diff --git a/examples/firezone/README.md b/examples/firezone/README.md index ddcd03c..2a1def8 100644 --- a/examples/firezone/README.md +++ b/examples/firezone/README.md @@ -5,22 +5,40 @@ # Notes -1. Download the `docker-compose.yml` file from this repository. -2. Create a firezone `.env` file via the command `docker run --rm l4rm4nd/firezone bin/gen-env > .env` -3. Adjust `docker-compose.yml` and created `.env` to your needs. Especially change the environment variables `DEFAULT_ADMIN_EMAIL`, `DEFAULT_ADMIN_PASSWORD` and `EXTERNAL_URL` to secure values! -4. Proceed by executing the below commands. - ```` +# download compose file +wget https://raw.githubusercontent.com/Haxxnet/Compose-Examples/main/examples/firezone/docker-compose.yml + +# generate an .env file +docker run --rm ghcr.io/l4rm4nd/firezone:latest bin/gen-env > .env + +# adjust .env file to your needs +# define EXTERNAL_URL + DEFAULT_ADMIN_EMAIL + DEFAULT_ADMIN_PASSWORD + +# disable telemetry via .env +echo -e "\nTELEMETRY_ENABLED=false" >> .env + +# enable local auth +echo -e "\nLOCAL_AUTH_ENABLED=true" >> .env + +# migrate database and create admin user docker compose run --rm firezone bin/migrate docker compose run --rm firezone bin/create-or-reset-admin + +# spawn the container stack docker compose up -d ```` -Note: It is recommended to run the Firezone web panel behind a reverse proxy (e.g. Traefik) if you want to expose it. Alternatively, keep it running on http://127.0.0.1:13000. +Afterwards, the admin mgmt UI is accessible on http://127.0.0.1:13000. + +It is recommended to combine Firezone with a TLS reverse proxy such as Traefik as well as with an Identity Provider (IdP) such as Keycloak or Authentik for Single-Sign-On (SSO). Once SSO is enabled, you should disable the possibility for local authentication via the .env file. > [!WARNING] > Firezone v0.7 has reached End-of-Life on 31st January 2024. > > It undergoes a complete redesign (zero-knowledge, cloud) for v1.0 and won't provide any updates for the v0.7 (legacy) branch anymore. More information can be found [here](https://www.firezone.dev/blog/firezone-1-0). -> + +> [!TIP] > A new fork (l4rm4nd/fireabend) tries to fix outdated dependencies and keep the software alive. +> +> The fork starts with a new v7.0.0 release version and tag.