2025-02-12 23:01:00 -05:00
< div align = "center" >
2025-06-05 11:18:22 -04:00
< h2 >
< picture >
< source media = "(prefers-color-scheme: dark)" srcset = "public/logo/word_mark_white.png" >
< img alt = "Pangolin Logo" src = "public/logo/word_mark_black.png" width = "250" >
< / picture >
< / h2 >
2025-02-12 23:01:00 -05:00
< / div >
2024-10-03 16:03:10 -04:00
2025-07-16 22:30:07 -07:00
< h4 align = "center" > Secure gateway to your private networks< / h4 >
2025-02-23 17:34:28 -05:00
< div align = "center" >
2025-07-16 22:30:07 -07:00
_Pangolin tunnels your services to the internet so you can access anything from anywhere._
2025-02-23 17:34:28 -05:00
< / div >
2025-02-12 23:01:00 -05:00
< div align = "center" >
< h5 >
2025-03-11 21:02:42 -04:00
< a href = "https://fossorial.io" >
Website
2025-02-12 23:01:00 -05:00
< / a >
< span > | < / span >
2025-03-11 21:02:42 -04:00
< a href = "https://docs.fossorial.io/Getting%20Started/quick-install" >
Install Guide
2025-02-12 23:01:00 -05:00
< / a >
2025-03-01 23:03:42 -05:00
< span > | < / span >
< a href = "mailto:numbat @fossorial .io" >
Contact Us
< / a >
2025-02-12 23:01:00 -05:00
< / h5 >
2025-06-05 11:18:22 -04:00
[](https://hub.docker.com/r/fosrl/pangolin)
[](https://discord.gg/HCJR8Xhme4)
[](https://www.youtube.com/@fossorial -app)
2025-02-12 23:01:00 -05:00
< / div >
2025-01-11 22:37:50 -05:00
2025-07-16 22:30:07 -07:00
< p align = "center" >
< strong >
Start testing Pangolin at < a href = "https://pangolin.fossorial.io" > pangolin.fossorial.io< / a >
< br / >
< / strong >
< / p >
2025-02-13 13:37:02 -05:00
Pangolin is a self-hosted tunneled reverse proxy server with identity and access control, designed to securely expose private resources on distributed networks. Acting as a central hub, it connects isolated networks — even those behind restrictive firewalls — through encrypted tunnels, enabling easy access to remote services without opening ports.
2025-01-02 15:41:09 -05:00
2025-05-01 17:45:18 -04:00
< img src = "public/screenshots/hero.png" alt = "Preview" / >
2025-01-02 15:41:09 -05:00
2025-07-16 22:30:07 -07:00
2025-01-02 15:41:09 -05:00
2025-01-01 23:03:15 -05:00
## Key Features
2024-10-03 16:03:10 -04:00
2025-01-02 13:21:49 -05:00
### Reverse Proxy Through WireGuard Tunnel
2024-10-03 16:03:10 -04:00
2025-05-02 10:44:50 -04:00
- Expose private resources on your network **without opening ports** (firewall punching).
2025-07-17 11:58:28 -07:00
- Secure and easy to configure private connectivity via a custom **user space WireGuard client** , [Newt ](https://github.com/fosrl/newt ).
2025-05-02 10:44:50 -04:00
- Built-in support for any WireGuard client.
- Automated **SSL certificates** (https) via [LetsEncrypt ](https://letsencrypt.org/ ).
- Support for HTTP/HTTPS and **raw TCP/UDP services** .
- Load balancing.
2025-07-17 11:58:28 -07:00
- Extend functionality with existing [Traefik ](https://github.com/traefik/traefik ) plugins, such as [CrowdSec ](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin ) and [Geoblock ](https://github.com/PascalMinder/geoblock ).
- **Automatically install and configure Crowdsec via Pangolin's installer script.**
- Attach as many sites to the central server as you wish.
2025-01-01 23:03:15 -05:00
### Identity & Access Management
2025-05-02 10:44:50 -04:00
- Centralized authentication system using platform SSO. **Users will only have to manage one login.**
- **Define access control rules for IPs, IP ranges, and URL paths per resource.**
- TOTP with backup codes for two-factor authentication.
- Create organizations, each with multiple sites, users, and roles.
- **Role-based access control** to manage resource access permissions.
- Additional authentication options include:
- Email whitelisting with **one-time passcodes.**
- **Temporary, self-destructing share links.**
- Resource specific pin codes.
- Resource specific passwords.
2025-07-17 11:58:28 -07:00
- Passkeys
2025-05-02 10:44:50 -04:00
- External identity provider (IdP) support with OAuth2/OIDC, such as Authentik, Keycloak, Okta, and others.
- Auto-provision users and roles from your IdP.
