feat:更新并调整wireguard-easy

apps/wireguard-easy/14/.env.sample

@@ -0,0 +1,11 @@
+CONTAINER_NAME="wireguard-easy"
+DATA_PATH="./data"
+HOST_ADDRESS="172.17.0.1"
+PANEL_APP_PORT_HTTP=40074
+WG_ALLOWED_IPS="10.0.8.0/24"
+WG_DEFAULT_ADDRESS="10.8.0.x"
+WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"
+WG_MTU=1420
+WG_PERSISTENT_KEEPALIVE=25
+WIREGUARD_PORT=51820
+PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"

apps/wireguard-easy/14/data.yml

@@ -0,0 +1,74 @@
+additionalProperties:
+  formFields:
+    - default: "40074"
+      edit: true
+      envKey: PANEL_APP_PORT_HTTP
+      labelEn: WebUI Port
+      labelZh: 网页端口
+      required: true
+      rule: paramPort
+      type: number
+    - default: "51820"
+      edit: true
+      envKey: WIREGUARD_PORT
+      labelEn: Wireguard port
+      labelZh: Wireguard 端口
+      required: true
+      rule: paramPort
+      type: number
+    - default: "./data"
+      edit: true
+      envKey: DATA_PATH
+      labelEn: Data folder path
+      labelZh: 数据文件夹路径
+      required: true
+      type: text
+    - default: "$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"
+      edit: true
+      envKey: PASSWORD_HASH
+      labelEn: Webui password hash (Note to check the documentation for instructions, the default is `PAssw00rd`)
+      labelZh: 网页密码 hash (注意查看说明文档，默认为`PAssw00rd`)
+      required: true
+      type: password
+    - default: "172.17.0.1"
+      edit: true
+      envKey: HOST_ADDRESS
+      labelEn: Host address (must change item)
+      labelZh: 本机地址(必改项)
+      required: true
+      type: text
+    - default: "10.8.0.x"
+      edit: true
+      envKey: WG_DEFAULT_ADDRESS
+      labelEn: Default Wireguard Segment
+      labelZh: 默认 Wireguard 网段
+      required: true
+      type: text
+    - default: "119.29.29.29,1.1.1.1"
+      edit: true
+      envKey: WG_DEFAULT_DNS
+      labelEn: Default Wireguard DNS
+      labelZh: 默认 Wireguard DNS
+      required: true
+      type: text
+    - default: "1420"
+      edit: true
+      envKey: WG_MTU
+      labelEn: Wireguard MTU
+      labelZh: Wireguard MTU
+      required: true
+      type: number
+    - default: "10.0.8.0/24"
+      edit: true
+      envKey: WG_ALLOWED_IPS
+      labelEn: Wireguard Allowed IPs
+      labelZh: Wireguard 允许的 IP 段
+      required: true
+      type: text
+    - default: "25"
+      edit: true
+      envKey: WG_PERSISTENT_KEEPALIVE
+      labelEn: Wireguard Persistent Keepalive
+      labelZh: Wireguard 保活间隔
+      required: true
+      type: number

apps/wireguard-easy/14/docker-compose.yml

@@ -0,0 +1,34 @@
+services:
+  wg-easy:
+    container_name: ${CONTAINER_NAME}
+    restart: always
+    networks:
+      - 1panel-network
+    environment:
+      - WG_HOST=${HOST_ADDRESS}
+      - WG_PORT=${WIREGUARD_PORT}
+      - PORT=${PANEL_APP_PORT_HTTP}
+      - WG_DEFAULT_ADDRESS=${WG_DEFAULT_ADDRESS}
+      - WG_DEFAULT_DNS=${WG_DEFAULT_DNS}
+      - WG_MTU=${WG_MTU}
+      - WG_ALLOWED_IPS=${WG_ALLOWED_IPS}
+      - WG_PERSISTENT_KEEPALIVE=${WG_PERSISTENT_KEEPALIVE}
+      - PASSWORD_HASH=${PASSWORD_HASH}
+    volumes:
+      - ${DATA_PATH}:/etc/wireguard
+    ports:
+      - "${WIREGUARD_PORT}:${WIREGUARD_PORT}/udp"
+      - "${PANEL_APP_PORT_HTTP}:${PANEL_APP_PORT_HTTP}/tcp"
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    sysctls:
+      - net.ipv4.ip_forward=1
+      - net.ipv4.conf.all.src_valid_mark=1
+    image: "ghcr.io/wg-easy/wg-easy:14"
+    labels:
+      createdBy: "Apps"
+
+networks:
+  1panel-network:
+    external: true

