Dear Markus, Thanks for the headsup! I delayed a little with the quick fix this time in order to deploy the new udns stack which supports Letsencrypt renewal. As a warning, this means switching our root name servers out, so there may be some downtime for DNS over the next few hours/days. In return, we will have a fully-selfhosted DNS/HTTPS mirage.io <http://mirage.io/> domain using itself!
The steps are: - Switching root name server for mirage.io <http://mirage.io/> to udns. I have deployed a new host on packet.net <http://packet.net/> running mirage-ns1.signpost.io <http://mirage-ns1.signpost.io/> (using the other domain to avoid needing a glue record for now). It uses the "primary-git" example from udns, and is pointing at https://github.com/mirage/ns.mirage.io <https://github.com/mirage/ns.mirage.io> and uses Irmin to retrieve the zone file via Git. - Once this has propagated, I need to setup the tsig keys on that nameserver in order to do automated LE updates. Hannes, do you have any tips/guides on how to do this or an example in the repo? - When we have a new LE key for the website, I'm going to redeploy that on a new host (since the current mirage.io <http://mirage.io/> is running on an ancient Debian). It will initially run on Solo5 as well, but I'll add another Xen host later since, as Mindy points out, it's an important litmus test to make sure that backend works. - Once this settles down, I'll setup a Datakit-CI instance to autorebuild the unikernels and deploy them on the hosts, and give SSH access to any Mirage developer that wants access to debug the infrastructure. cheers, Anil > On 11 Aug 2018, at 12:42, Markus Rudy <[email protected]> wrote: > > Hi all, > > sorry in advance if this hits the wrong audience. > > The following certificates are currently invalid: > > - mirage.io: expired Aug 1st > - tls.openmirage.org: issued for tls.nqsb.org (which is defunct) > > Cheers, Markus > > _______________________________________________ > MirageOS-devel mailing list > [email protected] > https://lists.xenproject.org/mailman/listinfo/mirageos-devel
_______________________________________________ MirageOS-devel mailing list [email protected] https://lists.xenproject.org/mailman/listinfo/mirageos-devel
