From 2a00c877ea2834195cecc17999965bd77b974eea Mon Sep 17 00:00:00 2001 From: vickodin Date: Thu, 24 Apr 2025 09:07:16 +0300 Subject: [PATCH 1/9] Improve README: Fix link to geoblock --- README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 0b130dc..461ccc1 100644 --- a/README.md +++ b/README.md @@ -78,7 +78,7 @@ _Sites page of Pangolin dashboard (dark mode) showing multiple tunnels connected ### Modular Design -- Extend functionality with existing [Traefik](https://github.com/traefik/traefik) plugins, such as [CrowdSec](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin) and [Geoblock](github.com/PascalMinder/geoblock). +- Extend functionality with existing [Traefik](https://github.com/traefik/traefik) plugins, such as [CrowdSec](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin) and [Geoblock](https://github.com/PascalMinder/geoblock). - **Automatically install and configure Crowdsec via Pangolin's installer script.** - Attach as many sites to the central server as you wish. @@ -89,7 +89,7 @@ _Sites page of Pangolin dashboard (dark mode) showing multiple tunnels connected 1. **Deploy the Central Server**: - Deploy the Docker Compose stack onto a VPS hosted on a cloud platform like RackNerd, Amazon EC2, DigitalOcean Droplet, or similar. There are many cheap VPS hosting options available to suit your needs. - + > [!TIP] > Many of our users have had a great experience with [RackNerd](https://my.racknerd.com/aff.php?aff=13788). Depending on promotions, you can likely get a **VPS with 1 vCPU, 1GB RAM, and ~20GB SSD for just around $12/year**. That's a great deal! > We are part of the [RackNerd](https://my.racknerd.com/aff.php?aff=13788) affiliate program, so if you purchase through [our link](https://my.racknerd.com/aff.php?aff=13788), we receive a small commission which helps us maintain the project and keep it free for everyone. @@ -108,10 +108,10 @@ _Sites page of Pangolin dashboard (dark mode) showing multiple tunnels connected - Add resources to the central server and configure access control rules. - Access these resources securely from anywhere. -**Use Case Example - Bypassing Port Restrictions in Home Lab**: +**Use Case Example - Bypassing Port Restrictions in Home Lab**: Imagine private sites where the ISP restricts port forwarding. By connecting these sites to Pangolin via WireGuard, you can securely expose HTTP and HTTPS resources on the private network without any networking complexity. -**Use Case Example - IoT Networks**: +**Use Case Example - IoT Networks**: IoT networks are often fragmented and difficult to manage. By deploying Pangolin on a central server, you can connect all your IoT sites via Newt or another WireGuard client. This creates a simple, secure, and centralized way to access IoT resources without the need for intricate networking setups. @@ -121,10 +121,10 @@ _Resources page of Pangolin dashboard (dark mode) showing HTTPS and TCP resource ## Similar Projects and Inspirations -**Cloudflare Tunnels**: +**Cloudflare Tunnels**: A similar approach to proxying private resources securely, but Pangolin is a self-hosted alternative, giving you full control over your infrastructure. -**Authentik and Authelia**: +**Authentik and Authelia**: These projects inspired Pangolin’s centralized authentication system for proxies, enabling robust user and role management. ## Project Development / Roadmap From 6aeddde1cdd0c90a6c2a37c5a870a9b0f5f4e2fc Mon Sep 17 00:00:00 2001 From: Justin van der Westhuizen Date: Fri, 25 Apr 2025 07:06:14 +0200 Subject: [PATCH 2/9] Added QR code to wireguard config for easy scanning on mobile phones --- src/app/[orgId]/settings/sites/create/page.tsx | 14 ++++++++++++-- src/components/QRContainer.tsx | 17 +++++++++++++++++ 2 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 src/components/QRContainer.tsx diff --git a/src/app/[orgId]/settings/sites/create/page.tsx b/src/app/[orgId]/settings/sites/create/page.tsx index f078b9d..ba46aa5 100644 --- a/src/app/[orgId]/settings/sites/create/page.tsx +++ b/src/app/[orgId]/settings/sites/create/page.tsx @@ -57,6 +57,8 @@ import { BreadcrumbSeparator } from "@app/components/ui/breadcrumb"; import Link from "next/link"; +import QRCode from "react-qr-code"; +import QRContainer from "@app/components/QRContainer"; const createSiteFormSchema = z .object({ @@ -775,8 +777,16 @@ PersistentKeepalive = 5`; - - +
