Jump to content

User:Jackrosenberg/Pangolin: Difference between revisions

From Official NixOS Wiki
← Older edit
Jackrosenberg (talk | contribs)
5 edits
VisualWikitext
Woile (talk | contribs)
5 edits
Prerequisites: are now a bit more clear
m Env file explanation (will do more tomorrow)
 
Line 25: Line 25:
       };
       };
     };
     };
     letsEncryptEmail = "pangolin@${baseDomain}"; # an email you have access to
    baseDomain = "example.com";
     letsEncryptEmail = "john_doe@proton.me"; # an email you have access to
     openFirewall = true;  
     openFirewall = true;  
     environmentFile = "/etc/nixos/secrets/pangolin.env";
     environmentFile = "/etc/nixos/secrets/pangolin.env";
Line 31: Line 32:


}
}
</nowiki>
}}
=== EnvironmentFile ===
Pangolin requires a [https://docs.pangolin.net/manage/sites/credentials#secret server secret], used for handshake authentication. Additionally, you may provide the setup token as shown below, which saves the trouble of finding it in logs with <code> journalctl -eu pangolin | grep token</code>. Naturally, don't use these secrets.
{{file|pangolin.env|env|
<nowiki>
SERVER_SECRET=2w34etdr546rftygu8678yuhihg87objpvfctoyvihdr4u6
PANGOLIN_SETUP_TOKEN=123456789abcdefg
</nowiki>
</nowiki>
}}
}}

Latest revision as of 18:13, 7 February 2026

The Pangolin Logo

Pangolin is an identity-aware VPN and proxy for remote access to anything, anywhere.

Prerequisites

To use pangolin you'll need a domain and a public accessible static IP address.

See the setup docs for more information.

Installation

TODO

❄︎ configuration.nix
{
  services.pangolin = {
    enable = true;
    # this part is technically not needed,
    # but omitting it will allow 
    # ANYONE TO CREATE ACCOUNTS AND 
    # ORGANIZATIONS ON YOUR PANGOLIN INSTANCE
    settings = {
      flags = {
        disable_signup_without_invite = true;
        disable_user_create_org = true;
      };
    };
    baseDomain = "example.com";
    letsEncryptEmail = "john_doe@proton.me"; # an email you have access to
    openFirewall = true; 
    environmentFile = "/etc/nixos/secrets/pangolin.env";
  };

}

EnvironmentFile

Pangolin requires a server secret, used for handshake authentication. Additionally, you may provide the setup token as shown below, which saves the trouble of finding it in logs with journalctl -eu pangolin | grep token. Naturally, don't use these secrets.

≡︎ pangolin.env
SERVER_SECRET=2w34etdr546rftygu8678yuhihg87objpvfctoyvihdr4u6
PANGOLIN_SETUP_TOKEN=123456789abcdefg
Retrieved from "https://wiki.nixos.org/w/index.php?title=User:Jackrosenberg/Pangolin&oldid=29688"