| 11 Nov 2024 |
 Arian | I think it should be pretty simple for people to build an image that's UEFi only and with systemd-boot | 17:39:13 |
| Arian | It's just that quite a few instance types on AWS don't support UEFi at all | 17:39:23 |
| Arian | E.g. the T2 family. So we can't really use it for the public images | 17:39:37 |
 colemickens | I didn't realize it was a hybrid image. Hybrid+grub makes sense to me, given those instance types. | 17:39:43 |
| Arian | As they won't boot on free tier instances. Which kinda sucks | 17:39:47 |
| colemickens | Completely agree, yeah. | 17:39:58 |
| Arian | UEFi only has benefit. Namely you can use TPM2 | 17:40:13 |
| Arian | Which is not available for hybrid images | 17:40:19 |
| Arian | I want to get to a point where we can drop BIOS :( | 17:41:29 |
| Arian | * UEFi only has benefit. Namely you can use TPM2 and secure boot | 17:41:43 |
 commiterate | Basically we need to wait for EC2 to phase out a bunch of legacy instance types. I have no idea what that timeline is. | 17:42:01 |
| Arian | I'm happy to make the cut as soon as they stop defaulting T2 as the default instance type | 17:42:24 |
| Arian | To be honest | 17:42:28 |
 Ilan Joselevich (Kranzes) | I legit don't understand why the transition to UEFI is so slow | 17:42:45 |
| Arian | I just want people to be able to use NixOS images with free tier | 17:42:49 |
| Arian | Problem is Amazon has billions of dollars of hardware and they need to still extract money out of it :p | 17:43:06 |
| commiterate | AWS isn't being slow here tbh. All of the new instance types over the past few years require UEFI. | 17:43:14 |
| Arian | Before they decommission it | 17:43:15 |
| commiterate | It's just that AWS keeps older instance generations around forever. | 17:43:27 |
| Arian | As soon as they replace T2 with t3 for free tier I'm fine with dropping bios support | 17:43:49 |
| commiterate | * AWS isn't being slow here tbh. All of the new instance types over the past few years support (x86-64) or require (ARM64) UEFI. | 17:43:49 |
| commiterate | Also if you want an optimally small NixOS AMI, you should probably be building your own images from scratch and making an AMI out of it with ImportSnapshot + RegisterImage instead of building a new generation on top of a base NixOS AMI (e.g. the official NixOS ones). | 17:47:26 |
| commiterate | Granted the image GC story right now isn't the nicest. I'm trying to get AWS to add a new AWS::EC2::Image Cfn resource to deal with that. | 17:48:15 |
| Arian | I am working on a script to enumerate and delete all deprecated images in an account | 17:48:39 |
| Arian | Then I can just rely on the deprecation timestamp | 17:48:46 |
| Arian | Yeh I want to eventually have a template for nixos appliance images (with systemd-boot, systemd-stub, UKIs, measured boot, secure boot) | 17:49:23 |
| Arian | But still useful to have generic images | 17:49:56 |
| Arian | For people who just wanna SSM, or ssh for deploys | 17:50:05 |
| commiterate | Yup. Good for testing, mutable setups, and as a template/reference for others to follow. | 17:50:36 |
| Arian | My talk is live btw: https://youtu.be/Ee4JN3Fp17o?si=8pGzmDpGhVzN5qne | 17:50:44 |
