GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → roburio → Unipi

roburio / Unipi

Serving content from a git repository via HTTPS (including let's encrypt provisioning) as MirageOS unikernel

Programming Languages

ocaml
1615 projects

Labels

httpgithttp-serverletsencryptunikernel

Projects that are alternatives of or similar to Unipi

s3www
Serve static files from any S3 compatible object storage services (Let's Encrypt ready)
Stars: ✭ 86 (+86.96%)
Mutual labels:  letsencrypt, http-server
contruno
A TLS termination proxy as a MirageOS
Stars: ✭ 13 (-71.74%)
Mutual labels:  letsencrypt, unikernel
Simple Httpd
Drop-in replacement for Python SimpleHTTPServer. Provides TLS via Let's Encrypt over HTTP2, and auto generated self-signed certificates.
Stars: ✭ 217 (+371.74%)
Mutual labels:  letsencrypt, http-server
Go Bootstrap
Easy way to bootstrap a web server in Go (Routing|Middleware|Https)
Stars: ✭ 27 (-41.3%)
Mutual labels:  letsencrypt, http-server
Nodemcu Espress
Ultra-Lightweight and modular Node.js express like http server for NodeMCU. web - ESP8266
Stars: ✭ 39 (-15.22%)
Mutual labels:  http-server
Mrseedbox
[unmaintained] A Containerized Seedbox with Embedded Media Player
Stars: ✭ 30 (-34.78%)
Mutual labels:  letsencrypt
Fht2p
A cross-platform HTTP static file server developed using Rust.
Stars: ✭ 28 (-39.13%)
Mutual labels:  http-server
Liberator
An Elixir library for building RESTful applications.
Stars: ✭ 28 (-39.13%)
Mutual labels:  http-server
Vaxic
Node HTTP server framework
Stars: ✭ 45 (-2.17%)
Mutual labels:  http-server
Nico
A HTTP2 web server for reverse proxy and single page application, automatically apply for ssl certificate, Zero-Configuration.
Stars: ✭ 43 (-6.52%)
Mutual labels:  http-server
Fastdeploy
Deploy DL/ ML inference pipelines with minimal extra code.
Stars: ✭ 35 (-23.91%)
Mutual labels:  http-server
Django On Docker Letsencrypt
Securing a Containerized Django Application with Let's Encrypt
Stars: ✭ 31 (-32.61%)
Mutual labels:  letsencrypt
Jiny
Lightweight, modern, simple JVM web framework for rapid development in the API era
Stars: ✭ 40 (-13.04%)
Mutual labels:  http-server
Greenlock
Automatic SSL renewal for NodeJS
Stars: ✭ 30 (-34.78%)
Mutual labels:  letsencrypt
Esper
📻 Event Source powered by hyper written in Rust
Stars: ✭ 43 (-6.52%)
Mutual labels:  http-server
Cfhookbash
Cloudflare hook bash for dehydrated - DNS-01 Challenge Let's Encrypt
Stars: ✭ 28 (-39.13%)
Mutual labels:  letsencrypt
Gunicorn
gunicorn 'Green Unicorn' is a WSGI HTTP Server for UNIX, fast clients and sleepy applications.
Stars: ✭ 8,001 (+17293.48%)
Mutual labels:  http-server
Embedio
A tiny, cross-platform, module based web server for .NET
Stars: ✭ 1,007 (+2089.13%)
Mutual labels:  http-server
Rebar3 osv
Turn an Erlang/OTP application into a Unikernel image
Stars: ✭ 34 (-26.09%)
Mutual labels:  unikernel
Ansible Collection Letsencrypt
An Ansible collection for issuing Let's Encrypt certificates.
Stars: ✭ 33 (-28.26%)
Mutual labels:  letsencrypt
View All Similar Projects ➔

Unipi - serve git repository content as HTTPS

Unipi is a MirageOS unikernel that provides the contents of a git repository via HTTP and HTTPS. It embeds (optional) let's encrypt provisioning.

A webhook is provided to update the internal state of the git repository. An example deployment is test.nqsb.io, which serves the ocaml-dns documentation (using the gh-pages branch).

Some HTTP headers are added: "content-type", which value is looked up of the file ending using magic-mime. "last-modified" and "etag" are the timestamp of the most recent commit to the git remore, respective the hash of the most recent commit. If the client sends "if-modified-since" or "if-none-match", and either matches the most recent commit, the HTTP status Not modified (304) is returned with an empty body.

Inspiration for this unikernel is taken from Canopy after discussion with the Muen developers.

Configuration

Unipi is only configured via boot parameters, as follows:

  • --port configures the TCP port to listen on (defaults to 80)
  • --remote configures the git remote url (e.g. https://github.com/mirage/ocaml-dns.git#gh-pages)
  • --hook configures the (secret) url of the webhook, if requested unipi updates its internal git remote (default is "hook")
  • --ipv4 configures the IPv4 address of unipi (e.g. 192.168.2.2/24)
  • --ipv4-gateway configures the IPv4 gateway

To use git via ssh (only public/private key authentication is supported):

  • --ssh-seed for the seed of the private key (use the tool awa_gen_key to produce a random seed and public key, and put the seed here)
  • --ssh-authenticator to authenticate the ssh remote (format is SHA256:b64-encoded-public-key hash, the output of ssh-keygen -lf <(ssh-keyscan -t rsa|ed25519 remote-host 2>/dev/null))

For HTTPS service with let's encrypt certificate:

  • --tls=true enables tls
  • --hostname=my-server.example.com configuring the server name
  • --production=true for let's encrypt production environment (default is false, which uses the let's encrypt staging environment)
  • (optional) --cert-seed=<my-seed> seed for the private key of the certificate (dd if=/dev/random bs=32 count=1 | b64encode -m -)
  • (optional) --account-seed=<my-seed> seed for the let's encrypt account (see above how to generate this)
  • (optional) --email=<account email> email address used for let's encrypt account registration

For a complete list of boot parameters, execute the binary with --help as argument.

Installation from source

To install this unikernel from source, you need to have opam (>= 2.0.0) and ocaml (>= 4.07.0) installed. Also, mirage is required (>= 3.7.7). Please follow the installation instructions.

The following steps will clone this git repository and compile the unikernel:

$ git clone https://github.com/roburio/unipi.git
$ cd unipi
$ mirage configure -t <your-favourite-target> #i.e. hvt, spt, xen
$ make depend
$ make

Installing as binary

There are not yet any binaries available, but work is underway to provide reproducible binaries.

Questions?

Please open an issue if you have questions, feature requests, or comments.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].