Bump version to 15.2.0-beta.2

feat: add config btn and modal to view and copy config (#2289 )
* add view config btn and modal * show loading state * add note about keyboard
2025-11-18 15:05:42 +01:00 · 2025-11-18 11:36:46 +01:00 · 2025-11-18 09:25:57 +01:00 · 2025-11-17 08:04:10 +01:00 · 2025-11-17 07:54:50 +01:00 · 2025-11-17 07:53:03 +01:00
36 changed files with 521 additions and 506 deletions
@@ -3,7 +3,6 @@
    "aaron-bond.better-comments",
    "dbaeumer.vscode-eslint",
    "antfu.goto-alias",
    "visualstudioexptteam.vscodeintellicode",
    "esbenp.prettier-vscode",
    "yoavbls.pretty-ts-errors",
    "bradlc.vscode-tailwindcss",
@@ -13,6 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Search / filter box (https://github.com/wg-easy/wg-easy/pull/2170)
 - `INIT_ALLOWED_IPS` env var (https://github.com/wg-easy/wg-easy/pull/2164)
 - Show client endpoint (https://github.com/wg-easy/wg-easy/pull/2058)
 - Add option to view and copy config (https://github.com/wg-easy/wg-easy/pull/2289)
 ## Fixed
@@ -27,6 +28,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Publish on Codeberg (https://github.com/wg-easy/wg-easy/pull/2160)
 - Allow empty DNS (https://github.com/wg-easy/wg-easy/pull/2052, https://github.com/wg-easy/wg-easy/pull/2057)
 - Don't include keys in API responses (https://github.com/wg-easy/wg-easy/pull/2015)
 - Try all QR ecc levels (https://github.com/wg-easy/wg-easy/pull/2288)
 ## Docs
@@ -20,74 +20,3 @@ You will however still see a IPv6 address in the Web UI, but it won't be used.
 This option can be removed in the future, as more devices support IPv6.
 ///
 ## Configuration Overrides
 These environment variables allow you to override settings that would normally be configured through the Admin Panel. When set, these values take precedence over database settings at runtime.
 ### Interface Settings
 | Env            | Example       | Description               |
 | -------------- | ------------- | ------------------------- |
 | `WG_PORT`      | `51820`       | WireGuard interface port  |
 | `WG_DEVICE`    | `eth0`        | Network device/interface  |
 | `WG_MTU`       | `1420`        | Maximum Transmission Unit |
 | `WG_IPV4_CIDR` | `10.8.0.0/24` | IPv4 CIDR range           |
 | `WG_IPV6_CIDR` | `fdcc::/112`  | IPv6 CIDR range           |
 ### Client Connection Settings
 | Env                               | Example           | Description                     |
 | --------------------------------- | ----------------- | ------------------------------- |
 | `WG_HOST`                         | `vpn.example.com` | Host clients will connect to    |
 | `WG_CLIENT_PORT`                  | `51820`           | Port clients will connect to    |
 | `WG_DEFAULT_DNS`                  | `1.1.1.1,8.8.8.8` | Default DNS servers for clients |
 | `WG_DEFAULT_ALLOWED_IPS`          | `0.0.0.0/0,::/0`  | Default allowed IPs for clients |
 | `WG_DEFAULT_MTU`                  | `1420`            | Default MTU for clients         |
 | `WG_DEFAULT_PERSISTENT_KEEPALIVE` | `25`              | Default persistent keepalive    |
 ### General Settings
 | Env                     | Example           | Description               |
 | ----------------------- | ----------------- | ------------------------- |
 | `WG_SESSION_TIMEOUT`    | `3600`            | Session timeout (seconds) |
 | `WG_METRICS_PASSWORD`   | `mypassword123`   | Metrics endpoint password |
 | `WG_METRICS_PROMETHEUS` | `true` or `false` | Enable Prometheus metrics |
 | `WG_METRICS_JSON`       | `true` or `false` | Enable JSON metrics       |
 ### Hooks
 | Env            | Example                   | Description           |
 | -------------- | ------------------------- | --------------------- |
 | `WG_PRE_UP`    | `echo "Starting WG"`      | PreUp hook command    |
 | `WG_POST_UP`   | `iptables -A FORWARD ...` | PostUp hook command   |
 | `WG_PRE_DOWN`  | `echo "Stopping WG"`      | PreDown hook command  |
 | `WG_POST_DOWN` | `iptables -D FORWARD ...` | PostDown hook command |
 /// warning | Override Behavior
 When these override environment variables are set:
 - The specified values will be used at runtime instead of database settings
 - You can still update these fields through the Web UI and they will be saved to the database
 - However, the overridden values from environment variables will always take precedence at runtime
 - The Web UI will display the database values with warning indicators showing which fields are overridden
 - On first start, if no database values exist, some overridden values will be saved to the database
 Some overrides will not be applied to existing clients until they are manually edited.
 - `WG_DEFAULT_*` settings will only apply to new clients
 - `WG_IPV4_CIDR` and `WG_IPV6_CIDR` changes will require clients to be manually edited to take effect
 ///
 /// note | Note on Port Variables
 - `WG_PORT` - The port WireGuard listens on (interface port)
 - `WG_CLIENT_PORT` - The port clients connect to (endpoint port, uses `WG_PORT` if not set)
 - `PORT` - The port the Web UI listens on (HTTP server port)
 In most cases you will only need to set `WG_PORT` to change the WireGuard port.
 Keep in mind that you have to adjust both sides of the port publish option in your docker setup.
 ///
@@ -11,20 +11,18 @@ These will only be used during the first start of the container. After that, the
 | `INIT_ENABLED`     | `true`                       | Enables the below env vars                                | 0     |
 | `INIT_USERNAME`    | `admin`                      | Sets admin username                                       | 1     |
 | `INIT_PASSWORD`    | `Se!ureP%ssw`                | Sets admin password                                       | 1     |
-| `INIT_HOST`        | `vpn.example.com`            | Host clients will connect to                              | 2     |
+| `INIT_HOST`        | `vpn.example.com`            | Host clients will connect to                              | 1     |
-| `INIT_PORT`        | `51820`                      | Port clients will connect to and WireGuard will listen on | 2     |
+| `INIT_PORT`        | `51820`                      | Port clients will connect to and wireguard will listen on | 1     |
-| `INIT_DNS`         | `1.1.1.1,8.8.8.8`            | Sets global dns setting                                   | 3     |
+| `INIT_DNS`         | `1.1.1.1,8.8.8.8`            | Sets global dns setting                                   | 2     |
-| `INIT_IPV4_CIDR`   | `10.8.0.0/24`                | Sets IPv4 cidr                                            | 4     |
+| `INIT_IPV4_CIDR`   | `10.8.0.0/24`                | Sets IPv4 cidr                                            | 3     |
-| `INIT_IPV6_CIDR`   | `2001:0DB8::/32`             | Sets IPv6 cidr                                            | 4     |
+| `INIT_IPV6_CIDR`   | `2001:0DB8::/32`             | Sets IPv6 cidr                                            | 3     |
-| `INIT_ALLOWED_IPS` | `10.8.0.0/24,2001:0DB8::/32` | Sets global Allowed IPs                                   | 5     |
+| `INIT_ALLOWED_IPS` | `10.8.0.0/24,2001:0DB8::/32` | Sets global Allowed IPs                                   | 4     |
 /// warning | Variables have to be used together
 If variables are in the same group, you have to set all of them. For example, if you set `INIT_IPV4_CIDR`, you also have to set `INIT_IPV6_CIDR`.
-To skip the setup process, you must configure groups `1` and `2`. You can alternatively use `WG_HOST` and `WG_PORT` to set group `2` without using the `INIT_` variables.
+If you want to skip the setup process, you have to configure group `1`
 Avoid setting both `INIT_` and `WG_` variables for the same setting to prevent confusion.
