What We Now Know About BlitzAdmin
After reading Dylan Kirby’s project handoff emails (Sept 2025) and Sam’s documentation, here’s the confirmed technical architecture of the site builder.
Code Repositories (GitLab)
| Repo | Purpose | Tech Stack |
|---|---|---|
| git.adectra.com/blitzmetrics/wordpress-site-builder | The core BlitzAdmin site builder | AWS Lambda, Python, PHP |
| git.adectra.com/blitzmetrics/white-label-dash/white-label-dash-back-end | White-label dashboard backend (credential store, site management) | Python, AWS Lambda |
| git.adectra.com/blitzmetrics/white-label-dash/white-label-dash-front-end | White-label dashboard frontend | Angular |
Tech Stack (Confirmed)
| Layer | Technology | Details |
|---|---|---|
| Compute | AWS Lambda | Serverless functions handle site provisioning |
| Backend | Python + PHP | Lambda functions in Python; WordPress plugins in PHP |
| Frontend (Dashboard) | Angular | White-label dashboard UI |
| Amazon SES | Auto-configured for site form submissions | |
| DNS | Custom nameservers | 4 nameservers provided per site |
| WordPress Theme | Astra / Custom templates | Imported via .wpress template files |
| Page Builder | Elementor | Drag-and-drop page builder |
| SEO | Rank Math Pro | Schema, meta, sitemaps |
| Custom Plugin | Content Factory | Auto-injects client info (social links, Google properties) |
| Custom Plugin | Digital Plumbing | Google Tag Manager integration |
| Migration | All-In-One WP Migration | Template import via .wpress files |
| Domain Registrar | GoDaddy | Primary domain purchasing |
| Hosting (Enterprise) | Flywheel | For high-touch custom builds |
Required Skills for Engineering
From Dylan’s handoff: Must-haves: AWS (esp. Lambda), Python, PHP, WordPress (custom plugins). Nice-to-haves: Angular, Bash, Google & Meta APIs.
Current Process vs. Target Process
How It Works Today (6 Steps, 3 Manual)
| # | Step | Who | Status |
|---|---|---|---|
| 1 | Buy domain on GoDaddy | Human | MANUAL |
| 2 | Submit domain on blitzadmin.com → get 4 nameservers | Human | MANUAL |
| 3 | Update nameservers at GoDaddy | Human | MANUAL |
| 4 | WordPress site auto-provisions (24-48 hrs DNS propagation) | BlitzAdmin | AUTOMATED |
| 5 | Import .wpress template, run find/replace for client name | VA | MANUAL |
| 6 | Populate content pages manually | VA | MANUAL |
Dylan built a CSV bulk upload feature — you provide a CSV of domain names and BlitzAdmin spins them all up within a day with vanilla Twenty Twenty-One theme. This handles steps 2-4 in bulk but still leaves steps 1, 5, and 6 manual.
Target Process (Zero-Human, 6 Steps All Automated)
| # | Step | Who | How |
|---|---|---|---|
| 1 | Purchase domain | Claude | GoDaddy MCP tools (already working) |
| 2 | Point nameservers to BlitzAdmin | Claude | GoDaddy API to update NS records BUILD |
| 3 | Trigger site provisioning | Claude | BlitzAdmin provisioning API MODIFY |
| 4 | Wait for DNS + auto-provision | BlitzAdmin | Already automated |
| 5 | Import template + configure site | Claude | WordPress REST API via MCP connector BUILD |
| 6 | Research person + populate content | Claude | Web search + Ahrefs + WP REST API (partially working) |
The 3 Things We Need to Build
Everything else already exists. These are the only gaps between the current manual process and full automation.
Build 1: GoDaddy DNS Automation
Currently a human logs into GoDaddy, navigates to DNS management, and types in 4 nameservers. This should be a single API call.
Technical Approach
The GoDaddy API has a PUT /v1/domains/{domain}/records/NS endpoint that updates nameserver records. We need to store the GoDaddy API key/secret and the 4 BlitzAdmin nameserver addresses, then expose a Claude tool that calls this endpoint after domain purchase.
# Pseudocode for NS update
def update_nameservers(domain: str):
godaddy_api.put(
f"/v1/domains/{domain}/records/NS",
headers={"Authorization": f"sso-key {API_KEY}:{API_SECRET}"},
json=[
{"data": "ns1.blitzadmin.com", "ttl": 3600}, # Replace with actual NS
{"data": "ns2.blitzadmin.com", "ttl": 3600},
{"data": "ns3.blitzadmin.com", "ttl": 3600},
{"data": "ns4.blitzadmin.com", "ttl": 3600},
]
)Effort: ~2 hours. The GoDaddy MCP already has domain tools — this is just adding nameserver update capability.
