feat(marketplace): command consolidation + 8 new plugins (v8.1.0 → v9.0.0) [BREAKING]

Phase 1b: Rename all ~94 commands across 12 plugins to /<noun> <action> sub-command pattern. Git-flow consolidated from 8→5 commands (commit variants absorbed into --push/--merge/--sync flags). Dispatch files, name: frontmatter, and cross-reference updates for all plugins. Phase 2: Design documents for 8 new plugins in docs/designs/. Phase 3: Scaffold 8 new plugins — saas-api-platform, saas-db-migrate, saas-react-platform, saas-test-pilot, data-seed, ops-release-manager, ops-deploy-pipeline, debug-mcp. Each with plugin.json, commands, agents, skills, README, and claude-md-integration. Marketplace grows from 12→20. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 14:52:11 -05:00
parent 5098422858
commit 2d51df7a42
321 changed files with 13582 additions and 1019 deletions
--- a/plugins/ops-deploy-pipeline/skills/caddy-conventions.md
+++ b/plugins/ops-deploy-pipeline/skills/caddy-conventions.md
@@ -0,0 +1,126 @@
+# Caddy Conventions Skill
+
+Caddyfile patterns for reverse proxy configuration in self-hosted environments.
+
+## Subdomain Routing
+
+Each service gets a subdomain of the server hostname:
+
+```caddyfile
+myapp.hotport {
+    reverse_proxy app:8080
+}
+```
+
+For services on non-standard ports:
+```caddyfile
+myapp.hotport {
+    reverse_proxy app:3000
+}
+```
+
+## Reverse Proxy Directives
+
+### Basic Reverse Proxy
+
+```caddyfile
+subdomain.hostname {
+    reverse_proxy container_name:port
+}
+```
+
+### With Health Checks
+
+```caddyfile
+subdomain.hostname {
+    reverse_proxy container_name:port {
+        health_uri /health
+        health_interval 30s
+        health_timeout 10s
+    }
+}
+```
+
+### Load Balancing (Multiple Instances)
+
+```caddyfile
+subdomain.hostname {
+    reverse_proxy app1:8080 app2:8080 {
+        lb_policy round_robin
+    }
+}
+```
+
+## Security Headers
+
+Apply to all sites:
+
+```caddyfile
+(security_headers) {
+    header {
+        X-Content-Type-Options nosniff
+        X-Frame-Options SAMEORIGIN
+        Referrer-Policy strict-origin-when-cross-origin
+        -Server
+    }
+}
+```
+
+Import in site blocks: `import security_headers`
+
+## Rate Limiting
+
+For API endpoints:
+
+```caddyfile
+subdomain.hostname {
+    rate_limit {
+        zone api_zone {
+            key {remote_host}
+            events 100
+            window 1m
+        }
+    }
+    reverse_proxy app:8080
+}
+```
+
+## Docker Network Integration
+
+Caddy must be on the same Docker network as the target service to use container DNS names. The Caddy container needs:
+
+```yaml
+networks:
+  - caddy-network
+  - app-network  # Join each app's network
+```
+
+## CORS Configuration
+
+```caddyfile
+subdomain.hostname {
+    header Access-Control-Allow-Origin "*"
+    header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
+    header Access-Control-Allow-Headers "Content-Type, Authorization"
+
+    @options method OPTIONS
+    respond @options 204
+
+    reverse_proxy app:8080
+}
+```
+
+## Automatic HTTPS
+
+- Caddy provides automatic HTTPS for public domains
+- For local `.hotport` subdomains, use HTTP only (no valid TLS cert)
+- For Tailscale access, consider `tls internal` for self-signed certs
+
+## File Server (Static Assets)
+
+```caddyfile
+files.hotport {
+    root * /srv/files
+    file_server browse
+}
+```