github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d7b9ecb60b0dffe0df23ae29975eb7faa0e79f46
firezone/rust/gateway/README.md
Jamil 699739deae fix(docs): use sha256sum over sha256 (#9690) 
`sha256` isn't found by default on some machines.
2025-06-27 20:08:41 +00:00

41 lines
1.3 KiB
Markdown
Raw Blame History

# gateway
This crate houses the Firezone gateway.
## Building
You can build the gateway using: `cargo build --release --bin firezone-gateway`
You should then find a binary in `target/release/firezone-gateway`.
## Running
The Firezone Gateway supports Linux only. To run the Gateway binary on your
Linux host:
1. Generate a new Gateway token from the "Gateways" section of the admin portal
and save it in your secrets manager.
1. Ensure the `FIREZONE_TOKEN=<gateway_token>` environment variable is set
securely in your Gateway's shell environment. The Gateway requires this
variable at startup.
1. Set `FIREZONE_ID` to a unique string to identify this gateway in the portal,
e.g. `export FIREZONE_ID=$(head -c 32 /dev/urandom | sha256sum | cut -d' ' -f1)`. The Gateway requires this variable at
startup. We recommend this to be a 64 character hex string.
1. Now, you can start the Gateway with:
```
firezone-gateway
```
If you're running as a non-root user, you'll need the `CAP_NET_ADMIN` capability
to open `/dev/net/tun`. You can add this to the gateway binary with:
```
sudo setcap 'cap_net_admin+eip' /path/to/firezone-gateway
```
### Ports
The gateway requires no open ports. Connections automatically traverse NAT with
STUN/TURN via the [relay](../relay).
Reference in New Issue View Git Blame Copy Permalink