home / skills / danielmiessler / personal_ai_infrastructure / cloudflare

This skill deploys and manages Cloudflare Workers, Pages, and MCP servers to boost edge capabilities and deployment reliability.

npx playbooks add skill danielmiessler/personal_ai_infrastructure --skill cloudflare

Review the files below or copy the command above to add this skill to your agents.

Files (3)
SKILL.md
3.4 KB
---
name: Cloudflare
description: Deploy Cloudflare Workers/Pages. USE WHEN Cloudflare, worker, deploy, Pages, MCP server. SkillSearch('cloudflare') for docs.
---

## Customization

**Before executing, check for user customizations at:**
`~/.claude/skills/PAI/USER/SKILLCUSTOMIZATIONS/Cloudflare/`

If this directory exists, load and apply any PREFERENCES.md, configurations, or resources found there. These override default behavior. If the directory does not exist, proceed with skill defaults.


## 🚨 MANDATORY: Voice Notification (REQUIRED BEFORE ANY ACTION)

**You MUST send this notification BEFORE doing anything else when this skill is invoked.**

1. **Send voice notification**:
   ```bash
   curl -s -X POST http://localhost:8888/notify \
     -H "Content-Type: application/json" \
     -d '{"message": "Running the WORKFLOWNAME workflow in the Cloudflare skill to ACTION"}' \
     > /dev/null 2>&1 &
   ```

2. **Output text notification**:
   ```
   Running the **WorkflowName** workflow in the **Cloudflare** skill to ACTION...
   ```

**This is not optional. Execute this curl command immediately upon skill invocation.**

# Cloudflare Skill

Deploy and manage Cloudflare Workers, MCP servers, and Pages.


## Workflow Routing

**When executing a workflow, output this notification directly:**

```
Running the **WorkflowName** workflow in the **Cloudflare** skill to ACTION...
```

  - **Create** MCP server or Worker → `Workflows/Create.md`
  - **Troubleshoot** deployment issues → `Workflows/Troubleshoot.md`

## Quick Reference

- **Account ID:** Set via `CF_ACCOUNT_ID` environment variable
- **Worker URL format:** `https://[worker-name].[your-subdomain].workers.dev`

## Deployment Commands

### Workers Deployment
```bash
# Unset tokens that interfere with wrangler login-based auth
(unset CF_API_TOKEN && unset CLOUDFLARE_API_TOKEN && wrangler deploy)
```

### Pages Deployment

**🚨 CRITICAL: ALL env tokens lack Pages permissions. MUST unset them to use OAuth:**

```bash
# ALWAYS unset tokens for Pages - OAuth login works, tokens don't
(unset CF_API_TOKEN && unset CLOUDFLARE_API_TOKEN && npx wrangler pages deploy dist --project-name=PROJECT_NAME --commit-dirty=true)
```

**Known Pages Projects:**
| Project | Directory | Deploy Command |
|---------|-----------|----------------|
| [project] | `~/Projects/[project]` | `(unset CF_API_TOKEN && unset CLOUDFLARE_API_TOKEN && npx wrangler pages deploy dist --project-name=[project] --commit-dirty=true)` |

## Critical Notes

- **Workers:** Unset `CF_API_TOKEN` and `CLOUDFLARE_API_TOKEN` before deploying - they interfere with wrangler login-based auth
- **Pages:** 🚨 **UNSET ALL TOKENS** - None of the API tokens have Pages permissions. OAuth-based wrangler login is the ONLY method that works.

## Examples

**Example 1: Deploy a Worker**
```
User: "deploy the MCP server to Cloudflare"
→ Invokes CREATE workflow
→ Unsets env tokens, runs wrangler deploy
→ "Deployed to https://mcp-server.[subdomain].workers.dev"
```

**Example 2: Deploy Pages site**
```
User: "deploy my-app to Cloudflare"
→ Builds dist/, unsets tokens
→ Runs wrangler pages deploy
→ "Deployed my-app to Cloudflare Pages"
```

**Example 3: Fix deployment error**
```
User: "Cloudflare deploy is failing with auth error"
→ Invokes TROUBLESHOOT workflow
→ Identifies token interference
→ "Fixed - tokens were overriding OAuth. Redeployed successfully."
```

Overview

This skill deploys and manages Cloudflare Workers, Pages sites, and MCP servers to accelerate agentic AI infrastructure. It automates common deployment flows, enforces required environment handling, and provides troubleshooting for auth and deployment errors. Use it to reliably push Workers or Pages and to diagnose token-related failures.

How this skill works

Before performing any action the skill issues a local voice notification and a text notification announcing the workflow and intent. It inspects environment variables (CF_API_TOKEN, CLOUDFLARE_API_TOKEN) and will unset them where they interfere with wrangler OAuth login, then runs the appropriate wrangler commands to deploy Workers, Pages, or MCP servers. Troubleshooting workflows detect token overrides and other auth issues and guide a fix-and-redeploy flow.

When to use it

  • Deploy a Cloudflare Worker or MCP server to workers.dev
  • Deploy a Cloudflare Pages static site from a built dist/ directory
  • Troubleshoot authentication or deployment failures related to tokens
  • Automate repeated deploys while ensuring correct OAuth flow
  • When wrangler login-based auth is required instead of API tokens

Best practices

  • Always run the skill with the expected CF_ACCOUNT_ID environment variable set
  • Unset CF_API_TOKEN and CLOUDFLARE_API_TOKEN before Worker deploys to avoid auth conflicts
  • Always unset all API tokens before Pages deploys; use wrangler OAuth login
  • Build your dist/ output locally before invoking a Pages deploy
  • Use descriptive project and worker names to form predictable worker URLs

Example use cases

  • Create an MCP server: unsets tokens, runs wrangler deploy, returns the workers.dev URL
  • Deploy a Pages site: build dist/, unset tokens, run npx wrangler pages deploy --project-name=PROJECT_NAME --commit-dirty=true
  • Fix auth errors: run the troubleshoot workflow, identify token interference, unset tokens and retry
  • Automated CI step that clears tokens and invokes wrangler login-based deploy

FAQ

What notification does the skill send before actions?

The skill sends a local voice notification via a POST to http://localhost:8888/notify and prints: Running the **WorkflowName** workflow in the **Cloudflare** skill to ACTION...

Why must I unset CF_API_TOKEN and CLOUDFLARE_API_TOKEN?

Those tokens can override wrangler's OAuth login and cause authentication failures; unsetting them forces wrangler to use OAuth which is required for Pages and recommended for Workers.