summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/PHASE_EXECUTION_PLAN.md3
-rw-r--r--docs/deployment.md53
2 files changed, 55 insertions, 1 deletions
diff --git a/docs/PHASE_EXECUTION_PLAN.md b/docs/PHASE_EXECUTION_PLAN.md
index 7e41a56..f4c8aa6 100644
--- a/docs/PHASE_EXECUTION_PLAN.md
+++ b/docs/PHASE_EXECUTION_PLAN.md
@@ -43,6 +43,7 @@ This document defines the three-phase modernization plan for the CrashOverBurn w
- [ ] Add validation app to flake/apps (pre-deploy check)
- [ ] Document deployment workflow in docs/deployment.md
- [ ] Document nixinate usage and configuration
+- [ ] Validate Secrix recipients: `nix run .#secrix -- -l`
### Dependencies
@@ -56,7 +57,7 @@ This document defines the three-phase modernization plan for the CrashOverBurn w
- `nix flake check` passes without errors
- `nix build .#nixosConfigurations.crash-over-burn-1.config.system.build.toplevel` succeeds
- Deployment via nixinate works
-- Secrix recipients validated: `nix run .#secrix -- -l`
+- Secrix recipients validated
---
diff --git a/docs/deployment.md b/docs/deployment.md
new file mode 100644
index 0000000..3438301
--- /dev/null
+++ b/docs/deployment.md
@@ -0,0 +1,53 @@
+# Deployment Documentation for CrashOverBurn Web Server
+
+## Overview
+
+This document outlines the deployment process for the CrashOverBurn web server to the target host `crash-over-burn-1` at IP address `193.16.42.36`.
+
+## Prerequisites
+
+- Nix with flakes enabled
+- SSH access to the target host
+- Secrix keys configured
+
+## Deployment Commands
+
+### Validate
+```
+nix flake check --option builders ''
+```
+
+### Build
+```
+nix build .#nixosConfigurations.crash-over-burn-1.config.system.build.toplevel --option builders ''
+```
+
+### Deploy via nixinate
+```
+nix run .#crash-over-burn-1
+```
+
+## Secrix Commands
+
+### Validate recipients
+```
+nix run .#secrix -- -l
+```
+
+### Encrypt a new secret
+```
+nix run .#secrix encrypt ./secrets/<path> -- --all-users -s crash-over-burn-1
+```
+
+## Post-Deployment
+
+- Verify services are running
+- Check logs: `journalctl -u uwsgi` etc.
+
+## Rollback Procedure
+
+If deployment fails, rollback to the previous system generation by running:
+```
+sudo nixos-rebuild switch --rollback
+```
+on the target host. This will revert to the last known good configuration. \ No newline at end of file