2025-01-01 23:03:15 -05:00
2025-07-17 12:10:37 -07:00
< img src = "public/auth-diagram1.png" alt = "Auth and diagram" / >
2025-01-02 15:41:09 -05:00
2025-07-17 11:58:28 -07:00
#### Manage Access to Internal Apps
2025-01-02 15:41:09 -05:00
2025-07-17 11:58:28 -07:00
Grant users access to your apps from anywhere using just a web browser. No client software required.
2025-01-02 13:21:49 -05:00
2025-07-17 11:58:28 -07:00
#### Developers and DevOps
2025-01-02 13:21:49 -05:00
2025-07-17 11:58:28 -07:00
Expose and test internal tools and dashboards like **Grafana** . Bring localhost online for easy access.
2025-01-01 23:03:15 -05:00
2025-07-17 11:58:28 -07:00
#### Secure API Gateway
One application load balancer across multiple clouds and on-premises.
#### IoT and Edge Devices
Easily expose **IoT devices** , **edge servers** , or **Raspberry Pi** to the internet for field equipment monitoring.
< img src = "public/screenshots/sites.png" alt = "Sites" / >
2025-01-01 23:03:15 -05:00
2025-07-16 22:30:07 -07:00
## Deployment Options
2025-01-01 23:03:15 -05:00
2025-07-17 11:58:28 -07:00
### Fully Self Hosted
2025-01-01 23:03:15 -05:00
2025-07-16 22:30:07 -07:00
Host the full application on your own server on your network our on the cloud with a VPS. Take a look at the [documentation ](https://docs.fossorial.io/Getting%20Started/quick-install ) to get started.
2025-05-02 10:44:50 -04:00
2025-05-27 20:47:23 -04:00
> Many of our users have had a great experience with [RackNerd](https://my.racknerd.com/aff.php?aff=13788). Depending on promotions, you can get a [**VPS with 1 vCPU, 1GB RAM, and ~20GB SSD for just around $12/year**](https://my.racknerd.com/aff.php?aff=13788&pid=912). That's a great deal!
2025-02-12 23:01:00 -05:00
2025-07-16 22:30:07 -07:00
### Pangolin Cloud
2025-02-12 23:01:00 -05:00
2025-07-17 11:58:28 -07:00
Easy to use with simple pay as you go pricing. [Check it out here ](https://pangolin.fossorial.io ).
- Everything you get with self hosted Pangolin
- Managed for you
2025-02-12 23:01:00 -05:00
2025-07-16 22:30:07 -07:00
### Hybrid & HA
2025-01-01 23:03:15 -05:00
2025-07-16 22:30:07 -07:00
Managed control plane, your infrastructure
2025-01-01 23:03:15 -05:00
2025-07-16 22:30:07 -07:00
- We manage database and control plane
- You self-host lightweight exit-node
- Traffic flows through your infra
2025-07-17 11:58:28 -07:00
- We coordinate failover between your nodes or to cloud when things go bad
If interested contact [contact us ](mailto:numbat@fossorial.io ).
2025-05-01 17:45:18 -04:00
2025-07-16 22:30:07 -07:00
### Enterprise
2025-01-01 23:03:15 -05:00
2025-07-17 11:58:28 -07:00
[Contact us ](mailto:numbat@fossorial.io ) for HA distributed enterprise deployments fully controlled by your team
2025-01-01 23:03:15 -05:00
2025-02-01 16:52:18 -05:00
## Project Development / Roadmap
2025-02-13 13:37:02 -05:00
View the [project board ](https://github.com/orgs/fosrl/projects/1 ) for more detailed info.
2025-02-01 16:52:18 -05:00
2025-07-17 11:58:28 -07:00
We want to hear your feature requests! Add them to the [discussion board ](https://github.com/orgs/fosrl/discussions/categories/feature-requests ).
2025-07-16 21:58:52 -07:00
2025-01-01 23:03:15 -05:00
## Licensing
2025-07-16 21:58:52 -07:00
Pangolin is dual licensed under the AGPL-3 and the Fossorial Commercial license. For inquiries about commercial licensing, please contact us at [numbat@fossorial.io ](mailto:numbat@fossorial.io ).
2025-01-01 23:03:15 -05:00
## Contributions
2025-07-16 21:58:52 -07:00
Looking for something to contribute? Take a look at issues marked with [help wanted ](https://github.com/fosrl/pangolin/issues?q=is%3Aissue%20state%3Aopen%20label%3A%22help%20wanted%22 ).
2025-01-07 22:41:35 -05:00
Please see [CONTRIBUTING ](./CONTRIBUTING.md ) in the repository for guidelines and best practices.
2025-07-16 21:58:52 -07:00
Please post bug reports and other functional issues in the [Issues ](https://github.com/fosrl/pangolin/issues ) section of the repository.
