Mirage unikernel VPN support
Closed this issue · 6 comments
Hi @talex5 and thank you!
Is there a Mirage Unikernel equivalent for VPNs?
none i am aware of.
there are however various vpn-related protocols implemented in ocaml already.
so the main part missing is for someone to slap it together into a usable vm.
there may or may not be people planning to work on that at the 2020-03 retreat.
ping @hannesm @laudecay
Is the 2020-03 retreat still on, even in a virtual format? I am anxiously awaiting a ocaml/mirage unikernel that reads OVPN files. Surely many other qubes users are, too.
sorry, there has been not much happening on this front at the retreat AFAICT (there are other QubesOS-related news -- namely Xen-PVH, which we'll hopefully shortly get into MirageOS merged and released)
There's @roburio 's https://github.com/roburio/openvpn that appears to be intended to specifically integrate with qubes (per the release roadmap issue).
and there was apparently at one point an attempt at a wireguard-ocaml implementation (https://github.com/cfcs/ocaml-wireguard) which is now 404, but existed long enough to be referenced here.
and cfcs is working on a Mirage/OCaml image-parser also apparently intended to integrate with qubes....
and @cfcs was called out in that openvpn issue 3... so I assume there's some progress being made on a Mirage VPN (since I imagine the Mirage-Qubes hacker group is pretty small).
I'm closing this issue, it is unrelated to the qubes-mirage-firewall. For discussions about future VPN unikernels, let's talk on the mirage mailing list, or discuss.ocaml.org (or reach out to team at robur dot coop).
Just to inform you that Robur are currently developping a QubesOS unikernel as a VPN client. It is available here: https://github.com/robur-coop/qubes-miragevpn. A tutorial is actually available here too: robur-coop/miragevpn-handbook#3