mirrors/appstore
1
0
Fork 0
mirror of https://github.com/okxlin/appstore.git synced 2025-07-14 13:22:18 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat:更新并调整wireguard-easy

Browse Source
This commit is contained in:
okxlin 2024-11-12 01:33:26 +08:00
parent da9a3b3964
commit ce3fce2e56
17 changed files with 540 additions and 306 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apps/wireguard-easy/14/.env.sample Normal file
View File

@ -0,0 +1,11 @@
CONTAINER_NAME="wireguard-easy"
DATA_PATH="./data"
HOST_ADDRESS="172.17.0.1"
PANEL_APP_PORT_HTTP=40074
WG_ALLOWED_IPS="10.0.8.0/24"
WG_DEFAULT_ADDRESS="10.8.0.x"
WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"
WG_MTU=1420
WG_PERSISTENT_KEEPALIVE=25
WIREGUARD_PORT=51820
PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"

74
apps/wireguard-easy/14/data.yml Normal file
View File

@ -0,0 +1,74 @@
additionalProperties:
formFields:
- default: "40074"
edit: true
envKey: PANEL_APP_PORT_HTTP
labelEn: WebUI Port
labelZh: 网页端口
required: true
rule: paramPort
type: number
- default: "51820"
edit: true
envKey: WIREGUARD_PORT
labelEn: Wireguard port
labelZh: Wireguard 端口
required: true
rule: paramPort
type: number
- default: "./data"
edit: true
envKey: DATA_PATH
labelEn: Data folder path
labelZh: 数据文件夹路径
required: true
type: text
- default: "$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"
edit: true
envKey: PASSWORD_HASH
labelEn: Webui password hash (Note to check the documentation for instructions, the default is `PAssw00rd`)
labelZh: 网页密码 hash (注意查看说明文档,默认为`PAssw00rd`)
required: true
type: password
- default: "172.17.0.1"
edit: true
envKey: HOST_ADDRESS
labelEn: Host address (must change item)
labelZh: 本机地址(必改项)
required: true
type: text
- default: "10.8.0.x"
edit: true
envKey: WG_DEFAULT_ADDRESS
labelEn: Default Wireguard Segment
labelZh: 默认 Wireguard 网段
required: true
type: text
- default: "119.29.29.29,1.1.1.1"
edit: true
envKey: WG_DEFAULT_DNS
labelEn: Default Wireguard DNS
labelZh: 默认 Wireguard DNS
required: true
type: text
- default: "1420"
edit: true
envKey: WG_MTU
labelEn: Wireguard MTU
labelZh: Wireguard MTU
required: true
type: number
- default: "10.0.8.0/24"
edit: true
envKey: WG_ALLOWED_IPS
labelEn: Wireguard Allowed IPs
labelZh: Wireguard 允许的 IP 段
required: true
type: text
- default: "25"
edit: true
envKey: WG_PERSISTENT_KEEPALIVE
labelEn: Wireguard Persistent Keepalive
labelZh: Wireguard 保活间隔
required: true
type: number

34
apps/wireguard-easy/14/docker-compose.yml Normal file
View File

@ -0,0 +1,34 @@
services:
wg-easy:
container_name: ${CONTAINER_NAME}
restart: always
networks:
- 1panel-network
environment:
- WG_HOST=${HOST_ADDRESS}
- WG_PORT=${WIREGUARD_PORT}
- PORT=${PANEL_APP_PORT_HTTP}
- WG_DEFAULT_ADDRESS=${WG_DEFAULT_ADDRESS}
- WG_DEFAULT_DNS=${WG_DEFAULT_DNS}
- WG_MTU=${WG_MTU}
- WG_ALLOWED_IPS=${WG_ALLOWED_IPS}
- WG_PERSISTENT_KEEPALIVE=${WG_PERSISTENT_KEEPALIVE}
- PASSWORD_HASH=${PASSWORD_HASH}
volumes:
- ${DATA_PATH}:/etc/wireguard
ports:
- "${WIREGUARD_PORT}:${WIREGUARD_PORT}/udp"
- "${PANEL_APP_PORT_HTTP}:${PANEL_APP_PORT_HTTP}/tcp"
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
image: "ghcr.io/wg-easy/wg-easy:14"
labels:
createdBy: "Apps"
networks:
1panel-network:
external: true

