugin.id)}
+                      className="p-2 text-muted hover:text-danger hover:bg-danger/5 rounded transition-colors"
+                      title="Delete"
+                    >
+                      <Icons.Trash className="w-4 h-4" />
+                    </button>
+                  </div>
+                </div>
+              )
+            })
+          )}
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Secrets Section */}
+        <div className="px-6 lg:px-10 py-5 flex items-center justify-between">
+          <div>
+            <div className="text-xs font-medium text-muted uppercase tracking-wide">Secrets</div>
+            <div className="text-xs text-muted mt-0.5">API keys and sensitive data available to all plugins</div>
+          </div>
+          <Button variant="secondary" onClick={() => setShowSecretModal(true)}>
+            <Icons.Plus className="w-4 h-4" />
+            Add Secret
+          </Button>
+        </div>
+        <div className="px-6 lg:px-10 py-6">
+          {!secrets?.length ? (
+            <div className="py-8 text-center border border-dashed border-border">
+              <Icons.Key className="w-8 h-8 mx-auto text-muted/30 mb-2" />
+              <p className="text-sm text-muted">No secrets configured</p>
+              <p className="text-xs text-muted mt-1">Add API keys for services like Slack, Resend, or OpenAI</p>
+            </div>
+          ) : (
+            <div className="grid gap-2 sm:grid-cols-2 lg:grid-cols-3">
+              {secrets.map(s => (
+                <div key={s.key} className="flex items-center justify-between p-3 bg-surface border border-border group">
+                  <div className="flex items-center gap-2 min-w-0">
+                    <Icons.Key className="w-4 h-4 text-muted flex-none" />
+                    <code className="text-sm font-mono truncate">{s.key}</code>
+                  </div>
+                  <button
+                    onClick={() => handleDeleteSecret(s.key)}
+                    className="p-1.5 text-muted hover:text-danger hover:bg-danger/5 rounded opacity-0 group-hover:opacity-100 transition-all"
+                    title="Delete"
+                  >
+                    <Icons.Trash className="w-4 h-4" />
+                  </button>
+                </div>
+              ))}
+            </div>
+          )}
+        </div>
+      </div>
+
+      {/* Add Secret Modal */}
+      <Modal open={showSecretModal} onClose={() => setShowSecretModal(false)} title="Add Secret">
+        <div className="space-y-4">
+          <div>
+            <label className="label">Key</label>
+            <Input
+              value={newSecretKey}
+              onChange={v => setNewSecretKey(v.toUpperCase().replace(/[^A-Z0-9_]/g, ''))}
+              placeholder="SLACK_WEBHOOK"
+            />
+            <p className="text-xs text-muted mt-1.5">Use UPPER_SNAKE_CASE for consistency</p>
+          </div>
+          <div>
+            <label className="label">Value</label>
+            <Input
+              type="password"
+              value={newSecretValue}
+              onChange={setNewSecretValue}
+              placeholder="https://hooks.slack.com/..."
+            />
+            <p className="text-xs text-muted mt-1.5">Stored encrypted, never displayed again</p>
+          </div>
+          <div className="flex justify-end gap-2 pt-2">
+            <Button variant="secondary" onClick={() => setShowSecretModal(false)}>Cancel</Button>
+            <Button variant="primary" onClick={handleAddSecret}>Add Secret</Button>
+          </div>
+        </div>
+      </Modal>
+    </div>
+  )
+}
diff --git a/studio/src/pages/PostEditorPage.tsx b/studio/src/pages/PostEditorPage.tsx
new file mode 100644
index 0000000..aebed5f
--- /dev/null
+++ b/studio/src/pages/PostEditorPage.tsx
@@ -0,0 +1,285 @@
+import { useState, useEffect } from 'react'
+import { useStore } from '@nanostores/react'
+import { $router } from '../stores/router'
+import {
+  $editorMode,
+  $editorPost,
+  $hasChanges,
+  $isNewPost,
+  $hasDraft,
+  $isSaving,
+  $isPublishing,
+  $savePost,
+  initNewPost,
+  loadPost,
+  updateTitle,
+  triggerAutoSave,
+  discardDraft,
+  publishPost,
+  unpublishPost,
+  getPreviewUrl,
+  type EditorMode
+} from '../stores/editor'
+import { addToast } from '../stores/app'
+import { SettingsPageSkeleton } from '../components/shared'
+import { Icons } from '../components/shared/Icons'
+import { Button, Tabs } from '../components/ui'
+import type { Tab } from '../components/ui'
+import { PostEditor } from '../components/editor/PostEditor'
+import { SourceEditor } from '../components/editor/SourceEditor'
+import { MetadataPanel } from '../components/editor/MetadataPanel'
+
+const MODE_TABS: Tab<EditorMode>[] = [
+  { value: 'edit', label: 'Edit' },
+  { value: 'source', label: 'Source' },
+]
+
+export default function PostEditorPage() {
+  const router = useStore($router)
+  const mode = useStore($editorMode)
+  const post = useStore($editorPost)
+  const hasChanges = useStore($hasChanges)
+  const isNew = useStore($isNewPost)
+  const hasDraft = useStore($hasDraft)
+  const isSaving = useStore($isSaving)
+  const isPublishing = useStore($isPublishing)
+  const savePostStore = useStore($savePost)
+
+  const [showMetadata, setShowMetadata] = useState(true)
+  const [isLoading, setIsLoading] = useState(true)
+
+  useEffect(() => {
+    const init = async () => {
+      setIsLoading(true)
+      if (router?.route === 'postNew') {
+        initNewPost()
+      } else if (router?.route === 'postEdit' && router.params && 'slug' in router.params) {
+        const success = await loadPost(router.params.slug as string)
+        if (!success) {
+          addToast('Post not found', 'error')
+          $router.open('posts')
+          return
+        }
+      }
+      setIsLoading(false)
+    }
+    init()
+  }, [router])
+
+  const handleContentChange = (markdown: string) => {
+    $editorPost.setKey('content', markdown)
+    triggerAutoSave()
+  }
+
+  const handleTitleChange = (title: string) => {
+    updateTitle(title)
+    triggerAutoSave()
+  }
+
+  const handleCreate = async () => {
+    if (!post.title) {
+      addToast('Title is required', 'error')
+      return
+    }
+
+    try {
+      await savePostStore.mutate(post)
+      addToast('Post created', 'success')
+      if (post.slug) {
+        window.history.replaceState(null, '', `/studio/posts/${post.slug}/edit`)
+      }
+    } catch (err) {
+      addToast(err instanceof Error ? err.message : 'Failed to create post', 'error')
+    }
+  }
+
+  const handlePublish = async () => {
+    const success = await publishPost()
+    if (success) {
+      addToast('Published successfully', 'success')
+    } else {
+      addToast('Failed to publish', 'error')
+    }
+  }
+
+  const handleUnpublish = async () => {
+    const success = await unpublishPost()
+    if (success) {
+      addToast('Unpublished', 'success')
+    } else {
+      addToast('Failed to unpublish', 'error')
+    }
+  }
+
+  const handleDiscardDraft = async () => {
+    if (!confirm('Discard all changes and revert to the published version?')) {
+      return
+    }
+    const success = await discardDraft()
+    if (success) {
+      addToast('Draft discarded', 'success')
+    } else {
+      addToast('Failed to discard draft', 'error')
+    }
+  }
+
+  const handlePreview = () => {
+    const url = getPreviewUrl()
+    if (url) window.open(url, '_blank')
+  }
+
+  const handleBack = () => {
+    if (hasChanges && !confirm('You have unsaved changes. Leave anyway?')) {
+      return
+    }
+    $router.open('posts')
+  }
+
+  if (isLoading) return <SettingsPageSkeleton />
+
+  return (
+    <div className="fixed inset-0 z-40 flex flex-col bg-bg">
+      {/* Header Bar */}
+      <div className="flex-none border-b border-border bg-surface px-4 py-3">
+        <div className="flex items-center justify-between gap-4">
+          {/* Left: Back + Title */}
+          <div className="flex items-center gap-3 flex-1 min-w-0">
+            <button
+              onClick={handleBack}
+              className="p-1.5 -ml-1.5 text-muted hover:text-text hover:bg-bg rounded transition-colors"
+              title="Back to posts"
+            >
+              <Icons.ArrowLeft className="w-5 h-5" />
+            </button>
+            <input
+              type="text"
+              value={post.title}
+              onChange={e => handleTitleChange(e.target.value)}
+              placeholder="Post title..."
