clean up client install/configure and add sidebar cta

2026-02-14 00:46:45 +00:00 · 2026-02-12 16:43:19 -08:00
parent 39429997d5
commit 202e25b9f6
103 changed files with 736 additions and 2 deletions
--- a/about/how-pangolin-works.mdx
+++ b/about/how-pangolin-works.mdx
@@ -4,6 +4,12 @@ icon: "brain"
 description: "Learn about the fundamentals of Pangolin and how they work together to provide simple and secure remote access."
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ## Basic Steps

 <Steps>
--- a/about/pangolin-vs-reverse-proxy-vs-vpn.mdx
+++ b/about/pangolin-vs-reverse-proxy-vs-vpn.mdx
@@ -4,6 +4,12 @@ icon: "book"
 description: "What are the similarities and differences between Pangolin and traditional reverse proxies and VPNs?"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Pangolin combines the capabilities of both a reverse proxy and a VPN into a single platform. It provides reverse proxy functionality through public resources and VPN functionality through private resources, all with zero-trust access control and distributed architecture.

 ## What Each Solution Provides
--- a/additional-resources/changelog.mdx
+++ b/additional-resources/changelog.mdx
@@ -3,5 +3,11 @@ title: "Changelog"
 icon: "clipboard-list"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 To view the complete changelog, please visit our [GitHub Releases
 page](https://github.com/fosrl/pangolin/releases).
--- a/additional-resources/trust-center.mdx
+++ b/additional-resources/trust-center.mdx
@@ -3,6 +3,12 @@ title: "Trust Center"
 icon: "scale-balanced"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 - [Terms of Service](https://pangolin.net/terms-of-service.html)
 - [Privacy Policy](https://pangolin.net/privacy-policy.html)
 - [AGLPv3](https://www.gnu.org/licenses/gpl-3.0.en.html)
--- a/careers/join-us.mdx
+++ b/careers/join-us.mdx
@@ -2,6 +2,12 @@
 title: "Join Us!"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 We are looking for talented engineers to join our team and help build secure remote access. If you're passionate about open-source software, networking, and security, we'd love to hear from you.

 ## About Pangolin
--- a/careers/software-engineer-full-stack.mdx
+++ b/careers/software-engineer-full-stack.mdx
@@ -2,6 +2,12 @@
 title: "Software Engineer - Full Stack"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 - Location: `San Francisco`
 - Salary: `$125k - $185k + 0.5% - 1.5% equity`
 - Years of experience: `3+`
--- a/careers/software-engineer-go.mdx
+++ b/careers/software-engineer-go.mdx
@@ -2,6 +2,12 @@
 title: "Software Engineer - Go + Network"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 - Location: `San Francisco`
 - Salary: `$125k - $185k + 0.5% - 1.5% equity`
 - Years of experience: `3+`
--- a/changelog.mdx
+++ b/changelog.mdx
@@ -3,6 +3,12 @@ title: "Changelog"
 description: "Updates and announcements"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Update label="March 2025" description="v0.0.10">
  Added a new Wintergreen flavor.

--- a/development/contributing.mdx
+++ b/development/contributing.mdx
@@ -3,6 +3,12 @@ title: "Contribution Guide"
 description: "Set up your local development environment for contributing to Pangolin"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 This guide describes how to set up your local development environment for contributing to Pangolin. We recommend using Docker Compose for the most consistent development experience across different environments.

 ## Prerequisites
--- a/development/feature-requests-and-bug-reports.mdx
+++ b/development/feature-requests-and-bug-reports.mdx
@@ -3,6 +3,12 @@ title: "Feature Requests & Bug Reports"
 description: "How to submit feature requests and report bugs for Pangolin"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 We welcome contributions from the community to help improve Pangolin. To ensure your feedback is properly tracked and prioritized, use the repository that matches the component where your issue or request belongs.

 ## Pick the Right Repository
--- a/development/system-architecture.mdx
+++ b/development/system-architecture.mdx
@@ -3,6 +3,12 @@
 "description": "Learn how the components of the system interact to form Pangolin"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ### Pangolin (Control Plane)

 Pangolin is the main control center that orchestrates the entire system:
--- a/index.mdx
+++ b/index.mdx
@@ -2,6 +2,12 @@
 title: "Introduction to Pangolin"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Pangolin is an open-source, identity-based remote access platform built on WireGuard that enables secure, seamless connectivity to private and public resources.

 <Frame caption="Screenshot of resources page from the Pangolin Dashboard.">
--- a/manage/access-control/approvals.mdx
+++ b/manage/access-control/approvals.mdx
@@ -3,6 +3,12 @@ title: "Device Approvals"
 description: "Only allow trusted devices to connect to an organization"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 	Only available in Pangolin Cloud and [Enterprise Edition](/self-host/enterprise-edition).
 </Note>
--- a/manage/access-control/change-password.mdx
+++ b/manage/access-control/change-password.mdx
@@ -3,6 +3,12 @@ title: "Change Password"
 description: "Change or reset your Pangolin account password"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ### Change Password

 If you're already logged in, you can change your password by clicking your profile menu (top right) and selecting Change Password. You will be required to confirm your old password and enter a new password.
--- a/manage/access-control/create-user.mdx
+++ b/manage/access-control/create-user.mdx
@@ -3,6 +3,12 @@ title: "Create User"
 description: "Add internal or external users to your organization"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Users can be added to organizations. When a user is added to Pangolin, there is a global user object and an organization‑specific user object that links that user to the organization. This allows a user to exist in one or more organizations.