apps/wireguard-easy/14/scripts/upgrade.sh

@@ -0,0 +1,70 @@
+#!/bin/bash
+
+# 检查 .env 文件是否存在
+if [[ -f ./.env ]]; then
+
+  # 如果 .env 文件中有 WEBUI_PWD 的设置，删除该行
+  if grep -q 'WEBUI_PWD' ./.env; then
+    sed -i '/WEBUI_PWD/d' ./.env
+    echo "已移除 .env 文件中的 WEBUI_PWD 参数"
+  fi
+
+  # 检查并添加 WG_ALLOWED_IPS 参数
+  if ! grep -q 'WG_ALLOWED_IPS' ./.env; then
+    echo 'WG_ALLOWED_IPS="10.0.8.0/24"' >> ./.env
+    echo "已添加 WG_ALLOWED_IPS=10.0.8.0/24"
+  else
+    echo "WG_ALLOWED_IPS 参数已存在"
+  fi
+
+  # 检查并添加 WG_DEFAULT_ADDRESS 参数
+  if ! grep -q 'WG_DEFAULT_ADDRESS' ./.env; then
+    echo 'WG_DEFAULT_ADDRESS="10.8.0.x"' >> ./.env
+    echo "已添加 WG_DEFAULT_ADDRESS=10.8.0.x"
+  else
+    echo "WG_DEFAULT_ADDRESS 参数已存在"
+  fi
+
+  # 检查并添加 WG_DEFAULT_DNS 参数
+  if ! grep -q 'WG_DEFAULT_DNS' ./.env; then
+    echo 'WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"' >> ./.env
+    echo "已添加 WG_DEFAULT_DNS=119.29.29.29,1.1.1.1"
+  else
+    echo "WG_DEFAULT_DNS 参数已存在"
+  fi
+
+  # 检查并添加 WG_MTU 参数
+  if ! grep -q 'WG_MTU' ./.env; then
+    echo 'WG_MTU=1420' >> ./.env
+    echo "已添加 WG_MTU=1420"
+  else
+    echo "WG_MTU 参数已存在"
+  fi
+
+  # 检查并添加 WG_PERSISTENT_KEEPALIVE 参数
+  if ! grep -q 'WG_PERSISTENT_KEEPALIVE' ./.env; then
+    echo 'WG_PERSISTENT_KEEPALIVE=25' >> ./.env
+    echo "已添加 WG_PERSISTENT_KEEPALIVE=25"
+  else
+    echo "WG_PERSISTENT_KEEPALIVE 参数已存在"
+  fi
+
+  # 检查并添加 WIREGUARD_PORT 参数
+  if ! grep -q 'WIREGUARD_PORT' ./.env; then
+    echo 'WIREGUARD_PORT=51820' >> ./.env
+    echo "已添加 WIREGUARD_PORT=51820"
+  else
+    echo "WIREGUARD_PORT 参数已存在"
+  fi
+
+  # 检查并添加 PASSWORD_HASH 参数
+  if ! grep -q 'PASSWORD_HASH' ./.env; then
+    echo 'PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"' >> ./.env
+    echo '已添加 PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"'
+  else
+    echo "PASSWORD_HASH 参数已存在"
+  fi
+
+else
+  echo ".env 文件不存在"
+fi

apps/wireguard-easy/7/.env.sample

@@ -1,6 +0,0 @@
-CONTAINER_NAME="wireguard-easy"
-DATA_PATH="./data"
-HOST_ADDRESS="172.17.0.1"
-PANEL_APP_PORT_HTTP="40074"
-WEBUI_PWD="password"
-WIREGUARD_PORT="51820"

apps/wireguard-easy/7/data.yml

@@ -1,42 +0,0 @@
-additionalProperties:
-    formFields:
-        - default: 40074
-          edit: true
-          envKey: PANEL_APP_PORT_HTTP
-          labelEn: WebUI Port
-          labelZh: 网页端口
-          required: true
-          rule: paramPort
-          type: number
-        - default: 51820
-          edit: true
-          envKey: WIREGUARD_PORT
-          labelEn: Wireguard port
-          labelZh: Wireguard端口
-          required: true
-          rule: paramPort
-          type: number
-        - default: ./data
-          edit: true
-          envKey: DATA_PATH
-          labelEn: Data folder path
-          labelZh: 数据文件夹路径
-          required: true
-          type: text
-        - default: "password"
-          edit: true
-          envKey: WEBUI_PWD
-          labelEn: Webui password
-          labelZh: 网页密码
-          random: false
-          required: true
-          rule: paramComplexity
-          type: password
-        - default: 172.17.0.1
-          edit: true
-          envKey: HOST_ADDRESS
-          labelEn: Local IP address (must change item)
-          labelZh: 本机IP地址(必改项)
-          required: true
-          rule: paramCommon
-          type: text

apps/wireguard-easy/7/docker-compose.yml

@@ -1,37 +0,0 @@
-services:
-  wg-easy:
-    container_name: ${CONTAINER_NAME}
-    restart: always
-    networks:
-      - 1panel-network
-    environment:
-      - WG_HOST=${HOST_ADDRESS}
-      - PASSWORD=${WEBUI_PWD}
-      - WG_PORT=${WIREGUARD_PORT}
-      # Optional:
-      # - WG_DEFAULT_ADDRESS=10.8.0.x
-      # - WG_DEFAULT_DNS=1.1.1.1
-      # - WG_MTU=1420
-      # - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24
-      # - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
-      # - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
-      # - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
-      # - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
-    volumes:
-      - ${DATA_PATH}:/etc/wireguard
-    ports:
-      - "${WIREGUARD_PORT}:${WIREGUARD_PORT}/udp"
-      - "${PANEL_APP_PORT_HTTP}:51821/tcp"
-    cap_add:
-      - NET_ADMIN
-      - SYS_MODULE
-    sysctls:
-      - net.ipv4.ip_forward=1
-      - net.ipv4.conf.all.src_valid_mark=1
-    image: weejewel/wg-easy:7
-    labels:  
-      createdBy: "Apps"
-
-networks:  
-  1panel-network:  
-    external: true

apps/wireguard-easy/README.md

@@ -1,115 +1,38 @@
 # WireGuard Easy
 
-[![Build & Publish Docker Image to Docker Hub](https://github.com/WeeJeWel/wg-easy/actions/workflows/deploy.yml/badge.svg?branch=production)](https://github.com/WeeJeWel/wg-easy/actions/workflows/deploy.yml)
-[![Lint](https://github.com/WeeJeWel/wg-easy/actions/workflows/lint.yml/badge.svg?branch=master)](https://github.com/WeeJeWel/wg-easy/actions/workflows/lint.yml)
-[![Docker](https://img.shields.io/docker/v/weejewel/wg-easy/latest)](https://hub.docker.com/r/weejewel/wg-easy)
-[![Docker](https://img.shields.io/docker/pulls/weejewel/wg-easy.svg)](https://hub.docker.com/r/weejewel/wg-easy)
-[![Sponsor](https://img.shields.io/github/sponsors/weejewel)](https://github.com/sponsors/WeeJeWel)
-![GitHub Stars](https://img.shields.io/github/stars/weejewel/wg-easy)
+**WireGuard Easy** 是最简单的安装和管理 WireGuard 的方法，适用于任何 Linux 主机！
 
-You have found the easiest way to install & manage WireGuard on any Linux host!
+## 使用说明
 
-<p align="center">
-  <img src="https://github.com/wg-easy/wg-easy/raw/master/assets/screenshot.png" width="802" />
-</p>
+> **14版本以上启用了bcrypt 密码哈希，以前设置密码方式失效**
 
-## Features
+`wg-password`（也称为 **wgpw**）是一个生成 bcrypt 密码哈希的脚本，旨在通过与 **`wg-easy`** 集成来提高安全性，方便管理 WireGuard 配置。
 
-* All-in-one: WireGuard + Web UI.
-* Easy installation, simple to use.
-* List, create, edit, delete, enable & disable clients.
-* Show a client's QR code.
-* Download a client's configuration file.
-* Statistics for which clients are connected.
-* Tx/Rx charts for each connected client.
-* Gravatar support.
+### Docker 使用方法
 