70
apps/wireguard-easy/14/scripts/upgrade.sh Normal file
View File

@ -0,0 +1,70 @@
#!/bin/bash
# 检查 .env 文件是否存在
if [[ -f ./.env ]]; then
# 如果 .env 文件中有 WEBUI_PWD 的设置,删除该行
if grep -q 'WEBUI_PWD' ./.env; then
sed -i '/WEBUI_PWD/d' ./.env
echo "已移除 .env 文件中的 WEBUI_PWD 参数"
fi
# 检查并添加 WG_ALLOWED_IPS 参数
if ! grep -q 'WG_ALLOWED_IPS' ./.env; then
echo 'WG_ALLOWED_IPS="10.0.8.0/24"' >> ./.env
echo "已添加 WG_ALLOWED_IPS=10.0.8.0/24"
else
echo "WG_ALLOWED_IPS 参数已存在"
fi
# 检查并添加 WG_DEFAULT_ADDRESS 参数
if ! grep -q 'WG_DEFAULT_ADDRESS' ./.env; then
echo 'WG_DEFAULT_ADDRESS="10.8.0.x"' >> ./.env
echo "已添加 WG_DEFAULT_ADDRESS=10.8.0.x"
else
echo "WG_DEFAULT_ADDRESS 参数已存在"
fi
# 检查并添加 WG_DEFAULT_DNS 参数
if ! grep -q 'WG_DEFAULT_DNS' ./.env; then
echo 'WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"' >> ./.env
echo "已添加 WG_DEFAULT_DNS=119.29.29.29,1.1.1.1"
else
echo "WG_DEFAULT_DNS 参数已存在"
fi
# 检查并添加 WG_MTU 参数
if ! grep -q 'WG_MTU' ./.env; then
echo 'WG_MTU=1420' >> ./.env
echo "已添加 WG_MTU=1420"
else
echo "WG_MTU 参数已存在"
fi
# 检查并添加 WG_PERSISTENT_KEEPALIVE 参数
if ! grep -q 'WG_PERSISTENT_KEEPALIVE' ./.env; then
echo 'WG_PERSISTENT_KEEPALIVE=25' >> ./.env
echo "已添加 WG_PERSISTENT_KEEPALIVE=25"
else
echo "WG_PERSISTENT_KEEPALIVE 参数已存在"
fi
# 检查并添加 WIREGUARD_PORT 参数
if ! grep -q 'WIREGUARD_PORT' ./.env; then
echo 'WIREGUARD_PORT=51820' >> ./.env
echo "已添加 WIREGUARD_PORT=51820"
else
echo "WIREGUARD_PORT 参数已存在"
fi
# 检查并添加 PASSWORD_HASH 参数
if ! grep -q 'PASSWORD_HASH' ./.env; then
echo 'PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"' >> ./.env
echo '已添加 PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"'
else
echo "PASSWORD_HASH 参数已存在"
fi
else
echo ".env 文件不存在"
fi

6
apps/wireguard-easy/7/.env.sample
View File

@ -1,6 +0,0 @@
CONTAINER_NAME="wireguard-easy"
DATA_PATH="./data"
HOST_ADDRESS="172.17.0.1"
PANEL_APP_PORT_HTTP="40074"
WEBUI_PWD="password"
WIREGUARD_PORT="51820"

42
apps/wireguard-easy/7/data.yml
View File

@ -1,42 +0,0 @@
additionalProperties:
formFields:
- default: 40074
edit: true
envKey: PANEL_APP_PORT_HTTP
labelEn: WebUI Port
labelZh: 网页端口
required: true
rule: paramPort
type: number
- default: 51820
edit: true
envKey: WIREGUARD_PORT
labelEn: Wireguard port
labelZh: Wireguard端口
required: true
rule: paramPort
type: number
- default: ./data
edit: true
envKey: DATA_PATH
labelEn: Data folder path
labelZh: 数据文件夹路径
required: true
type: text
- default: "password"
edit: true
envKey: WEBUI_PWD
labelEn: Webui password
labelZh: 网页密码
random: false
required: true
rule: paramComplexity
type: password
- default: 172.17.0.1
edit: true
envKey: HOST_ADDRESS
labelEn: Local IP address (must change item)
labelZh: 本机IP地址(必改项)
required: true
rule: paramCommon
type: text

