Menu
Full deploy pipeline — source detection, hints-driven analysis, project creation, deployment monitoring, and live URL delivery. Load when the user wants to deploy an application.
Reference for all Nixopus API operations callable via nixopus_api(method, path, body)
Generate Caddyfile configurations for static sites and reverse proxies — SPA fallback routing, cache headers, compression, redirects, and error pages. Use when deploying a static site that needs custom Caddy configuration, or when the user needs SPA routing, caching, or redirect rules.
Generate docker-compose.yml for multi-service setups including databases, caches, and service dependencies. Use when the app needs a database, cache, message broker, or has multiple independently deployable services.
Size container memory and CPU limits, diagnose OOM kills and CPU throttling, and recommend resource adjustments by ecosystem. Use when containers are being OOM-killed, running slowly, or when setting initial resource limits for a deployment.
Build and deploy C/C++ applications — CMake, Meson, Ninja, and Dockerfile patterns. Use when deploying a C or C++ project, or when CMakeLists.txt or meson.build is detected.
Run database migrations safely during deployment — framework-specific commands, pre-deploy vs post-deploy timing, health gates, and rollback strategies. Use when the app has a database migration system and needs migrations run during deployment.
| name | deploy-flow |
| description | Full deploy pipeline — source detection, hints-driven analysis, project creation, deployment monitoring, and live URL delivery. Load when the user wants to deploy an application. |
| metadata | {"version":"2.0"} |
If a [sample-app-fast-path] block is injected in the system messages, follow it exactly. Do NOT load this skill or any other skill — the fast path already contains the complete recipe.
Check the user message for a [context] block before calling any tool.
Frontend context block — [Context: Repository "owner/repo" (Language: ..., Branch: ..., Visibility: public|private)]:
load_tool({ toolName: "load_remote_repository" }) (it is a searchable tool), then call load_remote_repository with repoUrl: "https://github.com/owner/repo" and the branch. Do NOT call get_github_repositories or analyze_repository — load_remote_repository already returns hints. Then continue the hints-driven deploy flow (step 2 below). Source and repository are set automatically.[user-context] for the numeric repo ID. If found, use the standard GitHub flow (routing step 1). If not found, ask the user to connect the repo.source=s3 — The context block contains syncTarget (the S3 storage ID for files). It may also contain applicationId if the app already exists.
hints with ecosystem, framework, port, Dockerfile presence, and confidence levels.No context block — Check [user-context] first — it has connectors, repos, apps, servers, and domains pre-loaded. Route from connector access and what the user asked for; do not treat missing GitHub connector as a hard stop if a public git URL can be used instead.
Behavior checklist (routing expectations):
load_remote_repository — it returns hints. Continue the hints-driven deploy flow.https://github.com/org/repo.git — don't use my connected repos", "ignore my GitHub connection and use this public repo link", "use the pasted HTTPS link, not my org's connected repositories".read_skill("github-onboarding") as an alternative — onboarding is not a hard blocker.Routing (no [context] block, no frontend context block):
Connectors/repos available (per [user-context], or refresh with nixopus_api('get_github_repositories') / nixopus_api('get_applications') only if context is clearly stale — e.g. user says they just connected GitHub but [user-context] still shows no connectors; repo/app lists contradict what a fresh call returns; or the user reports an error about a resource that does not appear in context) and the user did not explicitly request deploying from a public git URL (connector bypass — see Case B examples above): standard GitHub flow. Use pre-loaded connector/repo IDs instead of redundant API calls when possible. Then: analyze_repository (returns hints) → use hints to decide config → quick_deploy or createProject + nixopus_api('deploy_project', { id }).
Fallback (connector path failed, URL still viable): If you already chose the standard GitHub flow but a required GitHub/connector step fails (auth, missing repo, permission, transient API error, etc.) and the user's message still contains a valid public HTTPS git clone URL you can use: switch to load_remote_repository with that URL (and branch if given), then continue the hints-driven deploy flow. Prefer this over repeatedly retrying the connector when the public URL is a known-good alternative. Connector-first ordering is unchanged: attempt the connector path first when the rules above apply; only fall back after a real failure.
Connector/repo access missing and the user provided a valid public HTTPS git clone URL (e.g. https://github.com/org/repo.git or https://…/org/repo — not git@… SCP-style, not non-HTTPS schemes): call load_remote_repository with that URL (and branch if the user specified one) — it returns hints. Then continue the hints-driven deploy flow: use hints to decide config, then quick_deploy or createProject / deploy_project.
Connector/repo access missing and no valid public HTTPS git URL is present: ask the user for a public HTTPS clone URL they can share. Optionally mention read_skill("github-onboarding") if they prefer to connect GitHub instead — do not refuse to continue the deploy solely because onboarding was skipped.
A [deploy-patterns] block may be injected with known fixes, pitfalls, and fast paths for the detected ecosystem. When present, check it before diagnosing issues — if a known fix matches, apply it directly instead of re-investigating from scratch.
Load codebase — call ONE of: analyze_repository, load_remote_repository, or load_local_workspace. All three return a hints object. NEVER call more than one for the same repo — they are alternatives, not complements.
load_remote_repository → public repos (loaded via URL). Returns hints + loads workspace for S3 deploy.analyze_repository → connected GitHub repos only (requires numeric repo ID from connectors).load_local_workspace → S3/synced sources (requires syncTarget from context block).Use hints to decide next action:
If hints.isMonorepo is true: read_skill("monorepo-strategy") for service discovery, dependency ordering, and build context strategy.
If hints.hasDockerfile is false: read_skill("dockerfile-generation") and the matching ecosystem skill (e.g. read_skill("node-deploy")). Also read_skill("dockerignore-generation") if hints.hasDockerignore is false. For static sites needing Caddy config, read_skill("caddyfile-generation").
source=s3 after load_local_workspace, or codebase loaded via load_remote_repository from a public HTTPS git URL): Use write_workspace_files to save generated Dockerfile/.dockerignore/etc.write_workspace_files. Use the GitHub tools directly: read_skill("github-workflow") and follow the Fix-via-PR flow (create branch → github_create_or_update_file on that branch → open PR). NEVER push directly to main/master.If the app has database migrations (Prisma, TypeORM, Django, Alembic, etc.): read_skill("database-migration").
Create and deploy (if app doesn't exist):
Monitor deployment — mandatory but lean. Call nixopus_api('get_application_deployments', { id, limit: 1 }) once to get the deployment ID. Then poll nixopus_api('get_deployment_by_id', { deployment_id }) only — do NOT call get_deployment_logs unless the status is failed/error or the user asks. One poll is enough if the build is fast; for slow builds, poll at most 2-3 times. Do NOT call get_application after deploy — you already have the app details from creation.
Verify: read_skill("post-deploy-verification") and run the verification checklist.
Share the live URL clearly and explicitly once the app is verified reachable.
get_github_repositories or [user-context] repos. When deploying via load_remote_repository (public URL flow), do NOT pass repository at all — source and repository are set automatically by the system.