bartronx7/guix-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

pangolin config

Browse source
This commit is contained in:
bartronx7 2025-12-23 17:22:17 -06:00
parent 045fb1a9d3
commit 66d23b3f67
8 changed files with 285 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
pangolin/config/GeoLite2-Country.mmdb Normal file
View file

Binary file not shown.

31
pangolin/config/config.yml Normal file
View file

@ -0,0 +1,31 @@
# To see all available options, please visit the docs:
# https://docs.pangolin.net/
gerbil:
start_port: 51820
base_endpoint: "pangolin.akeley.cloud"
app:
dashboard_url: "https://pangolin.akeley.cloud"
log_level: "info"
telemetry:
anonymous_usage: true
domains:
domain1:
base_domain: "akeley.cloud"
server:
secret: "UHZC9Y7nIQYpdJ3LaNjSH6Ntms38Yv8W"
cors:
origins: ["https://pangolin.akeley.cloud"]
methods: ["GET", "POST", "PUT", "DELETE", "PATCH"]
allowed_headers: ["X-CSRF-Token", "Content-Type"]
credentials: false
maxmind_db_path: "./config/GeoLite2-Country.mmdb"
flags:
require_email_verification: false
disable_signup_without_invite: true
disable_user_create_org: false
allow_raw_resources: true

BIN
pangolin/config/db/db.sqlite Normal file
View file

Binary file not shown.

1
pangolin/config/key Normal file
View file

@ -0,0 +1 @@
cFuN7GjSaK20nJVVAnBHU7cZLOqpYNPtQhu/PvcKslg=

57
pangolin/config/letsencrypt/acme.json Normal file
View file

File diff suppressed because one or more lines are too long

62
pangolin/config/traefik/dynamic_config.yml Normal file
View file

@ -0,0 +1,62 @@
http:
middlewares:
redirect-to-https:
redirectScheme:
scheme: https
routers:
# HTTP to HTTPS redirect router
main-app-router-redirect:
rule: "Host(`pangolin.akeley.cloud`)"
service: next-service
entryPoints:
- web
middlewares:
- redirect-to-https
# Next.js router (handles everything except API and WebSocket paths)
next-router:
rule: "Host(`pangolin.akeley.cloud`) && !PathPrefix(`/api/v1`)"
service: next-service
entryPoints:
- websecure
tls:
certResolver: letsencrypt
# API router (handles /api/v1 paths)
api-router:
rule: "Host(`pangolin.akeley.cloud`) && PathPrefix(`/api/v1`)"
service: api-service
entryPoints:
- websecure
tls:
certResolver: letsencrypt
# WebSocket router
ws-router:
rule: "Host(`pangolin.akeley.cloud`)"
service: api-service
entryPoints:
- websecure
tls:
certResolver: letsencrypt
services:
next-service:
loadBalancer:
servers:
- url: "http://pangolin:3002" # Next.js server
api-service:
loadBalancer:
servers:
- url: "http://pangolin:3000" # API/WebSocket server
tcp:
serversTransports:
pp-transport-v1:
proxyProtocol:
version: 1
pp-transport-v2:
proxyProtocol:
version: 2

51
pangolin/config/traefik/traefik_config.yml Normal file
View file

@ -0,0 +1,51 @@
api:
insecure: true
dashboard: true
providers:
http:
endpoint: "http://pangolin:3001/api/v1/traefik-config"
pollInterval: "5s"
file:
filename: "/etc/traefik/dynamic_config.yml"
experimental:
plugins:
badger:
moduleName: "github.com/fosrl/badger"
version: "v1.2.1"
log:
level: "INFO"
format: "common"
maxSize: 100
maxBackups: 3
maxAge: 3
compress: true
certificatesResolvers:
letsencrypt:
acme:
httpChallenge:
entryPoint: web
email: "barton@akeley.tech"
storage: "/letsencrypt/acme.json"
caServer: "https://acme-v02.api.letsencrypt.org/directory"
entryPoints:
web:
address: ":80"
websecure:
address: ":443"
transport:
respondingTimeouts:
readTimeout: "30m"
http:
tls:
certResolver: "letsencrypt"
serversTransport:
insecureSkipVerify: true
ping:
entryPoint: "web"

83
pangolin/docker-compose.yml Normal file
View file

@ -0,0 +1,83 @@
name: pangolin
services:
pangolin:
image: docker.io/fosrl/pangolin:1.13.0
container_name: pangolin
networks:
- pangolin
restart: unless-stopped
volumes:
- ./config:/app/config
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3001/api/v1/"]
interval: "10s"
timeout: "10s"
retries: 15
gerbil:
image: docker.io/fosrl/gerbil:1.3.0
container_name: gerbil
networks:
- pangolin
restart: unless-stopped
depends_on:
pangolin:
condition: service_healthy
command:
- --reachableAt=http://gerbil:3004
- --generateAndSaveKeyTo=/var/config/key
- --remoteConfig=http://pangolin:3001/api/v1/
volumes:
- ./config/:/var/config
cap_add:
- NET_ADMIN
- SYS_MODULE
ports:
- 51820:51820/udp
- 21820:21820/udp
- 443:443
- 80:80
traefik:
image: docker.io/traefik:v3.6
container_name: traefik
restart: unless-stopped
network_mode: service:gerbil # Ports appear on the gerbil service
depends_on:
pangolin:
condition: service_healthy
command:
- --configFile=/etc/traefik/traefik_config.yml
volumes:
- ./config/traefik:/etc/traefik:ro # Volume to store the Traefik configuration
- ./config/letsencrypt:/letsencrypt # Volume to store the Let's Encrypt certificates
- ./config/traefik/logs:/var/log/traefik # Volume to store Traefik logs
jellyfin:
image: jellyfin/jellyfin
container_name: jellyfin
hostname: jellyfin
networks:
- pangolin
ports:
- 8096:8096/tcp
- 7359:7359/udp
volumes:
- /root/jellyfin/config:/config
- /root/jellyfin/cache:/cache
- type: bind
source: /root/jellyfin/media
target: /media
restart: 'unless-stopped'
# Optional - alternative address used for autodiscovery
environment:
- JELLYFIN_PublishedServerUrl=http://example.com
# Optional - may be necessary for docker healthcheck to pass if running in host network mode
extra_hosts:
- 'host.docker.internal:host-gateway'
networks:
pangolin:
external: true