From sre-toolkit
Reference knowledge for operating aaPanel-managed Linux servers with a custom observability stack.
npx claudepluginhub tiagokrebs/claude-agentic-platform --plugin sre-toolkitThis skill uses the workspace's default tool permissions.
Reference knowledge for operating aaPanel-managed Linux servers with a custom observability stack.
Generates design tokens/docs from CSS/Tailwind/styled-components codebases, audits visual consistency across 10 dimensions, detects AI slop in UI.
Records polished WebM UI demo videos of web apps using Playwright with cursor overlay, natural pacing, and three-phase scripting. Activates for demo, walkthrough, screen recording, or tutorial requests.
Delivers idiomatic Kotlin patterns for null safety, immutability, sealed classes, coroutines, Flows, extensions, DSL builders, and Gradle DSL. Use when writing, reviewing, refactoring, or designing Kotlin code.
Reference knowledge for operating aaPanel-managed Linux servers with a custom observability stack.
/www/wwwroot/ # web roots (one dir per domain/app)
/www/wwwlogs/ # nginx access + error logs
/www/server/
nginx/
conf/ # global nginx config
vhost/ # per-domain vhosts (aaPanel-managed — do not edit directly)
php/{version}/
etc/ # php-fpm pool configs
var/log/ # php-fpm logs
panel/logs/ # aapanel panel logs
mysql/ # mysql data + logs
Never edit files under vhost/ directly. aaPanel regenerates them on panel operations.
Instead, use includes:
# At the bottom of the vhost file (read-only reference):
# include /www/server/nginx/conf/custom/domain.com.conf;
# Create your changes here — aaPanel will not touch this:
# /www/server/nginx/conf/custom/domain.com.conf
Always verify before reload:
nginx -t && nginx -s reload
aaPanel uses acme.sh for cert management. List certs:
~/.acme.sh/acme.sh --list
Check expiry:
openssl x509 -enddate -noout -in /path/to/cert.pem
If taking ownership of a cert outside aaPanel, disable aaPanel's renewal cron for that domain to prevent conflicts.
Standard pipeline for this environment:
scrape_configs:
- job_name: nginx
static_configs:
- targets: [localhost]
labels:
job: nginx
server: __HOSTNAME__
env: production
__path__: /www/wwwlogs/*.log
- job_name: php-fpm
static_configs:
- targets: [localhost]
labels:
job: php-fpm
server: __HOSTNAME__
env: production
__path__: /www/server/php/*/var/log/*.log
- job_name: aapanel
static_configs:
- targets: [localhost]
labels:
job: aapanel
server: __HOSTNAME__
env: production
__path__: /www/server/panel/logs/*.log
Verify Promtail is shipping:
systemctl status promtail
curl -s localhost:9080/metrics | grep promtail_targets
# All targets UP?
curl -s localhost:9090/api/v1/targets | jq '.data.activeTargets[] | {job: .labels.job, health: .health}'
# Reload config without restart
curl -X POST localhost:9090/-/reload
Apps must use pino, not console.log. Verify:
grep -r "console\.log" /www/wwwroot/app/src --include="*.js" --include="*.ts"
Pino log format expected by Promtail pipeline:
{"level":"info","time":1700000000000,"msg":"request handled","req":{"method":"GET","url":"/api/health"}}
Nginx not reloading:
nginx -t # find syntax error
journalctl -u nginx --since "5m" # check systemd logs
Promtail not shipping logs:
journalctl -u promtail --since "10m"
curl localhost:9080/ready
ls -la /www/wwwlogs/ # check file permissions
High PHP-FPM load:
ps aux | grep php-fpm
cat /www/server/php/*/etc/php-fpm.conf | grep max_children