Deploy Connectors with Docker Compose
Use Docker Compose to deploy your Connectors.
The Twingate Connector can easily be deployed using Docker Compose. There are a few optional parameters you can change and prerequisites to meet that are covered in this guide.
Prerequisites
- You will need to specify an Access Token and a Refresh Token for the Connector in your Docker Compose instructions. You can generate both tokens by following the instructions on how to deploy a Connector.
- You will need your Twingate tenant name (the
<name>
in the URL to your instance of the Admin Console:https://<name>.twingate.com
)
Docker Compose with mandatory parameters
You can use the following template and replace the <TENANT NAME>
, <ACCESS TOKEN>
and <REFRESH TOKEN>
with your own:
services:
twingate-connector:
image: twingate/connector:latest
environment:
- SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
- TWINGATE_API_ENDPOINT=/connector.stock
- TENANT_URL=https://<TENANT NAME>.twingate.com
- TWINGATE_ACCESS_TOKEN=<ACCESS TOKEN>
- TWINGATE_REFRESH_TOKEN=<REFRESH TOKEN>
Docker Compose with optional parameters
On top of the required parameters (see above), we recommend adding a few more parameters to your Docker Compose instructions. They are not mandatory but can help to provide a better experience:
<container_name>
: you can set this to the name of the Connector as it appears in your Admin Console<restart>
: this will ensure the container will restart if it crashes<LOG_LEVEL>
: this will configure the Connector to generate detailed logs which is useful for troubleshooting. You can change the parameter value at your discretion (see Twingate Connector logs for more information).<net.ipv4.ping_group_range>
: system setting for the base image that allows the proper handling of ICMP /ping
in case you intend to useping
for connectivity testing to Twingate Resources
services:
twingate_connector:
container_name: <CONNECTOR NAME>
restart: always
image: 'twingate/connector:latest'
environment:
- SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
- TWINGATE_API_ENDPOINT=/connector.stock
- TENANT_URL=https://<TENANT NAME>.twingate.com
- TWINGATE_ACCESS_TOKEN=<ACCESS TOKEN>
- TWINGATE_REFRESH_TOKEN=<REFRESH TOKEN>
- LOG_LEVEL=3
sysctls:
net.ipv4.ping_group_range: "0 2147483647"
Last updated 3 minutes ago