diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 3abc55bb..8761cf25 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -15,13 +15,17 @@ before_script:
 build:
   stage: build
   script:
+    # download and install Hugo
     - wget https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_${HUGO_VERSION}_Linux-64bit.tar.gz
     - echo "${HUGO_SHA}  hugo_${HUGO_VERSION}_Linux-64bit.tar.gz" | sha256sum -c
     - tar xf hugo_${HUGO_VERSION}_Linux-64bit.tar.gz && cp ./hugo /usr/bin
+
+    # build site
     - rm -rf public
     - hugo
   artifacts:
     paths:
+      # send built site to deploy stage
       - public
 
 deploy:
@@ -29,31 +33,28 @@ deploy:
   dependencies:
     - build
   script:
+    # install awscli
     - pip install --quiet --no-cache-dir awscli==${AWSCLI_VERSION}
 
-    - aws configure set preview.cloudfront true
-    - aws configure set preview.create-invalidation true
+    # upload all files
     - aws s3 sync ./public s3://$S3_BUCKET_NAME --delete --region us-east-1 --cache-control "max-age=86400, public" --metadata-directive "REPLACE"
 
-    # set certain content-types manually because S3 sucks at guessing
+    # set cache-control and certain content-types manually because S3 sucks at guessing
     - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.ico"   --content-type="image/x-icon"    --cache-control "max-age=604800, public"   --metadata-directive="REPLACE" --recursive
     - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.svg"   --content-type="image/svg+xml"   --cache-control "max-age=2628000, public"  --metadata-directive="REPLACE" --recursive
     - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.ttf"   --content-type="font/ttf"        --cache-control "max-age=2628000, public"  --metadata-directive="REPLACE" --recursive
     - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.otf"   --content-type="font/otf"        --cache-control "max-age=2628000, public"  --metadata-directive="REPLACE" --recursive
-    - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.eot"   --content-type="application/vnd.ms-fontobject"  --cache-control "max-age=2628000, public"  --metadata-directive="REPLACE" --recursive
+    - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.eot"   --content-type="application/vnd.ms-fontobject" --cache-control "max-age=2628000, public" --metadata-directive="REPLACE" --recursive
     - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.woff"  --content-type="font/woff"       --cache-control "max-age=2628000, public"  --metadata-directive="REPLACE" --recursive
     - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.woff2" --content-type="font/woff2"      --cache-control "max-age=2628000, public"  --metadata-directive="REPLACE" --recursive
     - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.xml"   --content-type="text/xml"        --cache-control "max-age=3600, public"     --metadata-directive="REPLACE" --recursive
     - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.mp4"   --content-type="video/mp4"       --cache-control "max-age=604800, public"   --metadata-directive="REPLACE" --recursive
     - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.webm"  --content-type="video/webm"      --cache-control "max-age=604800, public"   --metadata-directive="REPLACE" --recursive
-    - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.docx"  --content-type="application/vnd.openxmlformats-officedocument.wordprocessingml.document"  --cache-control "max-age=604800, public"  --metadata-directive="REPLACE" --recursive
+    - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.docx"  --content-type="application/vnd.openxmlformats-officedocument.wordprocessingml.document" --cache-control "max-age=604800, public" --metadata-directive="REPLACE" --recursive
     - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.pdf"   --content-type="application/pdf" --cache-control "max-age=604800, public"   --metadata-directive="REPLACE" --recursive
 
-    # a few caching improvements
+    # a few more caching improvements
     - aws s3 cp s3://$S3_BUCKET_NAME s3://$S3_BUCKET_NAME --exclude "*" --include "*.css" --include "*.js" --include "*.jpg" --include "*.png" --include "*.gif" --cache-control "max-age=604800, public" --metadata-directive="REPLACE" --recursive
-    - aws s3 cp s3://$S3_BUCKET_NAME/jarvis.asc s3://$S3_BUCKET_NAME/jarvis.asc --content-type="text/plain; charset=utf-8" --cache-control "max-age=0, no-cache, no-store" --content-disposition "inline; filename=\"jarvis.asc\"" --metadata-directive="REPLACE"
-
-    # invalidate entire CloudFront cache
-    - aws cloudfront create-invalidation --distribution-id $DISTRIBUTION_ID --paths "/*";
+    - aws s3 cp s3://$S3_BUCKET_NAME/jarvis.asc s3://$S3_BUCKET_NAME/jarvis.asc --content-type="text/plain; charset=utf-8" --cache-control "max-age=0, no-store, no-cache, must-revalidate" --content-disposition "inline; filename=\"jarvis.asc\"" --metadata-directive="REPLACE"
   only:
     - master
diff --git a/LICENSE b/LICENSE.md
similarity index 100%
rename from LICENSE
rename to LICENSE.md
diff --git a/README.md b/README.md
index 2dfe0cd3..ae04aafb 100644
--- a/README.md
+++ b/README.md
@@ -1,11 +1,12 @@
-# [jarv.is](https://jarv.is/)
+# [jarv.is](https://jarv.is/) 🐼
 