-## Requirements
+使用 Docker 生成 bcrypt 密码哈希，运行以下命令：
 
-* A host with a kernel that supports WireGuard (all modern kernels).
-* A host with Docker installed.
-
-## Installation
-
-### 1. Install Docker
-
-If you haven't installed Docker yet, install it by running:
-
-```bash
-$ curl -sSL https://get.docker.com | sh
-$ sudo usermod -aG docker $(whoami)
-$ exit
+```sh
+docker run -it ghcr.io/wg-easy/wg-easy wgpw YOUR_PASSWORD
 ```
 
-And log in again.
-
-### 2. Run WireGuard Easy
-
-To automatically install & run wg-easy, simply run:
-
-<pre>
-$ docker run -d \
-  --name=wg-easy \
-  -e WG_HOST=<b>🚨YOUR_SERVER_IP</b> \
-  -e PASSWORD=<b>🚨YOUR_ADMIN_PASSWORD</b> \
-  -v ~/.wg-easy:/etc/wireguard \
-  -p 51820:51820/udp \
-  -p 51821:51821/tcp \
-  --cap-add=NET_ADMIN \
-  --cap-add=SYS_MODULE \
-  --sysctl="net.ipv4.conf.all.src_valid_mark=1" \
-  --sysctl="net.ipv4.ip_forward=1" \
-  --restart unless-stopped \
-  weejewel/wg-easy
-</pre>
-
-> 💡 Replace `YOUR_SERVER_IP` with your WAN IP, or a Dynamic DNS hostname.
-> 
-> 💡 Replace `YOUR_ADMIN_PASSWORD` with a password to log in on the Web UI.
-
-The Web UI will now be available on `http://0.0.0.0:51821`.
-
-> 💡 Your configuration files will be saved in `~/.wg-easy`
-
-### 3. Sponsor
-
-Are you enjoying this project? [Buy me a beer!](https://github.com/sponsors/WeeJeWel) 🍻
-
-## Options
-
-These options can be configured by setting environment variables using `-e KEY="VALUE"` in the `docker run` command.
-
-| Env | Default | Example | Description |
-| - | - | - | - |
-| `PASSWORD` | - | `foobar123` | When set, requires a password when logging in to the Web UI. |
-| `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server. |
-| `WG_DEVICE` | `eth0` | `ens6f0` | Ethernet device the wireguard traffic should be forwarded through. |
-| `WG_PORT` | `51820` | `12345` | The public UDP port of your VPN server. WireGuard will always listen on `51820` inside the Docker container. |
-| `WG_MTU` | `null` | `1420` | The MTU the clients will use. Server uses default WG MTU. |
-| `WG_PERSISTENT_KEEPALIVE` | `0` | `25` | Value in seconds to keep the "connection" open. If this value is 0, then connections won't be kept alive. |
-| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range. |
-| `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use. |
-| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | `192.168.15.0/24, 10.0.1.0/24` | Allowed IPs clients will use. |
-| `WG_PRE_UP` | `...` | - | See [config.js](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L19) for the default value. |
-| `WG_POST_UP` | `...` | `iptables ...` | See [config.js](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L20) for the default value. |
-| `WG_PRE_DOWN` | `...` | - | See [config.js](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L27) for the default value. |
-| `WG_POST_DOWN` | `...` | `iptables ...` | See [config.js](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L28) for the default value. |
-
-> If you change `WG_PORT`, make sure to also change the exposed port.
-
-## Updating
-
-To update to the latest version, simply run:
-
-```bash
-docker stop wg-easy
-docker rm wg-easy
-docker pull weejewel/wg-easy
+示例输出：
+```sh
+PASSWORD_HASH='$2b$12$coPqCsPtcFO.Ab99xylBNOW4.Iu7OOA2/ZIboHN6/oyxca3MWo7fW'
 ```
 
-And then run the `docker run -d \ ...` command above again.
+如果未提供密码，工具将提示您输入：
 
-## Common Use Cases
+```sh
+docker run -it ghcr.io/wg-easy/wg-easy wgpw
+Enter your password:  # 输入密码（输入不可见）
+PASSWORD_HASH='$2b$12$coPqCsPtcFO.Ab99xylBNOW4.Iu7OOA2/ZIboHN6/oyxca3MWo7fW'
+```
 
-* [Using WireGuard-Easy with Pi-Hole](https://github.com/WeeJeWel/wg-easy/wiki/Using-WireGuard-Easy-with-Pi-Hole)
-* [Using WireGuard-Easy with nginx/SSL](https://github.com/WeeJeWel/wg-easy/wiki/Using-WireGuard-Easy-with-nginx-SSL)
+### 重要说明
+
+- **在 `docker-compose.yml` 中使用**：在 `docker-compose.yml` 文件中，将生成的哈希中的每个 `$` 替换为 `$$`，以防止解释错误。
+
+```yaml
+- PASSWORD_HASH=$$2y$$10$$hBCoykrB95WSzuV4fafBzOHWKu9sbyVa34GJr8VV5R/pIelfEMYyG
+```

apps/wireguard-easy/data.yml

@@ -1,8 +1,7 @@
 name: WireGuard Easy
 tags:
-    - 工具
+    - 实用工具
 title: 运行 WireGuard VPN + 基于 Web 的管理 UI 的最简单方法
-type: 工具
 description: 运行 WireGuard VPN + 基于 Web 的管理 UI 的最简单方法
 additionalProperties:
     key: wireguard-easy

apps/wireguard-easy/latest/.env.sample

@@ -1,6 +1,11 @@
 CONTAINER_NAME="wireguard-easy"
 DATA_PATH="./data"
 HOST_ADDRESS="172.17.0.1"
-PANEL_APP_PORT_HTTP="40074"
-WEBUI_PWD="password"
-WIREGUARD_PORT="51820"
+PANEL_APP_PORT_HTTP=40074
+WG_ALLOWED_IPS="10.0.8.0/24"
+WG_DEFAULT_ADDRESS="10.8.0.x"
+WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"
+WG_MTU=1420
+WG_PERSISTENT_KEEPALIVE=25
+WIREGUARD_PORT=51820
+PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"

