| 4 Apr 2025 |
|  Phil Hale joined the room. | 17:18:39 |
| 11 Apr 2025 |
 Arian | @commiterate:matrix.org: seems Amazon started shipping the go binary of EC2 instance connect to Linux as well | 11:18:15 |
| Arian | But I can't find the source anywhere. Which is weird. As Amazon linux is supposed to be open source | 11:18:27 |
 commiterate | it's probably stuck in the open source review process | 18:52:40 |
| commiterate | my guess is they got security approval and Amazon Linux approval, but the internal open source review board (OSRB) hasn't gotten around to approving yet so they just decided to ship | 19:02:59 |
| 12 Apr 2025 |
| commiterate | I'm kind of afraid what the code is going to look like though | 18:50:02 |
| Arian | 💀 | 19:30:43 |
| Arian | We can decompile the binary for funzies | 19:30:54 |
| 13 Apr 2025 |
| commiterate | it's giving some motivation to set up testing + publishing automation for my rewrite | 02:32:02 |
| commiterate | especially now that I've figured out how to use EC2 Image Builder with Nix + system-manager or nix-darwin to do reproducible AMI baking (in this case it's just for testing the binary) | 02:32:49 |
| commiterate | just updated the repo to put the general bits in place, rest is just execution | 02:33:51 |
| Arian | I just killed our last MacOS instance on ec2 | 09:58:34 |
| Arian | Decided that dealing with MacOS in EC2 is not worth my time | 09:58:45 |
| Arian | Especially with how it interacts with nix (can't install nix on the ebs volume without clicking buttons in the UI) | 09:59:05 |
| commiterate | it's pretty much unusable, though most of the blame is on Apple's EULA and TCC/FDA | 19:54:22 |
| 28 Apr 2025 |
 dbalan | Hey y'all not sure if this is documented somewhere, whats the reason AWS AMIs does not install aws cli by default? Is the expectation that we should bring it in with userdata? | 11:05:20 |
| Arian | It’s not part of the amazon-image.nix profile. We could add it if you want? but yeh usually people just reconfigure their NixOS machines through user-data after boot | 11:23:15 |
| Arian | why do you need it? | 11:23:25 |
| dbalan | Our scripts do some s3 gets / aws ssm get-parmeters etc to assemble the final nix config. We do have workaround for this to wrap the execution in nix-env. But IMO awscli seems quite useful on an amazon AMI. | 11:31:24 |
| dbalan | Another option would be to look for nix-shell shebang, like
#! /usr/bin/env nix-shell
#! nix-shell -i runghc --packages 'haskellPackages.ghcWithPackages (ps: [ps.download-curl ps.tagsoup])'
in the init script where we determine the type in amazon-init.nix and run it with nix-shell instead of ${pkgs.runtimeShell}
| 11:51:29 |
| Arian | we download a closure and nixos-rebuild switch into ti | 11:57:01 |
| Arian | why would you want to run imperative scripts if you can just deploy a new NixOS build with the script you want to run? Sounds more robust :D | 11:58:04 |
| dbalan | Haha -- we use imperative secrets to assemble a nix config that we can switch to (mostly secrets and some other foo). But this is definitely not a blocker for us or anything. | 11:59:41 |
| Arian | That sounds terrible :D | 12:00:14 |