 ///
 /// note | Security
@@ -51,9 +51,7 @@ In the setup wizard, select that you already have a configuration file and uploa
 ### Environment Variables
-v15 does use some of the environment variables as v14. View [Configuration Overrides](../config/optional-config.md#configuration-overrides) to see which environment variables are supported in v15.
+v15 does not use the same environment variables as v14, most of them have been moved to the Admin Panel in the Web UI.
 If you want to be able to change settings through the Web UI, do not set the corresponding environment variables, as they will override the database settings. Instead, manually change the settings through the Web UI after the migration.
 ### Done
@@ -0,0 +1,29 @@
 <template>
  <div class="overflow-x-auto rounded border-2 border-red-800 py-2">
    <pre
      class="mx-2 inline-block"
      @click="selectCode"
    ><code ref="codeBlock">{{ code }}</code></pre>
  </div>
 </template>
 <script setup lang="ts">
 defineProps<{
  code: string;
 }>();
 const codeBlock = useTemplateRef('codeBlock');
 function selectCode() {
  // TODO: keyboard support?
  if (codeBlock.value) {
    const range = document.createRange();
    range.selectNodeContents(codeBlock.value);
    const sel = window.getSelection();
    if (sel) {
      sel.removeAllRanges();
      sel.addRange(range);
    }
  }
 }
 </script>
@@ -0,0 +1,74 @@
 <template>
  <BaseDialog :trigger-class="triggerClass">
    <template #trigger>
      <slot />
    </template>
    <template #title>
      {{ $t('client.config') }}
    </template>
    <template #description>
      <div v-if="status === 'success'">
        <BaseCodeBlock :code="config ?? ''" />
      </div>
      <div v-else>
        <span>{{ $t('general.loading') }}</span>
      </div>
    </template>
    <template #actions>
      <DialogClose as-child>
        <BaseSecondaryButton>{{ $t('dialog.cancel') }}</BaseSecondaryButton>
      </DialogClose>
      <DialogClose as-child>
        <BasePrimaryButton @click="copyCode">
          {{ $t('copy.copy') }}
        </BasePrimaryButton>
      </DialogClose>
    </template>
  </BaseDialog>
 </template>
 <script setup lang="ts">
 const props = defineProps<{ triggerClass?: string; clientId: number }>();
 const toast = useToast();
 const { copied, copy, isSupported } = useClipboard({
  // fallback does not work
  legacy: false,
 });
 const { data: config, status } = useFetch(
  `/api/client/${props.clientId}/configuration`,
  {
    responseType: 'text',
    server: false,
  }
 );
 async function copyCode() {
  if (status.value !== 'success') {
    return;
  }
  if (!isSupported.value) {
    toast.showToast({
      type: 'error',
      message: $t('copy.notSupported'),
    });
    return;
  }
  await copy(config.value ?? '');
  if (copied.value) {
    toast.showToast({
      type: 'success',
      message: $t('copy.copied'),
    });
  } else {
    toast.showToast({
      type: 'error',
      message: $t('copy.failed'),
    });
  }
 }
 </script>
@@ -9,7 +9,7 @@
      </div>
    </template>
    <template #actions>
-      <DialogClose>
+      <DialogClose as-child>
        <BaseSecondaryButton>{{ $t('dialog.cancel') }}</BaseSecondaryButton>
      </DialogClose>
    </template>
@@ -1,12 +1,5 @@
 <template>
  <div class="flex flex-col gap-2">
    <div
      v-if="overridden"
      class="flex w-fit items-center gap-2 rounded-lg bg-amber-50 p-2 text-sm text-amber-700 dark:bg-amber-900/20 dark:text-amber-400"
    >
      <IconsWarning class="size-4" />
      <span>This field is overridden by an environment variable</span>
    </div>
    <div v-if="data?.length === 0">
      {{ emptyText || $t('form.noItems') }}
    </div>
@@ -42,11 +35,7 @@
 <script lang="ts" setup>
 const data = defineModel<string[]>();
-defineProps<{
+defineProps<{ emptyText?: string[]; name: string }>();
  emptyText?: string[];
  name: string;
  overridden?: boolean;
 }>();
 function update(e: Event, i: number) {
  const v = (e.target as HTMLInputElement).value;
@@ -6,12 +6,6 @@
    <BaseTooltip v-if="description" :text="description">
      <IconsInfo class="size-4" />
    </BaseTooltip>
    <BaseTooltip
      v-if="overridden"
      text="This field is overridden by an environment variable"
    >
      <IconsWarning class="size-4 text-amber-500" />
    </BaseTooltip>
  </div>
  <div class="flex gap-1">
    <BaseInput
@@ -44,7 +38,6 @@ defineProps<{
  description?: string;
  placeholder?: string;
  url: '/api/admin/ip-info' | '/api/setup/4';
  overridden?: boolean;
 }>();
 const data = defineModel<string | null>({
@@ -6,12 +6,6 @@
    <BaseTooltip v-if="description" :text="description">
      <IconsInfo class="size-4" />
    </BaseTooltip>
    <BaseTooltip
      v-if="overridden"
      text="This field is overridden by an environment variable"
    >
      <IconsWarning class="size-4 text-amber-500" />
    </BaseTooltip>
  </div>
  <BaseInput
    :id="id"
@@ -30,7 +24,6 @@ defineProps<{
  description?: string;
  autocomplete?: string;
  placeholder?: string;
  overridden?: boolean;
 }>();
 const data = defineModel<string | null>({
@@ -6,23 +6,12 @@
    <BaseTooltip v-if="description" :text="description">
      <IconsInfo class="size-4" />
    </BaseTooltip>
    <BaseTooltip
      v-if="overridden"
      text="This field is overridden by an environment variable"
    >
      <IconsWarning class="size-4 text-amber-500" />
    </BaseTooltip>
  </div>
  <BaseInput :id="id" v-model.number="data" :name="id" type="number" />
 </template>
 <script lang="ts" setup>
-defineProps<{
+defineProps<{ id: string; label: string; description?: string }>();
  id: string;
  label: string;
  description?: string;
  overridden?: boolean;
 }>();
 const data = defineModel<number>();
 </script>
@@ -6,22 +6,11 @@
    <BaseTooltip v-if="description" :text="description">
      <IconsInfo class="size-4" />
    </BaseTooltip>
    <BaseTooltip
      v-if="overridden"
      text="This field is overridden by an environment variable"
    >
      <IconsWarning class="size-4 text-amber-500" />
    </BaseTooltip>
  </div>
  <BaseSwitch :id="id" v-model="data" />
 </template>
 <script lang="ts" setup>
-defineProps<{
+defineProps<{ id: string; label: string; description?: string }>();
  id: string;
  label: string;
  description?: string;
  overridden?: boolean;
 }>();
 const data = defineModel<boolean>();
 </script>
@@ -6,12 +6,6 @@
    <BaseTooltip v-if="description" :text="description">
      <IconsInfo class="size-4" />
    </BaseTooltip>
    <BaseTooltip
      v-if="overridden"
      text="This field is overridden by an environment variable"
    >
      <IconsWarning class="size-4 text-amber-500" />
    </BaseTooltip>
  </div>
  <BaseInput
    :id="id"
@@ -30,7 +24,6 @@ defineProps<{
  description?: string;
  autocomplete?: string;
  disabled?: boolean;
  overridden?: boolean;
 }>();
 const data = defineModel<string>();
@@ -9,14 +9,12 @@
          :label="$t('general.host')"
          :description="$t('admin.config.hostDesc')"
          url="/api/admin/ip-info"
          :overridden="overrides?.host"
        />
        <FormNumberField
          id="port"
          v-model="data.port"
          :label="$t('general.port')"
          :description="$t('admin.config.portDesc')"
          :overridden="overrides?.port"
        />
      </FormGroup>
      <FormGroup>
@@ -26,18 +24,13 @@
        <FormArrayField
          v-model="data.defaultAllowedIps"
          name="defaultAllowedIps"
          :overridden="overrides?.defaultAllowedIps"
        />
      </FormGroup>
      <FormGroup>
        <FormHeading :description="$t('admin.config.dnsDesc')">
          {{ $t('general.dns') }}
        </FormHeading>
-        <FormArrayField
+        <FormArrayField v-model="data.defaultDns" name="defaultDns" />
          v-model="data.defaultDns"
          name="defaultDns"
          :overridden="overrides?.defaultDns"
        />
      </FormGroup>
      <FormGroup>
        <FormHeading>{{ $t('form.sectionAdvanced') }}</FormHeading>
@@ -46,14 +39,12 @@
          v-model="data.defaultMtu"
          :label="$t('general.mtu')"
          :description="$t('admin.config.mtuDesc')"
          :overridden="overrides?.defaultMtu"
        />
        <FormNumberField
          id="defaultPersistentKeepalive"
          v-model="data.defaultPersistentKeepalive"
          :label="$t('general.persistentKeepalive')"
          :description="$t('admin.config.persistentKeepaliveDesc')"
          :overridden="overrides?.defaultPersistentKeepalive"
        />
      </FormGroup>
      <FormGroup v-if="globalStore.information?.isAwg">
@@ -127,12 +118,6 @@ const { data: _data, refresh } = await useFetch(`/api/admin/userconfig`, {
  method: 'get',
 });
 const { data: overridesData } = await useFetch(`/api/admin/overrides`, {
  method: 'get',
 });
 const overrides = computed(() => overridesData.value?.userConfig);
 const data = toRef(_data.value);
 const _submit = useSubmit(
@@ -7,7 +7,6 @@
          v-model="data.sessionTimeout"
          :label="$t('admin.general.sessionTimeout')"
          :description="$t('admin.general.sessionTimeoutDesc')"
          :overridden="overrides?.sessionTimeout"
        />
      </FormGroup>
      <FormGroup>
@@ -17,21 +16,18 @@
          v-model="data.metricsPassword"
          :label="$t('admin.general.metricsPassword')"
          :description="$t('admin.general.metricsPasswordDesc')"
          :overridden="overrides?.metricsPassword"
        />
        <FormSwitchField
          id="prometheus"
          v-model="data.metricsPrometheus"
          :label="$t('admin.general.prometheus')"
          :description="$t('admin.general.prometheusDesc')"
          :overridden="overrides?.metricsPrometheus"
        />
        <FormSwitchField
          id="json"
          v-model="data.metricsJson"
          :label="$t('admin.general.json')"
          :description="$t('admin.general.jsonDesc')"
          :overridden="overrides?.metricsJson"
        />
      </FormGroup>
      <FormGroup>
@@ -47,13 +43,6 @@
 const { data: _data, refresh } = await useFetch(`/api/admin/general`, {
  method: 'get',
 });
 const { data: overridesData } = await useFetch(`/api/admin/overrides`, {
  method: 'get',
 });
 const overrides = computed(() => overridesData.value?.general);
 const data = toRef(_data.value);
 const _submit = useSubmit(
@@ -6,25 +6,21 @@
          id="PreUp"
          v-model="data.preUp"
          :label="$t('hooks.preUp')"
          :overridden="overrides?.preUp"
        />
        <FormTextField
          id="PostUp"
          v-model="data.postUp"
          :label="$t('hooks.postUp')"
          :overridden="overrides?.postUp"
        />
        <FormTextField
          id="PreDown"
          v-model="data.preDown"
          :label="$t('hooks.preDown')"
          :overridden="overrides?.preDown"
        />
        <FormTextField
          id="PostDown"
          v-model="data.postDown"
          :label="$t('hooks.postDown')"
          :overridden="overrides?.postDown"
        />
      </FormGroup>
      <FormGroup>
@@ -41,12 +37,6 @@ const { data: _data, refresh } = await useFetch(`/api/admin/hooks`, {
  method: 'get',
 });
 const { data: overridesData } = await useFetch(`/api/admin/overrides`, {
  method: 'get',
 });
 const overrides = computed(() => overridesData.value?.hooks);
 const data = toRef(_data.value);
 const _submit = useSubmit(
@@ -7,21 +7,18 @@
          v-model="data.mtu"
          :label="$t('general.mtu')"
          :description="$t('admin.interface.mtuDesc')"
          :overridden="overrides?.mtu"
        />
        <FormNumberField
          id="port"
          v-model="data.port"
          :label="$t('general.port')"
          :description="$t('admin.interface.portDesc')"
          :overridden="overrides?.port"
        />
        <FormTextField
          id="device"
          v-model="data.device"
          :label="$t('admin.interface.device')"
          :description="$t('admin.interface.deviceDesc')"
          :overridden="overrides?.device"
        />
      </FormGroup>
      <FormGroup v-if="globalStore.information?.isAwg">
@@ -167,12 +164,6 @@ const { data: _data, refresh } = await useFetch(`/api/admin/interface`, {
  method: 'get',
 });
 const { data: overridesData } = await useFetch(`/api/admin/overrides`, {
  method: 'get',
 });
 const overrides = computed(() => overridesData.value?.interface);
 const data = toRef(_data.value);
 const _submit = useSubmit(
@@ -186,6 +186,18 @@
                as="span"
              />
            </ClientsDeleteDialog>
            <ClientsConfigDialog
              trigger-class="col-span-2"
              :client-id="data.id"
            >
              <FormSecondaryActionField
                :label="$t('client.viewConfig')"
                class="w-full"
                type="button"
                tabindex="-1"
                as="span"
              />
            </ClientsConfigDialog>
          </FormGroup>
        </FormElement>
      </PanelBody>
@@ -55,16 +55,10 @@ const _submit = useSubmit(
    method: 'post',
  },
  {
-    revert: async (success, data) => {
+    revert: async (success) => {
      if (success) {
        if (data?.setupDone) {
          // Setup is complete, redirect to success page
          await navigateTo('/setup/success');
        } else {
          // Continue to step 3
        await navigateTo('/setup/3');
      }
      }
    },
    noSuccessToast: true,
  }
@@ -7,6 +7,7 @@ import it from './locales/it.json';
 import ru from './locales/ru.json';
 import zhhk from './locales/zh-HK.json';
 import zhcn from './locales/zh-CN.json';
 import zhtw from './locales/zh-TW.json';
 import ko from './locales/ko.json';
 import es from './locales/es.json';
 import ptbr from './locales/pt-BR.json';
@@ -27,6 +28,7 @@ export default defineI18nConfig(() => ({
    ru,
    'zh-HK': zhhk,
    'zh-CN': zhcn,
    'zh-TW': zhtw,
    ko,
    es,
    'pt-BR': ptbr,
@@ -117,7 +117,9 @@
    "notConnected": "Client not connected",
    "endpoint": "Endpoint",
    "endpointDesc": "IP of the client from which the WireGuard connection is established",
-    "search": "Search clients..."
+    "search": "Search clients...",
    "config": "Configuration",
    "viewConfig": "View Configuration"
  },
  "dialog": {
    "change": "Change",
@@ -238,6 +240,12 @@
    "preDown": "PreDown",
    "postDown": "PostDown"
  },
  "copy": {
    "notSupported": "Copy is not supported",
    "copied": "Copied!",
    "failed": "Copy failed",
    "copy": "Copy"
  },
  "awg": {
    "jCLabel": "Junk packet count (Jc)",
    "jCDescription": "Number of junk packets to send (1-128, recommended: 4-12)",
@@ -116,7 +116,8 @@
    "dnsDesc": "DNS сервер, який використовуватимуть клієнти (перевизначає глобальну конфігурацію)",
    "notConnected": "Клієнт не підключений",
    "endpoint": "Кінцева точка",
-    "endpointDesc": "IP-адреса клієнта, з якої встановлюється з’єднання WireGuard"
+    "endpointDesc": "IP-адреса клієнта, з якої встановлюється з’єднання WireGuard",
    "search": "Пошук клієнтів..."
  },
  "dialog": {
    "change": "Змінити",
@@ -236,5 +237,41 @@
    "postUp": "PostUp",
    "preDown": "PreDown",
    "postDown": "PostDown"
  },
  "awg": {
    "jCLabel": "Кількість сміттєвих пакетів (Jc)",
    "jCDescription": "Кількість сміттєвих пакетів для відправки (1–128, рекомендовано: 4–12)",
    "jMinLabel": "Мінімальний розмір сміттєвого пакета (Jmin)",
    "jMinDescription": "Мінімальний розмір сміттєвих пакетів (0–1279*, рекомендовано: 8, має бути < Jmax)",
    "jMaxLabel": "Максимальний розмір сміттєвого пакета (Jmax)",
    "jMaxDescription": "Максимальний розмір сміттєвих пакетів (1–1280*, рекомендовано: 80, має бути > Jmin)",
    "s1Label": "Розмір сміттєвих даних у початковому пакеті (S1)",
    "s1Description": "Розмір сміттєвих даних у початковому пакеті (0–1132 [1280* - 148 = 1132], рекомендовано: 15–150, S1+56 ≠ S2)",
    "s2Label": "Розмір сміттєвих даних у пакеті відповіді (S2)",
    "s2Description": "Розмір сміттєвих даних у пакеті відповіді (0–1188 [1280* - 92 = 1188], рекомендовано: 15–150)",
    "s3Label": "Розмір сміттєвих даних у пакеті «cookie reply» (S3)",
    "s3Description": "Розмір сміттєвих даних у пакеті «cookie reply»",
    "s4Label": "Розмір сміттєвих даних у транспортному пакеті (S4)",
    "s4Description": "Розмір сміттєвих даних у транспортному пакеті",
    "i1Label": "Спеціальний сміттєвий пакет 1 (I1)",
    "i1Description": "Пакет-імітація протоколу у hex-форматі: <b 0x...>",
    "i2Label": "Спеціальний сміттєвий пакет 2 (I2)",
    "i2Description": "Пакет-імітація протоколу у hex-форматі: <b 0x...>",
    "i3Label": "Спеціальний сміттєвий пакет 3 (I3)",
    "i3Description": "Пакет-імітація протоколу у hex-форматі: <b 0x...>",
    "i4Label": "Спеціальний сміттєвий пакет 4 (I4)",
    "i4Description": "Пакет-імітація протоколу у hex-форматі: <b 0x...>",
    "i5Label": "Спеціальний сміттєвий пакет 5 (I5)",
    "i5Description": "Пакет-імітація протоколу у hex-форматі: <b 0x...>",
    "h1Label": "Початковий магічний заголовок (H1)",
    "h1Description": "Значення заголовка початкового пакета (5–2147483647, має бути унікальним від H2–H4)",
    "h2Label": "Магічний заголовок відповіді (H2)",
    "h2Description": "Значення заголовка пакета відповіді (5–2147483647, має бути унікальним від H1, H3, H4)",
    "h3Label": "Магічний заголовок «cookie reply» (H3)",
    "h3Description": "Значення заголовка пакета «cookie reply» (5–2147483647, має бути унікальним від H1, H2, H4)",
    "h4Label": "Магічний заголовок транспортного пакета (H4)",
    "h4Description": "Значення заголовка транспортного пакета (5–2147483647, має бути унікальним від H1–H3)",
    "mtuNote": "Значення залежать від MTU",
    "obfuscationParameters": "Параметри обфускації AmneziaWG"
  }
 }
@@ -0,0 +1,277 @@
 {
  "pages": {
    "me": "帳戶",
    "clients": "用戶端",
    "admin": {
      "panel": "管理面板",
      "general": "一般設定",
      "config": "組態設定",
      "interface": "介面設定",
      "hooks": "Hook 設定"
    }
  },
  "user": {
    "email": "電子郵件"
  },
  "me": {
    "currentPassword": "目前密碼",
    "enable2fa": "啟用兩步驟驗證",
    "enable2faDesc": "請使用您的驗證碼應用程式掃描 QR Code，或手動輸入金鑰。",
    "2faKey": "TOTP 金鑰",
    "2faCodeDesc": "請輸入驗證碼應用程式提供的驗證碼。",
    "disable2fa": "停用兩步驟驗證",
    "disable2faDesc": "請輸入您的密碼以停用兩步驟驗證。"
  },
  "general": {
    "name": "名稱",
    "username": "使用者名稱",
    "password": "密碼",
    "newPassword": "新密碼",
    "updatePassword": "更新密碼",
    "mtu": "MTU",
    "allowedIps": "允許的 IP",
    "dns": "DNS",
    "persistentKeepalive": "保持連線",
    "logout": "登出",
    "continue": "繼續",
    "host": "主機",
    "port": "連接埠",
    "yes": "是",
    "no": "否",
    "confirmPassword": "確認密碼",
    "loading": "正在載入...",
    "2fa": "兩步驟驗證",
    "2faCode": "TOTP 驗證碼"
  },
  "setup": {
    "welcome": "歡迎首次設定您的 wg-easy",
    "welcomeDesc": "這是您在任何 Linux 主機上安裝與管理 WireGuard 最簡單的方式",
    "existingSetup": "您已有現存的設定了嗎?",
    "createAdminDesc": "請先輸入管理員使用者名稱與高強度密碼。此資訊將用於登入管理面板。",
    "setupConfigDesc": "請輸入主機與連接埠資訊。此資訊將用於設定用戶端的 WireGuard 連線。",
    "setupMigrationDesc": "若要從先前的 wg-easy 版本移轉資料，請提供備份檔案。",
    "upload": "上傳",
    "migration": "還原備份:",
    "createAccount": "建立帳戶",
    "successful": "設定成功",
    "hostDesc": "用戶端將連線的公開主機名稱",
    "portDesc": "用戶端將連線的公開 UDP 連接埠，且 WireGuard 會在此監聽"
  },
  "update": {
    "updateAvailable": "已有更新可供使用!",
    "update": "更新"
  },
  "theme": {
    "dark": "深色佈景主題",
    "light": "淺色佈景主題",
    "system": "系統佈景主題"
  },
  "layout": {
    "toggleCharts": "顯示/隱藏圖表",
    "donate": "贊助"
  },
  "login": {
    "signIn": "登入",
    "rememberMe": "記住我",
    "rememberMeDesc": "關閉瀏覽器後仍保持登入狀態",
    "insecure": "您無法在不安全的連線下登入。請使用 HTTPS。",
    "2faRequired": "需要兩步驟驗證",
    "2faWrong": "兩步驟驗證碼不正確"
  },
  "client": {
    "empty": "尚無用戶端。",
    "newShort": "新增",
    "sort": "排序",
    "create": "建立用戶端",
    "created": "已建立用戶端",
    "new": "新增用戶端",
    "name": "名稱",
    "expireDate": "到期日",
    "expireDateDesc": "用戶端將被停用的日期。留白表示永久有效",
    "deleteClient": "刪除用戶端",
    "deleteDialog1": "您確定要刪除",
    "deleteDialog2": "此動作無法復原。",
    "enabled": "啟用",
    "address": "位址",
    "serverAllowedIps": "伺服器允許的 IP",
    "otlDesc": "產生暫時性單次連結",
    "permanent": "永久",
    "createdOn": "建立於 ",
    "lastSeen": "上次連線於 ",
    "totalDownload": "總下載量: ",
    "totalUpload": "總上傳量: ",
    "newClient": "新增用戶端",
    "disableClient": "停用用戶端",
    "enableClient": "啟用用戶端",
    "noPrivKey": "此用戶端沒有已知的私密金鑰，無法建立設定。",
    "showQR": "顯示 QR Code",
    "downloadConfig": "下載組態設定檔",
    "allowedIpsDesc": "將透過 VPN 路由的 IP (會覆寫全域設定)",
    "serverAllowedIpsDesc": "伺服器將路由至用戶端的 IP",
    "mtuDesc": "設定 VPN 通道的最大傳輸單位 (封包大小)",
    "persistentKeepaliveDesc": "Keep-alive 封包的間隔秒數。0 表示停用",
    "hooks": "Hook 設定",
    "hooksDescription": "Hook 設定僅適用於 wg-quick",
    "hooksLeaveEmpty": "僅適用於 wg-quick，否則請保持空白",
    "dnsDesc": "用戶端使用的 DNS 伺服器 (會覆寫全域設定)",
    "notConnected": "用戶端未連線",
    "endpoint": "端點",
    "endpointDesc": "用戶端建立 WireGuard 連線的來源 IP",
    "search": "搜尋用戶端..."
