Mirage Minimum Viable GCE with valid TLS certificate!
In a previous installment we went over deploying a static TLS web-site to Google Compute Engine.
It works but you have to click through the disconcerting certificate warning. Wouldn't it be nice if our all-OCaml unikernel application went ahead and obtained a trusted TLS certificate from Let's Encrypt all by itself?
To that end, I present to you the GitHub repo mbacarella/mirage-mvgce.
The scripts in that repo assume you've followed the steps in the previous post, and already have a GCE instance with the static TLS web site example attached and have the gcloud environment set up.
The ./publish.sh
script will build your unikernel, and then do the GCE manipulations necessary to detach the boot image from the GCE instance, create a new image for your unikernel, attach it to your instance, and then boot it back up.