This page covers common configuration steps for Firezone deployments and adds a practical minimal production baseline.
Firezone is commonly configured via environment variables (container/service env file) plus Admin Portal settings.
Typical env file location in self-hosted setups:
/opt/firezone/.env
# Public URL
FIREZONE_URL=https://firezone.example.com
# Database
DATABASE_HOST=127.0.0.1
DATABASE_PORT=5432
DATABASE_NAME=firezone
DATABASE_USER=firezone
DATABASE_PASSWORD=change-me-strong-password
# Secret keys (generate and store securely)
SECRET_KEY_BASE=replace-with-long-random-secret
LIVE_VIEW_SIGNING_SALT=replace-with-random-salt
# Email / auth integration (example placeholders)
DEFAULT_FROM_EMAIL=firezone@example.com
EXTERNAL_URL=https://firezone.example.com
# Logging
LOG_LEVEL=info
After initial startup, configure these in the Admin Portal:
If running via systemd service:
sudo systemctl restart firezone
If running via Compose:
docker compose up -d
Validate service health and control-plane readiness:
sudo systemctl status firezone
or
docker compose ps
Then validate in the Admin Portal: