github-starred/pangolin
2
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-05-08 21:59:09 -05:00
Code Issues 564 Packages Projects Releases 72 Wiki Activity

[GH-ISSUE #222] Only local site on ADD new site #8114

New Issue
Closed
opened 2026-04-30 03:34:04 -05:00 by GiteaMirror · 9 comments
GiteaMirror commented 2026-04-30 03:34:04 -05:00
Owner
Copy Link

Originally created by @urkosan on GitHub (Feb 19, 2025).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/222

Hello,
I have a problem with version 1.0.0-beta.14. When I want to add a site under manage sites, I only have "local" as an option. I can't select "newt" or "wireguard".
The thing is, I’m not sure if I have the correct firewall configuration set up. The system is on a VPS where I have to manage the firewall myself, and they don't provide this for me. I’m attaching my iptables configuration. Could the problem be somewhere else?

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:DOCKER-USER - [0:0]

Flush all rules in the INPUT and DOCKER-USER chains

-F INPUT
-F DOCKER-USER

Allow loopback and established connections

-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

Allow Docker bridge network

-A INPUT -s 172.17.0.0/16 -j ACCEPT

Block TCP NULL scan (no flags set)

-A INPUT -p tcp --tcp-flags ALL NONE -j DROP

Block XMAS scan (all flags set)

-A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP

Host services (adjust as needed)

-A INPUT -p tcp --dport 64000 -j ACCEPT
-A INPUT -p tcp --dport 64000 -m recent --set --name SSH
-A INPUT -p tcp --dport 64000 -m recent --update --seconds 60 --hitcount 5 --name SSH -j DROP

Docker filtering

-A DOCKER-USER -i ens3 -m conntrack --ctstate RELATED,ESTABLISHED -j RETURN
-A DOCKER-USER -i ens3 -p tcp -m conntrack --ctorigdstport 80 -j RETURN
-A DOCKER-USER -i ens3 -p tcp -m conntrack --ctorigdstport 443 -j RETURN
-A DOCKER-USER -i ens3 -p udp -m conntrack --ctorigdstport 53 -j RETURN
-A DOCKER-USER -i ens3 -p tcp -m conntrack --ctorigdstport 53 -j RETURN
-A DOCKER-USER -i ens3 -p udp -m conntrack --ctorigdstport 51820 -j RETURN
-A DOCKER-USER -i ens3 -j DROP
-A DOCKER-USER -j RETURN

Set default policies

-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT

COMMIT

Originally created by @urkosan on GitHub (Feb 19, 2025). Original GitHub issue: https://github.com/fosrl/pangolin/issues/222 Hello, I have a problem with version 1.0.0-beta.14. When I want to add a site under manage sites, I only have "local" as an option. I can't select "newt" or "wireguard". The thing is, I’m not sure if I have the correct firewall configuration set up. The system is on a VPS where I have to manage the firewall myself, and they don't provide this for me. I’m attaching my iptables configuration. Could the problem be somewhere else? *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :DOCKER-USER - [0:0] # Flush all rules in the INPUT and DOCKER-USER chains -F INPUT -F DOCKER-USER # Allow loopback and established connections -A INPUT -i lo -j ACCEPT -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT # Allow Docker bridge network -A INPUT -s 172.17.0.0/16 -j ACCEPT # Block TCP NULL scan (no flags set) -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # Block XMAS scan (all flags set) -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP # Host services (adjust as needed) -A INPUT -p tcp --dport 64000 -j ACCEPT -A INPUT -p tcp --dport 64000 -m recent --set --name SSH -A INPUT -p tcp --dport 64000 -m recent --update --seconds 60 --hitcount 5 --name SSH -j DROP # Docker filtering -A DOCKER-USER -i ens3 -m conntrack --ctstate RELATED,ESTABLISHED -j RETURN -A DOCKER-USER -i ens3 -p tcp -m conntrack --ctorigdstport 80 -j RETURN -A DOCKER-USER -i ens3 -p tcp -m conntrack --ctorigdstport 443 -j RETURN -A DOCKER-USER -i ens3 -p udp -m conntrack --ctorigdstport 53 -j RETURN -A DOCKER-USER -i ens3 -p tcp -m conntrack --ctorigdstport 53 -j RETURN -A DOCKER-USER -i ens3 -p udp -m conntrack --ctorigdstport 51820 -j RETURN -A DOCKER-USER -i ens3 -j DROP -A DOCKER-USER -j RETURN # Set default policies -P INPUT DROP -P FORWARD DROP -P OUTPUT ACCEPT COMMIT
GiteaMirror commented 2026-04-30 03:34:06 -05:00
Author
Owner
Copy Link

