Jump to content

User:Jackrosenberg/Pangolin

From Official NixOS Wiki
The Pangolin Logo

Pangolin is an identity-aware VPN and proxy for remote access to anything, anywhere.

Prerequisites

To use pangolin you'll need a domain and a public accessible static IP address.

See the setup docs for more information.

Installation

TODO

❄︎ configuration.nix
{
  services.pangolin = {
    enable = true;
    # this part is technically not needed,
    # but omitting it will allow 
    # ANYONE TO CREATE ACCOUNTS AND 
    # ORGANIZATIONS ON YOUR PANGOLIN INSTANCE
    settings = {
      flags = {
        disable_signup_without_invite = true;
        disable_user_create_org = true;
      };
    };
    baseDomain = "example.com";
    letsEncryptEmail = "john_doe@proton.me"; # an email you have access to
    openFirewall = true; 
    environmentFile = "/etc/nixos/secrets/pangolin.env";
  };

}

EnvironmentFile

Pangolin requires a server secret, used for handshake authentication. Additionally, you may provide the setup token as shown below, which saves the trouble of finding it in logs with journalctl -eu pangolin | grep token. Naturally, don't use these secrets.

≡︎ pangolin.env
SERVER_SECRET=2w34etdr546rftygu8678yuhihg87objpvfctoyvihdr4u6
PANGOLIN_SETUP_TOKEN=123456789abcdefg
Retrieved from "https://wiki.nixos.org/w/index.php?title=User:Jackrosenberg/Pangolin&oldid=29688"