-
GiteaMirror released this
2025-03-22 11:37:35 -05:00 | 2508 commits to main since this release📅 Originally published on GitHub: Sat, 22 Mar 2025 17:00:06 GMT
🏷️ Git tag created: Sat, 22 Mar 2025 16:37:35 GMTWhat's Changed
- Add new create site wizard
- Add basic implementation of
/adminpanel for server admin controls- To be expanded in the future
- Add "Adopt a Pangolin" supporter program
- Append timestamp to cookie name in attempt to fix redirect loop issue
- Fix broken link to docs in create TCP/UDP resource dialog
prefer_wildcard_certnow respects base-domain resources- Add CrowdSec disclaimer to auto installer
Full Changelog: https://github.com/fosrl/pangolin/compare/1.0.1...1.1.0
How to Update
Important
Always back up your config app-data before updating. This will allow you to easily roll back if the update breaks your configuration. You will not be able to easily downgrade otherwise.
"Adopt a Pangolin" Supporter Program
Starting with this release, we’ve introduced a Supporter Program for Pangolin.
Pangolin will always be free and open source, but maintaining the project takes a lot of time and resources. To help support ongoing development — including bug fixes, new features, and community support — we’ve added a way for users to directly contribute. We will not use this to paywall features.
If you’d like to support the project, you can purchase a supporter key to remove the support button and other marks from the UI. Afterward, you will get to learn a little bit about your adopted Pangolin!
We know it’s not the most exciting feature, but it helps us keep Pangolin healthy and moving forward.
Learn more about how it works and the available tiers here: https://docs.fossorial.io/supporter-program
New Create Site Wizard
Downloads
-
2025-03-10 10:09:38 -05:00 | 2529 commits to main since this release📅 Originally published on GitHub: Mon, 10 Mar 2025 15:28:27 GMT
🏷️ Git tag created: Mon, 10 Mar 2025 15:09:38 GMTWhat's Changed
- Return 401 instead of 400 on bad login
- Reset port input after adding target
- Append site name to resource to distinguish resources with same name
- Fix issue causing base domain resource to revert to subdomain resource on save auth methods
- Optimize container size
- Remove support for environment variables overriding config variables
- Remove functionality to automatically generate config files
Full Changelog: https://github.com/fosrl/pangolin/compare/1.0.0...1.0.1
How to Update
Important
Always back up your config app-data before updating. This will allow you to easily roll back if the update breaks your configuration. You will not be able to easily downgrade otherwise.
Attention Unraid Users!
Note
Ignore this if you're only running Newt on Unraid. This is for Unraid users who are running the Pangolin server on Unraid.
We’ve removed the feature that allowed certain configuration variables to be overridden by environment variables, except for the admin email and password. During the beta period, we made substantial changes to the configuration file structure, making it increasingly difficult to maintain compatibility with environment variables. Additionally, we’ve removed the functionality that automatically generated configuration and Traefik files when they were missing, as these features created more confusion than assistance.
From now on, all configuration must be done by manually editing the configuration files. This approach ensures a single source of truth and consistent configuration methods across all deployments, rather than having different methods for Unraid users (environment variables), Docker Compose (config files), etc.
Your existing deployment might break, but migrating is straightforward. Simply remove the old environment variables and update the configuration files according to your preferences. Refer to the documentation for guidance on how to correctly set up these files. The Unraid deploy guide has also been updated to reflect these changes.
Downloads
-
2025-03-04 10:14:31 -06:00 | 2545 commits to main since this release📅 Originally published on GitHub: Tue, 04 Mar 2025 16:34:05 GMT
🏷️ Git tag created: Tue, 04 Mar 2025 16:14:31 GMTWhat's Changed
Happy 1.0.0! 🎉
- Add optional
smtp_tls_reject_unauthorizedto email config - Minor visual enhancements
- Update screenshots in README
- Other very minor bug fixes
Full Changelog: https://github.com/fosrl/pangolin/compare/1.0.0-beta.15...1.0.0
How to Update
Important
Always back up your config app-data before updating. This will allow you to easily roll back if the update breaks your configuration. You will not be able to easily downgrade otherwise.
