dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

ec2-metadata-fetcher: ignore failure when fetching metadata parts

Browse Source 
Instances without SSH keys configured will receive a 404 from the
metadata server when attempting to fetch an SSH key. This is not an
actual problem though, and shouldn't result in the service failing.

If the metadata server cannot be reached, the script will fail at an
earlier stage when attempting to get authentication data.
This commit is contained in:
Linus Heckemann 2022-11-14 19:01:39 +01:00
parent eddfcf8622
commit 6fb582e030
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nixos/modules/virtualisation/ec2-metadata-fetcher.nix
View File

@ -70,8 +70,8 @@
wget ${wgetExtraOptions} --header "X-aws-ec2-metadata-token: $IMDS_TOKEN" "$@";
}
wget_imds -O "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path
(umask 077 && wget_imds -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data)
wget_imds -O "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname
wget_imds -O "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key
wget_imds -O "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path || true
(umask 077 && wget_imds -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data || true)
wget_imds -O "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname || true
wget_imds -O "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key || true
''