+              className="flex-1 min-w-0 text-lg font-medium bg-transparent border-none outline-none placeholder:text-muted/50"
+            />
+          </div>
+
+          {/* Center: Mode Toggle */}
+          <div className="flex-none">
+            <Tabs
+              value={mode}
+              onChange={(v) => $editorMode.set(v as EditorMode)}
+              tabs={MODE_TABS}
+            />
+          </div>
+
+          {/* Right: Actions */}
+          <div className="flex items-center gap-2 flex-none">
+            <button
+              onClick={() => setShowMetadata(!showMetadata)}
+              className={`flex items-center gap-1.5 px-3 py-1.5 text-sm rounded transition-colors ${
+                showMetadata ? 'bg-accent/10 text-accent' : 'text-muted hover:text-text hover:bg-bg'
+              }`}
+              title="Toggle metadata panel"
+            >
+              <Icons.Settings className="w-4 h-4" />
+            </button>
+            <Button
+              variant="secondary"
+              onClick={handlePreview}
+              disabled={!post.slug}
+            >
+              <Icons.Eye className="w-4 h-4" />
+              <span className="hidden sm:inline ml-1.5">Preview</span>
+            </Button>
+
+            {isNew ? (
+              <Button
+                variant="primary"
+                onClick={handleCreate}
+                disabled={savePostStore.loading}
+              >
+                {savePostStore.loading ? (
+                  <>
+                    <Icons.Loader className="w-4 h-4 animate-spin" />
+                    <span className="hidden sm:inline ml-1.5">Creating...</span>
+                  </>
+                ) : (
+                  <>
+                    <Icons.Plus className="w-4 h-4" />
+                    <span className="hidden sm:inline ml-1.5">Create</span>
+                  </>
+                )}
+              </Button>
+            ) : (
+              <>
+                {isSaving && (
+                  <span className="flex items-center gap-1.5 text-xs text-muted">
+                    <Icons.Loader className="w-3.5 h-3.5 animate-spin" />
+                    <span className="hidden sm:inline">Saving...</span>
+                  </span>
+                )}
+                {!isSaving && hasChanges && (
+                  <span className="text-xs text-muted">Unsaved</span>
+                )}
+                {hasDraft && (
+                  <Button
+                    variant="secondary"
+                    onClick={handleDiscardDraft}
+                    disabled={isSaving || isPublishing}
+                  >
+                    <Icons.Undo className="w-4 h-4" />
+                    <span className="hidden sm:inline ml-1.5">Discard</span>
+                  </Button>
+                )}
+                {!post.draft ? (
+                  <Button
+                    variant="secondary"
+                    onClick={handleUnpublish}
+                    disabled={isPublishing}
+                  >
+                    <Icons.EyeOff className="w-4 h-4" />
+                    <span className="hidden sm:inline ml-1.5">Unpublish</span>
+                  </Button>
+                ) : (
+                  <Button
+                    variant="primary"
+                    onClick={handlePublish}
+                    disabled={isPublishing}
+                  >
+                    {isPublishing ? (
+                      <>
+                        <Icons.Loader className="w-4 h-4 animate-spin" />
+                        <span className="hidden sm:inline ml-1.5">Publishing...</span>
+                      </>
+                    ) : (
+                      <>
+                        <Icons.Send className="w-4 h-4" />
+                        <span className="hidden sm:inline ml-1.5">Publish</span>
+                      </>
+                    )}
+                  </Button>
+                )}
+              </>
+            )}
+          </div>
+        </div>
+      </div>
+
+      {/* Main Content Area */}
+      <div className="flex-1 flex min-h-0 overflow-hidden">
+        {/* Editor */}
+        <div className="flex-1 flex flex-col min-w-0 overflow-hidden">
+          <div className="flex-1 min-h-0 overflow-auto">
+            {mode === 'edit' ? (
+              <PostEditor onChange={handleContentChange} />
+            ) : (
+              <SourceEditor onChange={handleContentChange} />
+            )}
+          </div>
+        </div>
+
+        {/* Metadata Panel (Slide-in) */}
+        {showMetadata && (
+          <MetadataPanel onClose={() => setShowMetadata(false)} />
+        )}
+      </div>
+    </div>
+  )
+}
diff --git a/studio/src/pages/PostsPage.tsx b/studio/src/pages/PostsPage.tsx
new file mode 100644
index 0000000..ccd2ed1
--- /dev/null
+++ b/studio/src/pages/PostsPage.tsx
@@ -0,0 +1,302 @@
+import { useStore } from '@nanostores/react'
+import { $posts, $deletePost } from '../stores/posts'
+import { $analytics } from '../stores/analytics'
+import { addToast } from '../stores/app'
+import { Button, Modal, Badge, ActionMenu, Input, Tabs } from '../components/ui'
+import { EmptyState, PostsPageSkeleton, PageHeader } from '../components/shared'
+import { Icons } from '../components/shared/Icons'
+import { useState, useMemo } from 'react'
+import type { Post } from '../types'
+
+type FilterTab = 'all' | 'published' | 'drafts'
+
+export default function PostsPage() {
+  const { data, error } = useStore($posts)
+  const { data: analytics } = useStore($analytics)
+  const deletePostMutation = useStore($deletePost)
+  const [deleteModal, setDeleteModal] = useState<Post | null>(null)
+  const [search, setSearch] = useState('')
+  const [filter, setFilter] = useState<FilterTab>('all')
+
+  const handleDelete = async () => {
+    if (!deleteModal) return
+    try {
+      await deletePostMutation.mutate(deleteModal.slug)
+      addToast('Post deleted', 'success')
+      setDeleteModal(null)
+    } catch {
+      addToast('Failed to delete post', 'error')
+    }
+  }
+
+  const copyUrl = (slug: string) => {
+    const url = `${window.location.origin}/posts/${slug}`
+    navigator.clipboard.writeText(url)
+    addToast('URL copied', 'success')
+  }
+
+  const getPostViews = (slug: string): number => {
+    if (!analytics?.top_pages) return 0
+    const page = analytics.top_pages.find(p => p.path === `/posts/${slug}`)
+    return page?.views || 0
+  }
+
+  const formatRelativeTime = (dateStr: string) => {
+    const date = new Date(dateStr)
+    const now = new Date()
+    const diffMs = now.getTime() - date.getTime()
+    const diffMins = Math.floor(diffMs / 60000)
+    const diffHours = Math.floor(diffMs / 3600000)
+    const diffDays = Math.floor(diffMs / 86400000)
+
+    if (diffMins < 1) return 'Just now'
+    if (diffMins < 60) return `${diffMins}m ago`
+    if (diffHours < 24) return `${diffHours}h ago`
+    if (diffDays < 7) return `${diffDays}d ago`
+    return date.toLocaleDateString('en-US', { month: 'short', day: 'numeric' })
+  }
+
+  const formatDate = (dateStr: string) => {
+    return new Date(dateStr).toLocaleDateString('en-US', {
+      month: 'short',
+      day: 'numeric',
+    })
+  }
+
+  const formatViews = (views: number) => {
+    if (views >= 1000) return `${(views / 1000).toFixed(1)}k`
+    return views.toString()
+  }
+
+  const filteredPosts = useMemo(() => {
+    if (!data) return []
+
+    let posts = [...data]
+
+    if (filter === 'published') {
+      posts = posts.filter(p => !p.draft)
+    } else if (filter === 'drafts') {
+      posts = posts.filter(p => p.draft)
+    }
+
+    if (search.trim()) {
+      const q = search.toLowerCase()
+      posts = posts.filter(p =>
+        p.title.toLowerCase().includes(q) ||
+        p.slug.toLowerCase().includes(q) ||
+        p.tags.some(t => t.toLowerCase().includes(q))
+      )
+    }
+
+    return posts.sort((a, b) => {
+      if (a.draft && !b.draft) return -1
+      if (!a.draft && b.draft) return 1
+      const dateA = a.draft ? new Date(a.updated_at) : new Date(a.date)
+      const dateB = b.draft ? new Date(b.updated_at) : new Date(b.date)
+      return dateB.getTime() - dateA.getTime()
+    })
+  }, [data, filter, search])
+
+  if (!data) return <PostsPageSkeleton />
+  if (error) return <EmptyState Icon={Icons.AlertCircle} title="Failed to load posts" description={error.message} />
+
+  const totalPosts = data.length
+  const draftCount = data.filter(p => p.draft).length
+  const publishedCount = data.filter(p => !p.draft).length
+  const totalViews = analytics?.total_views || 0
+
+  if (data.length === 0) {
+    return (
+      <div className="space-y-6">
+        <PageHeader />
+        <EmptyState
+          Icon={Icons.Posts}
+          title="No posts yet"
+          description="Create your first post to get started"
+          action={<Button variant="primary" Icon={Icons.Plus} href="/studio/posts/new">New Post</Button>}
+        />
+      </div>
+    )
+  }
+
+  const tabs = [
+    { value: 'all' as FilterTab, label: `All (${totalPosts})` },
+    { value: 'published' as FilterTab, label: `Published (${publishedCount})` },
+    { value: 'drafts' as FilterTab, label: `Drafts (${draftCount})` },
+  ]
+
+  return (
+    <div>
+      <PageHeader>
+        <Button variant="primary" Icon={Icons.Plus} href="/studio/posts/new">New Post</Button>
+      </PageHeader>
+
+      {/* Panel container - full-bleed borders */}
+      <div className="-mx-6 lg:-mx-10 mt-6">
+        {/* Stats row */}
+        <div className="relative">
+          <div className="absolute top-0 bottom-0 border-l border-border" style={{ left: '33.333%' }} />
+          <div className="absolute top-0 bottom-0 border-l border-border" style={{ left: '66.666%' }} />
+
+          <div className="grid grid-cols-3">
+            <div className="py-4 pl-6 lg:pl-10 pr-6">
+              <div className="text-xs text-muted mb-0.5">Total Posts</div>
+              <div className="text-xl font-semibold tracking-tight">{totalPosts}</div>
+            </div>
+            <div className="py-4 px-6">
+              <div className="text-xs text-muted mb-0.5">Published</div>
+              <div className="text-xl font-semibold tracking-tight">{publishedCount}</div>
+            </div>
+            <div className="py-4 pr-6 lg:pr-10 pl-6">
+              <div className="text-xs text-muted mb-0.5">Total Views</div>
+              <div className="text-xl font-semibold tracking-tight">{totalViews.toLocaleString()}</div>
+            </div>
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Filter and Search */}
+        <div className="px-6 lg:px-10 py-4 flex flex-col sm:flex-row sm:items-center gap-4">
+          <Tabs value={filter} onChange={setFilter} tabs={tabs} />
+          <div className="flex-1 sm:max-w-xs sm:ml-auto">
+            <Input
+              value={search}
+              onChange={setSearch}
+              placeholder="Search posts..."
