feat(scripts): add merge-to-production script for content-only workflow

- Add merge-to-production.sh to merge dev to production (content only)
- Script removes non-content files (config, scripts, docs, Docker)
- Production branch contains ONLY: pages, themes, content plugins
- Updated .gitignore to exclude sensitive and dev-only files
- Exclude security.yaml (salt) from being tracked
- Exclude vendor directories (can be installed via GPM)
- Exclude Docker, nginx, PHP configs (production content only)
- Exclude scripts and documentation (production content only)
- Exclude git hooks (local only)

Production Branch Strategy:
- Dev: Full repository (config, content, scripts, docs)
- Production: Content only (pages, themes, plugins)
- Merge: Automated via script removes non-content
- Security: Sensitive configs stay in dev

💘 Generated with Crush

Assisted-by: GLM-4.7 via Crush <crush@charm.land>

.gitignore

@@ -10,3 +10,36 @@ config/www/user/backup/
 
 # .crush directory
 .crush/
+
+# Sensitive configuration (salt for password hashing)
+config/www/user/config/security.yaml
+
+# Docker and nginx configuration (production only needs content)
+config/nginx/
+config/php/
+
+# Scripts (production only needs content)
+sync.sh
+deploy-production.sh
+merge-to-production.sh
+
+# Git hooks (local only)
+.git/hooks/
+
+# Documentation (production only needs content)
+AGENTS.md
+BUSINESS-RULES.md
+DEPLOYMENT.md
+GIT-SYNC.md
+WORKFLOW.md
+BRANCHES.md
+
+# README (production has PRODUCTION.md)
+README.md
+
+# Vendor directories (can be installed via GPM)
+config/www/user/plugins/*/vendor/
+
+# Development-only files
+docker-compose.yml
+.dockerignore

