You're viewing documentation for the legacy version of Firezone, now End-of-Life. View the latest docs here.

Reverse Proxy Templates: HAProxy

The following is an example reverse proxy configuration for HAProxy proxy. We assume default['firezone']['phoenix']['port'] to be 13000 and the proxy running on the same host as the Firezone app.

Since Firezone requires HTTPS for the web portal, please bear in mind a downstream proxy will need to terminate SSL connections in this scenario.

You can also configure HAProxy to handle the SSL termination as explained here but take into account that the pem file expected by ssl crt option needs to contain both the crt and key file.

/etc/haproxy/haproxy.cfg:

defaults
    mode http

frontend app1
    bind *:80
    option forwardfor
    default_backend             backend_app1

backend backend_app1
    server mybackendserver 127.0.0.1:13000