Jump to content

User:Jackrosenberg/Pangolin: Difference between revisions

From Official NixOS Wiki
← Older edit
Jackrosenberg (talk | contribs)
5 edits
VisualWikitext
m SigmaSquadron moved page Users/Jackrosenberg/pangolin to User:Jackrosenberg/pangolin: Should be an user page.
m Env file explanation (will do more tomorrow)
 
(2 intermediate revisions by 2 users not shown)
Line 3: Line 3:


== Prerequisites ==
== Prerequisites ==
Pangolin requires setup outside of NixOS, at the very least the user needs:TODO
To use pangolin you'll need a domain and a public accessible static IP address.
a domain and a machine with a publicly accessible static IP address. See the [https://docs.pangolin.net/self-host/quick-install#prerequisites setup docs] for more information.
 
See the [https://docs.pangolin.net/self-host/quick-install#prerequisites setup docs] for more information.


== Installation ==
== Installation ==
Line 24: Line 25:
       };
       };
     };
     };
     letsEncryptEmail = "pangolin@${baseDomain}"; # an email you have access to
    baseDomain = "example.com";
     letsEncryptEmail = "john_doe@proton.me"; # an email you have access to
     openFirewall = true;  
     openFirewall = true;  
     environmentFile = "/etc/nixos/secrets/pangolin.env";
     environmentFile = "/etc/nixos/secrets/pangolin.env";
Line 30: Line 32:


}
}
</nowiki>
}}
=== EnvironmentFile ===
Pangolin requires a [https://docs.pangolin.net/manage/sites/credentials#secret server secret], used for handshake authentication. Additionally, you may provide the setup token as shown below, which saves the trouble of finding it in logs with <code> journalctl -eu pangolin | grep token</code>. Naturally, don't use these secrets.
{{file|pangolin.env|env|
<nowiki>
SERVER_SECRET=2w34etdr546rftygu8678yuhihg87objpvfctoyvihdr4u6
PANGOLIN_SETUP_TOKEN=123456789abcdefg
</nowiki>
</nowiki>
}}
}}

Latest revision as of 18:13, 7 February 2026

The Pangolin Logo

Pangolin is an identity-aware VPN and proxy for remote access to anything, anywhere.

Prerequisites

To use pangolin you'll need a domain and a public accessible static IP address.

See the setup docs for more information.

Installation

TODO

❄︎ configuration.nix
{
  services.pangolin = {
    enable = true;
    # this part is technically not needed,
    # but omitting it will allow 
    # ANYONE TO CREATE ACCOUNTS AND 
    # ORGANIZATIONS ON YOUR PANGOLIN INSTANCE
    settings = {
      flags = {
        disable_signup_without_invite = true;
        disable_user_create_org = true;
      };
    };
    baseDomain = "example.com";
    letsEncryptEmail = "john_doe@proton.me"; # an email you have access to
    openFirewall = true; 
    environmentFile = "/etc/nixos/secrets/pangolin.env";
  };

}

EnvironmentFile

Pangolin requires a server secret, used for handshake authentication. Additionally, you may provide the setup token as shown below, which saves the trouble of finding it in logs with journalctl -eu pangolin | grep token. Naturally, don't use these secrets.

≡︎ pangolin.env
SERVER_SECRET=2w34etdr546rftygu8678yuhihg87objpvfctoyvihdr4u6
PANGOLIN_SETUP_TOKEN=123456789abcdefg
Retrieved from "https://wiki.nixos.org/w/index.php?title=User:Jackrosenberg/Pangolin&oldid=29688"