 <Tip>
--- a/manage/access-control/forwarded-headers.mdx
+++ b/manage/access-control/forwarded-headers.mdx
@@ -3,6 +3,12 @@ title: "Forwarded Headers"
 description: "Learn how Pangolin forwards user identity information to your backend applications through HTTP headers"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Pangolin can forward user identity information to your backend applications through custom HTTP headers. This allows your applications to receive user details directly from the request headers, enabling integration with Pangolin's authentication system.

 <Info>
--- a/manage/access-control/login-page.mdx
+++ b/manage/access-control/login-page.mdx
@@ -3,6 +3,12 @@ title: "Custom Login Page"
 description: "Configure a custom authentication page URL for your organization"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 Custom auth pages are only available in Pangolin Cloud.
 </Note>
--- a/manage/access-control/mfa.mdx
+++ b/manage/access-control/mfa.mdx
@@ -3,6 +3,12 @@ title: "Multi-Factor Authentication"
 description: "Enable and manage two-factor authentication and enforcement for your organization"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Pangolin supports two‑factor authentication (2FA) for Pangolin user accounts.

 ### Enable or Disable 2FA
--- a/manage/access-control/password-rotation.mdx
+++ b/manage/access-control/password-rotation.mdx
@@ -3,6 +3,12 @@ title: "Password Rotation"
 description: "Configure password expiration and rotation requirements for your organization"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 By default, Pangolin does not require passwords to be rotated on a regular basis. However, password rotation can be required on a per‑organization basis.

 ### Configuration
--- a/manage/access-control/rules.mdx
+++ b/manage/access-control/rules.mdx
@@ -3,6 +3,12 @@ title: "Rules"
 description: "Configure rules to allow or deny access to resources without authentication"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Rules allow you to either "allow" and bypass the Pangolin auth system (no pin, login, password), or "deny" and fully reject the request. After you create a resource you can select the "Rules" tab on the sidebar and enable rules.

 <CardGroup cols={3}>
--- a/manage/access-control/security-keys.mdx
+++ b/manage/access-control/security-keys.mdx
@@ -3,6 +3,12 @@ title: "Security Keys"
 description: "Use security keys for passwordless login to your Pangolin account"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 You can log in with security keys, also known as passwordless login. On the login page, there is an option below the login button to Log in with security key.

 ### Add a Security Key
--- a/manage/access-control/session-length.mdx
+++ b/manage/access-control/session-length.mdx
@@ -3,6 +3,12 @@ title: "Session Length"
 description: "Configure maximum session length and expiration policies for your organization"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 By default, Pangolin keeps extending a session indefinitely if a user is actively using it. If a user is not actively using the session, it will expire after 30 days.

 However, you can require users to log in at regular intervals by enforcing maximum session lengths on a per‑organization basis.
--- a/manage/analytics/access.mdx
+++ b/manage/analytics/access.mdx
@@ -3,6 +3,12 @@ title: "Access Logs"
 description: "Access logs are a record of each access attempt to a Pangolin resource"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Access logs provide detailed information about each access attempt made to your Pangolin resources. These logs help you monitor and analyze user activity each time they attempt to authenticate.

 <Note>
--- a/manage/analytics/action.mdx
+++ b/manage/analytics/action.mdx
@@ -3,6 +3,12 @@ title: "Action Logs"
 description: "Action logs are a record of each event taken by users in the Pangolin system"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Action logs provide an audit trail of administrative actions and configuration changes made within your Pangolin organization. These logs help you track who made what changes and when.

 <Note>
--- a/manage/analytics/request.mdx
+++ b/manage/analytics/request.mdx
@@ -3,6 +3,12 @@ title: "Request Logs"
 description: "Request logs are a record of each HTTP request to a resource"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Request logs provide detailed information about every HTTP request made to your Pangolin resources. These logs capture both successful and denied requests along with comprehensive request metadata.

 ## What are Request Logs?
--- a/manage/asnblocking.mdx
+++ b/manage/asnblocking.mdx
@@ -3,6 +3,12 @@ title: "ASN Blocking"
 description: "Configure ASN blocking to restrict access based on Autonomous System Numbers"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 ASN blocking is available in Pangolin community! Protect your resources by blocking or allowing specific networks and service providers.
 </Note>
--- a/manage/blueprints.mdx
+++ b/manage/blueprints.mdx
@@ -4,6 +4,12 @@ icon: "file-code"
 description: "Pangolin Blueprints are declarative configurations that allow you to define your resources and their settings in a structured format"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Blueprints provide a way to define your Pangolin resources and their configurations in a structured, declarative format. This allows for easier management, version control, and automation of your resource setups.

 <iframe
--- a/manage/branding.mdx
+++ b/manage/branding.mdx
@@ -4,6 +4,12 @@ icon: "brush"
 description: "Learn how to customize the look your Pangolin dashboard and login pages with custom branding"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 Branding is only available in [Enterprise Edition](/self-host/enterprise-edition).
 </Note>
--- a/manage/clients/archiving-blocking.mdx
+++ b/manage/clients/archiving-blocking.mdx
@@ -3,6 +3,12 @@ title: "Archiving & Blocking"
 description: "Manage clients and block unwanted connections"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ## Blocking Devices

 To block a device that has been compromised or lost:
--- a/manage/clients/configure-client.mdx
+++ b/manage/clients/configure-client.mdx
@@ -3,6 +3,12 @@ title: "Configure Clients"
 description: "Configure Olm for connecting to Pangolin clients"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ## GUI Clients (Mac, Windows, Android, iOS/iPadOS)

