Create your OWN Home-Lab Tunnel with Pangolin NOW | Free VPS

Introduction

This tutorial guides you through creating your own home-lab tunnel using Pangolin on Oracle's free VPS. By setting up this custom tunnel, you can bypass Cloudflare's 100MB file upload limit, allowing you to leverage Oracle Cloud's always free services. You will learn to configure a virtual private server, set up a secure tunnel using Wireguard, and integrate Traefik for enhanced functionality.

Step 1: Set Up Your Oracle Cloud Account

• Go to the Oracle Cloud website and sign up for a free account.
• Verify your email and complete the registration process.
• Ensure you are utilizing the "Always Free" tier to avoid any charges.

Step 2: Create a Virtual Cloud Network (VCN) and Subnet

• Navigate to the Networking section in the Oracle Cloud dashboard.
• Create a new VCN:
  • Choose a name (e.g., HomeLabVCN).
  • Select the CIDR block (e.g., 10.0.0.0/16).
• Create a subnet within the VCN:
  • Name it (e.g., HomeLabSubnet).
  • Select a CIDR block (e.g., 10.0.1.0/24).
  • Make sure to enable public access.

Step 3: Create an Oracle Compute Instance

• Go to the Compute section and click on Create Instance.
• Choose an operating system (Ubuntu is recommended).
• Select the shape (ensure it’s within the free tier).
• Assign the instance to the subnet created earlier.
• Launch the instance and note the public IP address for later use.

Step 4: Connect Subnet to the Internet

• In the Networking section, configure the Internet Gateway.
• Attach the Internet Gateway to your VCN.
• Update your route table to direct traffic from the subnet to the Internet Gateway.

Step 5: Prepare the Server

• SSH into your VPS using the command:

  ssh ubuntu@<your-public-ip>
  

• Update the package list:

  sudo apt update && sudo apt upgrade -y
  

Step 6: Install Pangolin

• Install required dependencies:

  sudo apt install curl wget -y
  

• Fetch and install Pangolin:

  curl -o pangolin.sh https://link-to-pangolin-installation-script
  chmod +x pangolin.sh
  ./pangolin.sh
  

Step 7: Set Up DNS and HTTPS with DNS Challenge

• Configure your domain's DNS settings to point to your VPS IP.
• Use Certbot to obtain an SSL certificate:

  sudo apt install certbot
  sudo certbot certonly --manual --preferred-challenges=dns -d yourdomain.com
  

Step 8: Open Ports on the VPS

• Allow necessary ports through the firewall:

  sudo ufw allow 80/tcp
  sudo ufw allow 443/tcp
  sudo ufw allow 51820/udp  # For Wireguard
  sudo ufw enable
  

Step 9: Start Pangolin

• Start the Pangolin service using:

  sudo systemctl start pangolin
  

Step 10: Configure Pangolin Tunnel

• Follow the Pangolin documentation to set up your tunnel.
• Specify the server and client configurations, ensuring proper routing.

Step 11: Route Pangolin to Nginx Proxy Manager

• Install Nginx Proxy Manager:

  docker run -d -p 80:80 -p 443:443 --name npm --restart=always jc21/nginx-proxy-manager
  

• Access the Nginx Proxy Manager UI through your browser.

Step 12: Configure Proxy Host for Immich

• Create a new Proxy Host in Nginx for your Immich application.
• Set the target to your local service IP and port.

Step 13: Monitor Logs with GoAccess

• Install GoAccess for real-time log monitoring:

  sudo apt install goaccess
  

• Configure it to read your Nginx logs.

Step 14: Implement CrowdSec and Geo IP Blocking

• Install CrowdSec:

  sudo bash -c "$(curl -s https://get-crowdsec.sh)"
  

• Follow the setup instructions to enable blocking features.

Conclusion

By following these steps, you have successfully set up a home-lab tunnel using Pangolin on Oracle's free VPS. This setup allows you to bypass file upload limits and improve your self-hosting capabilities. Next, consider exploring additional plugins for Traefik or further configuring CrowdSec for enhanced security. Happy hosting!