Posts of varying effort on technology, cybersecurity, transhumanism, rationalism, self-improvement, DIY, and other stereotypical technologist stuff. Crazy about real-world functional programming.

Mirage Minimum Viable GCE with valid TLS certificate!

In a previous installment we went over deploying a static TLS web-site to Google Compute Engine.

It works but you have to click through the disconcerting certificate warning. Wouldn't it be nice if our all-OCaml unikernel application went ahead and obtained a trusted TLS certificate from Let's Encrypt all by itself?

To that end, I present to you the GitHub repo mbacarella/mirage-mvgce.

The scripts in that repo assume you've followed the steps in the previous post, and already have a GCE instance with the static TLS web site example attached and have the gcloud environment set up.

The ./publish.sh script will build your unikernel, and then do the GCE manipulations necessary to detach the boot image from the GCE instance, create a new image for your unikernel, attach it to your instance, and then boot it back up.

all tags