From 6fb582e0301da53d6d5a32d02b8ecbaf0f91c188 Mon Sep 17 00:00:00 2001 From: Linus Heckemann Date: Mon, 14 Nov 2022 19:01:39 +0100 Subject: [PATCH] ec2-metadata-fetcher: ignore failure when fetching metadata parts Instances without SSH keys configured will receive a 404 from the metadata server when attempting to fetch an SSH key. This is not an actual problem though, and shouldn't result in the service failing. If the metadata server cannot be reached, the script will fail at an earlier stage when attempting to get authentication data. --- nixos/modules/virtualisation/ec2-metadata-fetcher.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/nixos/modules/virtualisation/ec2-metadata-fetcher.nix b/nixos/modules/virtualisation/ec2-metadata-fetcher.nix index 760f024f33fb..e78df12c961e 100644 --- a/nixos/modules/virtualisation/ec2-metadata-fetcher.nix +++ b/nixos/modules/virtualisation/ec2-metadata-fetcher.nix @@ -70,8 +70,8 @@ wget ${wgetExtraOptions} --header "X-aws-ec2-metadata-token: $IMDS_TOKEN" "$@"; } - wget_imds -O "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path - (umask 077 && wget_imds -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data) - wget_imds -O "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname - wget_imds -O "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key + wget_imds -O "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path || true + (umask 077 && wget_imds -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data || true) + wget_imds -O "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname || true + wget_imds -O "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key || true ''