+              Icon={Icons.Search}
+            />
+          </div>
+        </div>
+
+        <div className="border-t border-border" />
+
+        {/* Posts list */}
+        {filteredPosts.length === 0 ? (
+          <div className="px-6 lg:px-10 py-12">
+            <EmptyState
+              Icon={Icons.Search}
+              title="No posts found"
+              description={search ? `No posts matching "${search}"` : 'No posts in this category'}
+            />
+          </div>
+        ) : (
+          filteredPosts.map((post, i) => {
+            const views = getPostViews(post.slug)
+            const isDraft = post.draft
+            const hasWarning = !isDraft && !post.description
+
+            return (
+              <div
+                key={post.id}
+                className={`group relative flex items-center gap-4 px-6 lg:px-10 py-4 transition-colors hover:bg-surface/50 cursor-pointer ${i > 0 ? 'border-t border-border' : ''}`}
+                onClick={(e) => {
+                  if ((e.target as HTMLElement).closest('[data-action-menu]')) return
+                  window.location.href = `/studio/posts/${post.slug}/edit`
+                }}
+              >
+                <a
+                  href={`/studio/posts/${post.slug}/edit`}
+                  className="flex-1 min-w-0"
+                  onClick={(e) => e.stopPropagation()}
+                >
+                  <div className="flex items-center gap-2.5 mb-1">
+                    {isDraft && <Badge variant="draft">Draft</Badge>}
+                    <h3 className="text-sm font-medium text-text truncate group-hover:text-accent transition-colors">
+                      {post.title || 'Untitled'}
+                    </h3>
+                    {post.members_only && (
+                      <Icons.Crown className="w-3.5 h-3.5 text-amber-500 flex-shrink-0" title="Members only" />
+                    )}
+                    {hasWarning && (
+                      <span className="flex-shrink-0 text-[10px] text-warning/80 font-medium uppercase tracking-wide">
+                        No description
+                      </span>
+                    )}
+                  </div>
+                  <div className="flex items-center gap-3 text-xs text-muted">
+                    <code className="text-[11px] opacity-60">/posts/{post.slug}</code>
+                    <span className="text-border">|</span>
+                    {isDraft ? (
+                      <span className="flex items-center gap-1">
+                        <Icons.Clock className="w-3 h-3 opacity-60" />
+                        {formatRelativeTime(post.updated_at)}
+                      </span>
+                    ) : (
+                      <>
+                        <span className="font-medium">{formatDate(post.date)}</span>
+                        {views > 0 && (
+                          <>
+                            <span className="text-border">|</span>
+                            <span className="flex items-center gap-1">
+                              <Icons.Eye className="w-3 h-3 opacity-60" />
+                              {formatViews(views)}
+                            </span>
+                          </>
+                        )}
+                      </>
+                    )}
+                    {post.tags.length > 0 && (
+                      <>
+                        <span className="text-border hidden sm:inline">|</span>
+                        <span className="truncate opacity-70 hidden sm:inline">
+                          {post.tags.slice(0, 2).join(', ')}
+                          {post.tags.length > 2 && ` +${post.tags.length - 2}`}
+                        </span>
+                      </>
+                    )}
+                  </div>
+                </a>
+
+                <ActionMenu
+                  items={[
+                    {
+                      label: 'Edit',
+                      Icon: Icons.Edit,
+                      href: `/studio/posts/${post.slug}/edit`,
+                    },
+                    ...(!isDraft ? [{
+                      label: 'View',
+                      Icon: Icons.Eye,
+                      href: `/posts/${post.slug}`,
+                      external: true,
+                    }] : []),
+                    {
+                      label: 'Copy URL',
+                      Icon: Icons.Copy,
+                      onClick: () => copyUrl(post.slug),
+                    },
+                    {
+                      label: 'Delete',
+                      Icon: Icons.Trash,
+                      variant: 'danger' as const,
+                      onClick: () => setDeleteModal(post),
+                    },
+                  ]}
+                />
+              </div>
+            )
+          })
+        )}
+      </div>
+
+      <Modal
+        open={!!deleteModal}
+        onClose={() => setDeleteModal(null)}
+        title="Delete Post"
+      >
+        <p className="text-sm text-muted mb-6">
+          Are you sure you want to delete <span className="font-medium text-text">"{deleteModal?.title}"</span>? This action cannot be undone.
+        </p>
+        <div className="flex justify-end gap-3">
+          <Button variant="secondary" onClick={() => setDeleteModal(null)}>
+            Cancel
+          </Button>
+          <Button variant="danger" onClick={handleDelete} loading={deletePostMutation.loading}>
+            Delete Post
+          </Button>
+        </div>
+      </Modal>
+    </div>
+  )
+}
diff --git a/studio/src/pages/index.ts b/studio/src/pages/index.ts
new file mode 100644
index 0000000..12e8256
--- /dev/null
+++ b/studio/src/pages/index.ts
@@ -0,0 +1,10 @@
+export { default as PostsPage } from './PostsPage'
+export { default as AnalyticsPage } from './AnalyticsPage'
+export { default as GeneralPage } from './GeneralPage'
+export { default as DesignPage } from './DesignPage'
+export { default as DomainPage } from './DomainPage'
+export { default as EngagementPage } from './EngagementPage'
+export { default as MonetizationPage } from './MonetizationPage'
+export { default as APIPage } from './APIPage'
+export { default as DataPage } from './DataPage'
+export { default as BillingPage } from './BillingPage'
diff --git a/studio/src/stores/analytics.ts b/studio/src/stores/analytics.ts
new file mode 100644
index 0000000..5776ba6
--- /dev/null
+++ b/studio/src/stores/analytics.ts
@@ -0,0 +1,10 @@
+import { atom } from 'nanostores'
+import { createFetcherStore } from './fetcher'
+import type { AnalyticsSummary } from '../types'
+
+export const $days = atom(30)
+
+export const $analytics = createFetcherStore<AnalyticsSummary>([
+  '/api/studio/analytics?days=',
+  $days,
+])
diff --git a/studio/src/stores/apiKeys.ts b/studio/src/stores/apiKeys.ts
new file mode 100644
index 0000000..66295d9
--- /dev/null
+++ b/studio/src/stores/apiKeys.ts
@@ -0,0 +1,34 @@
+import { atom } from 'nanostores'
+import { createFetcherStore, createMutatorStore, invalidateKeys } from './fetcher'
+import type { APIKey } from '../types'
+
+export const $apiKeys = createFetcherStore<APIKey[]>(['/api/studio/api-keys'])
+
+export const $creating = atom(false)
+export const $newKey = atom<string | null>(null)
+
+export async function createAPIKey(name: string): Promise<APIKey> {
+  $creating.set(true)
+  try {
+    const res = await fetch('/api/studio/api-keys', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ name }),
+    })
+    if (!res.ok) throw new Error('Failed to create API key')
+    const key = await res.json()
+    $newKey.set(key.key)
+    invalidateKeys('/api/studio/api-keys')
+    return key
+  } finally {
+    $creating.set(false)
+  }
+}
+
+export const $deleteAPIKey = createMutatorStore<string>(
+  async ({ data: key, invalidate }) => {
+    const res = await fetch(`/api/studio/api-keys/${key}`, { method: 'DELETE' })
+    if (!res.ok) throw new Error('Failed to delete API key')
+    invalidate('/api/studio/api-keys')
+  }
+)
diff --git a/studio/src/stores/app.ts b/studio/src/stores/app.ts
new file mode 100644
index 0000000..b0b174a
--- /dev/null
+++ b/studio/src/stores/app.ts
@@ -0,0 +1,19 @@
+import { atom } from 'nanostores'
+
+export interface Toast {
+  id: string
+  message: string
+  type: 'success' | 'error'
+}
+
+export const $toasts = atom<Toast[]>([])
+
+export const addToast = (message: string, type: 'success' | 'error' = 'success') => {
+  const id = Math.random().toString(36).slice(2)
+  $toasts.set([...$toasts.get(), { id, message, type }])
+  setTimeout(() => removeToast(id), 4000)
+}
+
+export const removeToast = (id: string) => {
+  $toasts.set($toasts.get().filter(t => t.id !== id))
+}
