mocode-software/meldestelle
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

docs: add new Access Control and Logs documentation pages

Browse Source 
- Documented Access Control features (e.g., Device Approvals, Password Rotation, 2FA, Custom Login Pages).
- Added detailed descriptions for Logs & Analytics (Access Logs, Request Logs, Action Logs).
- Included configuration instructions and feature-specific notes for Pangolin Cloud and Enterprise Edition.

Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
This commit is contained in:
Stefan Mogeritsch
2026-03-11 11:24:24 +01:00
parent a70f132fd9
commit aa157e82f8
87 changed files with 13163 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/01_Architecture/Pangolin/Mange_Pangolin/Remote_Nodes/Configuration_File.md
+93
View File
@@ -0,0 +1,93 @@
> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pangolin.net/llms.txt
> Use this file to discover all available pages before exploring further.
# Configuration File
> Configure your remote node using the config.yml file
<div id="pangolin-toc-cta" className="pangolin-toc-cta-source">
<Card title="Try free on Pangolin Cloud" icon="cloud" href="https://app.pangolin.net/auth/signup" arrow="true" cta="Sign up free">
Fastest way to get started with Pangolin using the hosted control plane. No credit card required.
</Card>
</div>
The `config.yml` file includes basic config variable for your remote node. This file is mounted at `config/config.yml`
in your Docker container.
Minimal configuration file:
```yaml title="config.yml" theme={null}
gerbil:
start_port: 51820
base_endpoint: "154.123.45.67" # REPLACE WITH YOUR IP OR DOMAIN
managed:
id: "he4g78wevj25msf"
secret: "n7sd18twfko0q0vrb7wyclqzbvvnx1fqt7ezv8xewhdb9s7d"
```
### Gerbil Tunnel Controller
<ResponseField name="gerbil" type="object" required>
Gerbil tunnel controller settings for WireGuard tunneling.
<Expandable title="Gerbil">
<ResponseField name="base_endpoint" type="string" required>
Domain name included in WireGuard configuration for tunnel connections.
**Example**: `pangolin.example.com`
</ResponseField>
<ResponseField name="start_port" type="integer">
Starting port for WireGuard tunnels.
**Example**: `51820`
</ResponseField>
</Expandable>
</ResponseField>
### Remote Node Configuration
<ResponseField name="managed" type="object">
Settings for connecting the remote node to the Pangolin head server.
<Expandable title="Managed">
<ResponseField name="id" type="string">
Unique identifier for the managed deployment. Generated from the installer or the [Pangolin dashboard](https://app.pangolin.net).
**Example**: `he4g78wevj25msf`
</ResponseField>
<ResponseField name="secret" type="string">
Secret key for authenticating with the managed service. Generated from the installer or the [Pangolin dashboard](https://app.pangolin.net).
**Example**: `n7sd18twfko0q0vrb7wyclqzbvvnx1fqt7ezv8xewhdb9s7d`
<Warning>
Keep this secret secure and do not share it publicly.
</Warning>
</ResponseField>
<ResponseField name="endpoint" type="string">
The managed service endpoint to connect to. This can only change with enterprise deployments.
**Example**: `https://app.pangolin.net`
**Default**: `https://app.pangolin.net`
</ResponseField>
<ResponseField name="redirect_endpoint" type="string">
Custom redirect endpoint for authentication flows. This can only change for enterprise deployments.
**Example**: `https://my-pangolin.example.com`
<Note>
If not specified, the default dashboard URL will be used.
</Note>
</ResponseField>
</Expandable>
</ResponseField>
docs/01_Architecture/Pangolin/Mange_Pangolin/Remote_Nodes/Quick_Install_Guide.md
+114
View File
@@ -0,0 +1,114 @@
> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pangolin.net/llms.txt
> Use this file to discover all available pages before exploring further.
