I have been playing around with Pangolin, a really nice management system for exposing internal services over HTTPS.
However, I found that its internal wireguard networking does not play nicely if you already have another wireguard system, like tailscale, on the box. The solution was actually simple, but has a potential tripwire.
In your docker-compose.yml, set something like this under Gerbil’s ports:
- 51821:51821/udp
However, importantly: these ports must MATCH. You cannot have “- 51821:51820/udp” or similar. This will cause the Newt tunnels to fail.
Then, in pangolin/config/config.yml, make sure that the Gerbil port is set to 51821 or whatever your selected port is. Tada.