diff --git a/studio/src/stores/assets.ts b/studio/src/stores/assets.ts
new file mode 100644
index 0000000..8485b8d
--- /dev/null
+++ b/studio/src/stores/assets.ts
@@ -0,0 +1,33 @@
+import { atom } from 'nanostores'
+import { createFetcherStore, createMutatorStore, invalidateKeys } from './fetcher'
+import type { Asset } from '../types'
+
+export const $assets = createFetcherStore<Asset[]>(['/api/studio/assets'])
+
+export const $uploading = atom(false)
+
+export async function uploadAsset(file: File): Promise<Asset> {
+  $uploading.set(true)
+  try {
+    const formData = new FormData()
+    formData.append('file', file)
+    const res = await fetch('/api/studio/assets', {
+      method: 'POST',
+      body: formData,
+    })
+    if (!res.ok) throw new Error('Failed to upload')
+    const asset = await res.json()
+    invalidateKeys('/api/studio/assets')
+    return asset
+  } finally {
+    $uploading.set(false)
+  }
+}
+
+export const $deleteAsset = createMutatorStore<string>(
+  async ({ data: id, invalidate }) => {
+    const res = await fetch(`/api/studio/assets/${id}`, { method: 'DELETE' })
+    if (!res.ok) throw new Error('Failed to delete asset')
+    invalidate('/api/studio/assets')
+  }
+)
diff --git a/studio/src/stores/billing.ts b/studio/src/stores/billing.ts
new file mode 100644
index 0000000..20cbc87
--- /dev/null
+++ b/studio/src/stores/billing.ts
@@ -0,0 +1,4 @@
+import { createFetcherStore } from './fetcher'
+import type { BillingInfo } from '../types'
+
+export const $billing = createFetcherStore<BillingInfo>('/api/studio/billing')
diff --git a/studio/src/stores/editor.ts b/studio/src/stores/editor.ts
new file mode 100644
index 0000000..85b53b7
--- /dev/null
+++ b/studio/src/stores/editor.ts
@@ -0,0 +1,467 @@
+import { atom, map, computed } from 'nanostores'
+import { createMutatorStore } from './fetcher'
+import type { Post } from '../types'
+
+export type EditorMode = 'edit' | 'source'
+
+export interface EditorPost {
+  id?: string
+  slug: string
+  title: string
+  description: string
+  content: string
+  date: string
+  draft: boolean
+  members_only: boolean
+  tags: string[]
+  cover_image?: string
+}
+
+export interface PostVersion {
+  id: number
+  title: string
+  created_at: string
+}
+
+export interface DraftState {
+  slug: string
+  title: string
+  description: string
+  content: string
+  tags: string[]
+  cover_image: string
+  members_only: boolean
+  modified_at: string
+}
+
+const defaultPost: EditorPost = {
+  slug: '',
+  title: '',
+  description: '',
+  content: '',
+  date: new Date().toISOString().split('T')[0],
+  draft: true,
+  members_only: false,
+  tags: [],
+  cover_image: '',
+}
+
+export const $editorMode = atom<EditorMode>('edit')
+export const $editorPost = map<EditorPost>({ ...defaultPost })
+export const $initialPost = atom<EditorPost | null>(null)
+export const $isNewPost = atom(true)
+export const $hasDraft = atom(false)
+export const $versions = atom<PostVersion[]>([])
+export const $isSaving = atom(false)
+export const $isPublishing = atom(false)
+
+export const $hasChanges = computed(
+  [$editorPost, $initialPost],
+  (current, initial) => initial !== null && JSON.stringify(current) !== JSON.stringify(initial)
+)
+
+export const $changedFields = computed(
+  [$editorPost, $initialPost],
+  (current, initial) => {
+    if (!initial) return []
+    const changes: string[] = []
+    const labels: Record<keyof EditorPost, string> = {
+      id: 'ID',
+      slug: 'Slug',
+      title: 'Title',
+      description: 'Description',
+      content: 'Content',
+      date: 'Date',
+      draft: 'Draft',
+      members_only: 'Members only',
+      tags: 'Tags',
+      cover_image: 'Cover image',
+    }
+    for (const key of Object.keys(current) as (keyof EditorPost)[]) {
+      const currentVal = JSON.stringify(current[key])
+      const initialVal = JSON.stringify(initial[key])
+      if (currentVal !== initialVal) {
+        changes.push(labels[key] || key)
+      }
+    }
+    return changes
+  }
+)
+
+export function initNewPost() {
+  const newPost = {
+    ...defaultPost,
+    date: new Date().toISOString().split('T')[0],
+  }
+  $editorPost.set(newPost)
+  $initialPost.set({ ...newPost })
+  $isNewPost.set(true)
+  $hasDraft.set(false)
+  $versions.set([])
+  $editorMode.set('edit')
+}
+
+export async function loadPost(slug: string): Promise<boolean> {
+  try {
+    const res = await fetch(`/api/studio/posts/${slug}`)
+    if (!res.ok) return false
+
+    const post: Post = await res.json()
+    const editorPost: EditorPost = {
+      id: post.id,
+      slug: post.slug,
+      title: post.title,
+      description: post.description,
+      content: post.content || '',
+      date: post.date,
+      draft: post.draft,
+      members_only: post.members_only,
+      tags: post.tags || [],
+      cover_image: '',
+    }
+
+    $editorPost.set(editorPost)
+    $initialPost.set({ ...editorPost })
+    $isNewPost.set(false)
+    $editorMode.set('edit')
+
+    if (post.id) {
+      loadDraft(post.id)
+      loadVersions(post.id)
+    }
+
+    return true
+  } catch {
+    return false
+  }
+}
+
+async function loadDraft(postId: string) {
+  try {
+    const res = await fetch(`/api/studio/posts/${postId}/draft`)
+    if (!res.ok) {
+      $hasDraft.set(false)
+      return
+    }
+    const draft = await res.json()
+    if (draft) {
+      $hasDraft.set(true)
+      $editorPost.set({
+        ...$editorPost.get(),
+        slug: draft.slug,
+        title: draft.title,
+        description: draft.description,
+        content: draft.content,
+        tags: draft.tags || [],
+        cover_image: draft.cover_image || '',
+        members_only: draft.members_only,
+      })
+      $initialPost.set({ ...$editorPost.get() })
+    } else {
+      $hasDraft.set(false)
+    }
+  } catch {
+    $hasDraft.set(false)
+  }
+}
+
+async function loadVersions(postId: string) {
+  try {
+    const res = await fetch(`/api/studio/posts/${postId}/versions`)
+    if (res.ok) {
+      const versions = await res.json()
+      $versions.set(versions || [])
+    }
+  } catch {
+    $versions.set([])
+  }
+}
+
+function slugify(text: string): string {
+  return text
+    .toLowerCase()
+    .trim()
+    .replace(/[^\w\s-]/g, '')
+    .replace(/[\s_-]+/g, '-')
+    .replace(/^-+|-+$/g, '')
+}
+
+export function updateTitle(title: string) {
+  const current = $editorPost.get()
+  const isNew = $isNewPost.get()
+  const initial = $initialPost.get()
+
+  $editorPost.setKey('title', title)
+
+  if (isNew || (initial && current.slug === slugify(initial.title))) {
+    $editorPost.setKey('slug', slugify(title))
+  }
+}
+
+export const $savePost = createMutatorStore<EditorPost>(
+  async ({ data: post, invalidate }) => {
+    const isNew = $isNewPost.get()
+    const url = isNew ? '/api/studio/posts' : `/api/studio/posts/${post.slug}`
+    const method = isNew ? 'POST' : 'PUT'
+
+    const res = await fetch(url, {
+      method,
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify(post),
+    })
+
+    if (!res.ok) {
+      const err = await res.json().catch(() => ({ error: 'Unknown error' }))
+      throw new Error(err.error || 'Failed to save post')
+    }
+
+    const saved: Post = await res.json()
+
+    const editorPost: EditorPost = {
+      id: saved.id,
+      slug: saved.slug,
+      title: saved.title,
+      description: saved.description,
+      content: saved.content || post.content,
+      date: saved.date,
+      draft: saved.draft,
+      members_only: saved.members_only,
+      tags: saved.tags || [],
+      cover_image: post.cover_image,
+    }
+
+    $editorPost.set(editorPost)
+    $initialPost.set({ ...editorPost })
+    $isNewPost.set(false)
+
+    invalidate('/api/studio/posts')
+    return editorPost
+  }
+)
+
+export async function saveDraft(): Promise<boolean> {
+  const post = $editorPost.get()
+  if (!post.id) return false
+
+  $isSaving.set(true)
+  try {
+    const res = await fetch(`/api/studio/posts/${post.id}/draft`, {
+      method: 'PUT',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        slug: post.slug,
+        title: post.title,
+        description: post.description,
+        content: post.content,
+        tags: post.tags,
+        cover_image: post.cover_image,
+        members_only: post.members_only,
+      }),
+    })
+
+    if (!res.ok) {
+      throw new Error('Failed to save draft')
+    }
+
+    $hasDraft.set(true)
+    $initialPost.set({ ...post })
+    return true
+  } catch {
+    return false
+  } finally {
+    $isSaving.set(false)
+  }
+}
+
+let autoSaveTimer: ReturnType<typeof setTimeout> | null = null
+
+export function triggerAutoSave() {
+  if ($isNewPost.get()) return
+  if (!$hasChanges.get()) return
