Scenarios showcase on how Pangolin can adapt to different hypervisor environments-Part 2

Unraid Home Media and Development Setup with Pangolin

graph TB
    subgraph "Internet"
        VPS[Pangolin on VPS]
    end
    
    subgraph "Unraid Server"
        subgraph "Docker Network: medianet"
            JF[Jellyfin<br/>Container]
            PL[PhotoPrism<br/>Container]
            subgraph "Storage"
                M1[Media Array]
                M2[Media Cache]
            end
        end
        
        subgraph "Docker Network: devnet"
            CL[Coolify<br/>Container]
            VS[VSCode Server<br/>Container]
            subgraph "Development"
                D1[App Sources]
                D2[Docker Volumes]
            end
        end
        
        NEWT[Newt Container]
    end
    
    VPS <--> NEWT
    NEWT --> JF
    NEWT --> PL
    NEWT --> CL
    NEWT --> VS
    JF --> M1
    PL --> M2
    CL --> D1
    VS --> D2
    
    style VPS fill:#f9f,stroke:#333,stroke-width:4px
    style NEWT fill:#bbf,stroke:#333,stroke-width:2px
    
    classDef storage fill:#ffd,stroke:#333
    class M1,M2,D1,D2 storage

TrueNAS Home Cloud and Automation Setup with Pangolin.

I use old deployment and will update the guide in the future for docker based.

graph TB
    subgraph "Internet"
        VPS[Pangolin on VPS]
    end
    
    subgraph "TrueNAS Scale"
        subgraph "Apps K8s"
            NC[Nextcloud<br/>Pod]
            HA[Home Assistant<br/>Pod]
            subgraph "Storage Datasets"
                S1[Cloud Data]
                S2[Config Data]
            end
        end
        
        subgraph "IX-Applications"
            PG[Paperless-ngx<br/>Container]
            DB[Document DB<br/>Container]
            subgraph "Document Storage"
                D1[Scanned Files]
                D2[Processed Data]
            end
        end
        
        NEWT[Newt Pod]
    end
    
    VPS <--> NEWT
    NEWT --> NC
    NEWT --> HA
    NEWT --> PG
    NC --> S1
    HA --> S2
    PG --> D1
    DB --> D2
    
    style VPS fill:#f9f,stroke:#333,stroke-width:4px
    style NEWT fill:#bbf,stroke:#333,stroke-width:2px
    
    classDef storage fill:#ffd,stroke:#333
    class S1,S2,D1,D2 storage

Proxmox Development and Monitoring Setup with Pangolin


graph TB
    subgraph "Internet"
        VPS[Pangolin on VPS]
    end
    
    subgraph "Proxmox Node"
        subgraph "VM: Development Stack"
            GT[Gitea VM<br/>Port 3000]
            DZ[DozzleVM<br/>Port 9000]
            subgraph "Git Storage"
                G1[Repository Data]
                G2[CI Artifacts]
            end
        end
        
        subgraph "LXC: Monitoring"
            GF[Grafana LXC<br/>Port 3001]
            PR[Prometheus LXC<br/>Port 9090]
            subgraph "Metrics"
                M1[Time Series DB]
                M2[Dashboard Data]
            end
        end
        
        NEWT[Newt LXC]
    end
    
    VPS <--> NEWT
    NEWT --> GT
    NEWT --> DZ
    NEWT --> GF
    NEWT --> PR
    GT --> G1
    DZ --> G2
    GF --> M2
    PR --> M1
    
    style VPS fill:#f9f,stroke:#333,stroke-width:4px
    style NEWT fill:#bbf,stroke:#333,stroke-width:2px
    
    classDef storage fill:#ffd,stroke:#333
    class G1,G2,M1,M2 storage

Let me explain each scenario and how Pangolin enables these setups:

Unraid Scenario: Home Media and Development Environment

This setup demonstrates how to use Pangolin to secure access to both media services and development tools on Unraid:

  1. Media Stack:
  • Jellyfin container for streaming movies and TV shows
  • PhotoPrism for managing your photo collection
  • Secured behind Pangolin with family-specific access roles
  • Access via media.yourdomain.com and photos.yourdomain.com
  1. Development Stack:
  • Coolify for self-hosted application deployment
  • VSCode Server for remote development
  • Protected with developer-specific access controls
  • Access via dev.yourdomain.com and code.yourdomain.com

TrueNAS Scenario: Personal Cloud and Home Automation

I use old deployment and will update the guide in the future for docker based.

This configuration shows how to leverage TrueNAS Scale’s Kubernetes integration:

  1. Cloud Services:
  • Nextcloud pod for personal file storage and sync
  • Home Assistant pod for home automation
  • ZFS datasets for reliable data storage
  • Access via cloud.yourdomain.com and home.yourdomain.com
  1. Document Management:
  • Paperless-ngx for document scanning and organization
  • Dedicated database container for search functionality
  • Access via docs.yourdomain.com

Proxmox Scenario: Development Infrastructure and Monitoring

This setup illustrates a more complex development environment:

  1. Development Infrastructure:
  • Gitea VM for source code management
  • Dozzle VM for container log management
  • Running in separate VMs for isolation
  • Access via git.yourdomain.com and logs.yourdomain.com
  1. Monitoring Stack:
  • Grafana and Prometheus in LXC containers
  • System-wide monitoring and alerting
  • Access via metrics.yourdomain.com

Key Benefits of These Setups:

  1. Security:
  • No exposed ports on your home network
  • Centralized authentication through Pangolin
  • Granular access control for different user groups
  1. Ease of Management:
  • Single point of entry for all services
  • Consistent URL structure
  • Automated SSL certificate management
  1. Flexibility:
  • Easy to add new services
  • Platform-specific optimizations
  • Scalable as needs grow

To implement these scenarios:

  1. For Unraid:
# Docker network configuration
networks:
  medianet:
    driver: bridge
  devnet:
    driver: bridge

# Newt configuration
newt:
  image: fosrl/newt
  environment:
    - PANGOLIN_ENDPOINT=https://yourdomain.com
    - NEWT_ID=your_id
    - NEWT_SECRET=your_secret
  networks:
    - medianet
    - devnet
  1. For TrueNAS:
# Helm values for Newt
newt:
  deployment:
    image: fosrl/newt
    env:
      - name: PANGOLIN_ENDPOINT
        value: "https://yourdomain.com"
      - name: NEWT_ID
        value: "your_id"
      - name: NEWT_SECRET
        value: "your_secret"
  1. For Proxmox:
# LXC configuration for Newt
pct create 100 local:vztmpl/ubuntu-20.04-standard_20.04-1_amd64.tar.gz \
  --hostname newt \
  --net0 name=eth0,bridge=vmbr0,ip=dhcp \
  --cores 2 \
  --memory 2048 \
  --unprivileged 1

These scenarios showcase how Pangolin can adapt to different hypervisor environments while maintaining security and ease of use. The key is proper network segmentation and using Pangolin’s role-based access control to manage who can access which services.

Please See the Networking in part 3

1 Like