37
apps/wireguard-easy/7/docker-compose.yml
View File

@ -1,37 +0,0 @@
services:
wg-easy:
container_name: ${CONTAINER_NAME}
restart: always
networks:
- 1panel-network
environment:
- WG_HOST=${HOST_ADDRESS}
- PASSWORD=${WEBUI_PWD}
- WG_PORT=${WIREGUARD_PORT}
# Optional:
# - WG_DEFAULT_ADDRESS=10.8.0.x
# - WG_DEFAULT_DNS=1.1.1.1
# - WG_MTU=1420
# - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24
# - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
# - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
# - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
# - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
volumes:
- ${DATA_PATH}:/etc/wireguard
ports:
- "${WIREGUARD_PORT}:${WIREGUARD_PORT}/udp"
- "${PANEL_APP_PORT_HTTP}:51821/tcp"
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
image: weejewel/wg-easy:7
labels:
createdBy: "Apps"
networks:
1panel-network:
external: true

125
apps/wireguard-easy/README.md
View File

@ -1,115 +1,38 @@
# WireGuard Easy # WireGuard Easy
[![Build & Publish Docker Image to Docker Hub](https://github.com/WeeJeWel/wg-easy/actions/workflows/deploy.yml/badge.svg?branch=production)](https://github.com/WeeJeWel/wg-easy/actions/workflows/deploy.yml) **WireGuard Easy** 是最简单的安装和管理 WireGuard 的方法,适用于任何 Linux 主机!
[![Lint](https://github.com/WeeJeWel/wg-easy/actions/workflows/lint.yml/badge.svg?branch=master)](https://github.com/WeeJeWel/wg-easy/actions/workflows/lint.yml)
[![Docker](https://img.shields.io/docker/v/weejewel/wg-easy/latest)](https://hub.docker.com/r/weejewel/wg-easy)
[![Docker](https://img.shields.io/docker/pulls/weejewel/wg-easy.svg)](https://hub.docker.com/r/weejewel/wg-easy)
[![Sponsor](https://img.shields.io/github/sponsors/weejewel)](https://github.com/sponsors/WeeJeWel)
![GitHub Stars](https://img.shields.io/github/stars/weejewel/wg-easy)
You have found the easiest way to install & manage WireGuard on any Linux host! ## 使用说明
<p align="center"> > **14版本以上启用了bcrypt 密码哈希,以前设置密码方式失效**
<img src="https://github.com/wg-easy/wg-easy/raw/master/assets/screenshot.png" width="802" />
</p>
## Features `wg-password`(也称为 **wgpw**)是一个生成 bcrypt 密码哈希的脚本,旨在通过与 **`wg-easy`** 集成来提高安全性,方便管理 WireGuard 配置。
* All-in-one: WireGuard + Web UI. ### Docker 使用方法
* Easy installation, simple to use.
* List, create, edit, delete, enable & disable clients.
* Show a client's QR code.
* Download a client's configuration file.
* Statistics for which clients are connected.
* Tx/Rx charts for each connected client.
* Gravatar support.
## Requirements 使用 Docker 生成 bcrypt 密码哈希,运行以下命令:
* A host with a kernel that supports WireGuard (all modern kernels). ```sh
* A host with Docker installed. docker run -it ghcr.io/wg-easy/wg-easy wgpw YOUR_PASSWORD
## Installation
### 1. Install Docker
If you haven't installed Docker yet, install it by running:
```bash
$ curl -sSL https://get.docker.com | sh
$ sudo usermod -aG docker $(whoami)
$ exit
``` ```
And log in again. 示例输出:
```sh
### 2. Run WireGuard Easy PASSWORD_HASH='$2b$12$coPqCsPtcFO.Ab99xylBNOW4.Iu7OOA2/ZIboHN6/oyxca3MWo7fW'
To automatically install & run wg-easy, simply run:
<pre>
$ docker run -d \
--name=wg-easy \
-e WG_HOST=<b>🚨YOUR_SERVER_IP</b> \
-e PASSWORD=<b>🚨YOUR_ADMIN_PASSWORD</b> \
-v ~/.wg-easy:/etc/wireguard \
-p 51820:51820/udp \
-p 51821:51821/tcp \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE \
--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
