Configure Firezone
There are two types of configuration in Firezone:
- Runtime configuration: Application configuration related to day-to-day operation of Firezone.
- Deployment configuration: Deployment or infrastructure-related configuration relevant to running Firezone on-prem.
Runtime configuration
Most day-to-day configuration of Firezone can be done via the Web UI or REST API. This type of configuration can be expected to be changed with no downtime in a production deployment.
We're actively working to move more configuration variables to this type of configuration, so expect more ENV vars to transition to runtime configuration in the future.
Deployment configuration
Deployment-related and infrastructure configuration require restarting Firezone services after change.
- Docker
- Omnibus
Docker-based deployments are configured through environment
variables passed to the firezone container. These can be
specified either in a .env file in the current directory,
the docker-compose.yml file, or passed to the docker run
call directly. See the env var reference
for a complete listing.
See Docker's documentation for more information.
For Omnibus-based deployments, Firezone leverages Chef Omnibus to handle release packaging, process supervision, log management, and more.
The main configuration file is written in Ruby and can
be found at /etc/firezone/firezone.rb on a default installation.
Changing this file requires re-running sudo firezone-ctl reconfigure
which triggers Chef to pick up the changes and apply them to the running
system.
For an exhaustive list of Omnibus configuration variables and their descriptions, see the configuration file reference .