kickinrad/coolify
plugins/bridgey-deploy/skills/coolify/SKILL.md
Manage agent deployments on Coolify — create services, configure env vars, deploy, view logs, and health checks via the Coolify API. Use when the user mentions Coolify, wants to deploy via Coolify, or manage Coolify services.
development
Updated Apr 17, 2026
$ install --global
skillsauthnpx skillsauth add kickinrad/bridgey coolifyInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 17, 2026, 10:41 AM38.0s1 file scanned
SKILL.md
- name:
- coolify
- description:
- Manage agent deployments on Coolify — create services, configure env vars, deploy, view logs, and health checks via the Coolify API. Use when the user mentions Coolify, wants to deploy via Coolify, or manage Coolify services.
Coolify Integration
Manage agent deployments on Coolify via the API (v1). All connection details are stored in bridgey-deploy.config.json.
First-Use Setup
If bridgey-deploy.config.json doesn't exist or is missing Coolify fields, ask the user:
- Coolify URL — e.g.,
https://coolify.example.com(the Coolify dashboard URL) - API token — generated from Coolify dashboard -> Settings -> API Tokens
Store in bridgey-deploy.config.json:
{
"coolify": {
"url": "https://coolify.example.com",
"token": "stored-via-pass"
}
}
Security: The API token should be fetched via pass — never hardcoded. Suggest: pass insert coolify/api-token
API Reference
Base URL: {coolify_url}/api/v1
Auth header: Authorization: Bearer {token}
Common Operations
List servers
curl -sf -H "Authorization: Bearer {token}" {coolify_url}/api/v1/servers | jq '.[] | {uuid, name, ip}'
List services on a server
curl -sf -H "Authorization: Bearer {token}" {coolify_url}/api/v1/servers/{server_uuid}/resources | jq '.'
Create a new service (Docker Compose)
curl -sf -X POST -H "Authorization: Bearer {token}" -H "Content-Type: application/json" \
{coolify_url}/api/v1/services \
-d '{
"type": "docker-compose",
"name": "agent-{name}",
"server_uuid": "{server_uuid}",
"project_uuid": "{project_uuid}",
"environment_name": "production",
"docker_compose_raw": "<base64-encoded docker-compose.yml>"
}'
Update environment variables
curl -sf -X PATCH -H "Authorization: Bearer {token}" -H "Content-Type: application/json" \
{coolify_url}/api/v1/services/{service_uuid}/envs \
-d '{"key": "BRIDGEY_AGENT_NAME", "value": "{name}", "is_build_time": false}'
Deploy a service
curl -sf -X POST -H "Authorization: Bearer {token}" \
{coolify_url}/api/v1/services/{service_uuid}/deploy
Get service status
curl -sf -H "Authorization: Bearer {token}" \
{coolify_url}/api/v1/services/{service_uuid} | jq '{status, name}'
View deployment logs
curl -sf -H "Authorization: Bearer {token}" \
{coolify_url}/api/v1/services/{service_uuid}/logs | jq '.'
Workflow: Deploy New Agent via Coolify
- List servers -> ask user which one
- List projects -> ask user which one (or create new)
- Read docker-compose template from
${CLAUDE_PLUGIN_ROOT}/skills/deploy/references/docker-compose.yml - Replace placeholders with agent name
- Create service via API
- Set environment variables (BRIDGEY_AGENT_NAME, BRIDGEY_BIND, BRIDGEY_PORT, plus any agent-specific vars)
- Deploy
- Wait for healthy status
- Store Coolify service UUID in
bridgey-deploy.config.json
Workflow: Update Existing Deployment
- Read
bridgey-deploy.config.jsonfor service UUID - Update env vars or docker-compose as needed
- Redeploy
- Verify healthy
Workflow: Health Check
- Get service status via API
- Check container health via SSH (if Tailscale available)
- Check bridgey daemon via
/.well-known/agent.json - Report combined status
Important
- All API calls should use
curlwith-sf(silent, fail on HTTP errors) - Parse responses with
jq - Store service UUIDs in
bridgey-deploy.config.jsonfor future reference - Never expose the API token in logs or output — use
passfor retrieval
Related Skills
kickinrad/bridgey
testing
VerifiedTrustedCommunity
This skill should be used when the user asks to "set up bridgey", "configure bridgey", "initialize bridgey", "bridgey setup", "check bridgey status", "show bridgey agents", "is bridgey running", "bridgey health", "show connected agents", "add a bridgey agent", "connect to another agent", "register a remote agent", "add remote agent", "configure tailscale for bridgey", "scan tailnet for bridgey", or runs `/bridgey:setup`, `/bridgey:status`, `/bridgey:add-agent`, `/bridgey:tailscale-setup`, `/bridgey:tailscale-scan`. Lifecycle surface for the bridgey A2A daemon — first-time setup, health dashboard, remote-agent registration, and Tailscale mesh discovery.
SKILL.mdUpdated May 9, 2026
kickinrad/tailscale-setup
data-ai
VerifiedTrustedCommunity
First-time Tailscale mesh network configuration for bridgey. Updates daemon binding for tailnet access and runs initial peer scan.
SKILL.mdUpdated Apr 17, 2026
kickinrad/tailscale-scan
data-ai
VerifiedTrustedCommunity
Manually scan the Tailscale network for bridgey agents. Shows discovered, new, and removed agents.
SKILL.mdUpdated Apr 17, 2026
kickinrad/status
testing
VerifiedTrustedCommunity
This skill should be used when the user asks to "check bridgey status", "show bridgey agents", "is bridgey running", "bridgey health", "show connected agents", runs "/bridgey:status", or wants to see the state of the bridgey daemon and connected agents.
SKILL.mdUpdated Apr 17, 2026