Downloads
- Add optional
-
2025-02-27 10:02:36 -06:00 | 2562 commits to main since this release📅 Originally published on GitHub: Thu, 27 Feb 2025 16:40:22 GMT
🏷️ Git tag created: Thu, 27 Feb 2025 16:02:36 GMTWhat's Changed
- Support for adding more than one base domain
- SSO works across multiple base domains
- Automatically install and configure Crowdsec via installer script
- Add option to add Crowdsec on new installs via installer script
- Add option to add Crowdsec to existing installs via installer script
- Add support h2c as method to resource target
- Strip :80 and :443 from domain to before matching to resource
- Fix Plex custom URL on iOS app connectivity issue
- Evaluate rules even if all auth is disabled for resource
- Fix bug causing targets and rules tables to only show 10 rows
- Delete stale data (expired sessions) from database on start up
Full Changelog: https://github.com/fosrl/pangolin/compare/1.0.0-beta.14...1.0.0-beta.15
How to Update
Important
Always back up your config app-data before updating. This will allow you to easily roll back if the update breaks your configuration. You will not be able to easily downgrade otherwise.
Automatic Crowdsec Add-on
If you already have Pangolin installed:
Fully update the latest Pangolin version first. Make sure she stack is not running, then, download the latest installer and rerun it as root. It will detect that you have already installed Pangolin and will prompt for a Crowdsec install. Respond yes.
Your stack will be brought down and backed up in the local directory. Crowdsec will be added to the config files and the stack will be brought back up. If config is broken untar the backup created at runtime and replace.
For first time installs:
Go through installation steps as usual. The last question will ask if you want to install Crowdsec. Respond yes.
Multiple Base Domains
You can now use more than one domain in Pangolin. The migration script will handle migrating your old domain to the new config format. To add new domains, see the
domainssection of the Pangolin config file in the docs.Downloads
- Support for adding more than one base domain
-
2025-02-14 15:53:58 -06:00 | 2605 commits to main since this release📅 Originally published on GitHub: Fri, 14 Feb 2025 22:12:00 GMT
🏷️ Git tag created: Fri, 14 Feb 2025 21:53:58 GMTWhat's Changed
Mostly hotfixes coming off the 1.0.0-beta.13 release:
- Allow more special characters in rules
- Router refresh after clicking save to invalidate browser page cache
- Fix SQL FK constraint error that occurred when resetting password with 2Fa
- Allow underscores in target hostname (needed for Docker networks)
- Add IPv6 CIDR validation in rules middleware check
Full Changelog: https://github.com/fosrl/pangolin/compare/1.0.0-beta.13...1.0.0-beta.14
How to Update
Important
Always backup your config app-data before updating. This will allow you to easily roll back if the update breaks your configuration. You will not be able to easily downgrade otherwise.
Downloads
-
2025-02-13 13:48:35 -06:00 | 2615 commits to main since this release📅 Originally published on GitHub: Thu, 13 Feb 2025 20:10:58 GMT
🏷️ Git tag created: Thu, 13 Feb 2025 19:48:35 GMTWhat's Changed
- Resource access control rules for IPs, IP ranges, and URL path matching
- Add code snippets for Newt Docker commands in create site workflow
- Fix table row limit selector so it works
- Fix toast dismissal causing components to refresh
- Implement separate stricter rate limit on verify email and reset password request endpoints
- Allow more special characters in password
Full Changelog: https://github.com/fosrl/pangolin/compare/1.0.0-beta.12...1.0.0-beta.13
Access Control Rules
There are many use cases for access control rules. One of which is allowing mobile clients to interact with your service's API without getting redirected to authentication. This lets you require authentication when accessing from a browser and also allow the mobile client to connect. The below screenshot shows an example using Vaultwarden by allowing specific URL path patterns to bypass authentication.
How to Update
Always backup your config app-data before updating. This will allow you to easily roll back if the update breaks your configuration. You will not be able to easily downgrade otherwise.
Downloads
-
2025-02-04 21:46:41 -06:00 | 2654 commits to main since this release📅 Originally published on GitHub: Wed, 05 Feb 2025 04:03:19 GMT
🏷️ Git tag created: Wed, 05 Feb 2025 03:46:41 GMTWhat's Changed
- Allow resources to use the base domain if
allow_base_domain_resourcesflag is set - Add ability to transfer resource to different site
- Support using IP address in Gerbil's
base_endpointfield - Create resource dialog resets upon closing
- Fix bug preventing updating raw TCP/UDP port on existing resource
- Fix "Authentication" column sorting on resources table
- Use Traefik v3.3.3 in the installer
- Add Docker network config to docker compose for installer
New Contributors
- @synologyy made their first contribution in https://github.com/fosrl/pangolin/pull/120
- @j4n-e4t made their first contribution in https://github.com/fosrl/pangolin/pull/64
Full Changelog: https://github.com/fosrl/pangolin/compare/1.0.0-beta.11...1.0.0-beta.12
Cloudflare Proxy ON
We tested and can confirm that you can enable the Cloudflare Proxy (orange cloud) on your DNS records for Pangolin. You should setup wildcard certificates with your Cloudflare API keys and use Full (Strict) SSL mode. Read more on how to configure here.
