cloudflare-manager
Comprehensive Cloudflare account management for deploying Workers, KV Storage, R2, Pages, DNS, and Routes. Use when deploying cloudflare services, managing worker containers, configuring KV/R2 storage, or setting up DNS/routing. Requires CLOUDFLARE_API_KEY in .env and Bun runtime with dependencies installed.
git clone --depth 1 https://github.com/secondsky/claude-skills /tmp/cloudflare-manager && cp -r /tmp/cloudflare-manager/plugins/cloudflare-manager/skills/cloudflare-manager ~/.claude/skills/cloudflare-managerSKILL.md
# Cloudflare Manager
Comprehensive Cloudflare service management skill that enables deployment and configuration of Workers, KV Storage, R2 buckets, Pages, DNS records, and routing. Automatically validates API credentials, extracts deployment URLs, and provides actionable error messages.
## Initial Setup
Before using this skill for the first time:
1. **Install Dependencies**
```bash
cd ~/.claude/skills/cloudflare-manager
bun install
```
2. **Configure API Key**
Create a `.env` file in your project root:
```bash
CLOUDFLARE_API_KEY=your_api_token_here
CLOUDFLARE_ACCOUNT_ID=your_account_id # Optional, auto-detected
```
**Getting your API token**:
- Visit https://dash.cloudflare.com/profile/api-tokens
- Click "Create Token"
- Use "Edit Cloudflare Workers" template (or create custom token)
- Required permissions:
- Account > Workers Scripts > Edit
- Account > Workers KV Storage > Edit
- Account > Workers R2 Storage > Edit
- Account > Cloudflare Pages > Edit
- Zone > DNS > Edit (if using custom domains)
3. **Validate Credentials**
Run validation to verify your API key and check permissions:
```bash
cd ~/.claude/skills/cloudflare-manager
bun scripts/validate-api-key.ts
```
**Expected output**:
```
✅ API key is valid!
ℹ️ Token Status: active
ℹ️ Account: Your Account Name (abc123...)
🔑 Granted Permissions:
✅ Workers Scripts: Edit
✅ Workers KV Storage: Edit
✅ Workers R2 Storage: Edit
```
**Troubleshooting validation**:
- If validation fails with 401/403: Check your API token is correct in `.env`
- If validation fails with network error: Check internet connection
- Use `--no-cache` flag to force fresh validation: `bun scripts/validate-api-key.ts --no-cache`
## Current API Permissions
<!-- PERMISSIONS_START -->
Run `bun scripts/validate-api-key.ts` to populate this section with your current permissions.
<!-- PERMISSIONS_END -->
## Quick Start Guide
### Deploy a Worker Container
To deploy a new worker container sandbox:
```bash
# Using the skill
bun scripts/workers.ts deploy worker-name ./worker-script.js
```
**What happens**:
- Creates new worker container
- Deploys JavaScript/TypeScript code
- Automatically extracts and returns Cloudflare-generated URL (e.g., `https://worker-name.username.workers.dev`)
- Returns worker ID and configuration
**Example conversation**:
```
User: "Set up and deploy a new cloudflare worker container sandbox named 'api-handler' and return the URL"
Claude: [Deploys worker using bun scripts/workers.ts deploy api-handler ./worker.js]
Returns URL: https://api-handler.username.workers.dev
```
**Exit codes**:
- `0`: Success - worker deployed and URL returned
- `1`: Failure - check error message for details
**Performance**: Deployment typically completes in 2-5 seconds
### Create and Use KV Storage
To create a KV namespace and store data:
```bash
# Create namespace
bun scripts/kv-storage.ts create-namespace user-sessions
# Returns: Namespace ID (e.g., abc123def456)
# Save this ID for binding to workers
# Write key-value pair
bun scripts/kv-storage.ts write <namespace-id> "session:user123" '{"userId":"123","token":"abc"}'
# Read value
bun scripts/kv-storage.ts read <namespace-id> "session:user123"
# Returns: {"userId":"123","token":"abc"}
# List all keys (useful for debugging)
bun scripts/kv-storage.ts list-keys <namespace-id>
# Delete a key
bun scripts/kv-storage.ts delete <namespace-id> "session:user123"
```
**Important**: KV storage uses eventual consistency. Writes may take up to 60 seconds to propagate globally. For immediate reads, use the same edge location where you wrote the data.
