cloudflare

Plan mode: If you are planning work, this entire skill is ONE plan step: "Invoke /vibes:cloudflare". Do not decompose the steps below into separate plan tasks.

Deploy to Cloudflare

Prerequisites

1. Cloudflare account with Workers enabled
2. Wrangler CLI installed (

   npm install -g wrangler

   )
3. KV namespace created for registry storage

Quick Deploy

cd skills/cloudflare/worker
npm install
wrangler deploy

Environment Setup

cd skills/cloudflare/worker
npx wrangler secret put CLERK_PEM_PUBLIC_KEY
npx wrangler secret put CLERK_WEBHOOK_SECRET

Deploy Script

node scripts/deploy-cloudflare.js --name myapp --file index.html --clerk-key "pk_test_xxx"

--clerk-key

CLERK_PEM_PUBLIC_KEY

/claim

• Copies index.html to worker's public/
• Copies bundles/*.js (fireproof-vibes-bridge.js + fireproof-clerk-bundle.js)
• Copies assets/ directory (images, icons)
• Runs wrangler deploy

Endpoints

/registry.json

/check/:subdomain

/claim

/webhook

/api/ai/chat

KV Storage

registry

{
  "claims": { "subdomain": { "userId": "...", "claimedAt": "..." } },
  "reserved": ["admin", "api", "www"],
  "preallocated": {}
}

Important: Custom Domain Required for Subdomains

tenant.myapp.username.workers.dev

tenant.myapp.com

?subdomain=

• myapp.username.workers.dev

  → landing page

• myapp.username.workers.dev?subdomain=tenant

  → tenant app

• myapp.username.workers.dev?subdomain=admin

  → admin dashboard

Custom Domain Setup

1. Add domain to Cloudflare (get nameservers from Cloudflare DNS dashboard)
2. Point registrar nameservers to Cloudflare's assigned nameservers
3. Delete conflicting DNS records for the apex domain (A, AAAA, CNAME)
4. Add Custom Domain in Workers & Pages → your worker → Settings → Domains & Routes → Add → Custom Domain (apex: yourdomain.com)
5. Add wildcard CNAME in DNS: Name:

   *

   , Target:

   <worker-name>.<username>.workers.dev

   (Proxied: ON)
6. Add Route in Workers & Pages → your worker → Settings → Domains & Routes → Add → Route:

   *.yourdomain.com/*

• yourdomain.com

  → landing page

• tenant.yourdomain.com

  → tenant app

• admin.yourdomain.com

  → admin dashboard

Required Secrets

CLERK_PEM_PUBLIC_KEY

PERMITTED_ORIGINS

CLERK_WEBHOOK_SECRET

OPENROUTER_API_KEY

useAI()

cd skills/cloudflare/worker
npx wrangler secret put CLERK_PEM_PUBLIC_KEY
# Paste the PEM key (-----BEGIN PUBLIC KEY----- ... -----END PUBLIC KEY-----)

npx wrangler secret put CLERK_WEBHOOK_SECRET
# Paste the webhook signing secret from Clerk dashboard

npx wrangler secret put PERMITTED_ORIGINS
# Enter: https://yourdomain.com,https://*.yourdomain.com

1. Find your Clerk Frontend API URL in Clerk dashboard (e.g.,

   clerk.yourdomain.com

   )
2. Fetch JWKS:

   curl https://clerk.yourdomain.com/.well-known/jwks.json

3. Convert JWK to PEM using Node.js:

const crypto = require('crypto');
const jwk = { /* paste the key from jwks.json */ };
const pem = crypto.createPublicKey({ key: jwk, format: 'jwk' }).export({ type: 'spki', format: 'pem' });
console.log(pem);

Deploy with --name Flag

--name

node scripts/deploy-cloudflare.js --name myapp --file index.html

--name

vibes-registry

AI Features

useAI()

/api/ai/chat

node scripts/deploy-cloudflare.js --name myapp --file index.html --clerk-key "pk_test_xxx" --ai-key "sk-or-v1-your-key"

--ai-key

OPENROUTER_API_KEY

/api/ai/chat

{"error": "AI not configured"}

npx wrangler secret put OPENROUTER_API_KEY --name myapp
# Paste your OpenRouter API key