@urkosan commented on GitHub (Feb 19, 2025):

traefik | 2025-02-19T13:56:52Z ERR Provider error, retrying in 451.954155ms error="cannot fetch configuration data: do fetch request: Get "http://pangolin:3001/api/v1/traefik-config": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http
traefik | 2025-02-19T13:56:53Z ERR Provider error, retrying in 681.005311ms error="cannot fetch configuration data: do fetch request: Get "http://pangolin:3001/api/v1/traefik-config": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http
traefik | 2025-02-19T13:56:54Z ERR Provider error, retrying in 1.029515365s error="cannot fetch configuration data: do fetch request: Get "http://pangolin:3001/api/v1/traefik-config": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http
traefik | 2025-02-19T13:56:55Z ERR Provider error, retrying in 845.725703ms error="cannot fetch configuration data: do fetch request: Get "http://pangolin:3001/api/v1/traefik-config": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http

<!-- gh-comment-id:2668780786 --> @urkosan commented on GitHub (Feb 19, 2025): traefik | 2025-02-19T13:56:52Z ERR Provider error, retrying in 451.954155ms error="cannot fetch configuration data: do fetch request: Get \"http://pangolin:3001/api/v1/traefik-config\": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http traefik | 2025-02-19T13:56:53Z ERR Provider error, retrying in 681.005311ms error="cannot fetch configuration data: do fetch request: Get \"http://pangolin:3001/api/v1/traefik-config\": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http traefik | 2025-02-19T13:56:54Z ERR Provider error, retrying in 1.029515365s error="cannot fetch configuration data: do fetch request: Get \"http://pangolin:3001/api/v1/traefik-config\": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http traefik | 2025-02-19T13:56:55Z ERR Provider error, retrying in 845.725703ms error="cannot fetch configuration data: do fetch request: Get \"http://pangolin:3001/api/v1/traefik-config\": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http
GiteaMirror commented 2026-04-30 03:34:06 -05:00
Author
Owner
Copy Link

@oschwartz10612 commented on GitHub (Feb 19, 2025):

We can definitely take a look at the firewall next but I think the initial issue is that Gerbil did not register with Pangolin so you do not have an "exit node" so you dont have the ability to create tunneled sites.

How did you install? Did you use the installer? If so there is a step that asks if you wanted to install gerbil and maybe you selected no?

Can you take a look at your docker compose file and see if gerbil is in there? If not you could add it manually or reinstall using the installer.

<!-- gh-comment-id:2668856223 --> @oschwartz10612 commented on GitHub (Feb 19, 2025): We can definitely take a look at the firewall next but I think the initial issue is that Gerbil did not register with Pangolin so you do not have an "exit node" so you dont have the ability to create tunneled sites. How did you install? Did you use the installer? If so there is a step that asks if you wanted to install gerbil and maybe you selected no? Can you take a look at your docker compose file and see if gerbil is in there? If not you could add it [manually](https://docs.fossorial.io/Getting%20Started/Manual%20Install%20Guides/docker-compose) or reinstall using the installer.
GiteaMirror commented 2026-04-30 03:34:06 -05:00
Author
Owner
Copy Link

