Configuration command

[hannesm]

There's a client command-line utility to configure and view the configuration of the tlstunnel -- but this is pretty hard to use (it requires an OCaml program to be executed on the internal network). The connection is authenticated (this is good).

Can we get towards an alternative? Options include:

• use a line-based ASCII protocol (e.g. netcat) -- but how would we authenticate?
• use an interactive ssh session (with awa-ssh)?
• use a web frontend

For being future-proof and with few dependencies on deployment, I currently prefer the ssh endpoint. This would also allow scripted updates (ssh <remote> add <domain> <ip> <port> -- which could as well be originated from a potential DHCP server that has these credentials). WDYT?

[hugusmaximus]

I would add the option of hard coding config at compile time...?

[hannesm]

I would add the option of hard coding config at compile time...?

That's an interesting suggestion, but as said in #13 (comment) it would be a different unikernel (that is way simpler (since it wouldn't need any management interface and block device for storing the configuration), but would be a custom build for every user (and thus be against the reproducible builds - delaying configuration to runtime)).