# Quick Install Guide
> Deploy your own remote Pangolin node in under 10 minutes with our automated installer
<div id="pangolin-toc-cta" className="pangolin-toc-cta-source">
<Card title="Try free on Pangolin Cloud" icon="cloud" href="https://app.pangolin.net/auth/signup" arrow="true" cta="Sign up free">
Fastest way to get started with Pangolin using the hosted control plane. No credit card required.
</Card>
</div>
<iframe className="w-full aspect-video rounded-xl" src="https://www.youtube.com/embed/iPdK8M0cb9s" title="YouTube video player" frameBorder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowFullScreen />
## Prerequisites
Before you begin, ensure you have:
* **Pangolin Cloud** account. You can [create a free account here](https://app.pangolin.net/auth/signup). No
subscription required.
* **Linux server** with root access and public IP address.
* **Open ports on firewall** for 80 (TCP), 443 (TCP), 51820 (UDP), and 21820 (UDP for clients).
<Tip>
**Recommended**: Ubuntu 20.04+ or Debian 11+ for best compatibility and performance.
</Tip>
## Choose Your Server
Need help choosing? See our [complete VPS guide](/self-host/choosing-a-vps) for suggestions.
## Networking
Before installing Pangolin, ensure you've opened the required port on your firewall. See our guide
on [networking](/self-host/dns-and-networking#port-configuration) for more information.
## Installation Process
<Steps>
<Step title="Download the installer">
Connect to your server via SSH and download the installer:
```bash theme={null}
curl -fsSL https://static.pangolin.net/get-node-installer.sh | bash
```
The installer supports both AMD64 (x86\_64) and ARM64 architectures.
</Step>
<Step title="Run the installer">
Execute the installer with root privileges:
```bash theme={null}
sudo ./installer
```
The installer places all files in the current directory. Move the installer to your desired installation directory before running it.
</Step>
<Step title="Do you already have credentials from the dashboard?">
If you are on your game and have already generated credentials for this node in the dashboard enter them here.
<Tip>
If you don't have them yet you can just select no when asked and we will create it in a later step.
</Tip>
</Step>
<Step title="The public addressable IP address for this node">
Enter either the public IP address of your server or a domain name that resolves to it.
<Note>
The installer will attempt resolve and prefill your public IP address. Verify this is correct before preceding.
</Note>
<Warning>
If you choose to use a domain keep in mind this just resolves your node on the internet while the actual subdomains for resources will be managed in the cloud.
</Warning>
</Step>
<Step title="Generate credentials">
If you did not enter credentials earlier then you should see something like the following:
```
Your managed credentials have been obtained successfully.
ID: he4g78wevj25msf
Secret: n7sd18twfko0q0vrb7wyclqzbvvnx1fqt7ezv8xewhdb9s7d
```
Go to the [Pangolin dashboard](https://app.pangolin.net/) and log in. Navigate to the "Self-hosted" section and add a new node. Select the adopt method. Use this ID and secret to register your node.
<Tip>
More than one account can use the same node credentials. This is useful for teams.
</Tip>
</Step>
</Steps>
## Post-Installation Setup
Once installation completes successfully, you'll see:
```
Installation complete!
```
Navigate to the [Pangolin dashboard](https://app.pangolin.net/) and create sites, resources, and targets for your remote
node.
docs/01_Architecture/Pangolin/Mange_Pangolin/Remote_Nodes/Remote_Nodes.md
+63
View File
@@ -0,0 +1,63 @@
> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pangolin.net/llms.txt
> Use this file to discover all available pages before exploring further.
# Remote Nodes
> Control your own Pangolin node with cloud management
<div id="pangolin-toc-cta" className="pangolin-toc-cta-source">
<Card title="Try free on Pangolin Cloud" icon="cloud" href="https://app.pangolin.net/auth/signup" arrow="true" cta="Sign up free">
Fastest way to get started with Pangolin using the hosted control plane. No credit card required.
</Card>
</div>
<Note>
Remote Nodes are available in Pangolin Cloud and self-hosted [Enterprise Edition](/self-host/enterprise-edition).
