Add ship-* Claude skills and plan

Introduces a skills/ directory with 8 Claude skills that reimagine ship as a set of composable, human-driven deployment tools backed by Claude's reasoning rather than a rigid CLI. Skills: - ship-setup: one-time VPS config, saves host to ~/.config/ship/config.json - ship-status: derives live state from server, no local state file - ship-env: read/write env vars with merge semantics, never overwrites - ship-binary: deploy Go binaries with SQLite backup, correct restart behavior - ship-caddy: manage per-app Caddyfile with validate-before-reload - ship-service: systemd management and log inspection - ship-static: rsync static sites with SPA routing support - ship-deploy: orchestration runbook tying the others together Also adds SKILLS_PLAN.md documenting the architecture and rationale. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
author: Clawd <ai@clawd.bot> 2026-04-11 20:43:41 -0700
committer: Clawd <ai@clawd.bot> 2026-04-11 20:43:41 -0700
commit: d0ae31c24c3c98ae89eebd67227c0c0d01606ed5 (patch)
tree: c684469e0f7d3b65477cfc631ecdaafa3c6a218a /skills/ship-caddy/SKILL.md
parent: 5548b36e0953c17dbe30f6b63c892b7c83196b20 (diff)
1 files changed, 135 insertions, 0 deletions
diff --git a/skills/ship-caddy/SKILL.md b/skills/ship-caddy/SKILL.md
new file mode 100644
index 0000000..df79e39
--- /dev/null
+++ b/skills/ship-caddy/SKILL.md
@@ -0,0 +1,135 @@
+---
+name: ship-caddy
+description: Manage Caddy configuration for a deployed app. Add, update, or remove site configs. Use when you need to change how Caddy serves an app — custom domains, redirects, auth, headers, etc.
+argument-hint: "<app-name> [host-nickname]"
+---
+# ship-caddy
+Manage per-app Caddy configuration on a ship VPS.
+## Read Config
+```bash
+python3 -c "
+import json, os
+cfg = json.load(open(os.path.expanduser('~/.config/ship/config.json')))
+nick = '<nickname-or-default>'
+h = cfg['hosts'].get(nick, cfg['hosts'][cfg['default']])
+print(h['host'])
+"
+```
+## Usage Patterns
+### View current Caddy config for an app
+```bash
+ssh <host> "sudo cat /etc/caddy/sites-enabled/<app-name>.caddy"
+```
+### Add or update a site config
+Read the current config first if it exists, then write the new one. Always reload
+Caddy after writing — validate first by checking syntax:
+```bash
+ssh <host> "sudo caddy validate --config /etc/caddy/Caddyfile 2>&1"
+```
+If validation passes:
+```bash
+ssh <host> "sudo systemctl reload caddy"
+```
+If validation fails, show the error and do NOT reload. Tell the user what the
+problem is.
+### Standard reverse proxy config (most apps)
+```bash
+ssh <host> "sudo tee /etc/caddy/sites-enabled/<app-name>.caddy > /dev/null << 'EOF'
+<domain> {
+    reverse_proxy 127.0.0.1:<port>
+}
+EOF"
+```
+### Custom domain (in addition to default)
+```bash
+ssh <host> "sudo tee /etc/caddy/sites-enabled/<app-name>.caddy > /dev/null << 'EOF'
+<custom-domain>, <default-domain> {
+    reverse_proxy 127.0.0.1:<port>
+}
+EOF"
+```
+### Basic auth
+```bash
+ssh <host> "sudo tee /etc/caddy/sites-enabled/<app-name>.caddy > /dev/null << 'EOF'
+<domain> {
+    basicauth {
+        <username> <bcrypt-hash>
+    }
+    reverse_proxy 127.0.0.1:<port>
+}
+EOF"
+```
+To generate a bcrypt hash for a password:
+```bash
+ssh <host> "caddy hash-password --plaintext '<password>'"
+```
+### Redirect www to non-www
+```bash
+ssh <host> "sudo tee /etc/caddy/sites-enabled/<app-name>.caddy > /dev/null << 'EOF'
+www.<domain> {
+    redir https://<domain>{uri} permanent
+}
+<domain> {
+    reverse_proxy 127.0.0.1:<port>
+}
+EOF"
+```
+### Static site
+```bash
+ssh <host> "sudo tee /etc/caddy/sites-enabled/<app-name>.caddy > /dev/null << 'EOF'
+<domain> {
+    root * /var/www/<app-name>
+    file_server
+    encode gzip
+}
+EOF"
+```
+### Remove a site config
+```bash
+ssh <host> "sudo rm /etc/caddy/sites-enabled/<app-name>.caddy && sudo systemctl reload caddy"
+```
+Confirm with the user before removing.
