ReddRadar
Agent skill
dns
Cloudflare DNS and infrastructure management. Manage DNS records, tunnels, Access policies, SSL certificates, and CDN caching.
Install this agent skill to your Project
npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/dns
SKILL.md
DNS & Cloudflare Skill
Manage Cloudflare DNS, tunnels, Access, and CDN configuration.
Usage
/dns # Show DNS status for current project domains
/dns list # List all DNS records for project domain
/dns add <subdomain> <type> <value> # Add DNS record
/dns update <subdomain> <type> <value> # Update DNS record
/dns delete <subdomain> <type> # Delete DNS record
/dns ssl-status # Check SSL certificate status
/dns purge [path] # Purge Cloudflare cache
/dns tunnel status # Check Cloudflare Tunnel status
/dns access list # List Access applications
DNS Management
List Records
# Using wrangler CLI
wrangler dns list ${DOMAIN}
# Or using Cloudflare API
curl -X GET "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records" \
-H "Authorization: Bearer ${CF_API_TOKEN}" \
-H "Content-Type: application/json"
Add/Update Records
# Add A record (proxied through Cloudflare)
wrangler dns create ${DOMAIN} A staging --content ${IP} --proxied
# Add CNAME record
wrangler dns create ${DOMAIN} CNAME api --content ${TARGET} --proxied
# Update existing record
wrangler dns update ${DOMAIN} A staging --content ${NEW_IP}
Delete Records
# Delete specific record
wrangler dns delete ${DOMAIN} A staging
SSL Certificate Management
# Check certificate expiry
echo | openssl s_client -servername ${DOMAIN} -connect ${DOMAIN}:443 2>/dev/null | \
openssl x509 -noout -dates
# Force SSL renewal (via Cloudflare dashboard or API)
# Cloudflare auto-renews Universal SSL certificates
Cloudflare Tunnel
# List tunnels
cloudflared tunnel list
# Create new tunnel
cloudflared tunnel create ${TUNNEL_NAME}
# Route DNS to tunnel
cloudflared tunnel route dns ${TUNNEL_NAME} ${SUBDOMAIN}.${DOMAIN}
# Check tunnel status on VPS
ssh ${USER}@${HOST} "sudo systemctl status cloudflared"
# View tunnel logs
ssh ${USER}@${HOST} "sudo journalctl -u cloudflared -n 50"
Cloudflare Access (Zero-Trust)
# List Access applications
wrangler access list-apps
# Create Access application (usually via dashboard)
# - Set application name
# - Set domain (e.g., seq.tribevibe.events)
# - Configure identity providers (email, GitHub, etc.)
# - Set session duration
# After Access is configured, nginx needs CORS headers:
# add_header Access-Control-Allow-Origin "${ALLOWED_ORIGIN}" always;
# add_header Access-Control-Allow-Credentials "true" always;
Cache Management
# Purge specific URL
wrangler purge https://${DOMAIN}/api/v1/users
# Purge everything for domain
wrangler purge --everything --zone ${ZONE_ID}
# Purge by cache tags (if configured)
wrangler purge --tags "static-assets"
Common Tasks
Setup New Subdomain
# 1. Add DNS record pointing to VPS
wrangler dns create ${DOMAIN} A ${SUBDOMAIN} --content ${VPS_IP} --proxied
# 2. Configure nginx on VPS
ssh ${USER}@${HOST} << 'EOF'
cat > /etc/nginx/sites-available/${SUBDOMAIN}.conf << 'NGINX'
server {
listen 443 ssl;
server_name ${SUBDOMAIN}.${DOMAIN};
location / {
proxy_pass http://localhost:${PORT};
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
NGINX
ln -sf /etc/nginx/sites-available/${SUBDOMAIN}.conf /etc/nginx/sites-enabled/
nginx -t && systemctl reload nginx
EOF
# 3. Verify SSL (Cloudflare provides automatic SSL)
curl -I https://${SUBDOMAIN}.${DOMAIN}
Add Zero-Trust Protection
# 1. Create Access application in Cloudflare dashboard
# 2. Add allowed emails/groups
# 3. Update nginx for CORS (if needed)
# 4. Test authentication flow
Project Domain Lookup
Domains are defined in deployments.registry.json:
{
"projects": {
"tribevibe": {
"environments": {
"production": { "domain": "tribevibe.events" },
"staging": { "domain": "staging.tribevibe.events" }
}
}
}
}
Safety
- NEVER delete production DNS records without backup plan
- ALWAYS verify DNS changes propagate (use dig or nslookup)
- Be aware of DNS propagation delays (up to 48h, usually minutes)
- Cloudflare proxy provides DDoS protection - don't bypass unnecessarily
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
Didn't find tool you were looking for?