[Unit]
Description=Nitro Enclaves vsock Proxy
After=network-online.target
DefaultDependencies=no

[Service]
Type=simple
StandardOutput=journal
StandardError=journal
SyslogIdentifier=vsock-proxy
ExecStart=/bin/bash -ce "TOKEN=$(curl --silent -X PUT \"http://169.254.169.254/latest/api/token\" -H \"X-aws-ec2-metadata-token-ttl-seconds: 21600\") ; \
			REGION=$(curl --silent -H \"X-aws-ec2-metadata-token: $TOKEN\" http://169.254.169.254/latest/dynamic/instance-identity/document | jq -r .region) ; \
			[ -z \"$REGION\" ] && REGION=$(curl --silent http://169.254.169.254/latest/dynamic/instance-identity/document | jq -r .region) ; \
			exec /usr/bin/vsock-proxy 8000 kms.$${REGION}.amazonaws.com 443 \
                --config /etc/nitro_enclaves/vsock-proxy.yaml"
Restart=always
TimeoutSec=0

[Install]
WantedBy=multi-user.target