 Each respective client has a preferences window with all currently available configuration parameters. In your desktop client, click the menu bar or system tray icon, select "More" in the menu, and click "Preferences". In the mobile apps, navigate to the "Settings" screen.
--- a/manage/clients/credentials.mdx
+++ b/manage/clients/credentials.mdx
@@ -3,6 +3,12 @@ title: "Client Credentials"
 description: "Understanding how client credentials work and how they can be rotated & regenerated"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ## Understanding Credentials

 Every machine client is provisioned with a unique identifier (ID), secret, and endpoint. The client uses the combination of these three to establish a secure, encrypted connection to the server.
--- a/manage/clients/fingerprinting.mdx
+++ b/manage/clients/fingerprinting.mdx
@@ -4,6 +4,12 @@ description:
  'A summary of device information that is collected during the connection'
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ## Device Fingerprinting

 Pangolin clients collect device fingerprinting information and can perform
--- a/manage/clients/install-client.mdx
+++ b/manage/clients/install-client.mdx
@@ -3,6 +3,12 @@ title: "Install Clients"
 description: "Install native clients for Mac, Windows, and Linux"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ## Windows

 - [Pangolin for Windows Installer](https://pangolin.net/downloads/windows) - This is the official page to download the latest installer file for Windows.
--- a/manage/clients/understanding-clients.mdx
+++ b/manage/clients/understanding-clients.mdx
@@ -3,6 +3,12 @@ title: "Understanding Clients"
 description: "Create a client to connect to your Pangolin network from a remote computer"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 A client is a way to access resources on sites remotely and privately via a virtual private network. Clients are used with private resources to faciliate zero-trust network access.

 By default a client does not have access to any hosts on the local network of the site. Admins must explicitly define resources on the site and give specific users and roles access to the resources.
--- a/manage/clients/update-client.mdx
+++ b/manage/clients/update-client.mdx
@@ -3,6 +3,12 @@ title: "Update Clients"
 description: "Update your installed client to the latest version"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ## Mac and Windows

 ### Automatic Updates (Recommended)
--- a/manage/domains.mdx
+++ b/manage/domains.mdx
@@ -4,6 +4,12 @@ icon: "globe"
 description: "Learn how to configure domains for your Pangolin resources and understand the different domain types available"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Domains allow you to access your Pangolin resources through custom URLs. Pangolin supports different domain types depending on your deployment model and requirements.

 ## Getting Started
--- a/manage/geoblocking.mdx
+++ b/manage/geoblocking.mdx
@@ -3,6 +3,12 @@ title: "Geo-blocking"
 description: "Configure geo blocking to restrict access based on geographic location"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 Geoblocking is available in Pangolin community! Make sure to follow this guide for how to enable: [Enabling Geo Blocking](/self-host/advanced/enable-geoblocking)
 </Note>
--- a/manage/identity-providers/add-an-idp.mdx
+++ b/manage/identity-providers/add-an-idp.mdx
@@ -3,6 +3,12 @@ title: "Add Identity Providers"
 description: "Configure external identity providers for user authentication to resources and the organization"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Identity providers allow your users to log into Pangolin and Pangolin resources using their existing accounts from external identity systems like Google, Microsoft Azure, or Okta. Instead of creating separate Pangolin accounts, users can authenticate with their familiar work or personal credentials.

 Here is an example using Microsoft Azure Entra ID as SSO for Pangolin:
--- a/manage/identity-providers/auto-provisioning.mdx
+++ b/manage/identity-providers/auto-provisioning.mdx
@@ -3,6 +3,12 @@ title: "Auto Provisioning"
 description: "Automatically create and manage user accounts from external identity providers"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Auto provisioning is a feature that allows you to automatically create and manage user accounts in Pangolin when they log in using an external identity provider rather than pre-provisioning a user with a role. This is useful for organizations that want to streamline the onboarding process for new users and ensure that their user accounts are always up-to-date.

 You will be able to programmatically decide the roles and organizations for new users based on the information provided by the identity provider.
--- a/manage/identity-providers/azure.mdx
+++ b/manage/identity-providers/azure.mdx
@@ -3,6 +3,12 @@ title: "Azure Entra ID"
 description: "Configure Azure Entra ID Single Sign-On"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 Azure SSO is only available on Pangolin Cloud and [Enterprise Edition](/self-host/enterprise-edition) deployments. In [Enterprise Edition](/self-host/enterprise-edition), you must set `app.identity_provider_mode: "org"` in your [private config file](/self-host/advanced/private-config-file) `privateConfig.yml`.
 </Note>
--- a/manage/identity-providers/google.mdx
+++ b/manage/identity-providers/google.mdx
@@ -3,6 +3,12 @@ title: "Google"
 description: "Configure Google Single Sign-On"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 Google SSO is only available on Pangolin Cloud and [Enterprise Edition](/self-host/enterprise-edition) deployments. In [Enterprise Edition](/self-host/enterprise-edition), you must set `app.identity_provider_mode: "org"` in your [private config file](/self-host/advanced/private-config-file#param-use-org-only-idp) `privateConfig.yml`.
 </Note>
--- a/manage/identity-providers/openid-connect.mdx
+++ b/manage/identity-providers/openid-connect.mdx
@@ -3,6 +3,12 @@ title: "OAuth2/OIDC"
 description: "Configure OpenID Connect identity provider for external authentication"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 This identity provider follows the OpenID Connect protocol. This means that it can be used to connect to any external identity provider that supports the OpenID Connect protocol such as Authentik, Keycloak, Okta, etc.

