34 lines
1.7 KiB
Markdown
34 lines
1.7 KiB
Markdown
# DECISIONS — cc-ci Builder
|
||
|
||
Architecture decisions and dead-ends. One line of rationale each. (§0, §8)
|
||
|
||
## Settled
|
||
|
||
- **Wildcard TLS:** operator pre-issues wildcard cert at `/var/lib/ci-certs/live/`; Traefik file
|
||
provider serves it; **no ACME** for commoninternet.net. (Plan §4.0/§8 — fixed.)
|
||
- **Repo:** `git.autonomic.zone/recipe-maintainers/cc-ci`, private. Bot is org admin. (Bootstrap.)
|
||
- **Git credentials:** helper script in repo-local git config sources `/srv/cc-ci/.testenv` at call
|
||
time — no secret values stored in `.git/config` or commits.
|
||
|
||
## Open (defaults from §8, to confirm as reality lands)
|
||
|
||
- **Deploy mechanism:** TBD in M0. Leaning `nixos-rebuild switch --flake` run *on cc-ci itself*
|
||
(repo cloned on host) rather than `--target-host`/deploy-rs from the sandbox, to avoid copying
|
||
large Nix closures over the userspace-tailscaled SOCKS proxy. Atomic-rollback is preserved by
|
||
Nix generations. Will record final choice + rationale when M0 lands.
|
||
- **Webhook scope:** default per-repo via enroll script.
|
||
- **Drone runner type:** default exec (must drive host abra).
|
||
- **Secret tool:** default sops-nix.
|
||
- **D10 recipe set:** lock six early. Candidates favouring already-mirrored: custom-html (simple),
|
||
cryptpad (stateful no-DB), keycloak (SSO/DB), matrix-synapse (DB+media), lasuite-docs (multi+S3),
|
||
bluesky-pds (TLS-passthrough) — covers all five categories. Confirm during M4–M6.5.
|
||
|
||
## Risks
|
||
|
||
- **Disk:** cc-ci has only ~3.8 GiB free on an 8.9 GiB root. Multiple recipe images + volumes may
|
||
exhaust it during M6.5 breadth. Mitigation: aggressive teardown + image prune; if insufficient,
|
||
request operator grow the VM disk (Incus, recreatable per the incus skill). Not yet blocking.
|
||
|
||
## Dead-ends
|
||
- (none yet)
|