GitHub - samoht/mirage-seal: Sealing local directories into Mirage Unikernels

mirage-seal

Use this tool to seal the contents of a directory into a static unikernel, serving its contents over HTTPS.

For now on, you need to set up few opam pins:

opam remote add mirage-dev https://github.com/mirage/mirage-dev.git

The you can install mirage-seal using opam:

$ opam install mirage-seal

To serve the data in files/ using the certificates secrets/server.key and secrets/server.pem, simply do:

$ mirage-seal --data=files/ --keys=secrets/ [--ip=<IP>]
$ xl create seal.xl -c

If --ip is not specified, the unikernel will use DHCP to acquire an IP address on boot.

If you want to test mirage-seal locally, you can generate a self-signed certificate using openSSL (from StackOverflow):

$ mkdir secrets
$ openssl req -x509 -newkey rsa:2048 -nodes -keyout secrets/server.key -out secrets/server.pem -days 365 -subj '/CN=<IP>'

Name		Name	Last commit message	Last commit date
Latest commit History 110 Commits
src		src
static		static
.gitignore		.gitignore
.merlin		.merlin
.travis.yml		.travis.yml
CHANGES.md		CHANGES.md
Dockerfile		Dockerfile
Makefile		Makefile
README.md		README.md
_oasis		_oasis
_tags		_tags
configure		configure
mirage-seal.install		mirage-seal.install
myocamlbuild.ml		myocamlbuild.ml
opam		opam
setup.ml		setup.ml
test.sh		test.sh