pangolin_mirror/docs-v2
1
0
Fork 0
mirror of https://github.com/fosrl/docs-v2.git synced 2026-03-07 11:16:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

deploy

Browse Source
This commit is contained in:
miloschwartz
2025-08-01 22:37:15 -07:00
parent 6d4043229a
commit 75e9d83c5a
31 changed files with 1257 additions and 286 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
self-host/dns-and-networking.mdx
View File

@@ -57,7 +57,7 @@ You'll need to create A (or AAAA for IPv6) records pointing to your VPS IP addre
Pangolin requires these ports to be open on your VPS:
<CardGroup cols={3}>
<CardGroup cols={2}>
<Card title="TCP Port 80">
**HTTP/SSL Verification**
@@ -75,14 +75,22 @@ Pangolin requires these ports to be open on your VPS:
</Card>
<Card title="UDP Port 51820">
**WireGuard Tunnel**
**Site Tunnels**
- Newt client connections
- Gerbil tunnel endpoint
- Secure traffic routing
This is the default port for sites (Newt) to establish tunnels to the cloud exit node.
</Card>
<Card title="UDP Port 21820">
**Client Tunnels**
This is the default port for clients relaying through Gerbil to newt. This port is only required for clients.
</Card>
</CardGroup>
<Warning>
Always verify your exposed ports (e.g., with [nmap](https://nmap.org/) or [RustScan](https://github.com/bee-san/RustScan)) and ensure you expose **only** the ports that are absolutely necessary. By tunneling out to the VPS, you are effectively including the VPS in your security boundary, so you must secure it as part of your overall network strategy. For more details, see [Dockers port publishing documentation](https://docs.docker.com/engine/network/packet-filtering-firewalls/#port-publishing-and-mapping).
</Warning>
### Docker Port Exposure
By default, Pangolin exposes these ports on all interfaces: