Update funding information in FUNDING.yml

Merge pull request #1045 from WGDashboard/DaanSelen-patch-1
chore: english refac
2025-12-18 07:35:06 +08:00 · 2025-12-17 07:36:35 +08:00 · 2025-12-17 00:06:12 +01:00 · 2025-12-14 20:56:18 +01:00 · 2025-12-14 17:32:46 +01:00 · 2025-12-14 00:28:24 +08:00
466 changed files with 42958 additions and 9038 deletions
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
@ -1,61 +0,0 @@
-{
-  "files": [
-    "README.md"
-  ],
-  "imageSize": 100,
-  "commit": false,
-  "contributors": [
-    {
-      "login": "antonioag95",
-      "name": "antonioag95",
-      "avatar_url": "https://avatars.githubusercontent.com/u/30556866?v=4",
-      "profile": "https://github.com/antonioag95",
-      "contributions": [
-        "test",
-        "code"
-      ]
-    },
-    {
-      "login": "tonjo",
-      "name": "tonjo",
-      "avatar_url": "https://avatars.githubusercontent.com/u/4726289?v=4",
-      "profile": "https://github.com/tonjo",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "reafian",
-      "name": "Richard Newton",
-      "avatar_url": "https://avatars.githubusercontent.com/u/11992416?v=4",
-      "profile": "https://github.com/reafian",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "davejlong",
-      "name": "David Long",
-      "avatar_url": "https://avatars.githubusercontent.com/u/175317?v=4",
-      "profile": "http://www.davejlong.com",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "marneu",
-      "name": "Markus Neubauer",
-      "avatar_url": "https://avatars.githubusercontent.com/u/5978293?v=4",
-      "profile": "http://www.std-soft.com",
-      "contributions": [
-        "code"
-      ]
-    }
-  ],
-  "contributorsPerLine": 7,
-  "projectName": "WGDashboard",
-  "projectOwner": "donaldzou",
-  "repoType": "github",
-  "repoHost": "https://github.com",
-  "skipCi": true
-}
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,5 @@
+.git
+.github
+*.md
+tests/
+docs/
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -1,4 +1,4 @@
 # These are supported funding model platforms

-github: [donaldzou]
-patreon: DonaldDonnyZou
+github: [WGDashboard]
+open_collective: wgdashboard
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,31 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/src"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "npm"
+    directory: "/src/static/app"
+    schedule:
+      interval: "weekly"
+      
+  - package-ecosystem: "github-actions"
+    directory: "/.github"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "docker"
+    directory: "/docker"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "docker-compose"
+    directory: "/docker"
+    schedule:
+      interval: "weekly"
--- a/.github/workflows/codeql-analyze.yaml
+++ b/.github/workflows/codeql-analyze.yaml
@ -12,6 +12,7 @@
 name: "CodeQL"

 on:
+  workflow_dispatch:
  push:
    branches: [ main ]
  pull_request:
@ -38,11 +39,11 @@ jobs:

    steps:
    - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v6

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v4
      with:
        languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
@ -53,7 +54,7 @@ jobs:
    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
    # If this step fails, then you should remove it and run the build manually (see below)
    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@v4

    # ℹ️ Command-line programs to run using the OS shell.
    # 📚 https://git.io/JvXDl
@ -67,4 +68,4 @@ jobs:
    #   make release

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v4
--- a/.github/workflows/docker-debug.yml
+++ b/.github/workflows/docker-debug.yml
@ -0,0 +1,106 @@
+name: MANUAL Docker workflow for debugging
+
+on:
+  workflow_dispatch:
+
+env:
+  DOCKERHUB_PREFIX: docker.io
+  GITHUB_CONTAINER_PREFIX: ghcr.io
+  DOCKER_IMAGE: WGDashboard
+
+jobs:
+  docker_build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    strategy:
+      fail-fast: false
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.DOCKERHUB_PREFIX }}
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.GITHUB_CONTAINER_PREFIX }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: linux/amd64
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Extract Docker metadata from environment
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ env.DOCKERHUB_PREFIX }}/donaldzou/${{ env.DOCKER_IMAGE }}
+            ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=tag
+            type=sha,format=short,prefix=
+
+      - name: Build and export Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./docker/Dockerfile
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: linux/amd64
+
+  docker_scan:
+    if: ${{ github.event_name != 'pull_request' }}
+    runs-on: ubuntu-latest
+    needs: docker_build
+    steps:
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.DOCKERHUB_PREFIX }}
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.GITHUB_CONTAINER_PREFIX }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker Scout CVEs
+        uses: docker/scout-action@v1
+        with:
+          command: cves
+          image: ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }}:main
+          only-severities: critical,high
+          only-fixed: true
+          write-comment: true
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          exit-code: true
+
+      - name: Docker Scout Compare
+        uses: docker/scout-action@v1
+        with:
+          command: compare
+          # Set to Github for maximum compat
+          image: ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }}:main
+          to: ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }}:latest
+          only-severities: critical,high
+          ignore-unchanged: true
+          github-token: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@ -0,0 +1,116 @@
+name: Docker Build and Push
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'main'
+    tags:
+      - '*'
+    paths:
+      - 'src/**'
+      - 'docker/**'
+  release:
+    types: [ published ]
+
+env:
+  DOCKERHUB_PREFIX: docker.io
+  GITHUB_CONTAINER_PREFIX: ghcr.io
+  DOCKER_IMAGE: WGDashboard
+
+jobs:
+  docker_build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    strategy:
+      fail-fast: false
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.DOCKERHUB_PREFIX }}
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.GITHUB_CONTAINER_PREFIX }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Extract Docker metadata from environment
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ env.DOCKERHUB_PREFIX }}/donaldzou/${{ env.DOCKER_IMAGE }}
+            ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=tag
+            type=sha,format=short,prefix=
+
+      - name: Build and export Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./docker/Dockerfile
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+
+  docker_scan:
+    if: ${{ github.event_name != 'pull_request' }}
+    runs-on: ubuntu-latest
+    needs: docker_build
+    steps:
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.DOCKERHUB_PREFIX }}
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.GITHUB_CONTAINER_PREFIX }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker Scout CVEs
+        uses: docker/scout-action@v1
+        with:
+          command: cves
+          image: ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }}:main
+          only-severities: critical,high
+          only-fixed: true
+          write-comment: true
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          exit-code: true
+
+      - name: Docker Scout Compare
+        uses: docker/scout-action@v1
+        with:
+          command: compare
+          # Set to Github for maximum compat
+          image: ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }}:main
+          to: ${{ env.GITHUB_CONTAINER_PREFIX }}/${{ github.repository_owner }}/${{ env.DOCKER_IMAGE }}:latest
+          only-severities: critical,high
+          ignore-unchanged: true
+          github-token: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@ -0,0 +1,26 @@
+# This workflow warns and then closes issues and PRs that have had no activity for a specified amount of time.
+#
+# You can adjust the behavior by modifying this file.
+# For more information, see:
+# https://github.com/actions/stale
+name: Mark stale issues and pull requests
+
+on:
+  workflow_dispatch:
+  schedule:
+  - cron: '00 08 * * *'
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+    steps:
+    - uses: actions/stale@v9
+      with:
+        repo-token: ${{ secrets.GITHUB_TOKEN }}
+        stale-issue-message: 'This issue has not been updated for 20 days'
+        stale-pr-message: 'This pull request has not been updated for 20 days'
+        stale-issue-label: 'stale'
+        exempt-issue-labels: 'enhancement,ongoing'
+        days-before-stale: 20
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,4 @@
+*.tar
 .vscode
 .DS_Store
 .idea
@ -10,7 +11,7 @@ src/static/pic.xd
 *.conf
 private_key.txt
 public_key.txt
-venv/**
+*venv*
 log/**
 release/*
 src/db/wgdashboard.db
@ -18,6 +19,9 @@ src/db/wgdashboard.db
 node_modules/**
 */proxy.js
 src/static/app/proxy.js
+.secrets
+*.ini
+*.pid

 # Logs
 logs
--- a/README.md
+++ b/README.md
@ -1,566 +1,85 @@
-<p align="center">
-  <img alt="WGDashboard" src="./src/static/img/logo.png" width="128">
-</p>
-<h1 align="center">WGDashboard</h1>
+> [!TIP]
+> 🎉 To help us better understand and improve WGDashboard’s performance, we’re launching the **WGDashboard Testing Program**. As part of this program, participants will receive free WireGuard VPN access to our server in Toronto, Canada, valid for **24 hours** or up to **1GB of total traffic**—whichever comes first. If you’d like to join, visit [https://wg.wgdashboard.dev/](https://wg.wgdashboard.dev/) for more details!
+
+
+
+![](https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Posters/Banner.png)


 <p align="center">
-    <img src="https://forthebadge.com/images/badges/made-with-python.svg">
-    <img src="https://forthebadge.com/images/badges/made-with-javascript.svg">
-    <img src="https://forthebadge.com/images/badges/license-mit.svg">
+  <img alt="WGDashboard" src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Logos/Logo-2-Rounded-512x512.png" width="128">
+</p>
+<h1 align="center">
+  <a href="https://wgdashboard.dev">WGDashboard</a>
+</h1>
+<p align="center">
+    <img src="https://img.shields.io/badge/Made_With-Python-blue?style=for-the-badge&logo=python&logoColor=ffffff">
+    <img src="https://img.shields.io/badge/Made_With-Vue.js-42b883?style=for-the-badge&logo=vuedotjs&logoColor=ffffff">
+    <img src="https://img.shields.io/badge/License-Apache_License_2.0-D22128?style=for-the-badge&logo=apache&logoColor=ffffff">
+</p>
+
+<p align="center">
+  <a href="https://github.com/WGDashboard/WGDashboard/releases/latest"><img src="https://img.shields.io/github/v/release/donaldzou/wireguard-dashboard?style=for-the-badge"></a>
+  <a href="https://wakatime.com/badge/github/donaldzou/WGDashboard"><img src="https://wakatime.com/badge/user/45f53c7c-9da9-4cb0-85d6-17bd38cc748b/project/5334ae20-e9a6-4c55-9fea-52d4eb9dfba6.svg?style=for-the-badge" alt="wakatime"></a>
+  <a href="https://hitscounter.dev"><img src="https://hitscounter.dev/api/hit?url=https%3A%2F%2Fgithub.com%2Fdonaldzou%2FWGDashboard&label=Visitor&icon=github&color=%230a58ca&style=for-the-badge"></a>
+  <img src="https://img.shields.io/docker/pulls/donaldzou/wgdashboard?logo=docker&label=Docker%20Image%20Pulls&labelColor=ffffff&style=for-the-badge">
+  <img src="https://github.com/WGDashboard/WGDashboard/actions/workflows/docker.yml/badge.svg?style=for-the-badge">
+  <img src="https://github.com/WGDashboard/WGDashboard/actions/workflows/codeql-analyze.yaml/badge.svg">
+</p>
+<p align="center"><b>This project is supported by</b></p>
+<p align="center">
+  <a href="https://m.do.co/c/a84cb9aac585">
+    <img src="https://opensource.nyc3.cdn.digitaloceanspaces.com/attribution/assets/SVG/DO_Logo_horizontal_blue.svg" width="201px">
+  </a>
+</p>
+<p align="center">Monitoring WireGuard is not convenient, in most case, you'll need to login to your server and type <code>wg show</code>. That's why this project is being created, to view and manage all WireGuard configurations in an easy way.</p>
+<p align="center">Though all these awesome features are present, we are still striving to make it <b>easy to install and use</b></p>
+
+<p align="center"><b><i>This project is not affiliated to the official WireGuard Project</i></b></p>
+
+<h3 align="center">Looking for help or want to chat about this project?</h4>
+<p align="center">
+  You can reach out at
 </p>
 <p align="center">
-    <img src="https://forthebadge.com/images/badges/built-with-love.svg">
+  <a align="center" href="https://discord.gg/72TwzjeuWm" target="_blank"><img src="https://img.shields.io/discord/1276818723637956628?labelColor=ffffff&style=for-the-badge&logo=discord&label=Discord"></a>
+  <a align="center" href="https://www.reddit.com/r/WGDashboard/" target="_blank"><img src="https://img.shields.io/badge/Reddit-r%2FWGDashboard-FF4500?style=for-the-badge&logo=reddit"></a>
+  <a align="center" href="https://app.element.io/#/room/#wgd:matrix.org" target="_blank"><img src="https://img.shields.io/badge/Matrix_Chatroom-%23WGD-000000?style=for-the-badge&logo=matrix"></a>
+</p>
+<h3 align="center">Want to support this project?</h4>
+<p align="center">
+  You can support via <br>
 </p>
 <p align="center">
-  <a href="https://github.com/donaldzou/wireguard-dashboard/releases/latest"><img src="https://img.shields.io/github/v/release/donaldzou/wireguard-dashboard"></a>
-  <a href="https://wakatime.com/badge/github/donaldzou/WGDashboard"><img src="https://wakatime.com/badge/github/donaldzou/WGDashboard.svg" alt="wakatime"></a>
-  <a href="https://hits.seeyoufarm.com"><img src="https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Fdonaldzou%2FWGDashboard&count_bg=%2379C83D&title_bg=%23555555&icon=github.svg&icon_color=%23E7E7E7&title=Visitor&edge_flat=false"/></a>
+  <a align="center" href="https://github.com/sponsors/donaldzou" target="_blank"><img src="https://img.shields.io/badge/GitHub%20Sponsor-2e9a40?style=for-the-badge&logo=github"></a>
+  <a align="center" href="https://buymeacoffee.com/donaldzou" target="_blank"><img src="https://img.shields.io/badge/Buy%20me%20a%20coffee-ffdd00?style=for-the-badge&logo=buymeacoffee&logoColor=000000"></a>
+  <a align="center" href="https://patreon.com/c/DonaldDonnyZou/membership" target="_blank"><img src="https://img.shields.io/badge/Patreon-000000?style=for-the-badge&logo=patreon&logoColor=ffffff"></a>
 </p>
-<p align="center">Monitoring WireGuard is not convenient, need to remote access to server and type <code>wg show</code>. That's why this project is being created, to view all configurations and manage them in a easy way.</p>
-<p align="center">With all these awesome features, while keeping it <b>simple</b>, <b>easy to install and use</b></p>

-<p align="center"><b><i>This project is not affiliate to the official WireGuard Project</i></b></p>
-
-## 📣 What's New: v4.0
-
-### 🎉 New Features
-
- **Updated dashboard design**: Re-designed some of the section with more modern style and layout, the UI is faster and more responsive, it also uses less memory. But overall is still the same dashboard you're familiarized.
- **Docker Solution**: We now have 2 docker solutions! Thanks to @DaanSelen & @shuricksumy for providing them. For more information, please see the [Docker](#-docker-solutions) section below.
- **Peer Job Scheduler**: Now you can schedule jobs for each peer to either **restrict** or **delete** the peer if the peer's total / upload / download data usage exceeded a limit, or you can set a specific datetime to restrict or delete the peer.
- **Share Peer's QR Code with Public Link**: You can share a peer's QR code and `.conf` file without the need to loging in.
- **WGDashboard's REST API**: You can now request all the api endpoint used in the dashboard. For more details please review the [API Documentation](./docs/api-documents.md).
- **Logging**: Dashboard will now log all activity on the dashboard and API requests.
- **Time-Based One-Time Password (TOTP)**: You can enable this function to add one more layer of security, and generate the TOTP with your choice of authenticator.
- **Designs**
-  - **Real-time Graphs**: You can view real-time data changes with graphs in each configuration.
-  - **Night mode**: You know what that means, it avoids bugs ;)
- **Enforce Python Virtual Environment**: I noticed newer Python version (3.12) does not allow to install packages globally, and plus I think is a good idea to use venv.
- 
-### 🧐 Other Changes
- **Deprecated jQuery from the project, and migrated and rewrote the whole front-end with Vue.js. This allows the dashboard is future proofed, and potential cross server access with a desktop app.**
- Rewrote the backend into a REST API structure
- Improved SQL query efficient
- Removed all templates, except for `index.html` where it will load the Vue.js app.
- Parsing names in `.conf`
- Minimized the need to read `.conf`, only when any `.conf` is modified
-
-### 🥘 New Experimental Features
-  - **Cross-Server Access**: Now you can access other servers that installed `v4` of WGDashboard through API key.
-  - **Desktop App**: Thanks to **Cross-Server Access**, you can now download an ElectronJS based desktop app of WGDashboard, and use that to access WGDashboard on different servers.
-  - > For more information, please scroll down to [🥘 Experimental Functions](#-experimental-functions)
-
-> I can't thank enough for all of you who wait for this release, and for those who are new to this project, welcome :)
-> Also, huge thanks to who contributed to this major release:
-> @bolgovrussia, @eduardorosabales, @Profik, @airgapper, @tokon2000, @bkeenke, @kontorskiy777, @bugsse, @Johnnykson, @DaanSelen, @shuricksumy and many others!
+<p align="center">
+  <b>or, visit our merch store and support us by purchasing a merch for only $USD 17.00 (Including shipping worldwide & duties)</b>
+</p>
+<p align="center">
+  <a align="center" href="https://merch.wgdashboard.dev" target="_blank"><img src="https://img.shields.io/badge/Merch%20from%20WGDashboard-926183?style=for-the-badge"></a>
+</p>

 <hr>
-
-## 📋  Table of Content
-
-<!-- TOC -->
-  * [📣 What's New: v4.0](#-whats-new-v40)
-    * [🎉 New Features](#-new-features)
-    * [🧐 Other Changes](#-other-changes)
-    * [🥘 New Experimental Features](#-new-experimental-features)
-  * [📋  Table of Content](#-table-of-content)
-  * [💡 Features](#-features)
-  * [📝 Requirements](#-requirements)
-    * [Supported Operating Systems](#supported-operating-systems)
-    * [Existing WireGuard Configurations](#existing-wireguard-configurations)
-  * [🛠 Install](#-install)
-    * [Install Commands](#install-commands)
-      * [Ubuntu 20.04 LTS](#ubuntu-2004-lts)
-      * [Ubuntu 22.04 LTS & Ubuntu 24.02 LTS](#ubuntu-2204-lts--ubuntu-2402-lts)
-      * [Debian 12.6](#debian-126)
-      * [Debian 11.10](#debian-1110)
-      * [Red Hat Enterprise Linux 9.4 & CentOS 9-Stream](#red-hat-enterprise-linux-94--centos-9-stream)
-      * [Fedora 40 & Fedora 39 & Fedora 38](#fedora-40--fedora-39--fedora-38)
-    * [Manual Installation](#manual-installation)
-  * [🪜 Usage](#-usage)
-      * [Start/Stop/Restart WGDashboard](#startstoprestart-wgdashboard)
-      * [Autostart WGDashboard on boot (>= v2.2)](#autostart-wgdashboard-on-boot--v22)
-  * [✂️ Dashboard Configuration](#-dashboard-configuration)
-      * [Dashboard Configuration file](#dashboard-configuration-file)
-      * [Generating QR code and peer configuration file (.conf)](#generating-qr-code-and-peer-configuration-file-conf)
-  * [❓ How to update the dashboard?](#-how-to-update-the-dashboard)
-      * [**Please note for users who are using `v3 - v3.0.6` want to update to `v4.0`**](#please-note-for-users-who-are-using-v3---v306-want-to-update-to-v40)
-      * [**Please note for users who are using `v2.3.1` or below**](#please-note-for-users-who-are-using-v231-or-below)
-  * [🐬 Docker Solutions](#-docker-solutions)
-    * [Solution 1 from @DaanSelen](#solution-1-from-daanselen)
-    * [Solution 2 from @shuricksumy](#solution-2-from-shuricksumy)
-  * [📖 WGDashboard REST API Documentation & How to use API Key](#-wgdashboard-rest-api-documentation--how-to-use-api-key)
-  * [🥘 Experimental Features](#-experimental-features)
-    * [Cross-Server Access](#cross-server-access)
-    * [Desktop App](#desktop-app)
-  * [🔍 Screenshot](#-screenshot)
-  * [🕰️ Changelogs](#-changelogs)
-<!-- TOC -->
-
-## 💡 Features
-
- Automatically look for existing WireGuard configuration under `/etc/wireguard`
- Easy to use interface, provided credential and TOTP protection to the dashboard
- Manage peers and configuration
-  - Add Peers or by bulk with auto-generated information
-  - Edit peer information
-  - Delete peers with ease
-  - Restrict peers
-  - Generate QR Code and `.conf` file for peers, share it through a public link
-  - Schedule jobs to delete / restrict peer when conditions are met
- View real time peer status
- Testing tool: Ping and Traceroute to your peer
-
-
-## 📝 Requirements
-
-1. Supported operating systems. Please view the list below.
-2. WireGuard & WireGuard-Tools (`wg-quick`)
-3. Python 3.10 / 3.11 / 3.12
-4. `git`, `net-tools`, `sudo` (_This should only apply to RHEL 9 & 8, interestingly it doesn't have it preinstalled)_
-
-### Supported Operating Systems
-> [!NOTE]
-> All operating systems below are tested by myself. All are ARM64 ran in UTM Virtual Machine.
-
-| Ubuntu    | Debian | Red Hat Enterprise Linux | CentOS   | Fedora |
-|-----------|--------|--------------------------|----------|--------|
-| 20.04 LTS | 12.6   | 9.4                      | 9-Stream | 40     |
-| 22.04 LTS | 11.10  |                          |          | 39     |
-| 24.02 LTS |        |                          |          | 38     |
-
-> [!TIP] 
-> If you installed WGDashboard on other systems without any issues, please let me know. Thank you!
-
-### Existing WireGuard Configurations
-
-> [!NOTE]
-> This only applies to existing WireGuard Configuration under `/etc/wireguard`
-
-```ini
-[Interface]
-...
-SaveConfig = true
-# Need to include this line to allow WireGuard Tool to save your configuration, 
-# or if you just want it to monitor your WireGuard Interface and don't need to
-# make any changes with the dashboard, you can set it to false.
-
-[Peer]
-#Name# = Donald's iPhone
-PublicKey = abcd1234
-AllowedIPs = 1.2.3.4/32
-```
-> [!TIP]
-> With `v4`, WGDashboard will look for entry with `#Name# = abc...` in each peer and use that for the name.
-
-## 🛠 Install
-
-### Install Commands
-
-These commands are tested by myself in each OS. It contains commands to install WireGuard, Git, Net Tools, and even Python on some OS.
-
-> [!WARNING]
-> Please make sure you understand these commands before you run them.
