composable-svelte-deployment_skill

This skill guides production deployment of Composable Svelte SSR apps with Docker and Fly.io, including multi-stage builds, security hardening, and backend
  • TypeScript

0

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill jonathanbelolo/composable-svelte --skill composable-svelte-deployment

  • SKILL.md16.1 KB

Overview

This skill documents production deployment patterns for Composable Svelte SSR applications, focused on Fly.io and Docker-based workflows. It provides concrete Docker multi-stage builds, Fly.io configuration, security hardening, performance tuning, and guidance for integrating Composable Rust backends. The content is actionable and aimed at keeping images small, secure, and production-ready.

How this skill works

It prescribes a 3-stage Docker build (deps → builder → runner) to produce minimal, non-root runtime images and reliable ES module resolution. It shows Vite SSR configuration for separate client and server builds, Fly.io Apps V2 configuration including internal .internal networking to connect to a Rust backend, and runtime safeguards like health checks, secrets validation, and HTTP security headers. It also covers caching, compression, rate limiting, and monitoring for scalable SSR.

When to use it

  • Deploying a Composable Svelte SSR app to Fly.io or any Docker-friendly cloud platform
  • You need <150MB production images with no devDependencies
  • When integrating a Rust backend over Fly.io internal networking (.internal)
  • When you require secure defaults: non-root runtime, CSP, HSTS, and rate limits
  • When you need clear SSR caching and compression strategies for performance

Best practices

  • Use a 3-stage Dockerfile: deps (prod) → builder → runner (minimal, non-root user)
  • Run health checks and validate required secrets at startup; set secrets via Fly CLI, not fly.toml
  • Configure Vite for dual builds (client + server) and don't externalize workspace packages needed at runtime
  • Enable compression (Brotli), response caching (in-memory for single instance, Redis for multi-instance), and code-splitting for heavy components
  • Harden HTTP with strict CSP, HSTS, X-Frame-Options, and per-route rate limiting

Example use cases

  • Build and deploy a single-repository SSR app to Fly.io with private Rust backend via my-backend.internal:8080
  • Package a monorepo: install workspace deps, build core and example packages, then copy only dist and production deps into runner image
  • Local workflow: build Docker image, run with COMPOSABLE_RUST_BACKEND_URL pointing to localhost for integration testing, validate /health
  • Scale on Fly.io: start with min memory 512mb, then scale horizontally or vertically and enable auto_scaling for traffic-driven scaling

FAQ

Use the 3-stage build pattern, install production dependencies only in the deps stage, remove source maps, and use an Alpine base with a non-root user.

Where should I store secrets for Fly deploys?

Never commit secrets in fly.toml. Use fly secrets set to store SESSION_SECRET, JWT_SECRET, and other sensitive values and validate them on app startup.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational