git repo has a new home also blog is at a new place

main
Hannes Mehnert 1 year ago
parent 356933d687
commit 2212638bf2
  1. 2
      .config/root
  2. 3
      About
  3. 3
      Posts/ARP
  4. 3
      Posts/BadRecordMac
  5. 3
      Posts/BottomUp
  6. 2
      Posts/Conex
  7. 3
      Posts/DNS
  8. 2
      Posts/DnsServer
  9. 2
      Posts/EC
  10. 3
      Posts/Functoria
  11. 2
      Posts/NGI
  12. 3
      Posts/OCaml
  13. 7
      Posts/OperatingSystem
  14. 3
      Posts/Pinata
  15. 2
      Posts/ReproducibleOPAM
  16. 3
      Posts/Solo5
  17. 2
      Posts/Summer2019
  18. 3
      Posts/Syslog
  19. 2
      Posts/Traceroute
  20. 2
      Posts/VMM
  21. 2
      Posts/X50907
  22. 3
      Posts/nqsbWebsite

@ -1 +1 @@
https://hannes.nqsb.io
https://hannes.robur.coop

@ -110,5 +110,4 @@ not invalidated :-)" [Xavier Leroy](https://lwn.net/Articles/19378/)), and the [
You can find me on [twitter](https://twitter.com/h4nnes) and on
[GitHub](https://github.com/hannesm).
No comments here, but you can open issues on the [data repository on
GitHub](https://github.com/hannesm/hannes.nqsb.io).
The data of this blog is [stored in a git repository](https://git.robur.io/hannes/hannes.robur.coop).

@ -86,5 +86,4 @@ I ran each benchmark 3 times on a single core (used `cpuset -l 3` to pin it to o
There was even a bug in the MirageOS ARP code: [its definition of gratuitous ARP is wrong](https://github.com/mirage/mirage-tcpip/issues/225).
I'm interested in feedback, either via
[twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
[twitter](https://twitter.com/h4nnes) or via eMail.

@ -68,8 +68,7 @@ We have seen plain data in a TLS encrypted stream. The plain data was intended
Certainly, interfacing the outside world is complex. The [mirage-block-xen](https://github.com/mirage/mirage-block-xen) library uses a similar protocol to access block devices. From a brief look, that library seems to be safe (using 64bit identifiers).
I'm interested in feedback, either via
[twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
[twitter](https://twitter.com/h4nnes) or via eMail.
## Other updates in the MirageOS ecosystem

@ -105,5 +105,4 @@ OCaml does not yet do dead code elimination, but there [is a PR](https://github.
Those counting statistics could go into more detail (e.g. using `nm` to count the sizes of concrete symbols - which opens the possibility to see which symbols are present in the objects, but not in the final binary). Also, collecting the numbers for each module in a library would be great to have. In the end, it would be great to easily spot the source fragments which are responsible for a huge binary size (and getting rid of them).
I'm interested in feedback, either via
[twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
[twitter](https://twitter.com/h4nnes) or via eMail.

@ -389,4 +389,4 @@ verification experiments, and opam2 integration.
I'm interested in feedback, please open an issue on the [conex
repository](https://github.com/hannesm/conex). This article itself is stored as
Markdown [in a different repository](https://github.com/hannesm/hannes.nqsb.io).
Markdown [in a different repository](https://git.robur.io/hannes/hannes.robur.coop).

@ -307,5 +307,4 @@ signing requests and stores signed certificates in DNS. Luckily the year only
started and there's plenty of time left.
I'm interested in feedback, either via <strike>[twitter](https://twitter.com/h4nnes)</strike>
hannesm@mastodon.social or an issue on the [data
repository](https://github.com/hannesm/hannes.nqsb.io/issues).
hannesm@mastodon.social or via eMail.

