From 4b758e374e19774509a5c93726d79dde4744a8bc Mon Sep 17 00:00:00 2001
From: Dan Peebles <pumpkingod@gmail.com>
Date: Fri, 10 Apr 2015 06:06:52 +0200
Subject: Initial attempt at configuring from EC2 userdata (with input from
 cstrahan). Now with VM tests!

---
 .../maintainers/scripts/ec2/amazon-base-config.nix |  2 +-
 nixos/modules/virtualisation/amazon-init.nix       | 52 ++++++++++++++++++++++
 nixos/release.nix                                  |  3 +-
 nixos/tests/ec2.nix                                | 25 ++++++++++-
 4 files changed, 79 insertions(+), 3 deletions(-)
 create mode 100644 nixos/modules/virtualisation/amazon-init.nix

(limited to 'nixos')

diff --git a/nixos/maintainers/scripts/ec2/amazon-base-config.nix b/nixos/maintainers/scripts/ec2/amazon-base-config.nix
index 097d722554cf..28317317eab2 100644
--- a/nixos/maintainers/scripts/ec2/amazon-base-config.nix
+++ b/nixos/maintainers/scripts/ec2/amazon-base-config.nix
@@ -1,5 +1,5 @@
 { modulesPath, ...}:
 {
-  imports = [ "${modulesPath}/virtualisation/amazon-image.nix" ];
+  imports = [ "${modulesPath}/virtualisation/amazon-init.nix" ];
   services.journald.rateLimitBurst = 0;
 }
diff --git a/nixos/modules/virtualisation/amazon-init.nix b/nixos/modules/virtualisation/amazon-init.nix
new file mode 100644
index 000000000000..c5dfb3643e13
--- /dev/null
+++ b/nixos/modules/virtualisation/amazon-init.nix
@@ -0,0 +1,52 @@
+{ config, pkgs, modulesPath, ... }:
+
+# This attempts to pull a nix expression from this EC2 instance's user-data.
+
+let
+  bootScript = pkgs.writeScript "bootscript.sh" ''
+    #!${pkgs.stdenv.shell} -eux
+
+    echo "attempting to fetch configuration from user-data..."
+
+    export PATH=${pkgs.nix}/bin:${pkgs.wget}/bin:${pkgs.systemd}/bin:${pkgs.gnugrep}/bin:${pkgs.gnused}/bin:${config.system.build.nixos-rebuild}/bin:$PATH
+    export NIX_PATH=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels
+
+    userData="$(mktemp)"
+    wget -q --wait=1 --tries=0 --retry-connrefused -O - http://169.254.169.254/2011-01-01/user-data > "$userData"
+
+    if [[ $? -eq 0 ]]; then
+      echo "user-data fetched"
+      # If the user-data looks like it could be a nix expression,
+      # copy it over. Also, look for a magic three-hash comment and set
+      # that as the channel.
+      if sed '/^\(#\|SSH_HOST_.*\)/d' < "$userData" | grep -q '\S'; then
+        channels="$(grep '^###' "$userData" | sed 's|###\s*||')"
+        printf "%s" "$channels" | while read channel; do
+          echo "writing channel: $channel"
+        done
+
+        if [[ -n "$channels" ]]; then
+          printf "%s" "$channels" > /root/.nix-channels
+          nix-channel --update
+        fi
+
+        echo "setting configuration"
+        cp "$userData" /etc/nixos/configuration.nix
+      else
+        echo "user-data does not appear to be a nix expression; ignoring"
+      fi
+    else
+      echo "failed to fetch user-data"
+    fi
+
+    type -f nixos-rebuild
+
+    nixos-rebuild switch
+  '';
+in {
+  imports = [ "${modulesPath}/virtualisation/amazon-image.nix" ];
+  ec2.metadata = true;
+  boot.postBootCommands = ''
+    ${bootScript} &
+  '';
+}
diff --git a/nixos/release.nix b/nixos/release.nix
index 103bf9b2c5b4..6afcdbff3e18 100644
--- a/nixos/release.nix
+++ b/nixos/release.nix
@@ -247,7 +247,8 @@ in rec {
   tests.docker = hydraJob (import tests/docker.nix { system = "x86_64-linux"; });
   tests.dockerRegistry = hydraJob (import tests/docker-registry.nix { system = "x86_64-linux"; });
   tests.etcd = hydraJob (import tests/etcd.nix { system = "x86_64-linux"; });
-  tests.ec2 = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).bootEc2NixOps;
+  tests.ec2-nixops = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).boot-ec2-nixops;
+  tests.ec2-config = hydraJob (import tests/ec2.nix { system = "x86_64-linux"; }).boot-ec2-config;
   tests.firefox = callTest tests/firefox.nix {};
   tests.firewall = callTest tests/firewall.nix {};
   tests.fleet = hydraJob (import tests/fleet.nix { system = "x86_64-linux"; });
diff --git a/nixos/tests/ec2.nix b/nixos/tests/ec2.nix
index 7ea9b3d07f72..1296ff4e8e30 100644
--- a/nixos/tests/ec2.nix
+++ b/nixos/tests/ec2.nix
@@ -62,7 +62,7 @@ let
     "9ZcDMiWaEhoAR6FGoaGI04ff7CS+1yybQ= snakeoil"
   ];
 in {
-  bootEc2NixOps = makeEc2Test {
+  boot-ec2-nixops = makeEc2Test {
     name         = "nixops-userdata";
     sshPublicKey = snakeOilPublicKey; # That's right folks! My user's key is also the host key!
 
@@ -93,4 +93,27 @@ in {
       $machine->shutdown;
     '';
   };
+
+  boot-ec2-config = makeEc2Test {
+    name         = "config-userdata";
+    sshPublicKey = snakeOilPublicKey;
+
+    userData = ''
+      ### http://nixos.org/channels/nixos-unstable nixos
+      {
+        imports = [
+          <nixpkgs/nixos/modules/virtualisation/amazon-image.nix>
+          <nixpkgs/nixos/modules/testing/test-instrumentation.nix>
+        ];
+        environment.etc.testFile = {
+          text = "whoa";
+        };
+      }
+    '';
+    script = ''
+      $machine->start;
+      $machine->waitForFile("/etc/testFile");
+      $machine->succeed("cat /etc/testFile | grep -q 'whoa'");
+    '';
+  };
 }
-- 
cgit 1.4.1