apps/wireguard-easy/latest/data.yml

@@ -1,42 +1,74 @@
 additionalProperties:
-    formFields:
-        - default: 40074
-          edit: true
-          envKey: PANEL_APP_PORT_HTTP
-          labelEn: WebUI Port
-          labelZh: 网页端口
-          required: true
-          rule: paramPort
-          type: number
-        - default: 51820
-          edit: true
-          envKey: WIREGUARD_PORT
-          labelEn: Wireguard port
-          labelZh: Wireguard端口
-          required: true
-          rule: paramPort
-          type: number
-        - default: ./data
-          edit: true
-          envKey: DATA_PATH
-          labelEn: Data folder path
-          labelZh: 数据文件夹路径
-          required: true
-          type: text
-        - default: "password"
-          edit: true
-          envKey: WEBUI_PWD
-          labelEn: Webui password
-          labelZh: 网页密码
-          random: false
-          required: true
-          rule: paramComplexity
-          type: password
-        - default: 172.17.0.1
-          edit: true
-          envKey: HOST_ADDRESS
-          labelEn: Local IP address (must change item)
-          labelZh: 本机IP地址(必改项)
-          required: true
-          rule: paramCommon
-          type: text
+  formFields:
+    - default: "40074"
+      edit: true
+      envKey: PANEL_APP_PORT_HTTP
+      labelEn: WebUI Port
+      labelZh: 网页端口
+      required: true
+      rule: paramPort
+      type: number
+    - default: "51820"
+      edit: true
+      envKey: WIREGUARD_PORT
+      labelEn: Wireguard port
+      labelZh: Wireguard 端口
+      required: true
+      rule: paramPort
+      type: number
+    - default: "./data"
+      edit: true
+      envKey: DATA_PATH
+      labelEn: Data folder path
+      labelZh: 数据文件夹路径
+      required: true
+      type: text
+    - default: "$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"
+      edit: true
+      envKey: PASSWORD_HASH
+      labelEn: Webui password hash (Note to check the documentation for instructions, the default is `PAssw00rd`)
+      labelZh: 网页密码 hash (注意查看说明文档，默认为`PAssw00rd`)
+      required: true
+      type: password
+    - default: "172.17.0.1"
+      edit: true
+      envKey: HOST_ADDRESS
+      labelEn: Host address (must change item)
+      labelZh: 本机地址(必改项)
+      required: true
+      type: text
+    - default: "10.8.0.x"
+      edit: true
+      envKey: WG_DEFAULT_ADDRESS
+      labelEn: Default Wireguard Segment
+      labelZh: 默认 Wireguard 网段
+      required: true
+      type: text
+    - default: "119.29.29.29,1.1.1.1"
+      edit: true
+      envKey: WG_DEFAULT_DNS
+      labelEn: Default Wireguard DNS
+      labelZh: 默认 Wireguard DNS
+      required: true
+      type: text
+    - default: "1420"
+      edit: true
+      envKey: WG_MTU
+      labelEn: Wireguard MTU
+      labelZh: Wireguard MTU
+      required: true
+      type: number
+    - default: "10.0.8.0/24"
+      edit: true
+      envKey: WG_ALLOWED_IPS
+      labelEn: Wireguard Allowed IPs
+      labelZh: Wireguard 允许的 IP 段
+      required: true
+      type: text
+    - default: "25"
+      edit: true
+      envKey: WG_PERSISTENT_KEEPALIVE
+      labelEn: Wireguard Persistent Keepalive
+      labelZh: Wireguard 保活间隔
+      required: true
+      type: number

