Make.Vat_config
module Listen_address : sig ... end
val create :
public_address:Location.t ->
secret_key:[< `PEM of string | `Ephemeral ] ->
?serve_tls:bool ->
Listen_address.t ->
t
create ~public_address ~secret_key listen_address
is the configuration for a server vat that listens on address listen_address
. secret_key
may be one of:
`PEM data
: the given PEM-encoded data is used as the key.`Ephemeral
: a new key is generated (if needed) and not saved anywhere. If serve_tls
is false
then the vat accepts unencrypted incoming connections. If true
(the default), the vat performs a server TLS handshake, using secret_key
to prove its identity to clients. The vat will suggest that others connect to it at public_address
.val secret_key : t -> Capnp_rpc_net.Auth.Secret_key.t
secret_key t
returns the vat's secret yet, generating it if this is the first time it has been used.
val hashed_secret : t -> string
hashed_secret t
is the SHA256 digest of the secret key file. This is useful as an input to Restorer
.Id.derived.
val derived_id : t -> string -> Capnp_rpc_net.Restorer.Id.t
derived_id t name
is a secret service ID derived from name and the vat's secret key (using Restorer
.Id.derived). It won't change (unless the vat's key changes).
val sturdy_uri : t -> Capnp_rpc_net.Restorer.Id.t -> Uri.t
sturdy_uri t id
is a sturdy URI for id
at the vat that would be created by t
.