-
-#### Ubuntu 20.04 LTS
-
-```shell
-sudo add-apt-repository ppa:deadsnakes/ppa -y && \
-sudo apt-get update -y && \
-sudo apt-get install python3.10 python3.10-distutils wireguard-tools net-tools --no-install-recommends -y && \
-git clone https://github.com/donaldzou/WGDashboard.git && \
-cd WGDashboard/src && \
-chmod +x ./wgd.sh && \
-./wgd.sh install && \
-sudo echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf && \
-sudo sysctl -p
-```
-#### Ubuntu 22.04 LTS & Ubuntu 24.02 LTS
-
-```shell
-sudo apt-get update -y && \
-sudo apt install wireguard-tools net-tools --no-install-recommends -y && \
-git clone https://github.com/donaldzou/WGDashboard.git && \
-cd ./WGDashboard/src && \
-chmod +x ./wgd.sh && \
-./wgd.sh install && \
-sudo echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf && \
-sudo sysctl -p /etc/sysctl.conf
-```
-#### Debian 12.6
-
-```shell
-apt-get install sudo git iptables -y && \ 
-sudo apt-get update && \
-sudo apt install wireguard-tools net-tools && \
-git clone https://github.com/donaldzou/WGDashboard.git && \
-cd ./WGDashboard/src && \
-chmod +x ./wgd.sh && \
-./wgd.sh install && \
-sudo echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf && \
-sudo sysctl -p /etc/sysctl.conf
-```
-
-#### Debian 11.10
-
-> [!WARNING]
-> This commands will download Python 3.10's source code and build from it, since Debian 11.10 doesn't comes with Python 3.10
-
-```shell
-apt-get install sudo -y && \ 
-sudo apt-get update && \ 
-sudo apt install -y git iptables build-essential zlib1g-dev libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev libsqlite3-dev wget libbz2-dev wireguard-tools net-tools && \ 
-wget https://www.python.org/ftp/python/3.10.0/Python-3.10.0.tgz && \ 
-tar -xvf Python-3.10.0.tgz && \ 
-cd Python-3.10.0 && \ 
-sudo ./configure --enable-optimizations && \ 
-sudo make && \ 
-sudo make altinstall && \ 
-cd .. && \ 
-git clone https://github.com/donaldzou/WGDashboard.git && \ 
-cd ./WGDashboard/src && \ 
-chmod +x ./wgd.sh && \ 
-./wgd.sh install && \ 
-sudo echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf && \
-sudo sysctl -p /etc/sysctl.conf
-```
-
-#### Red Hat Enterprise Linux 9.4 & CentOS 9-Stream
-
-```shell
-sudo yum install wireguard-tools net-tools git python3.11 -y && \
-git clone https://github.com/donaldzou/WGDashboard.git && \
-cd ./WGDashboard/src && \
-chmod +x ./wgd.sh && \
-./wgd.sh install && \
-sudo echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf && \
-sudo sysctl -p /etc/sysctl.conf && \
-firewall-cmd --add-port=10086/tcp --permanent && \
-firewall-cmd --add-port=51820/udp --permanent && \
-firewall-cmd --reload
-```
-
-#### Fedora 40 & Fedora 39 & Fedora 38
-
-```shell
-sudo yum install wireguard-tools net-tools git -y && \
-git clone https://github.com/donaldzou/WGDashboard.git && \
-cd ./WGDashboard/src && \
-chmod +x ./wgd.sh && \
-./wgd.sh install && \
-sudo echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf && \
-sudo sysctl -p /etc/sysctl.conf && \
-firewall-cmd --add-port=10086/tcp --permanent && \
-firewall-cmd --add-port=51820/udp --permanent && \
-firewall-cmd --reload
-```
-
-### Manual Installation
-
-> [!NOTE]
-> To ensure a smooth installation process, please make sure Python 3.10/3.11/3.12, `git`, `wireguard-tools` and `net-tools` are installed :)
-
-1. Download WGDashboard
-
-   ```shell
-   git clone https://github.com/donaldzou/WGDashboard.git wgdashboard
-   
-2. Open the WGDashboard folder
-
-   ```shell
-   cd wgdashboard/src
-   ```
-   
-3. Install WGDashboard
-
-   ```shell
-   sudo chmod u+x wgd.sh && \
-   sudo ./wgd.sh install
-   ```
-
-4. Give read and execute permission to root of the WireGuard configuration folder, you can change the path if your configuration files are not stored in `/etc/wireguard`
-
-   ```shell
-   sudo chmod -R 755 /etc/wireguard
-   ```
-
-5. Run WGDashboard
-
-   ```shell
-   sudo ./wgd.sh start
-   ```
-
-6. Access dashboard
-
-   Access your server with port `10086` (e.g. http://your_server_ip:10086), using username `admin` and password `admin`. See below how to change port and ip that the dashboard is running with.
-
-
-
-## 🪜 Usage
-
-#### Start/Stop/Restart WGDashboard
-
-
-```shell
-cd wgdashboard/src
-----------------------------
-./wgd.sh start    # Start the dashboard in background
-----------------------------
-./wgd.sh debug    # Start the dashboard in foreground (debug mode)
-----------------------------
-./wgd.sh stop     # Stop the dashboard
-----------------------------
-./wgd.sh restart  # Restart the dasboard
-```
-
-#### Autostart WGDashboard on boot (>= v2.2)
-
-In the `src` folder, it contained a file called `wg-dashboard.service`, we can use this file to let our system to autostart the dashboard after reboot. The following guide has tested on **Ubuntu**, most **Debian** based OS might be the same, but some might not. Please don't hesitate to provide your system if you have tested the autostart on another system.
-
-1. Changing the directory to the dashboard's directory
-
-   ```shell
-   cd wgdashboard/src
-   ```
-
-2. Get the full path of the dashboard's directory
-
-   ```shell
-   pwd
-   #Output: /root/wgdashboard/src
-   ```
-
-   For this example, the output is `/root/wireguard-dashboard/src`, your path might be different since it depends on where you downloaded the dashboard in the first place. **Copy the the output to somewhere, we will need this in the next step.**
-
-3. Edit the service file, the service file is located in `wireguard-dashboard/src`, you can use other editor you like, here will be using `nano`
-
-   ```shell
-   nano wg-dashboard.service
-   ```
-
-   You will see something like this:
-
-   ```ini
-   [Unit]
-   After=syslog.target network-online.target
-   Wants=wg-quick.target
-   ConditionPathIsDirectory=/etc/wireguard
-   
-   [Service]
-   Type=forking
-   PIDFile=<absolute_path_of_wgdashboard_src>/gunicorn.pid
-   WorkingDirectory=<absolute_path_of_wgdashboard_src>
-   ExecStart=<absolute_path_of_wgdashboard_src>/wgd.sh start
-   ExecStop=<absolute_path_of_wgdashboard_src>/wgd.sh stop
-   ExecReload=<absolute_path_of_wgdashboard_src>/wgd.sh restart
-   TimeoutSec=120
-   PrivateTmp=yes
-   Restart=always
-   
-   [Install]
-   WantedBy=multi-user.target
-   ```
-
-   Now, we need to replace all `<absolute_path_of_wgdashboard_src>` to the one you just copied from step 2. After doing this, the file will become something like this, your file might be different:
-
-   **Be aware that after the value of `WorkingDirectory`, it does not have  a `/` (slash).** And then save the file after you edited it
-
-4. Copy the service file to systemd folder
-
-   ```bash
-   $ sudo cp wg-dashboard.service /etc/systemd/system/wg-dashboard.service
-   ```
-
-   To make sure you copy the file successfully, you can use this command `cat /etc/systemd/system/wg-dashboard.service` to see if it will output the file you just edited.
-
-5. Enable the service
-
-   ```bash
-   $ sudo chmod 664 /etc/systemd/system/wg-dashboard.service
-   $ sudo systemctl daemon-reload
-   $ sudo systemctl enable wg-dashboard.service
-   $ sudo systemctl start wg-dashboard.service  # <-- To start the service
-   ```
-
-6. Check if the service run correctly
-
-   ```bash
-   $ sudo systemctl status wg-dashboard.service
-   ```
-   And you should see something like this
-
-   ```shell
-    ● wg-dashboard.service
-    Loaded: loaded (/etc/systemd/system/wg-dashboard.service; enabled; vendor preset: enabled)
-    Active: active (running) since Wed 2024-08-14 22:21:47 EDT; 55s ago
-    Process: 494968 ExecStart=/home/donaldzou/Wireguard-Dashboard/src/wgd.sh start (code=exited, status=0/SUCCESS)
-    Main PID: 495005 (gunicorn)
-    Tasks: 5 (limit: 4523)
-    Memory: 36.8M
-    CPU: 789ms
-    CGroup: /system.slice/wg-dashboard.service
-    ├─495005 /home/donaldzou/Wireguard-Dashboard/src/venv/bin/python3 ./venv/bin/gunicorn --config ./gunicorn.conf.py
-    └─495007 /home/donaldzou/Wireguard-Dashboard/src/venv/bin/python3 ./venv/bin/gunicorn --config ./gunicorn.conf.py
-    
-    Aug 14 22:21:40 wg sudo[494978]:     root : PWD=/home/donaldzou/Wireguard-Dashboard/src ; USER=root ; COMMAND=./venv/bin/gunicorn --config ./gunicorn.conf.py
-    Aug 14 22:21:40 wg sudo[494978]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=0)
-    Aug 14 22:21:40 wg wgd.sh[494979]: [WGDashboard] WGDashboard w/ Gunicorn will be running on 0.0.0.0:10086
-    Aug 14 22:21:40 wg wgd.sh[494979]: [WGDashboard] Access log file is at ./log/access_2024_08_14_22_21_40.log
-    Aug 14 22:21:40 wg wgd.sh[494979]: [WGDashboard] Error log file is at ./log/error_2024_08_14_22_21_40.log
-    Aug 14 22:21:40 wg sudo[494978]: pam_unix(sudo:session): session closed for user root
-    Aug 14 22:21:45 wg wgd.sh[494968]: [WGDashboard] Checking if WGDashboard w/ Gunicorn started successfully
-    Aug 14 22:21:47 wg wgd.sh[494968]: [WGDashboard] WGDashboard w/ Gunicorn started successfully
-    Aug 14 22:21:47 wg wgd.sh[494968]: ------------------------------------------------------------
-    Aug 14 22:21:47 wg systemd[1]: Started wg-dashboard.service.
-   ```
-
-   If you see `Active:` followed by `active (running) since...` then it means it run correctly. 
-
-7. Stop/Start/Restart the service
-
-   ```bash
-   sudo systemctl stop wg-dashboard.service      # <-- To stop the service
-   sudo systemctl start wg-dashboard.service     # <-- To start the service
-   sudo systemctl restart wg-dashboard.service   # <-- To restart the service
-   ```
-
-8. **And now you can reboot your system, and use the command at step 6 to see if it will auto start after the reboot, or just simply access the dashboard through your browser. If you have any questions or problem, please report it in the issue page.**
-
-## ✂️ Dashboard Configuration
-
-#### Dashboard Configuration file
-
-Since version 2.0, WGDashboard will be using a configuration file called `wg-dashboard.ini`, (It will generate automatically after first time running the dashboard). More options will include in future versions, and for now it included the following configurations:
-
-|                              | Description                                                                                                                                                                                              | Default                                              | Edit Available |
-|------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------|----------------|
-| **`[Account]`**              | *Configuration on account*                                                                                                                                                                               |                                                      |                |
-| `username`                   | Dashboard login username                                                                                                                                                                                 | `admin`                                              | Yes            |
-| `password`                   | Password, will be hash with SHA256                                                                                                                                                                       | `admin` hashed in SHA256                             | Yes            |
-|                              |                                                                                                                                                                                                          |                                                      |                |
-| **`[Server]`**               | *Configuration on dashboard*                                                                                                                                                                             |                                                      |                |
-| `wg_conf_path`               | The path of all the Wireguard configurations                                                                                                                                                             | `/etc/wireguard`                                     | Yes            |
-| `app_ip`                     | IP address the dashboard will run with                                                                                                                                                                   | `0.0.0.0`                                            | Yes            |
-| `app_port`                   | Port the the dashboard will run with                                                                                                                                                                     | `10086`                                              | Yes            |
-| `auth_req`                   | Does the dashboard need authentication to access, if `auth_req = false` , user will not be access the **Setting** tab due to security consideration. **User can only edit the file directly in system**. | `true`                                               | **No**         |
-| `version`                    | Dashboard Version                                                                                                                                                                                        | `v4.0`                                               | **No**         |
-| `dashboard_refresh_interval` | How frequent the dashboard will refresh on the configuration page                                                                                                                                        | `60000ms`                                            | Yes            |
-| `dashboard_sort`             | How configuration is sorting                                                                                                                                                                             | `status`                                             | Yes            |
-| `dashboard_theme`            | Dashboard Theme                                                                                                                                                                                          | `dark`                                               | Yes            |
-|                              |                                                                                                                                                                                                          |                                                      |                |
-| **`[Peers]`**                | *Default Settings on a new peer*                                                                                                                                                                         |                                                      |                |
-| `peer_global_dns`            | DNS Server                                                                                                                                                                                               | `1.1.1.1`                                            | Yes            |
-| `peer_endpoint_allowed_ip`   | Endpoint Allowed IP                                                                                                                                                                                      | `0.0.0.0/0`                                          | Yes            |
-| `peer_display_mode`          | How peer will display                                                                                                                                                                                    | `grid`                                               | Yes            |
-| `remote_endpoint`            | Remote Endpoint (i.e where your peers will connect to)                                                                                                                                                   | *depends on your server's default network interface* | Yes            |
-| `peer_mtu`                   | Maximum Transmit Unit                                                                                                                                                                                    | `1420`                                               |                |
-| `peer_keep_alive`            | Keep Alive                                                                                                                                                                                               | `21`                                                 | Yes            |
-
-#### Generating QR code and peer configuration file (.conf)
-
-Starting version 2.2, dashboard can now generate QR code and configuration file for each peer. Here is a template of what each QR code encoded with and the same content will be inside the file:
-
-```ini
-[Interface]
-PrivateKey = QWERTYUIOPO234567890YUSDAKFH10E1B12JE129U21=
-Address = 0.0.0.0/32
-DNS = 1.1.1.1
-
-[Peer]
-PublicKey = QWERTYUIOPO234567890YUSDAKFH10E1B12JE129U21=
-AllowedIPs = 0.0.0.0/0
-Endpoint = 0.0.0.0:51820
-```
-
-|                   | Description                                                  | Default Value                                                | Available in Peer setting |
-| ----------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------- |
-| **`[Interface]`** |                                                              |                                                              |                           |
-| `PrivateKey`      | The private key of this peer                                 | Private key generated by WireGuard (`wg genkey`) or provided by user | Yes                       |
-| `Address`         | The `allowed_ips` of your peer                               | N/A                                                          | Yes                       |
-| `DNS`             | The DNS server your peer will use                            | `1.1.1.1` - Cloud flare DNS, you can change it when you adding the peer or in the peer setting. | Yes                       |
-| **`[Peer]`**      |                                                              |                                                              |                           |
-| `PublicKey`       | The public key of your server                                | N/A                                                          | No                        |
-| `AllowedIPs`      | IP ranges for which a peer will route traffic                | `0.0.0.0/0` - Indicated a default route to send all internet and VPN traffic through that peer. | Yes                       |
-| `Endpoint`        | Your wireguard server ip and port, the dashboard will search for your server's default interface's ip. | `<your server default interface ip>:<listen port>`           | Yes                       |
-
-## ❓ How to update the dashboard?
-
-#### **Please note for users who are using `v3 - v3.0.6` want to update to `v4.0`**
- Although theoretically updating through `wgd.sh` should work, but I still suggest you to update the dashboard manually.
-
-#### **Please note for users who are using `v2.3.1` or below**
-
- For user who is using `v2.3.1` or below, please notice that all data that stored in the current database will **not** transfer to the new database. This is hard decision to move from TinyDB to SQLite. But SQLite does provide a thread-safe access and TinyDB doesn't. I couldn't find a safe way to transfer the data, so you need to do them manually... Sorry about that :pensive:。 But I guess this would be a great start for future development :sunglasses:.
-
-
-1. Change your directory to `wgdashboard` 
-   
-    ```shell
-    cd wgdashboard/src
-    ```
-    
-2. Update the dashboard
-    ```shell
-    git pull https://github.com/donaldzou/WGDashboard.git v4.0 --force
-    ```
-
-3. Install
-
-   ```shell
-   sudo ./wgd.sh install
-   ```
-
-Starting with `v3.0`, you can simply do `sudo ./wgd.sh update` !! (I hope)
-
-## 🐬 Docker Solutions
-
-Current, we have 2 beloved contributors provided solutions for hosting WGDashboard with Docker
-
-### Solution 1 from @DaanSelen
-
-Please visit [Docker-explain.md](./docker/Docker-explain.md)
-
-### Solution 2 from @shuricksumy
-
-Please visit [shuricksumy/docker-wgdashboard](https://github.com/shuricksumy/docker-wgdashboard)
-
-> For questions or issues related to Docker, please visit [#272](https://github.com/donaldzou/WGDashboard/issues/272)
-
-## 📖 WGDashboard REST API Documentation & How to use API Key
-
-Please visit the [API Documentation](./docs/api-documents.md)
-
-## 🥘 Experimental Features
-
-### Cross-Server Access
-
-Starting with `v4.0`, you can access WGDashboards on other server through one WGDashboard with API Keys
-
-![Cross Server Example](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/cross-server.gif)
-
-### Desktop App
-
-Since the major changes for `v4.0` is to move the whole front-end code to Vue.js. And with this change, we can take the
-advantage of combining ElectronJS and Vue.js to create a Desktop version of WGDashboard. Currently, we provide an Universal macOS app and a Windows app.
-
-To download the app, please visit the [latest release](https://github.com/donaldzou/WGDashboard/releases).
-
-![ElectronJS App Demo](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/electronjs-app.gif)
-
-## 🔍 Screenshot
-
-![Sign In](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/sign-in.png)
-![Cross Server](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/cross-server.png)
-![Index](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/index.png)
-![New Configuration](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/new-configuration.png)
-![Settings](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/settings.png)
-![Light-Dark Mode](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/light-dark.png)
-![Configuration](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/configuration.png)
-![Add Peers](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/add-peers.png)
-![Ping](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/ping.png)
-![Traceroute](https://donaldzou.nyc3.cdn.digitaloceanspaces.com/wgdashboard-images/traceroute.png)
-
-## 🕰️ Changelogs
-
-Please visit the [Changelogs.md](./docs/changelogs.md)
+<h4 align="center">
+  for more information, visit our
+</h4>
+<h1 align="center">
+  <a href="https://wgdashboard.dev">Official Website</a>
+</h1>
+
+
+# Screenshots
+<img src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/sign-in.png" alt=""/>
+<img src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/cross-server.png" alt=""/>
+<img src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/index.png" alt=""/>
+<img src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/new-configuration.png" alt="" />
+<img src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/settings.png" alt="" />
+<img src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/light-dark.png" alt="" />
+<img src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/configuration.png" alt=""/>
+<img src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/add-peers.png" alt="" />
+<img src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/ping.png" alt=""/>
+<img src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/traceroute.png" alt=""/>
--- a/SECURITY.md
+++ b/SECURITY.md
@ -4,7 +4,5 @@

 | Version | Supported          |
 | ------- | ------------------ |
-| 5.1.x   | :white_check_mark: |
-| 5.0.x   | :x:                |
-| 4.0.x   | :white_check_mark: |
-| < 4.0   | :x:                |
+| 4.3   | :white_check_mark: |
+| < 4.3   | :x:                |
--- a/assets/legacy/Dockerfile-alpine-old
+++ b/assets/legacy/Dockerfile-alpine-old
@ -0,0 +1,76 @@
+FROM golang:1.24 AS awg-go
+
+RUN git clone https://github.com/WGDashboard/amneziawg-go /awg
+WORKDIR /awg
+RUN go mod download && \
+    go mod verify && \
+    go build -ldflags '-linkmode external -extldflags "-fno-PIC -static"' -v -o /usr/bin
+
+FROM alpine:latest AS awg-tools
+
+RUN apk update && apk add --no-cache \
+    make git build-base linux-headers \
+  && git clone https://github.com/WGDashboard/amneziawg-tools \
+  && cd amneziawg-tools/src \
+  && make \
+  && chmod +x wg*
+
+FROM alpine:latest
+LABEL maintainer="dselen@nerthus.nl"
+
+RUN apk update && apk add --no-cache \
+    iproute2 iptables bash curl wget unzip procps sudo \
+    tzdata wireguard-tools python3 py3-psutil py3-bcrypt openresolv
+
+COPY --from=awg-go /usr/bin/amneziawg-go /usr/bin/amneziawg-go
+COPY --from=awg-tools /amneziawg-tools/src/wg /usr/bin/awg
+COPY --from=awg-tools /amneziawg-tools/src/wg-quick/linux.bash /usr/bin/awg-quick
+
+# Declaring environment variables, change Peernet to an address you like, standard is a 24 bit subnet.
+ARG wg_net="10.0.0.1" \
+    wg_port="51820"
+
+# Following ENV variables are changable on container runtime because /entrypoint.sh handles that. See compose.yaml for more info.
+ENV TZ="Europe/Amsterdam" \
+    global_dns="9.9.9.9" \
+    wgd_port="10086" \
+    public_ip=""
+
+# Using WGDASH -- like wg_net functionally as a ARG command. But it is needed in entrypoint.sh so it needs to be exported as environment variable.
+ENV WGDASH=/opt/wgdashboard
+
+# Doing WireGuard Dashboard installation measures. Modify the git clone command to get the preferred version, with a specific branch for example.
+RUN mkdir /data \
+  && mkdir /configs \
+  && mkdir -p ${WGDASH}/src \
+  && mkdir -p /etc/amnezia/amneziawg
+COPY ./src ${WGDASH}/src
+
+# Generate basic WireGuard interface. Echoing the WireGuard interface config for readability, adjust if you want it for efficiency.
+# Also setting the pipefail option, verbose: https://github.com/hadolint/hadolint/wiki/DL4006.
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+RUN out_adapt=$(ip -o -4 route show to default | awk '{print $NF}') \
+  && echo -e "[Interface]\n\
+Address = ${wg_net}/24\n\
+PrivateKey =\n\
+PostUp = iptables -t nat -I POSTROUTING 1 -s ${wg_net}/24 -o ${out_adapt} -j MASQUERADE\n\
+PostUp = iptables -I FORWARD -i wg0 -o wg0 -j DROP\n\
+PreDown = iptables -t nat -D POSTROUTING -s ${wg_net}/24 -o ${out_adapt} -j MASQUERADE\n\
+PreDown = iptables -D FORWARD -i wg0 -o wg0 -j DROP\n\
+ListenPort = ${wg_port}\n\
+SaveConfig = true\n\
+DNS = ${global_dns}" > /configs/wg0.conf.template \
+  && chmod 600 /configs/wg0.conf.template
+
+# Defining a way for Docker to check the health of the container. In this case: checking the gunicorn process.
