Deploy the BlitzAdmin Zero-Human Pipeline: Step-by-Step Deployment Guide

By /






Deploy BlitzAdmin Zero-Human Pipeline: Step-by-Step Deployment Guide


Deploy the BlitzAdmin Zero-Human Pipeline

From name to live personal brand site — no humans required. Here’s exactly how to deploy every piece.

7
Pipeline Stages
159
Active Sites
4
Deploy Steps Left
Already Complete (done in this session):

  • GoDaddy Production API key created and tested
  • Domain automation script (check, purchase, DNS)
  • BlitzAdmin provisioning API code written
  • MCP connector with 7 WordPress tools
  • Cowork plugin packaged (.plugin file)
  • End-to-end pipeline runner with dry-run mode
  • Build-in-public articles published to LocalServiceSpotlight.com
  • David Carroll’s site fixed (age, dates, content)

Step 1: Store API Credentials Securely

The pipeline needs three sets of credentials. Store them as environment variables on whatever machine or Lambda runs the automation.

GoDaddy Production API

export GODADDY_API_KEY="38aPUJWNWw_MNWUGXju6gsmRqJf3P5WkH"
export GODADDY_API_SECRET="Ho9mX3taRZvkzbSJ6cq68J"

These are your Production keys. They work against api.godaddy.com (not OTE). Tested and confirmed: domain availability, domain listing, DNS record read/write all operational.

Action: Add these to AWS Systems Manager Parameter Store or your .env file on the server that runs the pipeline. For Lambda, use environment variables in the function configuration.

BlitzAdmin Dashboard Token

export BLITZADMIN_TOKEN="<id_token from blitzadmin.com localStorage>"

This token expires periodically. For long-running automation, you’ll want to either refresh it programmatically (the Cognito auth flow) or replace it with a dedicated API key on your BlitzAdmin backend.

Future improvement: Add a /api/auth endpoint to BlitzAdmin that accepts API key + secret and returns a token. This eliminates the manual token refresh.

WordPress Application Passwords

Each site gets its own app password (created by the pipeline automatically). The existing two:

Domain Username App Password
thedavidcarroll.com admin FR0U V5S3 VIRl qSOq AV8t JgO4
localservicespotlight.com admin 3fZa eGK1 qtRD UqN4 ga9E mN3S

Step 2: Deploy Provisioning API Enhancement

The provisioning API code adds three endpoints to your existing BlitzAdmin Lambda. This is the piece that lets the pipeline create new WordPress sites programmatically instead of manually through the dashboard.

Files to deploy

File What it does
provision_endpoint.py Lambda handler: POST /api/provision, GET /api/sites/{domain}/credentials, POST /api/sites/{domain}/app-password
retrofit_fleet.py One-time script: creates app passwords for all 159 active sites

How to deploy

# 1. Add the provision routes to your existing Lambda handler
#    (merge provision_endpoint.py into your main handler)

# 2. Add DynamoDB permissions if not already present:
#    - dynamodb:PutItem on your sites table
#    - dynamodb:GetItem, dynamodb:Scan

# 3. Deploy via your existing CI/CD or:
cd blitzadmin-api-changes
zip -r provision.zip provision_endpoint.py
aws lambda update-function-code \
  --function-name BlitzAdminAPI \
  --zip-file fileb://provision.zip

# 4. Test:
curl -X POST https://o4jpg3n2gd.execute-api.us-east-1.amazonaws.com/Prod/api/provision \
  -H "Authorization: $BLITZADMIN_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"domain": "test-site.com", "person_name": "Test Person"}'
Important: The provisioning endpoint creates real WordPress installations on your server. Test with a throwaway domain first. The --dry-run flag on the pipeline runner skips this step.

Step 3: Retrofit Existing Fleet

Your 159 active sites need Application Passwords so the MCP connector can manage them. Run the retrofit script once:

# Dry run first (shows what would happen, doesn't create passwords)
BLITZADMIN_TOKEN="$TOKEN" python3 blitzadmin_provision.py retrofit --dry-run

# Then for real
BLITZADMIN_TOKEN="$TOKEN" python3 blitzadmin_provision.py retrofit

# Results are saved to app_passwords.json

This script logs into each site’s wp-admin using the credentials stored in BlitzAdmin, extracts the REST nonce from the profile page, and creates an application password via the WordPress REST API with cookie authentication.

