| Dear Markus,
Thanks for the headsup! I delayed a little with the quick fix this time in order to deploy the new udns stack which supports Letsencrypt renewal. As a warning, this means switching our root name servers out, so there may be some downtime for DNS over the next few hours/days. In return, we will have a fully-selfhosted DNS/HTTPS mirage.io domain using itself!
The steps are:
- Switching root name server for mirage.io to udns. I have deployed a new to avoid needing a glue record for now). It uses the "primary-git" example uses Irmin to retrieve the zone file via Git.
- Once this has propagated, I need to setup the tsig keys on that nameserver in order to do automated LE updates. Hannes, do you have any tips/guides on how to do this or an example in the repo?
- When we have a new LE key for the website, I'm going to redeploy that on a new host (since the current mirage.io is running on an ancient Debian). It will initially run on Solo5 as well, but I'll add another Xen host later since, as Mindy points out, it's an important litmus test to make sure that backend works.
- Once this settles down, I'll setup a Datakit-CI instance to autorebuild the unikernels and deploy them on the hosts, and give SSH access to any Mirage developer that wants access to debug the infrastructure.
cheers, Anil
Hi all, sorry in advance if this hits the wrong audience. The following certificates are currently invalid: - mirage.io: expired Aug 1st - tls.openmirage.org: issued for tls.nqsb.org (which is defunct) Cheers, Markus _______________________________________________ MirageOS-devel mailing list MirageOS-devel@xxxxxxxxxxxxxxxxxxxxhttps://lists.xenproject.org/mailman/listinfo/mirageos-devel
| 
