eic currently fails with exit code 1 and no helpful error message.

[arianvp]

# TODO: This currently fails with exit code 1 and no helpful error message.

https://github.com/arianvp/amis/blob/8eb2b2e2c3bd567f9df2a0757284e45140a4216a/packages/ec2-instance-connect.nix#L14

[zickzackv]

I tried the script(s) within an buildFSHEnv on a ec2 instance; debugged the script and probably found the problem:

eic_parse_authorized_keys is called with /etc/ssl/certs instead of /etc/ssl/certs/ca-bundle.crt The script does not find any certs and breaks of it.

within aws's repo aws-ec2-instance-connect-config they patch that file with e.g. this line:

https://github.com/aws/aws-ec2-instance-connect-config/blob/551c73e8ec1f5ade4c8b1f52cf616e75b47879b4/bin/make_tarball.sh#L29

sadly i'm not familiar enough with nixos to create a solution within you package.

anyways, hope that helps and thanks for this project!

[zickzackv]

trying to fix the issue with the PR #114

[cottand]

Hi, I see in #114 that the intent was to get it merged into nixpkgs - did this ever happen? I could find it with a quick search

[zickzackv]

Sadly no. I never created a PR or a patch.

Also after almost a year, I would rather use the cacert package as certificate source instead of patching a fixed path.

[cottand]

I agree that using cacert would be much better - would it be easier to use something like symlinkJoin or buildFHSEnv to symlink cacert to /etc/ssl/certs, rather than patching upstream?

[zickzackv]

Sorry can't tell. Never used symlinkJoin nor buildFHSEnv for my derivations.