+ + + + +
diff --git a/src/components/QRContainer.tsx b/src/components/QRContainer.tsx new file mode 100644 index 0000000..65912db --- /dev/null +++ b/src/components/QRContainer.tsx @@ -0,0 +1,17 @@ +"use client"; + +export default function QRContainer({ + children =
, + outline = true +}) { + + return ( +
+
+ {children} +
+
+ ); +} From 8990de561890ee352a765cc911924c3b4774e474 Mon Sep 17 00:00:00 2001 From: Justin van der Westhuizen Date: Fri, 25 Apr 2025 07:38:17 +0200 Subject: [PATCH 3/9] added missing package --- package-lock.json | 18 ++++++++++++++++++ package.json | 1 + 2 files changed, 19 insertions(+) diff --git a/package-lock.json b/package-lock.json index c9e0a33..42ec828 100644 --- a/package-lock.json +++ b/package-lock.json @@ -64,6 +64,7 @@ "react-easy-sort": "^1.6.0", "react-hook-form": "7.54.2", "react-icons": "^5.5.0", + "react-qr-code": "^2.0.15", "rebuild": "0.1.2", "semver": "7.6.3", "tailwind-merge": "2.6.0", @@ -13283,6 +13284,11 @@ "node": ">=6" } }, + "node_modules/qr.js": { + "version": "0.0.0", + "resolved": "https://registry.npmjs.org/qr.js/-/qr.js-0.0.0.tgz", + "integrity": "sha512-c4iYnWb+k2E+vYpRimHqSu575b1/wKl4XFeJGpFmrJQz5I88v9aY2czh7s0w36srfCM1sXgC/xpoJz5dJfq+OQ==" + }, "node_modules/qrcode.react": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/qrcode.react/-/qrcode.react-4.2.0.tgz", @@ -14263,6 +14269,18 @@ "integrity": "sha512-bCK/2Z4zLidyB4ReuIsvALH6w31YfAQDmXMqMx6FyfHqvBxtjC0eRumeSu4Bs3XtXwpyIywtSTrVT99BxY1f9w==", "license": "MIT" }, + "node_modules/react-qr-code": { + "version": "2.0.15", + "resolved": "https://registry.npmjs.org/react-qr-code/-/react-qr-code-2.0.15.tgz", + "integrity": "sha512-MkZcjEXqVKqXEIMVE0mbcGgDpkfSdd8zhuzXEl9QzYeNcw8Hq2oVIzDLWuZN2PQBwM5PWjc2S31K8Q1UbcFMfw==", + "dependencies": { + "prop-types": "^15.8.1", + "qr.js": "0.0.0" + }, + "peerDependencies": { + "react": "*" + } + }, "node_modules/react-remove-scroll": { "version": "2.6.3", "resolved": "https://registry.npmjs.org/react-remove-scroll/-/react-remove-scroll-2.6.3.tgz", diff --git a/package.json b/package.json index 08cb73a..eb49eaf 100644 --- a/package.json +++ b/package.json @@ -75,6 +75,7 @@ "react-easy-sort": "^1.6.0", "react-hook-form": "7.54.2", "react-icons": "^5.5.0", + "react-qr-code": "^2.0.15", "rebuild": "0.1.2", "semver": "7.6.3", "tailwind-merge": "2.6.0", From 28ac5e1237104b2ecb329de6846edc8f0ded7280 Mon Sep 17 00:00:00 2001 From: Justin van der Westhuizen Date: Fri, 25 Apr 2025 07:53:44 +0200 Subject: [PATCH 4/9] fixed spelling of public in db (the L was missing) --- server/db/schemas/schema.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/db/schemas/schema.ts b/server/db/schemas/schema.ts index a862755..77872a0 100644 --- a/server/db/schemas/schema.ts +++ b/server/db/schemas/schema.ts @@ -99,7 +99,7 @@ export const exitNodes = sqliteTable("exitNodes", { name: text("name").notNull(), address: text("address").notNull(), // this is the address of the wireguard interface in gerbil endpoint: text("endpoint").notNull(), // this is how to reach gerbil externally - gets put into the wireguard config - publicKey: text("pubicKey").notNull(), + publicKey: text("publicKey").notNull(), listenPort: integer("listenPort").notNull(), reachableAt: text("reachableAt") // this is the internal address of the gerbil http server for command control }); From b3d0b69c04785f3a6e5a038381ae702496f15bee Mon Sep 17 00:00:00 2001 From: Taylan Date: Fri, 25 Apr 2025 12:01:12 +0200 Subject: [PATCH 5/9] use the new traefik version 3.3.6 --- install/config/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/config/docker-compose.yml b/install/config/docker-compose.yml index 496b013..6c1a375 100644 --- a/install/config/docker-compose.yml +++ b/install/config/docker-compose.yml @@ -35,7 +35,7 @@ services: - 80:80 # Port for traefik because of the network_mode {{end}} traefik: - image: traefik:v3.3.5 + image: traefik:v3.3.6 container_name: traefik restart: unless-stopped {{if .InstallGerbil}} From 2a43b3ce4abe540a32470bf075e6fd8274855cef Mon Sep 17 00:00:00 2001 From: Justin van der Westhuizen Date: Fri, 25 Apr 2025 19:46:19 +0200 Subject: [PATCH 6/9] changed qrcode to react-qr-code --- src/app/[orgId]/settings/sites/create/page.tsx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/app/[orgId]/settings/sites/create/page.tsx b/src/app/[orgId]/settings/sites/create/page.tsx index ba46aa5..438d1ae 100644 --- a/src/app/[orgId]/settings/sites/create/page.tsx +++ b/src/app/[orgId]/settings/sites/create/page.tsx @@ -57,7 +57,7 @@ import { BreadcrumbSeparator } from "@app/components/ui/breadcrumb"; import Link from "next/link"; -import QRCode from "react-qr-code"; +import { QRCodeCanvas } from "qrcode.react"; import QRContainer from "@app/components/QRContainer"; const createSiteFormSchema = z @@ -780,7 +780,7 @@ PersistentKeepalive = 5`;