apps/wireguard-easy/latest/docker-compose.yml

@@ -6,32 +6,29 @@ services:
       - 1panel-network
     environment:
       - WG_HOST=${HOST_ADDRESS}
-      - PASSWORD=${WEBUI_PWD}
       - WG_PORT=${WIREGUARD_PORT}
-      # Optional:
-      # - WG_DEFAULT_ADDRESS=10.8.0.x
-      # - WG_DEFAULT_DNS=1.1.1.1
-      # - WG_MTU=1420
-      # - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24
-      # - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
-      # - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
-      # - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
-      # - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
+      - PORT=${PANEL_APP_PORT_HTTP}
+      - WG_DEFAULT_ADDRESS=${WG_DEFAULT_ADDRESS}
+      - WG_DEFAULT_DNS=${WG_DEFAULT_DNS}
+      - WG_MTU=${WG_MTU}
+      - WG_ALLOWED_IPS=${WG_ALLOWED_IPS}
+      - WG_PERSISTENT_KEEPALIVE=${WG_PERSISTENT_KEEPALIVE}
+      - PASSWORD_HASH=${PASSWORD_HASH}
     volumes:
       - ${DATA_PATH}:/etc/wireguard
     ports:
       - "${WIREGUARD_PORT}:${WIREGUARD_PORT}/udp"
-      - "${PANEL_APP_PORT_HTTP}:51821/tcp"
+      - "${PANEL_APP_PORT_HTTP}:${PANEL_APP_PORT_HTTP}/tcp"
     cap_add:
       - NET_ADMIN
       - SYS_MODULE
     sysctls:
       - net.ipv4.ip_forward=1
       - net.ipv4.conf.all.src_valid_mark=1
-    image: weejewel/wg-easy:latest
-    labels:  
+    image: "ghcr.io/wg-easy/wg-easy:latest"
+    labels:
       createdBy: "Apps"
 
-networks:  
-  1panel-network:  
+networks:
+  1panel-network:
     external: true

apps/wireguard-easy/latest/scripts/upgrade.sh

@@ -0,0 +1,70 @@
+#!/bin/bash
+
+# 检查 .env 文件是否存在
+if [[ -f ./.env ]]; then
+
+  # 如果 .env 文件中有 WEBUI_PWD 的设置，删除该行
+  if grep -q 'WEBUI_PWD' ./.env; then
+    sed -i '/WEBUI_PWD/d' ./.env
+    echo "已移除 .env 文件中的 WEBUI_PWD 参数"
+  fi
+
+  # 检查并添加 WG_ALLOWED_IPS 参数
+  if ! grep -q 'WG_ALLOWED_IPS' ./.env; then
+    echo 'WG_ALLOWED_IPS="10.0.8.0/24"' >> ./.env
+    echo "已添加 WG_ALLOWED_IPS=10.0.8.0/24"
+  else
+    echo "WG_ALLOWED_IPS 参数已存在"
+  fi
+
+  # 检查并添加 WG_DEFAULT_ADDRESS 参数
+  if ! grep -q 'WG_DEFAULT_ADDRESS' ./.env; then
+    echo 'WG_DEFAULT_ADDRESS="10.8.0.x"' >> ./.env
+    echo "已添加 WG_DEFAULT_ADDRESS=10.8.0.x"
+  else
+    echo "WG_DEFAULT_ADDRESS 参数已存在"
+  fi
+
+  # 检查并添加 WG_DEFAULT_DNS 参数
+  if ! grep -q 'WG_DEFAULT_DNS' ./.env; then
+    echo 'WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"' >> ./.env
+    echo "已添加 WG_DEFAULT_DNS=119.29.29.29,1.1.1.1"
+  else
+    echo "WG_DEFAULT_DNS 参数已存在"
+  fi
+
+  # 检查并添加 WG_MTU 参数
+  if ! grep -q 'WG_MTU' ./.env; then
+    echo 'WG_MTU=1420' >> ./.env
+    echo "已添加 WG_MTU=1420"
+  else
+    echo "WG_MTU 参数已存在"
+  fi
+
+  # 检查并添加 WG_PERSISTENT_KEEPALIVE 参数
+  if ! grep -q 'WG_PERSISTENT_KEEPALIVE' ./.env; then
+    echo 'WG_PERSISTENT_KEEPALIVE=25' >> ./.env
+    echo "已添加 WG_PERSISTENT_KEEPALIVE=25"
+  else
+    echo "WG_PERSISTENT_KEEPALIVE 参数已存在"
+  fi
+
+  # 检查并添加 WIREGUARD_PORT 参数
+  if ! grep -q 'WIREGUARD_PORT' ./.env; then
+    echo 'WIREGUARD_PORT=51820' >> ./.env
+    echo "已添加 WIREGUARD_PORT=51820"
+  else
+    echo "WIREGUARD_PORT 参数已存在"
+  fi
+
+  # 检查并添加 PASSWORD_HASH 参数
+  if ! grep -q 'PASSWORD_HASH' ./.env; then
+    echo 'PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"' >> ./.env
+    echo '已添加 PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"'
+  else
+    echo "PASSWORD_HASH 参数已存在"
+  fi
+
+else
+  echo ".env 文件不存在"
+fi

apps/wireguard-easy/nightly/.env.sample

@@ -1,6 +1,11 @@
 CONTAINER_NAME="wireguard-easy"
 DATA_PATH="./data"
 HOST_ADDRESS="172.17.0.1"
-PANEL_APP_PORT_HTTP="40074"
-WEBUI_PWD="password"
-WIREGUARD_PORT="51820"
+PANEL_APP_PORT_HTTP=40074
+WG_ALLOWED_IPS="10.0.8.0/24"
+WG_DEFAULT_ADDRESS="10.8.0.x"
+WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"
+WG_MTU=1420
+WG_PERSISTENT_KEEPALIVE=25
+WIREGUARD_PORT=51820
+PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"

