mirror of
https://github.com/Haxxnet/Compose-Examples
synced 2024-11-28 06:21:14 +00:00
45 lines
1.6 KiB
Markdown
45 lines
1.6 KiB
Markdown
# Reference
|
|
|
|
- https://github.com/l4rm4nd/firezone (fork, maintained)
|
|
- https://github.com/firezone/firezone/tree/legacy (EoL)
|
|
|
|
# Notes
|
|
|
|
````
|
|
# download compose file
|
|
wget https://raw.githubusercontent.com/Haxxnet/Compose-Examples/main/examples/firezone/docker-compose.yml
|
|
|
|
# generate an .env file
|
|
docker run --rm ghcr.io/l4rm4nd/firezone:latest bin/gen-env > .env
|
|
|
|
# adjust .env file to your needs
|
|
# define EXTERNAL_URL + DEFAULT_ADMIN_EMAIL + DEFAULT_ADMIN_PASSWORD
|
|
|
|
# disable telemetry via .env
|
|
echo -e "\nTELEMETRY_ENABLED=false" >> .env
|
|
|
|
# enable local auth
|
|
echo -e "\nLOCAL_AUTH_ENABLED=true" >> .env
|
|
|
|
# migrate database and create admin user
|
|
docker compose run --rm firezone bin/migrate
|
|
docker compose run --rm firezone bin/create-or-reset-admin
|
|
|
|
# spawn the container stack
|
|
docker compose up -d
|
|
````
|
|
|
|
Afterwards, the admin mgmt UI is accessible on http://127.0.0.1:13000.
|
|
|
|
It is recommended to combine Firezone with a TLS reverse proxy such as Traefik as well as with an Identity Provider (IdP) such as Keycloak or Authentik for Single-Sign-On (SSO). Once SSO is enabled, you should disable the possibility for local authentication via the .env file.
|
|
|
|
> [!WARNING]
|
|
> Firezone v0.7 has reached End-of-Life on 31st January 2024.
|
|
>
|
|
> It undergoes a complete redesign (zero-knowledge, cloud) for v1.0 and won't provide any updates for the v0.7 (legacy) branch anymore. More information can be found [here](https://www.firezone.dev/blog/firezone-1-0).
|
|
|
|
> [!TIP]
|
|
> A new fork (l4rm4nd/fireabend) tries to fix outdated dependencies and keep the software alive.
|
|
>
|
|
> The fork starts with a new v7.0.0 release version and tag.
|