 ## Creating a Generic OAuth2/OIDC IdP in Pangolin
--- a/manage/identity-providers/pocket-id.mdx
+++ b/manage/identity-providers/pocket-id.mdx
@@ -3,6 +3,12 @@ title: "Pocket ID"
 description: "Configure Pocket ID Single Sign-On using OpenID Connect"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 The following steps will integrate Pocket ID with Pangolin SSO using OpenID Connect (OIDC).

 ## Prerequisites
--- a/manage/identity-providers/zitadel.mdx
+++ b/manage/identity-providers/zitadel.mdx
@@ -3,6 +3,12 @@ title: "Zitadel"
 description: "Configure Zitadel Single Sign-On using OpenID Connect"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 The following steps will integrate Zitadel with Pangolin SSO using OpenID Connect (OIDC).

 ## Prerequisites
--- a/manage/integration-api.mdx
+++ b/manage/integration-api.mdx
@@ -4,6 +4,12 @@ icon: "cube"
 description: "Learn how to use Pangolin's REST API to automate and script operations with fine-grained permissions"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Warning>
 Pangolin is in heavy development. The REST API routes and behavior may include breaking changes between updates. We will do our best to document large changes.
 </Warning>
--- a/manage/integration-api/using-the-integration-api.mdx
+++ b/manage/integration-api/using-the-integration-api.mdx
@@ -3,6 +3,12 @@ title: "Integration API"
 description: "Learn how to use Pangolin's REST API to automate and script operations with fine-grained permissions"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 The API is REST-based and supports many operations available through the web interface. Authentication uses Bearer tokens, and you can create multiple API keys with specific permissions for different use cases.

 <Info>
--- a/manage/organizations/org-id.mdx
+++ b/manage/organizations/org-id.mdx
@@ -3,6 +3,12 @@ title: "Organization ID"
 description: "Understand organization IDs and how to locate yours in the dashboard"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Pangolin is multi-tenant. All sites, resources, clients, and other items belong to an organization, and a server can host more than one organization.

 Each organization has a unique ID that Pangolin generates when you create the organization. You cannot change the ID after creation, and it is separate from the display name.
--- a/manage/remote-node/config-file.mdx
+++ b/manage/remote-node/config-file.mdx
@@ -3,6 +3,12 @@ title: "Configuration File"
 description: "Configure your remote node using the config.yml file"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 The `config.yml` file includes basic config variable for your remote node. This file is mounted at `config/config.yml` in your Docker container.

 Minimal configuration file:
--- a/manage/remote-node/quick-install-remote.mdx
+++ b/manage/remote-node/quick-install-remote.mdx
@@ -3,6 +3,12 @@ title: "Quick Install Guide"
 description: "Deploy your own remote Pangolin node in under 10 minutes with our automated installer"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <iframe
  className="w-full aspect-video rounded-xl"
  src="https://www.youtube.com/embed/iPdK8M0cb9s"
--- a/manage/remote-node/understanding-nodes.mdx
+++ b/manage/remote-node/understanding-nodes.mdx
@@ -3,6 +3,12 @@ title: "Remote Nodes"
 description: "Control your own Pangolin node with cloud management"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 	Remote Nodes are available in Pangolin Cloud and self-hosted [Enterprise Edition](/self-host/enterprise-edition).
 </Note>
--- a/manage/resources/private/alias.mdx
+++ b/manage/resources/private/alias.mdx
@@ -3,6 +3,12 @@ title: "Aliases"
 description: "Set a friendly alias hostname that resolves to a host"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Aliases provide a secondary, user-friendly address for any of your Resources, allowing users to access the Resource using this alternate name in addition to the original address.

 For instance, a router with the address `10.0.0.1` could be assigned the alias `router.internal`, and users could connect using either. Aliases are accessible to anyone who has access to the Resource, and they are exclusively accessible when connected with a Pangolin client, meaning they function without requiring any external DNS record setup. Furthermore, aliases are protocol agnostic, which means they will work with any network protocol, essentially acting as a pseudo-A record for an address that is only functional within the Pangolin environment.
--- a/manage/resources/private/authentication.mdx
+++ b/manage/resources/private/authentication.mdx
@@ -3,6 +3,12 @@ title: "Authentication"
 description: "Only allow access to Resources to specific users, roles, and machines"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 When a client connects into an organization they will **NOT** have access to any Resources by default. Access must be explicitly granted to users, roles, or machines for a WireGuard tunnel to be established to the site hosting the Resource. The Client will show no peers unless access is granted.

 Access can be granted in several ways:
--- a/manage/resources/private/destinations.mdx
+++ b/manage/resources/private/destinations.mdx
@@ -3,6 +3,12 @@ title: "Destinations"
 description: "Understand connection options to the remote network"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 A Resource's **destination** can be defined in several ways:

 * **Fully Qualified Domain Name (FQDN):** For example, `host.autoco.internal`.
--- a/manage/resources/public/authentication.mdx
+++ b/manage/resources/public/authentication.mdx
@@ -3,6 +3,12 @@ title: "Authentication"
 description: "Create identity and context aware rules to allow access"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Though public resources are public and accessible to via a web browser, admins can create rules to enable a layer of authenticated protection in front of public resources. By default, all public resources have Pangolin auth (Platform SSO) enabled, but a number of other authentication methods are available.