Note: You're bound by the Cloudflare terms of service as soon as you enable the proxy.
How to Update
Always backup your config app-data before updating. This will allow you to easily roll back if the update breaks your configuration. You will not be able to easily downgrade otherwise.
Downloads
- Allow resources to use the base domain if
-
2025-01-31 14:11:48 -06:00 | 2681 commits to main since this release📅 Originally published on GitHub: Fri, 31 Jan 2025 21:20:31 GMT
🏷️ Git tag created: Fri, 31 Jan 2025 20:11:48 GMTWhat's Changed
Some more hotfixes:
- Fix filtering issue causing resources on local sites not to resolve
- Allow comma in passwords
- Fix migration ordering in auto migration script
Full Changelog: https://github.com/fosrl/pangolin/compare/1.0.0-beta.10...1.0.0-beta.11
Downloads
-
2025-01-30 21:47:56 -06:00 | 2685 commits to main since this release📅 Originally published on GitHub: Fri, 31 Jan 2025 04:54:31 GMT
🏷️ Git tag created: Fri, 31 Jan 2025 03:47:56 GMTWhat's Changed
These are mostly hotfixes and minor improvements after releasing beta.9.
- Fix bug causing Newts to pull targets for other sites as noted in #117
- Add copy entry point snippet after creating raw TCP/UDP resource
- Remove
secure_cookiesfrom config- Pangolin always prefers to use secure cookies when possible
- Remove quotes around autogenerated
smtp_portin installer - Add dot preceding domain name in create resource form
Full Changelog: https://github.com/fosrl/pangolin/compare/1.0.0-beta.9...1.0.0-beta.10
Downloads
-
2025-01-30 10:16:57 -06:00 | 2697 commits to main since this release📅 Originally published on GitHub: Thu, 30 Jan 2025 16:34:47 GMT
🏷️ Git tag created: Thu, 30 Jan 2025 16:16:57 GMTWhat's Changed
- Add support for creating raw TCP/UDP resources
- Support load balancing between multiple targets on a resource
- Refactor resource authentication to use exchange method by passing temporary session token in query param
- Necessary for multi-domain auth (full multi-domain support coming soon)
- Necessary to allow auth http (no-ssl) resources (some browsers still break this)
- Add
resource_session_request_paramto config - Remove
resource_session_cookie_namefrom config
- Make http (no-ssl) resources functional
- Set
readTimeoutin Traefik config to prevent large file transfer limit - Allow using wildcard email in email whitelist, like:
*@example.com - Make emails case-insensitive
- Add
additional_middlewarestotraefiksection of config to allow setting custom middleware to resources - Add log statements for failed authentication attempts
- Enabled by setting
log_failed_attemptstotruein config
- Enabled by setting
- Updates to SMTP section of config
- All fields are not optional allowing use with unauthenticated SMTP server
- Option to set
smtp_secure(defaults tofalse) - Fall back to
smtp_userif nono-repyis set
- Add
dashboard_session_length_hoursandresource_session_length_hoursto allow setting custom session length - Remove permanent redirect from
redirect-to-httpsmiddleware - Surround strings in config with double quotes
- Use ID value in selectors for data-selected
- Log password reset code to console to allow password reset if no SMTP configured (temporary fix)
- Create sqlite db backup before running automated migration script on startup
- Add in-memory caching to authentication middleware very-session requests
Full Changelog: https://github.com/fosrl/pangolin/compare/1.0.0-beta.8..1.0.0-beta.9
Acknowledgements
- We recently opened up our GitHub sponsors page, and thank you to those of you who have already sponsored us!
- Thank you to @hhftechnology for writing a how-to guide to manually configure Crowdsec. We plan to automate this in the future.
- Thank you to @nkkfs for beginning the internationalization process with Polish.
How to Update
Note: The auto migration script included in the updated images should handle automatic migrations. No manual intervention should be required. But just in case, the following are important:
-
Make sure the Badger version is at least
v1.0.0-beta.3in the statictraefik_config.yml -
Make sure you have these set, especially
resource_session_request_param.
server: ... secure_cookies: true session_cookie_name: "p_session_token" resource_access_token_param: "p_token" resource_session_request_param: "p_session_request" ...- Update Newt to at least
1.0.0-beta.5. This is a requirement but if you plan to use TCP/UDP raw resources.
Downloads
mirror of
https://github.com/fosrl/pangolin.git
synced 2025-12-05 19:17:29 -06:00