Building AMIs with Nix

Help
1

Anybody have a good way to do this?

I’d like to do something like:

  1. Spin up a stock NixOS instance
  2. Create and mount an EBS volume
  3. Install NixOS on the volume using a custom configuration.nix
  4. Unmount the volume
  5. Create an AMI from the volume
  6. Terminate the instance

After much Googling, the only thing I’ve found that does something like this is the script for generating AMIs for a NixOS release. It doesn’t really generalize to other use cases though.

This seems like a really obvious thing to want to do if you use NixOS on AWS. Is there some gotcha that makes this a bad idea? If not, how are peopling handing it?

-Colin

1 Like
2

I had to do this recently, and the way I did it was:

  • Spin up a stock NixOS instance
  • Configure it as I want (not forgetting to add imports = [ <nixpkgs/nixos/maintainers/scripts/ec2/amazon-image.nix> ]; to the config)
  • Create /etc/NIXOS_LUSTRATE (to wipe all the mutable state on the instance at next reboot, see NixOS 23.11 manual | Nix & NixOS)
  • Create the AMI from the instance (I did it from the web interface, but I assume it’s possible to do from the cli too).

The NIXOS_LUSTRATE part is important because the ec2 module includes some scripts to configure the instance at startup (like getting the ssh key from AWS if you specified one), but does it only at the first boot, so we have to remove all mutable state to be sure that this configuration will be done again next time we start an instance with this AMI.

Hope that helps


Théophane

3

You can also generate images without starting an instance and the cleanup. This is basically what we do for the NixOS AMI’s. You can find the script for that at: https://github.com/NixOS/nixpkgs/blob/master/nixos/maintainers/scripts/ec2/create-amis.sh

It should be easy to adapt this to a custom NixOS configuration. The line in the script that does the image building is https://github.com/NixOS/nixpkgs/blob/master/nixos/maintainers/scripts/ec2/create-amis.sh#L34 . You should be able to just reference your configuration in the imports list there.

4

Thanks guys, that’s helpful!

5

Given that this is still one of the first results on Google, this describes how to do it in 2020:

http://jackkelly.name/blog/archives/2020/08/30/building_and_importing_nixos_amis_on_ec2/

3 Likes
6

I have created a new repo dedicated to the prroduction of AMIs, that exercises in full detail the methods described in the blog post linked earlier:

1 Like