 [![pipeline status](https://git.jarv.is/jake/jarv.is/badges/master/pipeline.svg)](https://git.jarv.is/jake/jarv.is/commits/master)
 
 Personal website of [@jakejarvis](https://github.com/jakejarvis), created and deployed using the following:
 
 - [Hugo](https://github.com/gohugoio/hugo)
-- [AWS S3/CloudFront/Lambda](https://aws.amazon.com/)
+- [Amazon S3](https://aws.amazon.com/)
+- [CloudFlare Workers](https://developers.cloudflare.com/workers/about/)
 - [GitLab CI](https://git.jarv.is/jake/jarv.is/pipelines)
 - [Matomo Analytics](https://matomo.org/)
 
diff --git a/config.toml b/config.toml
index 3570f454..0c3cb73a 100644
--- a/config.toml
+++ b/config.toml
@@ -2,8 +2,6 @@ baseURL = "https://jarv.is/"
 languageCode = "en-us"
 title = "Jake Jarvis"
 
-disableHugoGeneratorInject = true
-
 disableKinds = ["taxonomy", "taxonomyTerm", "RSS"]
 
 [taxonomies]
diff --git a/lambda.js b/lambda.js
deleted file mode 100644
index bc089a70..00000000
--- a/lambda.js
+++ /dev/null
@@ -1,68 +0,0 @@
-'use strict';
-exports.handler = (event, context, callback) => {
-    // Get contents of response
-    const response = event.Records[0].cf.response;
-
-    response.headers['Strict-Transport-Security'] = [{
-      key: 'Strict-Transport-Security',
-      value: "max-age=31536000; includeSubdomains"
-    }];
-    response.headers['X-Frame-Options'] = [{
-      key: 'X-Frame-Options',
-      value: "SAMEORIGIN"
-    }];
-    response.headers['X-Content-Type-Options'] = [{
-      key: 'X-Content-Type-Options',
-      value: "nosniff"
-    }];
-    response.headers['Referrer-Policy'] = [{
-      key: 'Referrer-Policy',
-      value: "same-origin"
-    }];
-    response.headers['X-XSS-Protection'] = [{
-      key: 'X-XSS-Protection',
-      value: "1; mode=block; report=https://jarvis.report-uri.com/r/d/xss/enforce"
-    }];
-//    response.headers['Accept-Ranges'] = [{
-//      key: 'Accept-Ranges',
-//      value: "bytes"
-//    }];
-    response.headers['Content-Security-Policy'] = [{
-      key: 'Content-Security-Policy',
-      value: "default-src 'none'; script-src 'self' stats.jarv.is 'sha256-TLAu2p9kt4LHt+sWwE0cvqq1Ok5LoGzRPrw7+mzhX00='; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; object-src 'self'; media-src 'self'; base-uri 'none'; form-action 'self'; frame-src 'self'; frame-ancestors 'self'; worker-src 'none'; connect-src 'self' jarvis.report-uri.com stats.jarv.is; upgrade-insecure-requests; report-uri https://jarvis.report-uri.com/r/d/csp/enforce; report-to default"
-    }];
-    response.headers['Report-To'] = [{
-      key: 'Report-To',
-      value: "{\"group\":\"default\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://jarvis.report-uri.com/a/d/g\"}]}"
-    }];
-    response.headers['NEL'] = [{
-      key: 'NEL',
-      value: "{\"report_to\":\"default\",\"max_age\":604800}"
-    }];
-    response.headers['X-DNS-Prefetch-Control'] = [{
-      key: 'X-DNS-Prefetch-Control',
-      value: "off"
-    }];
-    response.headers['X-UA-Compatible'] = [{
-      key: 'X-UA-Compatible',
-      value: "IE=edge"
-    }];
-    response.headers['Expect-CT'] = [{
-      key: 'Expect-CT',
-      value: "max-age=604800, enforce, report-uri=\"https://jarvis.report-uri.com/r/d/ct/enforce\""
-    }];
-    response.headers['X-Permitted-Cross-Domain-Policies'] = [{
-      key: 'X-Permitted-Cross-Domain-Policies',
-      value: "none"
-    }];
-    response.headers['Feature-Policy'] = [{
-      key: 'Feature-Policy',
-      value: "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; sync-xhr 'none'; payment 'none'; usb 'none'; vr 'none'"
-    }];
-
-    delete response.headers['Last-Modified'];
-    delete response.headers['Expires'];
-
-    // Return modified response
-    callback(null, response);
-};
\ No newline at end of file
diff --git a/layouts/partials/header.html b/layouts/partials/header.html
index c022bc74..4389e781 100644
--- a/layouts/partials/header.html
+++ b/layouts/partials/header.html
@@ -3,7 +3,6 @@
 <html lang="en">
   <head>
     <meta charset="utf-8">
-    {{ .Hugo.Generator }}
     <title>{{ .Title }}{{ if .IsHome }} &#x1f468;&#x200d;&#x1f4bb;{{ end }}</title>
     <meta name="description" content="{{ if .Description }}{{ .Description }}{{ else }}{{ .Site.Params.description }}{{ end }}">
     <meta name="viewport" content="width=device-width, initial-scale=1">
diff --git a/worker.js b/worker.js
index 05a60d51..30b43868 100644
--- a/worker.js
+++ b/worker.js
@@ -1,52 +1,52 @@
-let securityHeaders = {
-	"Content-Security-Policy": "default-src 'none'; script-src 'self' stats.jarv.is 'sha256-QwZM+dNl2R1KcXo8ORmpT3mqAVwIBbEcJBmWYurBNv4='; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; object-src 'self'; media-src 'self'; base-uri 'none'; form-action 'self'; frame-src 'self'; frame-ancestors 'self'; worker-src 'none'; connect-src 'self' jarvis.report-uri.com stats.jarv.is; upgrade-insecure-requests; report-uri https://jarvis.report-uri.com/r/d/csp/enforce; report-to default",
-	"Report-To": "{\"group\":\"default\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://jarvis.report-uri.com/a/d/g\"}]}",
-	"NEL": "{\"report_to\":\"default\",\"max_age\":604800}",
-//	"Strict-Transport-Security" : "max-age=1000",
-	"X-Xss-Protection": "1; mode=block; report=https://jarvis.report-uri.com/r/d/xss/enforce",
-	"X-Frame-Options": "SAMEORIGIN",
-	"X-Content-Type-Options": "nosniff",
-	"Referrer-Policy": "same-origin",
-	"X-DNS-Prefetch-Control": "off",
-	"X-UA-Compatible": "IE=edge",
-	"X-Permitted-Cross-Domain-Policies": "none",
-	"Feature-Policy": "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; sync-xhr 'none'; payment 'none'; usb 'none'; vr 'none'"
+let newHeaders = {
+  "Content-Security-Policy": "default-src 'none'; script-src 'self' stats.jarv.is 'sha256-QwZM+dNl2R1KcXo8ORmpT3mqAVwIBbEcJBmWYurBNv4='; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; object-src 'self'; media-src 'self'; base-uri 'none'; form-action 'self'; frame-src 'self'; frame-ancestors 'self'; worker-src 'none'; connect-src 'self' jarvis.report-uri.com stats.jarv.is; upgrade-insecure-requests; report-uri https://jarvis.report-uri.com/r/d/csp/enforce; report-to default",
+  "Report-To": "{\"group\":\"default\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://jarvis.report-uri.com/a/d/g\"}]}",
+  "NEL": "{\"report_to\":\"default\",\"max_age\":604800}",
+//  "Strict-Transport-Security" : "max-age=1000",
+  "X-Xss-Protection": "1; mode=block; report=https://jarvis.report-uri.com/r/d/xss/enforce",
+  "X-Frame-Options": "SAMEORIGIN",
+  "X-Content-Type-Options": "nosniff",
+  "Referrer-Policy": "same-origin",
+  "X-DNS-Prefetch-Control": "off",
+  "X-UA-Compatible": "IE=edge",
+  "X-Permitted-Cross-Domain-Policies": "none",
+  "Feature-Policy": "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; sync-xhr 'none'; payment 'none'; usb 'none'; vr 'none'"
 }
 