### Create R2 Bucket and Upload Files
To create an R2 bucket and manage objects:
```bash
# Create bucket
bun scripts/r2-storage.ts create-bucket media-assets
# Upload file
bun scripts/r2-storage.ts upload media-assets ./images/logo.png logo.png
# List objects
bun scripts/r2-storage.ts list-objects media-assets
# Download object
bun scripts/r2-storage.ts download media-assets logo.png ./downloaded-logo.png
```
### Deploy to Cloudflare Pages
To deploy a static site or application to Pages:
```bash
# Create Pages project (or get existing project info)
bun scripts/pages.ts deploy my-app ./dist
# Returns: https://my-app.pages.dev
# Set environment variable
bun scripts/pages.ts set-env my-app API_URL https://api.example.com
# Set environment variable for specific environment
bun scripts/pages.ts set-env my-app DEBUG true --env preview
# Get deployment URL
bun scripts/pages.ts get-url my-app
```
**Auto-extracted URLs**: The Pages script automatically extracts and returns the Cloudflare-generated URL (e.g., `https://my-app.pages.dev`) from the deployment response.
**Note**: The API creates the project structure, but for actual file uploads, you'll need Wrangler CLI:
```bash
bunx wrangler pages deploy ./dist --project-name=my-app
```
**Why this works**: The skill creates/verifies the Pages project and returns the URL. For the initial deployment with files, Wrangler handles the complex multipart upload process.
### Configure DNS and Routes
To create DNS records and configure worker routes:
```bash
# Create DNS A record
bun scripts/dns-routes.ts create-dns example.com A api 192.168.1.1
# Route pattern to worker
bun scripts/dns-routes.ts create-route example.com "*.example.com/api/*" api-handler
```
## Common Workflows
### Multi-Service Setup
To set up a complete application with worker, KV storage, and R2 bucket:
1. **Create KV namespace for caching**
```bash
bun scripts/kv-storage.ts create-namespace app-cache
```
2. **Create R2 bucket for media**
```bash
bun scripts/r2-storage.ts create-bucket app-media
```
3. **Deploy worker with bindings**
```bash
bun scripts/workers.ts deploy app-worker ./worker.js --kv-binding app-cache --r2-binding app-media
```
4. **Configure route**
```basRole-based access control (RBAC) with permissions and policies. Use for admin dashboards, enterprise access, multi-tenant apps, fine-grained authorization, or encountering permission hierarchies, role inheritance, policy conflicts.
100+ animated React components (Aceternity UI) for Next.js with Tailwind. Use for hero sections, parallax, 3D effects, or encountering animation, shadcn CLI integration errors.
shadcn/ui AI chat components for conversational interfaces. Use for streaming chat, tool/function displays, reasoning visualization, or encountering Next.js App Router setup, Tailwind v4 integration, AI SDK v5 migration errors.
Vercel AI SDK v5 for backend AI (text generation, structured output, tools, agents). Multi-provider. Use for server-side AI or encountering AI_APICallError, AI_NoObjectGeneratedError, streaming failures.
Vercel AI SDK v5 React hooks (useChat, useCompletion, useObject) for AI chat interfaces. Use for React/Next.js AI apps or encountering parse stream errors, no response, streaming issues.
Secure API authentication with JWT, OAuth 2.0, API keys. Use for authentication systems, third-party integrations, service-to-service communication, or encountering token management, security headers, auth flow errors.
Creates comprehensive API changelogs documenting breaking changes, deprecations, and migration strategies for API consumers. Use when managing API versions, communicating breaking changes, or creating upgrade guides.
Verifies API contracts between services using consumer-driven contracts, schema validation, and tools like Pact. Use when testing microservices communication, preventing breaking changes, or validating OpenAPI specifications.