@urkosan commented on GitHub (Feb 19, 2025):

yes from installer. but then i did correction for Wildcard Config for DNS-01 Challenge
my docke-compose.yml:
services:
pangolin:
image: fosrl/pangolin:1.0.0-beta.14
container_name: pangolin
restart: unless-stopped
volumes:
- ./config:/app/config
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3001/api/v1/"]
interval: "3s"
timeout: "3s"
retries: 5

gerbil:
image: fosrl/gerbil:1.0.0-beta.3
container_name: gerbil
restart: unless-stopped
depends_on:
pangolin:
condition: service_healthy
command:
- --reachableAt=http://gerbil:3003
- --generateAndSaveKeyTo=/var/config/key
- --remoteConfig=http://pangolin:3001/api/v1/gerbil/get-config
- --reportBandwidthTo=http://pangolin:3001/api/v1/gerbil/receive-bandwidth
volumes:
- ./config/:/var/config
cap_add:
- NET_ADMIN
- SYS_MODULE
ports:
- 51820:51820/udp
- 443:443 # Port for traefik because of the network_mode
- 80:80 # Port for traefik because of the network_mode

traefik:
image: traefik:v3.3.3
container_name: traefik
restart: unless-stopped

network_mode: service:gerbil # Ports appear on the gerbil service


depends_on:
  pangolin:
    condition: service_healthy
command:
  - --configFile=/etc/traefik/traefik_config.yml
# Add the environment variables for your DNS provider.
environment:
  CLOUDFLARE_DNS_API_TOKEN: "efdrssb78r638r38r83r83d7ffefefefefeg"
volumes:
  - ./config/traefik:/etc/traefik:ro # Volume to store the Traefik configuration
  - ./config/letsencrypt:/letsencrypt # Volume to store the Let's Encrypt certificates

networks:
default:
driver: bridge
name: pangolin

config.yml:

app:
dashboard_url: "https://proxy.test.com"
base_domain: "test.com"
log_level: "info"
save_logs: false

server:
external_port: 3000
internal_port: 3001
next_port: 3002
internal_hostname: "pangolin"
session_cookie_name: "p_session_token"
resource_access_token_param: "p_token"
resource_session_request_param: "p_session_request"
cors:
origins: ["https://proxy.test.com"]
methods: ["GET", "POST", "PUT", "DELETE", "PATCH"]
headers: ["X-CSRF-Token", "Content-Type"]
credentials: false

traefik:
cert_resolver: "dns-cloudflare"
http_entrypoint: "web"
https_entrypoint: "websecure"
prefer_wildcard_cert: true

gerbil:
start_port: 51820
base_endpoint: "194.200.1.150"
use_subdomain: false
block_size: 24
site_block_size: 24
subnet_group: 100.89.137.0/24

rate_limits:
global:
window_minutes: 1
max_requests: 100

users:
server_admin:
email: "test@test.com"
password: "R!hdzf&hkefkllfehf////hhefheifheif67"

flags:
require_email_verification: false
disable_signup_without_invite: true
disable_user_create_org: false
allow_raw_resources: true
allow_base_domain_resources: true

dynamic_config.yml:

http:
middlewares:
redirect-to-https:
redirectScheme:
scheme: https

routers:
# HTTP to HTTPS redirect router
main-app-router-redirect:
rule: "Host(proxy.test.com)"
service: next-service
entryPoints:
- web
middlewares:
- redirect-to-https

# Next.js router (handles everything except API and WebSocket paths)
next-router:
  rule: "Host(`proxy.test.com`) && !PathPrefix(`/api/v1`)"
  service: next-service
  entryPoints:
    - websecure
  tls:
    certResolver: dns-cloudflare
    domains:
      - main: "test.com"
        sans:
          - "*.test.com"

# API router (handles /api/v1 paths)
api-router:
  rule: "Host(`proxy.test.com`) && PathPrefix(`/api/v1`)"
  service: api-service
  entryPoints:
    - websecure
  tls:
    certResolver: dns-cloudflare