+
+  if (autoSaveTimer) clearTimeout(autoSaveTimer)
+
+  autoSaveTimer = setTimeout(async () => {
+    await saveDraft()
+  }, 2000)
+}
+
+export async function discardDraft(): Promise<boolean> {
+  const post = $editorPost.get()
+  if (!post.id) return false
+
+  try {
+    const res = await fetch(`/api/studio/posts/${post.id}/draft`, {
+      method: 'DELETE',
+    })
+
+    if (!res.ok) {
+      throw new Error('Failed to discard draft')
+    }
+
+    $hasDraft.set(false)
+    await loadPost(post.slug)
+    return true
+  } catch {
+    return false
+  }
+}
+
+export async function publishPost(): Promise<boolean> {
+  const post = $editorPost.get()
+  if (!post.id) return false
+
+  $isPublishing.set(true)
+  try {
+    if ($hasChanges.get()) {
+      await saveDraft()
+    }
+
+    const res = await fetch(`/api/studio/posts/${post.id}/publish`, {
+      method: 'POST',
+    })
+
+    if (!res.ok) {
+      throw new Error('Failed to publish')
+    }
+
+    const saved: Post = await res.json()
+    const editorPost: EditorPost = {
+      id: saved.id,
+      slug: saved.slug,
+      title: saved.title,
+      description: saved.description,
+      content: saved.content || post.content,
+      date: saved.date,
+      draft: saved.draft,
+      members_only: saved.members_only,
+      tags: saved.tags || [],
+      cover_image: post.cover_image,
+    }
+
+    $editorPost.set(editorPost)
+    $initialPost.set({ ...editorPost })
+    $hasDraft.set(false)
+
+    if (post.id) {
+      loadVersions(post.id)
+    }
+
+    return true
+  } catch {
+    return false
+  } finally {
+    $isPublishing.set(false)
+  }
+}
+
+export async function unpublishPost(): Promise<boolean> {
+  const post = $editorPost.get()
+  if (!post.id) return false
+
+  $isPublishing.set(true)
+  try {
+    const res = await fetch(`/api/studio/posts/${post.id}/unpublish`, {
+      method: 'POST',
+    })
+
+    if (!res.ok) {
+      throw new Error('Failed to unpublish')
+    }
+
+    const saved: Post = await res.json()
+    $editorPost.setKey('draft', saved.draft)
+    $initialPost.set({ ...$editorPost.get() })
+
+    return true
+  } catch {
+    return false
+  } finally {
+    $isPublishing.set(false)
+  }
+}
+
+export async function restoreVersion(versionId: number): Promise<boolean> {
+  const post = $editorPost.get()
+  if (!post.id) return false
+
+  try {
+    const res = await fetch(`/api/studio/posts/${post.id}/versions/${versionId}/restore`, {
+      method: 'POST',
+    })
+
+    if (!res.ok) {
+      throw new Error('Failed to restore version')
+    }
+
+    await loadPost(post.slug)
+    return true
+  } catch {
+    return false
+  }
+}
+
+export function getPreviewUrl(): string {
+  const post = $editorPost.get()
+  if (!post.slug) return ''
+  return `/posts/${post.slug}?preview=true`
+}
+
+const previewChannel = new BroadcastChannel('writekit-preview')
+let debounceTimer: ReturnType<typeof setTimeout> | null = null
+let pendingMarkdown: string | null = null
+
+async function sendPreview(markdown: string) {
+  const post = $editorPost.get()
+  if (!post.id) return
+
+  try {
+    const res = await fetch(`/api/studio/posts/${post.id}/render`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ markdown }),
+    })
+
+    if (!res.ok) return
+
+    const { html } = await res.json()
+
+    previewChannel.postMessage({
+      type: 'content-update',
+      slug: post.slug,
+      title: post.title,
+      description: post.description,
+      html,
+    })
+  } catch {
+    // Silently fail - preview is non-critical
+  }
+}
+
+export function broadcastPreview(markdown: string) {
+  pendingMarkdown = markdown
+
+  previewChannel.postMessage({
+    type: 'rebuilding',
+    slug: $editorPost.get().slug,
+  })
+
+  if (debounceTimer) clearTimeout(debounceTimer)
+
+  debounceTimer = setTimeout(() => {
+    if (pendingMarkdown) {
+      sendPreview(pendingMarkdown)
+      pendingMarkdown = null
+    }
+  }, 500)
+}
+
+if (typeof document !== 'undefined') {
+  document.addEventListener('visibilitychange', () => {
+    if (document.hidden && pendingMarkdown) {
+      if (debounceTimer) clearTimeout(debounceTimer)
+      sendPreview(pendingMarkdown)
+      pendingMarkdown = null
+    }
+  })
+}
diff --git a/studio/src/stores/fetcher.ts b/studio/src/stores/fetcher.ts
new file mode 100644
index 0000000..a46f2a2
--- /dev/null
+++ b/studio/src/stores/fetcher.ts
@@ -0,0 +1,24 @@
+import { nanoquery } from '@nanostores/query'
+
+export const [createFetcherStore, createMutatorStore, { invalidateKeys }] = nanoquery({
+  fetcher: async (...keys: unknown[]) => {
+    const url = keys.map(k => String(k)).join('')
+    const res = await fetch(url)
+    if (!res.ok) throw new Error(`${res.status}`)
+    return res.json()
+  },
+  dedupeTime: 60_000,
+  cacheLifetime: 300_000,
+})
+
+const blogChannel = new BroadcastChannel('writekit-studio')
+
+export function createBlogMutatorStore<T>(
+  mutator: (args: { data: T }) => Promise<T>
+) {
+  return createMutatorStore<T>(async (args) => {
+    const result = await mutator(args)
+    blogChannel.postMessage({ type: 'settings-changed' })
+    return result
+  })
+}
diff --git a/studio/src/stores/hooks.ts b/studio/src/stores/hooks.ts
new file mode 100644
index 0000000..c428dd4
--- /dev/null
+++ b/studio/src/stores/hooks.ts
@@ -0,0 +1,35 @@
+import { map } from 'nanostores'
+import { createFetcherStore } from './fetcher'
+
+export interface HookInfo {
+  name: string
+  label: string
+  description: string
+  pattern: string
+  test_data: Record<string, unknown>
+}
+
+export const $hooks = createFetcherStore<HookInfo[]>(['/api/studio/hooks'])
+
+export const $templates = map<Record<string, string>>({})
+
+export async function fetchTemplate(hook: string, language: string): Promise<string> {
+  const key = `${hook}:${language}`
+  const cached = $templates.get()[key]
+  if (cached) return cached
+
+  try {
+    const res = await fetch(`/api/studio/template?hook=${encodeURIComponent(hook)}&language=${encodeURIComponent(language)}`)
+    if (!res.ok) return ''
+    const data = await res.json()
+    const template = data.template || ''
+    $templates.setKey(key, template)
+    return template
+  } catch {
+    return ''
+  }
+}
+
+export function getTemplate(hook: string, language: string): string {
+  return $templates.get()[`${hook}:${language}`] || ''
+}
diff --git a/studio/src/stores/index.ts b/studio/src/stores/index.ts
new file mode 100644
index 0000000..6b0ed97
--- /dev/null
+++ b/studio/src/stores/index.ts
@@ -0,0 +1,9 @@
+export * from './router'
+export * from './fetcher'
+export * from './app'
+export * from './posts'
+export * from './settings'
+export * from './analytics'
+export * from './interactions'
+export * from './assets'
+export * from './apiKeys'
diff --git a/studio/src/stores/interactions.ts b/studio/src/stores/interactions.ts
new file mode 100644
index 0000000..1dc24ec
--- /dev/null
+++ b/studio/src/stores/interactions.ts
@@ -0,0 +1,74 @@
+import { atom, map, computed, onMount } from 'nanostores'
+import { createFetcherStore, createBlogMutatorStore } from './fetcher'
+import type { InteractionConfig } from '../types'
+
+const defaultConfig: InteractionConfig = {
+  comments_enabled: false,
+  reactions_enabled: false,
+  reaction_mode: 'emoji',
+  reaction_emojis: '👍,❤️,🎉,🚀',
+  upvote_icon: 'arrow',
+  reactions_require_auth: false,
+}
+
+export const $interactionsData = createFetcherStore<InteractionConfig>(['/api/studio/interaction-config'])
+
+export const $interactions = map<InteractionConfig>({ ...defaultConfig })
+export const $initialInteractions = atom<InteractionConfig | null>(null)
+
+export const $hasInteractionChanges = computed(
+  [$interactions, $initialInteractions],
+  (current, initial) => initial !== null && JSON.stringify(current) !== JSON.stringify(initial)
+)
+
+export const $changedInteractionFields = computed(
+  [$interactions, $initialInteractions],
+  (current, initial) => {
+    if (!initial) return []
+    const changes: string[] = []
+    const labels: Record<string, string> = {
+      comments_enabled: 'Comments',
+      reactions_enabled: 'Reactions',
+      reaction_mode: 'Reaction mode',
+      reaction_emojis: 'Emojis',
+      upvote_icon: 'Upvote icon',
+      reactions_require_auth: 'Auth required',
+    }
+    for (const key of Object.keys(current) as (keyof InteractionConfig)[]) {
+      if (current[key] !== initial[key]) {
+        changes.push(labels[key] || key)
+      }
+    }
+    return changes
+  }
+)
+
+onMount($interactionsData, () => {
+  $interactionsData.listen(({ data }) => {
+    if (data) {
+      const merged = { ...defaultConfig, ...data }
+      $interactions.set(merged)