 When an unauthenticated user visits a resource in their web browser, they will be redirected to a Pangolin-controlled authentication page where they must complete authentication.
--- a/manage/resources/public/healthchecks-failover.mdx
+++ b/manage/resources/public/healthchecks-failover.mdx
@@ -3,6 +3,12 @@ title: "Health Checks"
 description: "Configure automated health monitoring and failover for resources"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Pangolin provides automated health checking for targets to ensure traffic is only routed to healthy services. Health checks are essential for building highly available services, as they automatically remove unhealthy targets from traffic routing and load balancing.

 ## How Health Checks Work
--- a/manage/resources/public/maintenance.mdx
+++ b/manage/resources/public/maintenance.mdx
@@ -3,6 +3,12 @@ title: "Maintenance Page"
 description: "Show a maintenance page to users when a resources is down for maintenance or targets are unhealthy"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 Maintenance pages are only available in [Enterprise Edition](/self-host/enterprise-edition).
 </Note>
--- a/manage/resources/public/raw-resources.mdx
+++ b/manage/resources/public/raw-resources.mdx
@@ -3,6 +3,12 @@ title: "TCP & UDP"
 description: "Configure raw TCP and UDP traffic through Pangolin tunnels"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 This feature is only available in self-hosted Pangolin instances. If you're using Pangolin Cloud, you will need to deploy a remote node.
 </Note>
--- a/manage/resources/public/targets.mdx
+++ b/manage/resources/public/targets.mdx
@@ -3,6 +3,12 @@ title: "Targets"
 description: "Configure destination endpoints for resource routing and load balancing"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 When you create a resource in Pangolin, you define different targets that specify where traffic should be routed within your network. Each target represents a specific destination that the resource can proxy to when handling incoming requests.

 ## How Targets Work
--- a/manage/resources/understanding-resources.mdx
+++ b/manage/resources/understanding-resources.mdx
@@ -3,6 +3,12 @@ title: "Understanding Resources"
 description: "Resources are any network address you want to make available to users"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Resources represent the applications, hosts, or ranges you make available for remote access to users. Resources exist on the remote networks of your sites. Users only ever think about connecting to resources and not specific sites.

 By default, no resources are made available on sites. Admins must define resources with backend targets, and assign specific access policies before any users can gain access.
--- a/manage/sites/configure-site.mdx
+++ b/manage/sites/configure-site.mdx
@@ -3,6 +3,12 @@ title: "Configure Sites"
 description: "Configure Newt for connecting to Pangolin sites"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ## Flags

 <ResponseField name="id" type="string" required>
--- a/manage/sites/credentials.mdx
+++ b/manage/sites/credentials.mdx
@@ -3,6 +3,12 @@ title: "Site Credentials"
 description: "Understanding how site credentials work and how they can be rotated & regenerated"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ## Understanding Credentials

 Every site is provisioned with a unique identifier (ID), secret, and endpoint. The site uses the combination of these three to establish a secure, encrypted connection to the server.
--- a/manage/sites/install-kubernetes.mdx
+++ b/manage/sites/install-kubernetes.mdx
@@ -1,7 +1,13 @@
 ---
 title: "Kubernetes"
 description: "How to deploy a Newt Site on Kubernetes"
---
+---
+
+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+

 This guide walks you through setting up Newt on Kubernetes using Helm.

--- a/manage/sites/install-site.mdx
+++ b/manage/sites/install-site.mdx
@@ -3,6 +3,12 @@ title: "Install Sites"
 description: "Install Newt as a binary or Docker container"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Newt can be installed as either a static binary executable or a Docker container. You must first create a site and copy the Newt config in Pangolin before running Newt.

 ## Binary Installation
--- a/manage/sites/understanding-sites.mdx
+++ b/manage/sites/understanding-sites.mdx
@@ -3,6 +3,12 @@ title: "Understanding Sites"
 description: "Create a site to connect to a remote network and expose resources"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 A site is a connection to a remote network that allows Pangolin to provide access to resources, whether public or private, to users anywhere. Sites are the foundation for exposing resources because all resources exist on one or more sites. Newt is Pangolin's custom software connector that facilitates the connection and addresses the targets on the remote networks.

 ## The Basics
--- a/manage/sites/update-site.mdx
+++ b/manage/sites/update-site.mdx
@@ -3,6 +3,12 @@ title: "Update Sites"
 description: "Update Newt to the latest version"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 The update process depends on how you originally installed Newt.

