diff --git a/README.md b/README.md index 5baef277..707c4b7c 100644 --- a/README.md +++ b/README.md @@ -25,6 +25,10 @@ _Your own self-hosted zero trust tunnel._ Full Documentation + | + + Contact Us + @@ -68,41 +72,17 @@ _Sites page of Pangolin dashboard (dark mode) showing multiple tunnels connected ### Easy Deployment - Run on any cloud provider or on-premises. -- Docker Compose based setup for simplified deployment. +- **Docker Compose based setup** for simplified deployment. - Future-proof installation script for streamlined setup and feature additions. -- Use your preferred WireGuard client to connect, or use Newt, our custom user space client for the best experience. +- Use any WireGuard client to connect, or use **Newt, our custom user space client** for the best experience. ### Modular Design -- Extend functionality with existing [Traefik](https://github.com/traefik/traefik) plugins, such as [Fail2Ban](https://plugins.traefik.io/plugins/628c9ebcffc0cd18356a979f/fail2-ban) or [CrowdSec](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin). +- Extend functionality with existing [Traefik](https://github.com/traefik/traefik) plugins, such as [CrowdSec](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin) and [Geoblock](github.com/PascalMinder/geoblock). + - **Automatically install and configure Crowdsec via Pangolin's installer script.** - Attach as many sites to the central server as you wish. -## Screenshots - -
- - - - - - - - - - - - - - - - - - - - - -
Sites ExampleUsers ExampleShare Link Example
SitesUsersShare Link
Authentication ExampleConnectivity Example
AuthenticationConnectivity
-
+Collage ## Deployment and Usage Example @@ -112,7 +92,7 @@ _Sites page of Pangolin dashboard (dark mode) showing multiple tunnels connected > [!TIP] > Many of our users have had a great experience with [RackNerd](https://my.racknerd.com/aff.php?aff=13788). Depending on promotions, you can likely get a **VPS with 1 vCPU, 1GB RAM, and ~20GB SSD for just around $12/year**. That's a great deal! -> We are part of the [RackNerd](https://my.racknerd.com/aff.php?aff=13788) affiliate program, so if you sign up using [our link](https://my.racknerd.com/aff.php?aff=13788), we receive a small commission which helps us maintain the project and keep it free for everyone. +> We are part of the [RackNerd](https://my.racknerd.com/aff.php?aff=13788) affiliate program, so if you purchase through [our link](https://my.racknerd.com/aff.php?aff=13788), we receive a small commission which helps us maintain the project and keep it free for everyone. 2. **Domain Configuration**: @@ -123,10 +103,10 @@ _Sites page of Pangolin dashboard (dark mode) showing multiple tunnels connected - Install Newt or use another WireGuard client on private sites. - Automatically establish a connection from these sites to the central server. -4. **Configure Users & Roles** +4. **Expose Resources**: - - Define organizations and invite users. - - Implement user- or role-based permissions to control resource access. + - Add resources to the central server and configure access control rules. + - Access these resources securely from anywhere. **Use Case Example - Bypassing Port Restrictions in Home Lab**: Imagine private sites where the ISP restricts port forwarding. By connecting these sites to Pangolin via WireGuard, you can securely expose HTTP and HTTPS resources on the private network without any networking complexity. @@ -134,6 +114,11 @@ _Sites page of Pangolin dashboard (dark mode) showing multiple tunnels connected **Use Case Example - IoT Networks**: IoT networks are often fragmented and difficult to manage. By deploying Pangolin on a central server, you can connect all your IoT sites via Newt or another WireGuard client. This creates a simple, secure, and centralized way to access IoT resources without the need for intricate networking setups. + +Resources + +_Resources page of Pangolin dashboard (dark mode) showing HTTPS and TCP resources with access control rules._ + ## Similar Projects and Inspirations **Cloudflare Tunnels**: diff --git a/public/screenshots/auth.png b/public/screenshots/auth.png deleted file mode 100644 index 1bcc35e6..00000000 Binary files a/public/screenshots/auth.png and /dev/null differ diff --git a/public/screenshots/collage.png b/public/screenshots/collage.png new file mode 100644 index 00000000..2e68c3b9 Binary files /dev/null and b/public/screenshots/collage.png differ diff --git a/public/screenshots/connectivity.png b/public/screenshots/connectivity.png deleted file mode 100644 index 7b6ca88d..00000000 Binary files a/public/screenshots/connectivity.png and /dev/null differ diff --git a/public/screenshots/resources.png b/public/screenshots/resources.png new file mode 100644 index 00000000..bcf1a64e Binary files /dev/null and b/public/screenshots/resources.png differ diff --git a/public/screenshots/share-link.png b/public/screenshots/share-link.png deleted file mode 100644 index 7515c8fe..00000000 Binary files a/public/screenshots/share-link.png and /dev/null differ diff --git a/public/screenshots/sites.png b/public/screenshots/sites.png index eb82212f..f950b11e 100644 Binary files a/public/screenshots/sites.png and b/public/screenshots/sites.png differ diff --git a/public/screenshots/users.png b/public/screenshots/users.png deleted file mode 100644 index 08a8f591..00000000 Binary files a/public/screenshots/users.png and /dev/null differ diff --git a/src/app/[orgId]/settings/resources/CreateResourceForm.tsx b/src/app/[orgId]/settings/resources/CreateResourceForm.tsx index cbf08d07..9bb3ecde 100644 --- a/src/app/[orgId]/settings/resources/CreateResourceForm.tsx +++ b/src/app/[orgId]/settings/resources/CreateResourceForm.tsx @@ -67,6 +67,7 @@ import { RadioGroup, RadioGroupItem } from "@app/components/ui/radio-group"; import { Label } from "@app/components/ui/label"; import { ListDomainsResponse } from "@server/routers/domain"; import LoaderPlaceholder from "@app/components/PlaceHolderLoader"; +import { StrategySelect } from "@app/components/StrategySelect"; const createResourceFormSchema = z .object({ @@ -222,6 +223,7 @@ export default function CreateResourceForm({ await fetchSites(); await fetchDomains(); + await new Promise((r) => setTimeout(r, 200)); setLoadingPage(false); }; @@ -241,7 +243,7 @@ export default function CreateResourceForm({ protocol: data.protocol, proxyPort: data.http ? undefined : data.proxyPort, siteId: data.siteId, - isBaseDomain: data.http ? undefined : data.isBaseDomain + isBaseDomain: data.http ? data.isBaseDomain : undefined } ) .catch((e) => { @@ -263,6 +265,7 @@ export default function CreateResourceForm({ goToResource(id); } else { setShowSnippets(true); + router.refresh(); } } } @@ -272,6 +275,21 @@ export default function CreateResourceForm({ router.push(`/${orgId}/settings/resources/${id || resourceId}`); } + const launchOptions = [ + { + id: "http", + title: "HTTPS Resource", + description: + "Proxy requests to your app over HTTPS using a subdomain or base domain." + }, + { + id: "raw", + title: "Raw TCP/UDP Resource", + description: + "Proxy requests to your app over TCP/UDP using a port number." + } + ]; + return ( <> {loadingPage ? ( - + ) : (
{!showSnippets && ( @@ -305,59 +323,6 @@ export default function CreateResourceForm({ className="space-y-4" id="create-resource-form" > - {!env.flags.allowRawResources || ( - ( - -
- - HTTP - Resource - - - Toggle if - this is an - HTTP - resource or - a raw - TCP/UDP - resource. - -
- - - -
- )} - /> - )} - - {!form.watch("http") && ( - - - Learn how to configure - TCP/UDP resources - - - - )} - + ( + + + Site + + + + + + + + + + + + + No + site + found. + + + {sites.map( + ( + site + ) => ( + { + form.setValue( + "siteId", + site.siteId + ); + }} + > + + { + site.name + } + + ) + )} + + + + + + + + This site will + provide connectivity + to the resource. + + + )} + /> + + {!env.flags.allowRawResources || ( +
+ + Resource Type + + + form.setValue( + "http", + value === "http" + ) + } + /> + + You cannot change the + type of resource after + creation. + +
+ )} + {form.watch("http") && env.flags .allowBaseDomainResources && ( @@ -391,14 +471,19 @@ export default function CreateResourceForm({ } onValueChange={( val - ) => + ) => { setDomainType( val === "basedomain" ? "basedomain" : "subdomain" - ) - } + ); + form.setValue( + "isBaseDomain", + val === + "basedomain" + ); + }} > @@ -430,7 +515,7 @@ export default function CreateResourceForm({ Subdomain
-
+
@@ -472,7 +558,7 @@ export default function CreateResourceForm({ } > - + @@ -642,98 +728,6 @@ export default function CreateResourceForm({ /> )} - - ( - - - Site - - - - - - - - - - - - - No - site - found. - - - {sites.map( - ( - site - ) => ( - { - form.setValue( - "siteId", - site.siteId - ); - }} - > - - { - site.name - } - - ) - )} - - - - - - - - This site will - provide connectivity - to the resource. - - - )} - /> )} @@ -775,8 +769,8 @@ export default function CreateResourceForm({ rel="noopener noreferrer" > - Make sure to follow the full - guide + Learn how to configure TCP/UDP + resources diff --git a/src/app/[orgId]/settings/resources/[resourceId]/connectivity/page.tsx b/src/app/[orgId]/settings/resources/[resourceId]/connectivity/page.tsx index 7f0ebbc0..74e2cf8f 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/connectivity/page.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/connectivity/page.tsx @@ -486,7 +486,7 @@ export default function ReverseProxyTargets(props: { onSubmit={addTargetForm.handleSubmit(addTarget)} className="space-y-4" > -
+
{resource.http && ( )} /> -
