Proxmox Script for Pangolin Installation

Servers Virtualization
,
1

Setting Up Pangolin on Proxmox: A Step-by-Step Guide

Pangolin is a powerful self-hosted reverse proxy management server with identity and access management capabilities. This guide will walk you through the process of installing Pangolin on a Proxmox VE container using our automated installation script.

Prerequisites

Before you begin, make sure you have:

  • A Proxmox VE server running (version 6.x or later)
  • Administrative access to your Proxmox host
  • A domain name that points to your Proxmox server’s IP address
  • Ports 80 and 443 forwarded to your Proxmox server (from your router/firewall)
  • Basic familiarity with Linux command line

Creating a Container for Pangolin

First, you’ll need a container where Pangolin will run:

  1. Log in to your Proxmox web interface
  2. Create a new LXC container with these minimum specifications:
    • OS: Debian 11 or Ubuntu 20.04+
    • CPU: 1 core (2+ recommended)
    • RAM: 1GB minimum (2GB+ recommended)
    • Storage: 8GB minimum
    • Network: DHCP or static IP configuration
  3. Start the container and note its CTID (Container ID) - you’ll need this later

Downloading and Running the Installation Script

  1. SSH into your Proxmox host server (not the container)
  2. Download the installation script:
    wget -O install-pangolin.sh https://gist.githubusercontent.com/hhftechnology/875fbf4fcfb1fcdeeb7fd1c086475b94/raw/a4363302d29356835e752f1eda172e32a29e45af/install-pangolin.sh
  3. Make the script executable:
    chmod +x install-pangolin.sh
  4. Run the script as root:
    sudo ./install-pangolin.sh

Providing the Required Information

The script will prompt you for several pieces of information:

  1. Container ID (CTID): Enter the ID number of the container you created earlier.

  2. Domain Name: Enter your fully qualified domain name (e.g., proxy.example.com). This domain must be pointed to your Proxmox server’s IP address.

  3. Admin Email: Enter the email address you want to use for the Pangolin administrator account.

  4. Admin Password: Create a strong password for the administrator account. The password must have:

    • At least 8 characters
    • At least one uppercase letter
    • At least one lowercase letter
    • At least one number
    • At least one special character

  5. Let’s Encrypt Email: Enter the email address for Let’s Encrypt certificate notifications. You can press Enter to use the same email as the admin account.

Installation Process

Once you’ve provided all the required information, the script will:

  1. Modify the container configuration to enable necessary features
  2. Install Docker and Docker Compose in the container if they’re not already installed
  3. Create the Pangolin configuration files with your customized settings
  4. Start the Pangolin and Traefik containers
  5. Verify the installation was successful

This process typically takes 2-5 minutes, depending on your server’s performance and internet connection speed.

Post-Installation Steps

After the script completes successfully, you’ll see a message with post-installation instructions. Here’s what you need to do next:

  1. DNS Configuration:

    • Make sure your domain (the one you entered during installation) is pointed to your Proxmox host’s IP address
    • Wait for DNS propagation to complete (can take a few minutes to several hours)

  2. Port Forwarding:

    • Ensure ports 80 and 443 are forwarded from your router to your Proxmox host
    • If needed, also set up any internal firewall rules to allow traffic to reach the container

  3. Initial Login:

    • Once DNS propagation is complete, open a web browser and navigate to https://your-domain.com
    • Log in with the admin email and password you provided during installation

  4. Creating Your First Organization:

    • After logging in, follow the on-screen prompts to create your first organization
    • Choose a descriptive name and a unique ID for your organization

  5. Setting Up Your First Site:

    • Navigate to the Sites tab and click “Add Site”
    • Give your site a name (e.g., “Home Network” or “Media Server”)
    • Choose “Local” as the connection method
    • Complete the site creation process

  6. Creating Your First Resource:

    • Go to the Resources tab and click “Add Resource”
    • Provide a name for the resource (e.g., “Media Server” or “Home Assistant”)
    • Choose a subdomain to access this resource
    • Select the site you created in the previous step
    • Under the Connectivity tab, add your target (internal IP and port of the service)
    • Configure authentication as needed
    • Save your changes

Troubleshooting Common Issues

If you encounter any issues during or after installation:

  • Certificate Issues: If Let’s Encrypt certificates aren’t being issued, make sure:

    • Your domain correctly points to your server’s IP
    • Ports 80 and 443 are properly forwarded
    • Your Let’s Encrypt email address is valid

  • Connection Refused: If you can’t connect to Pangolin after installation:

    • Check that the containers are running with pct enter <CTID> followed by docker ps
    • Verify that your firewall/router is properly forwarding traffic
    • Check the container logs with docker logs pangolin or docker logs traefik

  • Login Issues: If you can’t log in to the admin dashboard:

    • Double-check you’re using the correct email and password
    • If you’ve forgotten your password, you can reset it by modifying the config.yml file and restarting the container

Using Pangolin for Reverse Proxying

Now that Pangolin is installed, you can:

  1. Add More Resources: Each resource corresponds to a service you want to access through the reverse proxy
  2. Configure Authentication: Choose from various authentication methods for each resource
  3. Manage Access: Create more users and assign them appropriate roles
  4. Monitor Traffic: Use the dashboard to monitor the status of your resources

Conclusion

Congratulations! You now have a fully functional Pangolin installation running on your Proxmox server. This setup allows you to securely access your self-hosted services through a centralized, authenticated reverse proxy.

The installation script has streamlined the setup process, configuring both Pangolin and Traefik with secure defaults. As you become more familiar with Pangolin, you can customize it further to meet your specific needs.

Remember to keep both your Proxmox host and Pangolin container updated with security patches, and periodically check for updates to Pangolin itself.

2

Unfortunately, I have some issues with executing the script.

root@hv1:~/scripts# ./pangolin-proxmox-deploy.sh
./pangolin-proxmox-deploy.sh: line 668: syntax error near unexpected token `('
./pangolin-proxmox-deploy.sh: line 668: `        echo -e "${YELLOW}Installing UFW (Uncomplicated Firewall)...${NC}"'
root@hv1:~/scripts#
3

Maybe youbare able to add this to the community scripts from proxmox.
https://github.com/community-scripts/ProxmoxVE

1 Like
4

I’m planning to look into it mid-week. I’m aiming to have a fix or an update by max by next Tuesday EOD, but I can’t guarantee it given my current workload. I’ll do my best to keep you updated on my progress."

3 Likes
5

@daschmidt @hexagram1959 please retry and let me know.

6

So I tried it, but there seems to be a Problem with the domain. All Containers are running, but the dashboard isn’t available because there seems to be no dashbord-url?
My domain comes with cloudflare and work normally with a caddy reverse proxy.

7

image
image756Ă—661 12.4 KB

Not sure. will get back to you on this

ohhh my bad

it’s not setup for cloudflare.

Wildcard Certificates with Let’s Encrypt | Fossorial Docs
scroll at the bottom.

1 Like