diff options
author | Evgeny Egorochkin <phreedom@yandex.ru> | 2014-07-20 14:07:46 +0300 |
---|---|---|
committer | Evgeny Egorochkin <phreedom@yandex.ru> | 2014-07-20 14:07:46 +0300 |
commit | 2660e19b73a0b3f0363cd1edb49d161405b805a6 (patch) | |
tree | 2d0212aa9217e66a13edabb606cf8cd399979897 | |
parent | f677e843d5ab27dc67625877c1d442f7b00701db (diff) | |
download | nixlib-2660e19b73a0b3f0363cd1edb49d161405b805a6.tar nixlib-2660e19b73a0b3f0363cd1edb49d161405b805a6.tar.gz nixlib-2660e19b73a0b3f0363cd1edb49d161405b805a6.tar.bz2 nixlib-2660e19b73a0b3f0363cd1edb49d161405b805a6.tar.lz nixlib-2660e19b73a0b3f0363cd1edb49d161405b805a6.tar.xz nixlib-2660e19b73a0b3f0363cd1edb49d161405b805a6.tar.zst nixlib-2660e19b73a0b3f0363cd1edb49d161405b805a6.zip |
Google Compute config: add a unit to wait for the metadata server to become available
-rw-r--r-- | nixos/modules/virtualisation/google-compute-image.nix | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/nixos/modules/virtualisation/google-compute-image.nix b/nixos/modules/virtualisation/google-compute-image.nix index 215ae1468984..9a4d11d550a1 100644 --- a/nixos/modules/virtualisation/google-compute-image.nix +++ b/nixos/modules/virtualisation/google-compute-image.nix @@ -121,12 +121,26 @@ in networking.usePredictableInterfaceNames = false; + systemd.services.wait-metadata-online = { + description = "Wait for GCE metadata server to become reachable"; + wantedBy = [ "network-online.target" ]; + before = [ "network-online.target" ]; + path = [ pkgs.netcat ]; + script = '' + # wait for the metadata server to become available for up to 60 seconds + for counter in {1..30}; do sleep 2 && nc -vzw 2 metadata 80 && break; done + ''; + serviceConfig.Type = "oneshot"; + serviceConfig.RemainAfterExit = true; + }; + systemd.services.fetch-ssh-keys = { description = "Fetch host keys and authorized_keys for root user"; - wantedBy = [ "multi-user.target" ]; + wantedBy = [ "sshd.service" ]; before = [ "sshd.service" ]; - after = [ "network.target" ]; + after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; path = [ pkgs.curl ]; script = @@ -148,7 +162,7 @@ in fi echo "obtaining SSH private host key..." - curl -o /root/ssh_host_ecdsa_key http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key + curl -o /root/ssh_host_ecdsa_key --retry-max-time 60 http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key if [ $? -eq 0 -a -e /root/ssh_host_ecdsa_key ]; then mv -f /root/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key echo "downloaded ssh_host_ecdsa_key" @@ -156,7 +170,7 @@ in fi echo "obtaining SSH public host key..." - curl -o /root/ssh_host_ecdsa_key.pub http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key_pub + curl -o /root/ssh_host_ecdsa_key.pub --retry-max-time 60 http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key_pub if [ $? -eq 0 -a -e /root/ssh_host_ecdsa_key.pub ]; then mv -f /root/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub echo "downloaded ssh_host_ecdsa_key.pub" |