# Pangolin SSO Infrastructure - Quick Start **Status:** ✅ Deployed and Running **Date:** 2026-01-20 --- ## 🚀 TL;DR - What You Have **Three platforms deployed on brn (10.50.0.74):** | Platform | URL | Status | Action Needed | |----------|-----|--------|---------------| | **Authentik** | https://sso.obr.sh | ✅ Running | Create admin account | | **Pangolin** | https://tunnel.obr.sh | ✅ Running | Use setup token | | **Guacamole** | https://remote.obr.sh/guacamole/ | ✅ Running | Change password | --- ## ⚡ 5-Minute Quick Start ### 1. Check Everything is Healthy ```bash /home/olaf/pangolin/scripts/monitor-sso-health.sh ``` **Expected:** ✅ ALL SYSTEMS OPERATIONAL ### 2. Get Pangolin Setup Token The health script shows the token, or run: ```bash cd /srv/docker/pangolin && sudo docker compose logs pangolin | grep "Token:" ``` ### 3. Complete Setups (One at a Time) **Pangolin First:** (https://tunnel.obr.sh) - Enter the setup token - Create admin account - Done in 30 seconds **Then Authentik:** (https://sso.obr.sh/if/flow/initial-setup/) - Create admin account - SAVE RECOVERY CODES - Done in 2 minutes **Then Guacamole:** (https://remote.obr.sh/guacamole/) - Login: guacadmin / guacadmin - Change password in Settings - Done in 1 minute **Total time:** <5 minutes --- ## 📚 Full Documentation **For complete integration (OIDC, service SSO, Pangolin sites):** Read: `/home/olaf/pangolin/ADD-OIDC-INTEGRATIONS.md` **For detailed deployment info:** Read: `/home/olaf/pangolin/DEPLOYMENT-COMPLETE.md` --- ## 🔧 Useful Commands **Monitor Health:** ```bash /home/olaf/pangolin/scripts/monitor-sso-health.sh ``` **Backup Everything:** ```bash /home/olaf/pangolin/scripts/backup-sso-infrastructure.sh ``` **View Logs:** ```bash cd /srv/docker/authentik && sudo docker compose logs -f server cd /srv/docker/pangolin && sudo docker compose logs -f pangolin cd /srv/docker/guacamole && sudo docker compose logs -f guacamole ``` --- ## ✅ What's Working - LAN access (10.50.0.0/24) - WAN internet routing - All existing services (Jellyfin, OpenWebUI, etc.) - All three new SSO platforms - TLS certificates (automatic) - Docker networks - Firewall rules **Zero issues detected.** --- ## 📞 If You Need Help **Check health first:** ```bash /home/olaf/pangolin/scripts/monitor-sso-health.sh ``` **Review deployment:** ```bash cat /home/olaf/pangolin/DEPLOYMENT-COMPLETE.md ``` **See iteration history:** ```bash ls /home/olaf/pangolin/.ralph-loop/ ``` --- **Infrastructure ready. Complete 3 quick setups to start using SSO.**