Cloudflare Wrangler & Pages — Cloudflare工具
v1.1.0[AI辅助] Manage Cloudflare Workers, KV, D1, R2, and secrets using the Wrangler CLI. Use when deploying workers, managing databases, storing objects, or configuring Cl...
by 详细分析 ▾
运行时依赖
版本
Added Pages section: deployment via wrangler + direct API upload, custom domains, DNS gotchas (stale NS records, CLOUDFLARE_ACCOUNT_ID env var requirement)
安装命令 点击复制
技能文档
Manage Cloudflare Workers and associated services via the wrangler CLI.
R2 Configuration
Credentials stored in ~/.openclaw/secrets.json under cloudflare.r2:
{
"cloudflare": {
"apiToken": "",
"r2": {
"accessKeyId": "",
"secretAccessKey": "",
"endpoint": "https://.r2.cloudflarestorage.com",
"bucket": "openclaw"
}
}
}
Lifecycle Rules (auto-删除)
R2 lifecycle rules auto-delete objects after N days. Minimum granularity is 1 day (no hours/minutes).
import boto3
from botocore.config import Configclient = boto3.client("s3", endpoint_url=r2["endpoint"],
aws_access_key_id=r2["accessKeyId"],
aws_secret_access_key=r2["secretAccessKey"],
region_name="auto", config=Config(signature_version="s3v4"))
client.put_bucket_lifecycle_configuration(
Bucket="openclaw",
LifecycleConfiguration={
"Rules": [{
"ID": "auto-delete-uploads",
"Status": "Enabled",
"Filter": {"Prefix": "uploads/"},
"Expiration": {"Days": 1},
}]
}
)
Active rule onopenclawbucket:uploads/→ deleted after 1 day.
Presigned URLs expire in 1 min (no access), objects cleaned up within 24h.
Generate presigned URL (节点.js)
import { S3Client, GetObjectCommand } from "@aws-sdk/client-s3";
import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
import { readFileSync } from "fs";const { cloudflare: { r2 } } = JSON.parse(readFileSync(${process.env.HOME}/.openclaw/secrets.json));
const client = new S3Client({
region: "auto",
endpoint: r2.endpoint,
credentials: { accessKeyId: r2.accessKeyId, secretAccessKey: r2.secretAccessKey },
});
const url = await getSignedUrl(
client,
new GetObjectCommand({ Bucket: r2.bucket, Key: "my-file.txt" }),
{ expiresIn: 600 } // 10 minutes
);
Prerequisites
- 节点.js v20+ 必填
- Install:
npm install -g wrangler或 使用 project-localnpx wrangler - Auth: 令牌 stored 在...中
~/.openclaw/secrets.json在...下cloudflare.apiToken - 到 使用 带有 curl/API calls:
令牌=$(jq -r '.cloudflare.apiToken' ~/.openclaw/secrets.json) - 到 使用 带有 wrangler CLI:
导出 CLOUDFLARE_API_TOKEN=$(jq -r '.cloudflare.apiToken' ~/.openclaw/secrets.json) - 验证:
wrangler whoami
Quick Reference
Workers
# Initialize new worker
wrangler init # Local development
wrangler dev [script]
# Deploy
wrangler deploy [script]
# List deployments
wrangler deployments list
# View deployment
wrangler deployments view [deployment-id]
# Rollback
wrangler rollback [version-id]
# Delete worker
wrangler delete [name]
# Tail logs (live)
wrangler tail [worker]
Secrets
# Add/update secret (interactive)
wrangler secret put # Add secret from stdin
echo "value" | wrangler secret put
# List secrets
wrangler secret list
# Delete secret
wrangler secret delete
# Bulk upload from JSON file
wrangler secret bulk secrets.json
KV (键-值 Store)
# Create namespace
wrangler kv namespace create # List namespaces
wrangler kv namespace list
# Delete namespace
wrangler kv namespace delete --namespace-id
# Put key
wrangler kv key put --namespace-id
# Get key
wrangler kv key get --namespace-id
# Delete key
wrangler kv key delete --namespace-id
# List keys
wrangler kv key list --namespace-id
# Bulk operations (JSON file)
wrangler kv bulk put --namespace-id
wrangler kv bulk delete --namespace-id
D1 (SQL 数据库)
# Create database
wrangler d1 create # List databases
wrangler d1 list
# Database info
wrangler d1 info
# Execute SQL
wrangler d1 execute --command "SELECT FROM users"
# Execute SQL file
wrangler d1 execute --file schema.sql
# Local execution (for dev)
wrangler d1 execute --local --command "..."
# Export database
wrangler d1 export --output backup.sql
# Delete database
wrangler d1 delete
# Migrations
wrangler d1 migrations create
wrangler d1 migrations apply
wrangler d1 migrations list
R2 (对象 Storage)
# Create bucket
wrangler r2 bucket create # List buckets
wrangler r2 bucket list
# Delete bucket
wrangler r2 bucket delete
# Upload object
wrangler r2 object put / --file
# Download object
wrangler r2 object get / --file
# Delete object
wrangler r2 object delete /
Queues
# Create queue
wrangler queues create # List queues
wrangler queues list
# Delete queue
wrangler queues delete
Configuration Files
Wrangler supports both TOML and JSON/JSONC config formats:
wrangler.toml— traditional 格式wrangler.json或wrangler.jsonc— newer, 带有 JSON schema support
⚠️ Important: 如果 both exist, JSON takes precedence. Pick one 格式 到 avoid confusion 在哪里 edits 到 TOML ignored.