 let removeHeaders = [
-	"Last-Modified",
-	"Expires",
-	"Public-Key-Pins",
-	"X-Powered-By",
-	"x-amz-request-id",
-	"x-amz-id-2",
-	"x-amz-bucket",
-	"x-amz-bucket-region",
-	"x-amz-error-code",
-	"x-amz-error-message",
-	"x-amz-error-detail-key",
-	"x-amz-version-id"
+  "Last-Modified",
+  "Expires",
+  "Public-Key-Pins",
+  "X-Powered-By",
+  "x-amz-request-id",
+  "x-amz-id-2",
+  "x-amz-bucket",
+  "x-amz-bucket-region",
+  "x-amz-error-code",
+  "x-amz-error-message",
+  "x-amz-error-detail-key",
+  "x-amz-version-id"
 ]
 
-addEventListener('fetch', event => {
-	event.respondWith(addHeaders(event.request))
+addEventListener("fetch", event => {
+  event.respondWith(addHeaders(event.request))
 })
 
 async function addHeaders(req) {
-	let response = await fetch(req)
-	let newHeaders = new Headers(response.headers)
+  let response = await fetch(req)
+  let responseHeaders = new Headers(response.headers)
 
-	Object.keys(securityHeaders).map(function(name, index) {
-		newHeaders.set(name, securityHeaders[name]);
+  Object.keys(newHeaders).map(function(name, index) {
+    responseHeaders.set(name, newHeaders[name])
   })
 
-	removeHeaders.forEach(function(name){
-		newHeaders.delete(name)
-	})
+  removeHeaders.forEach(function(name){
+    responseHeaders.delete(name)
+  })
 
-	return new Response(response.body , {
-		status: response.status,
-		statusText: response.statusText,
-		headers: newHeaders
-	})
+  return new Response(response.body, {
+    status: response.status,
+    statusText: response.statusText,
+    headers: responseHeaders
+  })
 }
\ No newline at end of file