--sysctl="net.ipv4.ip_forward=1" \
--restart unless-stopped \
weejewel/wg-easy
</pre>
> 💡 Replace `YOUR_SERVER_IP` with your WAN IP, or a Dynamic DNS hostname.
>
> 💡 Replace `YOUR_ADMIN_PASSWORD` with a password to log in on the Web UI.
The Web UI will now be available on `http://0.0.0.0:51821`.
> 💡 Your configuration files will be saved in `~/.wg-easy`
### 3. Sponsor
Are you enjoying this project? [Buy me a beer!](https://github.com/sponsors/WeeJeWel) 🍻
## Options
These options can be configured by setting environment variables using `-e KEY="VALUE"` in the `docker run` command.
| Env | Default | Example | Description |
| - | - | - | - |
| `PASSWORD` | - | `foobar123` | When set, requires a password when logging in to the Web UI. |
| `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server. |
| `WG_DEVICE` | `eth0` | `ens6f0` | Ethernet device the wireguard traffic should be forwarded through. |
| `WG_PORT` | `51820` | `12345` | The public UDP port of your VPN server. WireGuard will always listen on `51820` inside the Docker container. |
| `WG_MTU` | `null` | `1420` | The MTU the clients will use. Server uses default WG MTU. |
| `WG_PERSISTENT_KEEPALIVE` | `0` | `25` | Value in seconds to keep the "connection" open. If this value is 0, then connections won't be kept alive. |
| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range. |
| `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use. |
| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | `192.168.15.0/24, 10.0.1.0/24` | Allowed IPs clients will use. |
| `WG_PRE_UP` | `...` | - | See [config.js](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L19) for the default value. |
| `WG_POST_UP` | `...` | `iptables ...` | See [config.js](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L20) for the default value. |
| `WG_PRE_DOWN` | `...` | - | See [config.js](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L27) for the default value. |
| `WG_POST_DOWN` | `...` | `iptables ...` | See [config.js](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L28) for the default value. |
> If you change `WG_PORT`, make sure to also change the exposed port.
## Updating
To update to the latest version, simply run:
```bash
docker stop wg-easy
docker rm wg-easy
docker pull weejewel/wg-easy
``` ```
And then run the `docker run -d \ ...` command above again. 如果未提供密码,工具将提示您输入:
## Common Use Cases ```sh
docker run -it ghcr.io/wg-easy/wg-easy wgpw
Enter your password: # 输入密码(输入不可见)
PASSWORD_HASH='$2b$12$coPqCsPtcFO.Ab99xylBNOW4.Iu7OOA2/ZIboHN6/oyxca3MWo7fW'
```
* [Using WireGuard-Easy with Pi-Hole](https://github.com/WeeJeWel/wg-easy/wiki/Using-WireGuard-Easy-with-Pi-Hole) ### 重要说明
* [Using WireGuard-Easy with nginx/SSL](https://github.com/WeeJeWel/wg-easy/wiki/Using-WireGuard-Easy-with-nginx-SSL)
- **在 `docker-compose.yml` 中使用**:在 `docker-compose.yml` 文件中,将生成的哈希中的每个 `$` 替换为 `$$`,以防止解释错误。
```yaml
- PASSWORD_HASH=$$2y$$10$$hBCoykrB95WSzuV4fafBzOHWKu9sbyVa34GJr8VV5R/pIelfEMYyG
```

3
apps/wireguard-easy/data.yml
View File

@ -1,8 +1,7 @@
name: WireGuard Easy name: WireGuard Easy
tags: tags:
- 工具 - 实用工具
title: 运行 WireGuard VPN + 基于 Web 的管理 UI 的最简单方法 title: 运行 WireGuard VPN + 基于 Web 的管理 UI 的最简单方法
type: 工具
description: 运行 WireGuard VPN + 基于 Web 的管理 UI 的最简单方法 description: 运行 WireGuard VPN + 基于 Web 的管理 UI 的最简单方法
additionalProperties: additionalProperties:
key: wireguard-easy key: wireguard-easy