diff --git a/src/app/[orgId]/settings/resources/[resourceId]/general/page.tsx b/src/app/[orgId]/settings/resources/[resourceId]/general/page.tsx index 15edd9c7..1c52bfeb 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/general/page.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/general/page.tsx @@ -322,14 +322,21 @@ export default function GeneralForm() { } onValueChange={( val - ) => + ) => { setDomainType( val === "basedomain" ? "basedomain" : "subdomain" - ) - } + ); + form.setValue( + "isBaseDomain", + val === + "basedomain" + ? true + : false + ); + }} > @@ -359,7 +366,7 @@ export default function GeneralForm() { Subdomain
-
+
@@ -401,7 +409,7 @@ export default function GeneralForm() { } > - + diff --git a/src/app/[orgId]/settings/resources/[resourceId]/layout.tsx b/src/app/[orgId]/settings/resources/[resourceId]/layout.tsx index 51b147fe..91a54a3a 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/layout.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/layout.tsx @@ -130,7 +130,7 @@ export default async function ResourceLayout(props: ResourceLayoutProps) { -
+
{children} diff --git a/src/app/[orgId]/settings/sites/CreateSiteForm.tsx b/src/app/[orgId]/settings/sites/CreateSiteForm.tsx index ad7697e8..546b2a5b 100644 --- a/src/app/[orgId]/settings/sites/CreateSiteForm.tsx +++ b/src/app/[orgId]/settings/sites/CreateSiteForm.tsx @@ -149,6 +149,7 @@ export default function CreateSiteForm({ setSiteDefaults(res.data.data); } }); + await new Promise((resolve) => setTimeout(resolve, 200)); setLoadingPage(false); }; @@ -270,7 +271,7 @@ PersistentKeepalive = 5` const newtConfigDockerRun = `docker run -it fosrl/newt --id ${siteDefaults?.newtId} --secret ${siteDefaults?.newtSecret} --endpoint ${env.app.dashboardUrl}`; return loadingPage ? ( - + ) : (
@@ -344,7 +345,6 @@ PersistentKeepalive = 5` rel="noopener noreferrer" > - {" "} Learn how to install Newt on your system @@ -371,12 +371,16 @@ PersistentKeepalive = 5` onOpenChange={setIsOpen} className="space-y-2" > -
+
+ + You will only be able to see the + configuration once. +
- - You will only be able to see the - configuration once. - ) : null}
diff --git a/src/app/auth/verify-email/VerifyEmailForm.tsx b/src/app/auth/verify-email/VerifyEmailForm.tsx index 67ee0b02..7d68263e 100644 --- a/src/app/auth/verify-email/VerifyEmailForm.tsx +++ b/src/app/auth/verify-email/VerifyEmailForm.tsx @@ -198,8 +198,7 @@ export default function VerifyEmailForm({ We sent a verification code to your - email address. Please enter the code - to verify your email address. + email address. )} diff --git a/src/components/Credenza.tsx b/src/components/Credenza.tsx index 0f165b76..75f3a236 100644 --- a/src/components/Credenza.tsx +++ b/src/components/Credenza.tsx @@ -78,7 +78,7 @@ const CredenzaClose = ({ className, children, ...props }: CredenzaProps) => { const CredenzaClose = isDesktop ? DialogClose : DrawerClose; return ( - + {children} ); @@ -168,7 +168,7 @@ const CredenzaFooter = ({ className, children, ...props }: CredenzaProps) => { const CredenzaFooter = isDesktop ? DialogFooter : SheetFooter; return ( - + {children} ); diff --git a/src/components/Settings.tsx b/src/components/Settings.tsx index ad69e216..4e9ca7f6 100644 --- a/src/components/Settings.tsx +++ b/src/components/Settings.tsx @@ -19,7 +19,7 @@ export function SettingsSectionTitle({ children }: { children: React.ReactNode } } export function SettingsSectionDescription({ children }: { children: React.ReactNode }) { - return

{children}

+ return

{children}

} export function SettingsSectionBody({ children }: { children: React.ReactNode }) { diff --git a/src/components/StrategySelect.tsx b/src/components/StrategySelect.tsx new file mode 100644 index 00000000..48c1fcb0 --- /dev/null +++ b/src/components/StrategySelect.tsx @@ -0,0 +1,53 @@ +"use client"; + +import { cn } from "@app/lib/cn"; +import { RadioGroup, RadioGroupItem } from "./ui/radio-group"; + +interface StrategyOption { + id: string; + title: string; + description: string; +} + +interface StrategySelectProps { + options: StrategyOption[]; + defaultValue?: string; + onChange?: (value: string) => void; +} + +export function StrategySelect({ + options, + defaultValue, + onChange +}: StrategySelectProps) { + return ( + + {options.map((option) => ( + + ))} + + ); +} diff --git a/src/components/ui/select.tsx b/src/components/ui/select.tsx index ddab5b87..978ad71d 100644 --- a/src/components/ui/select.tsx +++ b/src/components/ui/select.tsx @@ -20,8 +20,8 @@ const SelectTrigger = React.forwardRef< ref={ref} className={cn( "flex h-9 w-full items-center justify-between border-2 border-input bg-card px-3 py-2 text-base md:text-sm ring-offset-background placeholder:text-muted-foreground focus:outline-none focus:ring-2 focus:ring-ring focus:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50 [&>span]:line-clamp-1", - className, - "rounded-md" + "rounded-md", + className )} {...props} >