Notre avis
Ce skill déploie automatiquement Fireproof Connect sur une VM Studio dédiée chez exe.dev, configurant un backend de synchronisation cloud pour vos applications.
Points forts
- Automatisation complète du déploiement sans intervention manuelle
- Génération sécurisée des tokens et clés de session
- Intégration avec Clerk pour l'authentification
- Vérification de la disponibilité des services après déploiement
Limites
- Nécessite un compte exe.dev et des clés SSH préconfigurées
- Dépend de Clerk pour les clés d'API, ce qui ajoute une étape externe
- Le script est spécifique à l'infrastructure exe.dev, non portable
Quand vous avez besoin de mettre en place rapidement un backend de synchronisation cloud Fireproof Connect pour vos applications Vibes.
Si vous n'avez pas encore de compte exe.dev ou si vous préférez une solution auto-hébergée avec une infrastructure différente.
Analyse de sécurité
PrudenceThe skill orchestrates a remote deployment using SSH, Docker, and sudo, involving execution of external scripts and transmission of secrets via command line. While the purpose is legitimate and no destructive commands are evident, the reliance on untrusted external code and insecure secret handling introduces risk, warranting caution.
- •Sensitive Clerk API keys are passed as command-line arguments, which may be visible in process listings.
- •Runs an external Node.js script (deploy-connect.js) that clones a repository and executes shell scripts with sudo on a remote VM, posing supply chain risk if the script or repository is compromised.
- •Uses SSH and Docker with elevated privileges (sudo), which could lead to unintended system modifications if misconfigured.
Exemples
Deploy Fireproof Connect to exe.dev as my personal sync backend.Set up a cloud sync backend for my Vibes apps using Fireproof Connect on a Studio VM.Initialize a new Fireproof Connect Studio on exe.dev with Clerk authentication.name: connect description: Self-contained deploy automation — invoke directly, do not decompose. Deploys Fireproof Connect to a dedicated Studio VM on exe.dev. Sets up cloud sync backend for all your Vibes apps. license: MIT allowed-tools: Bash, Read, Glob, AskUserQuestion metadata: author: "Marcus Estes"
Plan mode: If you are planning work, this entire skill is ONE plan step: "Invoke /vibes:connect". Do not decompose the steps below into separate plan tasks.
Deploy Connect Studio
Deploy Fireproof Connect to exe.dev as your personal sync backend. Your Studio VM runs the full Fireproof sync stack and can be used by multiple apps.
Prerequisites
- SSH key in
~/.ssh/(id_ed25519, id_rsa, or id_ecdsa) - exe.dev account - run
ssh exe.devonce to create your account - Clerk credentials from clerk.com:
- Publishable Key (pk_test_... or pk_live_...)
- Secret Key (sk_test_... or sk_live_...)
Gather Config
Use AskUserQuestion to collect deployment config before running the deploy script.
Question 0: "Have you created an exe.dev account? (Run `ssh exe.dev` in your terminal to create one)"
Header: "exe.dev"
Options:
- Label: "Yes, I have an account"
Description: "I've already run ssh exe.dev and verified my account."
- Label: "No, I need to set one up"
Description: "I haven't created an exe.dev account yet."
If "No": Instruct the user:
Run
ssh exe.devin your terminal. This will create your account automatically. You'll need an SSH key in ~/.ssh/ (the command will guide you). Once your account is confirmed, come back and we'll continue.
Then STOP and wait for them to confirm they've completed this step.
Question 1: "What codename for your Studio? (becomes <codename>.exe.xyz)"
Header: "Studio"
Options: Suggest "${username}-studio" + user enters via "Other"
Question 2: "Do you have your Clerk keys ready?"