@ -351,4 +351,4 @@ There are further steps to take, such as monitoring -- have a look at the `monit
I'd like to thank all people involved in this software stack, without other key components, including [git](https://github.com/mirage/ocaml-git), [irmin 2.0](https://irmin.io/), [nocrypto](https://github.com/mirleft/ocaml-nocrypto), [awa-ssh](https://github.com/haesbaert/awa-ssh), [cohttp](https://github.com/mirage/ocaml-cohttp), [solo5](https://github.com/solo5/sol5), [mirage](https://github.com/mirage/mirage), [ocaml-letsencrypt](https://github.com/mmaker/ocaml-letsencrypt), and more.
If you want to support our work on MirageOS unikernels, please [donate to robur](https://robur.coop/Donate). I'm interested in feedback, either via [twitter](https://twitter.com/h4nnes), [hannesm@mastodon.social](https://mastodon.social/@hannesm) or an issue on the [data repository](https://github.com/hannesm/hannes.nqsb.io/issues).
If you want to support our work on MirageOS unikernels, please [donate to robur](https://robur.coop/Donate). I'm interested in feedback, either via [twitter](https://twitter.com/h4nnes), [hannesm@mastodon.social](https://mastodon.social/@hannesm) or via eMail.

@ -89,4 +89,4 @@ Another potential project that is very close now is a certificate authority deve
## Footer
If you want to support our work on MirageOS unikernels, please [donate to robur](https://robur.coop/Donate). I'm interested in feedback, either via [twitter](https://twitter.com/h4nnes), [hannesm@mastodon.social](https://mastodon.social/@hannesm) or an issue on the [data repository](https://github.com/hannesm/hannes.nqsb.io/issues).
If you want to support our work on MirageOS unikernels, please [donate to robur](https://robur.coop/Donate). I'm interested in feedback, either via [twitter](https://twitter.com/h4nnes), [hannesm@mastodon.social](https://mastodon.social/@hannesm) or via eMail.

@ -149,8 +149,7 @@ The important bits are what actually happens during `configure` and `clean`: exe
We walked through the configuration magic of MirageOS, which is a domain-specific language designed for MirageOS demands. We can run arbitrary commands at compile time, and do not need to escape into external files, such as Makefile or shell scripts, but can embed them in our `config.ml`.
I'm interested in feedback, either via
[twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
[twitter](https://twitter.com/h4nnes) or via eMail.
## Other updates in the MirageOS ecosystem

@ -101,4 +101,4 @@ Mirage so far still uses ocamlbuild and ocamlfind for compiling the virtual mach
## Footer
If you want to support our work on MirageOS unikernels, please [donate to robur](https://robur.coop/Donate). I'm interested in feedback, either via [twitter](https://twitter.com/h4nnes), [hannesm@mastodon.social](https://mastodon.social/@hannesm) or an issue on the [data repository](https://github.com/hannesm/hannes.nqsb.io/issues).
If you want to support our work on MirageOS unikernels, please [donate to robur](https://robur.coop/Donate). I'm interested in feedback, either via [twitter](https://twitter.com/h4nnes), [hannesm@mastodon.social](https://mastodon.social/@hannesm) or via eMail.

@ -131,8 +131,7 @@ I hope I gave some insight into OCaml, and why I currently enjoy it. A longer r
[Not-quite-so-broken TLS: lessons in re-engineering a security protocol
specification and
implementation](https://nqsb.io/nqsbtls-usenix-security15.pdf). I'm interested in feedback, either via
[twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
[twitter](https://twitter.com/h4nnes) or via eMail.
## Other updates in the MirageOS ecosystem

