Show HN: Pangolin – Open source alternative to Cloudflare Tunnels
10 months ago
- #self-hosted
- #zero-trust
- #networking
- Pangolin is a self-hosted tunneled reverse proxy server with identity and access control.
- It securely exposes private resources on distributed networks without opening ports.
- Features include firewall punching, site-to-site connectivity via WireGuard, and automated SSL certificates.
- Supports HTTP/HTTPS, TCP/UDP services, load balancing, and centralized authentication.
- Offers role-based access control, TOTP for 2FA, and multiple authentication options.
- Includes external identity provider support (OAuth2/OIDC) and auto-provisioning of users/roles.
- Provides a clean UI for managing sites, users, and roles, with light/dark mode options.
- Deployable on any cloud or on-premises with Docker Compose and an installation script.
- API available for custom integrations, with Swagger documentation and scoped API keys.
- Extendable with Traefik plugins like CrowdSec and Geoblock.
- Use cases include bypassing ISP restrictions, business application deployment, and IoT networks.
- Pangolin is a self-hosted alternative to Cloudflare Tunnels, offering full infrastructure control.
- Dual-licensed under AGPL-3 and Fossorial Commercial license.