π DeploymentΒΆ
π³ DockerΒΆ
Docker imageΒΆ
To deploy CertBob, use the following Docker image:
harbor.confirm.ch/certbob/certbob
Docker commandΒΆ
To deploy CertBob via a simple docker command, use the following CLI arguments:
docker run -d \
--name certbob \
-e CA_URL=https://ca.example.net \
-e CA_FINGERPRINT=<ca-fingerprint> \
-e PROVISIONER_PASSWORD=<provisioner-password> \
-p 5000:5000 \
-v data:/data \
harbor.confirm.ch/certbob/certbob
Hint
Itβs recommended to deploy CertBob via Docker Compose.
Docker ComposeΒΆ
Use the following docker-compose.yml file to start CertBob:
---
services:
certbob:
image: harbor.confirm.ch/certbob/certbob
environment:
CA_URL: https://ca.example.net
CA_FINGERPRINT: <ca-fingerprint>
PROVISIONER_PASSWORD: <provisioner-password>
ports:
- '5000:5000'
volumes:
- data:/data
restart: unless-stopped
volumes:
data:
Then bring the stack up with:
docker compose up -d
See also
Check out the π Integrations & π Configuration chapters for more configuration options.
ποΈ CAΒΆ
CertBob needs to be able to talk to a smallstep CA, which is configured via:
Tip
If youβre using our CA service, run the following commands inside the ca container to get the fingerprint:
step certificate fingerprint certs/root_ca.crt
If youβre on the host, you can use docker exec:
docker exec ca step certificate fingerprint certs/root_ca.crt
CA provisionerΒΆ
CertBob uses a dedicated provisioner to access the CA. The provisioner is configured via:
Tip
Itβs recommended to create a dedicated CA provisioner for CertBob. CertBob will respect the default duration configured in the provisioner, and will not override it.
If youβre using our CA service, check out the π Provisioners docs.