Back to All Tools

Show HN: Pangolin – Open source alternative to Cloudflare Tunnels

Show HN (score: 5)
Visit Tool
Found: July 10, 2025
ID: 238

Description

DevOps
Show HN: Pangolin – Open source alternative to Cloudflare Tunnels Pangolin is an open source self-hosted tunneled reverse proxy management server with identity and access control, designed to securely expose private resources through encrypted WireGuard tunnels running in user space.

We made Pangolin so you retain full control over your infrastructure while providing a user-friendly and feature-rich solution for managing proxies, authentication, and access, all with a clean and simple dashboard web UI.

GitHub: https://github.com/fosrl/pangolin

Deployment takes about 5 minutes on a VPS: https://docs.fossorial.io/Getting%20Started/quick-install

Demo by Lawrence Systems (YouTube): https://youtu.be/g5qOpxhhS7M?si=M1XTWLGLUZW0WzTv&t=723

Some use cases:

  - Grant users access to your apps from anywhere using just a web-browser

  - Proxy behind CGNAT

  - One application load balancer across multiple clouds and on-premises

  - Easily expose services on IoT and edge devices for field monitoring

  - Bring localhost online for easy access
A few key features:

  - No port forwarding and hide your public IP for self-hosting

  - Create proxies to multiple different private networks

  - OAuth2/OIDC identity providers

  - Role-based access control

  - Raw TCP and UDP support

  - Resource-specific pin codes, passwords, email OTP

  - Self-destructing shareable links

  - API for automation

  - WAF with CrowdSec and Geoblocking

More from Show

Show HN: Pi-hosts – Give the Pi coding agent access to your servers

Show HN: Pi-hosts – Give the Pi coding agent access to your servers I built that initially for an AI chat bot that allows teams to perform DevOps tasks straight out of Slack&#x2F;Teams (with proper permission control, obviously).<p>Useful to let developers perform mundane tasks, or help coordinate incident response.<p>I ended up using it myself on my own machine to manage Hetzner and AWS boxes. I thought that may be useful to others.<p>The default policy should be good enough, but if you don&#x27;t like living dangerously, you can set it to `paranoid`.<p>Install: `pi install npm:pi-hosts`<p>GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;hunvreus&#x2F;pi-hosts" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;hunvreus&#x2F;pi-hosts</a>

Show HN: 49Agents – 2D Canvas IDE for Orchestrating Agents, Repos, Issues

Show HN: 49Agents – 2D Canvas IDE for Orchestrating Agents, Repos, Issues Beads tables (Steve Yegge&#x27;s) for issue tracking. Can view git trees, terminals, issue tables, notes, and files all on one screen. Can connect multiple machines via private network (like tailscale)

Show HN: ClusterdOS – Kubernetes without the platform team

Show HN: ClusterdOS – Kubernetes without the platform team

No other tools from this source yet.