diff options
| author | Dan Peebles <pumpkingod@gmail.com> | 2015-04-10 06:06:52 +0200 |
|---|---|---|
| committer | Dan Peebles <pumpkingod@gmail.com> | 2015-06-11 23:16:35 -0400 |
| commit | 4b758e374e19774509a5c93726d79dde4744a8bc (patch) | |
| tree | 2c527e13b109ae8fee67547a604e0f6f86fb42e3 /nixos | |
| parent | f0753327f00940c9274320f41b76766bbf2b21a3 (diff) | |
| download | nixlib-4b758e374e19774509a5c93726d79dde4744a8bc.tar nixlib-4b758e374e19774509a5c93726d79dde4744a8bc.tar.gz nixlib-4b758e374e19774509a5c93726d79dde4744a8bc.tar.bz2 nixlib-4b758e374e19774509a5c93726d79dde4744a8bc.tar.lz nixlib-4b758e374e19774509a5c93726d79dde4744a8bc.tar.xz nixlib-4b758e374e19774509a5c93726d79dde4744a8bc.tar.zst nixlib-4b758e374e19774509a5c93726d79dde4744a8bc.zip | |
Initial attempt at configuring from EC2 userdata (with input from cstrahan). Now with VM tests!
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/maintainers/scripts/ec2/amazon-base-config.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/virtualisation/amazon-init.nix | 52 | ||||
| -rw-r--r-- | nixos/release.nix | 3 | ||||
| -rw-r--r-- | nixos/tests/ec2.nix | 25 |
4 files changed, 79 insertions, 3 deletions
diff --git a/nixos/maintainers/scripts/ec2/amazon-base-config.nix b/nixos/maintainers/scripts/ec2/amazon-base-config.nix index 097d722554cf..28317317eab2 100644 --- a/nixos/maintainers/scripts/ec2/amazon-base-config.nix +++ b/nixos/maintainers/scripts/ec2/amazon-base-config.nix @@ -1,5 +1,5 @@ { modulesPath, ...}: { - imports = [ "${modulesPath}/virtualisation/amazon-image.nix" ]; + imports = [ "${modulesPath}/virtualisation/amazon-init.nix" ]; services.journald.rateLimitBurst = 0; } diff --git a/nixos/modules/virtualisation/amazon-init.nix b/nixos/modules/virtualisation/amazon-init.nix new file mode 100644 index 000000000000..c5dfb3643e13 --- /dev/null +++ b/nixos/modules/virtualisation/amazon-init.nix @@ -0,0 +1,52 @@ +{ config, pkgs, modulesPath, ... }: + +# This attempts to pull a nix expression from this EC2 instance's user-data. + +let + bootScript = pkgs.writeScript "bootscript.sh" '' + #!${pkgs.stdenv.shell} -eux + + echo "attempting to fetch configuration from user-data..." + + export PATH=${pkgs.nix}/bin:${pkgs.wget}/bin:${pkgs.systemd}/bin:${pkgs.gnugrep}/bin:${pkgs.gnused}/bin:${config.system.build.nixos-rebuild}/bin:$PATH + export NIX_PATH=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels + + userData="$(mktemp)" + wget -q --wait=1 --tries=0 --retry-connrefused -O - http://169.254.169.254/2011-01-01/user-data > "$userData" + + if [[ $? -eq 0 ]]; then + echo "user-data fetched" + # If the user-data looks like it could be a nix expression, + # copy it over. Also, look for a magic three-hash comment and set + # that as the channel. + if sed '/^\(#\|SSH_HOST_.*\)/d' < "$userData" | grep -q '\S'; then + channels="$(grep '^###' "$userData" | sed 's|###\s*||')" + printf "%s" "$channels" | while read channel; do + echo "writing channel: $channel" + done + + if [[ -n "$channels" ]]; then + printf "%s" "$channels" > /root/.nix-channels + nix-channel --update + fi + + echo "setting configuration" + cp "$userData" /etc/nixos/configuration.nix + else + echo "user-data does not appear to be a nix expression; ignoring" + fi + else + echo "failed to fetch user-data" + fi + + type -f nixos-rebuild + + nixos-rebuild switch + ''; +in { + imports = [ "${modulesPath}/virtualisation/amazon-image.nix" ]; + ec2.metadata = true; + boot.postBootCommands = '' + ${bootScript} & + ''; +} diff --git a/nixos/release.nix b/nixos/release.nix index 103bf9b2c5b4..6afcdbff3e18 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -247,7 +247,8 @@ in rec { tests.docker = hydraJob (import tests/docker.nix { system = "x86_64-linux"; }); tests.dockerRegistry = hydraJob (import tests/docker-registry.nix { system = "x86_64-linux"; }); tests.etcd = hydraJob (import tests/etcd.nix { system = "x86_64-linux"; }); - tests.ec2 = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).bootEc2NixOps; + tests.ec2-nixops = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).boot-ec2-nixops; + tests.ec2-config = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).boot-ec2-config; tests.firefox = callTest tests/firefox.nix {}; tests.firewall = callTest tests/firewall.nix {}; tests.fleet = hydraJob (import tests/fleet.nix { system = "x86_64-linux"; }); diff --git a/nixos/tests/ec2.nix b/nixos/tests/ec2.nix index 7ea9b3d07f72..1296ff4e8e30 100644 --- a/nixos/tests/ec2.nix +++ b/nixos/tests/ec2.nix @@ -62,7 +62,7 @@ let "9ZcDMiWaEhoAR6FGoaGI04ff7CS+1yybQ= snakeoil" ]; in { - bootEc2NixOps = makeEc2Test { + boot-ec2-nixops = makeEc2Test { name = "nixops-userdata"; sshPublicKey = snakeOilPublicKey; # That's right folks! My user's key is also the host key! @@ -93,4 +93,27 @@ in { $machine->shutdown; ''; }; + + boot-ec2-config = makeEc2Test { + name = "config-userdata"; + sshPublicKey = snakeOilPublicKey; + + userData = '' + ### http://nixos.org/channels/nixos-unstable nixos + { + imports = [ + <nixpkgs/nixos/modules/virtualisation/amazon-image.nix> + <nixpkgs/nixos/modules/testing/test-instrumentation.nix> + ]; + environment.etc.testFile = { + text = "whoa"; + }; + } + ''; + script = '' + $machine->start; + $machine->waitForFile("/etc/testFile"); + $machine->succeed("cat /etc/testFile | grep -q 'whoa'"); + ''; + }; } |