11
apps/wireguard-easy/latest/.env.sample
View File

@ -1,6 +1,11 @@
CONTAINER_NAME="wireguard-easy" CONTAINER_NAME="wireguard-easy"
DATA_PATH="./data" DATA_PATH="./data"
HOST_ADDRESS="172.17.0.1" HOST_ADDRESS="172.17.0.1"
PANEL_APP_PORT_HTTP="40074" PANEL_APP_PORT_HTTP=40074
WEBUI_PWD="password" WG_ALLOWED_IPS="10.0.8.0/24"
WIREGUARD_PORT="51820" WG_DEFAULT_ADDRESS="10.8.0.x"
WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"
WG_MTU=1420
WG_PERSISTENT_KEEPALIVE=25
WIREGUARD_PORT=51820
PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"

58
apps/wireguard-easy/latest/data.yml
View File

@ -1,6 +1,6 @@
additionalProperties: additionalProperties:
formFields: formFields:
- default: 40074 - default: "40074"
edit: true edit: true
envKey: PANEL_APP_PORT_HTTP envKey: PANEL_APP_PORT_HTTP
labelEn: WebUI Port labelEn: WebUI Port
@ -8,7 +8,7 @@ additionalProperties:
required: true required: true
rule: paramPort rule: paramPort
type: number type: number
- default: 51820 - default: "51820"
edit: true edit: true
envKey: WIREGUARD_PORT envKey: WIREGUARD_PORT
labelEn: Wireguard port labelEn: Wireguard port
@ -16,27 +16,59 @@ additionalProperties:
required: true required: true
rule: paramPort rule: paramPort
type: number type: number
- default: ./data - default: "./data"
edit: true edit: true
envKey: DATA_PATH envKey: DATA_PATH
labelEn: Data folder path labelEn: Data folder path
labelZh: 数据文件夹路径 labelZh: 数据文件夹路径
required: true required: true
type: text type: text
- default: "password" - default: "$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"
edit: true edit: true
envKey: WEBUI_PWD envKey: PASSWORD_HASH
labelEn: Webui password labelEn: Webui password hash (Note to check the documentation for instructions, the default is `PAssw00rd`)
labelZh: 网页密码 labelZh: 网页密码 hash (注意查看说明文档,默认为`PAssw00rd`)
random: false
required: true required: true
rule: paramComplexity
type: password type: password
- default: 172.17.0.1 - default: "172.17.0.1"
edit: true edit: true
envKey: HOST_ADDRESS envKey: HOST_ADDRESS
labelEn: Local IP address (must change item) labelEn: Host address (must change item)
labelZh: 本机IP地址(必改项) labelZh: 本机地址(必改项)
required: true required: true
rule: paramCommon
type: text type: text
- default: "10.8.0.x"
edit: true
envKey: WG_DEFAULT_ADDRESS
labelEn: Default Wireguard Segment
labelZh: 默认 Wireguard 网段
required: true
type: text
- default: "119.29.29.29,1.1.1.1"
edit: true
envKey: WG_DEFAULT_DNS
labelEn: Default Wireguard DNS
labelZh: 默认 Wireguard DNS
required: true
type: text
- default: "1420"
edit: true
envKey: WG_MTU
labelEn: Wireguard MTU
labelZh: Wireguard MTU
required: true
type: number
- default: "10.0.8.0/24"
edit: true
envKey: WG_ALLOWED_IPS
labelEn: Wireguard Allowed IPs
labelZh: Wireguard 允许的 IP 段
required: true
type: text
- default: "25"
edit: true
envKey: WG_PERSISTENT_KEEPALIVE
labelEn: Wireguard Persistent Keepalive
labelZh: Wireguard 保活间隔
required: true
type: number

