Skip to main content
Cordon needs to be running before your application starts making API calls. Here are several ways to manage the proxy lifecycle.

Procfile (foreman / overmind)

The simplest approach for development. Use cordon wait to block until the proxy is ready: 
proxy: cordon start --config cordon.yaml
web: cordon wait && npm run dev
cordon wait polls the health endpoint until it returns 200, then exits. Your application starts only after credentials are loaded and the proxy is accepting connections.

Background service

Install cordon as an OS-managed service that starts automatically: 
cordon service install --config /path/to/cordon.yaml
The service is installed as a launchd user agent. It starts on login and restarts on failure.
# Install
cordon service install --config /path/to/cordon.yaml

# Check status
cordon status

# Uninstall
cordon service uninstall

Named instances

Run multiple cordon instances with different configs: 
cordon service install --name api-proxy --config ~/configs/api-cordon.yaml
cordon service install --name db-proxy --config ~/configs/db-cordon.yaml

Health endpoint

The health endpoint is available at GET /health as soon as the proxy process starts:
StatusResponseMeaning
200{"status":"ok"}Proxy is ready — secrets loaded, accepting connections
503{"status":"starting"}Proxy is starting — secrets not yet loaded
The health endpoint serves 503 immediately at process start (before secrets load). This is intentional — process supervisors can distinguish between “starting” (503) and “not running” (connection refused).

Startup sequence

The proxy starts in a strict order:
  1. Parse and validate cordon.yaml. Exit on invalid config.
  2. Start health endpoint (serves 503 {"status":"starting"}).
  3. Resolve all secrets from configured sources. Exit if any fail.
  4. If TLS enabled: generate or load CA keypair.
  5. Bind listener on configured address.
  6. Mark health endpoint ready (200 {"status":"ok"}).
  7. Begin accepting connections.