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+  CMD sh -c 'pgrep gunicorn > /dev/null && pgrep tail > /dev/null' || exit 1
+
+# Copy the basic entrypoint.sh script.
+COPY ./docker/entrypoint.sh /entrypoint.sh
+
+# Exposing the default WireGuard Dashboard port for web access.
+EXPOSE 10086
+WORKDIR $WGDASH
+
+ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]
--- a/docker/Docker-explain.md
+++ b/docker/Docker-explain.md
@ -1,82 +0,0 @@
-# WG-Dashboard Docker Explanation:
-
-Author: DaanSelen<br>
-
-This document delves into how the WG-Dashboard Docker container has been built.<br>
-Of course there are two stages, one before run-time and one at/after run-time.<br>
-The `Dockerfile` describes how the container image is made, and the `entrypoint.sh` is executed after running the container. <br>
-In this example, WireGuard is integrated into the container itself, so it should be a run-and-go.<br>
-For more details on the source-code specific to this Docker image, refer to the source files, they have lots of comments.
-
-I have tried to embed some new features such as `isolated_peers` and interface startup on container-start (through `enable_wg0`).
-
-<img src="https://raw.githubusercontent.com/donaldzou/WGDashboard/main/img/logo.png" alt="WG-Dashboard Logo" title="WG-Dashboard Logo" width="150" height="150" /> 
-
-## Getting the container running:
-
-To get the container running you either pull the image from the repository, at the moment: `repo.nerthus.nl/app/wireguard-dashboard:latest`.<br>
-From there either use the environment variables describe below as parameters or use the Docker Compose file: `compose.yaml`.
-
-An example of a simple command to get the container running is show below:<br>
-
-```shell
-docker run -d \
-  --name wireguard-dashboard \
-  --restart unless-stopped \
-  -e enable_wg0=true \
-  -e isolated_peers=true \
-  -p 10086:10086/tcp \
-  -p 51820:51820/udp \
-  --cap-add NET_ADMIN \
-  repo.nerthus.nl/app/wireguard-dashboard:latest
-```
-<br>
-If you want to use Compose instead of a raw Docker command, refer to the example in the `compose.yaml` or the one pasted below:
-<br><br>
-
-```yaml
-services:
-  wireguard-dashboard:
-    image: repo.nerthus.nl/app/wireguard-dashboard:latest
-    restart: unless-stopped
-    container_name: wire-dash
-    environment:
-      #- tz=
-      #- global_dns=
-      - enable_wg0=true
-      - isolated_peers=false
-      #- public_ip=
-    ports:
-      - 10086:10086/tcp
-      - 51820:51820/udp
-    volumes:
-      - conf:/etc/wireguard
-      - app:/opt/wireguarddashboard/app
-    cap_add:
-      - NET_ADMIN
-
-volumes:
-  conf:
-  app:
-
-```
-
-If you want to customize the yaml, make sure the core stays the same, but for example volume PATHs can be freely changed.<br>
-This setup is just generic and will use the Docker volumes.
-
-## Working with the container and environment variables:
-
-Once the container is running, the installation process is essentially the same as running it on bare-metal.<br>
-So go to the assign TCP port in this case HTTP, like the default 10086 one in the example and log into the WEB-GUI.<br>
-
-| Environment variable    | Accepted arguments | Default value | Verbose |
-| -------------- | ------- | ------- | ------- |
-| tz             | Europe/Amsterdam or any confirming timezone notation. | Europe/Amsterdam | Sets the timezone of the Docker container. This is to timesync the container to any other processes which would need it. |
-| global_dns     | Any IPv4 address, such as my personal recommendation: 9.9.9.9 (QUAD9) | 1.1.1.1 | Set the default DNS given to clients once they connect to the WireGuard tunnel (VPN).
-| enable_wg0     | `true` or `false` | `false` | Enables or disables the starting of the WireGuard interface on container 'boot-up'.
-| isolated_peers | `true` or `false` | `true` | For security the default is true, and it disables peers to ping or reach eachother, the WireGuard interface IS able to reach the peers (Done through `iptables`).
-| public_ip      | Any IPv4 (public recommended) address, such as the one returned by default | Default uses the return of `curl ifconfig.me` | To reach your VPN from outside your own network, you need WG-Dashboard to know what your public IP-address is, otherwise it will generate faulty config files for clients.
-
-## Closing remarks:
-
-For feedback please submit an issue to the repository. Or message dselen@nerthus.nl.
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@ -1,77 +1,143 @@
-# Pull from small Debian stable image.
-FROM debian:stable-slim
+#
+# AWG GOLANG BUILDING STAGE
+# Base: Alpine
+#
+
+# Pull the current golang-alpine image.
+FROM golang:1.25-alpine AS awg-go
+
+# Install build-dependencies.
+RUN apk add --no-cache \
+    git \
+    gcc \
+    musl-dev
+
+# Standard working directory for WGDashboard
+RUN mkdir -p /workspace && \
+    git clone https://github.com/WGDashboard/amneziawg-go /workspace/awg
+
+# Enable CGO compilation for AmneziaWG
+ENV CGO_ENABLED=1
+
+# Change directory
+WORKDIR /workspace/awg
+# Compile the binaries
+RUN go version && \
+    go mod download && \
+    go mod verify && \
+    go build -ldflags '-linkmode external -extldflags "-fno-PIC -static"' -v -o /usr/bin
+#
+# AWG TOOLS BUILDING STAGE
+# Base: Alpine
+#
+FROM alpine:latest AS awg-tools
+
+# Install needed dependencies.
+RUN apk add --no-cache \
+    make \
+    git \
+    build-base \
+    linux-headers \
+    ca-certificates
+
+# Get the workspace ready
+RUN mkdir -p /workspace && \
+    git clone https://github.com/WGDashboard/amneziawg-tools /workspace/awg-tools
+
+# Change directory
+WORKDIR /workspace/awg-tools/src
+# Compile and change permissions
+RUN make && chmod +x wg*
+
+#
+# PIP DEPENDENCY BUILDING
+# Base: Alpine
+#
+
+# Use the python-alpine image for building pip dependencies
+FROM python:3.14-alpine AS pip-builder
+
+ARG TARGETPLATFORM
+
+# Add the build dependencies and create a Python virtual environment.
+RUN apk add --no-cache \
+      build-base \
+      pkgconfig \
+      python3-dev \
+      postgresql-dev \
+      libffi-dev \
+      libpq \
+      linux-headers \
+      rust \
+      cargo \
+    && mkdir -p /opt/wgdashboard/src \
+    && python3 -m venv /opt/wgdashboard/src/venv
+
+# Copy the requirements file into the build layer.
+COPY ./src/requirements.txt /opt/wgdashboard/src
+RUN if [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then \
+      sed -i 's|psycopg\[binary\]|psycopg[c]|' /opt/wgdashboard/src/requirements.txt; \
+    fi; \
+    cat /opt/wgdashboard/src/requirements.txt
+
+# Install the pip packages
+RUN . /opt/wgdashboard/src/venv/bin/activate && \
+    pip3 install --upgrade pip && \
+    pip3 install -r /opt/wgdashboard/src/requirements.txt
+
+#
+# WGDashboard RUNNING STAGE
+# Base: Alpine
+#
+
+# Running with the python-alpine image.
+FROM python:3.14-alpine AS final
 LABEL maintainer="dselen@nerthus.nl"

-# Declaring environment variables, change Peernet to an address you like, standard is a 24 bit subnet.
-ENV wg_net="10.0.0.1"
-# wg_net is used functionally as an ARG for its environment variable nature, do not change unless you know what you are doing.
-
-# Following ENV variables are changable on container runtime because /entrypoint.sh handles that. See compose.yaml for more info.
-ENV tz="Europe/Amsterdam"
-ENV global_dns="1.1.1.1"
-ENV enable_wg0="false"
-ENV isolated_peers="true"
-ENV public_ip="0.0.0.0"
-
-# Doing basic system maintenance. Change the timezone to the desired timezone.
-RUN ln -sf /usr/share/zoneinfo/${tz} /etc/localtime
-
-# Doing package management operations, such as upgrading
-RUN apt-get update && apt-get upgrade -y \
-  && apt-get install -y --no-install-recommends curl \
-  git \
-  iproute2 \
-  iptables \
-  iputils-ping \
-  openresolv \
-  procps \
-  python3 \
-  python3-pip \
-  python3-venv \
-  traceroute \
-  wireguard \
-  wireguard-tools \
-  && apt-get remove linux-image-* --autoremove -y \
-  && apt-get clean \
-  && rm -rf /var/lib/apt/lists/*
-# Removing the Linux Image package to preserve space on the image, for this reason also deleting apt lists, to be able to install packages: run apt update.
-
-# Using WGDASH -- like wg_net functionally as a ARG command. But it is needed in entrypoint.sh so it needs to be exported as environment variable.
-ENV WGDASH=/opt/wireguarddashboard
-RUN python3 -m venv ${WGDASH}/venv
-
-# Doing WireGuard Dashboard installation measures. Modify the git clone command to get the preferred version, with a specific branch for example.
-RUN . ${WGDASH}/venv/bin/activate \
-  && git clone https://github.com/donaldzou/WGDashboard.git ${WGDASH}/app \
-  && pip3 install -r ${WGDASH}/app/src/requirements.txt \
-  && chmod +x ${WGDASH}/app/src/wgd.sh \
-  && .${WGDASH}/app/src/wgd.sh install
-
-# Set the volume to be used for persistency.
-VOLUME /etc/wireguard
-
-# Generate basic WireGuard interface. Echoing the WireGuard interface config for readability, adjust if you want it for efficiency.
-# Also setting the pipefail option, verbose: https://github.com/hadolint/hadolint/wiki/DL4006.
+# Install only the runtime dependencies
+RUN apk add --no-cache \
+    iproute2 iptables \
+    bash curl procps openrc \
+    tzdata wireguard-tools envsubst
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-RUN wg genkey | tee /etc/wireguard/wg0_privatekey \
-  && echo "[Interface]" > /wg0.conf \
-  && echo "SaveConfig = true" >> /wg0.conf \
-  && echo "Address = ${wg_net}/24" >> /wg0.conf \
-  && echo "PrivateKey = $(cat /etc/wireguard/wg0_privatekey)" >> /wg0.conf \
-  && echo "PostUp = iptables -t nat -I POSTROUTING 1 -s ${wg_net}/24 -o $(ip -o -4 route show to default | awk '{print $NF}') -j MASQUERADE" >> /wg0.conf \
-  && echo "PostUp = iptables -I FORWARD -i wg0 -o wg0 -j DROP" >> /wg0.conf \
-  && echo "PreDown = iptables -t nat -D POSTROUTING 1" >> /wg0.conf \
-  && echo "PreDown = iptables -D FORWARD -i wg0 -o wg0 -j DROP" >> /wg0.conf \
-  && echo "ListenPort = 51820" >> /wg0.conf \
-  #&& echo "DNS = ${global_dns}" >> /wg0.conf \
-  && rm /etc/wireguard/wg0_privatekey

-# Defining a way for Docker to check the health of the container. In this case: checking the login URL.
-HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 CMD curl -f http://localhost:10086/signin || exit 1
+# Copy only the final binaries from the AWG builder stages
+COPY --from=awg-go /usr/bin/amneziawg-go /usr/bin/amneziawg-go
+COPY --from=awg-tools /workspace/awg-tools/src/wg /usr/bin/awg
+COPY --from=awg-tools /workspace/awg-tools/src/wg-quick/linux.bash /usr/bin/awg-quick

-# Copy the basic entrypoint.sh script.
-COPY entrypoint.sh /entrypoint.sh
+# Environment variables
+ARG wg_net="10.0.0.1"
+ARG wg_subn="24"
+ARG wg_port="51820"
+ENV TZ="Europe/Amsterdam" \
+    global_dns="9.9.9.9" \
+    wgd_port="10086" \
+    public_ip="" \
+    WGDASH=/opt/wgdashboard

-# Exposing the default WireGuard Dashboard port for web access.
+# Create directories needed for operation
+RUN mkdir /data /configs -p ${WGDASH}/src /etc/amnezia/amneziawg
+
+# Copy the venv and source files from local compiled locations or repos
+COPY ./src ${WGDASH}/src
+COPY --from=pip-builder /opt/wgdashboard/src/venv /opt/wgdashboard/src/venv
+COPY ./docker/wg0.conf.template /tmp/wg0.conf.template
+# Copy in the runtime script, essential.
+COPY ./docker/entrypoint.sh /entrypoint.sh
+
+# First WireGuard interface template
+RUN export out_adapt=$(ip -o -4 route show to default | awk '{print $NF}') \
+    && envsubst < /tmp/wg0.conf.template > /configs/wg0.conf.template \
+    && chmod 600 /configs/wg0.conf.template \
+    && cat /configs/wg0.conf.template
+
+# Set a healthcheck to determine the container its health
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+  CMD sh -c 'pgrep gunicorn > /dev/null && pgrep tail > /dev/null' || exit 1
+
+# Expose ports on the container
 EXPOSE 10086
+WORKDIR $WGDASH/src
+
 ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]
--- a/docker/README.md
+++ b/docker/README.md
@ -0,0 +1,213 @@
+# WGDashboard Docker Explanation:
+Author: @DaanSelen<br>
+
+This document delves into how the WGDashboard Docker container has been built.<br>
+Of course there are two stages (simply said), one before run-time and one at/after run-time.<br>
+The `Dockerfile` describes how the container image is made, and the `entrypoint.sh` is executed after the container is started. <br>
+In this example, [WireGuard](https://www.wireguard.com/) is integrated into the container itself, so it should be a run-and-go(/out-of-the-box) experience.<br>
+For more details on the source-code specific to this Docker image, refer to the source files, they have lots of comments.
+
+<br>
+<img 
+  src="https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Logos/Logo-2-Rounded-512x512.png" 
+  alt="WG-Dashboard Logo" 
+  title="WG-Dashboard Logo"
+  style="display: block; margin: 0 auto;"
+  width="150"
+  height="150"
+/>
+<br>
+
+To get the container running you either pull the pre-made image from a remote repository, there are 2 official options.<br>
+
+- ghcr.io/wgdashboard/wgdashboard:<tag>
+- docker.io/donaldzou/wgdashboard:<tag>
+
+> tags should be either: latest, main, <version> or <commit-sha>.
+
+From there either use the environment variables described below as parameters or use the Docker Compose file: `compose.yaml`.<br>
+Be careful, the default generated WireGuard configuration file uses port 51820/udp. So make sure to use this port if you want to use it out of the box.<br>
+Otherwise edit the configuration file in WGDashboard under `Configuration Settings` -> `Edit Raw Configuration File`.
+
+> Otherwise you need to enter the container and edit: `/etc/wireguard/wg0.conf`.
+
+# WGDashboard: 🐳 Docker Deployment Guide
+
+To run the container, you can either pull the image from the Github Container Registry (ghcr.io), Docker Hub (docker.io) or build it yourself. The image is available at:
+
+> `docker.io` is in most cases automatically resolved by the Docker application. Therefor you can ofter specify: `donaldzou/wgdashboard:latest`
+
+### 🔧 Quick Docker Run Command
+
+Here's an example to get it up and running quickly:
+
+```bash
+docker run -d \
+  --name wgdashboard \
+  --restart unless-stopped \
+  -p 10086:10086/tcp \
+  -p 51820:51820/udp \
+  --cap-add NET_ADMIN \
+  ghcr.io/wgdashboard/wgdashboard:latest
+```
+
+> ⚠️ The default WireGuard port is `51820/udp`. If you change this, update the `/etc/wireguard/wg0.conf` accordingly.
+
+---
+
+### 📦 Docker Compose Alternative
+
+You can also use Docker Compose for easier configuration:
+
+```yaml
+services:
+  wgdashboard:
+    image: ghcr.io/wgdashboard/wgdashboard:latest
+    restart: unless-stopped
+    container_name: wgdashboard
+
+    ports:
+      - 10086:10086/tcp
+      - 51820:51820/udp
+
+    volumes:
+      - aconf:/etc/amnezia/amneziawg
+      - conf:/etc/wireguard
+      - data:/data
+
+    cap_add:
+      - NET_ADMIN
+
+volumes:
+  aconf:
+  conf:
+  data:
+```
+
+> 📁 You can customize the **volume paths** on the host to fit your needs. The example above uses Docker volumes.
+
+---
+
+## 🔄 Updating the Container
+
+Updating the WGDashboard container should be through 'The Docker Way' - by pulling the newest/newer image and replacing this old one.
+
+---
+
+## ⚙️ Environment Variables
+
+| Variable           | Accepted Values                          | Default                 | Example               | Description                                                             |
+| ------------------ | ---------------------------------------- | ----------------------- | --------------------- | ----------------------------------------------------------------------- |
+| `tz`               | Timezone                                 | `Europe/Amsterdam`      | `America/New_York`    | Sets the container's timezone. Useful for accurate logs and scheduling. |
+| `global_dns`       | IPv4 and IPv6 addresses                  | `9.9.9.9`               | `8.8.8.8`, `1.1.1.1`  | Default DNS for WireGuard clients.                                      |
+| `public_ip`        | Public IP address                        | Retrieved automatically | `253.162.134.73`      | Used to generate accurate client configs. Needed if container is NAT’d. |
+| `wgd_port`         | Any port that is allowed for the process | `10086`                 | `443`                 | This port is used to set the WGDashboard web port.                      |
+| `username`         | Any non‐empty string                     | `-`                     | `admin`               | Username for the WGDashboard web interface account.                     |
+| `password`         | Any non‐empty string                     | `-`                     | `s3cr3tP@ss`          | Password for the WGDashboard web interface account (stored hashed).     |
+| `enable_totp`      | `true`, `false`                          | `true`                  | `false`               | Enable TOTP‐based two‐factor authentication for the account.            |
+| `wg_autostart`     | Wireguard interface name                 | `false`                 | `true`                | Auto‐start the WireGuard client when the container launches.            |
+| `email_server`     | SMTP server address                      | `-`                     | `smtp.gmail.com`      | SMTP server for sending email notifications.                            |
+| `email_port`       | SMTP port number                         | `-`                     | `587`                 | Port for connecting to the SMTP server.                                 |
+| `email_encryption` | `TLS`, `SSL`, etc.                       | `-`                     | `TLS`                 | Encryption method for email communication.                              |
+| `email_username`   | Any non-empty string                     | `-`                     | `user@example.com`    | Username for SMTP authentication.                                       |
+| `email_password`   | Any non-empty string                     | `-`                     | `app_password`        | Password for SMTP authentication.                                       |
+| `email_from`       | Valid email address                      | `-`                     | `noreply@example.com` | Email address used as the sender for notifications.                     |
+| `email_template`   | Path to template file                    | `-`                     | `your-template`       | Custom template for email notifications.                                |
+
+---
+
+## 🔐 Port Forwarding Note
+
+When using multiple WireGuard interfaces, remember to **open their respective ports** on the host.
+
+Examples:
+```yaml
+# Individual mapping
+- 51821:51821/udp
+
+# Or port range
+- 51820-51830:51820-51830/udp
+```
+
+> 🚨 **Security Tip:** Only expose ports you actually use.
+
+---
+
+## 🛠️ Building the Image Yourself
+
+To build from source:
+
+```bash
+git clone https://github.com/WGDashboard/WGDashboard.git
+cd WGDashboard
+docker build . -f docker/Dockerfile -t yourname/wgdashboard:latest
+```
+
+Example output:
+```shell
+docker images
+
+REPOSITORY           TAG       IMAGE ID       CREATED             SIZE
+yourname/wgdashboard latest    c96fd96ee3b3   42 minutes ago      314MB
+```
+
+---
+
+## 🧱 Dockerfile Overview
+
+Here's a brief overview of the Dockerfile stages used in the image build:
+
+### 1. **Build Tools & Go Compilation**
+
+```Dockerfile
+FROM golang:1.24 AS compiler
+WORKDIR /go
+
+RUN apt-get update && apt-get install -y ...
+RUN git clone ... && make
+...
+```
+
+### 2. **Binary Copy to Scratch**
+
+```Dockerfile
+FROM scratch AS bins
+COPY --from=compiler /go/amneziawg-go/amneziawg-go /amneziawg-go
+...
+```
+
+### 3. **Final Alpine Container Setup**
+
+```Dockerfile
+FROM alpine:latest
+COPY --from=bins ...
+RUN apk update && apk add --no-cache ...
+COPY ./src ${WGDASH}/src
+COPY ./docker/entrypoint.sh /entrypoint.sh
+...
+EXPOSE 10086
+ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]
+```
+
+---
+
+## 🚀 Entrypoint Overview
+
+### Major Functions:
+
+- **`ensure_installation`**: Sets up the app, database, and Python environment.
+- **`set_envvars`**: Writes `wg-dashboard.ini` and applies environment variables.
+- **`start_core`**: Starts the main WGDashboard service.
+- **`ensure_blocking`**: Tails the error log to keep the container process alive.
+
+---
+
+## ✅ Final Notes
+
+- Use `docker logs wgdashboard` for troubleshooting.
+- Access the web interface via `http://your-ip:10086` (or whichever port you specified in the compose).
+- The first time run will auto-generate WireGuard keys and configs (configs are generated from the template).
+
+## Closing remarks:
+
+For feedback please submit an issue to the repository. Or message dselen@nerthus.nl.
--- a/docker/compose.yaml
+++ b/docker/compose.yaml
@ -1,23 +1,42 @@
 services:
-  wireguard-dashboard:
-    image: repo.nerthus.nl/app/wireguard-dashboard:latest
+  wgdashboard:
+    # Since the github organisation we recommend the ghcr.io.
+    # Alternatively we also still push to docker.io under donaldzou/wgdashboard.
+    # Both share the exact same tags. So they should be interchangable.
+    image: ghcr.io/wgdashboard/wgdashboard:latest
+
+    # Make sure to set the restart policy. Because for a VPN its important to come back IF it crashes.
    restart: unless-stopped
-    container_name: wire-dash
-    environment:
+    container_name: wgdashboard
+
+    # Environment variables can be used to configure certain values at startup. Without having to configure it from the dashboard.
+    # By default its all disabled, but uncomment the following lines to apply these. (uncommenting is removing the # character)
+    # Refer to the documentation on https://wgdashboard.dev/ for more info on what everything means.
