17 lines
438 B
Markdown
17 lines
438 B
Markdown
🥇 Phase 1: Git + Secrets
|
|
|
|
✅ Set up Forgejo VM (NixOS declarative)
|
|
|
|
✅ Set up sops-nix + age keys (can live in the Git repo)
|
|
|
|
✅ Push flake + ansible + secrets to Forgejo
|
|
|
|
✅ Write a basic README with how to rebuild infra
|
|
|
|
🥈 Phase 2: GitOps
|
|
|
|
🔁 Add CI runner VM
|
|
|
|
🔁 Configure runner to deploy (nixos-rebuild or ansible-playbook) on commit
|
|
|
|
🔁 Optional: add webhooks to auto-trigger via Forgejo
|