38 lines
1.5 KiB
Markdown
38 lines
1.5 KiB
Markdown
# ECP-0067: Control Transport Resolution And NixOS Control Wiring
|
|
|
|
Status: Draft
|
|
|
|
## Decision
|
|
|
|
Add two pieces on top of ECP-0066:
|
|
|
|
1. `ec-node control-resolve`:
|
|
- resolve a `stream_id` from iroh-gossip control announcements,
|
|
- enforce freshness (`updated_unix_ms` + TTL / max age),
|
|
- choose transport by policy (`direct-first`, `relay-first`, direct-only, relay-only),
|
|
- emit machine-readable JSON for automation.
|
|
|
|
2. Extend the `services.every-channel.ec-node` NixOS module with `control.*` options that map directly to `wt-publish --control-announce` flags.
|
|
|
|
## Motivation
|
|
|
|
We already announce relay/direct transport availability, but consumers and deployment automation still need ad-hoc logic to pick a path. `control-resolve` makes this deterministic and scriptable.
|
|
|
|
For ops, control announcements should be configured as immutable host state in Nix, not hand-managed CLI flags on each machine.
|
|
|
|
## Scope
|
|
|
|
In scope:
|
|
- New `control-resolve` command in `ec-node`.
|
|
- Freshness + transport-preference policy in resolver.
|
|
- NixOS module options for control announce enable/ttl/interval/discovery/identity/peers.
|
|
|
|
Out of scope:
|
|
- Browser-native iroh direct transport.
|
|
- End-to-end automatic failover execution (resolve + launch subscribe) in one command.
|
|
- Cryptographic policy hardening beyond current control-topic trust model.
|
|
|
|
## Rollout / Reversibility
|
|
|
|
- Additive only: existing relay and direct publish/subscribe paths remain unchanged.
|
|
- If needed, disable by not using `control-resolve` and leaving `services.every-channel.ec-node.control.enable = false`.
|