Module Capnp_rpc_unix.Vat_config

Configuration for a Vat.

type t
val create : ?backlog:int -> ?public_address:Network.Location.t -> secret_key:[< `File of string | `PEM of string | `Ephemeral ] -> ?serve_tls:bool -> Network.Location.t -> t

create ~secret_key listen_address is the configuration for a server vat that listens on address listen_address. secret_key may be one of:

  • `File path: a PEM-encoded RSA private key is read from path. If path doesn't yet exist, a new key is created and stored there.
  • `PEM data: the given PEM-encoded data is used as the key.
  • `Ephemeral: a new key is generated (if needed) and not saved anywhere. If serve_tls is false then the vat accepts unencrypted incoming connections. If true (the default), the vat performs a server TLS handshake, using secret_key to prove its identity to clients. backlog is passed to Unix.listen. The vat will suggest that others connect to it at public_address (or listen_address if no public address is given).

secret_key t returns the vat's secret yet, generating it if this is the first time it has been used.

val hashed_secret : t -> string

hashed_secret t is the SHA256 digest of the secret key file. This is useful as an input to Restorer.Id.derived.

val derived_id : t -> string -> Capnp_rpc_net.Restorer.Id.t

derived_id t name is a secret service ID derived from name and the vat's secret key (using Restorer.Id.derived). It won't change (unless the vat's key changes).

val sturdy_uri : t -> Capnp_rpc_net.Restorer.Id.t -> Uri.t

sturdy_uri t id is a sturdy URI for id at the vat that would be created by t.

val pp : t Fmt.t

This is probably only useful for the unit-tests.

val equal : t -> t -> bool

This is probably only useful for the unit-tests.

val cmd : t Cmdliner.Term.t

cmd evalutes to a configuration populated from the command-line options.