azorius.vedetta.com

Pangolin
from TheOldRepublic@lemmy.world to selfhosted@lemmy.world on 10 Jun 06:36
https://lemmy.world/post/31136954

So, I’m trying to get pangolin up and running.

What I have: Ubuntu server running in proxmox, docker running on that Ubuntu, dynamic IP, duckdns in docker to counter that, domain name

What I did: installed pangolin with the installation script, said yes to crowdsec because it looked like the safest option (over time) even if I don’t know what it is/does, set a CNAME from pangolin.mydomain.com to my.duckdns.org, set a port forward for ports 80 and 443 on TCP and for port 51520 on UDP

What is happening: well, fairly, not much. If I test it from outside the network, I get a connection refused. If I test it locally (in portainer click on the 443 or 80 port) I get page not found

What I want: I want it to just work without a hastle and hope one of you can help me out here, cause I’m starting to lose my mind

#selfhosted

threaded - newest

irmadlad@lemmy.world on 10 Jun 07:27 next collapse

Crowdsec is a type of WAF you could say that covers a wide variety of attack scenarios and is fed by community input into the system as well. Very nice package imho. I use it.

Other than that, I’m watching this thread because I’ve been reading up on Pangolin and it seems to be quite an inclusive package and covers a lot of ground with just one install. It seems to be along the lines of a Caddy/Tailscale scenario, just in one complete go.

deltapi@lemmy.world on 10 Jun 07:41 next collapse

Ok so what is pangolin? I’m only familiar with the animal and its role in the pandemic.

Edit: someone doesn’t like jokes I guess?

syaochan@feddit.it on 10 Jun 11:28 next collapse

From what I found, it’s a reverse proxy

TheOldRepublic@lemmy.world on 10 Jun 11:47 next collapse

Pangolin is like cloudflare tunnels, but you can self host it

deltapi@lemmy.world on 10 Jun 14:43 collapse

Interesting. This could be a decent secondary use for my VPS

irmadlad@lemmy.world on 10 Jun 12:53 collapse

It’s a reverse proxy, tunnel like Tailscale, with LetsEncrypt like Caddy, and a few other goodies all rolled into one.

sem@lemmy.blahaj.zone on 10 Jun 07:47 next collapse

I was initially very concerned that you were trying to install a 13+ year old version of Ubuntu, 12.04 (Precise Pangolin). Now I just feel old.

irmadlad@lemmy.world on 10 Jun 13:10 collapse

Precise Pangolin

Dude! I’ve been sitting here for about an hour trying to find an old 32 bit distro that will run on an old Dell Latitude laptop I have. Well guess what? Precise Pangolin works just like it should. Had to go download the torrent, but all is well. Thanks a bunch mate. You cut down my trial and error time by a bunch because I had a stack of them here to try.

deltapi@lemmy.world on 10 Jun 17:06 next collapse

Mint offers 32bit support, unless you’ve got a really old cpu.

irmadlad@lemmy.world on 10 Jun 17:24 collapse

There are cave drawings of this cpu

AbidanYre@lemmy.world on 11 Jun 07:27 collapse

I have a 25yr old PII that TinyCore runs just fine on.

aMockTie@lemmy.world on 10 Jun 09:08 next collapse

According to the docs, you should be using UDP port 51820 (unless you changed the port in the docker compose file).

You should also check the dynamic config file to be sure that it’s using the correct domain name. See this page: https://docs.fossorial.io/Getting%20Started/Manual%20Install%20Guides/docker-compose

If you’re still having issues, make sure the containers are running with docker compose stats and check the logs with docker compose logs -f. It might also be worth checking the domain name to be sure that it’s resolving to the correct IP address, both locally and externally.

TheOldRepublic@lemmy.world on 10 Jun 11:55 collapse

Just to clarify. I have 80 and 443 as TCP and 51820 (sorry for the typo) as UDP. I used the automatic installer script. Doesn’t that generate the config files? If not, then probably there lies my problem.

aMockTie@lemmy.world on 10 Jun 14:34 next collapse

The script should take care of that config, but it’s something to check just in case there was a typo or anything else like that.

Did you check to make sure the DNS records are resolving properly?

aMockTie@lemmy.world on 10 Jun 16:50 collapse

As a sanity check, I just completed the same setup that you described (Ubuntu Server 24.04 running in a Proxmox VM, Domain name pointing to a CNAME that points to the Dynamic IP, using the installer script, enabled CrowdSec, etc.), and everything worked out of the box. A couple of things I noticed that would also be worth checking now that I’m more familiar with this specific setup are:

In the config/config.yml file, verify that the dashboard_url is set to the FQDN of the full URL (e.g. pangolin.mydomain.com), and that the base_domain is set to the root/apex domain (e.g. mydomain.com).
Double check those DNS records. As the haiku goes: it’s not DNS, it couldn’t be DNS, it was DNS. dig pangolin.mydomain.com or dig @1.1.1.1 pangolin.mydomain.com should show the CNAME that points to the A record.
A 404 page not found error is normal when connecting to the IP address directly rather than using the domain name. I was successfully able to access the dashboard using the FQDN from a local and external network. Depending on your network, you might want to set up a local DNS record that points to the internal IP address as well (though this should be optional in most cases to my knowledge).

I hope that helps!

punkibas@piefed.social on 12 Jun 11:18 collapse

Can you port forward to anything else in your network that you know works 100% to check if the problem is something besides Pangolin?