diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index 2ff6c18..526dde9 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -1155,16 +1155,16 @@ "opencode": { "flake": false, "locked": { - "lastModified": 1752162808, - "narHash": "sha256-rfYhlbSiSgpbbJazZf7P+bOiugVO+sYt+xFuYjBcBhY=", + "lastModified": 1752513658, + "narHash": "sha256-FX4dlDOEsKBTucZhzAWI2fUqBffc+UWXW00YpmO2EUs=", "owner": "sst", "repo": "opencode", - "rev": "6e375bef0dfdd49f292d3b4d0ec5268b94bafdac", + "rev": "ba676e7ae095a6e2089b2b061a1ec8f3cffd4e42", "type": "github" }, "original": { "owner": "sst", - "ref": "v0.2.23", + "ref": "v0.3.5", "repo": "opencode", "type": "github" } diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index f87f352..b5270aa 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -9,7 +9,7 @@ ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; - opencode.url = "github:sst/opencode/v0.2.23"; + opencode.url = "github:sst/opencode/v0.3.5"; opencode.flake = false; }; @@ -52,13 +52,13 @@ nixpkgs.overlays = [ (final: prev: { opencode = nixpkgs-unstable.legacyPackages.${prev.system}.opencode.overrideAttrs (old: rec { - version = "0.2.23"; + version = "0.3.5"; src = inputs.opencode; node_modules = old.node_modules.overrideAttrs (nmOld: { - outputHash = "sha256-1ZxetDrrRdNNOfDOW2uMwMwpEs5S3BLF+SejWcRdtik="; + outputHash = "sha256-B/nTDMoADK+okDOROCCTF51GJALVlOMilEGWmLqmixA="; }); tui = old.tui.overrideAttrs (tuiOld: { - vendorHash = "sha256-PRPJlLjzcxKpVSKKLc9fOEh41QZz2AH7vsLb1P5/tvg="; + vendorHash = "sha256-TkY4wVCaZ9JjwPE/K4ThCnxakcQwFmSVgUSYlWU4yiw="; }); }); }) diff --git a/readme.md b/readme.md index 7b2acce..804c598 100644 --- a/readme.md +++ b/readme.md @@ -91,6 +91,31 @@ efi /EFI/Microsoft/Boot/bootmgfw.efi # TODO +# Nix Infrastructure & Automation Improvements + +- [ ] **Replace deployment scripts with [`deploy-rs`](https://github.com/serokell/deploy-rs)** for declarative, hands-off host updates. + Remove manual `deploy_linode`/`deploy_oracle` scripts. Use `deploy-rs` to apply updates across one or all hosts, including remote builds. +- [ ] **Add `isoImage` outputs for every host for instant USB/boot media creation.** + Use: + ``` + packages.x86_64-linux.install-iso = nixosConfigurations..config.system.build.isoImage; + ``` + Then: + ``` + nix build .#packages.x86_64-linux.install-iso + ``` +- [ ] **Document or automate new host bootstrap:** + - Script or steps: boot custom ISO, git clone config, secrets onboarding (agenix), nixos-install with flake config. + - Provide an example shell script or README note for a single-command initial setup. +- [ ] **(Optional) Add an ephemeral “vm-experiment” target for NixOS VM/dev testing.** + - Use new host config with minimal stateful services, then + `nixos-rebuild build-vm --flake .#vm-experiment` +- [ ] **Remote build reliability:** + - Parametrize/automate remote builder enable/disable. + - Add quickstart SSH builder key setup instructions per-host in README. + - (Optional) Use deploy-rs's agent forwarding and improve errors if builder can't be reached at deploy time. +- [ ] **Add [disko](https://github.com/nix-community/disko) to declaratively manage disk/partition creation for new installs and reinstalls.** + - work on secrets pre ragenix, stormd pre install for all the above bootstrapping steps would be ideal - reduce home manager, make per user modules support instead - Ensure my neovim undohistory/auto saves don't save `.age` files as they can be sensitive.