There are two types of configuration in Firezone:
- Runtime configuration: Application configuration related to day-to-day operation of Firezone.
- Deployment configuration: Deployment or infrastructure-related configuration relevant to running Firezone on-prem.
Most day-to-day configuration of Firezone can be done via the Web UI or REST API. This type of configuration can be expected to be changed with no downtime in a production deployment.
We're actively working to move more configuration variables to this type of configuration, so expect more ENV vars to transition to runtime configuration in the future.
Deployment-related and infrastructure configuration require restarting Firezone services after change.
Docker-based deployments are configured through environment
variables passed to the
firezone container. These can be
specified either in a
.env file in the current directory,
docker-compose.yml file, or passed to the
call directly. See the env var reference
for a complete listing.
See Docker's documentation for more information.
For Omnibus-based deployments, Firezone leverages Chef Omnibus to handle release packaging, process supervision, log management, and more.
The main configuration file is written in Ruby and can
be found at
/etc/firezone/firezone.rb on a default installation.
Changing this file requires re-running
sudo firezone-ctl reconfigure
which triggers Chef to pick up the changes and apply them to the running
For an exhaustive list of Omnibus configuration variables and their descriptions, see the configuration file reference .