diff options
Diffstat (limited to 'docs/PHASE_EXECUTION_PLAN.md')
| -rw-r--r-- | docs/PHASE_EXECUTION_PLAN.md | 37 |
1 files changed, 20 insertions, 17 deletions
diff --git a/docs/PHASE_EXECUTION_PLAN.md b/docs/PHASE_EXECUTION_PLAN.md index 4774f94..fcc5cef 100644 --- a/docs/PHASE_EXECUTION_PLAN.md +++ b/docs/PHASE_EXECUTION_PLAN.md @@ -11,7 +11,7 @@ This document defines the three-phase modernization plan for the CrashOverBurn w - Minimal website (static HTML) **Target State:** -- Modernized Nix flake deployment +- Enhanced nixinate deployment with validation - Self-hosted Git hosting (cgit + gitolite) - Full website deployment at nixtaml.tech - Two documented Git repositories @@ -22,12 +22,12 @@ This document defines the three-phase modernization plan for the CrashOverBurn w ### Objectives -1. **Replace nixinate with pure flake deployment** - - Remove nixinate dependency from inputs - - Add deployment helpers per common-infra-strategies.md - - Enable `nixos-rebuild --flake .#<host>` workflow +1. **ENHANCE nixinate deployment** (NOT replace!) + - Retain nixinate - it is the bleeding edge of correct deployment + - Add additional validation steps + - Add deployment helper apps -2. **Validate flake builds** +2. **Validate flake builds before deployment** - `nix flake check` - `nix build .#nixosConfigurations.crash-over-burn-1.config.system.build.toplevel` @@ -35,15 +35,17 @@ This document defines the three-phase modernization plan for the CrashOverBurn w ### Tasks -- [ ] Remove `nixinate` from flake.nix inputs -- [ ] Add `deploy-crash-over-burn-1` app to flake/apps +- [ ] **KEEP nixinate** - DO NOT REMOVE +- [ ] Verify nixinate configuration in flake.nix (_module.args) - [ ] Test `nix flake check` passes -- [ ] Test build produces valid system derivation +- [ ] Test build produces valid system derivation: `nix build .#nixosConfigurations.crash-over-burn-1.config.system.build.toplevel` +- [ ] Add validation app to flake/apps (pre-deploy check) - [ ] Document deployment workflow in docs/deployment.md -- [ ] Create deploy script in docs/scripts/deploy.sh +- [ ] Document nixinate usage and configuration ### Dependencies +- nixinate (existing - KEEP) - nixpkgs (existing) - secrix (existing) @@ -51,7 +53,7 @@ This document defines the three-phase modernization plan for the CrashOverBurn w - `nix flake check` passes without errors - `nix build .#nixosConfigurations.crash-over-burn-1.config.system.build.toplevel` succeeds -- Deployment via `nixos-rebuild --flake .#crash-over-burn-1 --target-host user@host` works +- Deployment via nixinate (nix run .#crash-over-burn-1) works --- @@ -61,7 +63,7 @@ This document defines the three-phase modernization plan for the CrashOverBurn w 1. **Verify cgit + gitolite deployment** - Test cgit web interface at code.crashoverburn.com - - Test git push over SSH to git@cgit.,crashoverburn.com + - Test git push over SSH to git@code.crashoverburn.com - Verify gitolite serves repositories 2. **Create nixtaml repository** @@ -160,10 +162,10 @@ This document defines the three-phase modernization plan for the CrashOverBurn w ``` Phase 1 ──────────────► Phase 2 ──────────────► Phase 3 (Deploy Modernization)│ (Git Hosting) │ (Website) -• Remove nixinate │• Verify cgit │• DNS for nixtaml.tech -• Add deploy helpers │• Create nixtaml │• Configure nginx -• Test flake build │• Create nixtaml-site │• ACME cert -• Document deploy │ │• Deploy hook +• Enhance nixinate │• Verify cgit │• DNS for nixtaml.tech +• Validate builds │• Create nixtaml │• Configure nginx +• Document deploy │• Create nixtaml-site │• ACME cert + │ │• Deploy hook ``` --- @@ -173,4 +175,5 @@ Phase 1 ──────────────► Phase 2 ────── - Secrets are encrypted via age (files in `secrets/`) - Deployment target: 193.16.42.36 (SSH on port 1108) - Deployment user: commander -- State persisted in `/persist/` (per service configs)
\ No newline at end of file +- State persisted in `/persist/` (per service configs) +- **nixinate is the correct deployment tool - never replace it**
\ No newline at end of file |