Pangolin

Finally got a chance to try Pangolin https://fossorial.io and I got to say its pretty sick for what it is. Now to question of is it better than my Tailscale http://tailscale.com setup.

NO, but. . . it now how a permanent addition to my homelab. The way I chose to utilize it was to keep Tailscale and use that for my more mission critical services such as the services I host and share with everyone else. Using Pangolin as the ingress point for apps I primarily use or ones that I am testing. Since Pangolin is using Traefik https://traefik.io as its reverse proxy, and I’ve be wanting to give it a try and switch from Nginx Proxy Manager https://nginxproxymanager.com this gave me the push to make the switch! I now have a single Traefik install that Pangolin uses and one for my services that interact over Tailscale. Switching Traefik also opened up the use of CrowdSec https://crowdsec.net, which has been super nice to help add and extra layer of security to my web facing services.

It should noted that Pangolin overall is great for simple local apps that you want to access remotely and securely via SSO, however its not idea for apps that use their own SSO / login (but it can be added in front of to add an extra later of security). I still use Authentik https://goauthentik.io for most of my existing public facing apps, but a few are also behind Pangolin now. Overall super pleased with the way everything is configure and setup, and to the addition of Pangolin to my homelab.

Kind of a bonus of using Pangolin and switching to Traefik, is I host a self-hosted deployment service for webapps that I create using Coolify https://coolify.io which also happens to be using Traefik and I was able to disable its internal server it uses. This allowed me to hook it into my existing one making the cert process that much more clean. Also meaning any middleware I have configure just works with Coolify! :D