  },
  "dialog": {
    "change": "變更",
    "cancel": "取消",
    "create": "建立"
  },
  "toast": {
    "success": "成功",
    "saved": "已儲存",
    "error": "錯誤"
  },
  "form": {
    "actions": "操作",
    "save": "儲存",
    "revert": "還原",
    "sectionGeneral": "一般設定",
    "sectionAdvanced": "進階設定",
    "noItems": "沒有項目",
    "nullNoItems": "沒有項目。使用全域設定",
    "add": "新增"
  },
  "admin": {
    "general": {
      "sessionTimeout": "工作階段逾時",
      "sessionTimeoutDesc": "「記住我」的工作階段持續時間 (秒)",
      "metrics": "計量",
      "metricsPassword": "密碼",
      "metricsPasswordDesc": "計量端點的 Bearer 密碼 (密碼或 argon2 雜湊)",
      "json": "JSON",
      "jsonDesc": "提供 JSON 格式計量的路由",
      "prometheus": "Prometheus",
      "prometheusDesc": "提供 Prometheus 計量的路由"
    },
    "config": {
      "connection": "連線",
      "hostDesc": "用戶端將連線的公開主機名稱 (變更後會使目前組態設定檔失效)",
      "portDesc": "用戶端將連線的公開 UDP 連接埠 (變更後會使目前組態設定檔失效，您可能也需要變更介面連接埠)",
      "allowedIpsDesc": "用戶端將使用的允許 IP (全域設定)",
      "dnsDesc": "用戶端將使用的 DNS 伺服器 (全域設定)",
      "mtuDesc": "用戶端使用的 MTU (僅適用於新用戶端)",
      "persistentKeepaliveDesc": "傳送 keepalive 的間隔秒數。以 0 表示停用 (僅適用於新用戶端)",
      "suggest": "建議",
      "suggestDesc": "為主機欄位選擇 IP 位址或主機名稱"
    },
    "interface": {
      "cidrSuccess": "已變更 CIDR",
      "device": "裝置",
      "deviceDesc": "用於轉送 WireGuard 流量的乙太網路裝置",
      "mtuDesc": "WireGuard 將使用的 MTU",
      "portDesc": "WireGuard 監聽的 UDP 連接埠 (您可能也需要變更連接埠組態設定檔)",
      "changeCidr": "變更 CIDR",
      "restart": "重新啟動介面",
      "restartDesc": "重新啟動 WireGuard 介面",
      "restartWarn": "您確定要重新啟動介面嗎? 所有用戶端將被中斷連線。",
      "restartSuccess": "介面已重新啟動"
    },
    "introText": "歡迎使用管理面板。\n\n您可在此管理一般、組態、介面與 Hook 設定。\n\n請從側邊欄選擇任一項目開始。"
  },
  "zod": {
    "generic": {
      "required": "{0} 為必填項目",
      "validNumber": "{0} 必須為有效的數字",
      "validString": "{0} 必須為有效的字串",
      "validBoolean": "{0} 必須為有效的布林值",
      "validArray": "{0} 必須為有效的陣列",
      "stringMin": "{0} 至少需要 {1} 個字元",
      "numberMin": "{0} 不能小於 {1}"
    },
    "client": {
      "id": "用戶端 ID",
      "name": "名稱",
      "expiresAt": "到期時間",
      "address4": "IPv4 位址",
      "address6": "IPv6 位址",
      "serverAllowedIps": "伺服器允許的 IP"
    },
    "user": {
      "username": "使用者名稱",
      "password": "密碼",
      "remember": "記住我",
      "name": "名稱",
      "email": "電子郵件",
      "emailInvalid": "電子郵件格式無效",
      "passwordMatch": "密碼必須一致",
      "totpEnable": "啟用 TOTP",
      "totpEnableTrue": "必須啟用 TOTP",
      "totpCode": "TOTP 驗證碼"
    },
    "userConfig": {
      "host": "主機"
    },
    "general": {
      "sessionTimeout": "工作階段逾時",
      "metricsEnabled": "計量",
      "metricsPassword": "計量密碼"
    },
    "interface": {
      "cidr": "CIDR",
      "device": "裝置",
      "cidrValid": "CIDR 格式無效"
    },
    "otl": "單次連結",
    "stringMalformed": "字串格式錯誤",
    "body": "Body 必須為有效的物件",
    "hook": "Hook",
    "enabled": "啟用",
    "mtu": "MTU",
    "port": "連接埠",
    "persistentKeepalive": "保持連線",
    "address": "IP 位址",
    "dns": "DNS",
    "allowedIps": "允許的 IP",
    "file": "檔案"
  },
  "hooks": {
    "preUp": "PreUp",
    "postUp": "PostUp",
    "preDown": "PreDown",
    "postDown": "PostDown"
  },
  "awg": {
    "jCLabel": "填充封包數量 (Jc)",
    "jCDescription": "要傳送的填充封包數量 (1-128，建議: 4-12)",
    "jMinLabel": "填充封包最小大小 (Jmin)",
    "jMinDescription": "填充封包的最小大小 (0-1279*，建議: 8，必須小於 Jmax)",
    "jMaxLabel": "填充封包最大大小 (Jmax)",
    "jMaxDescription": "填充封包的最大大小 (1-1280*，建議: 80，必須大於 Jmin)",
    "s1Label": "初始封包填充大小 (S1)",
    "s1Description": "初始封包填充大小 (0-1132 [1280* - 148 = 1132]，建議: 15-150，S1+56 ≠ S2)",
    "s2Label": "回應封包填充大小 (S2)",
    "s2Description": "回應封包填充大小 (0-1188 [1280* - 92 = 1188]，建議: 15-150)",
    "s3Label": "Cookie 回覆封包填充大小 (S3)",
    "s3Description": "Cookie 回覆封包填充大小",
    "s4Label": "傳輸封包填充大小 (S4)",
    "s4Description": "傳輸封包填充大小",
    "i1Label": "特殊填充封包 1 (I1)",
    "i1Description": "協定模仿封包 (16 進位格式): <b 0x...>",
    "i2Label": "特殊填充封包 2 (I2)",
    "i2Description": "協定模仿封包 (16 進位格式): <b 0x...>",
    "i3Label": "特殊填充封包 3 (I3)",
    "i3Description": "協定模仿封包 (16 進位格式): <b 0x...>",
    "i4Label": "特殊填充封包 4 (I4)",
    "i4Description": "協定模仿封包 (16 進位格式): <b 0x...>",
    "i5Label": "特殊填充封包 5 (I5)",
    "i5Description": "協定模仿封包 (16 進位格式): <b 0x...>",
    "h1Label": "初始特徵標頭 (H1)",
    "h1Description": "初始封包標頭值 (5-2147483647，必須與 H2-H4 不同)",
    "h2Label": "回應特徵標頭 (H2)",
    "h2Description": "回應封包標頭值 (5-2147483647，必須與 H1、H3、H4 不同)",
    "h3Label": "Cookie 回覆特徵標頭 (H3)",
    "h3Description": "Cookie 回覆封包標頭值 (5-2147483647，必須與 H1、H2、H4 不同)",
    "h4Label": "傳輸特徵標頭 (H4)",
    "h4Description": "傳輸封包標頭值 (5-2147483647，必須與 H1-H3 不同)",
    "mtuNote": "數值取決於 MTU",
    "obfuscationParameters": "AmneziaWG 混淆參數"
  }
 }
@@ -79,6 +79,11 @@ export default defineNuxtConfig({
        language: 'zh-HK',
        name: '繁體中文（香港）',
      },
      {
        code: 'zh-TW',
        language: 'zh-TW',
        name: '正體中文 (台灣)',
      },
      {
        code: 'pl',
        language: 'pl-PL',
@@ -1,6 +1,6 @@
 {
  "name": "wg-easy",
-  "version": "15.2.0-beta.1",
+  "version": "15.2.0-beta.2",
  "description": "The easiest way to run WireGuard VPN + Web-based Admin UI.",
  "private": true,
  "type": "module",
@@ -8,6 +8,7 @@ export default definePermissionEventHandler(
      event,
      validateZod(InterfaceCidrUpdateSchema, event)
    );
    await Database.interfaces.updateCidr(data);
    await WireGuard.saveConfig();
    return { success: true };
@@ -1,34 +0,0 @@
 export default definePermissionEventHandler('admin', 'any', async () => {
  return {
    interface: {
      port: WG_OVERRIDE_ENV.PORT !== undefined,
      device: WG_OVERRIDE_ENV.DEVICE !== undefined,
      mtu: WG_OVERRIDE_ENV.MTU !== undefined,
      ipv4Cidr: WG_OVERRIDE_ENV.IPV4_CIDR !== undefined,
      ipv6Cidr: WG_OVERRIDE_ENV.IPV6_CIDR !== undefined,
    },