21
apps/wireguard-easy/latest/docker-compose.yml
View File

@ -6,29 +6,26 @@ services:
- 1panel-network - 1panel-network
environment: environment:
- WG_HOST=${HOST_ADDRESS} - WG_HOST=${HOST_ADDRESS}
- PASSWORD=${WEBUI_PWD}
- WG_PORT=${WIREGUARD_PORT} - WG_PORT=${WIREGUARD_PORT}
# Optional: - PORT=${PANEL_APP_PORT_HTTP}
# - WG_DEFAULT_ADDRESS=10.8.0.x - WG_DEFAULT_ADDRESS=${WG_DEFAULT_ADDRESS}
# - WG_DEFAULT_DNS=1.1.1.1 - WG_DEFAULT_DNS=${WG_DEFAULT_DNS}
# - WG_MTU=1420 - WG_MTU=${WG_MTU}
# - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24 - WG_ALLOWED_IPS=${WG_ALLOWED_IPS}
# - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt - WG_PERSISTENT_KEEPALIVE=${WG_PERSISTENT_KEEPALIVE}
# - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt - PASSWORD_HASH=${PASSWORD_HASH}
# - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
# - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
volumes: volumes:
- ${DATA_PATH}:/etc/wireguard - ${DATA_PATH}:/etc/wireguard
ports: ports:
- "${WIREGUARD_PORT}:${WIREGUARD_PORT}/udp" - "${WIREGUARD_PORT}:${WIREGUARD_PORT}/udp"
- "${PANEL_APP_PORT_HTTP}:51821/tcp" - "${PANEL_APP_PORT_HTTP}:${PANEL_APP_PORT_HTTP}/tcp"
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
- SYS_MODULE - SYS_MODULE
sysctls: sysctls:
- net.ipv4.ip_forward=1 - net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1 - net.ipv4.conf.all.src_valid_mark=1
image: weejewel/wg-easy:latest image: "ghcr.io/wg-easy/wg-easy:latest"
labels: labels:
createdBy: "Apps" createdBy: "Apps"

70
apps/wireguard-easy/latest/scripts/upgrade.sh Normal file
View File

@ -0,0 +1,70 @@
#!/bin/bash
# 检查 .env 文件是否存在
if [[ -f ./.env ]]; then
# 如果 .env 文件中有 WEBUI_PWD 的设置,删除该行
if grep -q 'WEBUI_PWD' ./.env; then
sed -i '/WEBUI_PWD/d' ./.env
echo "已移除 .env 文件中的 WEBUI_PWD 参数"
fi
# 检查并添加 WG_ALLOWED_IPS 参数
if ! grep -q 'WG_ALLOWED_IPS' ./.env; then
echo 'WG_ALLOWED_IPS="10.0.8.0/24"' >> ./.env
echo "已添加 WG_ALLOWED_IPS=10.0.8.0/24"
else
echo "WG_ALLOWED_IPS 参数已存在"
fi
# 检查并添加 WG_DEFAULT_ADDRESS 参数
if ! grep -q 'WG_DEFAULT_ADDRESS' ./.env; then
echo 'WG_DEFAULT_ADDRESS="10.8.0.x"' >> ./.env
echo "已添加 WG_DEFAULT_ADDRESS=10.8.0.x"
else
echo "WG_DEFAULT_ADDRESS 参数已存在"
fi
# 检查并添加 WG_DEFAULT_DNS 参数
if ! grep -q 'WG_DEFAULT_DNS' ./.env; then
echo 'WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"' >> ./.env
echo "已添加 WG_DEFAULT_DNS=119.29.29.29,1.1.1.1"
else
echo "WG_DEFAULT_DNS 参数已存在"
fi
# 检查并添加 WG_MTU 参数
if ! grep -q 'WG_MTU' ./.env; then
echo 'WG_MTU=1420' >> ./.env
echo "已添加 WG_MTU=1420"
else
echo "WG_MTU 参数已存在"
fi
# 检查并添加 WG_PERSISTENT_KEEPALIVE 参数
if ! grep -q 'WG_PERSISTENT_KEEPALIVE' ./.env; then
echo 'WG_PERSISTENT_KEEPALIVE=25' >> ./.env
echo "已添加 WG_PERSISTENT_KEEPALIVE=25"
else
echo "WG_PERSISTENT_KEEPALIVE 参数已存在"
fi
# 检查并添加 WIREGUARD_PORT 参数
if ! grep -q 'WIREGUARD_PORT' ./.env; then
echo 'WIREGUARD_PORT=51820' >> ./.env
echo "已添加 WIREGUARD_PORT=51820"
else
echo "WIREGUARD_PORT 参数已存在"
fi
# 检查并添加 PASSWORD_HASH 参数
if ! grep -q 'PASSWORD_HASH' ./.env; then
echo 'PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"' >> ./.env
echo '已添加 PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"'
else
echo "PASSWORD_HASH 参数已存在"
fi
else
echo ".env 文件不存在"
fi

