From 64fe5bdb50ffcd924543f92b3dc8ef9f9701e7fe Mon Sep 17 00:00:00 2001 From: junkb <junkb@users.noreply.github.com> Date: Fri, 17 Apr 2020 23:22:57 -0400 Subject: [PATCH] add support for imds version 2 --- tiny-ec2-bootstrap | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tiny-ec2-bootstrap b/tiny-ec2-bootstrap index 9c62afb..7c595aa 100644 --- a/tiny-ec2-bootstrap +++ b/tiny-ec2-bootstrap @@ -5,15 +5,20 @@ description="Provides EC2 cloud bootstrap" # override in /etc/conf.d/tiny-ec2-bootstrap EC2_USER=${EC2_USER:-alpine} +metadata_token_lifetime='60' depend() { need net provide cloud-final } +_get_metadata_token() { + metadata_token=$(curl -sX PUT 'http://169.254.169.254/latest/api/token' -H "X-aws-ec2-metadata-token-ttl-seconds: ${metadata_token_lifetime}" 2>/dev/null) +} + _get_metadata() { local uri="$1" - wget -qO - "http://169.254.169.254/latest/$uri" 2>/dev/null + wget -qO - --header="X-aws-ec2-metadata-token: ${metadata_token}" "http://169.254.169.254/latest/$uri" 2>/dev/null } _update_hostname() { @@ -70,6 +75,7 @@ start() { [ -d "/var/lib/cloud" ] || mkdir -p /var/lib/cloud + ebegin "Retrieving metadata service api token"; _get_metadata_token; eend $? ebegin "Disabling root password"; _disable_password root; eend $? ebegin "Disabling $EC2_USER password"; _disable_password "$EC2_USER"; eend $? ebegin "Resizing root partition"; _resize_root_partition; eend $? -- GitLab