Linux

Home

Use Cases

VPN Replacement

Infrastructure Access

Device Controls

IP-based Access

Homelab & Personal Use Cases

Internet Security

Compliance

Architecture

How Twingate Works

How DNS Works with Twingate

Twingate vs. VPNs

Twingate vs. Mesh VPNs

Peer-to-peer Communication

API

Getting Started with the API

Twingate Labs ↗

additional resources

Help Center ↗

Changelog

FAQ

Twingate Trust Center

GDPR Compliance

HIPAA Compliance

PCI Compliance

SOC 2 Report

Responsible Disclosure Policy

Twingate Connectors can either be run in a Docker container or as a systemd service on the host.

Docker containers are the most flexible in terms of support for any Linux distribution but involve some additional management overhead.
Our systemd-compatible service is supported on several Linux distributions. Running as a native system service is the most robust option with lower management overhead.

Docker Container

If you are running a Connector on a Linux host or VM, there are just two steps to follow to deploy a container-based Twingate Connector:

Ensure that Docker is installed and running. Detailed steps for Ubuntu, Debian, Fedora, and CentOS are available from Docker, or you can use the following convenience script, which works on any Linux platform:
```
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

# Verify Docker is installed and running
sudo docker run hello-world
```
Follow the Twingate Connector deployment instructions to deploy a new Connector on your Linux host.

We only recommend installing Docker via the official distribution channel by following the instructions above. Different channels may have out of date versions of Docker that are not compatible with the Connector image requirements.

For Amazon Linux, we recommend following the Twingate Connector deployment instructions to deploy a pre-built AMI, which has the systemd Connector service pre-installed.

Systemd Service

Supported distributions

For Linux distributions that we support, we test supported versions until they reach end of life (EOL). Currently, the following distributions are supported:

Ubuntu 18.04 LTS (Bionic), 20.04 LTS (Focal), 22.04 LTS (Jammy)
- Only Ubuntu LTS (Long Term Support) versions are officially supported.
- Ubuntu versions are supported until end of standard support.
- Ubuntu 18.04 LTS will reach end of life on May 31, 2023, at which time it will no longer be supported by Twingate. Read Twingate’s Ubuntu end of life plan.
Fedora 36, 37
CentOS Stream 8, Stream 9
- CentOS Linux 7 is not officially supported due to distribution incompatibilities.
Debian 10 LTS (Buster), 11 LTS (Bullseye)

The Connector service may run on other Linux distributions, but we cannot offer support for additional distributions at this time. If you have a distribution that you would like official support for, please contact us.

First-time Installation

Installation of the systemd Connector service can be performed in a single command with the necessary environment variables set.

Follow the Twingate Connector deployment instructions to provision a new Connector. Copy the ACCESS_TOKEN and REFRESH_TOKEN values for the connector. You will use these in the installation step below.
Run the following command, adding your own values for the environment variables.
- TWINGATE_URL should be the URL for your Twingate account, eg. https://autoco.twingate.com.
- TWINGATE_ACCESS_TOKEN and TWINGATE_REFRESH_TOKEN values should be copied from the Connector provisioning command in the previous step.
```
curl "https://binaries.twingate.com/connector/setup.sh" | sudo TWINGATE_ACCESS_TOKEN="" TWINGATE_REFRESH_TOKEN="" TWINGATE_URL="https://<YOUR TWINGATE SUBDOMAIN>.twingate.com" bash
```
Verify that the Connector service is running.
```
sudo systemctl status twingate-connector
```
Connector configuration
You can find the Connector configuration file in /etc/twingate/connector.conf. The three environment variables in the run command above must be set in the configuration file in order for the Connector service to start and run.

Configuration and management

Connector configuration can be found in /etc/twingate/connector.conf. For the Connector to run, three settings must be present with valid values. For example, if you Twingate account is autoco.twingate.com, your configuration file should look like this:

TWINGATE_URL=https://autoco.twingate.com
TWINGATE_ACCESS_TOKEN=a948904f2f0f479b8f8197694b...
TWINGATE_REFRESH_TOKEN=b64064fece69a4edc7ff87f86f...

Connector token values can be generated in the Twingate Admin console by provisioning or re-provisioning a Connector.

Note that Connector tokens are unique to each individual Connector and they cannot be shared between Connectors.

The following standard commands can be run to manage the systemd Connector service.

# Connector status
sudo systemctl status twingate-connector

# Stop the Connector service
sudo systemctl stop twingate-connector

# Start the Connector service
sudo systemctl start twingate-connector

# Restart the Connector service (eg. for configuration file reload)
sudo systemctl restart twingate-connector

# Start the Connector service automatically at boot
sudo systemctl enable twingate-connector

# Stop the Connector service from starting automatically at boot
sudo systemctl disable twingate-connector

Last updated 3 minutes ago

Home

Use Cases

VPN Replacement

Infrastructure Access

Device Controls

IP-based Access

Homelab & Personal Use Cases

Internet Security

Compliance

Architecture

How Twingate Works

How DNS Works with Twingate

Twingate vs. VPNs

Twingate vs. Mesh VPNs

Peer-to-peer Communication

API

Getting Started with the API

Twingate Labs ↗

managing twingate

Quick Start

Automated Deployment

Connectors

Understanding Connectors

Deploying Connectors

Best Practices

Updating Connectors

Advanced Connector Management

Resources

Remote Networks

Team

Users

Groups

Identity Providers

Security Policies

Policy Guides

Two-Factor Authentication

Devices

Client Application

Managed Devices

Device Administration

Services

Headless Clients

CI/CD Configuration

Analytics

Admin Actions Report

Detailed Network Event Schema

Analyzing Network Traffic

User Activity Report

Internet Security

DNS-over-HTTPS (DoH)

NextDNS Integration

Administration

Admin Console Security

Subscription management

additional resources

Help Center ↗

Changelog

FAQ

Twingate Trust Center

GDPR Compliance

HIPAA Compliance

PCI Compliance

SOC 2 Report

Responsible Disclosure Policy

VPN Replacement

Infrastructure Access

Device Controls

IP-based Access

Homelab & Personal Use Cases

Internet Security

Compliance

How Twingate Works

How DNS Works with Twingate

Twingate vs. VPNs

Twingate vs. Mesh VPNs

Peer-to-peer Communication

Getting Started with the API

Automated Deployment

Understanding Connectors

Deploying Connectors