+    #environment:
      #- tz=                # <--- Set container timezone, default: Europe/Amsterdam.
-      #- global_dns=        # <--- Set global DNS address, default: 1.1.1.1.
-      - enable_wg0=true        # <--- If true, wg0 will be started on container startup. default: false.
-      - isolated_peers=false     # <--- When set to true, it disallows peers to talk to eachother, setting to false, allows it, default: true.
      #- public_ip=         # <--- Set public IP to ensure the correct one is chosen, defaulting to the IP give by ifconfig.me.
+      #- wgd_port=          # <--- Set the port WGDashboard will use for its web-server.
+
+    # The following section, ports is very important for exposing more than one Wireguard/AmneziaWireguard interfaces.
+    # Once you create a new configuration and assign a port in the dashboard, don't forget to add it to the ports as well.
+    # Quick-tip: most Wireguard VPN tunnels use UDP. WGDashboard uses HTTP, so tcp.
    ports:
      - 10086:10086/tcp
      - 51820:51820/udp
+
+    # Volumes can be configured however you'd like. The default is using docker volumes.
+    # If you want to use local paths, replace the path before the : with your path.
    volumes:
+      - aconf:/etc/amnezia/amneziawg
      - conf:/etc/wireguard
-      - app:/opt/wireguarddashboard/app
+      - data:/data
+
+    # Needed for network administration.
    cap_add:
      - NET_ADMIN

+# The following configuration is linked to the above default volumes.
 volumes:
+  aconf:
  conf:
-  app:
+  data:
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@ -1,109 +1,274 @@
 #!/bin/bash
-echo "Starting the WireGuard Dashboard Docker container."

-clean_up() {
-  # Cleaning out previous data such as the .pid file and starting the WireGuard Dashboard. Making sure to use the python venv.
-  echo "Looking for remains of previous instances..."
-  if [ -f "/opt/wireguarddashboard/app/src/gunicorn.pid" ]; then
-    echo "Found old .pid file, removing."
-    rm /opt/wireguarddashboard/app/src/gunicorn.pid
+config_file="/data/wg-dashboard.ini"
+runtime_pid=""
+
+trap 'stop_service' SIGTERM
+
+# Hash password with bcrypt
+hash_password() {
+  ${WGDASH}/src/venv/bin/python3 -c "import bcrypt; print(bcrypt.hashpw('$1'.encode(), bcrypt.gensalt(12)).decode())"
+}
+
+# Function to set or update section/key/value in the INI file
+set_ini() {
+  local section="$1" key="$2" value="$3"
+  local current_value
+
+  # Add section if it doesn't exist
+  grep -q "^\[${section}\]" "$config_file" \
+    || printf "\n[%s]\n" "${section}" >> "$config_file"
+
+  # Check current value if key exists
+  if grep -q "^[[:space:]]*${key}[[:space:]]*=" "$config_file"; then
+    current_value=$(grep "^[[:space:]]*${key}[[:space:]]*=" "$config_file" | cut -d= -f2- | xargs)
+
+    # Dont display actual value if it's a password field
+    if [[ "$key" == *"password"* ]]; then
+      if [ "$current_value" = "$value" ]; then
+        echo "- $key is already set correctly (value hidden)"
+        return 0
+      fi
+      sed -i "/^\[${section}\]/,/^\[/{s|^[[:space:]]*${key}[[:space:]]*=.*|${key} = ${value}|}" "$config_file"
+      echo "- Updated $key (value hidden)"
    else
-    echo "No remains found, continuing."
+      if [ "$current_value" = "$value" ]; then
+        echo "- $key is already set correctly ($value)"
+        return 0
+      fi
+      sed -i "/^\[${section}\]/,/^\[/{s|^[[:space:]]*${key}[[:space:]]*=.*|${key} = ${value}|}" "$config_file"
+      echo "- Updated $key to: $value"
+    fi
+  else
+    sed -i "/^\[${section}\]/a ${key} = ${value}" "$config_file"
+
+    # Don't display actual value if it's a password field
+    if [[ "$key" == *"password"* ]]; then
+      echo "- Added new setting $key (value hidden)"
+    else
+      echo "- Added new setting $key: $value"
+    fi
  fi
 }

-start_core() {
-  # This first step is to ensure the wg0.conf file exists, and if not, then its copied over from the ephemeral container storage.
-  if [ ! -f "/etc/wireguard/wg0.conf" ]; then
-    cp "/wg0.conf" "/etc/wireguard/wg0.conf"
-    echo "WireGuard interface file copied over."
+stop_service() {
+  echo "[WGDashboard] Stopping WGDashboard..."
+
+  local max_rounds="10"
+  local round="0"
+  local runtime_pid=""
+
+  while true; do
+    round=$((round + 1))
+
+    if [[ -f ${WGDASH}/src/gunicorn.pid ]]; then
+      runtime_pid=$(cat ${WGDASH}/src/gunicorn.pid)
+
+      echo "Running as PID: ${runtime_pid}"
+      return 0
+    fi
+
+    if [[ $round -eq $max_rounds ]]; then
+      echo "Reached breaking point!"
+      return 1
+
+    fi
+
+    sleep 0.5s
+  done
+
+  kill $runtime_pid
+  exit 0
+}
+
+echo "------------------------- START ----------------------------"
+echo "Starting the WGDashboard Docker container."
+
+ensure_installation() {
+  echo "Quick-installing..."
+
+  # Make the wgd.sh script executable.
+  chmod +x "${WGDASH}"/src/wgd.sh
+  cd "${WGDASH}"/src || exit
+
+  # Github issue: https://github.com/donaldzou/WGDashboard/issues/723
+  echo "Checking for stale pids..."
+  if [[ -f ${WGDASH}/src/gunicorn.pid ]]; then
+    echo "Found stale pid, removing..."
+    rm ${WGDASH}/src/gunicorn.pid
+  fi
+
+  # Removing clear shell command from the wgd.sh script to enhance docker logging.
+  echo "Removing clear command from wgd.sh for better Docker logging."
+  sed -i '/clear/d' ./wgd.sh
+
+  # Create required directories and links
+  if [ ! -d "/data/db" ]; then
+    echo "Creating database dir"
+    mkdir -p /data/db
+  fi
+
+  if [ ! -d "${WGDASH}/src/db" ]; then
+    ln -s /data/db "${WGDASH}/src/db"
+  fi
+
+  if [ ! -f "${config_file}" ]; then
+    echo "Creating wg-dashboard.ini file"
+    touch "${config_file}"
+  fi
+
+  if [ ! -f "${WGDASH}/src/wg-dashboard.ini" ]; then
+    ln -s "${config_file}" "${WGDASH}/src/wg-dashboard.ini"
+  fi
+
+  # Setup WireGuard if needed
+  if [ -z "$(ls -A /etc/wireguard)" ]; then
+    cp -a "/configs/wg0.conf.template" "/etc/wireguard/wg0.conf"
+
+    echo "Setting a secure private key."
+    local privateKey
+    privateKey=$(wg genkey)
+    sed -i "s|^PrivateKey *=.*$|PrivateKey = ${privateKey}|g" /etc/wireguard/wg0.conf
+
+    echo "Done setting template."
  else
-    echo "WireGuard interface file looks to already be existing."
-  fi
-  
-  echo "Activating Python venv and executing the WireGuard Dashboard service."
-
-  . "${WGDASH}"/venv/bin/activate
-  cd "${WGDASH}"/app/src || return # If changing the directory fails (permission or presence error), then bash will exist this function, causing the WireGuard Dashboard to not be succesfully launched.
-  bash wgd.sh start
-
-  # The following section takes care of the firewall rules regarding the 'isolated_peers' feature, which allows or drops packets destined from the wg0 to the wg0 interface.
-  if [ "${isolated_peers,,}" = "false" ]; then
-    echo "Isolated peers disabled, adjusting."
-
-    sed -i '/PostUp = iptables -I FORWARD -i wg0 -o wg0 -j DROP/d' /etc/wireguard/wg0.conf
-    sed -i '/PreDown = iptables -D FORWARD -i wg0 -o wg0 -j DROP/d' /etc/wireguard/wg0.conf
-  elif [ "${isolated_peers,,}" = "true" ]; then
-    upblocking=$(grep -c "PostUp = iptables -I FORWARD -i wg0 -o wg0 -j DROP" /etc/wireguard/wg0.conf)
-    downblocking=$(grep -c "PreDown = iptables -D FORWARD -i wg0 -o wg0 -j DROP" /etc/wireguard/wg0.conf)
-    if [ "$upblocking" -lt 1 ] && [ "$downblocking" -lt 1 ]; then
-      echo "Isolated peers enabled, adjusting."
-
-      sed -i '/PostUp = iptables -t nat -I POSTROUTING 1 -s/a PostUp = iptables -I FORWARD -i wg0 -o wg0 -j DROP' /etc/wireguard/wg0.conf
-      sed -i '/PreDown = iptables -t nat -D POSTROUTING 1 -s/a PreDown = iptables -D FORWARD -i wg0 -o wg0 -j DROP' /etc/wireguard/wg0.conf
-    fi
-
-  fi
-
-  # The following section takes care of 
-  if [ "${enable_wg0,,}" = "true" ]; then
-    echo "Preference for wg0 to be turned on found."
-
-    wg-quick up wg0
-  else
-    echo "Preference for wg0 to be turned off found."
+    echo "Existing wg0 configuration file found, using that."
  fi
 }

 set_envvars() {
-  echo "Setting relevant variables for operation."
+  printf "\n------------- SETTING ENVIRONMENT VARIABLES ----------------\n"

-  # If the timezone is different, for example in North-America or Asia.
-  if [ "${tz}" != "$(cat /etc/timezone)" ]; then
-    echo "Changing timezone."
-    
-    ln -sf /usr/share/zoneinfo/"${tz}" /etc/localtime
-    echo "${tz}" > /etc/timezone
+  # Check if config file is empty
+  if [ ! -s "${config_file}" ]; then
+    echo "Config file is empty. Creating initial structure."
  fi

-  # Changing the DNS used for clients and the dashboard itself.
-  if [ "${global_dns}" != "$(grep "peer_global_dns = " /opt/wireguarddashboard/app/src/wg-dashboard.ini | awk '{print $NF}')" ]; then 
-    echo "Changing default dns."
+  echo "Checking basic configuration:"
+  set_ini Peers peer_global_dns "${global_dns}"

-    #sed -i "s/^DNS = .*/DNS = ${global_dns}/" /etc/wireguard/wg0.conf # Uncomment if you want to have DNS on server-level.
-    sed -i "s/^peer_global_dns = .*/peer_global_dns = ${global_dns}/" /opt/wireguarddashboard/app/src/wg-dashboard.ini
+  if [ -z "${public_ip}" ]; then
+    public_ip=$(curl -s ifconfig.me)
+    echo "Automatically detected public IP: ${public_ip}" 
  fi

-  # Setting the public IP of the WireGuard Dashboard container host. If not defined, it will trying fetching it using a curl to ifconfig.me.
-  if [ "${public_ip}" = "0.0.0.0" ]; then
-    default_ip=$(curl -s ifconfig.me)
-    echo "Trying to fetch the Public-IP using ifconfig.me: ${default_ip}"
+  set_ini Peers remote_endpoint "${public_ip}"
+  set_ini Server app_port "${wgd_port}"

-    sed -i "s/^remote_endpoint = .*/remote_endpoint = ${default_ip}/" /opt/wireguarddashboard/app/src/wg-dashboard.ini
-  elif [ "${public_ip}" != "$(grep "remote_endpoint = " /opt/wireguarddashboard/app/src/wg-dashboard.ini | awk '{print $NF}')" ]; then
-    echo "Setting the Public-IP using given variable: ${public_ip}"
+  # Account settings - process all parameters
+  [[ -n "$username" ]] && echo "Configuring user account:"
+  # Basic account variables
+  [[ -n "$username" ]] && set_ini Account username "${username}"

-    sed -i "s/^remote_endpoint = .*/remote_endpoint = ${public_ip}/" /opt/wireguarddashboard/app/src/wg-dashboard.ini
+  if [[ -n "$password" ]]; then
+    echo "- Setting password"
+    set_ini Account password "$(hash_password "${password}")"
  fi
+
+  # Additional account variables
+  [[ -n "$enable_totp" ]] && set_ini Account enable_totp "${enable_totp}"
+  [[ -n "$totp_verified" ]] && set_ini Account totp_verified "${totp_verified}"
+  [[ -n "$totp_key" ]] && set_ini Account totp_key "${totp_key}"
+
+  # Welcome session
+  [[ -n "$welcome_session" ]] && set_ini Other welcome_session "${welcome_session}"
+  # If username and password are set but welcome_session isn't, disable it
+  if [[ -n "$username" && -n "$password" && -z "$welcome_session" ]]; then
+    set_ini Other welcome_session "false"
+  fi
+
+  # Autostart WireGuard
+  if [[ -n "$wg_autostart" ]]; then
+    echo "Configuring WireGuard autostart:"
+    set_ini WireGuardConfiguration autostart "${wg_autostart}"
+  fi
+
+  # Email (check if any settings need to be configured)
+  email_vars=("email_server" "email_port" "email_encryption" "email_username" "email_password" "email_from" "email_template")
+  for var in "${email_vars[@]}"; do
+    if [ -n "${!var}" ]; then
+      echo "Configuring email settings:"
+      break
+    fi
+  done
+
+  # Email (iterate through all possible fields)
+  email_fields=("server:email_server" "port:email_port" "encryption:email_encryption" 
+                "username:email_username" "email_password:email_password" 
+                "send_from:email_from" "email_template:email_template")
+
+  for field_pair in "${email_fields[@]}"; do
+    IFS=: read -r field var <<< "$field_pair"
+    [[ -n "${!var}" ]] && set_ini Email "$field" "${!var}"
+  done
 }

-ensure_blocking() {
+# Start service and monitor logs
+start_and_monitor() {
+  printf "\n---------------------- STARTING CORE -----------------------\n"
+
+  # Due to some instances complaining about this, making sure its there every time.
+  mkdir -p /dev/net
+  mknod /dev/net/tun c 10 200
+  chmod 600 /dev/net/tun
+
+  # Actually starting WGDashboard
+  echo "Starting WGDashboard directly with Gunicorn..."
+
+  [[ ! -d ${WGDASH}/src/log ]] && mkdir ${WGDASH}/src/log
+  [[ ! -d ${WGDASH}/src/download ]] && mkdir ${WGDASH}/src/download
+
+  ${WGDASH}/src/venv/bin/gunicorn --config ${WGDASH}/src/gunicorn.conf.py
+
+  /usr/sbin/resolvconf -u
+
+  if [ $? -ne 0 ]; then
+    echo "Loading WGDashboard failed... Look above for details."
+  fi
+
+  # Wait a second before continuing, to give the python program some time to get ready.
+  echo -e "\nEnsuring container continuation."
+
+  local max_rounds="10"
+  local round="0"
+
+  # Hang in there for 10s for Gunicorn to get ready
+  while true; do
+    round=$((round + 1))
+
+    local latest_error=$(ls -t ${WGDASH}/src/log/error_*.log 2> /dev/null | head -n 1)
+
+    if [[ $round -eq $max_rounds ]]; then
+      echo "Reached breaking point!"
+      break
+
+    fi
+
+    if [[ -z $latest_error ]]; then
+      echo -e "Logs not yet present! Retrying in 1 second!"
      sleep 1s
-  echo "Ensuring container continuation."

-  # This function checks if the latest error log is created and tails it for docker logs uses.
-  if find "/opt/wireguarddashboard/app/src/log" -mindepth 1 -maxdepth 1 -type f | read -r; then
-    latestErrLog=$(find /opt/wireguarddashboard/app/src/log -name "error_*.log" | head -n 1)
-    latestAccLog=$(find /opt/wireguarddashboard/app/src/log -name "access_*.log" | head -n 1)
-    tail -f "${latestErrLog}" "${latestAccLog}"
+    else
+      break
+
    fi

-  # Blocking command in case of erroring. So the container does not quit.
-  sleep infinity
+  done
+
+  if [[ -z $latest_error ]]; then
+    echo -e "No error logs founds... Please investigate.\nExiting in 3 minutes..."
+    sleep 180s
+    exit 1
+
+  else
+    tail -f "$latest_error" &
+    tail_pid=$!
+
+    wait $tail_pid
+  fi
 }

-# Execute functions for the WireGuard Dashboard services, then set the environment variables
-clean_up
-start_core
+# Main execution flow
+ensure_installation
 set_envvars
-ensure_blocking
+start_and_monitor
--- a/docker/wg0.conf.template
+++ b/docker/wg0.conf.template
@ -0,0 +1,8 @@
+[Interface]
+Address = ${wg_net}/24
+PrivateKey =
+PostUp = iptables -t nat -I POSTROUTING 1 -s ${wg_net}/24 -o ${out_adapt} -j MASQUERADE; iptables -I FORWARD -i wg0 -o wg0 -j DROP
+PreDown = iptables -t nat -D POSTROUTING -s ${wg_net}/24 -o ${out_adapt} -j MASQUERADE; iptables -D FORWARD -i wg0 -o wg0 -j DROP
+ListenPort = ${wg_port}
+SaveConfig = true
+DNS = ${global_dns}
--- a/docs/api-documents.md
+++ b/docs/api-documents.md
@ -1,612 +0,0 @@
-# 📖 API Document for WGDashboard
-
-**Version: v4.0**
-
-**Created by: Donald Zou**
-
-<!-- TOC -->
-* [📖 API Document for WGDashboard](#-api-document-for-wgdashboard)
-  * [🔑 How to use API Key?](#-how-to-use-api-key)
-    * [Create API Key](#create-api-key)
-    * [Use API Key](#use-api-key)
-  * [API Endpoints](#api-endpoints)
-    * [Handshake to Server](#handshake-to-server)
-      * [Request](#request)
-      * [Response](#response)
-    * [Validate Authentication](#validate-authentication)
-      * [Request](#request-1)
-      * [Response](#response-1)
-    * [Authenticate](#authenticate)
-      * [Request](#request-2)
-        * [Body Parameters](#body-parameters)
-      * [Response](#response-2)
-    * [Sign Out](#sign-out)
-      * [Request](#request-3)
-      * [Response](#response-3)
-    * [Get WireGuard Configurations](#get-wireguard-configurations)
-      * [Request](#request-4)
-      * [Response](#response-4)
-    * [Add WireGuard Configuration](#add-wireguard-configuration)
-      * [Request](#request-5)
-        * [Body Parameters](#body-parameters-1)
-      * [Response](#response-5)
-    * [Toggle WireGuard Configuration](#toggle-wireguard-configuration)
-      * [Request](#request-6)
-        * [Query String Parameter](#query-string-parameter)
-      * [Response](#response-6)
-    * [Get WGDashboard Configuration](#get-wgdashboard-configuration)
-      * [Request](#request-7)
-      * [Response](#response-7)
-    * [Update WGDashboard Configuration Item](#update-wgdashboard-configuration-item)
-      * [Request](#request-8)
-        * [Body Parameters](#body-parameters-2)
-      * [Response](#response-8)
-    * [Get WGDashboard API Keys](#get-wgdashboard-api-keys)
-      * [Request](#request-9)
-      * [Response](#response-9)
-    * [Add WGDashboard API Key](#add-wgdashboard-api-key)
-      * [Request](#request-10)
-        * [Body Parameters](#body-parameters-3)
-      * [Response](#response-10)
-    * [Endpoint](#endpoint)
-      * [Request](#request-11)
-      * [Response](#response-11)
-<!-- TOC -->
-
-<hr>
-
-## 🔑 How to use API Key?
-
-### Create API Key
-
-1. To request an API Key, simply login to your WGDashboard, go to **Settings**, scroll to the very bottom. Click the **switch** on the right to enable API Key.
-2. Click the blur **Create** button, set an **expiry date** you want or **never expire**, then click **Done**.
-
-### Use API Key
-
- Simply add `wg-dashboard-apikey` with the value of your API key into the HTTP Header.
-
-```javascript
-fetch('http://server:10086/api/handshake', {
-    headers: {
-       'content-type': 'application/json',
-        'wg-dashboard-apikey': 'insert your api key here'
-    },
-    method: "GET"
-})
-```
-
-## API Endpoints
-
-### Handshake to Server
-
-This endpoint is designed for a simple handshake when using API key to connect. If `status` is `true` that means 
-
-#### Request
-
-`GET /api/handshake`
-
-#### Response
-
-`200 - OK`
-
-```json
-{
-    "data": null,
-    "message": null,
-    "status": true
-}
-```
-
-`401 - UNAUTHORIZED`
-
-```json
-{
-    "data": null,
-    "message": "Unauthorized access.",
-    "status": false
-}
-```
-> Notice: this `401` response will return at all endpoint if your API Key or session is invalid.
-
-<hr>
-
-### Validate Authentication
-
-This endpoint if needed for non-cross-server access. This will check if the cookie on the client side is still valid on the server side.
