diff options
Diffstat (limited to 'docs/PHASE_EXECUTION_PLAN.md')
| -rw-r--r-- | docs/PHASE_EXECUTION_PLAN.md | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/docs/PHASE_EXECUTION_PLAN.md b/docs/PHASE_EXECUTION_PLAN.md index fcc5cef..7e41a56 100644 --- a/docs/PHASE_EXECUTION_PLAN.md +++ b/docs/PHASE_EXECUTION_PLAN.md @@ -27,7 +27,7 @@ This document defines the three-phase modernization plan for the CrashOverBurn w - Add additional validation steps - Add deployment helper apps -2. **Validate flake builds before deployment** +2. **Validate flake builds before deployment** (per common-infra-strategies.md §6) - `nix flake check` - `nix build .#nixosConfigurations.crash-over-burn-1.config.system.build.toplevel` @@ -37,6 +37,7 @@ This document defines the three-phase modernization plan for the CrashOverBurn w - [ ] **KEEP nixinate** - DO NOT REMOVE - [ ] Verify nixinate configuration in flake.nix (_module.args) +- [ ] Verify Secrix hostPubKey is configured for crash-over-burn-1 - [ ] Test `nix flake check` passes - [ ] Test build produces valid system derivation: `nix build .#nixosConfigurations.crash-over-burn-1.config.system.build.toplevel` - [ ] Add validation app to flake/apps (pre-deploy check) @@ -48,12 +49,14 @@ This document defines the three-phase modernization plan for the CrashOverBurn w - nixinate (existing - KEEP) - nixpkgs (existing) - secrix (existing) +- **common-infra-strategies.md** (core guideline reference) ### Success Criteria - `nix flake check` passes without errors - `nix build .#nixosConfigurations.crash-over-burn-1.config.system.build.toplevel` succeeds -- Deployment via nixinate (nix run .#crash-over-burn-1) works +- Deployment via nixinate works +- Secrix recipients validated: `nix run .#secrix -- -l` --- @@ -176,4 +179,12 @@ Phase 1 ──────────────► Phase 2 ────── - Deployment target: 193.16.42.36 (SSH on port 1108) - Deployment user: commander - State persisted in `/persist/` (per service configs) -- **nixinate is the correct deployment tool - never replace it**
\ No newline at end of file +- **nixinate is the correct deployment tool - never replace it** + +--- + +## References + +- **common-infra-strategies.md** - Core guideline for deployment patterns, Secrix integration, and host constructors +- nixinate - Deployment tool (github:DarthPJB/nixinate) +- Secrix - Secrets management (github:platonic-systems/secrix)
\ No newline at end of file |