mathdatech/Compose-Examples
1
0
Fork 0
mirror of https://github.com/Haxxnet/Compose-Examples synced 2025-02-25 01:18:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mathdatech:0952e9de878a3328ae48d801af27660ade2f4a8e
Branches Tags
mathdatech:main
..
compare: mathdatech:842c9b140ae7a7ce3c680e1039799c11eb2a0782
Branches Tags
mathdatech:main

No commits in common. "0952e9de878a3328ae48d801af27660ade2f4a8e" and "842c9b140ae7a7ce3c680e1039799c11eb2a0782" have entirely different histories.
0952e9de87 ... 842c9b140a

2 changed files with 11 additions and 15 deletions
Show Stats Expand all files Collapse all files

9
examples/firezone/README.md
View File

@ -4,10 +4,9 @@
# Notes
1. Download the `docker-compose.yml` file from this repository.
2. Create a firezone `.env` file via the command `docker run --rm firezone/firezone bin/gen-env > .env`
3. Adjust `docker-compose.yml` and created `.env` to your needs. Especially change the environment variables `DEFAULT_ADMIN_EMAIL`, `DEFAULT_ADMIN_PASSWORD` and `EXTERNAL_URL` to secure values!
4. Proceed by executing the below commands.
1. Download the `docker-compose.yml` and `.env` file from this repository.
2. Adjust both files to your needs. Especially change the default secrets!
3. Proceed by executing the below commands.
````
docker compose run --rm firezone bin/migrate
@ -15,4 +14,4 @@ docker compose run --rm firezone bin/create-or-reset-admin
docker compose up -d
````
Note: It is recommended to run the Firezone web panel behind a reverse proxy (e.g. Traefik) if you want to expose it. Alternatively, keep it running on http://127.0.0.1:13000.
Note: This compose setup requires an already existing dockerized Traefik reverse proxy.

17
examples/firezone/docker-compose.yml
View File

@ -15,9 +15,6 @@ services:
container_name: firezone-web
ports:
- 51820:51820/udp
- 127.0.0.1:13000:13000/tcp
expose:
- 13000
env_file:
# This should contain a list of env vars for configuring Firezone.
# See https://docs.firezone.dev/reference/env-vars for more info.
@ -27,13 +24,13 @@ services:
# /var/firezone/private_key exists when Firezone starts, it is
# used as the WireGuard private. Otherwise, one is generated.
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/firezone:/var/firezone
#labels:
# - traefik.enable=true
# - traefik.docker.network=dev
# - traefik.http.routers.firezone_https.rule=Host(`firezone.example.com`)
# - traefik.http.routers.firezone_https.tls=true
# - traefik.http.services.firezone.loadbalancer.server.port=13000
# #- traefik.http.routers.firezone.middlewares=local-ipwhitelist@file
labels:
- traefik.enable=true
- traefik.docker.network=dev
- traefik.http.routers.firezone_https.rule=Host(`firezone.example.com`)
- traefik.http.routers.firezone_https.tls=true
- traefik.http.services.firezone.loadbalancer.server.port=13000
#- traefik.http.routers.firezone.middlewares=local-ipwhitelist@file
cap_add:
# Needed for WireGuard and firewall support.
- NET_ADMIN