← 返回 Skills 市场
guim4dev

Caprover Management

作者 Thiago Guimarães · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
385
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install caprover-management
功能描述
Manage CapRover PaaS instances via API: create/update apps, deploy from Docker image or custom Dockerfile (tar file), configure ports, volumes, env vars, and...
使用说明 (SKILL.md)

CapRover Management Skill

CapRover is a self-hosted PaaS that wraps Docker Swarm. It exposes a REST API for full app lifecycle management.

Quick Setup

Always start by authenticating:

import urllib.request, json, ssl

ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE  # self-signed cert on CapRover is common

BASE = "https://\x3Ccaptain-domain>"  # e.g. https://captain.example.com

def api(path, data=None, token=None, timeout=60):
    body = json.dumps(data).encode() if data else None
    headers = {"Content-Type": "application/json"}
    if token:
        headers["x-captain-auth"] = token
    req = urllib.request.Request(f"{BASE}{path}", data=body, headers=headers)
    resp = urllib.request.urlopen(req, context=ctx, timeout=timeout)
    return json.loads(resp.read())

token = api("/api/v2/login", {"password": "\x3Cpassword>"})["data"]["token"]

See references/api.md for all endpoints. See scripts/caprover.py for a ready-to-use helper class.

Core Workflows

1. Create an App

api("/api/v2/user/apps/appDefinitions/register",
    {"appName": "myapp", "hasPersistentData": False}, token)

Set hasPersistentData: True if the app needs persistent volumes.

2. Deploy from a Docker Image

api("/api/v2/user/apps/appDefinitions/update",
    {"appName": "myapp", "imageName": "nginx:latest"}, token)

api("/api/v2/user/apps/appData/myapp/redeploy",
    {"appName": "myapp", "gitHash": ""}, token)

3. Deploy from a Custom Dockerfile (Build on Host)

Pack a captain-definition, Dockerfile, and support files into a .tar.gz, then POST:

# captain-definition (required in tar root):
# {"schemaVersion": 2, "dockerfilePath": "./Dockerfile"}

with open("app.tar.gz", "rb") as f:
    tar_data = f.read()

boundary = "----FormBoundaryCaprover"
body = (
    f"--{boundary}\r\
"
    f'Content-Disposition: form-data; name="sourceFile"; filename="app.tar.gz"\r\
'
    f"Content-Type: application/octet-stream\r\
\r\
"
).encode() + tar_data + f"\r\
--{boundary}--\r\
".encode()

req = urllib.request.Request(
    f"{BASE}/api/v2/user/apps/appData/myapp",
    data=body,
    headers={
        "Content-Type": f"multipart/form-data; boundary={boundary}",
        "x-captain-auth": token,
    },
)
resp = urllib.request.urlopen(req, context=ctx, timeout=180)

This builds the image natively on the CapRover host — critical for ARM64 hosts where pre-built amd64 images won't run.

4. Configure Ports, Env Vars, Volumes

api("/api/v2/user/apps/appDefinitions/update", {
    "appName": "myapp",
    "envVars": [{"key": "MY_VAR", "value": "hello"}],
    "ports": [{"hostPort": 25565, "containerPort": 7777}],
    "volumes": [{"containerPath": "/data", "volumeName": "myapp-data"}],
    "instanceCount": 1,
}, token)

⚠️ Port update bug: The ports field update sometimes returns HTTP 500 on CapRover (known issue). Workaround: set ports once at app creation time or use serviceUpdateOverride.

5. Advanced Docker Swarm Settings (serviceUpdateOverride)

For settings not exposed in the standard API — volume mounts, custom DNS, resource limits:

override = json.dumps({
    "TaskTemplate": {
        "ContainerSpec": {
            "Mounts": [{
                "Type": "volume",
                "Source": "captain--myapp-data",  # CapRover names: captain--\x3Cappname>-\x3Cname>
                "Target": "/data"
            }]
        }
    }
})

api("/api/v2/user/apps/appDefinitions/update",
    {"appName": "myapp", "serviceUpdateOverride": override}, token)

⚠️ Setting serviceUpdateOverride to "" (empty string) clears it and removes all Docker Swarm overrides, including volume mounts.

6. Read Logs

# Build logs (after deploying)
r = api("/api/v2/user/apps/appData/myapp", token=token)
build_lines = r["data"]["logs"]["lines"]

# Runtime logs (stdout of running container)
r = api("/api/v2/user/apps/appData/myapp/logs", token=token)
raw_logs = r["data"]["logs"]

ARM64 / Multi-Arch Gotchas

If the CapRover host is ARM64 (uname -m returns aarch64):

  • Do not use amd64-only pre-built images — they will silently fail or crash with exec format errors
  • Build from Dockerfile on the host (workflow #3 above) to get native ARM64 images
  • For apps that need Mono (e.g. Windows .exe files on Linux ARM64): install mono-runtime in the Dockerfile and use mono ./App.exe as the entrypoint
  • Detect arch at runtime in scripts: $(uname -m) returns aarch64 on ARM64

