mirror of
https://github.com/Haxxnet/Compose-Examples
synced 2025-02-25 17:38:44 +00:00
chore: update readme
This commit is contained in:
parent
8e4b8c9bcf
commit
11d7c6bd9d
@ -5,22 +5,40 @@
|
|||||||
|
|
||||||
# Notes
|
# Notes
|
||||||
|
|
||||||
1. Download the `docker-compose.yml` file from this repository.
|
|
||||||
2. Create a firezone `.env` file via the command `docker run --rm l4rm4nd/firezone bin/gen-env > .env`
|
|
||||||
3. Adjust `docker-compose.yml` and created `.env` to your needs. Especially change the environment variables `DEFAULT_ADMIN_EMAIL`, `DEFAULT_ADMIN_PASSWORD` and `EXTERNAL_URL` to secure values!
|
|
||||||
4. Proceed by executing the below commands.
|
|
||||||
|
|
||||||
````
|
````
|
||||||
|
# download compose file
|
||||||
|
wget https://raw.githubusercontent.com/Haxxnet/Compose-Examples/main/examples/firezone/docker-compose.yml
|
||||||
|
|
||||||
|
# generate an .env file
|
||||||
|
docker run --rm ghcr.io/l4rm4nd/firezone:latest bin/gen-env > .env
|
||||||
|
|
||||||
|
# adjust .env file to your needs
|
||||||
|
# define EXTERNAL_URL + DEFAULT_ADMIN_EMAIL + DEFAULT_ADMIN_PASSWORD
|
||||||
|
|
||||||
|
# disable telemetry via .env
|
||||||
|
echo -e "\nTELEMETRY_ENABLED=false" >> .env
|
||||||
|
|
||||||
|
# enable local auth
|
||||||
|
echo -e "\nLOCAL_AUTH_ENABLED=true" >> .env
|
||||||
|
|
||||||
|
# migrate database and create admin user
|
||||||
docker compose run --rm firezone bin/migrate
|
docker compose run --rm firezone bin/migrate
|
||||||
docker compose run --rm firezone bin/create-or-reset-admin
|
docker compose run --rm firezone bin/create-or-reset-admin
|
||||||
|
|
||||||
|
# spawn the container stack
|
||||||
docker compose up -d
|
docker compose up -d
|
||||||
````
|
````
|
||||||
|
|
||||||
Note: It is recommended to run the Firezone web panel behind a reverse proxy (e.g. Traefik) if you want to expose it. Alternatively, keep it running on http://127.0.0.1:13000.
|
Afterwards, the admin mgmt UI is accessible on http://127.0.0.1:13000.
|
||||||
|
|
||||||
|
It is recommended to combine Firezone with a TLS reverse proxy such as Traefik as well as with an Identity Provider (IdP) such as Keycloak or Authentik for Single-Sign-On (SSO). Once SSO is enabled, you should disable the possibility for local authentication via the .env file.
|
||||||
|
|
||||||
> [!WARNING]
|
> [!WARNING]
|
||||||
> Firezone v0.7 has reached End-of-Life on 31st January 2024.
|
> Firezone v0.7 has reached End-of-Life on 31st January 2024.
|
||||||
>
|
>
|
||||||
> It undergoes a complete redesign (zero-knowledge, cloud) for v1.0 and won't provide any updates for the v0.7 (legacy) branch anymore. More information can be found [here](https://www.firezone.dev/blog/firezone-1-0).
|
> It undergoes a complete redesign (zero-knowledge, cloud) for v1.0 and won't provide any updates for the v0.7 (legacy) branch anymore. More information can be found [here](https://www.firezone.dev/blog/firezone-1-0).
|
||||||
>
|
|
||||||
|
> [!TIP]
|
||||||
> A new fork (l4rm4nd/fireabend) tries to fix outdated dependencies and keep the software alive.
|
> A new fork (l4rm4nd/fireabend) tries to fix outdated dependencies and keep the software alive.
|
||||||
|
>
|
||||||
|
> The fork starts with a new v7.0.0 release version and tag.
|
||||||
|
Loading…
x
Reference in New Issue
Block a user