# WebSocket router
ws-router:
  rule: "Host(`proxy.test.com`)"
  service: api-service
  entryPoints:
    - websecure
  tls:
    certResolver: dns-cloudflare

services:
next-service:
loadBalancer:
servers:
- url: "http://pangolin:3002" # Next.js server

api-service:
  loadBalancer:
    servers:
      - url: "http://pangolin:3000"  # API/WebSocket server

traefik_config.yml:

api:
insecure: true
dashboard: true

providers:
http:
endpoint: "http://pangolin:3001/api/v1/traefik-config"
pollInterval: "5s"
file:
filename: "/etc/traefik/dynamic_config.yml"

experimental:
plugins:
badger:
moduleName: "github.com/fosrl/badger"
version: "v1.0.0-beta.3"

log:
level: "INFO"
format: "common"

certificatesResolvers:
dns-cloudflare:
acme:
#email: "balbla@test.com"
storage: "/letsencrypt/acme.json"
#caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
dnsChallenge:
provider: cloudflare
delayBeforeCheck: 120
resolvers:
- "1.1.1.1:53"
- "1.0.0.1:53"

entryPoints:
web:
address: ":80"
websecure:
address: ":443"
transport:
respondingTimeouts:
readTimeout: "30m"
http:
tls:
certResolver: "dns-cloudflare"

serversTransport:
insecureSkipVerify: true

<!-- gh-comment-id:2669004432 --> @urkosan commented on GitHub (Feb 19, 2025): yes from installer. but then i did correction for Wildcard Config for DNS-01 Challenge my docke-compose.yml: services: pangolin: image: fosrl/pangolin:1.0.0-beta.14 container_name: pangolin restart: unless-stopped volumes: - ./config:/app/config healthcheck: test: ["CMD", "curl", "-f", "http://localhost:3001/api/v1/"] interval: "3s" timeout: "3s" retries: 5 gerbil: image: fosrl/gerbil:1.0.0-beta.3 container_name: gerbil restart: unless-stopped depends_on: pangolin: condition: service_healthy command: - --reachableAt=http://gerbil:3003 - --generateAndSaveKeyTo=/var/config/key - --remoteConfig=http://pangolin:3001/api/v1/gerbil/get-config - --reportBandwidthTo=http://pangolin:3001/api/v1/gerbil/receive-bandwidth volumes: - ./config/:/var/config cap_add: - NET_ADMIN - SYS_MODULE ports: - 51820:51820/udp - 443:443 # Port for traefik because of the network_mode - 80:80 # Port for traefik because of the network_mode traefik: image: traefik:v3.3.3 container_name: traefik restart: unless-stopped network_mode: service:gerbil # Ports appear on the gerbil service depends_on: pangolin: condition: service_healthy command: - --configFile=/etc/traefik/traefik_config.yml # Add the environment variables for your DNS provider. environment: CLOUDFLARE_DNS_API_TOKEN: "efdrssb78r638r38r83r83d7ffefefefefeg" volumes: - ./config/traefik:/etc/traefik:ro # Volume to store the Traefik configuration - ./config/letsencrypt:/letsencrypt # Volume to store the Let's Encrypt certificates networks: default: driver: bridge name: pangolin ---------------------------------------------- config.yml: app: dashboard_url: "https://proxy.test.com" base_domain: "test.com" log_level: "info" save_logs: false server: external_port: 3000 internal_port: 3001 