-
-#### Request
-
-`GET /api/validateAuthentication`
-
-#### Response
-
-`200 - OK`
-
-Session is still valid
-
-```json
-{
-    "data": null,
-    "message": null,
-    "status": true
-}
-```
-
-Session is invalid
-
-```json
-{
-    "data": null,
-    "message": "Invalid authentication.",
-    "status": false
-}
-```
-<hr>
-
-### Authenticate
-
-This endpoint is dedicated for non-cross-server access. It is used to authenticate user's username, password and TOTP 
-
-#### Request
-
-`POST /api/authenticate`
-
-##### Body Parameters
-
-```json
-{
-    "username": "admin",
-    "password": "admin",
-    "totp": "123456"
-}
-```
-
-| Parameter  | Type   |   
-|------------|--------|   
-| `username` | string |   
-| `password` | string |   
-| `totp`     | string |   
-
-
-#### Response
-
-`200 - OK`
-
-If username, password and TOTP matched
-
-```json
-{
-    "data": null,
-    "message": null,
-    "status": true
-}
-```
-
-If username, password or TOTP is not match
-
-```json
-{
-    "data": null,
-    "message": "Sorry, your username, password or OTP is incorrect.",
-    "status": false
-}
-```
-
-<hr>
-
-### Sign Out
-
-To remove the current session on server side
-
-#### Request
-
-`GET /api/signout`
-
-#### Response
-
-`200 - OK`
-
-```json
-{
-    "data": null,
-    "message": null,
-    "status": true
-}
-```
-<hr>
-
-### Get WireGuard Configurations
-
-To get all WireGuard configurations in `/etc/wireguard`
-
-#### Request
-
-`GET /api/getWireguardConfigurations`
-
-#### Response
-
-`200 - OK`
-
-```json
-{
-    "data": [
-        {
-            "Address": "10.200.200.1/24",
-            "ConnectedPeers": 0,
-            "DataUsage": {
-                "Receive": 0.1582,
-                "Sent": 2.1012999999999997,
-                "Total": 2.2595
-            },
-            "ListenPort": "51820",
-            "Name": "wg0",
-            "PostDown": "iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp0s1 -j MASQUERADE;",
-            "PostUp": "iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp0s1 -j MASQUERADE;",
-            "PreDown": "",
-            "PreUp": "",
-            "PrivateKey": "8DsSMli3okgUx5frKbFQ0fMW5ZMyqyxOdOW7+g21L18=",
-            "PublicKey": "GQlGi8QJ93hWY7L2xlJyh+7S6+ekER9xP11T92T0O0Q=",
-            "SaveConfig": true,
-            "Status": false
-        }
-    ],
-    "message": null,
-    "status": true
-}
-```
-<hr>
-
-### Add WireGuard Configuration
-
-Add a new WireGuard Configuration
-
-#### Request
-
-`POST /api/addWireguardConfiguration`
-
-##### Body Parameters
-
-```json
-{
-    "ConfigurationName": "wg0",
-    "Address": "10.0.0.1/24",
-    "ListenPort":  51820,
-    "PrivateKey": "eJuuamCgakVs2xUZGHh/g7C6Oy89JGh7eE2jjEGbbFc=",
-    "PublicKey":  "3Ruirgw9qNRwNpBepkiVjjSe82tY+lDZr6WaFC4wO2g=",
-    "PresharedKey": "GMMLKWdJlgsKVoR26BJPsNbDXyfILL+x1Nd6Ecmn4lg=",
-    "PreUp":  "",
-    "PreDown": "iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp0s1 -j MASQUERADE;",
-    "PostUp":  "iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp0s1 -j MASQUERADE;",
-    "PostDown": ""
-}
-```
-
-| Parameter           | Type   |
-|---------------------|--------|
-| `ConfigurationName` | string |
-| `Address`           | string |
-| `ListenPort`        | int    |
-| `PrivateKey`        | string |
-| `PublicKey`         | string |
-| `PresharedKey`      | string |
-| `PreUp`             | string |
-| `PreDown`           | string |
-| `PostUp`            | string |
-| `PostDown`          | string |
-
-#### Response
-
-`200 - OK`
-
-If everything is good
-
-```json
-{
-    "data": null,
-    "message": null,
-    "status": true
-}
-```
-
-If the new configuration's `ConfigurationName` is already existed
-
-```json
-{
-    "data": null,
-    "message": "Already have a configuration with the name \"wg0\"",
-    "status": false
-}
-```
-
-If the new configuration's `ListenPort` is used by another configuration
-
-```json
-{
-    "data": null,
-    "message": "Already have a configuration with the port  \"51820\"",
-    "status": false
-}
-```
-
-If the new configuration's `Address` is used by another configuration
-
-```json
-{
-    "data": null,
-    "message": "Already have a configuration with the address  \"10.0.0.1/24\"",
-    "status": false
-}
-```
-<hr>
-
-### Toggle WireGuard Configuration
-
-To turn on/off of a WireGuard Configuration
-
-#### Request
-
-`GET /api/toggleWireguardConfiguration/?configurationName=`
-
-##### Query String Parameter
-
-| Parameter           | Type   |
-|---------------------|--------|
-| `configurationName` | string |
-
-#### Response
-
-`200 - OK`
-
-If toggle is successful, server will return the current status in `status`: `true` or `false` indicating if the configuration is up or not.
-
-```json
-{
-    "data": true,
-    "message": null,
-    "status": true
-}
-```
-
-If the `configurationName` provided does not exist
-
-```json
-{
-    "data": null,
-    "message": "Please provide a valid configuration name",
-    "status": false
-}
-```
-
-<hr>
-
-### Get WGDashboard Configuration
-
-Get the WGDashboard Configuration, such as `dashboard_theme`...
-
-#### Request
-
-`GET /api/getDashboardConfiguration`
-
-#### Response
-
-`200 - OK`
-
-```json
-{
-    "data": {
-        "Account": {
-            "enable_totp": false,
-            "password": "some hashed value :(",
-            "totp_verified": false,
-            "username": "admin"
-        },
-        "Database": {
-            "type": "sqlite"
-        },
-        "Other": {
-            "welcome_session": false
-        },
-        "Peers": {
-            "peer_display_mode": "grid",
-            "peer_endpoint_allowed_ip": "0.0.0.0/0",
-            "peer_global_dns": "1.1.1.1",
-            "peer_keep_alive": "21",
-            "peer_mtu": "1420",
-            "remote_endpoint": "192.168.2.38"
-        },
-        "Server": {
-            "app_ip": "0.0.0.0",
-            "app_port": "10086",
-            "app_prefix": "",
-            "auth_req": true,
-            "dashboard_api_key": true,
-            "dashboard_refresh_interval": "5000",
-            "dashboard_sort": "status",
-            "dashboard_theme": "dark",
-            "version": "v4.0",
-            "wg_conf_path": "/etc/wireguard"
-        }
-    },
-    "message": null,
-    "status": true
-}
-```
-
-<hr>
-
-### Update WGDashboard Configuration Item
-
-Update the WGDashboard Configuration one at a time
-
-#### Request
-
-`POST /api/updateDashboardConfigurationItem`
-
-##### Body Parameters
-
-```json
-{
-    "section": "Server",
-    "key": "dashboard_theme",
-    "value": "dark"
-}
-```
-| Parameter | Type   |                                                          |
-|-----------|--------|----------------------------------------------------------|
-| `section` | string | Each section in the `wg-dashboard.ini`                   |
-| `key`     | string | Each key/value pair under each in the `wg-dashboard.ini` |
-| `value`   | string | Value for this key/value pair                            |
-
-
-#### Response
-
-`200 - OK`
-
-If update is success
-
-```json
-{
-    "data": true,
-    "message": null,
-    "status": true
-}
-```
-
-If update failed
-
-```json
-{
-    "data": true,
-    "message": "Message related to the error will appear here",
-    "status": false
-}
-```
-
-<hr>
-
-### Get WGDashboard API Keys
-
-Get a list of active API key in WGDashboard
-
-#### Request
-
-`GET /api/getDashboardAPIKeys`
-
-#### Response
-
-`200 - OK`
-
-If API Key function is enabled and there are active API keys
-
-> If `ExpiredAt` is `null`, that means this API key will never expire
-
-```json
-{
-    "data": [
-        {
-            "CreatedAt": "2024-08-15 00:42:31",
-            "ExpiredAt": null,
-            "Key": "AXt1x3TZMukmA-eSnAyESy08I14n20boppSsknHOB-Y"
-        },
-        {
-            "CreatedAt": "2024-08-14 22:50:44",
-            "ExpiredAt": "2024-08-21 22:50:43",
-            "Key": "ry0Suo0BrypSMzbq0C_TjkEcgrFHHj6UBZGmC2-KI2o"
-        }
-    ],
-    "message": null,
-    "status": true
-}
-```
-
-If API key function is disabled
-
-```json
-{
-    "data": null,
-    "message": "Dashboard API Keys function is disabled",
-    "status": false
-}
-```
-
-<hr>
-
-### Add WGDashboard API Key
-
-Add a new API Key in WGDashboard
-
-#### Request
-
-`POST /api/newDashboardAPIKey`
-
-##### Body Parameters
-
-```json
-{
-    "neverExpire": false,
-    "ExpiredAt": "2024-12-31 16:00:00"
-}
-```
-| Parameter     | Type   |                                                                                   |
-|---------------|--------|-----------------------------------------------------------------------------------|
-| `neverExpire` | bool   | If this is `false`, please specify a date in `ExpiredAt`                          |
-| `ExpiredAt`   | string | If `neverExpire` is `true`, this can be omitted. Format is `YYYY-MM-DD hh:mm:ss`. |
-
-#### Response
-
-`200 - OK`
-
-If success, it will return the latest list of API Keys
-
-```json
-{
-  "data": [
-    {
-      "CreatedAt": "2024-08-15 00:42:31",
-      "ExpiredAt": null,
-      "Key": "AXt1x3TZMukmA-eSnAyESy08I14n20boppSsknHOB-Y"
-    },
-    {
-      "CreatedAt": "2024-08-14 22:50:44",
-      "ExpiredAt": "2024-12-31 16:50:43",
-      "Key": "ry0Suo0BrypSMzbq0C_TjkEcgrFHHj6UBZGmC2-KI2o"
-    }
-  ],
-  "message": null,
-  "status": true
-}
-```
-
-If API key function is disabled
-
-```json
-{
-    "data": null,
-    "message": "Dashboard API Keys function is disabled",
-    "status": false
-}
-```
-
-<hr>
-
-### Endpoint
-
-Description
-
-#### Request
-
-`GET`
-
-#### Response
-
-`200 - OK`
-
-```json
-{
-    "data": true,
-    "message": null,
-    "status": true
-}
-```
-
--- a/docs/changelogs.md
+++ b/docs/changelogs.md
@ -1,105 +0,0 @@
-# ⏰ Changelogs of WGDashboard
-
-#### v3.0.0 - v3.0.6.2 - Jan 18, 2022
-
- 🎉  **New Features**
-    - **Moved from TinyDB to SQLite**: SQLite provide a better performance and loading speed when getting peers! Also avoided crashing the database due to **race condition**.
-    - **Added Gunicorn WSGI Server**: This could provide more stable on handling HTTP request, and more flexibility in the future (such as HTTPS support). **BIG THANKS to @pgalonza :heart:**
-    - **Add Peers by Bulk:** User can add peers by bulk, just simply set the amount and click add.
-    - **Delete Peers by Bulk**: User can delete peers by bulk, without deleting peers one by one.
-    - **Download Peers in Zip**: User can download all *downloadable* peers in a zip.
-    - **Added Pre-shared Key to peers:** Now each peer can add with a pre-shared key to enhance security. Previously added peers can add the pre-shared key through the peer setting button.
-    - **Redirect Back to Previous Page:** The dashboard will now redirect you back to your previous page if the current session got timed out and you need to sign in again.
-    - **Added Some [🥘 Experimental Functions](#-experimental-functions)**
-
- 🪚  **Bug Fixed**
-    - [IP Sorting range issues #99](https://github.com/donaldzou/WGDashboard/issues/99) [❤️ @barryboom]
-    - [INvalid character written to tunnel json file #108](https://github.com/donaldzou/WGDashboard/issues/108) [❤️ @ikidd]
-    - [Add IPv6 #91](https://github.com/donaldzou/WGDashboard/pull/91) [❤️ @pgalonza]
-    - [Added MTU and PersistentKeepalive to QR code and download files #112](https://github.com/donaldzou/WGDashboard/pull/112) [:heart: @reafian]
-    - **And many other bugs provided by our beloved users** :heart:
- **🧐  Other Changes**
-    - **Key generating moved to front-end**: No longer need to use the server's WireGuard to generate keys, thanks to the `wireguard.js` from the [official repository](https://git.zx2c4.com/wireguard-tools/tree/contrib/keygen-html/wireguard.js)!
-    - **Peer transfer calculation**: each peer will now show all transfer amount (previously was only showing transfer amount from the last configuration start-up).
-    - **UI adjustment on running peers**: peers will have a new style indicating that it is running.
-    - **`wgd.sh` finally can update itself**: So now user could update the whole dashboard from `wgd.sh`, with the `update` command.
-    - **Minified JS and CSS files**: Although only a small changes on the file size, but I think is still a good practice to save a bit of bandwidth ;)
-
-*And many other small changes for performance and bug fixes! :laughing:*
-
-#### v2.3.1 - Sep 8, 2021
-
- Updated dashboard's name to **WGDashboard**!!
-
-#### v2.3 - Sep 8, 2021
-
- 🎉  **New Features**
-    - **Update directly from `wgd.sh`:** Now you can update WGDashboard directly from the bash script.
-    - **Displaying Peers:** You can switch the display mode between list and table in the configuration page.
- 🪚  **Bug Fixed**
-    - [Peer DNS Validation Fails #67](issues/67): Added DNS format check. [❤️ @realfian]
-    - [configparser.NoSectionError: No section: 'Interface' #66](issues/66): Changed permission requirement for `etc/wireguard` from `744` to `755`. [❤️ @ramalmaty]
-    - [Feature request: Interface not loading when information missing #73](issues/73): Fixed when Configuration Address and Listen Port is missing will crash the dashboard. [❤️ @js32]
-    - [Remote Peer, MTU and PersistentKeepalives added #70](pull/70): Added MTU, remote peer and Persistent Keepalive. [❤️ @realfian]
-    - [Fixes DNS check to support search domain #65](pull/65): Added allow input domain into DNS. [❤️@davejlong]
- **🧐  Other Changes**
-    - Moved Add Peer Button into the right bottom corner.
-
-#### v2.2.1 - Aug 16, 2021
-
-Bug Fixed:
- Added support for full subnet on Allowed IP
- Peer setting Save button
-
-#### v2.2 - Aug 14, 2021
-
- 🎉  **New Features**
-    - **Add new peers**: Now you can add peers directly on dashboard, it will generate a pair of private key and public key. You can also set its DNS, endpoint allowed IPs. Both can set a default value in the setting page. [❤️ in [#44](https://github.com/donaldzou/wireguard-dashboard/issues/44)]
-    - **QR Code:** You can add the private key in peer setting of your existed peer to create a QR code. Or just create a new one, dashboard will now be able to auto generate a private key and public key ;) Don't worry, all keys will be generated on your machine, and **will delete all key files after they got generated**. [❤️ in [#29](https://github.com/donaldzou/wireguard-dashboard/issues/29)]
-    - **Peer configuration file download:** Same as QR code, you now can download the peer configuration file, so you don't need to manually input all the details on the peer machine! [❤️ in [#40](https://github.com/donaldzou/wireguard-dashboard/issues/40)]
-    - **Search peers**: You can now search peers by their name.
-    - **Autostart on boot:** Added a tutorial on how to start the dashboard to on boot! Please read the [tutorial below](#autostart-wireguard-dashboard-on-boot). [❤️ in [#29](https://github.com/donaldzou/wireguard-dashboard/issues/29)]
-    - **Click to copy**: You can now click and copy all peer's public key and configuration's public key.
-    - ....
- 🪚  **Bug Fixed**
-    - When there are comments in the wireguard config file, will cause the dashboard to crash.
-    - Used regex to search for config files.
- **🧐  Other Changes**
-    - Moved all external CSS and JavaScript file to local hosting (Except Bootstrap Icon, due to large amount of SVG files).
-    - Updated Python dependencies
-        - Flask: `v1.1.2 => v2.0.1`
-        - Jinja: `v2.10.1 => v3.0.1`
-        - icmplib: `v2.1.1 => v3.0.1`
-    - Updated CSS/JS dependencies
-        - Bootstrap: `v4.5.3 => v4.6.0`
-    - UI adjustment
-        - Adjusted how peers will display in larger screens, used to be 1 row per peer, now is 3 peers in 1 row.
-
-#### v2.1 - Jul 2, 2021
-
- Added **Ping** and **Traceroute** tools!
- Adjusted the calculation of data usage on each peers
- Added refresh interval of the dashboard
- Bug fixed when no configuration on fresh install ([#23](https://github.com/donaldzou/wireguard-dashboard/issues/23))
- Fixed crash when too many peers ([#22](https://github.com/donaldzou/wireguard-dashboard/issues/22))
-
-#### v2.0 - May 5, 2021
-
- Added login function to dashboard
-    - ***I'm not using the most ideal way to store the username and password, feel free to provide a better way to do this if you any good idea!***
- Added a config file to the dashboard
- Dashboard config can be change within the **Setting** tab on the side bar
- Adjusted UI
- And much more!
-
-#### v1.1.2 - Apr 3, 2021
-
- Resolved issue [#3](https://github.com/donaldzou/wireguard-dashboard/issues/3).
-
-#### v1.1.1 - Apr 2, 2021
-
- Able to add a friendly name to each peer. Thanks [#2](https://github.com/donaldzou/wireguard-dashboard/issues/2) !
