Sealing local directories into Mirage Unikernels
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src
static
.gitignore
.merlin
.travis.yml
CHANGES.md
Dockerfile
Makefile
README.md
_oasis
_tags
configure
mirage-seal.install
myocamlbuild.ml
opam
setup.ml
test.sh

README.md

mirage-seal

Use this tool to seal the contents of a directory into a static unikernel, serving its contents over HTTPS.

Install

For now on, you need to set up few opam pins:

opam remote add mirage-dev https://github.com/mirage/mirage-dev.git

The you can install mirage-seal using opam:

$ opam install mirage-seal

Use

To serve the data in files/ using the certificates secrets/server.key and secrets/server.pem, simply do:

$ mirage-seal --data=files/ --keys=secrets/ [--ip=<IP>]
$ xl create seal.xl -c

If --ip is not specified, the unikernel will use DHCP to acquire an IP address on boot.

Test

If you want to test mirage-seal locally, you can generate a self-signed certificate using openSSL (from StackOverflow):

$ mkdir secrets
$ openssl req -x509 -newkey rsa:2048 -nodes -keyout secrets/server.key -out secrets/server.pem -days 365 -subj '/CN=<IP>'