Doomsday is a server (and also a CLI) which can be configured to track certificates from different storage backends (Vault, Credhub, Pivotal Ops Manager, or actual websites) and provide a tidy view into when certificates will expire. Doomsday provides no automation for renewal - Doomsday simply provides the information required for maintainers to take action.
Create a configuration manifest and start the server against it with
doomsday server -m <pathtomanifest>
The manifest should be written in YAML. An example schema with documentation can be found at docs/ddayconfig.yml
Pushing to CloudFoundry
You'll want to make a directory that has three files.
- A binary of doomsday for the correct operating system
- A doomsday server configuration manifest
- A cf application manifest for deploying doomsday
The binary can be found at the releases page for this Github repo.
An example manifest can be found at
docs/ddayconfig.yml. Omit the
from the manifest. This will cause the server to look for the
variable for which port to have the API listen on (which is what CF wants).
The cf application manifest will probably look something like this,
assuming that your binary is called
doomsday, and your configuration
manifest is called
--- applications: - name: doomsday memory: 256M instances: 1 command: ./doomsday server -m doomsdayconf.yml buildpack: binary_buildpack
Then, if your cf app manifest is called
cf push -f manifest.yml
This project uses https://github.com/kardianos/govendor for vendoring.