 Find the latest version in the [GitHub releases](https://github.com/fosrl/newt/releases).
--- a/scripts/add-toc-cta-snippet.js
+++ b/scripts/add-toc-cta-snippet.js
@@ -0,0 +1,45 @@
+#!/usr/bin/env node
+/**
+ * One-off script: add PangolinCloudTocCta import and usage to every MDX file.
+ * Run from repo root: node scripts/add-toc-cta-snippet.js
+ */
+
+const fs = require("fs");
+const path = require("path");
+
+const BLOCK = `import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+`;
+
+function findMdxFiles(dir, list = []) {
+  const entries = fs.readdirSync(dir, { withFileTypes: true });
+  for (const e of entries) {
+    const full = path.join(dir, e.name);
+    if (e.isDirectory()) findMdxFiles(full, list);
+    else if (e.name.endsWith(".mdx")) list.push(full);
+  }
+  return list;
+}
+
+function addSnippet(filePath) {
+  let content = fs.readFileSync(filePath, "utf8");
+  if (content.includes("pangolin-cloud-toc-cta.mdx")) return false; // already added
+  const close = content.indexOf("\n---", 3);
+  if (close === -1) return false;
+  const insertAt = close + 4; // after "\n---"
+  content = content.slice(0, insertAt) + BLOCK + content.slice(insertAt);
+  fs.writeFileSync(filePath, content);
+  return true;
+}
+
+const root = path.resolve(__dirname, "..");
+const files = findMdxFiles(root).filter(
+  (f) => !f.includes("snippets" + path.sep)
+);
+let added = 0;
+for (const f of files) {
+  if (addSnippet(f)) added++;
+}
+console.log(`Added snippet to ${added} of ${files.length} MDX files.`);
--- a/scripts/pangolin-cloud-toc-cta.js
+++ b/scripts/pangolin-cloud-toc-cta.js
@@ -0,0 +1,75 @@
+/**
+ * Shows the Pangolin Cloud CTA in the table of contents on every page.
+ * Moves the PangolinCloudTocCta snippet (MDX Card) into the TOC when present.
+ * Re-runs on SPA navigation; avoids duplicating when DOM re-renders (e.g. theme toggle).
+ */
+(function () {
+  const MAX_ATTEMPTS = 30;
+  const RETRY_MS = 150;
+  const DEBOUNCE_MS = 100;
+  const CTA_MARKER = "data-pangolin-toc-cta";
+
+  function moveSnippetToToc() {
+    const toc = document.getElementById("table-of-contents");
+    const source = document.getElementById("pangolin-toc-cta");
+    if (!toc || !source) return false;
+
+    if (toc.querySelector("[" + CTA_MARKER + "]")) {
+      const duplicate = source.firstElementChild;
+      if (duplicate) source.removeChild(duplicate);
+      return true;
+    }
+
+    const card = source.firstElementChild;
+    if (!card) return false;
+
+    source.removeChild(card);
+    card.setAttribute(CTA_MARKER, "true");
+    toc.appendChild(card);
+    return true;
+  }
+
+  function tryRun() {
+    moveSnippetToToc();
+  }
+
+  let debounceTimer = null;
+  function scheduleRun() {
+    if (debounceTimer) clearTimeout(debounceTimer);
+    debounceTimer = setTimeout(function () {
+      debounceTimer = null;
+      tryRun();
+    }, DEBOUNCE_MS);
+  }
+
+  function run() {
+    let attempts = 0;
+    const id = setInterval(function () {
+      attempts++;
+      if (moveSnippetToToc()) {
+        clearInterval(id);
+        observeForNavigation();
+        return;
+      }
+      if (attempts >= MAX_ATTEMPTS) {
+        clearInterval(id);
+        observeForNavigation();
+      }
+    }, RETRY_MS);
+  }
+
+  function observeForNavigation() {
+    const observer = new MutationObserver(function () {
+      if (document.getElementById("pangolin-toc-cta")) {
+        scheduleRun();
+      }
+    });
+    observer.observe(document.body, { childList: true, subtree: true });
+  }
+
+  if (document.readyState === "loading") {
+    document.addEventListener("DOMContentLoaded", run);
+  } else {
+    run();
+  }
+})();
--- a/self-host/advanced/cloudflare-proxy.mdx
+++ b/self-host/advanced/cloudflare-proxy.mdx
@@ -2,6 +2,12 @@
 title: "Cloudflare Proxy"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Pangolin works with Cloudflare proxy (orange cloud) enabled, but requires specific configuration:

 <Warning>
--- a/self-host/advanced/clustering.mdx
+++ b/self-host/advanced/clustering.mdx
@@ -2,6 +2,12 @@
 title: "Clustering for High Availability"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 Clustering is only available in [Enterprise Edition](/self-host/enterprise-edition). [Please reach out to us to deploy](https://pangolin.net/talk-to-us).
 </Note>
--- a/self-host/advanced/config-file.mdx
+++ b/self-host/advanced/config-file.mdx
@@ -3,6 +3,12 @@ title: "Configuration File"
 description: "Configure Pangolin using the config.yml file with detailed settings for all components"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 The `config.yml` file controls all aspects of your Pangolin deployment, including server settings, domain configuration, email setup, and security options. This file is mounted at `config/config.yml` in your Docker container.

 ## Setting up your `config.yml`
--- a/self-host/advanced/container-cli-tool.mdx
+++ b/self-host/advanced/container-cli-tool.mdx
@@ -3,6 +3,12 @@ title: "Internal CLI (pangctl)"
 description: "Command-line tool for managing your Pangolin instance"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 The Pangolin container includes a CLI tool called `pangctl` that provides commands to help you manage your Pangolin instance.

 ## Accessing the CLI
--- a/self-host/advanced/database-options.mdx
+++ b/self-host/advanced/database-options.mdx
@@ -3,6 +3,12 @@ title: "Database Options"
 description: "Configure SQLite or PostgreSQL database for Pangolin"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Pangolin supports two database options: SQLite for simplicity and PostgreSQL for production deployments.

 <CardGroup cols={2}>
--- a/self-host/advanced/enable-asnblocking.mdx
+++ b/self-host/advanced/enable-asnblocking.mdx
@@ -3,6 +3,12 @@ title: "Enable ASN Blocking"
 description: "Configuration requirements to enable ASN blocking in Pangolin"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 To enable ASN blocking in Pangolin Community you must download and place the Maxmind ASN database into the `config/` directory and update the config file. This can be done for free.

 <Tip>
--- a/self-host/advanced/enable-geoblocking.mdx
+++ b/self-host/advanced/enable-geoblocking.mdx
@@ -3,6 +3,12 @@ title: "Enable Geo-blocking"
 description: "Configuration requirements to enable geoblocking in Pangolin"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 To enable geoblocking in Pangolin Community you must download and place the Maxmind geoip database into the `config/` directory and update the config file. This can be done for free.