Header: "Clerk"
Options: ["Yes, I have them", "No, I need to get them first"]
If user needs Clerk keys, provide these instructions:
- Go to clerk.com and sign in
- Select your application (or create one)
- Go to API Keys in the sidebar
- Copy both the Publishable Key and Secret Key
After receiving the codename, ask for the keys:
Question: "Paste your Clerk Publishable Key (starts with pk_test_ or pk_live_)"
Header: "Publishable"
Options: [User enters via "Other"]
Question: "Paste your Clerk Secret Key (starts with sk_test_ or sk_live_)"
Header: "Secret"
Options: [User enters via "Other"]
Deploy Command
cd "${CLAUDE_PLUGIN_ROOT}/scripts" && [ -d node_modules ] || npm install
node "${CLAUDE_PLUGIN_ROOT}/scripts/deploy-connect.js" \
--studio <codename> \
--clerk-publishable-key "pk_test_..." \
--clerk-secret-key "sk_test_..."
What It Does
- SSH to
<studio>.exe.xyz- Creates VM if needed - Clone fireproof repo -
selem/docker-for-allbranch to/opt/fireproof - Generate security tokens - Session tokens and device CA keys
- Create
.env- All credentials for Docker services - Run
./docker/start.sh- Starts the full Fireproof stack - Wait for services - Confirms port 8080 is responding
- Write local
.connect- Saves studio info for future reference
Architecture
Studio VM (<codename>.exe.xyz)
├── /opt/fireproof/
│ ├── docker-compose.yaml (from repo)
│ ├── docker/
│ │ ├── nginx.conf (routes all traffic)
│ │ └── start.sh (orchestrates services)
│ └── .env (generated credentials)
└── Docker services (port 8080 exposed)
├── nginx proxy
├── dashboard (internal 7370)
└── cloud-backend (internal 8909)
Public URLs
After deployment, your Studio exposes:
| Endpoint | URL | Purpose |
|----------|-----|---------|
| Token API | https://<studio>.exe.xyz/api | Token issuance for auth |
| Cloud Sync | fpcloud://<studio>.exe.xyz?protocol=wss | Real-time sync |
Local .connect File
The deploy script creates a .connect file in your project:
studio: <codename>
api_url: https://<codename>.exe.xyz/api
cloud_url: fpcloud://<codename>.exe.xyz?protocol=wss
clerk_publishable_key: pk_test_...
This file is gitignored and used to auto-configure app deployments.
Update Your App's Environment
After deploying Connect, update your app's .env:
VITE_CLERK_PUBLISHABLE_KEY=pk_test_...
VITE_API_URL=https://<studio>.exe.xyz/api
VITE_CLOUD_URL=fpcloud://<studio>.exe.xyz?protocol=wss
Troubleshooting
Check Docker status:
ssh <studio>.exe.xyz "cd /opt/fireproof && sudo docker compose ps"
View logs:
ssh <studio>.exe.xyz "cd /opt/fireproof && sudo docker compose logs -f"
Restart services:
ssh <studio>.exe.xyz "cd /opt/fireproof && sudo docker compose restart"
CLI Options
| Option | Description |
|--------|-------------|
| --studio <name> | Studio VM name (required) |
| --clerk-publishable-key <key> | Clerk publishable key (required) |
| --clerk-secret-key <key> | Clerk secret key (required) |
| --dry-run | Show what would be done without executing |
What's Next?
After successful deployment, present these options using AskUserQuestion:
Question: "Your Connect Studio is live at https://${studio}.exe.xyz! What's next?"
Header: "Next"
Options:
- Label: "Deploy an app that uses this Studio"
Description: "Generate and deploy a Vibes app configured to sync through your Studio. I'll set up the environment automatically."
- Label: "Update an existing app to use Connect"
Description: "Configure an existing app's .env to point to your new Studio for cloud sync."
- Label: "I'm done for now"
Description: "Your Studio is running 24/7 on exe.dev. Any app configured with these URLs will sync through it."
Architecte Docker Compose
DevOps
Concoit des configurations Docker Compose optimisees.
Rapport de Post-Mortem
DevOps
Rédige des rapports post-mortem d'incidents structurés et blameless.
Créateur de Runbooks
DevOps
Crée des runbooks opérationnels clairs pour les procédures DevOps courantes.