Launch an app
fly launchDeploy an app
fly deploy
fly deploy --local-only # to only build on the local machineSecrets
Secrets are stored in an encrypted vault. When you set a secret through flyctl, it sends the secret value through our API, which writes to the vault for your specific Fly App. The API servers can only encrypt; they cannot decrypt secret values. Secret values are never logged.
When we launch a Machine for your app, we issue a temporary auth token to the host it runs on. The Fly.io agent on the host uses this token to decrypt your app secrets and inject them into your Machine as environment variables at boot time. When you destroy your Machines, the host environment no longer has access to your app secrets. — Secrets and Fly Apps · Fly Docs
Set a secret
fly secrets set DATABASE_URL=...List a secret
fly secrets listRemove secrets
fly secrets unset MY_SECRET DATABASE_URLCI
- Run
fly launch --no-deployfrom within the project source directory to create a new app and afly.tomlconfiguration file.- Type
yto when prompted to tweak settings and enter a name for the app. Adjust other settings, such as region, as needed. Then click Confirm Settings.- Still in the project source directory, get a Fly API deploy token by running
fly tokens create deploy -x 999999h. Copy the output, including theFlyV1and space at the beginning.- Go to your newly-created repository on GitHub and select Settings.
- Under Secrets and variables, select Actions, and then create a new repository secret called
FLY_API_TOKENwith the value of the token from step 5.- Back in your project source directory, create
.github/workflows/fly.ymlwith these contents: — Continuous Deployment with Fly.io and GitHub Actions · Fly Docs