User:Jackrosenberg/Pangolin: Difference between revisions

VisualWikitext

@@ Line 1: / Line 1: @@
-[https://pangolin.net {{PAGENAME}}] is an identity-aware VPN and proxy for remote access to anything, anywhere.
+[[File:pangolin_logo.png|thumb|The Pangolin Logo]]
+<strong>[https://pangolin.net Pangolin]</strong> is an identity-aware VPN and proxy for remote access to anything, anywhere.
+== Prerequisites ==
+To use pangolin you'll need a domain and a public accessible static IP address.
+See the [https://docs.pangolin.net/self-host/quick-install#prerequisites setup docs] for more information.
 == Installation ==
-To install Pangolin, add the following to your NixOS configuration:
+TODO
-More options are available: {{nixos:option|services.pangolin.}}
+{{file|configuration.nix|nix|
+<nowiki>
+{
+  services.pangolin = {
+    enable = true;
+    # this part is technically not needed,
+    # but omitting it will allow
+    # ANYONE TO CREATE ACCOUNTS AND
+    # ORGANIZATIONS ON YOUR PANGOLIN INSTANCE
+    settings = {
+      flags = {
+        disable_signup_without_invite = true;
+        disable_user_create_org = true;
+      };
+    };
+    baseDomain = "example.com";
+    letsEncryptEmail = "john_doe@proton.me"; # an email you have access to
+    openFirewall = true;
+    environmentFile = "/etc/nixos/secrets/pangolin.env";
+  };
-== Sample setups ==
+}
+</nowiki>
+}}
-==== Minimal setup <code>configuration.nix</code> ====
+=== EnvironmentFile ===
-<syntaxhighlight lang="nix">
+Pangolin requires a [https://docs.pangolin.net/manage/sites/credentials#secret server secret], used for handshake authentication. Additionally, you may provide the setup token as shown below, which saves the trouble of finding it in logs with <code> journalctl -eu pangolin | grep token</code>. Naturally, don't use these secrets.
-services.pangolin = {
-  enable = true;
-};
-</syntaxhighlight>
+{{file|pangolin.env|env|
+<nowiki>
+SERVER_SECRET=2w34etdr546rftygu8678yuhihg87objpvfctoyvihdr4u6
+PANGOLIN_SETUP_TOKEN=123456789abcdefg
+</nowiki>
+}}