 <Tip>
--- a/self-host/advanced/integration-api.mdx
+++ b/self-host/advanced/integration-api.mdx
@@ -3,6 +3,12 @@ title: "Enable Integration API"
 description: "Enable and configure the Integration API for external access"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 The Integration API provides programmatic access to Pangolin functionality. It includes OpenAPI documentation via Swagger UI.

 ## Enable Integration API
--- a/self-host/advanced/metrics.mdx
+++ b/self-host/advanced/metrics.mdx
@@ -1,7 +1,13 @@
 ---
 title: "Metrics"
 description: "Enable and consume OpenTelemetry & vendor specific metrics"
---
+---
+
+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+

 We provide metrics in the **OpenTelemetry** (OTel) format and additionally support the following vendor backends:

--- a/self-host/advanced/postgresql.mdx
+++ b/self-host/advanced/postgresql.mdx
@@ -3,6 +3,12 @@ title: "Database Options"
 description: "Configure SQLite or PostgreSQL database for Pangolin"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ## Overview

 > Choose between SQLite (default) or PostgreSQL for your database
--- a/self-host/advanced/private-config-file.mdx
+++ b/self-host/advanced/private-config-file.mdx
@@ -3,6 +3,12 @@ title: "Private Configuration File"
 description: "Configure advanced Pangolin settings using the privateConfig.yml file for enterprise features"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 The `privateConfig.yml` file provides advanced configuration options for enterprise deployments. This file is mounted at `config/privateConfig.yml` in your Docker container.

 <Note>
--- a/self-host/advanced/timezone.mdx
+++ b/self-host/advanced/timezone.mdx
@@ -3,6 +3,12 @@ title: "Container Timezone"
 description: "Configure the timezone for Pangolin, Gerbil, and Traefik containers to match your local time."
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 By default, Docker containers report logs and timestamps in **UTC**. If you want the containers and their log output to use your local timezone, you need to set the timezone in both the container environment and mount the host timezone files.

 ## Updating your `docker-compose.yml`
--- a/self-host/advanced/wild-card-domains.mdx
+++ b/self-host/advanced/wild-card-domains.mdx
@@ -3,6 +3,12 @@ title: "Wildcard Domains"
 description: "Configure wildcard SSL certificates for automatic subdomain security with DNS-01 challenge"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Wildcard certificates allow you to secure unlimited subdomains with a single SSL certificate, eliminating the need to generate individual certificates for each subdomain. Pangolin uses Traefik's built-in Let's Encrypt integration to automatically manage these certificates.

 <Warning>
--- a/self-host/advanced/without-tunneling.mdx
+++ b/self-host/advanced/without-tunneling.mdx
@@ -3,6 +3,12 @@ title: "Without Tunneling"
 description: "Use Pangolin as a local reverse proxy without Gerbil tunneling"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Use Pangolin as a local reverse proxy and authentication manager

 You can use Pangolin without Gerbil and tunneling. In this configuration, Pangolin acts as a normal reverse proxy and authentication manager that can be deployed on your local network to provide access to resources.
--- a/self-host/choosing-a-vps.mdx
+++ b/self-host/choosing-a-vps.mdx
@@ -3,6 +3,12 @@ title: "Choosing a VPS"
 description: "Compare hosting options and find the best VPS for your Pangolin deployment"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Pangolin generally requires minimal resources to run effectively. A basic VPS with **1 vCPU, 1GB RAM, and 8GB SSD** is sufficient for most deployments.

 <CardGroup cols={2}>
--- a/self-host/community-guides/crowdsec.mdx
+++ b/self-host/community-guides/crowdsec.mdx
@@ -2,6 +2,12 @@
 title: "CrowdSec"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 This is a community guide and is not officially supported. If you have any issues, please reach out to the [author](https://github.com/Lokowitz).
 </Note>
--- a/self-host/community-guides/geoblock.mdx
+++ b/self-host/community-guides/geoblock.mdx
@@ -2,6 +2,12 @@
 title: "GeoBlock"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 This is a community guide and is not officially supported. If you have any issues, please reach out to the [author](https://github.com/Lokowitz).
 </Note>
--- a/self-host/community-guides/geolite2automation.mdx
+++ b/self-host/community-guides/geolite2automation.mdx
@@ -3,6 +3,12 @@ title: "GeoLite2 Automation"
 description: "A simple automation to download & update your GeoLite2 databases with geoipupdate"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 This is a community guide and is not officially supported. If you have any issues, please reach out to the [author](https://github.com/txwgnd).
 </Note>
--- a/self-host/community-guides/homeassistant.mdx
+++ b/self-host/community-guides/homeassistant.mdx
@@ -2,6 +2,12 @@
 title: "Home Assistant Add-on"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 This is a community add-on and is not officially supported. If you have any issues, please reach out to the [author](https://github.com/Ferdinand99/home-assistant-newt-addon).
 </Note>
--- a/self-host/community-guides/metrics.mdx
+++ b/self-host/community-guides/metrics.mdx
@@ -2,6 +2,12 @@
 title: "Metrics"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 This is a community guide and is not officially supported. If you have any issues, please reach out to the [author](https://github.com/Lokowitz).
 </Note>
--- a/self-host/community-guides/middlewaremanager.mdx
+++ b/self-host/community-guides/middlewaremanager.mdx
@@ -2,6 +2,12 @@
 title: "Middleware Manager"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>  
 This is a community guide and not officially supported. For issues, contributions, or bug reports, please use the [official GitHub repository](https://github.com/hhftechnology/middleware-manager).  
 </Note>  
--- a/self-host/community-guides/overview.mdx
+++ b/self-host/community-guides/overview.mdx
@@ -2,6 +2,12 @@
 title: "Overview"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 These are community written guides and are not officially supported. If you have any issues, please reach out to the authors or the community on [Discord](https://pangolin.net/discord) or [Github discussions](https://github.com/orgs/fosrl/discussions).
 </Note>
--- a/self-host/community-guides/remove-geoblock-plugin.mdx
+++ b/self-host/community-guides/remove-geoblock-plugin.mdx
@@ -2,6 +2,12 @@
 title: "Remove GeoBlock Plugin"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>
 This is a community guide and is not officially supported. If you have any issues, please reach out to the community on [Discord](https://pangolin.net/discord) or [Github discussions](https://github.com/orgs/fosrl/discussions).
 </Note>
--- a/self-host/community-guides/traefiklogsdashboard.mdx
+++ b/self-host/community-guides/traefiklogsdashboard.mdx
@@ -2,6 +2,12 @@
 title: "Traefik Log Dashboard (v2 – Agent Architecture)"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Note>  
 This is a community guide and is not officially supported. For issues or advanced configuration, please visit the [official repository](https://github.com/hhftechnology/traefik-log-dashboard).  
 </Note>  
--- a/self-host/dns-and-networking.mdx
+++ b/self-host/dns-and-networking.mdx
@@ -3,6 +3,12 @@ title: "DNS & Networking"
 description: "Configure your domain, DNS records, and network settings for Pangolin deployment"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Pangolin requires proper DNS configuration and network setup to function correctly. This guide covers domain setup, DNS records, port configuration, and networking considerations.