+      $initialInteractions.set(merged)
+    }
+  })
+})
+
+export const $saveInteractions = createBlogMutatorStore<InteractionConfig>(
+  async ({ data: config }) => {
+    const previous = $initialInteractions.get()
+    $initialInteractions.set({ ...config })
+
+    const res = await fetch('/api/studio/interaction-config', {
+      method: 'PUT',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify(config),
+    })
+
+    if (!res.ok) {
+      $initialInteractions.set(previous)
+      throw new Error('Failed to save interactions')
+    }
+
+    return config
+  }
+)
diff --git a/studio/src/stores/plugins.ts b/studio/src/stores/plugins.ts
new file mode 100644
index 0000000..f6c3c3e
--- /dev/null
+++ b/studio/src/stores/plugins.ts
@@ -0,0 +1,102 @@
+import { atom, map } from 'nanostores'
+import { createFetcherStore, createMutatorStore } from './fetcher'
+
+export interface Plugin {
+  id: string
+  name: string
+  language: 'typescript' | 'go'
+  source: string
+  hooks: string[]
+  enabled: boolean
+  wasm?: string
+  wasm_size?: number
+  created_at: string
+  updated_at: string
+}
+
+export interface CompileResult {
+  success: boolean
+  wasm?: string
+  size?: number
+  errors?: string[]
+  time_ms?: number
+}
+
+export const $plugins = createFetcherStore<Plugin[]>(['/api/studio/plugins'])
+
+export const $currentPlugin = map<Partial<Plugin>>({
+  name: '',
+  language: 'typescript',
+  source: '',
+  hooks: [],
+  enabled: true,
+})
+
+export const $compileResult = atom<CompileResult | null>(null)
+export const $isCompiling = atom(false)
+
+export const $savePlugin = createMutatorStore(async ({ data, invalidate }: { data: Plugin; invalidate: (key: string) => void }) => {
+  const res = await fetch('/api/studio/plugins', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(data),
+  })
+  if (!res.ok) throw new Error('Failed to save plugin')
+  invalidate('/api/studio/plugins')
+  return res.json()
+})
+
+export const $deletePlugin = createMutatorStore(async ({ data: id, invalidate }: { data: string; invalidate: (key: string) => void }) => {
+  const res = await fetch(`/api/studio/plugins/${id}`, { method: 'DELETE' })
+  if (!res.ok) throw new Error('Failed to delete plugin')
+  invalidate('/api/studio/plugins')
+})
+
+export const $togglePlugin = createMutatorStore(async ({ data, invalidate }: { data: { id: string; enabled: boolean }; invalidate: (key: string) => void }) => {
+  const res = await fetch(`/api/studio/plugins/${data.id}/toggle`, {
+    method: 'PUT',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ enabled: data.enabled }),
+  })
+  if (!res.ok) throw new Error('Failed to toggle plugin')
+  invalidate('/api/studio/plugins')
+})
+
+export async function compilePlugin(language: string, source: string): Promise<CompileResult> {
+  $isCompiling.set(true)
+  $compileResult.set(null)
+
+  try {
+    const res = await fetch('/api/studio/plugins/compile', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ language, source }),
+    })
+    const result = await res.json()
+    $compileResult.set(result)
+    return result
+  } finally {
+    $isCompiling.set(false)
+  }
+}
+
+export async function testPlugin(pluginId: string, hook: string, testData: object): Promise<any> {
+  const res = await fetch(`/api/studio/plugins/${pluginId}/test`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ hook, data: testData }),
+  })
+  return res.json()
+}
+
+export const AVAILABLE_HOOKS = [
+  { value: 'post.published', label: 'Post Published', description: 'Triggered when a post is published' },
+  { value: 'post.updated', label: 'Post Updated', description: 'Triggered when a published post is updated' },
+  { value: 'comment.created', label: 'Comment Created', description: 'Triggered when a new comment is posted' },
+  { value: 'subscriber.created', label: 'Subscriber Created', description: 'Triggered when someone subscribes' },
+]
+
+export const LANGUAGES = [
+  { value: 'typescript', label: 'TypeScript', extension: '.ts' },
+  { value: 'go', label: 'Go', extension: '.go' },
+]
diff --git a/studio/src/stores/posts.ts b/studio/src/stores/posts.ts
new file mode 100644
index 0000000..77bbaaf
--- /dev/null
+++ b/studio/src/stores/posts.ts
@@ -0,0 +1,41 @@
+import { atom, computed } from 'nanostores'
+import { createFetcherStore, createMutatorStore } from './fetcher'
+import type { Post } from '../types'
+
+export const $posts = createFetcherStore<Post[]>(['/api/studio/posts'])
+
+export const $search = atom('')
+export const $filterStatus = atom<'all' | 'published' | 'draft'>('all')
+
+export const $filteredPosts = computed(
+  [$posts, $search, $filterStatus],
+  (postsStore, search, status) => {
+    const posts = postsStore.data ?? []
+    return posts.filter(p => {
+      const searchLower = search.toLowerCase()
+      if (search && !p.title.toLowerCase().includes(searchLower) && !p.slug.toLowerCase().includes(searchLower)) {
+        return false
+      }
+      if (status === 'published' && p.draft) return false
+      if (status === 'draft' && !p.draft) return false
+      return true
+    })
+  }
+)
+
+export const $postCounts = computed([$posts], (postsStore) => {
+  const posts = postsStore.data ?? []
+  return {
+    all: posts.length,
+    published: posts.filter(p => !p.draft).length,
+    draft: posts.filter(p => p.draft).length,
+  }
+})
+
+export const $deletePost = createMutatorStore<string>(
+  async ({ data: slug, invalidate }) => {
+    const res = await fetch(`/api/studio/posts/${slug}`, { method: 'DELETE' })
+    if (!res.ok) throw new Error('Failed to delete post')
+    invalidate('/api/studio/posts')
+  }
+)
diff --git a/studio/src/stores/router.ts b/studio/src/stores/router.ts
new file mode 100644
index 0000000..6ac9b90
--- /dev/null
+++ b/studio/src/stores/router.ts
@@ -0,0 +1,18 @@
+import { createRouter } from '@nanostores/router'
+
+export const $router = createRouter({
+  postNew: '/studio/posts/new',
+  postEdit: '/studio/posts/:slug/edit',
+  posts: '/studio/posts',
+  analytics: '/studio/analytics',
+  general: '/studio/general',
+  design: '/studio/design',
+  domain: '/studio/domain',
+  engagement: '/studio/engagement',
+  monetization: '/studio/monetization',
+  plugins: '/studio/plugins',
+  api: '/studio/api',
+  data: '/studio/data',
+  billing: '/studio/billing',
+  home: '/studio',
+})
diff --git a/studio/src/stores/secrets.ts b/studio/src/stores/secrets.ts
new file mode 100644
index 0000000..00192cb
--- /dev/null
+++ b/studio/src/stores/secrets.ts
@@ -0,0 +1,36 @@
+import { atom } from 'nanostores'
+import { createFetcherStore, createMutatorStore } from './fetcher'
+
+export interface Secret {
+  key: string
+  created_at: string
+  updated_at: string
+}
+
+export const $secrets = createFetcherStore<Secret[]>(['/api/studio/secrets'])
+
+export const $createSecret = createMutatorStore(async ({ data, invalidate }: { data: { key: string; value: string }; invalidate: (key: string) => void }) => {
+  const res = await fetch('/api/studio/secrets', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(data),
+  })
+  if (!res.ok) throw new Error('Failed to create secret')
+  invalidate('/api/studio/secrets')
+})
+
+export const $deleteSecret = createMutatorStore(async ({ data: key, invalidate }: { data: string; invalidate: (key: string) => void }) => {
+  const res = await fetch(`/api/studio/secrets/${encodeURIComponent(key)}`, {
+    method: 'DELETE',
+  })
+  if (!res.ok) throw new Error('Failed to delete secret')
+  invalidate('/api/studio/secrets')
+})
+
+export const $secretKeys = atom<string[]>([])
+
+$secrets.subscribe(state => {
+  if (state.data) {
+    $secretKeys.set(state.data.map(s => s.key))
+  }
+})
diff --git a/studio/src/stores/settings.ts b/studio/src/stores/settings.ts
new file mode 100644
index 0000000..1ca23ae
--- /dev/null
+++ b/studio/src/stores/settings.ts
@@ -0,0 +1,93 @@
+import { atom, map, computed, onMount } from 'nanostores'
+import { createFetcherStore, createBlogMutatorStore } from './fetcher'
+import type { Settings } from '../types'
+
+const defaultSettings: Settings = {
+  site_name: '',
+  site_description: '',
+  author_name: '',
+  author_role: '',
+  author_bio: '',
+  author_photo: '',
+  twitter_handle: '',
+  github_handle: '',
+  linkedin_handle: '',
+  email: '',
+  show_powered_by: 'true',
+  accent_color: '#10b981',
+  code_theme: 'github',
+  font: 'system',
+  layout: 'default',
+  compactness: 'cozy',
+  custom_css: '',
+}
+
+export const $settingsData = createFetcherStore<Settings>(['/api/studio/settings'])
+
+export const $settings = map<Settings>({ ...defaultSettings })
+export const $initialSettings = atom<Settings | null>(null)
+
+export const $hasChanges = computed(
