From 3f96e6f2617abee013ca051cb4e51ca104764f59 Mon Sep 17 00:00:00 2001 From: John Bargman Date: Wed, 15 Apr 2026 05:05:47 +0000 Subject: docs: add core guideline references to phase execution plan Reference common-infra-strategies.md as core deployment guideline. Add Secrix validation step per §6 operational checklist.--- docs/PHASE_EXECUTION_PLAN.md | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/PHASE_EXECUTION_PLAN.md b/docs/PHASE_EXECUTION_PLAN.md index fcc5cef..7e41a56 100644 --- a/docs/PHASE_EXECUTION_PLAN.md +++ b/docs/PHASE_EXECUTION_PLAN.md @@ -27,7 +27,7 @@ This document defines the three-phase modernization plan for the CrashOverBurn w - Add additional validation steps - Add deployment helper apps -2. **Validate flake builds before deployment** +2. **Validate flake builds before deployment** (per common-infra-strategies.md §6) - `nix flake check` - `nix build .#nixosConfigurations.crash-over-burn-1.config.system.build.toplevel` @@ -37,6 +37,7 @@ This document defines the three-phase modernization plan for the CrashOverBurn w - [ ] **KEEP nixinate** - DO NOT REMOVE - [ ] Verify nixinate configuration in flake.nix (_module.args) +- [ ] Verify Secrix hostPubKey is configured for crash-over-burn-1 - [ ] Test `nix flake check` passes - [ ] Test build produces valid system derivation: `nix build .#nixosConfigurations.crash-over-burn-1.config.system.build.toplevel` - [ ] Add validation app to flake/apps (pre-deploy check) @@ -48,12 +49,14 @@ This document defines the three-phase modernization plan for the CrashOverBurn w - nixinate (existing - KEEP) - nixpkgs (existing) - secrix (existing) +- **common-infra-strategies.md** (core guideline reference) ### Success Criteria - `nix flake check` passes without errors - `nix build .#nixosConfigurations.crash-over-burn-1.config.system.build.toplevel` succeeds -- Deployment via nixinate (nix run .#crash-over-burn-1) works +- Deployment via nixinate works +- Secrix recipients validated: `nix run .#secrix -- -l` --- @@ -176,4 +179,12 @@ Phase 1 ──────────────► Phase 2 ────── - Deployment target: 193.16.42.36 (SSH on port 1108) - Deployment user: commander - State persisted in `/persist/` (per service configs) -- **nixinate is the correct deployment tool - never replace it** \ No newline at end of file +- **nixinate is the correct deployment tool - never replace it** + +--- + +## References + +- **common-infra-strategies.md** - Core guideline for deployment patterns, Secrix integration, and host constructors +- nixinate - Deployment tool (github:DarthPJB/nixinate) +- Secrix - Secrets management (github:platonic-systems/secrix) \ No newline at end of file -- cgit v1.2.3