Configure Firezone
There are two types of configuration in Firezone:
- Runtime configuration: Application configuration related to day-to-day operation of Firezone.
- Deployment configuration: Deployment or infrastructure-related configuration relevant to running Firezone on-prem.
Runtime configuration
Most day-to-day configuration of Firezone can be done via the Web UI or REST API. This type of configuration can be expected to be changed with no downtime in a production deployment.
We're actively working to move more configuration variables to this type of configuration, so expect more ENV vars to transition to runtime configuration in the future.
Deployment configuration
Deployment-related and infrastructure configuration require restarting Firezone services after change.
Docker-based deployments are configured through environment variables passed to
the firezone
container. These can be specified either in a .env
file in the
current directory, the docker-compose.yml
file, or passed to the docker run
call directly. See the env var reference for a
complete listing.
See Docker's documentation for more information.
For Omnibus-based deployments, Firezone leverages Chef Omnibus to handle release packaging, process supervision, log management, and more.
The main configuration file is written in Ruby and can
be found at /etc/firezone/firezone.rb
on a default installation. Changing this
file requires re-running sudo firezone-ctl reconfigure
which triggers Chef
to pick up the changes and apply them to the running system.
For an exhaustive list of Omnibus configuration variables and their descriptions, see the configuration file reference .