Skip to main content
The stn deploy command provides production-ready deployment to multiple platforms with built-in secrets management, persistent storage, and CloudShip integration.

Deployment Targets

Fly.io Deployment

The fastest path to production. Deploys Station with persistent storage, automatic TLS, and global edge distribution.

Quick Deploy

What Gets Deployed

  • Docker image with your agents baked in
  • 3GB persistent volume for database and configs
  • Dedicated IPv4 address
  • Automatic TLS certificate
  • All secrets set via fly secrets

Example Output

Add to Claude Desktop

After deployment, add the MCP endpoint to Claude Desktop:

Fly.io Options

Kubernetes Deployment

Generates production-ready Kubernetes manifests or deploys directly to your cluster.

Generate Manifests

Deploy to Cluster

Generated Resources

  • Deployment - Station container with agents
  • Service - ClusterIP for internal access
  • Secret - API keys and CloudShip credentials
  • PersistentVolumeClaim - Database and config storage
  • ConfigMap - Environment configuration

Runtime Secrets

For production, use runtime secrets instead of baking them into manifests:
See Secrets Management below.

Ansible Deployment

Deploys Station to any Linux server via SSH. Generates an Ansible playbook that:
  • Installs Docker
  • Pulls the Station image
  • Configures systemd service
  • Sets up persistent storage

Generate Playbook

Deploy to Servers

Inventory Configuration

The generated inventory.ini:

Manual Playbook Run

Verify Deployment

After deployment, verify Station is running:

Secrets Management

Station supports runtime secrets fetching from external secret stores. Instead of baking secrets into deployment configs, the container fetches them at startup.
Runtime secrets loading requires Station v0.24.9+ which includes AWS CLI in the container image. The container fetches secrets at startup before the Station process begins serving requests.

Supported Backends

AWS SSM Parameter Store

Store secrets as SSM parameters:
Deploy with SSM backend:
At startup, Station loads all parameters under /station/prod/ and injects them into config:

AWS Secrets Manager

Store secrets as a JSON object:
Deploy:

HashiCorp Vault

Set Vault address and token via environment:

Supported Secret Keys

Station automatically maps these secret keys to configuration: All other secrets are injected as environment variables.

Export Variables

See what secrets your deployment needs:

Bundle-Based Deployment

Deploy directly from CloudShip bundles without a local environment:

CloudShip Integration

When cloudship.enabled: true in your config, deployed Stations automatically:
  • Connect to CloudShip Lighthouse via gRPC
  • Report online status with heartbeats
  • Accept remote agent execution requests
  • Stream telemetry and run data
Configure in deployment:
Or set manually:

Deployment Lifecycle

Update Deployment

Re-run deploy to update with new agents or configuration:

Destroy Deployment

Check Status

Troubleshooting

Fly.io Issues

Kubernetes Issues

Ansible Issues

Secrets Not Loading

Verify the secrets backend is configured:
Verify AWS credentials (for SSM/Secrets Manager):