11
apps/wireguard-easy/nightly/.env.sample
View File

@ -1,6 +1,11 @@
CONTAINER_NAME="wireguard-easy" CONTAINER_NAME="wireguard-easy"
DATA_PATH="./data" DATA_PATH="./data"
HOST_ADDRESS="172.17.0.1" HOST_ADDRESS="172.17.0.1"
PANEL_APP_PORT_HTTP="40074" PANEL_APP_PORT_HTTP=40074
WEBUI_PWD="password" WG_ALLOWED_IPS="10.0.8.0/24"
WIREGUARD_PORT="51820" WG_DEFAULT_ADDRESS="10.8.0.x"
WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"
WG_MTU=1420
WG_PERSISTENT_KEEPALIVE=25
WIREGUARD_PORT=51820
PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"

58
apps/wireguard-easy/nightly/data.yml
View File

@ -1,6 +1,6 @@
additionalProperties: additionalProperties:
formFields: formFields:
- default: 40074 - default: "40074"
edit: true edit: true
envKey: PANEL_APP_PORT_HTTP envKey: PANEL_APP_PORT_HTTP
labelEn: WebUI Port labelEn: WebUI Port
@ -8,7 +8,7 @@ additionalProperties:
required: true required: true
rule: paramPort rule: paramPort
type: number type: number
- default: 51820 - default: "51820"
edit: true edit: true
envKey: WIREGUARD_PORT envKey: WIREGUARD_PORT
labelEn: Wireguard port labelEn: Wireguard port
@ -16,27 +16,59 @@ additionalProperties:
required: true required: true
rule: paramPort rule: paramPort
type: number type: number
- default: ./data - default: "./data"
edit: true edit: true
envKey: DATA_PATH envKey: DATA_PATH
labelEn: Data folder path labelEn: Data folder path
labelZh: 数据文件夹路径 labelZh: 数据文件夹路径
required: true required: true
type: text type: text
- default: "password" - default: "$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"
edit: true edit: true
envKey: WEBUI_PWD envKey: PASSWORD_HASH
labelEn: Webui password labelEn: Webui password hash (Note to check the documentation for instructions, the default is `PAssw00rd`)
labelZh: 网页密码 labelZh: 网页密码 hash (注意查看说明文档,默认为`PAssw00rd`)
random: false
required: true required: true
rule: paramComplexity
type: password type: password
- default: 172.17.0.1 - default: "172.17.0.1"
edit: true edit: true
envKey: HOST_ADDRESS envKey: HOST_ADDRESS
labelEn: Local IP address (must change item) labelEn: Host address (must change item)
labelZh: 本机IP地址(必改项) labelZh: 本机地址(必改项)
required: true required: true
rule: paramCommon
type: text type: text
- default: "10.8.0.x"
edit: true
envKey: WG_DEFAULT_ADDRESS
labelEn: Default Wireguard Segment
labelZh: 默认 Wireguard 网段
required: true
type: text
- default: "119.29.29.29,1.1.1.1"
edit: true
envKey: WG_DEFAULT_DNS
labelEn: Default Wireguard DNS
labelZh: 默认 Wireguard DNS
required: true
type: text
- default: "1420"
edit: true
envKey: WG_MTU
labelEn: Wireguard MTU
labelZh: Wireguard MTU
required: true
type: number
- default: "10.0.8.0/24"
edit: true
envKey: WG_ALLOWED_IPS
labelEn: Wireguard Allowed IPs
labelZh: Wireguard 允许的 IP 段
required: true
type: text
- default: "25"
edit: true
envKey: WG_PERSISTENT_KEEPALIVE
labelEn: Wireguard Persistent Keepalive
labelZh: Wireguard 保活间隔
required: true
type: number

