2026-02-27 16:03:00 +01:00
|
|
|
"""EC2 user-data template rendering for builder instance bootstrap."""
|
2026-02-27 11:59:16 +01:00
|
|
|
|
|
|
|
|
from __future__ import annotations
|
|
|
|
|
|
2026-02-27 12:34:32 +01:00
|
|
|
import textwrap
|
|
|
|
|
|
2026-02-27 11:59:16 +01:00
|
|
|
|
2026-02-27 16:03:00 +01:00
|
|
|
def render_userdata(slot_id: str, ssm_param: str = "/nix-builder/ts-authkey") -> str:
|
|
|
|
|
"""Render user-data that seeds AMI bootstrap inputs only.
|
2026-02-27 12:34:32 +01:00
|
|
|
|
2026-02-27 16:03:00 +01:00
|
|
|
The AMI's buildbot-ami-bootstrap service consumes this env file and handles
|
|
|
|
|
SSM fetch + tailscale-autoconnect config generation.
|
2026-02-27 11:59:16 +01:00
|
|
|
"""
|
2026-02-27 12:34:32 +01:00
|
|
|
return textwrap.dedent(f"""\
|
|
|
|
|
#!/usr/bin/env bash
|
|
|
|
|
set -euo pipefail
|
|
|
|
|
|
|
|
|
|
SLOT_ID="{slot_id}"
|
|
|
|
|
SSM_PARAM="{ssm_param}"
|
|
|
|
|
|
2026-02-27 16:03:00 +01:00
|
|
|
# Seed AMI bootstrap inputs only; buildbot-ami-bootstrap reads this file.
|
|
|
|
|
cat > /etc/nix-builder-bootstrap-env <<EOF
|
|
|
|
|
SLOT_ID="$SLOT_ID"
|
|
|
|
|
TS_SSM_PARAM="$SSM_PARAM"
|
|
|
|
|
EOF
|
|
|
|
|
chmod 600 /etc/nix-builder-bootstrap-env
|
2026-02-27 12:34:32 +01:00
|
|
|
""")
|
