Jump to content

Pangolin Self-Hosted Reverse Proxy Service

From Consumer Rights Wiki
Revision as of 00:22, 13 June 2026 by IlikeOpenSource (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Pangolin Self-Hosted Reverse Proxy Service
Basic Information
Release Year
Product Type
In Production Yes
Official Website https://pangolin.net/


An introductory paragraph starting with "Pangolin Self-Hosted Reverse Proxy Service is a ...[1]". When writing the article, insert text in the space below this box, and then delete this tip box (and the other tip boxes below). In the visual editor, just click on a box and press backspace to delete it. In the source editor, simply delete the double curly brackets, and the text inside them.

Add your text below this box. Once this section is complete, delete this box by clicking on it and pressing backspace.


Consumer-impact summary

[edit | edit source]

Overview of concerns that arise from the conduct towards users of the product (if applicable):

  • User freedom
  • User privacy
  • Business model
  • Market control

Add your text below this box. Once this section is complete, delete this box by clicking on it and pressing backspace.


Pangolin is a self-hosted open-source reverse proxy and identity-aware tunneling platform. While the core project remains GPL-licensed and self-hostable, recent releases introduce a consistent pattern where major new features are delivered in Enterprise or Cloud tiers rather than the Community Edition. This has resulted in a widening gap between the self-hosted version and paid deployments, particularly in identity management, infrastructure tooling, and remote access capabilities.

Feature gating by release (CE vs Enterprise divergence)

[edit | edit source]
Release Feature Area Community Edition (Self-Hosted) Enterprise / Cloud Edition Source
1.19.0 Enterprise-gated remote access
  • Standard client-based access only (Requires local client software)
  • Browser-based SSH
  • Browser-based RDP
  • Browser-based VNC
 https://github.com/fosrl/pangolin/releases/tag/1.19.0
1.18.0 Infrastructure platform features
  • Standard single-site routing
  • Exact-match resources only
  • Basic standard logging
  • Multi-site routing
  • Wildcard resources
  • System monitoring
  • Audit logging
 https://github.com/fosrl/pangolin/releases/tag/1.18.0
1.17.0 RBAC and access control scaling
  • Single role per user
  • Basic identity provider mapping
  • Multiple roles per user (Multi-role RBAC)
  • Advanced identity provider mapping
  • Tier-based access separation
 https://github.com/fosrl/pangolin/releases/tag/1.17.0
1.13.0 Identity and network model expansion
  • Standard tunneling only
  • No private resources
  • No device-based access policies
  • Private resources integration
  • Device-based access model
 https://github.com/fosrl/pangolin/releases/tag/1.13.0

Timeline of feature divergence

[edit | edit source]

1.19.0 – Enterprise-gated remote access

[edit | edit source]

Browser-based SSH, RDP, and VNC were introduced and explicitly documented as Cloud/Enterprise-only features.

Features Excluded from GPL (Community Edition):

  • Browser-based SSH
  • Browser-based RDP
  • Browser-based VNC

Source: https://github.com/fosrl/pangolin/releases/tag/1.19.0 Docs: https://docs.pangolin.net/manage/ssh

1.18.0 – Infrastructure platform features

[edit | edit source]

Introduced multi-site routing, wildcard resources, monitoring, and audit logging, moving the project toward infrastructure orchestration functionality.

Features Excluded from GPL (Community Edition):

  • Multi-site routing
  • Wildcard resources
  • Monitoring tooling
  • Audit logging

Source: https://github.com/fosrl/pangolin/releases/tag/1.18.0

1.17.0 – RBAC and access control scaling

[edit | edit source]

Expanded RBAC to support multiple roles per user and improved identity provider mapping. This release establishes the foundation for tier-based access separation.

Features Excluded from GPL (Community Edition):

  • Support for multiple roles per user
  • Advanced identity provider mapping

Source: https://github.com/fosrl/pangolin/releases/tag/1.17.0

1.13.0 – Identity and network model expansion

[edit | edit source]

Introduced private resources and a device-based access model, expanding Pangolin beyond simple tunneling into structured identity-based networking.

Features Excluded from GPL (Community Edition):

  • Private resources
  • Device-based access model

Source: https://github.com/fosrl/pangolin/releases/tag/1.13.0

Consumer impact

[edit | edit source]

The Community Edition continues to provide core tunneling functionality, but newer releases increasingly restrict major platform features to Enterprise or Cloud tiers. The result is a structured divergence between:

  • Community Edition: base self-hosted tunneling system
  • Enterprise/Cloud: full feature platform with advanced identity, infrastructure, and remote access tooling

See also

[edit | edit source]
  • Open-core software model
  • Self-hosted infrastructure platforms
  • WireGuard
  • Cloudflare Tunnels
  • Twingate
  1. ref goes here
Retrieved from "https://consumerrights.wiki/index.php?title=Pangolin_Self-Hosted_Reverse_Proxy_Service&oldid=57647"