How to deploy Boulder in production, without Docker


#1

The operating system my web server runs on is (include version):

Linux, Ubuntu 18.04 LTS

My hosting provider, if applicable, is:

Amazon EC2 and RDS (MariaDB)

I can login to a root shell on my machine (yes or no, or I don’t know):

Yes

I have developed an ACMEv2 client in Go and tested it successfully using Pebble. Now I want to deploy Boulder.

I know there is a brief deployment guide online:

… but it is more of an overview than a step-by-step “How To” document.

My goal at the moment is to get Boulder deployed (without Docker) for testing, in the simplest configuration possible.

I cannot use the Let’s Encrypt staging server because we are evaluating whether to deploy our own copy of Boulder “internally”.

I need to be able to demonstrate the ability to:

  • configure Boulder to use our Amazon RDS (MariaDB)
  • graceful startup: launch Boulder processes in proper sequence,
    configured so they talk to each other.
  • use my own ACMEv2 client to talk to Boulder to:
    – submit a few orders with CSRs
    – get back signed certificates
    – revoke certificates
    – check certificate status through OCSP Responder
  • graceful shutdown

Has anyone other than the LetsEncrypt.org team deployed Boulder?

Any pointers or suggestions would be appreciated.