Build 2: BlitzAdmin Provisioning API Enhancement
The site builder currently requires a human to submit the domain through the blitzadmin.com UI. We need an API endpoint that does the same thing, plus auto-generates a WordPress application password for Claude to use.
Changes to the Site Builder Codebase
In git.adectra.com/blitzmetrics/wordpress-site-builder:
| Change | Where | What |
|---|---|---|
| Add API endpoint | Lambda function (Python) | New endpoint: POST /api/provision — accepts domain, client name, admin email, template tier. Returns nameservers + site_id |
| Auto-create app password | Post-provisioning hook | After WordPress is installed, run: wp user application-password create blitzadmin “claude-mcp” –porcelain and store the result |
| Store credentials | White-label dashboard backend | Save the app password alongside existing site credentials (the lock icon feature) |
| Add status webhook | Lambda function | Notify Claude when site is ready (DNS propagated + WordPress installed) |
Key Insight: The White-Label Dashboard Already Stores Credentials
Dylan’s system already has a credential store — the white-label dashboard with the “lock icon” that shows site passwords. We don’t need to build a new credential store; we just need to add a column for the application password and expose it via an API endpoint that the MCP connector reads.
# In the white-label-dash-back-end repo
# New Lambda endpoint: GET /api/sites/{domain}/credentials
def get_site_credentials(domain):
"""Returns credentials for MCP connector"""
site = db.get_site(domain)
return {
"site_url": site.url,
"wp_username": site.admin_username,
"app_password": site.application_password, # NEW FIELD
"admin_email": site.admin_email,
"template_tier": site.tier,
"provisioned_date": site.created_at
}Effort: ~1-2 days. This is the biggest change — modifying the Lambda functions and adding the application password generation to the post-provisioning hook. The CSV bulk upload flow should also be updated to generate app passwords.
Build 3: BlitzAdmin MCP Connector (Claude’s Gateway)
A lightweight MCP server that reads credentials from the white-label dashboard and talks to each site’s WordPress REST API. This is what lets Claude create posts, update pages, configure Rank Math schema, and manage content without anyone logging in.
Architecture
┌─────────────┐ ┌──────────────────────┐ ┌─────────────────────┐
│ Claude │────▶│ BlitzAdmin MCP │────▶│ WordPress Site │
│ (Cowork) │ │ Connector │ │ REST API │
│ │◀────│ │◀────│ /wp-json/wp/v2/ │
└─────────────┘ └──────────────────────┘ └─────────────────────┘
│ │
┌─────┴──────┐ ┌────────┴──────────┐
│ White-Label │ │ Rank Math API │
│ Dashboard │ │ /wp-json/rankmath/│
│ (cred store)│ │ Content Factory │
└────────────┘ └───────────────────┘
Flow:
1. Claude calls blitz_create_post("thedavidcarroll.com", ...)
2. MCP connector fetches app_password from White-Label Dashboard API
3. MCP connector calls WordPress REST API with Basic Auth
4. WordPress creates the post and returns successMCP Tools to Expose
| Tool | Endpoint | Priority |
|---|---|---|
| blitz_list_sites | White-Label Dashboard API | P0 |
| blitz_site_status | GET /wp-json/ (check site health) | P0 |
| blitz_create_post | POST /wp-json/wp/v2/posts | P0 |
| blitz_update_post | PUT /wp-json/wp/v2/posts/{id} | P0 |
| blitz_create_page | POST /wp-json/wp/v2/pages | P0 |
| blitz_update_page | PUT /wp-json/wp/v2/pages/{id} | P0 |
| blitz_list_content | GET /wp-json/wp/v2/posts + /pages | P0 |
| blitz_upload_media | POST /wp-json/wp/v2/media | P1 |
| blitz_get_schema | GET /wp-json/rankmath/v1/… | P1 |
| blitz_update_schema | PUT /wp-json/rankmath/v1/… | P1 |
| blitz_update_settings | PUT /wp-json/wp/v2/settings | P1 |
| blitz_get_plugins | GET /wp-json/wp/v2/plugins | P2 |
| blitz_provision_site | POST /api/provision (Build 2) | P1 |
Starter MCP Server Code
// blitzadmin-mcp/index.js
import { Server } from "@modelcontextprotocol/sdk/server/index.js";
import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
const DASHBOARD_API = "https://api.blitzadmin.com"; // White-label dashboard
const DASHBOARD_KEY = process.env.BLITZ_API_KEY;
// Fetch site credentials from the White-Label Dashboard
async function getSiteCredentials(domain) {
const res = await fetch(`${DASHBOARD_API}/api/sites/${domain}/credentials`, {
headers: { "Authorization": `Bearer ${DASHBOARD_KEY}` }
});
if (!res.ok) throw new Error(`Site ${domain} not found`);
return res.json(); // { site_url, wp_username, app_password }
}
