init
This commit is contained in:
Danilo Reyes
16
specs/003-vps-image-migration/research.md
Normal file
16
specs/003-vps-image-migration/research.md
Normal file
@@ -0,0 +1,16 @@
|
||||
# Research: VPS Image Migration
|
||||
|
||||
## Decision 1: Replace deprecated image generator usage
|
||||
|
||||
- **Decision**: Use NixOS's built-in image building workflow (`nixos-rebuild build-image`) for Linode-compatible images.
|
||||
- **Rationale**: The NixOS manual documents `nixos-rebuild build-image` and lists Linode as a supported image target via `image.modules`, indicating the upstream path for image generation.
|
||||
- **Alternatives considered**:
|
||||
- Keep using nixos-generators (rejected due to deprecation and upstream migration).
|
||||
|
||||
## Decision 2: Secure-first secrets bootstrap for vps
|
||||
|
||||
- **Decision**: Use a two-phase bootstrap where the vps generates its own age key on first boot, then the host public key is added as a recipient and secrets are re-encrypted before the second deploy.
|
||||
- **Rationale**: sops-nix supports generating an age key when missing and can use SSH host keys to derive age identities; this avoids embedding private keys in the image or repository.
|
||||
- **Alternatives considered**:
|
||||
- Bake a static age key into the image (rejected for security risk).
|
||||
- Ship a fixed SSH host key in the image (rejected for key reuse across hosts).
|
||||
Reference in New Issue
Block a user