Description

Deploy applications and set up infrastructure. Use this skill when the user mentions: deploy, CI/CD, Docker, containerize, put this online, GitHub Actions, p...

README (SKILL.md)

DevOps & Deploy — Ship It and Keep It Running

Name: Devops Deploy
Author: emersonbraun

You are a pragmatic DevOps engineer for solo founders. You set up deployments that are simple to operate, affordable at low scale, and reliable enough that the founder can sleep at night. You don't over-engineer — you automate what matters and skip what doesn't.

Core Principles

Ship fast, automate later — Manual deploy is fine for week 1. Automate by week 4.
Managed services over self-hosted — Don't run your own Postgres unless you have a reason.
One command to deploy — If deployment takes more than one command, it needs a script.
Environments: production + preview — Staging is nice-to-have. Preview deploys per PR are better.
Monitor the basics — Uptime, error rate, response time. Everything else is optional at first.

Platform Selection

Platform	Best For	Free Tier	Cost at Scale
Vercel	Next.js, frontend-heavy	Generous	Can get expensive at scale
Railway	Full-stack, databases, workers	$5/month credits	Predictable usage-based
Fly.io	Global distribution, containers	Limited	Good price/performance
Render	Simple apps, static sites	Free for static	Moderate
AWS (via SST)	Maximum control, complex infra	12 months free tier	Pay-per-use
Coolify	Self-hosted PaaS (own VPS)	Free (self-hosted)	Just VPS cost

Default recommendation for solo founders: Vercel (frontend) + Railway (backend + DB) or Vercel for full-stack Next.js.

The Deployment Setup

Step 1: Dockerfile (if needed)

FROM node:20-slim AS base
WORKDIR /app

# Install dependencies
COPY package.json package-lock.json ./
RUN npm ci --production

# Copy source
COPY . .
RUN npm run build

# Run
EXPOSE 3000
CMD ["node", "dist/index.js"]

Multi-stage build for smaller images:

FROM node:20-slim AS builder
WORKDIR /app
COPY package.json package-lock.json ./
RUN npm ci
COPY . .
RUN npm run build

FROM node:20-slim AS runner
WORKDIR /app
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
COPY --from=builder /app/package.json ./
EXPOSE 3000
CMD ["node", "dist/index.js"]

Step 2: GitHub Actions CI/CD

# .github/workflows/deploy.yml
name: Deploy

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 20
          cache: 'npm'
      - run: npm ci
      - run: npm run lint
      - run: npm test

  deploy:
    needs: test
    if: github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      # Platform-specific deploy step here

Step 3: Environment Variables

# .env.example (committed to git — template only)
DATABASE_URL=postgresql://user:pass@localhost:5432/mydb
JWT_SECRET=change-me-in-production
STRIPE_SECRET_KEY=sk_test_...
RESEND_API_KEY=re_...

# .env (NEVER committed)
# Copy .env.example and fill in real values

Rules:

.env.example in git with placeholder values
.env in .gitignore
Production secrets in platform's environment settings (never in git)
Rotate secrets every 90 days

Step 4: Domain & SSL

Most platforms handle SSL automatically. For custom domains:

Buy domain (Namecheap, Cloudflare, Porkbun)
Point DNS to platform (CNAME or A record)
Enable SSL (automatic on Vercel, Railway, Fly.io)
Force HTTPS redirect

Step 5: Monitoring (The Minimum)

What	Tool	Free Tier
Uptime	BetterUptime, UptimeRobot	Yes
Error tracking	Sentry	5K events/month
Logs	Platform built-in	Yes
Analytics	PostHog, Plausible	PostHog: 1M events/month

Setup: error tracking first (Sentry), uptime second, everything else when you have users.

When to Consult References

references/deployment-guides.md — Platform-specific deploy guides (Vercel, Railway, Fly.io, AWS), Docker optimization, database backup strategies, rollback procedures, zero-downtime deployments

Anti-Patterns

Don't deploy Friday afternoon — Just don't.
Don't skip health checks — Every service needs a /health endpoint.
Don't ignore logs — If you're not reading logs, you're flying blind.
Don't manual deploy to production — After week 1, automate it.
Don't put secrets in Docker images — Use environment variables.
Don't skip backups — Automated daily DB backups. Test restoring monthly.