- Date: Fri, 25 Apr 2025 19:50:14 +0200 Subject: [PATCH 7/9] removed react-qr-code --- package-lock.json | 18 ------------------ package.json | 1 - 2 files changed, 19 deletions(-) diff --git a/package-lock.json b/package-lock.json index 42ec828..c9e0a33 100644 --- a/package-lock.json +++ b/package-lock.json @@ -64,7 +64,6 @@ "react-easy-sort": "^1.6.0", "react-hook-form": "7.54.2", "react-icons": "^5.5.0", - "react-qr-code": "^2.0.15", "rebuild": "0.1.2", "semver": "7.6.3", "tailwind-merge": "2.6.0", @@ -13284,11 +13283,6 @@ "node": ">=6" } }, - "node_modules/qr.js": { - "version": "0.0.0", - "resolved": "https://registry.npmjs.org/qr.js/-/qr.js-0.0.0.tgz", - "integrity": "sha512-c4iYnWb+k2E+vYpRimHqSu575b1/wKl4XFeJGpFmrJQz5I88v9aY2czh7s0w36srfCM1sXgC/xpoJz5dJfq+OQ==" - }, "node_modules/qrcode.react": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/qrcode.react/-/qrcode.react-4.2.0.tgz", @@ -14269,18 +14263,6 @@ "integrity": "sha512-bCK/2Z4zLidyB4ReuIsvALH6w31YfAQDmXMqMx6FyfHqvBxtjC0eRumeSu4Bs3XtXwpyIywtSTrVT99BxY1f9w==", "license": "MIT" }, - "node_modules/react-qr-code": { - "version": "2.0.15", - "resolved": "https://registry.npmjs.org/react-qr-code/-/react-qr-code-2.0.15.tgz", - "integrity": "sha512-MkZcjEXqVKqXEIMVE0mbcGgDpkfSdd8zhuzXEl9QzYeNcw8Hq2oVIzDLWuZN2PQBwM5PWjc2S31K8Q1UbcFMfw==", - "dependencies": { - "prop-types": "^15.8.1", - "qr.js": "0.0.0" - }, - "peerDependencies": { - "react": "*" - } - }, "node_modules/react-remove-scroll": { "version": "2.6.3", "resolved": "https://registry.npmjs.org/react-remove-scroll/-/react-remove-scroll-2.6.3.tgz", diff --git a/package.json b/package.json index eb49eaf..08cb73a 100644 --- a/package.json +++ b/package.json @@ -75,7 +75,6 @@ "react-easy-sort": "^1.6.0", "react-hook-form": "7.54.2", "react-icons": "^5.5.0", - "react-qr-code": "^2.0.15", "rebuild": "0.1.2", "semver": "7.6.3", "tailwind-merge": "2.6.0", From 35e5f39c71fca84818bc4d0f2477f12d0e31fa75 Mon Sep 17 00:00:00 2001 From: Michael Fuckner Date: Sun, 27 Apr 2025 11:33:16 +0200 Subject: [PATCH 8/9] Fix Typo --- install/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/main.go b/install/main.go index 47c846c..9f07bbc 100644 --- a/install/main.go +++ b/install/main.go @@ -191,7 +191,7 @@ func collectUserInput(reader *bufio.Reader) Config { config.BaseDomain = readString(reader, "Enter your base domain (no subdomain e.g. example.com)", "") config.DashboardDomain = readString(reader, "Enter the domain for the Pangolin dashboard", "pangolin."+config.BaseDomain) config.LetsEncryptEmail = readString(reader, "Enter email for Let's Encrypt certificates", "") - config.InstallGerbil = readBool(reader, "Do you want to use Gerbil to allow tunned connections", true) + config.InstallGerbil = readBool(reader, "Do you want to use Gerbil to allow tunneled connections", true) // Admin user configuration fmt.Println("\n=== Admin User Configuration ===") From a5b782b72acad7c0218ec543d1782fdfec3ca30f Mon Sep 17 00:00:00 2001 From: Alex Freidel Date: Mon, 28 Apr 2025 08:14:19 +0200 Subject: [PATCH 9/9] feat: enhance 2fa login As soon as all digits have been entered, the form will be sent automatically. Similar to GitHub's implementation. --- src/components/LoginForm.tsx | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/components/LoginForm.tsx b/src/components/LoginForm.tsx index 3be1152..987e9c7 100644 --- a/src/components/LoginForm.tsx +++ b/src/components/LoginForm.tsx @@ -215,6 +215,12 @@ export default function LoginForm({ redirect, onLogin }: LoginFormProps) { pattern={ REGEXP_ONLY_DIGITS_AND_CHARS } + onChange={(e) => { + field.onChange(e); + if (e.target.value.length === 6) { + mfaForm.handleSubmit(onSubmit)(); + } + }} >