 ## DNS Configuration
--- a/self-host/enterprise-edition.mdx
+++ b/self-host/enterprise-edition.mdx
@@ -3,6 +3,12 @@ title: "Enterprise Edition"
 description: "Learn about Enterprise Edition features, licensing, and how to get started"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 When self-hosting Pangolin, you can choose to run the **Community Edition** or the **Enterprise Edition**. Both editions provide the same core functionality, but the Enterprise Edition unlocks additional features for qualifying users.

 ## Edition Comparison
--- a/self-host/how-to-update.mdx
+++ b/self-host/how-to-update.mdx
@@ -3,6 +3,12 @@ title: "How to Update"
 description: "Keep your Pangolin deployment up to date with the latest features and security patches"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Updating Pangolin is straightforward since it's a collection of Docker images. Simply pull the latest images and restart the stack. Migration scripts run automatically to update your database and configuration files when needed.

 ## Before You Update
--- a/self-host/manual/docker-compose.mdx
+++ b/self-host/manual/docker-compose.mdx
@@ -3,6 +3,12 @@ title: "Docker Compose"
 description: "Deploy Pangolin manually using Docker Compose without the automated installer"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 This guide walks you through setting up Pangolin manually using Docker Compose without the automated installer. This approach gives you full control over the configuration and deployment process.

 This guide assumes you already have a Linux server with Docker and Docker Compose installed. If you don't, please refer to the [official Docker documentation](https://docs.docker.com/get-docker/) for installation instructions. You must also have root access to the server.
--- a/self-host/manual/manual-install.mdx
+++ b/self-host/manual/manual-install.mdx
@@ -3,6 +3,12 @@ title: "Docker Compose"
 description: "Deploy managed Pangolin manually using Docker Compose without the automated installer"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <Tip>
 This guide is for managed self-hosted Pangolin. If you are looking for self-hosted Community Edition Pangolin please see this [Docker Compose](/self-host/manual/docker-compose) guide.
 </Tip>
--- a/self-host/manual/unraid.mdx
+++ b/self-host/manual/unraid.mdx
@@ -3,6 +3,12 @@ title: "Unraid Deployment"
 description: "Deploy Pangolin on Unraid for local reverse proxy and tunneling"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 ## Overview

 This guide explains how to use Pangolin and Traefik as a local reverse proxy without Gerbil and its tunneling features. The second (optional) part will expand on this and show how to enable tunneling by setting up Gerbil.
--- a/self-host/purchase-license-key.mdx
+++ b/self-host/purchase-license-key.mdx
@@ -3,6 +3,12 @@ title: "Purchase a License Key"
 description: "How to buy an Enterprise license key for Pangolin from the dashboard"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Buy an Enterprise license key directly from the Pangolin dashboard. You choose your tier, complete checkout, and get your key right away — in the dashboard and by email.

 ## How to buy a license key
--- a/self-host/quick-install.mdx
+++ b/self-host/quick-install.mdx
@@ -4,6 +4,12 @@ description: "Deploy your own fully self-hosted instance of Pangolin Community E

 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 <iframe
  className="w-full aspect-video rounded-xl"
  src="https://www.youtube.com/embed/0upWrqkJPy8?si=q0D-uR1IHuddaqeT"
--- a/self-host/supporter-program.mdx
+++ b/self-host/supporter-program.mdx
@@ -3,6 +3,12 @@ title: "Supporter Program"
 description: "Support Pangolin development and remove UI elements with a supporter key"
 ---

+import PangolinCloudTocCta from "/snippets/pangolin-cloud-toc-cta.mdx";
+
+<PangolinCloudTocCta />
+
+
+
 Pangolin self-hosted will always be free and open source, but maintaining the project takes time and resources. The supporter program helps fund ongoing development — including bug fixes, new features, and community support.

 <Note>
--- a/Show More
+++ b/Show More