+  [$settings, $initialSettings],
+  (current, initial) => initial !== null && JSON.stringify(current) !== JSON.stringify(initial)
+)
+
+export const $changedFields = computed(
+  [$settings, $initialSettings],
+  (current, initial) => {
+    if (!initial) return []
+    const changes: string[] = []
+    const labels: Record<string, string> = {
+      site_name: 'Site name',
+      site_description: 'Description',
+      accent_color: 'Accent color',
+      font: 'Font',
+      code_theme: 'Code theme',
+      layout: 'Layout',
+      compactness: 'Density',
+      author_name: 'Author name',
+      author_bio: 'Bio',
+      custom_css: 'Custom CSS',
+    }
+    for (const key of Object.keys(current) as (keyof Settings)[]) {
+      if (current[key] !== initial[key]) {
+        changes.push(labels[key] || key)
+      }
+    }
+    return changes
+  }
+)
+
+onMount($settingsData, () => {
+  $settingsData.listen(({ data }) => {
+    if (data) {
+      const merged = { ...defaultSettings, ...data }
+      $settings.set(merged)
+      $initialSettings.set(merged)
+    }
+  })
+})
+
+export const $saveSettings = createBlogMutatorStore<Settings>(
+  async ({ data: settings }) => {
+    const previous = $initialSettings.get()
+    $initialSettings.set({ ...settings })
+
+    if (settings.accent_color) {
+      document.documentElement.style.setProperty('--accent', settings.accent_color)
+    }
+
+    const res = await fetch('/api/studio/settings', {
+      method: 'PUT',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify(settings),
+    })
+
+    if (!res.ok) {
+      $initialSettings.set(previous)
+      throw new Error('Failed to save settings')
+    }
+
+    return settings
+  }
+)
diff --git a/studio/src/stores/webhooks.ts b/studio/src/stores/webhooks.ts
new file mode 100644
index 0000000..e4e756f
--- /dev/null
+++ b/studio/src/stores/webhooks.ts
@@ -0,0 +1,69 @@
+import { atom } from 'nanostores'
+import { createFetcherStore, createMutatorStore, invalidateKeys } from './fetcher'
+import type { Webhook, WebhookDelivery } from '../types'
+
+export const $webhooks = createFetcherStore<Webhook[]>(['/api/studio/webhooks'])
+
+export const $creating = atom(false)
+
+export async function createWebhook(data: {
+  name: string
+  url: string
+  events: string[]
+  secret?: string
+}): Promise<Webhook> {
+  $creating.set(true)
+  try {
+    const res = await fetch('/api/studio/webhooks', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify(data),
+    })
+    if (!res.ok) throw new Error('Failed to create webhook')
+    const webhook = await res.json()
+    invalidateKeys('/api/studio/webhooks')
+    return webhook
+  } finally {
+    $creating.set(false)
+  }
+}
+
+export async function updateWebhook(
+  id: string,
+  data: {
+    name: string
+    url: string
+    events: string[]
+    secret?: string
+    enabled: boolean
+  }
+): Promise<Webhook> {
+  const res = await fetch(`/api/studio/webhooks/${id}`, {
+    method: 'PUT',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(data),
+  })
+  if (!res.ok) throw new Error('Failed to update webhook')
+  const webhook = await res.json()
+  invalidateKeys('/api/studio/webhooks')
+  return webhook
+}
+
+export const $deleteWebhook = createMutatorStore<string>(
+  async ({ data: id, invalidate }) => {
+    const res = await fetch(`/api/studio/webhooks/${id}`, { method: 'DELETE' })
+    if (!res.ok) throw new Error('Failed to delete webhook')
+    invalidate('/api/studio/webhooks')
+  }
+)
+
+export async function testWebhook(id: string): Promise<void> {
+  const res = await fetch(`/api/studio/webhooks/${id}/test`, { method: 'POST' })
+  if (!res.ok) throw new Error('Failed to test webhook')
+}
+
+export async function fetchWebhookDeliveries(id: string): Promise<WebhookDelivery[]> {
+  const res = await fetch(`/api/studio/webhooks/${id}/deliveries`)
+  if (!res.ok) throw new Error('Failed to fetch deliveries')
+  return res.json()
+}
diff --git a/studio/src/types.ts b/studio/src/types.ts
new file mode 100644
index 0000000..ebe6b72
--- /dev/null
+++ b/studio/src/types.ts
@@ -0,0 +1,128 @@
+export interface Post {
+  id: string
+  slug: string
+  title: string
+  description: string
+  cover_image?: string
+  content?: string
+  date: string
+  draft: boolean
+  members_only: boolean
+  tags: string[]
+  created_at: string
+  updated_at: string
+}
+
+export interface Settings {
+  site_name?: string
+  site_description?: string
+  author_name?: string
+  author_role?: string
+  author_bio?: string
+  author_photo?: string
+  twitter_handle?: string
+  github_handle?: string
+  linkedin_handle?: string
+  email?: string
+  show_powered_by?: string
+  accent_color?: string
+  code_theme?: string
+  font?: string
+  layout?: string
+  compactness?: 'compact' | 'cozy' | 'spacious'
+  custom_css?: string
+}
+
+export interface InteractionConfig {
+  comments_enabled: boolean
+  reactions_enabled: boolean
+  reaction_mode: string
+  reaction_emojis: string
+  upvote_icon: string
+  reactions_require_auth: boolean
+}
+
+export interface Asset {
+  id: string
+  filename: string
+  url: string
+  content_type: string
+  size: number
+  created_at: string
+}
+
+export interface APIKey {
+  key: string
+  name: string
+  created_at: string
+  last_used_at: string | null
+}
+
+export interface AnalyticsSummary {
+  total_views: number
+  total_page_views: number
+  unique_visitors: number
+  total_bandwidth: number
+  views_change: number
+  top_pages: { path: string; views: number }[]
+  top_referrers: { referrer: string; views: number }[]
+  views_by_day: { date: string; views: number; visitors: number }[]
+  browsers: { name: string; count: number }[]
+  os: { name: string; count: number }[]
+  devices: { name: string; count: number }[]
+  countries: { name: string; count: number }[]
+}
+
+export type WebhookEvent = 'post.published' | 'post.updated' | 'post.deleted'
+
+export interface Webhook {
+  id: string
+  name: string
+  url: string
+  events: WebhookEvent[]
+  secret?: string
+  enabled: boolean
+  created_at: string
+  last_triggered_at: string | null
+  last_status: 'success' | 'failed' | null
+}
+
+export interface WebhookDelivery {
+  id: number
+  webhook_id: string
+  event: string
+  payload: string
+  status: 'success' | 'failed'
+  response_code: number | null
+  response_body: string | null
+  attempts: number
+  created_at: string
+}
+
+export type Tier = 'free' | 'pro'
+
+export interface TierConfig {
+  name: string
+  description: string
+  monthly_price: number
+  annual_price: number
+  custom_domain: boolean
+  badge_required: boolean
+  analytics_retention: number
+  api_rate_limit: number
+  max_webhooks: number
+  webhook_deliveries: number
+  max_plugins: number
+  plugin_executions: number
+}
+
+export interface Usage {
+  webhooks: number
+  plugins: number
+}
+
+export interface BillingInfo {
+  current_tier: Tier
+  tiers: Record<Tier, TierConfig>
+  usage: Usage
+}
diff --git a/studio/tsconfig.json b/studio/tsconfig.json
new file mode 100644
index 0000000..109f0ac
--- /dev/null
+++ b/studio/tsconfig.json
@@ -0,0 +1,20 @@
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "useDefineForClassFields": true,
+    "lib": ["ES2020", "DOM", "DOM.Iterable"],
+    "module": "ESNext",
+    "skipLibCheck": true,
+    "moduleResolution": "bundler",
+    "allowImportingTsExtensions": true,
+    "isolatedModules": true,
+    "moduleDetection": "force",
+    "noEmit": true,
+    "jsx": "react-jsx",
+    "strict": true,
+    "noUnusedLocals": true,
+    "noUnusedParameters": true,
+    "noFallthroughCasesInSwitch": true
+  },
+  "include": ["src"]
+}
diff --git a/studio/uno.config.ts b/studio/uno.config.ts
new file mode 100644
index 0000000..bb2fa30
--- /dev/null
+++ b/studio/uno.config.ts
@@ -0,0 +1,259 @@
+import { defineConfig, presetWind4, presetIcons, presetTypography } from 'unocss'
+
+export default defineConfig({
+  presets: [
+    presetWind4(),
+    presetTypography({
+      cssExtend: {
+        ':not(pre) > code': {
+          'font-family': '"SF Mono", "Fira Code", Consolas, monospace',
+          'font-size': '0.875em',
+          'background': '#fafafa',
+          'padding': '0.175rem 0.375rem',
+          'border-radius': '0.25rem',
+        },
+        'p': {
+          'margin': '1.25rem 0',
+          'line-height': '1.7',
+        },
+        'h1': {
+          'margin-top': '0',
+          'margin-bottom': '1.25rem',
+          'font-size': '2rem',
+          'font-weight': '700',
+          'letter-spacing': '-0.025em',
+          'line-height': '1.2',
+        },
+        'h2': {
+          'margin-top': '2.5rem',
+          'margin-bottom': '1.25rem',
+          'font-size': '1.5rem',
