NixOS AWS AMI: enable the serial console on ttyS0

2 files changed, 13 insertions, 2 deletions

diff --git a/nixos/modules/profiles/headless.nix b/nixos/modules/profiles/headless.nix
index 46a9b6a7d8d..c17cb287b72 100644
--- a/nixos/modules/profiles/headless.nix
+++ b/nixos/modules/profiles/headless.nix
@@ -9,7 +9,7 @@ with lib;
   boot.vesa = false;
 
   # Don't start a tty on the serial consoles.
-  systemd.services."serial-getty@ttyS0".enable = false;
+  systemd.services."serial-getty@ttyS0".enable = lib.mkDefault false;
   systemd.services."serial-getty@hvc0".enable = false;
   systemd.services."getty@tty1".enable = false;
   systemd.services."autovt@".enable = false;
diff --git a/nixos/modules/virtualisation/amazon-image.nix b/nixos/modules/virtualisation/amazon-image.nix
index 1f3b4c3709a..7ee5c096af9 100644
--- a/nixos/modules/virtualisation/amazon-image.nix
+++ b/nixos/modules/virtualisation/amazon-image.nix
@@ -18,7 +18,15 @@ let
 in
 
 {
-  imports = [ ../profiles/headless.nix ./ec2-data.nix ./amazon-init.nix ];
+  imports = [
+    ../profiles/headless.nix
+    # Note: While we do use the headless profile, we also explicitly
+    # turn on the serial console on ttyS0 below. This is because
+    # AWS does support accessing the serial console:
+    # https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configure-access-to-serial-console.html
+    ./ec2-data.nix
+    ./amazon-init.nix
+  ];
 
   config = {
 
@@ -141,6 +149,9 @@ in
     services.openssh.enable = true;
     services.openssh.permitRootLogin = "prohibit-password";
 
+    # Enable the serial console on ttyS0
+    systemd.services."serial-getty@ttyS0".enable = true;
+
     # Creates symlinks for block device names.
     services.udev.packages = [ pkgs.ec2-utils ];