Merge pull request #134981 from DeterminateSystems/aws-ami
AWS AMI: Make the serial console access useful.
This commit is contained in:
commit
1c145df9ae
2 changed files with 20 additions and 8 deletions
|
@ -9,7 +9,7 @@ with lib;
|
|||
boot.vesa = false;
|
||||
|
||||
# Don't start a tty on the serial consoles.
|
||||
systemd.services."serial-getty@ttyS0".enable = false;
|
||||
systemd.services."serial-getty@ttyS0".enable = lib.mkDefault false;
|
||||
systemd.services."serial-getty@hvc0".enable = false;
|
||||
systemd.services."getty@tty1".enable = false;
|
||||
systemd.services."autovt@".enable = false;
|
||||
|
|
|
@ -18,7 +18,15 @@ let
|
|||
in
|
||||
|
||||
{
|
||||
imports = [ ../profiles/headless.nix ./ec2-data.nix ./amazon-init.nix ];
|
||||
imports = [
|
||||
../profiles/headless.nix
|
||||
# Note: While we do use the headless profile, we also explicitly
|
||||
# turn on the serial console on ttyS0 below. This is because
|
||||
# AWS does support accessing the serial console:
|
||||
# https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configure-access-to-serial-console.html
|
||||
./ec2-data.nix
|
||||
./amazon-init.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
|
||||
|
@ -49,7 +57,7 @@ in
|
|||
];
|
||||
boot.initrd.kernelModules = [ "xen-blkfront" "xen-netfront" ];
|
||||
boot.initrd.availableKernelModules = [ "ixgbevf" "ena" "nvme" ];
|
||||
boot.kernelParams = mkIf cfg.hvm [ "console=ttyS0" "random.trust_cpu=on" ];
|
||||
boot.kernelParams = mkIf cfg.hvm [ "console=ttyS0,115200n8" "random.trust_cpu=on" ];
|
||||
|
||||
# Prevent the nouveau kernel module from being loaded, as it
|
||||
# interferes with the nvidia/nvidia-uvm modules needed for CUDA.
|
||||
|
@ -63,7 +71,12 @@ in
|
|||
boot.loader.grub.extraPerEntryConfig = mkIf (!cfg.hvm) "root (hd0)";
|
||||
boot.loader.grub.efiSupport = cfg.efi;
|
||||
boot.loader.grub.efiInstallAsRemovable = cfg.efi;
|
||||
boot.loader.timeout = 0;
|
||||
boot.loader.timeout = 1;
|
||||
boot.loader.grub.extraConfig = ''
|
||||
serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
|
||||
terminal_output console serial
|
||||
terminal_input console serial
|
||||
'';
|
||||
|
||||
boot.initrd.network.enable = true;
|
||||
|
||||
|
@ -127,15 +140,14 @@ in
|
|||
copy_bin_and_libs ${pkgs.util-linux}/sbin/swapon
|
||||
'';
|
||||
|
||||
# Don't put old configurations in the GRUB menu. The user has no
|
||||
# way to select them anyway.
|
||||
boot.loader.grub.configurationLimit = 0;
|
||||
|
||||
# Allow root logins only using the SSH key that the user specified
|
||||
# at instance creation time.
|
||||
services.openssh.enable = true;
|
||||
services.openssh.permitRootLogin = "prohibit-password";
|
||||
|
||||
# Enable the serial console on ttyS0
|
||||
systemd.services."serial-getty@ttyS0".enable = true;
|
||||
|
||||
# Creates symlinks for block device names.
|
||||
services.udev.packages = [ pkgs.ec2-utils ];
|
||||
|
||||
|
|
Loading…
Reference in a new issue