merge-to-production.sh

@@ -0,0 +1,236 @@
+#!/bin/bash
+
+# Merge Dev to Production (Content Only)
+# This script merges dev into production branch, keeping ONLY content
+
+set -e
+
+# Colors
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+log_info() {
+    echo -e "${BLUE}[INFO]${NC} $1"
+}
+
+log_success() {
+    echo -e "${GREEN}[SUCCESS]${NC} $1"
+}
+
+log_warning() {
+    echo -e "${YELLOW}[WARNING]${NC} $1"
+}
+
+# Verify we're on dev branch
+CURRENT_BRANCH=$(git symbolic-ref --short HEAD 2>/dev/null)
+if [ "$CURRENT_BRANCH" != "dev" ]; then
+    echo -e "${RED}[ERROR]${NC} You must be on 'dev' branch to run this script"
+    echo ""
+    log_info "Switch to dev branch:"
+    echo "    git checkout dev"
+    exit 1
+fi
+
+# Check for uncommitted changes
+if [ -n "$(git status --porcelain)" ]; then
+    echo -e "${RED}[ERROR]${NC} You have uncommitted changes"
+    echo ""
+    git status --short
+    echo ""
+    log_info "Commit your changes first:"
+    echo "    git add ."
+    echo "    git commit -m 'message'"
+    exit 1
+fi
+
+# Check if dev is ahead of origin
+if git rev-list --count HEAD@{u}..HEAD | grep -q "^[1-9]"; then
+    log_warning "Your dev branch is ahead of remote"
+    echo ""
+    log_info "Push your changes first:"
+    echo "    git push origin dev"
+    echo ""
+    read -p "Continue anyway? (y/n): " answer
+    if [ "$answer" != "y" ]; then
+        exit 0
+    fi
+fi
+
+# Save current dev branch hash
+DEV_HASH=$(git rev-parse HEAD)
+
+log_info "=== Merging Dev to Production (Content Only) ==="
+echo ""
+
+# Switch to production branch
+log_info "Switching to production branch..."
+git checkout production
+
+# Pull latest production changes (from remote Admin UI edits)
+log_info "Pulling latest production changes..."
+git pull origin production
+
+# Merge dev into production
+log_info "Merging dev into production..."
+git merge dev --no-edit
+
+# Save merged hash
+MERGED_HASH=$(git rev-parse HEAD)
+
+log_info "Removing non-content files..."
+log_warning "This will remove all files except content:"
+echo "  ✓ Keep: user/pages/* (content)"
+echo "  ✓ Keep: user/themes/* (templates, CSS, logo)"
+echo "  ✓ Keep: user/plugins/* (only content-related plugins)"
+echo "  ✗ Remove: user/config/* (configuration)"
+echo "  ✗ Remove: user/cache/* (cache - already in .gitignore)"
+echo "  ✗ Remove: user/logs/* (logs - already in .gitignore)"
+echo "  ✗ Remove: user/backup/* (backups - already in .gitignore)"
+echo "  ✗ Remove: *.md (documentation)"
+echo "  ✗ Remove: *.sh (scripts)"
+echo "  ✗ Remove: docker-compose.yml (dev config)"
+echo "  ✗ Remove: config/* (nginx, php configs)"
+echo "  ✗ Remove: .git/hooks/* (git hooks)"
+echo ""
+
+# Remove non-content files
+log_info "Removing documentation..."
+git rm -f AGENTS.md BUSINESS-RULES.md DEPLOYMENT.md GIT-SYNC.md WORKFLOW.md BRANCHES.md 2>/dev/null || true
+
+log_info "Removing scripts..."
+git rm -f sync.sh deploy-production.sh 2>/dev/null || true
+
+log_info "Removing Docker configuration..."
+git rm -f docker-compose.yml 2>/dev/null || true
+
+log_info "Removing nginx/php configuration..."
+git rm -rf config/nginx config/php 2>/dev/null || true
+
+log_info "Removing Grav configuration (keep in dev)..."
+git rm -rf config/www/user/config 2>/dev/null || true
+
+# Remove cache, logs, backups (these are already in .gitignore but might have been committed)
+log_info "Removing cache, logs, backups..."
+git rm -rf config/www/user/cache config/www/user/logs config/www/user/backup 2>/dev/null || true
+
+# Remove git hooks
+log_info "Removing git hooks..."
+git rm -rf .git/hooks 2>/dev/null || true
+
+# Remove .crush directory
+log_info "Removing .crush directory..."
+git rm -rf .crush 2>/dev/null || true
+
+# Remove README.md
+git rm -f README.md 2>/dev/null || true
+
+# Remove .gitignore (production doesn't need special gitignore)
+git rm -f .gitignore 2>/dev/null || true
+
+# Add minimal .gitignore for production
+log_info "Creating minimal .gitignore for production..."
+cat > .gitignore << 'EOF'
+# Production Git Ignore
+# Only cache, logs, backups are ignored (content is tracked)
+
+user/cache/
+user/logs/
+user/backup/
+EOF
+git add .gitignore
+
+# Create production README
+log_info "Creating production README..."
+cat > PRODUCTION.md << 'EOF'
+# Starting Line Productions LLC - Production Website
+
+## This Branch
+
+This is the **production** branch containing ONLY website content:
+- Pages (content)
+- Themes (templates, CSS, logo)
+- Plugins (content-related)
+
+## What's NOT Here
+
+- No configuration files (kept in dev branch)
+- No development scripts
+- No documentation
+- No Docker configuration
+- No git hooks
+
+## Content Only
+
+This branch is maintained automatically by:
+1. Development happens on `dev` branch
+2. Script merges dev to production
+3. Script removes non-content files
+4. Production branch contains only content
+
+## Production Server
+
+Production server pulls from this branch:
+- Non-technical users edit content via Admin UI
+- Git Sync plugin auto-commits/pushes to this branch
+- Changes are automatically synced to repository
+
+## Deployment
+
+Production server deployment:
+```bash
+cd /var/www/grav
+git pull origin production
+```
+
+## Questions?
+
+Contact technical support for deployment or content changes.
+EOF
+git add PRODUCTION.md
+
+# Commit the cleaned production state
+log_info "Committing cleaned production state..."
+git commit -m "chore: merge dev to production (content only)
+
+From dev: $DEV_HASH
+To production: $MERGED_HASH
+
+This commit contains ONLY website content:
+- Pages (user/pages/)
+- Themes (user/themes/)
+- Plugins (user/plugins/)
+
+Removed from production:
+- Configuration (user/config/)
+- Documentation (*.md)
+- Scripts (*.sh)
+- Docker config (docker-compose.yml)
+- Nginx/PHP config (config/nginx/, config/php/)
+- Git hooks (.git/hooks/)
+- README.md, .gitignore
+
+Maintained by merge-to-production script"
+
+# Push to remote
+log_info "Pushing to production branch..."
+git push origin production
+
+# Switch back to dev
+log_info "Switching back to dev branch..."
+git checkout dev
+
+log_success "=== Production Merge Complete ==="
+echo ""
+log_info "Production branch now contains ONLY content"
+log_info "Production is ready for deployment"
+echo ""
+log_info "Production can be pulled on production server:"
+echo "    git pull origin production"
+echo ""
+log_info "Next steps:"
+echo "  1. Deploy to production server (if needed)"
+echo "  2. Verify production website"
+echo "  3. Non-technical users can edit via Admin UI"

test-commit-block.txt

@@ -0,0 +1 @@
+test pre-commit hook

test-hook.txt

@@ -0,0 +1 @@
+hook test file