apps/wireguard-easy/nightly/data.yml

@@ -1,42 +1,74 @@
 additionalProperties:
-    formFields:
-        - default: 40074
-          edit: true
-          envKey: PANEL_APP_PORT_HTTP
-          labelEn: WebUI Port
-          labelZh: 网页端口
-          required: true
-          rule: paramPort
-          type: number
-        - default: 51820
-          edit: true
-          envKey: WIREGUARD_PORT
-          labelEn: Wireguard port
-          labelZh: Wireguard端口
-          required: true
-          rule: paramPort
-          type: number
-        - default: ./data
-          edit: true
-          envKey: DATA_PATH
-          labelEn: Data folder path
-          labelZh: 数据文件夹路径
-          required: true
-          type: text
-        - default: "password"
-          edit: true
-          envKey: WEBUI_PWD
-          labelEn: Webui password
-          labelZh: 网页密码
-          random: false
-          required: true
-          rule: paramComplexity
-          type: password
-        - default: 172.17.0.1
-          edit: true
-          envKey: HOST_ADDRESS
-          labelEn: Local IP address (must change item)
-          labelZh: 本机IP地址(必改项)
-          required: true
-          rule: paramCommon
-          type: text
+  formFields:
+    - default: "40074"
+      edit: true
+      envKey: PANEL_APP_PORT_HTTP
+      labelEn: WebUI Port
+      labelZh: 网页端口
+      required: true
+      rule: paramPort
+      type: number
+    - default: "51820"
+      edit: true
+      envKey: WIREGUARD_PORT
+      labelEn: Wireguard port
+      labelZh: Wireguard 端口
+      required: true
+      rule: paramPort
+      type: number
+    - default: "./data"
+      edit: true
+      envKey: DATA_PATH
+      labelEn: Data folder path
+      labelZh: 数据文件夹路径
+      required: true
+      type: text
+    - default: "$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"
+      edit: true
+      envKey: PASSWORD_HASH
+      labelEn: Webui password hash (Note to check the documentation for instructions, the default is `PAssw00rd`)
+      labelZh: 网页密码 hash (注意查看说明文档，默认为`PAssw00rd`)
+      required: true
+      type: password
+    - default: "172.17.0.1"
+      edit: true
+      envKey: HOST_ADDRESS
+      labelEn: Host address (must change item)
+      labelZh: 本机地址(必改项)
+      required: true
+      type: text
+    - default: "10.8.0.x"
+      edit: true
+      envKey: WG_DEFAULT_ADDRESS
+      labelEn: Default Wireguard Segment
+      labelZh: 默认 Wireguard 网段
+      required: true
+      type: text
+    - default: "119.29.29.29,1.1.1.1"
+      edit: true
+      envKey: WG_DEFAULT_DNS
+      labelEn: Default Wireguard DNS
+      labelZh: 默认 Wireguard DNS
+      required: true
+      type: text
+    - default: "1420"
+      edit: true
+      envKey: WG_MTU
+      labelEn: Wireguard MTU
+      labelZh: Wireguard MTU
+      required: true
+      type: number
+    - default: "10.0.8.0/24"
+      edit: true
+      envKey: WG_ALLOWED_IPS
+      labelEn: Wireguard Allowed IPs
+      labelZh: Wireguard 允许的 IP 段
+      required: true
+      type: text
+    - default: "25"
+      edit: true
+      envKey: WG_PERSISTENT_KEEPALIVE
+      labelEn: Wireguard Persistent Keepalive
+      labelZh: Wireguard 保活间隔
+      required: true
+      type: number

