Fleet Provisioning via Typed RPC
Summary: Expanding the 0x40-0x5F RPC command range with typed provisioning operations instead of tunneling SSH/Ansible over the mesh. Idempotent, declarative operations over LXMF store-and-forward.
Status: Draft — research documented, implementation not started.
Overview
Traditional fleet provisioning tools (Ansible, Salt, Puppet) assume SSH connectivity to target hosts. Styrene’s mesh operates over LXMF, which is delay-tolerant and store-and-forward capable. This document proposes typed RPC commands for provisioning operations that leverage LXMF’s delivery guarantees rather than requiring persistent connections.
Proposed Command Types
Seven new message types in the 0x40-0x5F RPC range:
| Type | Name | Purpose |
|---|---|---|
| 0x48 | CONFIG_PUSH | Push NixOS configuration fragment |
| 0x49 | PACKAGE_ENSURE | Ensure Nix packages are installed |
| 0x4A | SERVICE_STATE | Set systemd service state (start/stop/enable/disable) |
| 0x4B | FILE_WRITE | Write file to device (small files only — LXMF size limits) |
| 0x4C | SCRIPT_EXEC | Execute a provisioning script |
| 0x4D | SYSTEM_UPDATE | Trigger nixos-rebuild switch |
| 0x4E | HEALTH_CHECK | Run health check suite, return structured results |
Design Principles
- Idempotent — Every operation can be safely re-sent.
PACKAGE_ENSUREchecks before installing;SERVICE_STATEis a desired-state declaration. - Declarative — Commands describe what, not how. The device’s styrened daemon interprets them against its NixOS configuration.
- Store-and-forward — Commands queued at the LXMF propagation node are delivered when the device comes online. An operator can provision a fleet of offline devices and walk away.
- Per-type authorization — Each command type can require a different authorization tier (e.g.,
HEALTH_CHECKis read-only,SCRIPT_EXECrequires elevated identity).
Ansible Connection Plugin
An Ansible connection plugin could map standard modules to Styrene RPCs:
| Ansible Module | Styrene RPC |
|---|---|
nix_env | PACKAGE_ENSURE |
systemd | SERVICE_STATE |
copy (small files) | FILE_WRITE |
command | SCRIPT_EXEC |
nixos_rebuild | SYSTEM_UPDATE |
This allows operators familiar with Ansible to target Styrene mesh devices without SSH.
Open Questions
- LXMF size limits for FILE_WRITE — Large files need chunking or out-of-band transfer
- Nix-specific operation semantics — How to handle
nixos-rebuildfailures mid-operation - Rollback strategy — NixOS has native rollback; how to expose this via RPC
- Fan-out progress tracking — Batch operations across many devices need aggregated status
- Dry-run mode — Preview what a command would do without executing
References
- wire-protocol-migration — Wire protocol v2 specification
- provisioning-vision — Provisioning architecture
- Reticulum Manual