@ -120,7 +120,7 @@ system (the markdown content is held in memory with irmin!), no user management
At compile (configuration) time, the TLS keys are baked into the image, in addition to the url of the remote
git repository, the IPv4 address and ports the image should use:
The full command line for configuring this website is: `mirage configure --no-opam --xen -i Posts -n "full stack engineer" -r https://github.com/hannesm/hannes.nqsb.io.git --dhcp false --network 0 --ip 198.167.222.205 --netmask 255.255.255.0 --gateways 198.167.222.1 --tls 443 --port 80`.
The full command line for configuring this website is: `mirage configure --no-opam --xen -i Posts -n "full stack engineer" -r git://git.robur.io/hannes/hannes.robur.coop.git --dhcp false --network 0 --ip 198.167.222.205 --netmask 255.255.255.0 --gateways 198.167.222.1 --tls 443 --port 80`.
It relies on the fact that the TLS certificate chain and private key are in the `tls/` subdirectory, which is transformed to code and included in the image (using [crunch](https://github.com/mirage/ocaml-crunch)). An improvement would be to [use an ELF section](https://github.com/mirage/mirage/issues/489), but there is no code yet.
After configuring and installing the required dependencies, a `make` builds the statically linked image.
@ -163,12 +163,11 @@ access control.
I hope I gave some insight into what the purpose of an operating systems is, and
how MirageOS fits into the picture. I'm interested in feedback, either via
[twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
[twitter](https://twitter.com/h4nnes) or via eMail.
## Other updates in the MirageOS ecosystem
- this website is based on [Canopy](https://github.com/Engil/Canopy), the content is stored as markdown in a [git repository](https://github.com/hannesm/hannes.nqsb.io)
- this website is based on [Canopy](https://github.com/Engil/Canopy), the content is stored as markdown in a [git repository](https://git.robur.io/hannes/hannes.robur.coop)
- it was running in a [FreeBSD](https://FreeBSD.org) jail, but when I compiled too much the underlying [zfs file system](https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/zfs.html) wasn't happy (and is now hanging in kernel space in a read)
- no remote power switch (borrowed to a friend 3 weeks ago), nobody was willing to go to the data centre and reboot
- I wanted to move it anyways to a host where I can deploy [Xen](http://www.xenproject.org/) guest VMs

@ -64,7 +64,6 @@ You can short-circuit the client and server Piñata endpoint and observe the pri
If you attempted to exploit the Piñata, please let us know what you tried! Via
<strike>[twitter](https://twitter.com/h4nnes)</strike>
[hannesm@mastodon.social](http://mastodon.social/@hannesm) or a [GitHub
issue](https://github.com/hannesm/hannes.nqsb.io/issues).
[hannesm@mastodon.social](http://mastodon.social/@hannesm) or via eMail.
Since [the start of 2018](/Posts/DNS) we are developing robust software and systems at [robur](http://robur.io). If you like our work and want to support us with donations or development contracts, please get in touch with `team@robur.io`. Robur is a project of the German non-profit [Center for the cultivation of technology](https://techcultivation.org). Donations to robur are tax-deductible in Europe.

@ -84,4 +84,4 @@ What was fun was to compare the unikernel when built on Linux with gcc against a
An item on my list for the future is to distribute the opam export, build hashes and build environment artifacts in a authenticated way. I want to integrate this as [in-toto](https://in-toto.io/) style into [conex](https://github.com/hannesm/conex), my not-yet-deployed implementation of [tuf](https://theupdateframework.github.io/) for opam that needs further development and a test installation, hopefully in 2020.
If you want to support our work on MirageOS unikernels, please [donate to robur](https://robur.coop/Donate). I'm interested in feedback, either via [twitter](https://twitter.com/h4nnes), [hannesm@mastodon.social](https://mastodon.social/@hannesm) or an issue on the [data repository](https://github.com/hannesm/hannes.nqsb.io/issues).
If you want to support our work on MirageOS unikernels, please [donate to robur](https://robur.coop/Donate). I'm interested in feedback, either via [twitter](https://twitter.com/h4nnes), [hannesm@mastodon.social](https://mastodon.social/@hannesm) or via eMail.