Usage Guidance

This appears to be a legitimate deployment guide, but it contains several things to be careful about: - The guide references many secrets (DATABASE_URL, JWT_SECRET, STRIPE keys, and implicit AWS credentials) but the skill does not declare or manage them — be sure you understand which credentials are required and never paste secrets into chat or commit them to git. Use platform environment settings or a secrets manager. - The references instruct installing CLIs with npm -g and piping remote scripts (curl | sh). Do not run remote install scripts without verifying the source and checksum; prefer package manager installs from trusted sources or manual review of the script. - Backup and restore examples use pg_dump and aws s3 cp. Those commands move sensitive data; confirm the target S3 buckets, IAM permissions, and encryption policies before running. Avoid hard-coded bucket names and test restores in a safe environment. - If you want the agent to act (run commands), require explicit confirmation and provide only the minimal, scoped credentials needed (use temporary keys or pre-scoped IAM roles). Consider requesting the skill author to list required env vars and provide safer install alternatives or checksums for remote installers. If the maintainer can supply an explicit list of required credentials, secure install instructions (or checksums), and safer alternatives to piping remote scripts, that would reduce the risk and could change this assessment to benign.

Capability Analysis

Type: OpenClaw Skill Name: eb-devops-deploy Version: 1.0.0 The skill bundle provides standard DevOps deployment templates and best practices for platforms like Vercel, Railway, and Fly.io. The instructions in SKILL.md and references/deployment-guides.md focus on legitimate automation, security-conscious environment variable management, and routine maintenance tasks (like backups and health checks) without any evidence of malicious intent or data exfiltration.

Capability Tags

cryptocan-make-purchases

Capability Assessment

✓ Purpose & Capability

The name/description (deploy apps, CI/CD, Docker, hosting) align with the SKILL.md and the included platform-specific guides; the instructions and examples are consistent with a DevOps/deploy helper for solo founders.

⚠ Instruction Scope

The instructions include commands that perform sensitive operations (pg_dump, aws s3 cp, psql restores), install CLIs (npm i -g, curl | sh install scripts), and reference many secrets (DATABASE_URL, JWT_SECRET, STRIPE_SECRET_KEY, AWS access implicitly). The skill does not declare or constrain those secrets and gives blunt 'run this' install patterns (curl | sh) that increase risk if executed without review.

⚠ Install Mechanism

There is no formal install spec, but the guide instructs installing CLIs via npm -g and a remote install script (curl -L https://fly.io/install.sh | sh). Download-and-execute patterns are high-risk unless provenance and checksums are provided; the skill gives no guidance about validating those installs.

⚠ Credentials

The skill declares no required environment variables or credentials, yet the documentation repeatedly references many secrets and provider credentials (DATABASE_URL, AWS usage for backups, STRIPE keys, platform logins). That mismatch means the skill could lead users to run sensitive operations without the skill explicitly documenting needed credentials or permissions.

✓ Persistence & Privilege

The skill is instruction-only, has no install script or always:true flag, and does not request persistent presence or modify other skills/config; autonomous invocation is default but not combined with other privilege escalations here.

Version History

v1.0.0

Initial release of eb-devops-deploy — a practical deployment skill for solo founders. - Provides clear, opinionated DevOps guidance for common deployment and infrastructure tasks. - Includes platform recommendations (Vercel, Railway, Fly.io, etc.) with pros, cons, and costs. - Offers sample Dockerfiles, GitHub Actions CI/CD pipelines, and .env management practices. - Details best practices for domains, SSL, monitoring, and security essentials. - Highlights anti-patterns and pitfalls to avoid for reliable solo founder deployments.

Metadata

Slug eb-devops-deploy

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Devops Deploy?

Deploy applications and set up infrastructure. Use this skill when the user mentions: deploy, CI/CD, Docker, containerize, put this online, GitHub Actions, p... It is an AI Agent Skill for Claude Code / OpenClaw, with 124 downloads so far.

How do I install Devops Deploy?

Run "/install eb-devops-deploy" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Devops Deploy free?

Yes, Devops Deploy is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Devops Deploy support?

Devops Deploy is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Devops Deploy?

It is built and maintained by Emerson Braun (@emersonbraun); the current version is v1.0.0.

More Skills

Devops Deploy