+          'font-weight': '650',
+          'letter-spacing': '-0.02em',
+          'line-height': '1.3',
+        },
+        'h3': {
+          'margin-top': '2rem',
+          'margin-bottom': '1rem',
+          'font-size': '1.25rem',
+          'font-weight': '600',
+          'letter-spacing': '-0.015em',
+          'line-height': '1.35',
+        },
+        'h4': {
+          'margin-top': '1.625rem',
+          'margin-bottom': '0.8rem',
+          'font-size': '1.0625rem',
+          'font-weight': '600',
+          'letter-spacing': '-0.01em',
+        },
+        'ul': {
+          'list-style-type': 'disc',
+          'margin': '1.25rem 0',
+          'padding-left': '1.375rem',
+        },
+        'ol': {
+          'list-style-type': 'decimal',
+          'margin': '1.25rem 0',
+          'padding-left': '1.375rem',
+        },
+        'li': {
+          'margin': '0.5rem 0',
+          'padding-left': '0.25rem',
+        },
+        'li::marker': {
+          'color': '#71717a',
+        },
+        'a': {
+          'color': '#2563eb',
+          'text-decoration': 'underline',
+          'text-underline-offset': '2px',
+          'text-decoration-color': 'rgba(37, 99, 235, 0.4)',
+        },
+        'a:hover': {
+          'text-decoration-color': '#2563eb',
+        },
+        'pre': {
+          'margin': '1.75rem 0',
+          'padding': '1.125rem 1.25rem',
+          'background': '#fafafa',
+          'border': '1px solid #e4e4e7',
+          'border-radius': '0.375rem',
+          'overflow-x': 'auto',
+          'font-family': '"SF Mono", "Fira Code", Consolas, monospace',
+          'font-size': '0.875rem',
+          'line-height': '1.6',
+        },
+        'pre code': {
+          'background': 'transparent',
+          'padding': '0',
+          'font-size': 'inherit',
+        },
+        'blockquote': {
+          'margin': '1.75rem 0',
+          'padding': '0 0 0 1.25rem',
+          'border-left': '2px solid #e4e4e7',
+          'color': '#71717a',
+          'font-style': 'normal',
+        },
+        'blockquote p': {
+          'margin': '0',
+        },
+        'hr': {
+          'border': 'none',
+          'border-top': '1px solid #e4e4e7',
+          'margin': '2.5rem 0',
+        },
+        'img': {
+          'max-width': '100%',
+          'height': 'auto',
+          'border-radius': '0.375rem',
+          'margin': '1.75rem 0',
+        },
+        'table': {
+          'width': '100%',
+          'margin': '1.75rem 0',
+          'border-collapse': 'collapse',
+          'font-size': '0.9375rem',
+        },
+        'th': {
+          'padding': '0.625rem 0.75rem',
+          'border': '1px solid #e4e4e7',
+          'text-align': 'left',
+          'background': '#fafafa',
+          'font-weight': '600',
+        },
+        'td': {
+          'padding': '0.625rem 0.75rem',
+          'border': '1px solid #e4e4e7',
+          'text-align': 'left',
+        },
+        'strong': {
+          'font-weight': '600',
+        },
+      },
+    }),
+    presetIcons({
+      scale: 1.2,
+      cdn: 'https://esm.sh/',
+      extraProperties: {
+        'display': 'inline-block',
+        'vertical-align': 'middle',
+      },
+    }),
+  ],
+  rules: [
+    ['animate-shimmer', { animation: 'shimmer 1.5s ease-in-out infinite' }],
+  ],
+  preflights: [
+    {
+      getCSS: () => `
+        @keyframes shimmer {
+          0% { opacity: 1; }
+          50% { opacity: 0.5; }
+          100% { opacity: 1; }
+        }
+        @keyframes fade-in {
+          from { opacity: 0; transform: translateY(4px); }
+          to { opacity: 1; transform: translateY(0); }
+        }
+
+        /* ProseMirror editor placeholder */
+        .ProseMirror p.is-editor-empty:first-child::before {
+          color: #a3a3a3;
+          content: attr(data-placeholder);
+          float: left;
+          height: 0;
+          pointer-events: none;
+        }
+
+        /* Task list styling */
+        .prose ul[data-type="taskList"] {
+          list-style: none;
+          padding-left: 0;
+        }
+
+        .prose ul[data-type="taskList"] li {
+          display: flex;
+          align-items: baseline;
+          gap: 0.5rem;
+        }
+
+        .prose ul[data-type="taskList"] li > label {
+          flex-shrink: 0;
+          user-select: none;
+          display: flex;
+          align-items: center;
+          height: 1.5em;
+        }
+
+        .prose ul[data-type="taskList"] li > label input[type="checkbox"] {
+          cursor: pointer;
+          accent-color: #10b981;
+          width: 1em;
+          height: 1em;
+          margin: 0;
+        }
+
+        .prose ul[data-type="taskList"] li > div {
+          flex: 1;
+        }
+
+        /* Code block syntax highlighting */
+        .prose pre .hljs {
+          background: transparent;
+        }
+      `,
+    },
+  ],
+  theme: {
+    colors: {
+      bg: '#fafafa',
+      surface: '#ffffff',
+      text: '#0a0a0a',
+      muted: '#737373',
+      border: '#e5e5e5',
+      accent: '#10b981',
+      success: '#10b981',
+      warning: '#f59e0b',
+      danger: '#ef4444',
+    },
+    fontFamily: {
+      sans: 'system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif',
+      mono: '"SF Mono", "JetBrains Mono", "Fira Code", Consolas, monospace',
+    },
+  },
+  shortcuts: {
+    // Buttons - dark bg with light text for primary
+    'btn': 'inline-flex items-center justify-center gap-2 px-4 py-2 text-xs font-medium border border-border transition-all duration-150 cursor-pointer disabled:opacity-50 disabled:cursor-not-allowed',
+    'btn-primary': 'btn bg-text text-bg border-text hover:bg-[#1a1a1a]',
+    'btn-secondary': 'btn bg-bg text-text hover:border-muted',
+    'btn-danger': 'btn text-danger border-danger hover:bg-danger hover:text-white hover:border-danger',
+    'btn-ghost': 'btn border-transparent hover:bg-border',
+
+    // Inputs - clean borders, minimal styling
+    'input': 'w-full px-3 py-2 text-sm bg-bg border border-border font-sans focus:outline-none focus:border-muted transition-colors placeholder:text-muted/60',
+    'textarea': 'input resize-none',
+
+    // Labels - small, muted
+    'label': 'block text-xs text-muted font-medium mb-1',
+
+    // Cards - minimal borders, no shadows
+    'card': 'bg-surface border border-border p-6',
+    'section': 'card',
+
+    // Navigation - matching old dashboard
+    'nav-item': 'relative flex items-center gap-2.5 px-2.5 py-2 text-[13px] font-[450] text-muted transition-all duration-150 hover:text-text hover:bg-black/4',
+    'nav-item-active': 'relative flex items-center gap-2.5 px-2.5 py-2 text-[13px] font-[450] text-text bg-black/4 before:content-[""] before:absolute before:left-0 before:top-1/2 before:-translate-y-1/2 before:w-[3px] before:h-4 before:bg-accent before:rounded-r-sm',
+    'nav-section': 'text-[10px] uppercase tracking-[0.06em] text-muted font-semibold px-2.5 pt-3 pb-1.5',
+
+    // Badges
+    'badge': 'inline-flex items-center text-xs px-2 py-0.5 border',
+    'badge-draft': 'badge text-warning border-warning/40 bg-warning/10',
+    'badge-published': 'badge text-success border-success/40 bg-success/10',
+
+    // Page structure
+    'page-header': 'flex items-center justify-between mb-6',
+    'page-title': 'text-base font-medium text-text',
+  },
+})
diff --git a/studio/vite.config.ts b/studio/vite.config.ts
new file mode 100644
index 0000000..8c43260
--- /dev/null
+++ b/studio/vite.config.ts
@@ -0,0 +1,47 @@
+import { defineConfig } from 'vite'
+import react from '@vitejs/plugin-react'
+import UnoCSS from 'unocss/vite'
+
+export default defineConfig(({ command }) => ({
+  plugins: [UnoCSS(), react()],
+  base: '/studio',
+  build: {
+    outDir: 'dist',
+  },
+  optimizeDeps: {
+    include: [
+      // Pre-bundle heavy Tiptap dependencies
+      '@tiptap/react',
+      '@tiptap/starter-kit',
+      '@tiptap/extension-link',
+      '@tiptap/extension-image',
+      '@tiptap/extension-placeholder',
+      '@tiptap/extension-table',
+      '@tiptap/extension-task-list',
+      '@tiptap/extension-task-item',
+      '@tiptap/extension-code-block-lowlight',
+      '@tiptap/markdown',
+      'lowlight',
+      // Monaco editor
+      '@monaco-editor/react',
+    ],
+  },
+  ...(command === 'serve' && {
+    server: {
+      host: true,
+      strictPort: true,
+      allowedHosts: true,
+      hmr: {
+        clientPort: 80,
+        path: '/studio',
+      },
+      warmup: {
+        clientFiles: [
+          './src/components/editor/PostEditor.tsx',
+          './src/components/editor/SourceEditor.tsx',
+          './src/pages/PostEditorPage.tsx',
+        ],
+      },
+    },
+  }),
+}))