+### View Caddy status and logs
+```bash
+ssh <host> "sudo systemctl status caddy --no-pager"
+ssh <host> "sudo journalctl -u caddy -n 50 --no-pager"
+```
+## Notes
+- Always validate before reloading — never reload with a broken config
+- The port for an app can be found at `/etc/ship/ports/<app-name>`
+- Caddy handles HTTPS automatically — no need to configure certificates
+- If the user asks for something not covered here, write the appropriate Caddy
+  directives — Caddy's config language is flexible and well documented
+- Main Caddyfile is at `/etc/caddy/Caddyfile` and imports all files in
+  `/etc/caddy/sites-enabled/`
author	Clawd <ai@clawd.bot>	2026-04-11 20:43:41 -0700
committer	Clawd <ai@clawd.bot>	2026-04-11 20:43:41 -0700
commit	d0ae31c24c3c98ae89eebd67227c0c0d01606ed5 (patch)
tree	c684469e0f7d3b65477cfc631ecdaafa3c6a218a /skills/ship-caddy/SKILL.md
parent	5548b36e0953c17dbe30f6b63c892b7c83196b20 (diff)

diff --git a/skills/ship-caddy/SKILL.md b/skills/ship-caddy/SKILL.md new file mode 100644 index 0000000..df79e39 --- /dev/null +++ b/skills/ship-caddy/SKILL.md
@@ -0,0 +1,135 @@
	1	---
	2	name: ship-caddy
	3	description: Manage Caddy configuration for a deployed app. Add, update, or remove site configs. Use when you need to change how Caddy serves an app — custom domains, redirects, auth, headers, etc.
	4	argument-hint: "<app-name> [host-nickname]"
	5	---
	6
	7	# ship-caddy
	8
	9	Manage per-app Caddy configuration on a ship VPS.
	10
	11	## Read Config
	12
	13	```bash
	14	python3 -c "
	15	import json, os
	16	cfg = json.load(open(os.path.expanduser('~/.config/ship/config.json')))
	17	nick = '<nickname-or-default>'
	18	h = cfg['hosts'].get(nick, cfg['hosts'][cfg['default']])
	19	print(h['host'])
	20	"
	21	```
	22
	23	## Usage Patterns
	24
	25	### View current Caddy config for an app
	26
	27	```bash
	28	ssh <host> "sudo cat /etc/caddy/sites-enabled/<app-name>.caddy"
	29	```
	30
	31	### Add or update a site config
	32
	33	Read the current config first if it exists, then write the new one. Always reload
	34	Caddy after writing — validate first by checking syntax:
	35
	36	```bash
	37	ssh <host> "sudo caddy validate --config /etc/caddy/Caddyfile 2>&1"
	38	```
	39
	40	If validation passes:
	41	```bash
	42	ssh <host> "sudo systemctl reload caddy"
	43	```
	44
	45	If validation fails, show the error and do NOT reload. Tell the user what the
	46	problem is.
	47
	48	### Standard reverse proxy config (most apps)
	49
	50	```bash
	51	ssh <host> "sudo tee /etc/caddy/sites-enabled/<app-name>.caddy > /dev/null << 'EOF'
	52	<domain> {
	53	reverse_proxy 127.0.0.1:<port>
	54	}
	55	EOF"
	56	```
	57
	58	### Custom domain (in addition to default)
	59
	60	```bash
	61	ssh <host> "sudo tee /etc/caddy/sites-enabled/<app-name>.caddy > /dev/null << 'EOF'
	62	<custom-domain>, <default-domain> {
	63	reverse_proxy 127.0.0.1:<port>
	64	}
	65	EOF"
	66	```
	67
	68	### Basic auth
	69
	70	```bash
	71	ssh <host> "sudo tee /etc/caddy/sites-enabled/<app-name>.caddy > /dev/null << 'EOF'
	72	<domain> {
	73	basicauth {
	74	<username> <bcrypt-hash>
	75	}
	76	reverse_proxy 127.0.0.1:<port>
	77	}
	78	EOF"
	79	```
	80
	81	To generate a bcrypt hash for a password:
	82	```bash
	83	ssh <host> "caddy hash-password --plaintext '<password>'"
	84	```
	85
	86	### Redirect www to non-www
	87
	88	```bash
	89	ssh <host> "sudo tee /etc/caddy/sites-enabled/<app-name>.caddy > /dev/null << 'EOF'
	90	www.<domain> {
	91	redir https://<domain>{uri} permanent
	92	}
	93
	94	<domain> {
	95	reverse_proxy 127.0.0.1:<port>
	96	}
	97	EOF"
	98	```
	99
	100	### Static site
	101
	102	```bash
	103	ssh <host> "sudo tee /etc/caddy/sites-enabled/<app-name>.caddy > /dev/null << 'EOF'
	104	<domain> {
	105	root * /var/www/<app-name>
	106	file_server
	107	encode gzip
	108	}
	109	EOF"
	110	```
	111
	112	### Remove a site config
	113
	114	```bash
	115	ssh <host> "sudo rm /etc/caddy/sites-enabled/<app-name>.caddy && sudo systemctl reload caddy"
	116	```
	117
	118	Confirm with the user before removing.
	119
	120	### View Caddy status and logs
	121
	122	```bash
	123	ssh <host> "sudo systemctl status caddy --no-pager"
	124	ssh <host> "sudo journalctl -u caddy -n 50 --no-pager"
	125	```
	126
	127	## Notes
	128
	129	- Always validate before reloading — never reload with a broken config
	130	- The port for an app can be found at `/etc/ship/ports/<app-name>`
	131	- Caddy handles HTTPS automatically — no need to configure certificates
	132	- If the user asks for something not covered here, write the appropriate Caddy
	133	directives — Caddy's config language is flexible and well documented
	134	- Main Caddyfile is at `/etc/caddy/Caddyfile` and imports all files in
	135	`/etc/caddy/sites-enabled/`