    userConfig: {
      host: WG_CLIENT_OVERRIDE_ENV.HOST !== undefined,
      port: WG_CLIENT_OVERRIDE_ENV.CLIENT_PORT !== undefined,
      defaultDns: WG_CLIENT_OVERRIDE_ENV.DEFAULT_DNS !== undefined,
      defaultAllowedIps:
        WG_CLIENT_OVERRIDE_ENV.DEFAULT_ALLOWED_IPS !== undefined,
      defaultMtu: WG_CLIENT_OVERRIDE_ENV.DEFAULT_MTU !== undefined,
      defaultPersistentKeepalive:
        WG_CLIENT_OVERRIDE_ENV.DEFAULT_PERSISTENT_KEEPALIVE !== undefined,
    },
    general: {
      sessionTimeout: WG_GENERAL_OVERRIDE_ENV.SESSION_TIMEOUT !== undefined,
      metricsPassword: WG_GENERAL_OVERRIDE_ENV.METRICS_PASSWORD !== undefined,
      metricsPrometheus:
        WG_GENERAL_OVERRIDE_ENV.METRICS_PROMETHEUS !== undefined,
      metricsJson: WG_GENERAL_OVERRIDE_ENV.METRICS_JSON !== undefined,
    },
    hooks: {
      preUp: WG_HOOKS_OVERRIDE_ENV.PRE_UP !== undefined,
      postUp: WG_HOOKS_OVERRIDE_ENV.POST_UP !== undefined,
      preDown: WG_HOOKS_OVERRIDE_ENV.PRE_DOWN !== undefined,
      postDown: WG_HOOKS_OVERRIDE_ENV.POST_DOWN !== undefined,
    },
  };
 });
@@ -8,19 +8,6 @@ export default defineSetupEventHandler(2, async ({ event }) => {
  await Database.users.create(username, password);
  // If host and port are already set by environment variables, skip step 4
  const host = WG_INITIAL_ENV.HOST ?? WG_CLIENT_OVERRIDE_ENV.HOST;
  const port = WG_INITIAL_ENV.PORT ?? WG_INTERFACE_OVERRIDE_ENV.PORT;
  const setupDone = host && port;
  if (setupDone) {
    // Skip to done
    await Database.general.setSetupStep(0);
  } else {
    // Proceed to step 3 (which leads to step 4)
  await Database.general.setSetupStep(3);
-  }
+  return { success: true };
  return { success: true, setupDone: setupDone };
 });
@@ -175,30 +175,26 @@ export class ClientService {
    return this.#db.transaction(async (tx) => {
      const clients = await tx.query.client.findMany().execute();
-      const _clientInterface = await tx.query.wgInterface
+      const clientInterface = await tx.query.wgInterface
        .findFirst({
          where: eq(wgInterface.name, 'wg0'),
        })
        .execute();
-      if (!_clientInterface) {
+      if (!clientInterface) {
        throw new Error('WireGuard interface not found');
      }
-      const clientInterface = applyInterfaceOverrides(_clientInterface);
+      const clientConfig = await tx.query.userConfig
      const _clientConfig = await tx.query.userConfig
        .findFirst({
          where: eq(userConfig.id, clientInterface.name),
        })
        .execute();
-      if (!_clientConfig) {
+      if (!clientConfig) {
        throw new Error('WireGuard interface configuration not found');
      }
      const clientConfig = applyUserConfigOverrides(_clientConfig);
      const ipv4Cidr = parseCidr(clientInterface.ipv4Cidr);
      const ipv4Address = nextIP(4, ipv4Cidr, clients);
      const ipv6Cidr = parseCidr(clientInterface.ipv6Cidr);
@@ -245,18 +241,16 @@ export class ClientService {
  update(id: ID, data: UpdateClientType) {
    return this.#db.transaction(async (tx) => {
-      const _clientInterface = await tx.query.wgInterface
+      const clientInterface = await tx.query.wgInterface
        .findFirst({
          where: eq(wgInterface.name, 'wg0'),
        })
        .execute();
-      if (!_clientInterface) {
+      if (!clientInterface) {
        throw new Error('WireGuard interface not found');
      }
      const clientInterface = applyInterfaceOverrides(_clientInterface);
      if (!containsCidr(clientInterface.ipv4Cidr, data.ipv4Address)) {
        throw new Error('IPv4 address is not within the CIDR range');
      }
@@ -278,8 +272,7 @@ export class ClientService {
    privateKey,
    publicKey,
  }: ClientCreateFromExistingType) {
-    const _clientConfig = await Database.userConfigs.get();
+    const clientConfig = await Database.userConfigs.get();
    const clientConfig = applyUserConfigOverrides(_clientConfig);
    return this.#db
      .insert(client)
@@ -101,27 +101,23 @@ async function initialSetup(db: DBServiceType) {
    });
  }
-  if (WG_INITIAL_ENV.USERNAME && WG_INITIAL_ENV.PASSWORD) {
+  if (
    WG_INITIAL_ENV.USERNAME &&
    WG_INITIAL_ENV.PASSWORD &&
    WG_INITIAL_ENV.HOST &&
    WG_INITIAL_ENV.PORT
  ) {
    DB_DEBUG('Creating initial user...');
    await db.users.create(WG_INITIAL_ENV.USERNAME, WG_INITIAL_ENV.PASSWORD);
    await db.general.setSetupStep(3);
  }
  // Use INIT vars or fall back to override vars for HOST and PORT
  const host = WG_INITIAL_ENV.HOST ?? WG_CLIENT_OVERRIDE_ENV.HOST;
  const port = WG_INITIAL_ENV.PORT ?? WG_INTERFACE_OVERRIDE_ENV.PORT;
  // HOST and PORT can come from either INIT vars or override vars
  if (host && port) {
    DB_DEBUG('Setting initial host and port...');
-    await db.userConfigs.updateHostPort(host, port);
+    await db.userConfigs.updateHostPort(
      WG_INITIAL_ENV.HOST,
      WG_INITIAL_ENV.PORT
    );
    // Setup completion requires USERNAME and PASSWORD (no overrides for these)
    if (WG_INITIAL_ENV.USERNAME && WG_INITIAL_ENV.PASSWORD) {
    await db.general.setSetupStep(0);
  }
  }
 }
 async function disableIpv6(db: DBType) {
@@ -9,17 +9,12 @@ export default defineEventHandler(async (event) => {
  const { step, done } = await Database.general.getSetupStep();
  if (!done) {
-    const parsedSetup = url.pathname.match(/\/setup\/(\d|migrate|success)/);
+    const parsedSetup = url.pathname.match(/\/setup\/(\d)/);
    if (!parsedSetup) {
      return sendRedirect(event, `/setup/1`, 302);
    }
    const [_, currentSetup] = parsedSetup;
    // Allow access to success page during setup
    if (currentSetup === 'success') {
      return;
    }
    if (step.toString() === currentSetup) {
      return;
    }
@@ -13,10 +13,7 @@ class WireGuard {
   * Save and sync config
   */