next_port: 3002 internal_hostname: "pangolin" session_cookie_name: "p_session_token" resource_access_token_param: "p_token" resource_session_request_param: "p_session_request" cors: origins: ["https://proxy.test.com"] methods: ["GET", "POST", "PUT", "DELETE", "PATCH"] headers: ["X-CSRF-Token", "Content-Type"] credentials: false traefik: cert_resolver: "dns-cloudflare" http_entrypoint: "web" https_entrypoint: "websecure" prefer_wildcard_cert: true gerbil: start_port: 51820 base_endpoint: "194.200.1.150" use_subdomain: false block_size: 24 site_block_size: 24 subnet_group: 100.89.137.0/24 rate_limits: global: window_minutes: 1 max_requests: 100 users: server_admin: email: "test@test.com" password: "R!hdzf&hkefkllfehf////hhefheifheif67" flags: require_email_verification: false disable_signup_without_invite: true disable_user_create_org: false allow_raw_resources: true allow_base_domain_resources: true ---------------------------------------------------------------------------- dynamic_config.yml: http: middlewares: redirect-to-https: redirectScheme: scheme: https routers: # HTTP to HTTPS redirect router main-app-router-redirect: rule: "Host(`proxy.test.com`)" service: next-service entryPoints: - web middlewares: - redirect-to-https # Next.js router (handles everything except API and WebSocket paths) next-router: rule: "Host(`proxy.test.com`) && !PathPrefix(`/api/v1`)" service: next-service entryPoints: - websecure tls: certResolver: dns-cloudflare domains: - main: "test.com" sans: - "*.test.com" # API router (handles /api/v1 paths) api-router: rule: "Host(`proxy.test.com`) && PathPrefix(`/api/v1`)" service: api-service entryPoints: - websecure tls: certResolver: dns-cloudflare # WebSocket router ws-router: rule: "Host(`proxy.test.com`)" service: api-service entryPoints: - websecure tls: certResolver: dns-cloudflare services: next-service: loadBalancer: servers: - url: "http://pangolin:3002" # Next.js server api-service: loadBalancer: servers: - url: "http://pangolin:3000" # API/WebSocket server -------------------------------------------------------------------------- traefik_config.yml: api: insecure: true dashboard: true providers: http: endpoint: "http://pangolin:3001/api/v1/traefik-config" pollInterval: "5s" file: filename: "/etc/traefik/dynamic_config.yml" experimental: plugins: badger: moduleName: "github.com/fosrl/badger" version: "v1.0.0-beta.3" log: level: "INFO" format: "common" certificatesResolvers: dns-cloudflare: acme: #email: "balbla@test.com" storage: "/letsencrypt/acme.json" #caServer: "https://acme-staging-v02.api.letsencrypt.org/directory" dnsChallenge: provider: cloudflare delayBeforeCheck: 120 resolvers: - "1.1.1.1:53" - "1.0.0.1:53" entryPoints: web: address: ":80" websecure: address: ":443" transport: respondingTimeouts: readTimeout: "30m" http: tls: certResolver: "dns-cloudflare" serversTransport: insecureSkipVerify: true
GiteaMirror commented 2026-04-30 03:34:07 -05:00
Author
Owner
Copy Link

