Pangolin on Cloudron - Your own tunneled reverse proxy with authentication (Cloudflare Tunnel replacement)
-
- Main Page: https://fossorial.io/
- Git: https://github.com/fosrl/pangolin
- Licence: AGPL-3
- Docker: Yes
- Demo:
- Summary:
Pangolin is a self-hosted tunneled reverse proxy management server with identity and access management, designed to securely expose private resources through encrypted WireGuard tunnels running in user space. With Pangolin, you retain full control over your infrastructure while providing a user-friendly and feature-rich solution for managing proxies, authentication, and access, and simplifying complex network setups, all with a clean and simple dashboard web UI.
- Notes: Self-hosted alternative to Cloudflare Tunnels. Allows you to securely expose services in your homelab without opening ports on your firewall.
- Alternative to link: https://alternativeto.net/software/fossorial-pangolin/
-
I would really like to see this as well. The reason I don't use Cloudflare tunnels is privacy policy enables them to review all content that you use via a tunnel. That's really unfortunate.
Pangolin also recently received a grant from FUTO as well. I'd really like to see this one.
-
that would be awesome
! -
- Main Page: https://fossorial.io/
- Git: https://github.com/fosrl/pangolin
- Licence: AGPL-3
- Docker: Yes
- Demo:
- Summary:
Pangolin is a self-hosted tunneled reverse proxy management server with identity and access management, designed to securely expose private resources through encrypted WireGuard tunnels running in user space. With Pangolin, you retain full control over your infrastructure while providing a user-friendly and feature-rich solution for managing proxies, authentication, and access, and simplifying complex network setups, all with a clean and simple dashboard web UI.
- Notes: Self-hosted alternative to Cloudflare Tunnels. Allows you to securely expose services in your homelab without opening ports on your firewall.
- Alternative to link: https://alternativeto.net/software/fossorial-pangolin/
-
@LoudLemur Original post has been updated.
-
I would love for this one to be available.
As it stands, I actually have rolled my own reverse proxy w/ authentication by leveraging Tailscale, and Cloudron's "Relay" app/feature. As long as my Cloudron machine is on the same tailnet, I just set the relay to point to the Tailscale address and port.
Tailscale has a neat web interface that helpfully exposes every process listening to which ports, so you'll also know if it can be accessible to other machines on the tailnet.
Finally, with the relay app, Cloudron offers the option to have apps only be available to certain users; I have found that this works well for identity management too. Whatever Cloudron uses for its universal login tech got the thumbs up of approval from my buddy in InfoSec.
I really like how Pangolin offers so much more flexibility — what I have is super rigid in the sense that you have two choices for authentication: allow everyone or allow just local Cloudron users. I would like to be able to set some to be the browser-native password prompt, have some only allow certain IPs in, etc. That would be sweet.
-
I would love for this one to be available.
As it stands, I actually have rolled my own reverse proxy w/ authentication by leveraging Tailscale, and Cloudron's "Relay" app/feature. As long as my Cloudron machine is on the same tailnet, I just set the relay to point to the Tailscale address and port.
Tailscale has a neat web interface that helpfully exposes every process listening to which ports, so you'll also know if it can be accessible to other machines on the tailnet.
Finally, with the relay app, Cloudron offers the option to have apps only be available to certain users; I have found that this works well for identity management too. Whatever Cloudron uses for its universal login tech got the thumbs up of approval from my buddy in InfoSec.
I really like how Pangolin offers so much more flexibility — what I have is super rigid in the sense that you have two choices for authentication: allow everyone or allow just local Cloudron users. I would like to be able to set some to be the browser-native password prompt, have some only allow certain IPs in, etc. That would be sweet.
-
@visamp the youtube video that I linked in the original post is a good place to start, if you haven't already watched it.
-
@msprout That sounds very interesting. Did you happen to tunnel to TrueNAS by chance? I'd like to do the same with my TrueNAS setup at home.