// Generic WordPress REST API caller
async function wpApi(domain, method, endpoint, body = null) {
const creds = await getSiteCredentials(domain);
const auth = Buffer.from(
`${creds.wp_username}:${creds.app_password}`
).toString("base64");
const res = await fetch(`${creds.site_url}/wp-json/wp/v2/${endpoint}`, {
method,
headers: {
"Authorization": `Basic ${auth}`,
"Content-Type": "application/json",
},
body: body ? JSON.stringify(body) : undefined,
});
if (!res.ok) throw new Error(`WP API ${res.status}: ${await res.text()}`);
return res.json();
}
// Tool: Create a blog post
async function createPost({ site, title, content, status, categories }) {
const result = await wpApi(site, "POST", "posts", {
title, content, status: status || "draft", categories
});
return `Post created: "${result.title.rendered}"
ID: ${result.id} | URL: ${result.link}
Status: ${result.status}`;
}
// Tool: List all content on a site
async function listContent({ site, type }) {
const endpoint = type === "page" ? "pages" : "posts";
const items = await wpApi(site, "GET", `${endpoint}?per_page=100`);
return items.map(i => ({
id: i.id,
title: i.title.rendered,
status: i.status,
url: i.link,
modified: i.modified
}));
}
// Tool: List all BlitzAdmin sites
async function listSites() {
const res = await fetch(`${DASHBOARD_API}/api/sites`, {
headers: { "Authorization": `Bearer ${DASHBOARD_KEY}` }
});
return res.json();
}
// ... register tools with MCP server frameworkEffort: ~1-2 days for the P0 tools, another 1-2 days for P1/P2. Can be built as a Cowork plugin for easy installation.
Retrofitting Existing Sites (Like thedavidcarroll.com)
For sites already provisioned by BlitzAdmin, we need a one-time operation to generate application passwords so Claude can manage them.
Option A: Batch Script via White-Label Dashboard
If the white-label dashboard has SSH/WP-CLI access to all sites (likely, since it manages them), run this across all sites:
#!/bin/bash
# retrofit-app-passwords.sh
# Run once to generate application passwords for all existing BlitzAdmin sites
SITES=$(curl -s "${DASHBOARD_API}/api/sites" -H "Authorization: Bearer ${API_KEY}" | jq -r '.[].domain')
for site in $SITES; do
echo "Generating app password for $site..."
# SSH into the site's WordPress install and create app password
APP_PASS=$(wp user application-password create blitzadmin "claude-mcp" --porcelain --url="https://$site")
# Store the password in the dashboard
curl -X PUT "${DASHBOARD_API}/api/sites/$site/credentials" \
-H "Authorization: Bearer ${API_KEY}" \
-H "Content-Type: application/json" \
-d "{\"application_password\": \"$APP_PASS\"}"
echo " Done: $site"
doneOption B: One-at-a-Time via wp-admin
For a quick proof of concept on thedavidcarroll.com right now:
1. Log into thedavidcarroll.com/wp-admin (credentials in white-label dashboard lock icon)
2. Go to Users → Profile → Application Passwords
3. Enter name: “claude-mcp” and click Add New Application Password
4. Copy the generated password and share it with me
5. I immediately start creating content via REST API
This lets us prove the content pipeline works today while the engineering work on the provisioning API happens in parallel.
Content Factory Plugin — What It Already Does
BlitzAdmin already has a custom WordPress plugin called Content Factory that auto-injects client information (social links, Google properties). This is important because it means some of the “personalization” step is already partially automated.
What Content Factory Handles
| Feature | Status | Notes |
|---|---|---|
| Social media links in header/footer | Auto | Sometimes needs manual adjustment |
| Google Analytics / GTM integration | Auto | Via Digital Plumbing plugin (Tier 2+) |
| Client name injection | Manual | Currently via Better Search and Replace plugin |
| Page content population | Manual | VA fills in placeholder content |
| Schema/structured data | Manual | Configured in Rank Math per-site |
The MCP connector replaces the manual steps — Claude does the find/replace, content population, and Rank Math configuration via API instead of a VA doing it by hand.
End-to-End: “Build a Site for David Carroll”
Here’s exactly what happens when someone says this to Claude, once all 3 builds are complete:
Step-by-Step Detail
Step 1-2 (Domain): ~2 minutes
Claude: “Let me check domain availability for David Carroll.” Calls domains_suggest(“David Carroll entrepreneur Minneapolis”) and domains_check_availability(“thedavidcarroll.com”). Presents options. On approval, completes purchase.
