how-to-install-self-hosted-pangolin-tunneled-reverse-proxy-server
Pangolin is an open-source, self-hosted tunneling solution that lets you securely expose services running on your home or local network to the internet. Unlike third-party tunnel providers (e.g., Ngrok) or commercial VPNs, Pangolin gives you full control—no usage limits, no hidden costs, and complete privacy. Whether you’re a freelancer, blogger, or non-technical VPS user, Pangolin simplifies remote access without relying on cloud providers.
Feature | Pangolin | Ngrok | Tailscale | Zerotier |
---|---|---|---|---|
Privacy | Fully self-hosted, no logs | Logs on provider servers | Uses provider network | Uses provider network |
Cost | Free (host your own VPS) | Free tier limited; paid | Free for basic; paid | Free for basic; paid |
Open-Source | Yes | No | Partially (Tailscale CLI) | Partially (ZeroTier One) |
Self-Hosting | ✔️ | ❌ | ❌ | ❌ |
Ease of Use | Beginner-friendly installer | Very easy GUI/CLI | CLI-based | CLI-based |
Speed | WireGuard-backed tunnel | Proprietary TCP/UDP mix | WireGuard | Proprietary protocol |
*.yourdomain.com
) directs traffic to Pangolin, which routes each subdomain (e.g., jf.yourdomain.com
) to the matching local service.This design means your home router’s ports stay closed, all traffic is end-to-end encrypted, and you avoid ISP restrictions on inbound connections.
sudo apt update && sudo apt upgrade -y
adduser pangouser usermod -aG sudo pangouser
yourdomain.com
):A @ → your.VPS.IP
A * → your.VPS.IP
proxy.yourdomain.com → your.VPS.IP
).Run the official quick-install script (requires Docker):
curl -fsSL https://github.com/fossorial-io/pangolin/releases/latest/download/install.sh | sudo bash
When prompted, provide:
yourdomain.com
proxy
After a minute, the dashboard is live at https://proxy.yourdomain.com
. Log in with your admin credentials.
On a machine inside your LAN (can be a tiny VM or container)
sudo apt update && sudo apt install -y curl wget ssh nano
wget https://github.com/fossorial-io/newt/releases/latest/download/newt-linux-amd64
chmod +x newt-linux-amd64 && mv newt-linux-amd64 newt
[Unit]
Description=Newt VPN Client
After=network.target
[Service]
ExecStart=/usr/local/bin/newt --id YOUR_ID --secret YOUR_SECRET --endpoint https://proxy.yourdomain.com
Restart=always
User=root
[Install]
WantedBy=multi-user.target
sudo mv newt /usr/local/bin/
sudo mv newt.service /etc/systemd/system/
sudo systemctl enable --now newt.service
home-ingress
), select Linux/amd64, paste the copied newt
credentials, and click Create Site.jf
).192.168.1.10
) and port (e.g., 8096
for Jellyfin), then Add Target → Save.Access your service at https://jf.yourdomain.com
.
Pangolin auto-requests Let’s Encrypt certificates for each subdomain. Ensure ports 80/443 are open on your VPS and DNS has propagated.
No port-forwarding at home is needed—Newt initiates outbound WireGuard connections, bypassing NAT restrictions.
journalctl -u newt.service
for errors in ID/secret or endpoint URL.Pangolin offers a privacy-focused, open-source, and cost-effective way to tunnel into your home services. With a simple installer and intuitive dashboard, you can secure and manage multiple resources—no third-party limitations, no extra fees, and complete control over your data. Whether you’re a beginner or seasoned freelancer, Pangolin is the perfect self-hosted alternative to AnyDesk, Ngrok, and other cloud tunnels. Try it today and reclaim your network’s privacy and accessibility.
RustDesk – An Open Source Remote Support Alternative to AnyDesk and TeamViewer Introduction: Why RustDesk?…
Introduction Overview of Matrix and Its Benefits Matrix is an open-source, decentralized communication protocol designed…
What is Rallly? Rallly is an open-source scheduling and collaboration tool designed to make it…
Introduction OpenProject is a project management tool designed to help teams organize, collaborate, and track…
Hey there! Welcome back to the website, and today we're diving deeper into Jitsi Meet.…
Introduction Boost your team's collaboration and productivity with Mattermost, a secure and versatile communication platform.…