JSONC 格式 (带有 schema autocomplete)
{
"$schema": "./node_modules/wrangler/config-schema.json",
"name": "my-worker",
"main": "src/index.ts",
"compatibility_date": "2024-12-30"
}
TOML 格式
name = "my-worker"
main = "src/index.ts"
compatibility_date = "2024-12-30"
With bindings:
name = "my-worker"
main = "src/index.ts"
compatibility_date = "2024-12-30"# KV binding
[[kv_namespaces]]
binding = "MY_KV"
id = "xxx"
# D1 binding
[[d1_databases]]
binding = "DB"
database_name = "my-db"
database_id = "xxx"
# R2 binding
[[r2_buckets]]
binding = "BUCKET"
bucket_name = "my-bucket"
# Environment variables
[vars]
API_URL = "https://api.example.com"
# Secrets (set via wrangler secret put)
# Referenced as env.SECRET_NAME in worker code
Static assets (for frameworks like Next.js):
name = "my-site"
main = ".open-next/worker.js"
compatibility_date = "2024-12-30"
compatibility_flags = ["nodejs_compat"][assets]
directory = ".open-next/assets"
binding = "ASSETS"
Common Patterns
Deploy 带有 environment
wrangler deploy -e production
wrangler deploy -e staging
Custom domain (通过 dashboard 或 API)
Custom domains must be configured in the Cloudflare dashboard under Worker Settings > Domains & Routes, or via the Cloudflare API. Wrangler doesn't directly manage custom domains.
Local development 带有 bindings
# Creates local D1/KV/R2 for dev
wrangler dev --local
Checking deployment status
wrangler deployments list
wrangler deployments view
Pages (Static Sites)
Deploy 通过 Wrangler CLI
# IMPORTANT: wrangler pages deploy requires BOTH env vars
export CLOUDFLARE_API_TOKEN=$(jq -r '.cloudflare.apiToken' ~/.openclaw/secrets.json)
export CLOUDFLARE_ACCOUNT_ID=b4c7ead049e93e5c5d1c4f4415864c8anpx wrangler pages deploy dist --project-name=my-project
⚠️--account-idflag does NOT exist forwrangler pages deploy— you must use theCLOUDFLARE_ACCOUNT_IDenv var. The--project-nameflag is enough alongside env vars.
创建 Pages project 通过 API
TOKEN=$(jq -r '.cloudflare.apiToken' ~/.openclaw/secrets.json)
curl -s -X POST "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/pages/projects" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"name":"my-project","production_branch":"main"}'
添加 custom domain 到 Pages project
curl -s -X POST "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/pages/projects/my-project/domains" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"name":"example.com"}'
设置 production deployment
curl -s -X PATCH "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/pages/projects/my-project" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"production_deployment": ""}'
DNS 对于 custom domain
- Root domain 必须 CNAME pointing 到
.pages.dev - 如果 zone 已经 在...上 Cloudflare, Pages auto-validates ownership 通过 HTTP
- Common gotcha: stale NS records 从 旧的 registrar (e.g. GoDaddy) 可能 appear 在...中 zone 但是 don't affect routing — 它们 可以 safely deleted
- Check actual nameservers 带有
dig NS 示例.com +short— 应该 show.ns.cloudflare.com
Pages API — Direct 上传 (没有 wrangler)
If wrangler auth fails (e.g. zone-scoped token), use multipart form upload directly:import hashlib, json, mimetypes, requests
from pathlib import PathTOKEN = "..."
ACCOUNT_ID = "..."
PROJECT = "my-project"
DIST = Path("./dist")
headers = {"Authorization": f"Bearer {TOKEN}"}
files_list = sorted([f for f in DIST.rglob("") if f.is_file()])
manifest = {}
file_map = {}
for f in files_list:
rel = "/" + str(f.relative_to(DIST))
content = f.read_bytes()
h = hashlib.sha256(content).hexdigest()
manifest[rel] = h
file_map[h] = (f, content)
# Part names = file SHA256 hashes; manifest is a separate JSON part
multipart = [("manifest", (None, json.dumps(manifest), "application/json"))]
for h, (f, content) in file_map.items():
mime = mimetypes.guess_type(str(f))[0] or "application/octet-stream"
multipart.append((h, (f.name, content, mime)))
resp = requests.post(
f"https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/pages/projects/{PROJECT}/deployments",
headers=headers,
files=multipart,
)
print(resp.json()["result"]["url"])
什么 Wrangler 做 不 做
- DNS management — 使用 Cloudflare dashboard 或 API 对于 DNS records
- Custom domains — Configure 通过 dashboard (工作者 Settings > Domains & Routes) 或 API
- SSL certificates — Managed automatically 由 Cloudflare 当...时 custom domains added
- Firewall/WAF rules — 使用 dashboard 或 API
For DNS/domain management, see the cloudflare skill (uses Cloudflare API directly).
Troubleshooting
| Issue | Solution |
|---|---|
| "Not authenticated" | Run wrangler login |
| Node version error | Requires Node.js v20+ |
| "No config found" | Ensure config file exists (wrangler.toml or wrangler.jsonc) or use -c path/to/config |
| Config changes ignored | Check for wrangler.json/wrangler.jsonc — JSON takes precedence over TOML |
| Binding not found | Check wrangler.toml bindings match code references |
Resources
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制