21
apps/wireguard-easy/nightly/docker-compose.yml
View File

@ -6,29 +6,26 @@ services:
- 1panel-network - 1panel-network
environment: environment:
- WG_HOST=${HOST_ADDRESS} - WG_HOST=${HOST_ADDRESS}
- PASSWORD=${WEBUI_PWD}
- WG_PORT=${WIREGUARD_PORT} - WG_PORT=${WIREGUARD_PORT}
# Optional: - PORT=${PANEL_APP_PORT_HTTP}
# - WG_DEFAULT_ADDRESS=10.8.0.x - WG_DEFAULT_ADDRESS=${WG_DEFAULT_ADDRESS}
# - WG_DEFAULT_DNS=1.1.1.1 - WG_DEFAULT_DNS=${WG_DEFAULT_DNS}
# - WG_MTU=1420 - WG_MTU=${WG_MTU}
# - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24 - WG_ALLOWED_IPS=${WG_ALLOWED_IPS}
# - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt - WG_PERSISTENT_KEEPALIVE=${WG_PERSISTENT_KEEPALIVE}
# - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt - PASSWORD_HASH=${PASSWORD_HASH}
# - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
# - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
volumes: volumes:
- ${DATA_PATH}:/etc/wireguard - ${DATA_PATH}:/etc/wireguard
ports: ports:
- "${WIREGUARD_PORT}:${WIREGUARD_PORT}/udp" - "${WIREGUARD_PORT}:${WIREGUARD_PORT}/udp"
- "${PANEL_APP_PORT_HTTP}:51821/tcp" - "${PANEL_APP_PORT_HTTP}:${PANEL_APP_PORT_HTTP}/tcp"
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
- SYS_MODULE - SYS_MODULE
sysctls: sysctls:
- net.ipv4.ip_forward=1 - net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1 - net.ipv4.conf.all.src_valid_mark=1
image: weejewel/wg-easy:nightly image: "ghcr.io/wg-easy/wg-easy:nightly"
labels: labels:
createdBy: "Apps" createdBy: "Apps"

70
apps/wireguard-easy/nightly/scripts/upgrade.sh Normal file
View File

@ -0,0 +1,70 @@
#!/bin/bash
# 检查 .env 文件是否存在
if [[ -f ./.env ]]; then
# 如果 .env 文件中有 WEBUI_PWD 的设置,删除该行
if grep -q 'WEBUI_PWD' ./.env; then
sed -i '/WEBUI_PWD/d' ./.env
echo "已移除 .env 文件中的 WEBUI_PWD 参数"
fi
# 检查并添加 WG_ALLOWED_IPS 参数
if ! grep -q 'WG_ALLOWED_IPS' ./.env; then
echo 'WG_ALLOWED_IPS="10.0.8.0/24"' >> ./.env
echo "已添加 WG_ALLOWED_IPS=10.0.8.0/24"
else
echo "WG_ALLOWED_IPS 参数已存在"
fi
# 检查并添加 WG_DEFAULT_ADDRESS 参数
if ! grep -q 'WG_DEFAULT_ADDRESS' ./.env; then
echo 'WG_DEFAULT_ADDRESS="10.8.0.x"' >> ./.env
echo "已添加 WG_DEFAULT_ADDRESS=10.8.0.x"
else
echo "WG_DEFAULT_ADDRESS 参数已存在"
fi
# 检查并添加 WG_DEFAULT_DNS 参数
if ! grep -q 'WG_DEFAULT_DNS' ./.env; then
echo 'WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"' >> ./.env
echo "已添加 WG_DEFAULT_DNS=119.29.29.29,1.1.1.1"
else
echo "WG_DEFAULT_DNS 参数已存在"
fi
# 检查并添加 WG_MTU 参数
if ! grep -q 'WG_MTU' ./.env; then
echo 'WG_MTU=1420' >> ./.env
echo "已添加 WG_MTU=1420"
else
echo "WG_MTU 参数已存在"
fi
# 检查并添加 WG_PERSISTENT_KEEPALIVE 参数
if ! grep -q 'WG_PERSISTENT_KEEPALIVE' ./.env; then
echo 'WG_PERSISTENT_KEEPALIVE=25' >> ./.env
echo "已添加 WG_PERSISTENT_KEEPALIVE=25"
else
echo "WG_PERSISTENT_KEEPALIVE 参数已存在"
fi
# 检查并添加 WIREGUARD_PORT 参数
if ! grep -q 'WIREGUARD_PORT' ./.env; then
echo 'WIREGUARD_PORT=51820' >> ./.env
echo "已添加 WIREGUARD_PORT=51820"
else
echo "WIREGUARD_PORT 参数已存在"
fi
# 检查并添加 PASSWORD_HASH 参数
if ! grep -q 'PASSWORD_HASH' ./.env; then
echo 'PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"' >> ./.env
echo '已添加 PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"'
else
echo "PASSWORD_HASH 参数已存在"
fi
else
echo ".env 文件不存在"
fi