Job dns-letsencrypt-monitoring

README

Skip to build

Let's encrypt DNS provisioning

This is a MirageOS unikernel which provisions TLS certificates using let's encrypt. It looks for certificate signing requests, stored as TLSA records in DNS zones, and uses the let's encrypt ACME DNS challenge to retrieve certificates. The certificate chain is stored in DNS as TLSA record as well. This unikernel also ensures that certificates are valid for at least two weeks.

This can be used with dns-primary-git.

Installation from source

To install this unikernel from source, you need to have opam (>= 2.0.0) and ocaml (>= 4.07.0) installed. Also, mirage is required (>= 3.7.7). Please follow the installation instructions.

The following steps will clone this git repository and compile the unikernel:

$ git clone https://github.com/roburio/dns-letsencrypt-secondary.git
$ mirage configure -t <your-favourite-target>
$ make depend
$ make

Installing as binary

There are not yet any binaries available, but work is underway to provide reproducible binaries.

Questions?

Please open an issue if you have questions, feature requests, or comments.

Build 2021-10-13 11:15:10 -00:00

Back to readme

Build took 12min13s.

Execution result: exited 0.

Reproduced by builds

2021-10-15 11:15:56 -00:00, 2021-10-14 11:15:33 -00:00,

Build info

Comparisons with other builds

With latest build
With build 2021-10-12 11:14:47 -00:00 (output is identical binary)
With build 2021-10-08 11:13:17 -00:00 (output is identical binary)

Build artifacts

bin/letsencrypt.hvt
SHA256:49a68f3698a8476b5efeba2b26d3afe154393b0100f9649cd6b512d20318b381 (8.08MB)
build-environment
SHA256:08f42695f19c01bb11b48d2558949cdc237a2339301a1ae4a03abccda0fe87c1 (274B)
letsencrypt.hvt.debug
SHA256:754cc0590fc6bd4bd7f57d4a5d7c3015c6e2c58a7f4a69c0a52a3ae06ebf922f (11.9MB)
opam-switch
SHA256:0bc347ac94d460f984d55082b4b90e27d3303165a2187920223154863e03a81e (238kB)
system-packages
SHA256:988bcce87c0157b9e31c7dac750f7814f8427a487268ce92dafc549c0b979b28 (184B)