-
-#### v1.0 - Dec 27, 2020
-
- Added the function to remove peers
--- a/package-lock.json
+++ b/package-lock.json
@ -1,17 +0,0 @@
-{
-  "name": "Wireguard-Dashboard",
-  "lockfileVersion": 3,
-  "requires": true,
-  "packages": {
-    "": {
-      "dependencies": {
-        "dayjs": "^1.11.12"
-      }
-    },
-    "node_modules/dayjs": {
-      "version": "1.11.12",
-      "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.12.tgz",
-      "integrity": "sha512-Rt2g+nTbLlDWZTwwrIXjy9MeiZmSDI375FvZs72ngxx8PDC6YXOeR3q5LAuPzjZQxhiWdRKac7RKV+YyQYfYIg=="
-    }
-  }
-}
--- a/package.json
+++ b/package.json
@ -1,5 +0,0 @@
-{
-  "dependencies": {
-    "dayjs": "^1.11.12"
-  }
-}
--- a/src/api.py
+++ b/src/api.py
@ -1,244 +0,0 @@
-import ipaddress, subprocess, datetime, os, util
-from datetime import datetime, timedelta
-from flask import jsonify
-from util import *
-import configparser
-
-notEnoughParameter = {"status": False, "reason": "Please provide all required parameters."}
-good = {"status": True, "reason": ""}
-
-def ret(status=True, reason="", data=""):
-    return {"status": status, "reason": reason, "data": data}
-
-
-
-def togglePeerAccess(data, g):
-    checkUnlock = g.cur.execute(f"SELECT * FROM {data['config']} WHERE id='{data['peerID']}'").fetchone()
-    if checkUnlock:
-        moveUnlockToLock = g.cur.execute(
-            f"INSERT INTO {data['config']}_restrict_access SELECT * FROM {data['config']} WHERE id = '{data['peerID']}'")
-        if g.cur.rowcount == 1:
-            print(g.cur.rowcount)
-            print(util.deletePeers(data['config'], [data['peerID']], g.cur, g.db))
-    else:
-        moveLockToUnlock = g.cur.execute(
-            f"SELECT * FROM {data['config']}_restrict_access WHERE id = '{data['peerID']}'").fetchone()
-        try:
-            if len(moveLockToUnlock[-1]) == 0:
-                status = subprocess.check_output(
-                    f"wg set {data['config']} peer {moveLockToUnlock[0]} allowed-ips {moveLockToUnlock[11]}",
-                    shell=True, stderr=subprocess.STDOUT)
-            else:
-                now = str(datetime.datetime.now().strftime("%m%d%Y%H%M%S"))
-                f_name = now + "_tmp_psk.txt"
-                f = open(f_name, "w+")
-                f.write(moveLockToUnlock[-1])
-                f.close()
-                subprocess.check_output(
-                    f"wg set {data['config']} peer {moveLockToUnlock[0]} allowed-ips {moveLockToUnlock[11]} preshared-key {f_name}",
-                    shell=True, stderr=subprocess.STDOUT)
-                os.remove(f_name)
-            status = subprocess.check_output(f"wg-quick save {data['config']}", shell=True, stderr=subprocess.STDOUT)
-            g.cur.execute(
-                f"INSERT INTO {data['config']} SELECT * FROM {data['config']}_restrict_access WHERE id = '{data['peerID']}'")
-            if g.cur.rowcount == 1:
-                g.cur.execute(f"DELETE FROM {data['config']}_restrict_access WHERE id = '{data['peerID']}'")
-
-        except subprocess.CalledProcessError as exc:
-            return {"status": False, "reason": str(exc.output.strip())}
-    return good
-
-class managePeer:
-    def getPeerDataUsage(self, data, cur):
-        now = datetime.now()
-        now_string = now.strftime("%d/%m/%Y %H:%M:%S")
-        interval = {
-            "30min": now - timedelta(hours=0, minutes=30),
-             "1h": now - timedelta(hours=1, minutes=0), 
-             "6h": now - timedelta(hours=6, minutes=0), 
-             "24h": now - timedelta(hours=24, minutes=0), 
-             "all": ""
-        }
-        if data['interval'] not in interval.keys():
-            return {"status": False, "reason": "Invalid interval."}
-        intv = ""
-        if data['interval'] != "all":
-            t = interval[data['interval']].strftime("%d/%m/%Y %H:%M:%S")
-            intv = f" AND time >= '{t}'"
-        timeData = cur.execute(f"SELECT total_receive, total_sent, time FROM wg0_transfer WHERE id='{data['peerID']}' {intv} ORDER BY time DESC;")
-        chartData = []
-        for i in timeData:
-            chartData.append({
-                "total_receive": i[0],
-                "total_sent": i[1],
-                "time": i[2]
-            })
-        return {"status": True, "reason": "", "data": chartData}
-
-class manageConfiguration:
-    def AddressCheck(self, data):
-        address = data['address']
-        address = address.replace(" ", "")
-        address = address.split(',')
-        amount = 0
-        for i in address:
-            try:
-                ips = ipaddress.ip_network(i, False)
-                amount += ips.num_addresses
-            except ValueError as e:
-                return {"status": False, "reason": str(e)}
-        if amount >= 1:
-            return {"status": True, "reason": "", "data": f"Total of {amount} IPs"}
-        else:
-            return {"status": True, "reason": "", "data": f"0 available IPs"}
-
-    def PortCheck(self, data, configs):
-        port = data['port']
-        if (not port.isdigit()) or int(port) < 1 or int(port) > 65535:
-            return {"status": False, "reason": f"Invalid port."}
-        for i in configs:
-            if i['port'] == port:
-                return {"status": False, "reason": f"{port} used by {i['conf']}."}
-        checkSystem = subprocess.run(f'ss -tulpn | grep :{port} > /dev/null', shell=True)
-        if checkSystem.returncode != 1:
-            return {"status": False, "reason": f"Port {port} used by other process in your system."}
-        return good
-
-    def NameCheck(self, data, configs):
-        name = data['name']
-        name = name.replace(" ", "")
-        for i in configs:
-            if name == i['conf']:
-                return {"status": False, "reason": f"{name} already existed."}
-        illegal_filename = ["(Space)", " ", ".", ",", "/", "?", "<", ">", "\\", ":", "*", '|' '\"', "com1", "com2",
-                            "com3",
-                            "com4", "com5", "com6", "com7", "com8", "com9", "lpt1", "lpt2", "lpt3", "lpt4",
-                            "lpt5", "lpt6", "lpt7", "lpt8", "lpt9", "con", "nul", "prn"]
-        for i in illegal_filename:
-            name = name.replace(i, "")
-        if len(name) == 0:
-            return {"status": False, "reason": "Invalid name."}
-        return good
-
-    def addConfiguration(self, data, configs, WG_CONF_PATH):
-        output = ["[Interface]", "SaveConfig = true"]
-        required = ['addConfigurationPrivateKey', 'addConfigurationListenPort',
-                    'addConfigurationAddress', 'addConfigurationPreUp', 'addConfigurationPreDown',
-                    'addConfigurationPostUp', 'addConfigurationPostDown']
-        for i in required:
-            e = data[i]
-            if len(e) != 0:
-                key = i.replace("addConfiguration", "")
-                o = f"{key} = {e}"
-                output.append(o)
-        name = data['addConfigurationName']
-        illegal_filename = ["(Space)", " ", ".", ",", "/", "?", "<", ">", "\\", ":", "*", '|' '\"', "com1", "com2",
-                            "com3",
-                            "com4", "com5", "com6", "com7", "com8", "com9", "lpt1", "lpt2", "lpt3", "lpt4",
-                            "lpt5", "lpt6", "lpt7", "lpt8", "lpt9", "con", "nul", "prn"]
-        for i in illegal_filename:
-            name = name.replace(i, "")
-
-        try:
-            newFile = open(f"{WG_CONF_PATH}/{name}.conf", "w+")
-            newFile.write("\n".join(output))
-        except Exception as e:
-            return {"status": False, "reason": str(e)}
-        return {"status": True, "reason": "", "data": name}
-
-    def deleteConfiguration(self, data, config, g, WG_CONF_PATH):
-        confs = []
-        for i in config:
-            confs.append(i['conf'])
-        print(confs)
-        if data['name'] not in confs:
-            return {"status": False, "reason": "Configuration does not exist", "data": ""}
-        for i in config:
-            if i['conf'] == data['name']:
-                if i['status'] == "running":
-                    try:
-                        subprocess.check_output("wg-quick down " + data['name'], shell=True, stderr=subprocess.STDOUT)
-                    except subprocess.CalledProcessError as exc:
-                        return {"status": False, "reason": "Can't stop peer", "data": str(exc.output.strip().decode("utf-8"))}
-
-            g.cur.execute(f'DROP TABLE {data["name"]}')
-            g.cur.execute(f'DROP TABLE {data["name"]}_restrict_access')
-            g.db.commit()
-
-            try:
-                os.remove(f'{WG_CONF_PATH}/{data["name"]}.conf')
-            except Exception as e:
-                return {"status": False, "reason": "Can't delete peer", "data": str(e)}
-
-            return good
-
-    def getConfigurationInfo(self, configName, WG_CONF_PATH):
-        conf = configparser.RawConfigParser(strict=False)
-        conf.optionxform = str
-        try:
-            with open(f'{WG_CONF_PATH}/{configName}.conf', 'r'):
-                conf.read(f'{WG_CONF_PATH}/{configName}.conf')
-                if not conf.has_section("Interface"):
-                    return ret(status=False, reason="No [Interface] in configuration file")
-                return ret(data=dict(conf['Interface']))
-        except FileNotFoundError as err:
-            return ret(status=False, reason=str(err))
-    
-    def saveConfiguration(self, data, WG_CONF_PATH, configs):
-        conf = configparser.RawConfigParser(strict=False)
-        conf.optionxform = str
-        configName = data['configurationName']
-        pc = manageConfiguration.PortCheck(self, {'port': data['ListenPort']}, configs)
-        if pc['status']:
-            try:
-                newData = []
-                with open(f'{WG_CONF_PATH}/{configName}.conf', 'r') as f:
-                    conf.read(f'{WG_CONF_PATH}/{configName}.conf')
-                    if not conf.has_section("Interface"):
-                        return ret(status=False, reason="No [Interface] in configuration file")
-                    l = ['ListenPort', 'PostUp', 'PostDown', 'PreUp', 'PreDown']
-                    for i in l:
-                        conf.set("Interface", i, data[i])
-                    conf.remove_section("Peer")
-                    newData = list(map(lambda x : f"{x[0]} = {x[1]}\n", list(conf.items("Interface"))))
-                    originalData = f.readlines()
-                    for i in range(len(originalData)):
-                        if originalData[i] == "[Peer]\n":
-                            originalData = originalData[i:]
-                            break
-                    newData.insert(0, "[Interface]\n")
-                    newData.append("\n")
-                    newData = newData + originalData
-                    conf.clear()
-                
-
-                try:
-                    check = subprocess.check_output("wg-quick down " + configName,
-                                                    shell=True, stderr=subprocess.STDOUT)
-                except subprocess.CalledProcessError as exc:
-                    pass
-                with open(f'{WG_CONF_PATH}/{configName}.conf', 'w') as f:
-                    for i in newData:
-                        f.write(i)
-                try:
-                    check = subprocess.check_output("wg-quick up " + configName,
-                                                    shell=True, stderr=subprocess.STDOUT)
-                except subprocess.CalledProcessError as exc:
-                    pass
-                return ret()
-            except FileNotFoundError as err:
-                return ret(status=False, reason=str(err))
-        else:
-            return pc
-
-        
-
-
-class settings:
-    def setTheme(self, theme, config, setConfig):
-        themes = ['light', 'dark']
-        if theme not in themes: 
-            return ret(status=False, reason="Theme does not exist")
-        config['Server']['dashboard_theme'] = theme
-        setConfig(config)
-        return ret()
--- a/src/bulkAddBash.sh
+++ b/src/bulkAddBash.sh
@ -1,7 +0,0 @@
-for ((i = 0 ; i<$1 ; i++ ))
-do
-        privateKey=$(wg genkey)
-        presharedKey=$(wg genkey)
-        publicKey=$(wg pubkey <<< "$privateKey")
-        echo "$privateKey,$publicKey,$presharedKey"
-done
--- a/src/client.py
+++ b/src/client.py
@ -0,0 +1,232 @@
+import datetime
+
+from tzlocal import get_localzone
+
+from functools import wraps
+
+from flask import Blueprint, render_template, abort, request, Flask, current_app, session, redirect, url_for
+import os
+
+from modules.WireguardConfiguration import WireguardConfiguration
+from modules.DashboardConfig import DashboardConfig
+from modules.Email import EmailSender
+
+
+def ResponseObject(status=True, message=None, data=None, status_code = 200) -> Flask.response_class:
+    response = Flask.make_response(current_app, {
+        "status": status,
+        "message": message,
+        "data": data
+    })
+    response.status_code = status_code
+    response.content_type = "application/json"
+    return response
+
+
+
+from modules.DashboardClients import DashboardClients
+def createClientBlueprint(wireguardConfigurations: dict[WireguardConfiguration], dashboardConfig: DashboardConfig, dashboardClients: DashboardClients):
+        
+    client = Blueprint('client', __name__, template_folder=os.path.abspath("./static/dist/WGDashboardClient"))
+    prefix = f'{dashboardConfig.GetConfig("Server", "app_prefix")[1]}/client'
+
+    def login_required(f):
+        @wraps(f)
+        def func(*args, **kwargs):
+            if session.get("Email") is None or session.get("TotpVerified") is None or not session.get("TotpVerified") or session.get("Role") != "client":
+                return ResponseObject(False, "Unauthorized access.", data=None, status_code=401)
+        
+            if not dashboardClients.GetClient(session.get("ClientID")):
+                session.clear()
+                return ResponseObject(False, "Unauthorized access.", data=None, status_code=401)
+            
+            return f(*args, **kwargs)
+        return func
+    
+    @client.before_request
+    def clientBeforeRequest():
+        if not dashboardConfig.GetConfig("Clients", "enable")[1]:
+            abort(404)
+        
+        if request.method.lower() == 'options':
+            return ResponseObject(True)
+    
+    @client.post(f'{prefix}/api/signup')
+    def ClientAPI_SignUp():
+        data = request.get_json()
+        status, msg = dashboardClients.SignUp(**data)
+        return ResponseObject(status, msg)
+
+    @client.get(f'{prefix}/api/signin/oidc/providers')
+    def ClientAPI_SignIn_OIDC_GetProviders():
+        _, oidc = dashboardConfig.GetConfig("OIDC", "client_enable")
+        if not oidc:
+            return ResponseObject(status=False, message="OIDC is disabled")
+        
+        return ResponseObject(data=dashboardClients.OIDC.GetProviders())
+    
+    @client.post(f'{prefix}/api/signin/oidc')
+    def ClientAPI_SignIn_OIDC():
+        _, oidc = dashboardConfig.GetConfig("OIDC", "client_enable")
+        if not oidc:
+            return ResponseObject(status=False, message="OIDC is disabled")
+        
+        data = request.get_json()
+        status, oidcData = dashboardClients.SignIn_OIDC(**data)
+        if not status:
+            return ResponseObject(status, oidcData)
+
+        session['Email'] = oidcData.get('email')
+        session['Role'] = 'client'
+        session['TotpVerified'] = True
+        
+        return ResponseObject()
+    
+    @client.post(f'{prefix}/api/signin')
+    def ClientAPI_SignIn():
+        data = request.get_json()
+        status, msg = dashboardClients.SignIn(**data)
+        if status:
+            session['Email'] = data.get('Email')
+            session['Role'] = 'client'
+            session['TotpVerified'] = False
+        return ResponseObject(status, msg)
+
+    @client.post(f'{prefix}/api/resetPassword/generateResetToken')
+    def ClientAPI_ResetPassword_GenerateResetToken():
+        date = datetime.datetime.now(tz=datetime.timezone.utc).strftime('%Y-%m-%d %H:%M:%S UTC')
+        
+        emailSender = EmailSender(dashboardConfig)
+        if not emailSender.ready():
+            return ResponseObject(False, "We can't send you an email due to your Administrator has not setup email service. Please contact your administrator.") 
+        
+        data = request.get_json()
+        email = data.get('Email', None)
+        if not email:
+            return ResponseObject(False, "Please provide a valid Email")
+        
+        u = dashboardClients.SignIn_UserExistence(email)
+        if not u:
+            return ResponseObject(False, "Please provide a valid Email")
+        
+        token = dashboardClients.GenerateClientPasswordResetToken(u.get('ClientID'))
+        
+        status, msg = emailSender.send(
+            email, "[WGDashboard | Client] Reset Password",
+            f"Hi {email}, \n\nIt looks like you're trying to reset your password at {date} \n\nEnter this 6 digits code on the Forgot Password to continue:\n\n{token}\n\nThis code will expire in 30 minutes for your security. If you didn’t request a password reset, you can safely ignore this email—your current password will remain unchanged.\n\nIf you need help, feel free to contact support.\n\nBest regards,\n\nWGDashboard"
+        )
+        
+        return ResponseObject(status, msg)
+    
+    @client.post(f'{prefix}/api/resetPassword/validateResetToken')
+    def ClientAPI_ResetPassword_ValidateResetToken():
+        data = request.get_json()
+        email = data.get('Email', None)
+        token = data.get('Token', None)
+        if not all([email, token]):
+            return ResponseObject(False, "Please provide a valid Email")
+
+        u = dashboardClients.SignIn_UserExistence(email)
+        if not u:
+            return ResponseObject(False, "Please provide a valid Email")
+        
+        return ResponseObject(status=dashboardClients.ValidateClientPasswordResetToken(u.get('ClientID'), token))
+    
+    @client.post(f'{prefix}/api/resetPassword')
+    def ClientAPI_ResetPassword():
+        data = request.get_json()
+        email = data.get('Email', None)
+        token = data.get('Token', None)
+        password = data.get('Password', None)
+        confirmPassword = data.get('ConfirmPassword', None)
+        if not all([email, token, password, confirmPassword]):
+            return ResponseObject(False, "Please provide a valid Email")
+
+        u = dashboardClients.SignIn_UserExistence(email)
+        if not u:
+            return ResponseObject(False, "Please provide a valid Email")
+        
+        if not dashboardClients.ValidateClientPasswordResetToken(u.get('ClientID'), token):
+            return ResponseObject(False, "Verification code is either invalid or expired")
+        
+        status, msg = dashboardClients.ResetClientPassword(u.get('ClientID'), password, confirmPassword)
+        
+        dashboardClients.RevokeClientPasswordResetToken(u.get('ClientID'), token)
+        
+        return ResponseObject(status, msg)
+            
+
+    @client.get(f'{prefix}/api/signout')
+    def ClientAPI_SignOut():
+        if session.get("SignInMethod") == "OIDC":
+            dashboardClients.SignOut_OIDC()
+        session.clear()
+        return ResponseObject(True)
+    
+    @client.get(f'{prefix}/api/signin/totp')
+    def ClientAPI_SignIn_TOTP():
+        token = request.args.get('Token', None)
+        if not token:
+            return ResponseObject(False, "Please provide TOTP token")
+        
+        status, msg = dashboardClients.SignIn_GetTotp(token)
+        return ResponseObject(status, msg)
+
+    @client.post(f'{prefix}/api/signin/totp')
+    def ClientAPI_SignIn_ValidateTOTP():
+        data = request.get_json()
+        token = data.get('Token', None)
+        userProvidedTotp = data.get('UserProvidedTOTP', None)
+        if not all([token, userProvidedTotp]):
+            return ResponseObject(False, "Please fill in all fields")
+        status, msg = dashboardClients.SignIn_GetTotp(token, userProvidedTotp)
+        if status:
+            if session.get('Email') is None:
+                return ResponseObject(False, "Sign in status is invalid", status_code=401)
+            session['TotpVerified'] = True
+            profile = dashboardClients.GetClientProfile(session.get("ClientID"))
+            
+            return ResponseObject(True, data={
+                "Email": session.get('Email'),
+                "Profile": profile
+            })
+        return ResponseObject(status, msg)
+    
+    @client.get(prefix)
+    def ClientIndex():
+        return render_template('client.html')
+    
+    @client.get(f'{prefix}/api/serverInformation')
+    def ClientAPI_ServerInformation():
+        return ResponseObject(data={
+            "ServerTimezone": str(get_localzone())
+        })
+    
+    @client.get(f'{prefix}/api/validateAuthentication')
+    @login_required
+    def ClientAPI_ValidateAuthentication():
+        return ResponseObject(True)
+    
+    @client.get(f'{prefix}/api/configurations')
+    @login_required
+    def ClientAPI_Configurations():
+        return ResponseObject(True, data=dashboardClients.GetClientAssignedPeers(session['ClientID']))
+    
+    @client.get(f'{prefix}/api/settings/getClientProfile')
+    @login_required
+    def ClientAPI_Settings_GetClientProfile():
+        return ResponseObject(data={
+            "Email": session.get("Email"),
+            "SignInMethod": session.get("SignInMethod"),
+            "Profile": dashboardClients.GetClientProfile(session.get("ClientID"))
+        })
+    
+    @client.post(f'{prefix}/api/settings/updatePassword')
+    @login_required
+    def ClientAPI_Settings_UpdatePassword():
+        data = request.get_json()
+        status, message = dashboardClients.UpdateClientPassword(session['ClientID'], **data)
+    
+        return ResponseObject(status, message)       
+    
+    return client
--- a/src/dashboard.py
+++ b/src/dashboard.py
--- a/src/gunicorn.conf.py
+++ b/src/gunicorn.conf.py
@ -1,26 +1,26 @@
 import dashboard
 from datetime import datetime
-
-global sqldb, cursor, DashboardConfig, WireguardConfigurations, AllPeerJobs, JobLogger
+global sqldb, cursor, DashboardConfig, WireguardConfigurations, AllPeerJobs, JobLogger, Dash
 app_host, app_port = dashboard.gunicornConfig()
 date = datetime.today().strftime('%Y_%m_%d_%H_%M_%S')

-
 def post_worker_init(worker):
    dashboard.startThreads()
-
+    dashboard.DashboardPlugins.startThreads()

 worker_class = 'gthread'
 workers = 1
-threads = 1
+threads = 2
 bind = f"{app_host}:{app_port}"
 daemon = True
 pidfile = './gunicorn.pid'
 wsgi_app = "dashboard:app"
 accesslog = f"./log/access_{date}.log"
-log_level = "debug"
+loglevel = "info"
 capture_output = True
 errorlog = f"./log/error_{date}.log"
-print(f"[WGDashboard] WGDashboard w/ Gunicorn will be running on {bind}", flush=True)
-print(f"[WGDashboard] Access log file is at {accesslog}", flush=True)
-print(f"[WGDashboard] Error log file is at {errorlog}", flush=True)
+pythonpath = "., ./modules"
+
+print(f"[Gunicorn] WGDashboard w/ Gunicorn will be running on {bind}", flush=True)
+print(f"[Gunicorn] Access log file is at {accesslog}", flush=True)
+print(f"[Gunicorn] Error log file is at {errorlog}", flush=True)
--- a/src/modules/AmneziaWGPeer.py
+++ b/src/modules/AmneziaWGPeer.py
@ -0,0 +1,92 @@
+import os
+import random
+import re
+import subprocess
+import uuid
+
+from .Peer import Peer
+from .Utilities import ValidateIPAddressesWithRange, ValidateDNSAddress, GenerateWireguardPublicKey
+
+
+class AmneziaWGPeer(Peer):
+    def __init__(self, tableData, configuration):
+        self.advanced_security = tableData["advanced_security"]
+        super().__init__(tableData, configuration)
+
+
+    def updatePeer(self, name: str, private_key: str,
+                   preshared_key: str,
+                   dns_addresses: str, allowed_ip: str, endpoint_allowed_ip: str, mtu: int,
+                   keepalive: int, advanced_security: str) -> tuple[bool, str] or tuple[bool, None]:
+        if not self.configuration.getStatus():
+            self.configuration.toggleConfiguration()
+
+        existingAllowedIps = [item for row in list(
+            map(lambda x: [q.strip() for q in x.split(',')],
+                map(lambda y: y.allowed_ip,
+                    list(filter(lambda k: k.id != self.id, self.configuration.getPeersList()))))) for item in row]
+
+        if allowed_ip in existingAllowedIps:
+            return False, "Allowed IP already taken by another peer"
+        if not ValidateIPAddressesWithRange(endpoint_allowed_ip):
+            return False, f"Endpoint Allowed IPs format is incorrect"
+        if len(dns_addresses) > 0 and not ValidateDNSAddress(dns_addresses):
+            return False, f"DNS format is incorrect"
+
+        if type(mtu) is str:
+            mtu = 0
+
+        if type(keepalive) is str:
+            keepalive = 0
+        
+        if mtu < 0 or mtu > 1460:
+            return False, "MTU format is not correct"
+        if keepalive < 0:
+            return False, "Persistent Keepalive format is not correct"
+        if advanced_security != "on" and advanced_security != "off":
+            return False, "Advanced Security can only be on or off"
+        if len(private_key) > 0:
+            pubKey = GenerateWireguardPublicKey(private_key)
+            if not pubKey[0] or pubKey[1] != self.id:
+                return False, "Private key does not match with the public key"
+        try:
+            rd = random.Random()
+            uid = str(uuid.UUID(int=rd.getrandbits(128), version=4))
+            pskExist = len(preshared_key) > 0
+
+            if pskExist:
+                with open(uid, "w+") as f:
+                    f.write(preshared_key)
+            newAllowedIPs = allowed_ip.replace(" ", "")
+            updateAllowedIp = subprocess.check_output(
+                f"{self.configuration.Protocol} set {self.configuration.Name} peer {self.id} allowed-ips {newAllowedIPs} {f'preshared-key {uid}' if pskExist else 'preshared-key /dev/null'}",
+                shell=True, stderr=subprocess.STDOUT)
+
+            if pskExist: os.remove(uid)
+
+            if len(updateAllowedIp.decode().strip("\n")) != 0:
+                return False, "Update peer failed when updating Allowed IPs"
+            saveConfig = subprocess.check_output(f"{self.configuration.Protocol}-quick save {self.configuration.Name}",
+                                                 shell=True, stderr=subprocess.STDOUT)
+            if f"wg showconf {self.configuration.Name}" not in saveConfig.decode().strip('\n'):
+                return False, "Update peer failed when saving the configuration"
+
+            with self.configuration.engine.begin() as conn:
+                conn.execute(
+                    self.configuration.peersTable.update().values({
+                        "name": name,
+                        "private_key": private_key,
+                        "DNS": dns_addresses,
+                        "endpoint_allowed_ip": endpoint_allowed_ip,
+                        "mtu": mtu,
+                        "keepalive": keepalive,
+                        "preshared_key": preshared_key,
+                        "advanced_security": advanced_security
+                    }).where(
+                        self.configuration.peersTable.c.id == self.id
+                    )
+                )
+            self.configuration.getPeers()
+            return True, None
+        except subprocess.CalledProcessError as exc:
+            return False, exc.output.decode("UTF-8").strip()
--- a/src/modules/AmneziaWireguardConfiguration.py
+++ b/src/modules/AmneziaWireguardConfiguration.py
@ -0,0 +1,322 @@
+"""
+AmneziaWG Configuration
+"""
+import random, sqlalchemy, os, subprocess, re, uuid
+from flask import current_app
+from .PeerJobs import PeerJobs
+from .AmneziaWGPeer import AmneziaWGPeer
+from .PeerShareLinks import PeerShareLinks
+from .Utilities import RegexMatch
+from .WireguardConfiguration import WireguardConfiguration
+from .DashboardWebHooks import DashboardWebHooks
+
+
+class AmneziaWireguardConfiguration(WireguardConfiguration):
+    def __init__(self, DashboardConfig,
+                 AllPeerJobs: PeerJobs,
+                 AllPeerShareLinks: PeerShareLinks,
+                 DashboardWebHooks: DashboardWebHooks,
+                 name: str = None, data: dict = None, backup: dict = None, startup: bool = False):
+        self.Jc = 0
+        self.Jmin = 0
+        self.Jmax = 0
+        self.S1 = 0
+        self.S2 = 0
+        self.H1 = 1
+        self.H2 = 2
+        self.H3 = 3
+        self.H4 = 4
+
+        super().__init__(DashboardConfig, AllPeerJobs, AllPeerShareLinks, DashboardWebHooks, name, data, backup, startup, wg=False)
+
+    def toJson(self):
+        self.Status = self.getStatus()
+        return {
+            "Status": self.Status,
+            "Name": self.Name,
+            "PrivateKey": self.PrivateKey,
+            "PublicKey": self.PublicKey,
+            "Address": self.Address,
+            "ListenPort": self.ListenPort,
+            "PreUp": self.PreUp,
+            "PreDown": self.PreDown,
+            "PostUp": self.PostUp,
+            "PostDown": self.PostDown,
+            "SaveConfig": self.SaveConfig,
+            "Info": self.configurationInfo.model_dump(),
+            "DataUsage": {
+                "Total": sum(list(map(lambda x: x.cumu_data + x.total_data, self.Peers))),
+                "Sent": sum(list(map(lambda x: x.cumu_sent + x.total_sent, self.Peers))),