Common Issues

Symptom Likely Cause Fix
HTTP 500 on port update CapRover bug Set ports at app creation, or use serviceUpdateOverride
Container crashes, no logs Wrong arch image (amd64 on arm64) Build from Dockerfile on host
Port open but server not responding Server listening on 127.0.0.1 only Check server bind address; use 0.0.0.0
World/data lost on restart No volume mount Add serviceUpdateOverride with Mounts
Logs empty App writes logs to file, not stdout Override entrypoint to redirect to stdout
volumes: [] in API but data persists serviceUpdateOverride holds the mount — API and Swarm state diverge Check serviceUpdateOverride, not just app definition

Node / Cluster Info

r = api("/api/v2/user/system/info", token=token)
nodes = r["data"]["nodes"]

References

  • Full API endpoint list + request/response shapes: references/api.md
  • Reusable Python helper class: scripts/caprover.py
安全使用建议
This skill is coherent for managing CapRover, but review these points before installing: - You must supply a CapRover admin (or appropriately privileged) password at runtime; do not reuse high-value credentials if you don't trust the target host. The skill metadata doesn't declare a primary credential, so you'll provide it interactively or via your agent's secret store. - The sample code disables TLS certificate verification to work with self-signed CapRover instances. That makes man-in-the-middle attacks possible if you run the skill against an untrusted network—prefer supplying a valid certificate or modify the helper to enable verification when possible. - Deploying a .tar.gz causes the CapRover host to build whatever Dockerfile is included. Only deploy builds you trust because build scripts run on the remote host and can be used to escalate or corrupt the host environment. - The skill warns that setting serviceUpdateOverride to an empty string clears all Swarm overrides (including mounts) — using that incorrectly can cause data loss. If you intend to use this skill, run it against CapRover instances you control or trust, consider using a limited-permission account instead of the global admin password, and consider editing the helper to enforce TLS validation in environments where valid certs are available.
功能分析
Type: OpenClaw Skill Name: caprover-management Version: 1.0.0 This skill is classified as suspicious due to its exposure of highly privileged CapRover API functionalities and a critical security vulnerability. The `scripts/caprover.py` helper and `SKILL.md` explicitly disable SSL certificate verification (`ssl.CERT_NONE`), making all API communications vulnerable to Man-in-the-Middle (MITM) attacks. Furthermore, the skill provides direct access to CapRover's `serviceUpdateOverride` and `deploy_tar` features, which allow for arbitrary Docker Swarm configuration and custom Dockerfile builds on the CapRover host. While these are legitimate CapRover features, their power, if misused by a compromised agent or user, could lead to Remote Code Execution (RCE) on the CapRover server. There is no evidence of intentional malicious behavior or prompt injection attempts within the skill's code or instructions, but the inherent risks warrant a 'suspicious' classification.
能力评估
Purpose & Capability
Name/description align with the included files and instructions: the SKILL.md and scripts/caprover.py implement CapRover API workflows (create/update apps, deploy images/tar builds, configure ports/volumes/env vars, read logs, cluster info). The skill does not request unrelated services or credentials.
Instruction Scope
Runtime instructions and the helper script stay within the scope of CapRover management. Two notable operational choices increase risk but are relevant to the stated purpose: (1) the examples and helper create an SSL context that disables certificate validation (ctx.verify_mode = ssl.CERT_NONE) to accommodate self-signed CapRover instances; (2) the deploy-from-tar workflow intentionally builds images on the CapRover host, which means arbitrary Dockerfile build steps will execute on that host. Both behaviours are expected for this use-case but have security implications.
Install Mechanism
No install spec; this is primarily an instruction + helper script. Nothing is downloaded or installed by the skill itself, lowering installation risk.
Credentials
The registry metadata lists no required env vars or primary credential, which is consistent with not embedding secrets in the skill. However, the tool requires a CapRover admin password (passed to login) at runtime to obtain a token — this credential is necessary for operation but is not declared in metadata. That omission is not dangerous by itself but users should be aware they must provide an admin password (or an account with sufficient CapRover privileges) when invoking the skill.
Persistence & Privilege
The skill does not request always:true and does not alter other skills or system-wide agent settings. It requires only runtime invocation and does not persist elevated platform privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install caprover-management
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /caprover-management 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of CapRover Management Skill. - Manage CapRover PaaS instances via API: create/update apps, deploy from Docker images or custom Dockerfiles. - Configure ports, env vars, persistent volumes, and advanced Docker Swarm settings. - Supports both standard and advanced workflows, including ARM64-specific guidance. - Includes troubleshooting tips and common issues FAQ. - Provides ready-to-use Python code for all core operations.
元数据
Slug caprover-management
版本 1.0.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Caprover Management 是什么?

Manage CapRover PaaS instances via API: create/update apps, deploy from Docker image or custom Dockerfile (tar file), configure ports, volumes, env vars, and... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 385 次。

如何安装 Caprover Management?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install caprover-management」即可一键安装,无需额外配置。

Caprover Management 是免费的吗?

是的,Caprover Management 完全免费(开源免费),可自由下载、安装和使用。

Caprover Management 支持哪些平台?

Caprover Management 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Caprover Management?

由 Thiago Guimarães(@guim4dev)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论