I was thinking of using this to tunnel all of my public sites, do hide my home ip. But in the end whats the issue of showing my home ip? The attack surface stays the same. I just reverse proxy everything through Caddy.

Also weren’t some feature gated behind the cloud version? An appeal for this to replace cloudflare tunnels and tailscale funnel is the _fully_ opensource aspect

Hiding an IP and security are not necessarily the main use cases.

The tunneled reverse proxy aspect comes in handy when trying to expose internal apps on a network behind a hard NAT where ports can't be opened and a public IP address isn't available (like CGNAT).

Pangolin is also a VPN like Tailscale/Twingate/etc, so you can access non http resources via a direct connection via WireGuard and NAT traversal.