From ed4170733c141b610484fc452f1d0a0302213abd Mon Sep 17 00:00:00 2001 From: Timothy DeHerrera Date: Wed, 10 Nov 2021 14:12:01 -0700 Subject: [PATCH 1/2] amis: enable setting ami boot mode on registration This is important since legacy bios mode is still the default for Intel and AMD based instances on AWS. That is, even if your image is setup to use UEFI on the OS level, the AMI will still use BIOS unless the boot mode is explicitly set during registration. --- nixos/maintainers/scripts/ec2/amazon-image.nix | 5 +++++ nixos/maintainers/scripts/ec2/create-amis.sh | 1 + 2 files changed, 6 insertions(+) diff --git a/nixos/maintainers/scripts/ec2/amazon-image.nix b/nixos/maintainers/scripts/ec2/amazon-image.nix index fcb369e87ff9..6358ec68f7cf 100644 --- a/nixos/maintainers/scripts/ec2/amazon-image.nix +++ b/nixos/maintainers/scripts/ec2/amazon-image.nix @@ -4,6 +4,7 @@ with lib; let cfg = config.amazonImage; + amiBootMode = if config.ec2.efi then "uefi" else "legacy-bios"; in { @@ -106,10 +107,12 @@ in { --arg system ${lib.escapeShellArg pkgs.stdenv.hostPlatform.system} \ --arg root_logical_bytes "$(${pkgs.qemu}/bin/qemu-img info --output json "$rootDisk" | ${pkgs.jq}/bin/jq '."virtual-size"')" \ --arg boot_logical_bytes "$(${pkgs.qemu}/bin/qemu-img info --output json "$bootDisk" | ${pkgs.jq}/bin/jq '."virtual-size"')" \ + --arg boot_mode "${amiBootMode}" \ --arg root "$rootDisk" \ --arg boot "$bootDisk" \ '{} | .label = $system_label + | .boot_mode = $boot_mode | .system = $system | .disks.boot.logical_bytes = $boot_logical_bytes | .disks.boot.file = $boot @@ -145,9 +148,11 @@ in { --arg system_label ${lib.escapeShellArg config.system.nixos.label} \ --arg system ${lib.escapeShellArg pkgs.stdenv.hostPlatform.system} \ --arg logical_bytes "$(${pkgs.qemu}/bin/qemu-img info --output json "$diskImage" | ${pkgs.jq}/bin/jq '."virtual-size"')" \ + --arg boot_mode "${amiBootMode}" \ --arg file "$diskImage" \ '{} | .label = $system_label + | .boot_mode = $boot_mode | .system = $system | .logical_bytes = $logical_bytes | .file = $file diff --git a/nixos/maintainers/scripts/ec2/create-amis.sh b/nixos/maintainers/scripts/ec2/create-amis.sh index 355894587391..1df27e2db55a 100755 --- a/nixos/maintainers/scripts/ec2/create-amis.sh +++ b/nixos/maintainers/scripts/ec2/create-amis.sh @@ -275,6 +275,7 @@ upload_image() { --region "$region" \ --architecture $amazon_arch \ --block-device-mappings "${block_device_mappings[@]}" \ + --boot-mode $(read_image_info .boot_mode) \ "${extra_flags[@]}" \ | jq -r '.ImageId' ) From f0aec20cd74d3080fdad4283aa103c10bc9bef38 Mon Sep 17 00:00:00 2001 From: Timothy DeHerrera Date: Wed, 10 Nov 2021 18:21:55 -0700 Subject: [PATCH 2/2] create-amis.sh: possible deprecation --- nixos/maintainers/scripts/ec2/create-amis.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/nixos/maintainers/scripts/ec2/create-amis.sh b/nixos/maintainers/scripts/ec2/create-amis.sh index 1df27e2db55a..797fe03e2095 100755 --- a/nixos/maintainers/scripts/ec2/create-amis.sh +++ b/nixos/maintainers/scripts/ec2/create-amis.sh @@ -1,6 +1,9 @@ #!/usr/bin/env nix-shell #!nix-shell -p awscli -p jq -p qemu -i bash # shellcheck shell=bash +# +# Future Deprecation? +# This entire thing should probably be replaced with a generic terraform config # Uploads and registers NixOS images built from the # amazonImage attribute. Images are uploaded and