Step 3 (DNS): ~1 minute
Claude calls the GoDaddy API to update nameservers to BlitzAdmin’s 4 NS records. Confirms change.
Step 4 (Provisioning): ~30 minutes to 48 hours
Claude calls blitz_provision_site which triggers BlitzAdmin’s Lambda function. DNS propagation happens. BlitzAdmin auto-creates the WordPress site, installs all plugins, and generates an application password. Claude gets notified when ready (or polls periodically).
Step 5 (Research): ~5 minutes
While waiting for DNS, Claude runs the full research playbook: web search for media features, podcast appearances, social profiles; Ahrefs for SEO baseline; YouTube for video content. Produces a structured dossier. (We already proved this works — see the David Carroll audit report from this session.)
Step 6 (Content): ~15 minutes
Claude uses the MCP connector to: (a) Update site title and tagline, (b) Create/update About page with full biography from research, (c) Create Press & Media page with publication logos and links, (d) Create Podcast page with embeds, (e) Write and publish 3 SEO-optimized blog posts, (f) Configure Rank Math Person schema with sameAs links, (g) Generate a final report for the team.
Total time: ~25 minutes of Claude work + DNS wait time. Zero human logins.
Template Tiers (From Existing Documentation)
BlitzAdmin has a tiered template system. Each tier determines which plugins and features are installed.
| Feature | Tier 1 (Basic) | Tier 2 (Standard) | Tier 3 (Premium) |
|---|---|---|---|
| WordPress + Astra + Elementor | Yes | Yes | Yes |
| Rank Math Pro | Yes | Yes | Yes |
| Content Factory plugin | Yes | Yes | Yes |
| Amazon SES email | Yes | Yes | Yes |
| Digital Plumbing (GTM) | No | Yes | Yes |
| Google Search Console verification | No | Yes | Yes |
| Custom template design | No | No | Yes |
For the automated pipeline, all personal brand sites should be Tier 2 minimum so they get Digital Plumbing and Search Console verification automatically.
QA Checklist (From Existing Documentation)
These are the quality benchmarks from the existing BlitzMetrics documentation. Claude should verify these after every site build.
| Metric | Target | How Claude Checks |
|---|---|---|
| Pages indexed by Google | 100+ | Google Search Console API via Ahrefs |
| Domain rating | 20+ | Ahrefs domain-rating tool |
| PageSpeed score | 90+ (mobile & desktop) | PageSpeed Insights API |
| Homepage payload | 5 MB or under | WebFetch + size check |
| Admin login URL | NOT /wp-admin | Verified during provisioning |
| Digital Plumbing | Configured | GTM tag verification |
| All software up to date | Latest versions | WP REST API plugins endpoint |
| 404 pages | None | Search Console / Ahrefs crawl |
| Page title matches headline | Yes | WebFetch comparison |
| Meta description = first paragraph | Yes | Rank Math API |
Immediate Next Steps
Today (Proof of Concept)
Dennis: Log into thedavidcarroll.com/wp-admin (credentials should be in the white-label dashboard lock icon — or use access@blitzmetrics.com / jauFoDLbfzhy if it’s the default). Go to Users → Profile → Application Passwords, create one called “claude-mcp”, and share the password with me. I’ll immediately start pushing content.
I need read access to git.adectra.com/blitzmetrics/wordpress-site-builder and white-label-dash-back-end to identify the exact files where I need to add the provisioning API endpoint and application password generation. Share via Git clone, ZIP download, or give me GitLab credentials.
This Week (Build 3 — MCP Connector)
Once I have one working application password (from step 1), I can build and test the full MCP connector. It starts as a hardcoded proof of concept, then evolves to read from the white-label dashboard API once Build 2 is complete.
Next 2 Weeks (Builds 1 & 2)
With repo access, I can write the code changes for: (a) the provisioning API endpoint, (b) application password auto-generation, and (c) the credential store update. I’ll submit these as merge requests for review.
Run the batch script to generate application passwords across all existing BlitzAdmin sites. This is a one-time operation that unlocks Claude management for the entire fleet.
Month 1 (Full Pipeline Live)
Run the complete pipeline from domain purchase to published content. Document any issues. Iterate. Then open it to the team.
Summary
BlitzAdmin already does most of what we need. The site builder auto-provisions WordPress sites, Content Factory auto-injects client info, and the white-label dashboard stores credentials. We only need 3 builds to go from “3 manual steps” to “zero manual steps” — and the hardest one (Build 2) is a modification of existing Lambda code, not a greenfield build.
The fastest path: get one application password working on thedavidcarroll.com today, prove the content pipeline, then build outward.
Sources: Dylan Kirby project handoff (Sept 2025), Sam McLeod documentation, BlitzMetrics personal branding checklist
Architecture Document v2.0 • April 5, 2026