apps/wireguard-easy/nightly/docker-compose.yml

@@ -6,32 +6,29 @@ services:
       - 1panel-network
     environment:
       - WG_HOST=${HOST_ADDRESS}
-      - PASSWORD=${WEBUI_PWD}
       - WG_PORT=${WIREGUARD_PORT}
-      # Optional:
-      # - WG_DEFAULT_ADDRESS=10.8.0.x
-      # - WG_DEFAULT_DNS=1.1.1.1
-      # - WG_MTU=1420
-      # - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24
-      # - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
-      # - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
-      # - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
-      # - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
+      - PORT=${PANEL_APP_PORT_HTTP}
+      - WG_DEFAULT_ADDRESS=${WG_DEFAULT_ADDRESS}
+      - WG_DEFAULT_DNS=${WG_DEFAULT_DNS}
+      - WG_MTU=${WG_MTU}
+      - WG_ALLOWED_IPS=${WG_ALLOWED_IPS}
+      - WG_PERSISTENT_KEEPALIVE=${WG_PERSISTENT_KEEPALIVE}
+      - PASSWORD_HASH=${PASSWORD_HASH}
     volumes:
       - ${DATA_PATH}:/etc/wireguard
     ports:
       - "${WIREGUARD_PORT}:${WIREGUARD_PORT}/udp"
-      - "${PANEL_APP_PORT_HTTP}:51821/tcp"
+      - "${PANEL_APP_PORT_HTTP}:${PANEL_APP_PORT_HTTP}/tcp"
     cap_add:
       - NET_ADMIN
       - SYS_MODULE
     sysctls:
       - net.ipv4.ip_forward=1
       - net.ipv4.conf.all.src_valid_mark=1
-    image: weejewel/wg-easy:nightly
-    labels:  
+    image: "ghcr.io/wg-easy/wg-easy:nightly"
+    labels:
       createdBy: "Apps"
 
-networks:  
-  1panel-network:  
+networks:
+  1panel-network:
     external: true

apps/wireguard-easy/nightly/scripts/upgrade.sh

@@ -0,0 +1,70 @@
+#!/bin/bash
+
+# 检查 .env 文件是否存在
+if [[ -f ./.env ]]; then
+
+  # 如果 .env 文件中有 WEBUI_PWD 的设置，删除该行
+  if grep -q 'WEBUI_PWD' ./.env; then
+    sed -i '/WEBUI_PWD/d' ./.env
+    echo "已移除 .env 文件中的 WEBUI_PWD 参数"
+  fi
+
+  # 检查并添加 WG_ALLOWED_IPS 参数
+  if ! grep -q 'WG_ALLOWED_IPS' ./.env; then
+    echo 'WG_ALLOWED_IPS="10.0.8.0/24"' >> ./.env
+    echo "已添加 WG_ALLOWED_IPS=10.0.8.0/24"
+  else
+    echo "WG_ALLOWED_IPS 参数已存在"
+  fi
+
+  # 检查并添加 WG_DEFAULT_ADDRESS 参数
+  if ! grep -q 'WG_DEFAULT_ADDRESS' ./.env; then
+    echo 'WG_DEFAULT_ADDRESS="10.8.0.x"' >> ./.env
+    echo "已添加 WG_DEFAULT_ADDRESS=10.8.0.x"
+  else
+    echo "WG_DEFAULT_ADDRESS 参数已存在"
+  fi
+
+  # 检查并添加 WG_DEFAULT_DNS 参数
+  if ! grep -q 'WG_DEFAULT_DNS' ./.env; then
+    echo 'WG_DEFAULT_DNS="119.29.29.29,1.1.1.1"' >> ./.env
+    echo "已添加 WG_DEFAULT_DNS=119.29.29.29,1.1.1.1"
+  else
+    echo "WG_DEFAULT_DNS 参数已存在"
+  fi
+
+  # 检查并添加 WG_MTU 参数
+  if ! grep -q 'WG_MTU' ./.env; then
+    echo 'WG_MTU=1420' >> ./.env
+    echo "已添加 WG_MTU=1420"
+  else
+    echo "WG_MTU 参数已存在"
+  fi
+
+  # 检查并添加 WG_PERSISTENT_KEEPALIVE 参数
+  if ! grep -q 'WG_PERSISTENT_KEEPALIVE' ./.env; then
+    echo 'WG_PERSISTENT_KEEPALIVE=25' >> ./.env
+    echo "已添加 WG_PERSISTENT_KEEPALIVE=25"
+  else
+    echo "WG_PERSISTENT_KEEPALIVE 参数已存在"
+  fi
+
+  # 检查并添加 WIREGUARD_PORT 参数
+  if ! grep -q 'WIREGUARD_PORT' ./.env; then
+    echo 'WIREGUARD_PORT=51820' >> ./.env
+    echo "已添加 WIREGUARD_PORT=51820"
+  else
+    echo "WIREGUARD_PORT 参数已存在"
+  fi
+
+  # 检查并添加 PASSWORD_HASH 参数
+  if ! grep -q 'PASSWORD_HASH' ./.env; then
+    echo 'PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"' >> ./.env
+    echo '已添加 PASSWORD_HASH="$$2a$$12$$0AL3hGeedv8fOfsNtfZY5OO3mMvBqlnZA8QmeBGfWPAQEoZ7LZ/7a"'
+  else
+    echo "PASSWORD_HASH 参数已存在"
+  fi
+
+else
+  echo ".env 文件不存在"
+fi