@ -79,8 +79,7 @@ Network and TLS stack works as well (tested 30th October).
I managed to get solo5 to work with bhyve. I even use clang instead of gcc and don't need to link `libgcc.a`. :) It is great to see further development in hypervisors and virtual machine monitors. Especially thanks to [Martin Lucina](https://lucina.net) for getting things sorted.
I'm interested in feedback, either via
[twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
[twitter](https://twitter.com/h4nnes) or via eMail.
## Other updates in the MirageOS ecosystem

@ -62,4 +62,4 @@ The [GADT map](https://github.com/hannesm/gmap) is a normal OCaml Map structure,
More projects are happening as we speak, it takes time to upstream all the changes, such as monitoring, new core libraries, getting our DNS implementation released, pushing Conex into production, more features such as DNSSec, ...
I'm interested in feedback, either via <strike>[twitter](https://twitter.com/h4nnes)</strike> [hannesm@mastodon.social](https://mastodon.social/@hannesm) or an issue on the [data repository](https://github.com/hannesm/hannes.nqsb.io/issues).
I'm interested in feedback, either via <strike>[twitter](https://twitter.com/h4nnes)</strike> [hannesm@mastodon.social](https://mastodon.social/@hannesm) or via eMail.

@ -189,5 +189,4 @@ occured.
online](https://hannesm.github.io/logs-syslog/doc), released in opam.
I'm interested in feedback, either via
[twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
[twitter](https://twitter.com/h4nnes) or via eMail.

@ -378,4 +378,4 @@ If you develop enhancements you'd like to share, please sent a pull request to t
Motivation for this traceroute unikernel was while talking with [Aaron](https://twitter.com/networkservice) and [Paul](https://github.com/phaer), who contributed several patches to the IP stack which pass the ttl through.
If you want to support our work on MirageOS unikernels, please [donate to robur](https://robur.coop/Donate). I'm interested in feedback, either via [twitter](https://twitter.com/h4nnes), [hannesm@mastodon.social](https://mastodon.social/@hannesm) or an issue on the [data repository](https://github.com/hannesm/hannes.nqsb.io/issues).
If you want to support our work on MirageOS unikernels, please [donate to robur](https://robur.coop/Donate). I'm interested in feedback, either via [twitter](https://twitter.com/h4nnes), [hannesm@mastodon.social](https://mastodon.social/@hannesm) or via eMail.

@ -317,7 +317,7 @@ to deploy your unikernel on my hardware, please send me a certificate signing
request. I'm interested in feedback, either via
[twitter](https://twitter.com/h4nnes) or open issues in the repository. This
article itself is stored [in a different
repository](https://github.com/hannesm/hannes.nqsb.io) (in case you have typo or
repository](https://git.robur.io/hannes/hannes.robur.coop) (in case you have typo or
grammatical corrections).
I'm very thankful to people who gave feedback on earlier versions of this

@ -69,4 +69,4 @@ I intended in 0.7.0 to have much more precise types, esp. for the SubjectAlterna
The work on X.509 was sponsored by [OCaml Labs](http://ocamllabs.io/). You can support our work at robur by a [donation](https://robur.io/Donate), which we will use to work on our OCaml and MirageOS projects. You can also reach out to us to realize commercial products.
I'm interested in feedback, either via <strike>[twitter](https://twitter.com/h4nnes)</strike> [hannesm@mastodon.social](https://mastodon.social/@hannesm) or an issue on the [data repository](https://github.com/hannesm/hannes.nqsb.io/issues).
I'm interested in feedback, either via <strike>[twitter](https://twitter.com/h4nnes)</strike> [hannesm@mastodon.social](https://mastodon.social/@hannesm) or via eMail.

@ -261,8 +261,7 @@ There is a long list of potential features, such as full HTTP protocol complianc
For a start in MirageOS unikernels, look into our [mirage-skeleton](https://github.com/mirage/mirage-skeleton) project, and into the [/dev/winter](https://github.com/mattgray/devwinter2016/) presentation by Matt Gray.
I'm interested in feedback, either via
[twitter](https://twitter.com/h4nnes) or as an issue on the [data repository on
GitHub](https://github.com/hannesm/hannes.nqsb.io/issues).
[twitter](https://twitter.com/h4nnes) or via eMail.
## Other updates in the MirageOS ecosystem

Loading…
Cancel
Save