From railway
Railway Terraform provider expert for awfixersites — manage Railway projects, services, Postgres, volumes, variables, and custom domains for off-Vercel infrastructure. Use when writing railway_* resources, infra/backend Railway stack, importing Railway projects, or wiring DATABASE_URL into Vercel env vars. Triggers on: "railway terraform", "railway provider", "railway postgres", "railway service", "railway import". Use when the user runs /railway:iac.
How this skill is triggered — by the user, by Claude, or both
Slash command
/railway:railway-iacThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Railway hosts **off-Vercel services** — primarily Postgres and future backends
Railway hosts off-Vercel services — primarily Postgres and future backends (Mailgun webhooks, workers). Next.js apps stay on Vercel; Railway URLs flow into Vercel env vars via Terraform outputs.
Already stubbed in infra/backend/main.tf:
terraform {
required_providers {
railway = {
source = "terraform-community-providers/railway"
version = "~> 0.6.2"
}
}
}
provider "railway" {
# RAILWAY_TOKEN env var
}
Auth: export RAILWAY_TOKEN=... from railway.app/account/tokens.
resource "railway_project" "awfixersites" {
name = "awfixersites"
workspace_id = var.railway_workspace_id
default_environment = true
}
resource "railway_service" "postgres" {
project_id = railway_project.awfixersites.id
name = "postgres"
source_image = "ghcr.io/railwayapp-templates/postgres-ssl:16"
}
Output Railway connection strings and reference in vercel_project_environment_variable:
output "auth_database_url" {
value = railway_variable.auth_db_url.value
sensitive = true
}
resource "vercel_project_environment_variable" "auth_db" {
project_id = vercel_project.auth.id
key = "PRISMA_DATABASE_URL"
value = railway_variable.auth_db_url.value
target = ["production"]
sensitive = true
}
See railway-vercel-wiring skill for the full matrix.
| Database | Serves | Vercel project |
|---|---|---|
| IdP Postgres | users, passkeys, OAuth registry | awfixersites-auth-app |
| Per-app session DB | local OAuth client sessions | each awfixersites-<app> |
| App DBs | enlistments, donations, etc. | careers, donate, etc. |
Canonical var: PRISMA_DATABASE_URL via packages/env and packages/auth/src/prisma.ts.
cd infra/backend
terraform import railway_project.awfixersites <project_id>
terraform import railway_service.postgres <service_id>
Find IDs: Railway dashboard → project settings, or:
railway status
railway list
After import, run terraform plan until drift is minimal.
cd infra/backend
terraform init
terraform fmt -recursive ../..
terraform validate
terraform plan -out=tfplan
# Review plan carefully, then:
terraform apply tfplan
DATABASE_URL without a migration plansensitive = truedocs/auth-deployment.md requires isolationterraform plan before apply — watch for destructive volume replacesrailway-vercel-wiring — cross-provider env var patternsrailway-cli — ad-hoc discovery and debugging.grok/skills/terraform-iac/Docs: https://registry.terraform.io/providers/terraform-community-providers/railway/latest/docs
npx claudepluginhub awfixers-stuff/plugins --plugin railwayGenerates brand assets: logos (55+ styles, Gemini AI), CIP mockups, HTML slides (Chart.js), banners (22 styles), SVG icons (15 styles), and social media photos. Routes to sub-skills for design tokens and UI styling.