Github Action that regularly uploads AMIs for release channels
Yes! for example with a config like this:
{
inputs.nixpkgs.url = "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz";
outputs = { nixpkgs, ... }: {
nixosConfigurations.my-system = nixpkgs.lib.nixosSystem {
modules = [
{ modulesPath, ... }:
imports = [ "${modulesPath}/virtualisation/amazon-image.nix" ];
virtualisation.diskSize = "auto"; # or gigabytes. default is 3 * 1024
nixpkgs.hostPlatform = "x86_64-linux";
services.nginx.enable = true;
}
];
};
};
}you can upload it to your account like this:
nix build .#nixosConfigurations.my-system.config.system.build.images.amazonOr you can use the the shorthand:
nixos-rebuild build-image --image-variant amazon --flake .#my-systemThen upload it with:
nix run github:NixOS/amis#upload-ami -- --prefix my-system --s3-bucket my-bucket --image-info ./result/nix-support/image-info.jsonSome steps need to be done manually to set up the account. This is a one time process. These are hard to automate with Terraform.
First opt in to all regions:
nix run .#enable-regionsYou might get rate-limited so need to wait and rerun until all finish:
botocore.errorfactory.TooManyRequestsException: An error occurred (TooManyRequestsException) when calling the EnableRegion operation (reached max retries: 4): This request has exceeded the quota for 'Number of concurrent region-opt requests for an account'. Consider retrying the operation later once some requests have been completed.
Now wait until all regions are enabled. You can use:
aws account list-regions --region-opt-status-contains ENABLING
Then request a quota increase for the number of AMIs you want to publish. This will create support tickets in all regions. You can check the status of the tickets in the AWS console. It might take a few days for the tickets to be resolved.
nix run .#request-public-ami-quota-increase -- --desired-value 1000Finally enable public AMIs:
nix run .#disable-image-block-public-access