From 32b9ca3219e38b4a0b8d01156ac93c4c92413b08 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Tue, 30 Jun 2015 17:03:11 +0200
Subject: EC2: Don't blackhole 169.254.169.254

https://github.com/NixOS/nixops/issues/267
---
 nixos/modules/virtualisation/ec2-data.nix | 10 ----------
 1 file changed, 10 deletions(-)

(limited to 'nixos/modules/virtualisation')

diff --git a/nixos/modules/virtualisation/ec2-data.nix b/nixos/modules/virtualisation/ec2-data.nix
index 0b2479c10462..cc641b1a9870 100644
--- a/nixos/modules/virtualisation/ec2-data.nix
+++ b/nixos/modules/virtualisation/ec2-data.nix
@@ -31,8 +31,6 @@ with lib;
 
         script =
           ''
-            ip route del blackhole 169.254.169.254/32 || true
-
             wget="wget -q --retry-connrefused -O -"
 
             ${optionalString (config.networking.hostName == "") ''
@@ -67,14 +65,6 @@ with lib;
                 (umask 077; echo "$key" > /etc/ssh/ssh_host_dsa_key)
                 echo "$key_pub" > /etc/ssh/ssh_host_dsa_key.pub
             fi
-
-            ${optionalString (! config.ec2.metadata) ''
-              # Since the user data is sensitive, prevent it from
-              # being accessed from now on. FIXME: remove at some
-              # point, since current NixOps no longer relies on
-              # metadata secrecy.
-              ip route add blackhole 169.254.169.254/32
-            ''}
           '';
 
         serviceConfig.Type = "oneshot";
-- 
cgit 1.4.1