+                "Receive": sum(list(map(lambda x: x.cumu_receive + x.total_receive, self.Peers)))
+            },
+            "ConnectedPeers": len(list(filter(lambda x: x.status == "running", self.Peers))),
+            "TotalPeers": len(self.Peers),
+            "Protocol": self.Protocol,
+            "Table": self.Table,
+            "Jc": self.Jc,
+            "Jmin": self.Jmin,
+            "Jmax": self.Jmax,
+            "S1": self.S1,
+            "S2": self.S2,
+            "H1": self.H1,
+            "H2": self.H2,
+            "H3": self.H3,
+            "H4": self.H4
+        }
+
+    def createDatabase(self, dbName = None):
+        if dbName is None:
+            dbName = self.Name
+
+
+        self.peersTable = sqlalchemy.Table(
+            dbName, self.metadata,
+            sqlalchemy.Column('id', sqlalchemy.String(255), nullable=False, primary_key=True),
+            sqlalchemy.Column('private_key', sqlalchemy.String(255)),
+            sqlalchemy.Column('DNS', sqlalchemy.Text),
+            sqlalchemy.Column('advanced_security', sqlalchemy.String(255)),
+            sqlalchemy.Column('endpoint_allowed_ip', sqlalchemy.Text),
+            sqlalchemy.Column('name', sqlalchemy.Text),
+            sqlalchemy.Column('total_receive', sqlalchemy.Float),
+            sqlalchemy.Column('total_sent', sqlalchemy.Float),
+            sqlalchemy.Column('total_data', sqlalchemy.Float),
+            sqlalchemy.Column('endpoint', sqlalchemy.String(255)),
+            sqlalchemy.Column('status', sqlalchemy.String(255)),
+            sqlalchemy.Column('latest_handshake', sqlalchemy.String(255)),
+            sqlalchemy.Column('allowed_ip', sqlalchemy.String(255)),
+            sqlalchemy.Column('cumu_receive', sqlalchemy.Float),
+            sqlalchemy.Column('cumu_sent', sqlalchemy.Float),
+            sqlalchemy.Column('cumu_data', sqlalchemy.Float),
+            sqlalchemy.Column('mtu', sqlalchemy.Integer),
+            sqlalchemy.Column('keepalive', sqlalchemy.Integer),
+            sqlalchemy.Column('remote_endpoint', sqlalchemy.String(255)),
+            sqlalchemy.Column('preshared_key', sqlalchemy.String(255)),
+            extend_existing=True
+        )
+        self.peersRestrictedTable = sqlalchemy.Table(
+            f'{dbName}_restrict_access', self.metadata,
+            sqlalchemy.Column('id', sqlalchemy.String(255), nullable=False, primary_key=True),
+            sqlalchemy.Column('private_key', sqlalchemy.String(255)),
+            sqlalchemy.Column('DNS', sqlalchemy.Text),
+            sqlalchemy.Column('advanced_security', sqlalchemy.String(255)),
+            sqlalchemy.Column('endpoint_allowed_ip', sqlalchemy.Text),
+            sqlalchemy.Column('name', sqlalchemy.Text),
+            sqlalchemy.Column('total_receive', sqlalchemy.Float),
+            sqlalchemy.Column('total_sent', sqlalchemy.Float),
+            sqlalchemy.Column('total_data', sqlalchemy.Float),
+            sqlalchemy.Column('endpoint', sqlalchemy.String(255)),
+            sqlalchemy.Column('status', sqlalchemy.String(255)),
+            sqlalchemy.Column('latest_handshake', sqlalchemy.String(255)),
+            sqlalchemy.Column('allowed_ip', sqlalchemy.String(255)),
+            sqlalchemy.Column('cumu_receive', sqlalchemy.Float),
+            sqlalchemy.Column('cumu_sent', sqlalchemy.Float),
+            sqlalchemy.Column('cumu_data', sqlalchemy.Float),
+            sqlalchemy.Column('mtu', sqlalchemy.Integer),
+            sqlalchemy.Column('keepalive', sqlalchemy.Integer),
+            sqlalchemy.Column('remote_endpoint', sqlalchemy.String(255)),
+            sqlalchemy.Column('preshared_key', sqlalchemy.String(255)),
+            extend_existing=True
+        )
+        self.peersTransferTable = sqlalchemy.Table(
+            f'{dbName}_transfer', self.metadata,
+            sqlalchemy.Column('id', sqlalchemy.String(255), nullable=False),
+            sqlalchemy.Column('total_receive', sqlalchemy.Float),
+            sqlalchemy.Column('total_sent', sqlalchemy.Float),
+            sqlalchemy.Column('total_data', sqlalchemy.Float),
+            sqlalchemy.Column('cumu_receive', sqlalchemy.Float),
+            sqlalchemy.Column('cumu_sent', sqlalchemy.Float),
+            sqlalchemy.Column('cumu_data', sqlalchemy.Float),
+            sqlalchemy.Column('time', (sqlalchemy.DATETIME if self.DashboardConfig.GetConfig("Database", "type")[1] == 'sqlite' else sqlalchemy.TIMESTAMP),
+                              server_default=sqlalchemy.func.now()),
+            extend_existing=True
+        )
+        self.peersDeletedTable = sqlalchemy.Table(
+            f'{dbName}_deleted', self.metadata,
+            sqlalchemy.Column('id', sqlalchemy.String(255), nullable=False),
+            sqlalchemy.Column('private_key', sqlalchemy.String(255)),
+            sqlalchemy.Column('DNS', sqlalchemy.Text),
+            sqlalchemy.Column('advanced_security', sqlalchemy.String(255)),
+            sqlalchemy.Column('endpoint_allowed_ip', sqlalchemy.Text),
+            sqlalchemy.Column('name', sqlalchemy.Text),
+            sqlalchemy.Column('total_receive', sqlalchemy.Float),
+            sqlalchemy.Column('total_sent', sqlalchemy.Float),
+            sqlalchemy.Column('total_data', sqlalchemy.Float),
+            sqlalchemy.Column('endpoint', sqlalchemy.String(255)),
+            sqlalchemy.Column('status', sqlalchemy.String(255)),
+            sqlalchemy.Column('latest_handshake', sqlalchemy.String(255)),
+            sqlalchemy.Column('allowed_ip', sqlalchemy.String(255)),
+            sqlalchemy.Column('cumu_receive', sqlalchemy.Float),
+            sqlalchemy.Column('cumu_sent', sqlalchemy.Float),
+            sqlalchemy.Column('cumu_data', sqlalchemy.Float),
+            sqlalchemy.Column('mtu', sqlalchemy.Integer),
+            sqlalchemy.Column('keepalive', sqlalchemy.Integer),
+            sqlalchemy.Column('remote_endpoint', sqlalchemy.String(255)),
+            sqlalchemy.Column('preshared_key', sqlalchemy.String(255)),
+            extend_existing=True
+        )
+        self.infoTable = sqlalchemy.Table(
+            'ConfigurationsInfo', self.metadata,
+            sqlalchemy.Column('ID', sqlalchemy.String(255), primary_key=True),
+            sqlalchemy.Column('Info', sqlalchemy.Text),
+            extend_existing=True
+        )
+        
+        self.peersHistoryEndpointTable = sqlalchemy.Table(
+            f'{dbName}_history_endpoint', self.metadata,
+            sqlalchemy.Column('id', sqlalchemy.String(255), nullable=False),
+            sqlalchemy.Column('endpoint', sqlalchemy.String(255), nullable=False),
+            sqlalchemy.Column('time',
+                              (sqlalchemy.DATETIME if self.DashboardConfig.GetConfig("Database", "type")[1] == 'sqlite' else sqlalchemy.TIMESTAMP)),
+            extend_existing=True
+        )
+
+        self.metadata.create_all(self.engine)
+
+    def getPeers(self):
+        self.Peers.clear()        
+        if self.configurationFileChanged():
+            with open(self.configPath, 'r') as configFile:
+                p = []
+                pCounter = -1
+                content = configFile.read().split('\n')
+                try:
+                    if "[Peer]" not in content:
+                        current_app.logger.info(f"{self.Name} config has no [Peer] section")
+                        return
+
+                    peerStarts = content.index("[Peer]")
+                    content = content[peerStarts:]
+                    for i in content:
+                        if not RegexMatch("#(.*)", i) and not RegexMatch(";(.*)", i):
+                            if i == "[Peer]":
+                                pCounter += 1
+                                p.append({})
+                                p[pCounter]["name"] = ""
+                            else:
+                                if len(i) > 0:
+                                    split = re.split(r'\s*=\s*', i, 1)
+                                    if len(split) == 2:
+                                        p[pCounter][split[0]] = split[1]
+
+                        if RegexMatch("#Name# = (.*)", i):
+                            split = re.split(r'\s*=\s*', i, 1)
+                            if len(split) == 2:
+                                p[pCounter]["name"] = split[1]
+                    with self.engine.begin() as conn:
+                        for i in p:
+                            if "PublicKey" in i.keys():
+                                tempPeer = conn.execute(self.peersTable.select().where(
+                                    self.peersTable.columns.id == i['PublicKey']
+                                )).mappings().fetchone()
+                                if tempPeer is None:
+                                    tempPeer = {
+                                        "id": i['PublicKey'],
+                                        "advanced_security": i.get('AdvancedSecurity', 'off'),
+                                        "private_key": "",
+                                        "DNS": self.DashboardConfig.GetConfig("Peers", "peer_global_DNS")[1],
+                                        "endpoint_allowed_ip": self.DashboardConfig.GetConfig("Peers", "peer_endpoint_allowed_ip")[
+                                            1],
+                                        "name": i.get("name"),
+                                        "total_receive": 0,
+                                        "total_sent": 0,
+                                        "total_data": 0,
+                                        "endpoint": "N/A",
+                                        "status": "stopped",
+                                        "latest_handshake": "N/A",
+                                        "allowed_ip": i.get("AllowedIPs", "N/A"),
+                                        "cumu_receive": 0,
+                                        "cumu_sent": 0,
+                                        "cumu_data": 0,
+                                        "mtu": self.DashboardConfig.GetConfig("Peers", "peer_mtu")[1],
+                                        "keepalive": self.DashboardConfig.GetConfig("Peers", "peer_keep_alive")[1],
+                                        "remote_endpoint": self.DashboardConfig.GetConfig("Peers", "remote_endpoint")[1],
+                                        "preshared_key": i["PresharedKey"] if "PresharedKey" in i.keys() else ""
+                                    }
+                                    conn.execute(
+                                        self.peersTable.insert().values(tempPeer)
+                                    )
+                                else:
+                                    conn.execute(
+                                        self.peersTable.update().values({
+                                            "allowed_ip": i.get("AllowedIPs", "N/A")
+                                        }).where(
+                                            self.peersTable.columns.id == i['PublicKey']
+                                        )
+                                    )
+                                self.Peers.append(AmneziaWGPeer(tempPeer, self))
+                except Exception as e:
+                    current_app.logger.error(f"{self.Name} getPeers() Error", e)
+        else:
+            with self.engine.connect() as conn:
+                existingPeers = conn.execute(self.peersTable.select()).mappings().fetchall()
+                for i in existingPeers:
+                    self.Peers.append(AmneziaWGPeer(i, self))
+
+    def addPeers(self, peers: list) -> tuple[bool, list, str]:
+        result = {
+            "message": None,
+            "peers": []
+        }
+        try:
+            with self.engine.begin() as conn:
+                for i in peers:
+                    newPeer = {
+                        "id": i['id'],
+                        "private_key": i['private_key'],
+                        "DNS": i['DNS'],
+                        "endpoint_allowed_ip": i['endpoint_allowed_ip'],
+                        "name": i['name'],
+                        "total_receive": 0,
+                        "total_sent": 0,
+                        "total_data": 0,
+                        "endpoint": "N/A",
+                        "status": "stopped",
+                        "latest_handshake": "N/A",
+                        "allowed_ip": i.get("allowed_ip", "N/A"),
+                        "cumu_receive": 0,
+                        "cumu_sent": 0,
+                        "cumu_data": 0,
+                        "mtu": i['mtu'],
+                        "keepalive": i['keepalive'],
+                        "remote_endpoint": self.DashboardConfig.GetConfig("Peers", "remote_endpoint")[1],
+                        "preshared_key": i["preshared_key"],
+                        "advanced_security": i['advanced_security']
+                    }
+                    conn.execute(
+                        self.peersTable.insert().values(newPeer)
+                    )
+            for p in peers:
+                presharedKeyExist = len(p['preshared_key']) > 0
+                rd = random.Random()
+                uid = str(uuid.UUID(int=rd.getrandbits(128), version=4))
+                if presharedKeyExist:
+                    with open(uid, "w+") as f:
+                        f.write(p['preshared_key'])
+
+                subprocess.check_output(
+                    f"{self.Protocol} set {self.Name} peer {p['id']} allowed-ips {p['allowed_ip'].replace(' ', '')}{f' preshared-key {uid}' if presharedKeyExist else ''}",
+                    shell=True, stderr=subprocess.STDOUT)
+                if presharedKeyExist:
+                    os.remove(uid)
+            subprocess.check_output(
+                f"{self.Protocol}-quick save {self.Name}", shell=True, stderr=subprocess.STDOUT)
+            self.getPeers()
+            for p in peers:
+                p = self.searchPeer(p['id'])
+                if p[0]:
+                    result['peers'].append(p[1])
+            self.DashboardWebHooks.RunWebHook("peer_created", {
+                "configuration": self.Name,
+                "peers": list(map(lambda k : k['id'], peers))
+            })
+        except Exception as e:
+            current_app.logger.error("Add peers error", e)
+            return False, [], str(e)
+        return True, result['peers'], ""
+
+    def getRestrictedPeers(self):
+        self.RestrictedPeers = []
+        with self.engine.connect() as conn:
+            restricted = conn.execute(self.peersRestrictedTable.select()).mappings().fetchall()
+            for i in restricted:
+                self.RestrictedPeers.append(AmneziaWGPeer(i, self))
--- a/src/modules/ConnectionString.py
+++ b/src/modules/ConnectionString.py
@ -0,0 +1,25 @@
+import configparser
+import os
+from sqlalchemy_utils import database_exists, create_database
+from flask import current_app
+
+def ConnectionString(database) -> str:    
+    parser = configparser.ConfigParser(strict=False)
+    parser.read_file(open('wg-dashboard.ini', "r+"))
+    sqlitePath = os.path.join("db")
+    if not os.path.isdir(sqlitePath):
+        os.mkdir(sqlitePath)
+    if parser.get("Database", "type") == "postgresql":
+        cn = f'postgresql+psycopg://{parser.get("Database", "username")}:{parser.get("Database", "password")}@{parser.get("Database", "host")}/{database}'
+    elif parser.get("Database", "type") == "mysql":
+        cn = f'mysql+pymysql://{parser.get("Database", "username")}:{parser.get("Database", "password")}@{parser.get("Database", "host")}/{database}'
+    else:
+        cn = f'sqlite:///{os.path.join(sqlitePath, f"{database}.db")}'
+    try:
+        if not database_exists(cn):
+            create_database(cn)
+    except Exception as e:
+        current_app.logger.error("Database error. Terminating...", e)
+        exit(1)
+        
+    return cn
--- a/src/modules/DashboardAPIKey.py
+++ b/src/modules/DashboardAPIKey.py
@ -0,0 +1,11 @@
+"""
+Dashboard API Key
+"""
+class DashboardAPIKey:
+    def __init__(self, Key: str, CreatedAt: str, ExpiredAt: str):
+        self.Key = Key
+        self.CreatedAt = CreatedAt
+        self.ExpiredAt = ExpiredAt
+
+    def toJson(self):
+        return self.__dict__
--- a/src/modules/DashboardClients.py
+++ b/src/modules/DashboardClients.py
@ -0,0 +1,498 @@
+import datetime
+import hashlib
+import random
+import uuid
+
+import bcrypt
+import pyotp
+import sqlalchemy as db
+import requests
+
+from .ConnectionString import ConnectionString
+from .DashboardClientsPeerAssignment import DashboardClientsPeerAssignment
+from .DashboardClientsTOTP import DashboardClientsTOTP
+from .DashboardOIDC import DashboardOIDC
+from .Utilities import ValidatePasswordStrength
+from .DashboardLogger import DashboardLogger
+from flask import session
+
+
+class DashboardClients:
+    def __init__(self, wireguardConfigurations):
+        self.logger = DashboardLogger()
+        self.engine = db.create_engine(ConnectionString("wgdashboard"))
+        self.metadata = db.MetaData()
+        self.OIDC = DashboardOIDC("Client")
+        
+        self.dashboardClientsTable = db.Table(
+            'DashboardClients', self.metadata,
+            db.Column('ClientID', db.String(255), nullable=False, primary_key=True),
+            db.Column('Email', db.String(255), nullable=False, index=True),
+            db.Column('Password', db.String(500)),
+            db.Column('TotpKey', db.String(500)),
+            db.Column('TotpKeyVerified', db.Integer),
+            db.Column('CreatedDate', 
+                      (db.DATETIME if 'sqlite:///' in ConnectionString("wgdashboard") else db.TIMESTAMP),
+                      server_default=db.func.now()),
+            db.Column('DeletedDate', 
+                      (db.DATETIME if 'sqlite:///' in ConnectionString("wgdashboard") else db.TIMESTAMP)),
+            extend_existing=True,
+        )
+        
+        self.dashboardOIDCClientsTable = db.Table(
+            'DashboardOIDCClients', self.metadata,
+            db.Column('ClientID', db.String(255), nullable=False, primary_key=True),
+            db.Column('Email', db.String(255), nullable=False, index=True),
+            db.Column('ProviderIssuer', db.String(500), nullable=False, index=True),
+            db.Column('ProviderSubject', db.String(500), nullable=False, index=True),
+            db.Column('CreatedDate',
+                      (db.DATETIME if 'sqlite:///' in ConnectionString("wgdashboard") else db.TIMESTAMP),
+                      server_default=db.func.now()),
+            db.Column('DeletedDate',
+                      (db.DATETIME if 'sqlite:///' in ConnectionString("wgdashboard") else db.TIMESTAMP)),
+            extend_existing=True,
+        )
+
+        self.dashboardClientsInfoTable = db.Table(
+            'DashboardClientsInfo', self.metadata,
+            db.Column('ClientID', db.String(255), nullable=False, primary_key=True),
+            db.Column('Name', db.String(500)),
+            extend_existing=True,   
+        )
+        
+        self.dashboardClientsPasswordResetLinkTable = db.Table(
+            'DashboardClientsPasswordResetLinks', self.metadata,
+            db.Column('ResetToken', db.String(255), nullable=False, primary_key=True),
+            db.Column('ClientID', db.String(255), nullable=False),
+            db.Column('CreatedDate',
+                      (db.DATETIME if 'sqlite:///' in ConnectionString("wgdashboard") else db.TIMESTAMP),
+                      server_default=db.func.now()),
+            db.Column('ExpiryDate',
+                      (db.DATETIME if 'sqlite:///' in ConnectionString("wgdashboard") else db.TIMESTAMP)),
+            extend_existing=True
+        )
+
+        self.metadata.create_all(self.engine)
+        self.Clients = {}
+        self.ClientsRaw = []
+        self.__getClients()
+        self.DashboardClientsTOTP = DashboardClientsTOTP()
+        self.DashboardClientsPeerAssignment = DashboardClientsPeerAssignment(wireguardConfigurations)
+        
+    def __getClients(self):
+        with self.engine.connect() as conn:
+            localClients = db.select(
+                self.dashboardClientsTable.c.ClientID,
+                self.dashboardClientsTable.c.Email,
+                db.literal_column("'Local'").label("ClientGroup")
+            ).where(
+                self.dashboardClientsTable.c.DeletedDate.is_(None)
+            )
+            
+            oidcClients = db.select(
+                self.dashboardOIDCClientsTable.c.ClientID,
+                self.dashboardOIDCClientsTable.c.Email,
+                self.dashboardOIDCClientsTable.c.ProviderIssuer.label("ClientGroup"),
+            ).where(
+                self.dashboardOIDCClientsTable.c.DeletedDate.is_(None)
+            )
+            
+            union = db.union(localClients, oidcClients).alias("U")
+            
+            self.ClientsRaw = conn.execute(
+                db.select(
+                    union, 
+                    self.dashboardClientsInfoTable.c.Name
+                ).outerjoin(self.dashboardClientsInfoTable, 
+                            union.c.ClientID == self.dashboardClientsInfoTable.c.ClientID)
+            ).mappings().fetchall()
+            
+            groups = set(map(lambda c: c.get('ClientGroup'), self.ClientsRaw))
+            gr = {}
+            for g in groups:
+                gr[(g if g == 'Local' else self.OIDC.GetProviderNameByIssuer(g))] = [
+                    dict(x) for x in list(
+                        filter(lambda c: c.get('ClientGroup') == g, self.ClientsRaw)
+                    )
+                ]
+            self.Clients = gr
+            
+    def GetAllClients(self):
+        self.__getClients()
+        return self.Clients
+    
+    def GetAllClientsRaw(self):
+        self.__getClients()
+        return self.ClientsRaw
+    
+    def GetClient(self, ClientID) -> dict[str, str] | None:
+        c = filter(lambda x: x['ClientID'] == ClientID, self.ClientsRaw)
+        client = next((dict(client) for client in c), None)
+        if client is not None:
+            client['ClientGroup'] = self.OIDC.GetProviderNameByIssuer(client['ClientGroup'])
+        return client
+    
+    def GetClientProfile(self, ClientID):
+        with self.engine.connect() as conn:
+            return dict(conn.execute(
+                db.select(
+                    *[c for c in self.dashboardClientsInfoTable.c if c.name != 'ClientID']
+                ).where(
+                    self.dashboardClientsInfoTable.c.ClientID == ClientID
+                )
+            ).mappings().fetchone())
+    
+    def SignIn_ValidatePassword(self, Email, Password) -> bool:
+        if not all([Email, Password]):
+            return False
+        existingClient = self.SignIn_UserExistence(Email)
+        if existingClient:
+            return bcrypt.checkpw(Password.encode("utf-8"), existingClient.get("Password").encode("utf-8"))            
+        return False
+        
+    def SignIn_UserExistence(self, Email):
+        with self.engine.connect() as conn:
+            existingClient = conn.execute(
+                self.dashboardClientsTable.select().where(
+                    self.dashboardClientsTable.c.Email == Email
+                )
+            ).mappings().fetchone()
+            return existingClient
+    
+    def SignIn_OIDC_UserExistence(self, data: dict[str, str]):
+        with self.engine.connect() as conn:
+            existingClient = conn.execute(
+                self.dashboardOIDCClientsTable.select().where(
+                    db.and_(
+                        self.dashboardOIDCClientsTable.c.ProviderIssuer == data.get('iss'),
+                        self.dashboardOIDCClientsTable.c.ProviderSubject == data.get('sub'),
+                    )
+                )
+            ).mappings().fetchone()
+            return existingClient
+        
+    def SignUp_OIDC(self, data: dict[str, str]) -> tuple[bool, str] | tuple[bool, None]:
+        if not self.SignIn_OIDC_UserExistence(data):
+            with self.engine.begin() as conn:
+                newClientUUID = str(uuid.uuid4())
+                conn.execute(
+                    self.dashboardOIDCClientsTable.insert().values({
+                        "ClientID": newClientUUID,
+                        "Email": data.get('email', ''),
+                        "ProviderIssuer": data.get('iss', ''),
+                        "ProviderSubject": data.get('sub', '')
+                    })
+                )
+                conn.execute(
+                    self.dashboardClientsInfoTable.insert().values({
+                        "ClientID": newClientUUID,
+                        "Name": data.get("name")
+                    })
+                )
+                self.logger.log(Message=f"User {data.get('email', '')} from {data.get('iss', '')} signed up")
+            self.__getClients()
+            return True, newClientUUID
+        return False, "User already signed up"
+    
+    def SignOut_OIDC(self):
+        sessionPayload = session.get('OIDCPayload')
+        status, oidc_config = self.OIDC.GetProviderConfiguration(session.get('SignInPayload').get("Provider"))        
+        signOut = requests.get(
+            oidc_config.get("end_session_endpoint"), 
+            params={
+                'id_token_hint': session.get('SignInPayload').get("Payload").get('sid')
+            }
+        )
+        return True
+        
+    def SignIn_OIDC(self, **kwargs):
+        status, data = self.OIDC.VerifyToken(**kwargs)
+        if not status:
+            return False, "Sign in failed. Reason: " + data
+        existingClient = self.SignIn_OIDC_UserExistence(data)
+        if not existingClient:
+            status, newClientUUID = self.SignUp_OIDC(data)
+            session['ClientID'] = newClientUUID
+        else:
+            session['ClientID'] = existingClient.get("ClientID")
+        session['SignInMethod'] = 'OIDC'
+        session['SignInPayload'] = {
+            "Provider": kwargs.get('provider'),
+            "Payload": data
+        }
+        return True, data
+        
+    def SignIn(self, Email, Password) -> tuple[bool, str]:
+        if not all([Email, Password]):
+            return False, "Please fill in all fields"
+        existingClient = self.SignIn_UserExistence(Email)
+        if existingClient:
+            checkPwd = self.SignIn_ValidatePassword(Email, Password)
+            if checkPwd:
+                session['SignInMethod'] = 'local'
+                session['Email'] = Email
+                session['ClientID'] = existingClient.get("ClientID")
+                return True, self.DashboardClientsTOTP.GenerateToken(existingClient.get("ClientID"))
+        return False, "Email or Password is incorrect"
+    
+    def SignIn_GetTotp(self, Token: str, UserProvidedTotp: str = None) -> tuple[bool, str] or tuple[bool, None, str]:
+        status, data = self.DashboardClientsTOTP.GetTotp(Token)
+        
+        if not status:
+            return False, "TOTP Token is invalid"    
+        if UserProvidedTotp is None:
+            if data.get('TotpKeyVerified') is None:
+                return True, pyotp.totp.TOTP(data.get('TotpKey')).provisioning_uri(name=data.get('Email'),
+                                                                                   issuer_name="WGDashboard Client")
+        else:
+            totpMatched = pyotp.totp.TOTP(data.get('TotpKey')).verify(UserProvidedTotp)
+            if not totpMatched:
+                return False, "TOTP is does not match"
+            else:
+                self.DashboardClientsTOTP.RevokeToken(Token)
+        if data.get('TotpKeyVerified') is None:
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.dashboardClientsTable.update().values({
+                        'TotpKeyVerified': 1
+                    }).where(
+                        self.dashboardClientsTable.c.ClientID == data.get('ClientID')
+                    )
+                )
+              
+        return True, None
+        
+    def SignUp(self, Email, Password, ConfirmPassword) -> tuple[bool, str] or tuple[bool, None]:
+        try:
+            if not all([Email, Password, ConfirmPassword]):
+                return False, "Please fill in all fields"
+            if Password != ConfirmPassword:
+                return False, "Passwords does not match"
+
+            existingClient = self.SignIn_UserExistence(Email)
+            if existingClient:
+                return False, "Email already signed up"
+    
+            pwStrength, msg = ValidatePasswordStrength(Password)
+            if not pwStrength:
+                return pwStrength, msg
+    
+            with self.engine.begin() as conn:
+                newClientUUID = str(uuid.uuid4())
+                totpKey = pyotp.random_base32()
+                encodePassword = Password.encode('utf-8')
+                conn.execute(
+                    self.dashboardClientsTable.insert().values({
+                        "ClientID": newClientUUID,
+                        "Email": Email,
+                        "Password": bcrypt.hashpw(encodePassword, bcrypt.gensalt()).decode("utf-8"),
+                        "TotpKey": totpKey
+                    })
+                )
+                conn.execute(
+                    self.dashboardClientsInfoTable.insert().values({
+                        "ClientID": newClientUUID
+                    })
+                )
+                self.logger.log(Message=f"User {Email} signed up")
+            self.__getClients()
+        except Exception as e:
+            self.logger.log(Status="false", Message=f"Signed up failed, reason: {str(e)}")
+            return False, "Signe up failed."