  async saveConfig() {
-    const wgInterface = applyInterfaceOverrides(
+    const wgInterface = await Database.interfaces.get();
      await Database.interfaces.get()
    );
    await this.#saveWireguardConfig(wgInterface);
    await this.#syncWireguardConfig(wgInterface);
  }
@@ -28,7 +25,7 @@ class WireGuard {
   */
  async #saveWireguardConfig(wgInterface: InterfaceType) {
    const clients = await Database.clients.getAll();
-    const hooks = applyHooksOverrides(await Database.hooks.get());
+    const hooks = await Database.hooks.get();
    const result = [];
    result.push(
@@ -153,12 +150,8 @@ class WireGuard {
  }
  async getClientConfiguration({ clientId }: { clientId: ID }) {
-    const wgInterface = applyInterfaceOverrides(
+    const wgInterface = await Database.interfaces.get();
-      await Database.interfaces.get()
+    const userConfig = await Database.userConfigs.get();
    );
    const userConfig = applyUserConfigOverrides(
      await Database.userConfigs.get()
    );
    const client = await Database.clients.get(clientId);
@@ -173,11 +166,24 @@ class WireGuard {
  async getClientQRCodeSVG({ clientId }: { clientId: ID }) {
    const config = await this.getClientConfiguration({ clientId });
    const ECMode = ['high', 'quartile', 'medium', 'low'] as const;
    for (const ecc of ECMode) {
      try {
        return encodeQR(config, 'svg', {
-      ecc: 'high',
+          ecc,
          scale: 2,
          encoding: 'byte',
        });
      } catch (err) {
        if (!(err instanceof Error && err.message === 'Capacity overflow')) {
          throw err;
        }
        // retry with lower ecc
      }
    }
    throw new Error(
      'Failed to generate QR code: Capacity overflow at all ECC levels'
    );
  }
  cleanClientFilename(name: string): string {
@@ -224,33 +230,25 @@ class WireGuard {
      Database.interfaces.update(wgInterface);
    }
-    const wgInterfaceWithOverrides = applyInterfaceOverrides(wgInterface);
+    WG_DEBUG(`Starting Wireguard Interface ${wgInterface.name}...`);
-
+    await this.#saveWireguardConfig(wgInterface);
-    WG_DEBUG(
+    await wg.down(wgInterface.name).catch(() => {});
-      `Starting Wireguard Interface ${wgInterfaceWithOverrides.name}...`
+    await wg.up(wgInterface.name).catch((err) => {
    );
    await this.#saveWireguardConfig(wgInterfaceWithOverrides);
    await wg.down(wgInterfaceWithOverrides.name).catch(() => {});
    await wg.up(wgInterfaceWithOverrides.name).catch((err) => {
      if (
        err &&
        err.message &&
-        err.message.includes(
+        err.message.includes(`Cannot find device "${wgInterface.name}"`)
          `Cannot find device "${wgInterfaceWithOverrides.name}"`
        )
      ) {
        throw new Error(
-          `WireGuard exited with the error: Cannot find device "${wgInterfaceWithOverrides.name}"\nThis usually means that your host's kernel does not support WireGuard!`,
+          `WireGuard exited with the error: Cannot find device "${wgInterface.name}"\nThis usually means that your host's kernel does not support WireGuard!`,
          { cause: err.message }
        );
      }
      throw err;
    });
-    await this.#syncWireguardConfig(wgInterfaceWithOverrides);
+    await this.#syncWireguardConfig(wgInterface);
-    WG_DEBUG(
+    WG_DEBUG(`Wireguard Interface ${wgInterface.name} started successfully.`);
      `Wireguard Interface ${wgInterfaceWithOverrides.name} started successfully.`
    );
    WG_DEBUG('Starting Cron Job...');
    await this.startCronJob();
@@ -269,16 +267,12 @@ class WireGuard {
  // Shutdown wireguard
  async Shutdown() {
-    const wgInterface = applyInterfaceOverrides(
+    const wgInterface = await Database.interfaces.get();
      await Database.interfaces.get()
    );
    await wg.down(wgInterface.name).catch(() => {});
  }
  async Restart() {
-    const wgInterface = applyInterfaceOverrides(
+    const wgInterface = await Database.interfaces.get();
      await Database.interfaces.get()
    );
    await wg.restart(wgInterface.name);
  }
@@ -54,78 +54,6 @@ export const WG_INITIAL_ENV = {
    : undefined,
 };
 export const WG_INTERFACE_OVERRIDE_ENV = {
  /** Override the WireGuard interface port */
  PORT: process.env.WG_PORT
    ? Number.parseInt(process.env.WG_PORT, 10)
    : undefined,
  /** Override the network device/interface */
  DEVICE: process.env.WG_DEVICE,
  /** Override the MTU setting */
  MTU: process.env.WG_MTU ? Number.parseInt(process.env.WG_MTU, 10) : undefined,
  /** Override the IPv4 CIDR */
  IPV4_CIDR: process.env.WG_IPV4_CIDR,
  /** Override the IPv6 CIDR */
  IPV6_CIDR: process.env.WG_IPV6_CIDR,
 };
 export const WG_CLIENT_OVERRIDE_ENV = {
  /** Override the client connection host */
  HOST: process.env.WG_HOST,
  /** Override the client connection port (falls back to Interface Port) */
  CLIENT_PORT: process.env.WG_CLIENT_PORT
    ? Number.parseInt(process.env.WG_CLIENT_PORT, 10)
    : WG_INTERFACE_OVERRIDE_ENV.PORT,
  /** Override default client DNS servers */
  DEFAULT_DNS: process.env.WG_DEFAULT_DNS?.split(',').map((x) => x.trim()),
  /** Override default client allowed IPs */
  DEFAULT_ALLOWED_IPS: process.env.WG_DEFAULT_ALLOWED_IPS?.split(',').map((x) =>
    x.trim()
  ),
  /** Override default client MTU */
  DEFAULT_MTU: process.env.WG_DEFAULT_MTU
    ? Number.parseInt(process.env.WG_DEFAULT_MTU, 10)
    : undefined,
  /** Override default client persistent keepalive */
  DEFAULT_PERSISTENT_KEEPALIVE: process.env.WG_DEFAULT_PERSISTENT_KEEPALIVE
    ? Number.parseInt(process.env.WG_DEFAULT_PERSISTENT_KEEPALIVE, 10)
    : undefined,
 };
 export const WG_GENERAL_OVERRIDE_ENV = {
  /** Override session timeout */
  SESSION_TIMEOUT: process.env.WG_SESSION_TIMEOUT
    ? Number.parseInt(process.env.WG_SESSION_TIMEOUT, 10)
