> ## Documentation Index
> Fetch the complete documentation index at: https://docs.codezero.io/llms.txt
> Use this file to discover all available pages before exploring further.

# cordon start

> Start the proxy server.

Start the cordon proxy server. The proxy loads config, resolves secrets, and begins intercepting requests.

## Usage

```bash theme={null}
cordon start [OPTIONS]
```

## Options

| Option           | Default | Description                                             |
| ---------------- | ------- | ------------------------------------------------------- |
| `--config`, `-c` | —       | Path to config file (mutually exclusive with `--scope`) |
| `--scope`        | project | `project` or `user` — selects which config file to load |
| `--log-level`    | `info`  | Log level: `trace`, `debug`, `info`, `warn`, `error`    |

`--config` and `--scope` are mutually exclusive — passing both is an error. Omitting both defaults to project scope (`$CWD/cordon.toml`).

## Examples

```bash theme={null}
# Start with project-scope config (./cordon.toml)
cordon start

# Start with user-scope config (~/.config/cordon/cordon.toml)
cordon start --scope user

# Start with a custom config file
cordon start --config /path/to/cordon.toml

# Start with debug logging
cordon start --log-level debug
```

## Behavior

1. Parses and validates the config file. Exits with an error if invalid. Relative `ca_cert_path` / `ca_key_path` values are resolved against the config file's directory, so configs work correctly when the working directory differs (e.g., when running as a launchd/systemd service).
2. Validates all HTTP route secrets from configured sources. If multiple secrets fail, all failures are reported at once so you can fix them in a single pass.
3. Resolves PostgreSQL listener credentials at startup (when PostgreSQL listeners are configured).
4. Generates or loads TLS certificates (if TLS is enabled).
5. Binds the listener on `127.0.0.1:<listen>`. The health endpoint serves `200` from this point.
6. Begins accepting connections. Response bodies are streamed through without buffering, so SSE and chunked transfer encoding responses (e.g., streaming AI API calls) work correctly.

The proxy runs in the foreground. Use `Ctrl+C` to stop, or run as a [background service](/guides/process-management).

## Update checks

On every start, Cordon sends a background HTTPS request to check for newer releases. The first start creates an opaque install ID and sends an `install` event; subsequent starts send a `start` event. The response is cached so that other commands can display the notice without an additional network call.

When the cache indicates a newer version is available, every command (except `upgrade`, `help`, `env`, and `status --quiet`) will show an update notice on stderr. In interactive sessions (stdin and stderr are terminals), Cordon prompts to upgrade in place:

```
Update available: v0.3.0 (current: v0.2.0)

Upgrade now? [Y/n]
```

Accepting runs the appropriate package manager (`brew upgrade cordon` or `npm install -g @codezero-io/cordon@latest`), verifies the result, and re-executes the original command on the new binary. Declining or pressing Enter in non-interactive sessions proceeds normally.

You can also upgrade explicitly at any time with [`cordon upgrade`](/cli/upgrade).

See [Telemetry and update checks](/security/overview#telemetry-and-update-checks) for the full list of data sent and opt-out options.