Stats
Actions
Tags
From sre-toolkit
Reference knowledge for operating aaPanel-managed Linux servers with a custom observability stack.
How this skill is triggered — by the user, by Claude, or both
Slash command
/sre-toolkit:sre-patternsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Reference knowledge for operating aaPanel-managed Linux servers with a custom observability stack.
Reference knowledge for operating aaPanel-managed Linux servers with a custom observability stack.
/www/wwwroot/ # web roots (one dir per domain/app)
/www/wwwlogs/ # nginx access + error logs
/www/server/
nginx/
conf/ # global nginx config
vhost/ # per-domain vhosts (aaPanel-managed — do not edit directly)
php/{version}/
etc/ # php-fpm pool configs
var/log/ # php-fpm logs
panel/logs/ # aapanel panel logs
mysql/ # mysql data + logs
Never edit files under vhost/ directly. aaPanel regenerates them on panel operations.
Instead, use includes:
# At the bottom of the vhost file (read-only reference):
# include /www/server/nginx/conf/custom/domain.com.conf;
# Create your changes here — aaPanel will not touch this:
# /www/server/nginx/conf/custom/domain.com.conf
Always verify before reload:
nginx -t && nginx -s reload
aaPanel uses acme.sh for cert management. List certs:
~/.acme.sh/acme.sh --list
Check expiry:
openssl x509 -enddate -noout -in /path/to/cert.pem
If taking ownership of a cert outside aaPanel, disable aaPanel's renewal cron for that domain to prevent conflicts.
Standard pipeline for this environment:
scrape_configs:
- job_name: nginx
static_configs:
- targets: [localhost]
labels:
job: nginx
server: __HOSTNAME__
env: production
__path__: /www/wwwlogs/*.log
- job_name: php-fpm
static_configs:
- targets: [localhost]
labels:
job: php-fpm
server: __HOSTNAME__
env: production
__path__: /www/server/php/*/var/log/*.log
- job_name: aapanel
static_configs:
- targets: [localhost]
labels:
job: aapanel
server: __HOSTNAME__
env: production
__path__: /www/server/panel/logs/*.log
Verify Promtail is shipping:
systemctl status promtail
curl -s localhost:9080/metrics | grep promtail_targets
# All targets UP?
curl -s localhost:9090/api/v1/targets | jq '.data.activeTargets[] | {job: .labels.job, health: .health}'
# Reload config without restart
curl -X POST localhost:9090/-/reload
Apps must use pino, not console.log. Verify:
grep -r "console\.log" /www/wwwroot/app/src --include="*.js" --include="*.ts"
Pino log format expected by Promtail pipeline:
{"level":"info","time":1700000000000,"msg":"request handled","req":{"method":"GET","url":"/api/health"}}
Nginx not reloading:
nginx -t # find syntax error
journalctl -u nginx --since "5m" # check systemd logs
Promtail not shipping logs:
journalctl -u promtail --since "10m"
curl localhost:9080/ready
ls -la /www/wwwlogs/ # check file permissions
High PHP-FPM load:
ps aux | grep php-fpm
cat /www/server/php/*/etc/php-fpm.conf | grep max_children
npx claudepluginhub tiagokrebs/claude-agentic-platform --plugin sre-toolkitTeaches server management principles for production operations: process management, monitoring strategy, log management, scaling decisions, health checks, and security.
Guides Nginx configuration for reverse proxies, SSL/TLS hardening, load balancing strategies, and performance tuning. Useful for proxy_pass, upstream blocks, certbot, gzip, and rate limiting.
Manages VPS for autonomous dev environments: checks status via Supabase queries and health endpoints, connects projects via SSH, provisions new VPS.