    : undefined,
  /** Override metrics password */
  METRICS_PASSWORD: process.env.WG_METRICS_PASSWORD,
  /** Override metrics Prometheus enabled status */
  METRICS_PROMETHEUS:
    process.env.WG_METRICS_PROMETHEUS === 'true'
      ? true
      : process.env.WG_METRICS_PROMETHEUS === 'false'
        ? false
        : undefined,
  /** Override metrics JSON enabled status */
  METRICS_JSON:
    process.env.WG_METRICS_JSON === 'true'
      ? true
      : process.env.WG_METRICS_JSON === 'false'
        ? false
        : undefined,
 };
 export const WG_HOOKS_OVERRIDE_ENV = {
  /** Override PreUp hook */
  PRE_UP: process.env.WG_PRE_UP,
  /** Override PostUp hook */
  POST_UP: process.env.WG_POST_UP,
  /** Override PreDown hook */
  PRE_DOWN: process.env.WG_PRE_DOWN,
  /** Override PostDown hook */
  POST_DOWN: process.env.WG_POST_DOWN,
 };
 function assertEnv<T extends string>(env: T) {
  const val = process.env[env];
@@ -135,105 +63,3 @@ function assertEnv<T extends string>(env: T) {
  return val;
 }
 /**
 * Apply environment variable overrides to an interface object
 */
 export function applyInterfaceOverrides<
  T extends {
    port: number;
    device: string;
    mtu: number;
    ipv4Cidr: string;
    ipv6Cidr: string;
  },
 >(wgInterface: T): T {
  return {
    ...wgInterface,
    port: WG_INTERFACE_OVERRIDE_ENV.PORT ?? wgInterface.port,
    device: WG_INTERFACE_OVERRIDE_ENV.DEVICE ?? wgInterface.device,
    mtu: WG_INTERFACE_OVERRIDE_ENV.MTU ?? wgInterface.mtu,
    ipv4Cidr: WG_INTERFACE_OVERRIDE_ENV.IPV4_CIDR ?? wgInterface.ipv4Cidr,
    ipv6Cidr: WG_INTERFACE_OVERRIDE_ENV.IPV6_CIDR ?? wgInterface.ipv6Cidr,
  };
 }
 /**
 * Apply environment variable overrides to a user config object
 */
 export function applyUserConfigOverrides<
  T extends {
    host: string;
    port: number;
    defaultDns: string[];
    defaultAllowedIps: string[];
    defaultMtu: number;
    defaultPersistentKeepalive: number;
  },
 >(userConfig: T): T {
  return {
    ...userConfig,
    host: WG_CLIENT_OVERRIDE_ENV.HOST ?? userConfig.host,
    port: WG_CLIENT_OVERRIDE_ENV.CLIENT_PORT ?? userConfig.port,
    defaultDns: WG_CLIENT_OVERRIDE_ENV.DEFAULT_DNS ?? userConfig.defaultDns,
    defaultAllowedIps:
      WG_CLIENT_OVERRIDE_ENV.DEFAULT_ALLOWED_IPS ??
      userConfig.defaultAllowedIps,
    defaultMtu: WG_CLIENT_OVERRIDE_ENV.DEFAULT_MTU ?? userConfig.defaultMtu,
    defaultPersistentKeepalive:
      WG_CLIENT_OVERRIDE_ENV.DEFAULT_PERSISTENT_KEEPALIVE ??
      userConfig.defaultPersistentKeepalive,
  };
 }
 /**
 * Apply environment variable overrides to a general config object
 */
 export function applySessionOverrides<
  T extends {
    sessionTimeout: number;
  },
 >(generalConfig: T): T {
  return {
    ...generalConfig,
    sessionTimeout:
      WG_GENERAL_OVERRIDE_ENV.SESSION_TIMEOUT ?? generalConfig.sessionTimeout,
  };
 }
 export function applyMetricsOverrides<
  T extends {
    password: string | null;
    prometheus: boolean;
    json: boolean;
  },
 >(metricsConfig: T): T {
  return {
    ...metricsConfig,
    password:
      WG_GENERAL_OVERRIDE_ENV.METRICS_PASSWORD ?? metricsConfig.password,
    prometheus:
      WG_GENERAL_OVERRIDE_ENV.METRICS_PROMETHEUS ?? metricsConfig.prometheus,
    json: WG_GENERAL_OVERRIDE_ENV.METRICS_JSON ?? metricsConfig.json,
  };
 }
 /**
 * Apply environment variable overrides to a hooks object
 */
 export function applyHooksOverrides<
  T extends {
    preUp: string;
    postUp: string;
    preDown: string;
    postDown: string;
  },
 >(hooks: T): T {
  return {
    ...hooks,
    preUp: WG_HOOKS_OVERRIDE_ENV.PRE_UP ?? hooks.preUp,
    postUp: WG_HOOKS_OVERRIDE_ENV.POST_UP ?? hooks.postUp,
    preDown: WG_HOOKS_OVERRIDE_ENV.PRE_DOWN ?? hooks.preDown,
    postDown: WG_HOOKS_OVERRIDE_ENV.POST_DOWN ?? hooks.postDown,
  };
 }
@@ -138,9 +138,7 @@ export const defineMetricsHandler = <
  handler: MetricsHandler<TReq, TRes>
 ) => {
  return defineEventHandler(async (event) => {
-    const metricsConfig = applyMetricsOverrides(
+    const metricsConfig = await Database.general.getMetricsConfig();
      await Database.general.getMetricsConfig()
    );
    if (metricsConfig.password) {
      const auth = getHeader(event, 'Authorization');
@@ -8,10 +8,7 @@ export type WGSession = Partial<{
 const name = 'wg-easy';
 export async function useWGSession(event: H3Event, rememberMe = false) {
-  const sessionConfig = applySessionOverrides(
+  const sessionConfig = await Database.general.getSessionConfig();
    await Database.general.getSessionConfig()
  );
  return useSession<WGSession>(event, {
    password: sessionConfig.sessionPassword,
    name,
@@ -25,10 +22,7 @@ export async function useWGSession(event: H3Event, rememberMe = false) {
 }
 export async function getWGSession(event: H3Event) {
-  const sessionConfig = applySessionOverrides(
+  const sessionConfig = await Database.general.getSessionConfig();
    await Database.general.getSessionConfig()
  );
  return getSession<WGSession>(event, {
    password: sessionConfig.sessionPassword,
    name,
Author	SHA1	Message	Date
Bernd Storath	326717444b	Bump version to 15.2.0-beta.2	2025-11-18 15:05:42 +01:00
Bernd Storath	4e4bfc75e3	feat: add config btn and modal to view and copy config (#2289 ) * add view config btn and modal * show loading state * add note about keyboard	2025-11-18 11:36:46 +01:00
Bernd Storath	5c97a8ba73	try all qr ecc levels (#2288 ) try ecc levels	2025-11-18 09:25:57 +01:00
Bernd Storath	cba7a160ea	intellicode deprecated	2025-11-17 08:04:10 +01:00
Nikolas	4a75e1379d	Update uk.json (#2286 ) * Update uk.json * fix formatting --------- Co-authored-by: Bernd Storath <999999bst@gmail.com>	2025-11-17 07:54:50 +01:00
Chiahong	10a140d188	feat(i18n): Add Traditional Chinese (Taiwan, zh-TW) support (#2285 )	2025-11-17 07:53:03 +01:00