@urkosan commented on GitHub (Feb 19, 2025):

now is ok when i change to your config like tjis for gerbil:
block_size: 24
site_block_size: 30
subnet_group: 100.89.137.0/20

<!-- gh-comment-id:2669054874 --> @urkosan commented on GitHub (Feb 19, 2025): now is ok when i change to your config like tjis for gerbil: block_size: 24 site_block_size: 30 subnet_group: 100.89.137.0/20
GiteaMirror commented 2026-04-30 03:34:07 -05:00
Author
Owner
Copy Link

@urkosan commented on GitHub (Feb 19, 2025):

strange: when i restart vps the error is the same! I can not add new site only privius is working.

ERR Provider error, retrying in 639.281047ms error="cannot fetch configuration data: do fetch request: Get "http://pangolin:3001/api/v1/traefik-config": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http
traefik | 2025-02-19T16:18:09Z ERR Provider error, retrying in 698.080664ms error="cannot fetch configuration data: do fetch request: Get "http://pangolin:3001/api/v1/traefik-config": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http
traefik | 2025-02-19T16:18:09Z ERR Provider error, retrying in 1.298216794s error="cannot fetch configuration data: do fetch request: Get "http://pangolin:3001/api/v1/traefik-config": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http

<!-- gh-comment-id:2669153636 --> @urkosan commented on GitHub (Feb 19, 2025): strange: when i restart vps the error is the same! I can not add new site only privius is working. ERR Provider error, retrying in 639.281047ms error="cannot fetch configuration data: do fetch request: Get \"http://pangolin:3001/api/v1/traefik-config\": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http traefik | 2025-02-19T16:18:09Z ERR Provider error, retrying in 698.080664ms error="cannot fetch configuration data: do fetch request: Get \"http://pangolin:3001/api/v1/traefik-config\": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http traefik | 2025-02-19T16:18:09Z ERR Provider error, retrying in 1.298216794s error="cannot fetch configuration data: do fetch request: Get \"http://pangolin:3001/api/v1/traefik-config\": dial tcp 172.18.0.3:3001: connect: connection refused" providerName=http
GiteaMirror commented 2026-04-30 03:34:08 -05:00
Author
Owner
Copy Link

@urkosan commented on GitHub (Feb 19, 2025):

As soon as I enabled the proxy on Cloudflare, it stopped working. When I switched back to DNS only, it started working again.
Hmm: is ok to have ssl:full or i must have ssl:Full (Strict)

<!-- gh-comment-id:2669172602 --> @urkosan commented on GitHub (Feb 19, 2025): As soon as I enabled the proxy on Cloudflare, it stopped working. When I switched back to DNS only, it started working again. Hmm: is ok to have ssl:full or i must have ssl:Full (Strict)
GiteaMirror commented 2026-04-30 03:34:08 -05:00
Author
Owner
Copy Link

@miloschwartz commented on GitHub (Feb 19, 2025):

Hmm: is ok to have ssl:full or i must have ssl:Full (Strict)

I can only confirm that Full (Strict) works because that is what we have done in our testing. It's likely that the other methods could work, I just haven't tested them all myself with Cloudflare. Try it out and let us know if it works for you! :)

<!-- gh-comment-id:2669322598 --> @miloschwartz commented on GitHub (Feb 19, 2025): > Hmm: is ok to have ssl:full or i must have ssl:Full (Strict) I can only confirm that Full (Strict) works because that is what we have done in our testing. It's likely that the other methods could work, I just haven't tested them all myself with Cloudflare. Try it out and let us know if it works for you! :)
GiteaMirror commented 2026-04-30 03:34:10 -05:00
Author
Owner
Copy Link

@oschwartz10612 commented on GitHub (Feb 19, 2025):

Okay so are you able to use the newt connection now? If so my guess was it was having trouble registering with your previous settings.

<!-- gh-comment-id:2669628320 --> @oschwartz10612 commented on GitHub (Feb 19, 2025): Okay so are you able to use the newt connection now? If so my guess was it was having trouble registering with your previous settings.
GiteaMirror commented 2026-04-30 03:34:12 -05:00
Author
Owner
Copy Link

@natemergler commented on GitHub (Feb 25, 2025):

I can only confirm that Full (Strict) works because that is what we have done in our testing. It's likely that the other methods could work, I just haven't tested them all myself with Cloudflare. Try it out and let us know if it works for you! :)

i can also confirm this will only work with full (strict). it would be nice for this to be extra emphasized in the documentation.

sidenote: i plan on doing further testing to determine if this is something that could be configured to not be required. i suspect it may be because pangolin is https by default

<!-- gh-comment-id:2680254373 --> @natemergler commented on GitHub (Feb 25, 2025): > I can only confirm that Full (Strict) works because that is what we have done in our testing. It's likely that the other methods could work, I just haven't tested them all myself with Cloudflare. Try it out and let us know if it works for you! :) i can also confirm this will only work with full (strict). it would be nice for this to be extra emphasized in the documentation. sidenote: i plan on doing further testing to determine if this is something that could be configured to not be required. i suspect it may be because pangolin is https by default
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
api
authentication
bug
config
dependencies
docker
documentation
enhancement
good first issue
help wanted
Improvement
Look Into
needs investigating
networking
new feature
non-critical bug
potential bug
pull-request
Mirrored from GitHub Pull Request
 question
reverse proxy
Security
stale
ui
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/pangolin#8114
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?