Expected time: about 3-5 minutes for 159 sites (1 second rate-limit between sites).

Step 4: Install the Cowork Plugin

The blitzadmin-wordpress.plugin file gives Claude direct access to all your sites through the MCP connector. To install:

# Option A: Drop the .plugin file into your Claude Code plugins directory
# (exact path depends on your setup)

# Option B: Install the MCP connector standalone
cd blitzadmin_mcp_connector
npm install @modelcontextprotocol/sdk
BLITZ_API_URL="https://o4jpg3n2gd.execute-api.us-east-1.amazonaws.com/Prod" \
BLITZ_TOKEN="$TOKEN" \
node blitzadmin_mcp_connector.js

Once installed, Claude can run commands like:

# In Cowork mode:
/list-sites              → See all 159 sites
/site-audit domain.com   → Full audit of any site
/publish-content         → Publish to any site

Run the Pipeline

With everything deployed, launching a new site is one command:

# Single site
GODADDY_API_KEY="..." GODADDY_API_SECRET="..." BLITZADMIN_TOKEN="..." \
python3 blitzadmin_pipeline.py launch "John Smith" johnsmith.com

# Batch (CSV with name,domain per line)
python3 blitzadmin_pipeline.py batch people.csv

# Check status of any domain
python3 blitzadmin_pipeline.py status johnsmith.com

What the pipeline does (7 stages)

# Stage What happens Time
1 DOMAIN Check availability via GoDaddy API, purchase if available 3-5s
2 DNS Set A record → 34.199.192.119, www CNAME, verify propagation 30s-5min
3 PROVISION Create WordPress site via BlitzAdmin provisioning API 30-60s
4 AUTH Login to wp-admin, create Application Password via REST API 5-10s
5 CONTENT Set site title, tagline, create About page from template 3-5s
6 SEO Configure Rank Math Person schema, sitemap settings 2-3s
7 VERIFY Smoke test: homepage, REST API, SSL, sitemap 5-10s

Total time per site: approximately 2-5 minutes, depending on DNS propagation.

Architecture Reference

┌─────────────┐     ┌──────────────┐     ┌─────────────────┐
│  Pipeline    │────▶│  GoDaddy API │────▶│  Domain + DNS   │
│  Runner      │     └──────────────┘     └─────────────────┘
│              │
│  (Python)    │     ┌──────────────┐     ┌─────────────────┐
│              │────▶│  BlitzAdmin  │────▶│  WordPress Site  │
│              │     │  API         │     │  (34.199.192.119)│
│              │     └──────────────┘     └─────────────────┘
│              │                                    │
│              │     ┌──────────────┐               │
│              │────▶│  WP REST API │───────────────┘
│              │     │  (per site)  │
└─────────────┘     └──────────────┘
       │
       ▼
┌─────────────┐     ┌──────────────┐
│  MCP Server  │────▶│  Claude/     │
│  (Node.js)   │     │  Cowork      │
└─────────────┘     └──────────────┘

Files Delivered

File Purpose
blitzadmin_pipeline.py End-to-end pipeline runner (launch, status, batch)
godaddy_automation.py GoDaddy domain + DNS automation
blitzadmin_provision.py BlitzAdmin provisioning + fleet retrofit
blitzadmin_mcp_connector.js MCP server (7 WordPress tools for Claude)
blitzadmin-wordpress.plugin Cowork plugin package
blitzadmin-api-changes/provision_endpoint.py Lambda provisioning API code
blitzadmin-api-changes/retrofit_fleet.py Fleet retrofit script

What’s Next

The pipeline handles the mechanical work. The next layer is content intelligence — giving Claude enough context about each person to generate a compelling, unique personal brand site automatically. That means feeding in LinkedIn profiles, bios, headshots, and letting Claude craft the content through the MCP connector.

The factory is built. Now you feed it names.

Published as part of the BlitzAdmin build-in-public series. Built with Claude in a single Cowork session.


Scroll to Top