</Note>
Remote nodes, you run your own Pangolin node - your tunnels, SSL termination, and traffic all stay on your server and
use your bandwidth. The difference is that management and monitoring are handled through our cloud or your central
self-hosted [Enterprise Edition](/self-host/enterprise-edition) server. The node just handles terminating Wireguard
tunnels, serving HTTP(S) traffic, and routing relayed client connections - it is essentially a remote networking hub.
Think of different nodes as the "front doors" to your applications - users connect to the closest one, and it securely
routes their requests to your backend services.
<Tip>
You can deploy a remote Pangolin node [using the installer](/manage/remote-node/quick-install-remote).
</Tip>
## How It Works
* **Host the Node**: Run Gerbil, Traefik, and a light weight agent on your server that communicates with the central
Pangolin control plane with a websocket connection.
* **Delegate the DNS**: Your domain and DNS config is still controlled by the Pangolin control plane and the central DNS
server routes to the right node when connecting.
* **Certificates and Config**: The control plane pushes down WireGuard configs, SSL certificates, and routing rules to
your node as you create resources and sites.
* **Failover**: If you have multiple nodes, the control plane will failover between them. If one node becomes
unavailable, traffic can optionally fail over to our cloud infrastructure or other nodes until you restore service.
<Frame>
<img src="https://mintcdn.com/fossorial/u-2SUNWyK_LJL3sU/images/ha.svg?fit=max&auto=format&n=u-2SUNWyK_LJL3sU&q=85&s=7e747ea7d7479f7f7d068a2645ac4624" width="400" centered data-og-width="1324" data-og-height="976" data-path="images/ha.svg" data-optimize="true" data-opv="3" srcset="https://mintcdn.com/fossorial/u-2SUNWyK_LJL3sU/images/ha.svg?w=280&fit=max&auto=format&n=u-2SUNWyK_LJL3sU&q=85&s=382d3494e8c5b2bd04c97c01ed23ce14 280w, https://mintcdn.com/fossorial/u-2SUNWyK_LJL3sU/images/ha.svg?w=560&fit=max&auto=format&n=u-2SUNWyK_LJL3sU&q=85&s=81f6da33d18766f7d3756cd4f4ee2323 560w, https://mintcdn.com/fossorial/u-2SUNWyK_LJL3sU/images/ha.svg?w=840&fit=max&auto=format&n=u-2SUNWyK_LJL3sU&q=85&s=dede18ff3acd6d470cdff87747a4b4db 840w, https://mintcdn.com/fossorial/u-2SUNWyK_LJL3sU/images/ha.svg?w=1100&fit=max&auto=format&n=u-2SUNWyK_LJL3sU&q=85&s=41e249f12dee53bb479966b82b6b8e23 1100w, https://mintcdn.com/fossorial/u-2SUNWyK_LJL3sU/images/ha.svg?w=1650&fit=max&auto=format&n=u-2SUNWyK_LJL3sU&q=85&s=f91af6914ea26ac0ee3bfca2f1f59764 1650w, https://mintcdn.com/fossorial/u-2SUNWyK_LJL3sU/images/ha.svg?w=2500&fit=max&auto=format&n=u-2SUNWyK_LJL3sU&q=85&s=13094848f30b04a8e762eae28b7439a3 2500w" />
</Frame>
## Some Benefits
### Automatic Updates and Less Maintenance
The cloud dashboard evolves quickly, so you get new features and bug fixes without having to manually pull new
containers every time. Because the remote node is just handling the networking you do not need to do database
migrations, or backups.
### Cloud Failover
If your nodes goes down, your tunnels can temporarily fail over to our cloud points of presence or another node until
you bring it back online. This ensures continuous availability.
### High Availability (PoPs)
You can attach multiple nodes to your account for redundancy and better performance. For example, deploy nodes across
different regions or providers for decreased latency.