None so far. And I am using pretty much all the features.

It is also great for my current migration from docker compose to kubernetes.

A newt client on both and I can just switch on the pangolin side.

Using it for several weeks now. Very happy with it, especially now that it is integrated with OAuth, so SSO for getting through Pangolin itself and then on all the services it routes to.

Can second Pangolin, switched from cloudflare tunnels to it a couple weeks ago and I am very happy with it. Latest version now supports external OIDC!

Wow, thanks for all the great answers so far. As for why not latest:

1. Read a lot online and read multiple times it’s “bad practice”
2. Own experience: had latest on an app which crashed and wouldn’t come up again. Got the backup of the persistent volume back and then had the problem that latest at that point is not the same as latest when I spun it up. Actually had no idea which version I was running last and consequently what I would need to pull to fit my backup. In case I have to restore my cluster, this problem is multiplied.
3. I run NixOS on everything, so I am clearly biased towards reproducibility.
4. I am running Services for family and a fire brigade (nothing mission critical, just support stuff, but still…). Stability is important, as sometimes I do not have the time to immediately react to an issue. I prefer a lazy Sunday morning to update/fix and then leave it alone and stable.

So, probably a combination of latest for low criticality and pinned on critical stuff (e.g. authentication, access, etc.)

At the end of the day you have to trust someone (Bitwarden, Hoster, Hardware Manufacturer…). It comes down to your threat profile and what you personally accept as a risk vs. effort (or convenience). For me Bitwarden was acceptable, but I switched to self hosting Vaultwarden ca. 3 years ago. Main reasons being the advanced features (sharing some passwords with the family, setting up a tech savvy friend to take over my vault should I get hit by a bus, etc.). I did not have any relevant downtime of that service in years.

Just a quick update and shout-out to a cool project. After trying cloudflared, but not getting it to run stable, I ended up using Pangolin, a tunneled Mesh reverse proxy.

Currently trying to step up my game bv setting up kubernetes. Cluster is running, but I am really struggling getting the combination domain name, let’s encrypt and traefik, but without a cloud load balancer, to work. I feel like I went through most tutorials available, but it seems each one is missing a crucial part. Gonna invest some more hours today…