update opencode, add some readme comments for ideas to do

readme.md

@@ -91,6 +91,31 @@ efi   /EFI/Microsoft/Boot/bootmgfw.efi
 
 # TODO
 
+# Nix Infrastructure & Automation Improvements
+
+- [ ] **Replace deployment scripts with [`deploy-rs`](https://github.com/serokell/deploy-rs)** for declarative, hands-off host updates.  
+    Remove manual `deploy_linode`/`deploy_oracle` scripts. Use `deploy-rs` to apply updates across one or all hosts, including remote builds.
+- [ ] **Add `isoImage` outputs for every host for instant USB/boot media creation.**  
+    Use:  
+    ```
+    packages.x86_64-linux.install-iso = nixosConfigurations.<host>.config.system.build.isoImage;
+    ```
+    Then:  
+    ```
+    nix build .#packages.x86_64-linux.install-iso
+    ```
+- [ ] **Document or automate new host bootstrap:**  
+    - Script or steps: boot custom ISO, git clone config, secrets onboarding (agenix), nixos-install with flake config.
+    - Provide an example shell script or README note for a single-command initial setup.
+- [ ] **(Optional) Add an ephemeral “vm-experiment” target for NixOS VM/dev testing.**  
+    - Use new host config with minimal stateful services, then  
+      `nixos-rebuild build-vm --flake .#vm-experiment`
+- [ ] **Remote build reliability:**  
+    - Parametrize/automate remote builder enable/disable.
+    - Add quickstart SSH builder key setup instructions per-host in README.
+    - (Optional) Use deploy-rs's agent forwarding and improve errors if builder can't be reached at deploy time.
+- [ ] **Add [disko](https://github.com/nix-community/disko) to declaratively manage disk/partition creation for new installs and reinstalls.**
+
 - work on secrets pre ragenix, stormd pre install for all the above bootstrapping steps would be ideal
 - reduce home manager, make per user modules support instead
 - Ensure my neovim undohistory/auto saves don't save `.age` files as they can be sensitive.