+            
+        return True, None
+    
+    def GetClientAssignedPeers(self, ClientID):
+        return self.DashboardClientsPeerAssignment.GetAssignedPeers(ClientID)
+    
+    def ResetClientPassword(self, ClientID, NewPassword, ConfirmNewPassword) -> tuple[bool, str] | tuple[bool, None]:
+        c = self.GetClient(ClientID)
+        if c is None:
+            return False, "Client does not exist"
+        
+        if NewPassword != ConfirmNewPassword:
+            return False, "New passwords does not match"
+
+        pwStrength, msg = ValidatePasswordStrength(NewPassword)
+        if not pwStrength:
+            return pwStrength, msg
+        try:
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.dashboardClientsTable.update().values({
+                        "TotpKeyVerified": None,
+                        "TotpKey": pyotp.random_base32(),
+                        "Password": bcrypt.hashpw(NewPassword.encode('utf-8'), bcrypt.gensalt()).decode("utf-8"),
+                    }).where(
+                        self.dashboardClientsTable.c.ClientID == ClientID
+                    )
+                )
+                self.logger.log(Message=f"User {ClientID} reset password and TOTP")
+        except Exception as e:
+            self.logger.log(Status="false", Message=f"User {ClientID} reset password failed, reason: {str(e)}")
+            return False, "Reset password failed."
+        
+        
+        return True, None
+            
+    def UpdateClientPassword(self, ClientID, CurrentPassword, NewPassword, ConfirmNewPassword) -> tuple[bool, str] | tuple[bool, None]:
+        c = self.GetClient(ClientID)
+        if c is None:
+            return False, "Client does not exist"
+        
+        if not all([CurrentPassword, NewPassword, ConfirmNewPassword]):
+            return False, "Please fill in all fields"
+        
+        if not self.SignIn_ValidatePassword(c.get('Email'), CurrentPassword):
+            return False, "Current password does not match"
+        
+        if NewPassword != ConfirmNewPassword:
+            return False, "New passwords does not match"
+
+        pwStrength, msg = ValidatePasswordStrength(NewPassword)
+        if not pwStrength:
+            return pwStrength, msg
+        try:
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.dashboardClientsTable.update().values({
+                        "Password": bcrypt.hashpw(NewPassword.encode('utf-8'), bcrypt.gensalt()).decode("utf-8"),
+                    }).where(
+                        self.dashboardClientsTable.c.ClientID == ClientID
+                    )
+                )
+                self.logger.log(Message=f"User {ClientID} updated password")
+        except Exception as e:
+            self.logger.log(Status="false", Message=f"User {ClientID} update password failed, reason: {str(e)}")
+            return False, "Update password failed."
+        return True, None
+    
+    def UpdateClientProfile(self, ClientID, Name):
+        try:
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.dashboardClientsInfoTable.update().values({
+                        "Name": Name
+                    }).where(
+                        self.dashboardClientsInfoTable.c.ClientID == ClientID
+                    )
+                )
+            self.logger.log(Message=f"User {ClientID} updated name to {Name}")
+        except Exception as e:
+            self.logger.log(Status="false", Message=f"User {ClientID} updated name to {Name} failed")
+            return False
+        return True
+    
+    def DeleteClient(self, ClientID):
+        try:
+            with self.engine.begin() as conn:
+                client = self.GetClient(ClientID)
+                if client.get("ClientGroup") == "Local":
+                    conn.execute(
+                        self.dashboardClientsTable.delete().where(
+                            self.dashboardClientsTable.c.ClientID == ClientID
+                        )
+                    )
+                else:
+                    conn.execute(
+                        self.dashboardOIDCClientsTable.delete().where(
+                            self.dashboardOIDCClientsTable.c.ClientID == ClientID
+                        )
+                    )
+                conn.execute(
+                    self.dashboardClientsInfoTable.delete().where(
+                        self.dashboardClientsInfoTable.c.ClientID == ClientID
+                    )
+                )
+            self.DashboardClientsPeerAssignment.UnassignPeers(ClientID)
+            self.__getClients()
+        except Exception as e:
+            self.logger.log(Status="false", Message=f"Failed to delete {ClientID}")
+            return False
+        return True
+    
+    '''
+    For WGDashboard Admin to Manage Clients
+    '''
+
+    def GenerateClientPasswordResetToken(self, ClientID) -> bool | str:
+        c = self.GetClient(ClientID)
+        if c is None:
+            return False
+        
+        newToken = str(random.randint(0, 999999)).zfill(6)
+        with self.engine.begin() as conn:
+            conn.execute(
+                self.dashboardClientsPasswordResetLinkTable.update().values({
+                    "ExpiryDate": datetime.datetime.now()
+                
+                }).where(
+                    db.and_(
+                        self.dashboardClientsPasswordResetLinkTable.c.ClientID == ClientID,
+                        self.dashboardClientsPasswordResetLinkTable.c.ExpiryDate > db.func.now()
+                    )
+                )
+            )
+            conn.execute(
+                self.dashboardClientsPasswordResetLinkTable.insert().values({
+                    "ResetToken": newToken,
+                    "ClientID": ClientID,
+                    "CreatedDate": datetime.datetime.now(),
+                    "ExpiryDate": datetime.datetime.now() + datetime.timedelta(minutes=30)
+                })
+            )
+        
+        return newToken
+        
+    def ValidateClientPasswordResetToken(self, ClientID, Token):
+        c = self.GetClient(ClientID)
+        if c is None:
+            return False
+        with self.engine.connect() as conn:
+            t = conn.execute(
+                self.dashboardClientsPasswordResetLinkTable.select().where(
+                    db.and_(self.dashboardClientsPasswordResetLinkTable.c.ClientID == ClientID,
+                            self.dashboardClientsPasswordResetLinkTable.c.ResetToken == Token,
+                            self.dashboardClientsPasswordResetLinkTable.c.ExpiryDate > datetime.datetime.now())
+                    
+                )
+            ).mappings().fetchone()
+        return t is not None
+    
+    def RevokeClientPasswordResetToken(self, ClientID, Token):
+        with self.engine.begin() as conn:
+            conn.execute(
+                self.dashboardClientsPasswordResetLinkTable.update().values({
+                    "ExpiryDate": datetime.datetime.now()
+                }).where(
+                    db.and_(self.dashboardClientsPasswordResetLinkTable.c.ClientID == ClientID,
+                            self.dashboardClientsPasswordResetLinkTable.c.ResetToken == Token)
+                )
+            )
+        return True
+    
+    def GetAssignedPeerClients(self, ConfigurationName, PeerID):
+        c = self.DashboardClientsPeerAssignment.GetAssignedClients(ConfigurationName, PeerID)
+        for a in c:
+            client = self.GetClient(a.ClientID)
+            if client is not None:
+                a.Client = self.GetClient(a.ClientID)
+        return c
+    
+    def GetClientAssignedPeersGrouped(self, ClientID):
+        client = self.GetClient(ClientID)
+        if client is not None:
+            p = self.DashboardClientsPeerAssignment.GetAssignedPeers(ClientID)
+            configs = set(map(lambda x : x['configuration_name'], p))
+            d = {}
+            for i in configs:
+                d[i] = list(filter(lambda x : x['configuration_name'] == i, p)) 
+            return d
+        return None
+
+    def AssignClient(self, ConfigurationName, PeerID, ClientID) -> tuple[bool, dict[str, str]] | tuple[bool, None]:
+        return self.DashboardClientsPeerAssignment.AssignClient(ClientID, ConfigurationName, PeerID) 
+    
+    def UnassignClient(self, AssignmentID):
+        return self.DashboardClientsPeerAssignment.UnassignClients(AssignmentID)
+        
--- a/src/modules/DashboardClientsPeerAssignment.py
+++ b/src/modules/DashboardClientsPeerAssignment.py
@ -0,0 +1,159 @@
+import datetime
+import uuid
+
+from .ConnectionString import ConnectionString
+from .DashboardLogger import DashboardLogger
+import sqlalchemy as db
+from .WireguardConfiguration import WireguardConfiguration
+
+class Assignment:
+    def __init__(self, **kwargs):
+        self.AssignmentID: str = kwargs.get('AssignmentID')
+        self.ClientID: str = kwargs.get('ClientID')
+        self.ConfigurationName: str = kwargs.get('ConfigurationName')
+        self.PeerID: str = kwargs.get('PeerID')
+        self.AssignedDate: datetime.datetime = kwargs.get('AssignedDate')
+        self.UnassignedDate: datetime.datetime = kwargs.get('UnassignedDate')
+        self.Client: dict = {
+            "ClientID": self.ClientID
+        }
+    
+    def toJson(self):
+        return {
+            "AssignmentID": self.AssignmentID,
+            "Client": self.Client,
+            "ConfigurationName": self.ConfigurationName,
+            "PeerID": self.PeerID,
+            "AssignedDate": self.AssignedDate.strftime("%Y-%m-%d %H:%M:%S"),
+            "UnassignedDate": self.UnassignedDate.strftime("%Y-%m-%d %H:%M:%S") if self.UnassignedDate is not None else self.UnassignedDate
+        }
+        
+class DashboardClientsPeerAssignment:
+    def __init__(self, wireguardConfigurations: dict[str, WireguardConfiguration]):
+        self.logger = DashboardLogger()
+        self.engine = db.create_engine(ConnectionString("wgdashboard"))
+        self.metadata = db.MetaData()
+        self.wireguardConfigurations = wireguardConfigurations
+        self.dashboardClientsPeerAssignmentTable = db.Table(
+            'DashboardClientsPeerAssignment', self.metadata,
+            db.Column('AssignmentID', db.String(255), nullable=False, primary_key=True),
+            db.Column('ClientID', db.String(255), nullable=False, index=True),
+            db.Column('ConfigurationName', db.String(255)),
+            db.Column('PeerID', db.String(500)),
+            db.Column('AssignedDate',
+                      (db.DATETIME if 'sqlite:///' in ConnectionString("wgdashboard") else db.TIMESTAMP),
+                      server_default=db.func.now()),
+            db.Column('UnassignedDate',
+                      (db.DATETIME if 'sqlite:///' in ConnectionString("wgdashboard") else db.TIMESTAMP)),
+            extend_existing=True
+        )
+        self.metadata.create_all(self.engine)
+        self.assignments: list[Assignment] = []
+        self.__getAssignments()
+        
+    def __getAssignments(self):
+        with self.engine.connect() as conn:
+            assignments = []
+            get = conn.execute(
+                self.dashboardClientsPeerAssignmentTable.select().where(
+                    self.dashboardClientsPeerAssignmentTable.c.UnassignedDate.is_(None)
+                )
+            ).mappings().fetchall()
+            for a in get:
+                assignments.append(Assignment(**a))
+            self.assignments = assignments
+            
+            
+    def AssignClient(self, ClientID, ConfigurationName, PeerID):
+        existing = list(
+            filter(lambda e: 
+                   e.ClientID == ClientID and 
+                   e.ConfigurationName == ConfigurationName and
+                   e.PeerID == PeerID, self.assignments)
+        )
+        if len(existing) == 0:
+            if ConfigurationName in self.wireguardConfigurations.keys():
+                config = self.wireguardConfigurations.get(ConfigurationName)
+                peer = list(filter(lambda x : x.id == PeerID, config.Peers))
+                if len(peer) == 1:
+                    with self.engine.begin() as conn:
+                        data = {
+                            "AssignmentID": str(uuid.uuid4()),
+                            "ClientID": ClientID,
+                            "ConfigurationName": ConfigurationName,
+                            "PeerID": PeerID
+                        }
+                        conn.execute(
+                            self.dashboardClientsPeerAssignmentTable.insert().values(data)
+                        )
+                    self.__getAssignments()
+                    return True, data
+        return False, None
+    
+    def UnassignClients(self, AssignmentID):
+        existing = list(
+            filter(lambda e:
+                   e.AssignmentID == AssignmentID, self.assignments)
+        )
+        if not existing:
+            return False
+        with self.engine.begin() as conn:
+            conn.execute(
+                self.dashboardClientsPeerAssignmentTable.update().values({
+                    "UnassignedDate": datetime.datetime.now()
+                }).where(
+                    self.dashboardClientsPeerAssignmentTable.c.AssignmentID == AssignmentID
+                )
+            )
+            self.__getAssignments()
+            return True
+        
+    def UnassignPeers(self, ClientID):
+        with self.engine.begin() as conn:
+            conn.execute(
+                self.dashboardClientsPeerAssignmentTable.update().values({
+                    "UnassignedDate": datetime.datetime.now()
+                }).where(
+                    db.and_(
+                        self.dashboardClientsPeerAssignmentTable.c.ClientID == ClientID,
+                        self.dashboardClientsPeerAssignmentTable.c.UnassignedDate.is_(db.null())
+                    )
+                )
+            )
+            self.__getAssignments()
+            return True
+    
+    def GetAssignedClients(self, ConfigurationName, PeerID) -> list[Assignment]:
+        self.__getAssignments()
+        return list(filter(
+            lambda c : c.ConfigurationName == ConfigurationName and 
+                       c.PeerID == PeerID, self.assignments))
+    
+    def GetAssignedPeers(self, ClientID):
+        self.__getAssignments()
+        
+        peers = []
+        assigned = filter(lambda e:
+                          e.ClientID == ClientID, self.assignments)
+        
+        for a in assigned:
+            peer = filter(lambda e : e.id == a.PeerID, 
+                          self.wireguardConfigurations[a.ConfigurationName].Peers)
+            for p in peer:
+                peers.append({
+                    'assignment_id': a.AssignmentID,
+                    'protocol': self.wireguardConfigurations[a.ConfigurationName].Protocol,
+                    'id': p.id,
+                    'private_key': p.private_key,
+                    'name': p.name,
+                    'received_data': p.total_receive + p.cumu_receive,
+                    'sent_data': p.total_sent + p.cumu_sent,
+                    'data': p.total_data + p.cumu_data,
+                    'status': p.status,
+                    'latest_handshake': p.latest_handshake,
+                    'allowed_ip': p.allowed_ip,
+                    'jobs': p.jobs,
+                    'configuration_name': a.ConfigurationName,
+                    'peer_configuration_data': p.downloadPeer()
+                })
+        return peers
--- a/src/modules/DashboardClientsTOTP.py
+++ b/src/modules/DashboardClientsTOTP.py
@ -0,0 +1,82 @@
+import datetime
+import hashlib
+import uuid
+
+import sqlalchemy as db
+from .ConnectionString import ConnectionString
+
+
+class DashboardClientsTOTP:
+    def __init__(self):
+        self.engine = db.create_engine(ConnectionString("wgdashboard"))
+        self.metadata = db.MetaData()
+        self.dashboardClientsTOTPTable = db.Table(
+            'DashboardClientsTOTPTokens', self.metadata,
+            db.Column("Token", db.String(500), primary_key=True, index=True),
+                db.Column("ClientID", db.String(500), index=True),
+                db.Column(
+                    "ExpireTime", (db.DATETIME if 'sqlite:///' in ConnectionString("wgdashboard") else db.TIMESTAMP)
+                )
+        )
+        self.metadata.create_all(self.engine)
+        self.metadata.reflect(self.engine)
+        self.dashboardClientsTable = self.metadata.tables['DashboardClients']
+        
+    def GenerateToken(self, ClientID) -> str:
+        token = hashlib.sha512(f"{ClientID}_{datetime.datetime.now()}_{uuid.uuid4()}".encode()).hexdigest()
+        with self.engine.begin() as conn:
+            conn.execute(
+                self.dashboardClientsTOTPTable.update().values({
+                    "ExpireTime": datetime.datetime.now()
+                }).where(
+                   db.and_(self.dashboardClientsTOTPTable.c.ClientID == ClientID,  self.dashboardClientsTOTPTable.c.ExpireTime > datetime.datetime.now())
+                )
+            )
+            conn.execute(
+                self.dashboardClientsTOTPTable.insert().values({
+                    "Token": token,
+                    "ClientID": ClientID,
+                    "ExpireTime": datetime.datetime.now() + datetime.timedelta(minutes=10)
+                })
+            )
+        return token
+    
+    def RevokeToken(self, Token) -> bool:
+        try:
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.dashboardClientsTOTPTable.update().values({
+                        "ExpireTime": datetime.datetime.now()
+                    }).where(
+                        self.dashboardClientsTOTPTable.c.Token == Token
+                    )
+                )
+        except Exception as e:
+            return False
+        return True
+    
+    def GetTotp(self, token: str) -> tuple[bool, dict] or tuple[bool, None]:
+        with self.engine.connect() as conn:
+            totp = conn.execute(
+                db.select(
+                    self.dashboardClientsTable.c.ClientID,
+                    self.dashboardClientsTable.c.Email,
+                    self.dashboardClientsTable.c.TotpKey,
+                    self.dashboardClientsTable.c.TotpKeyVerified,
+                ).select_from(
+                    self.dashboardClientsTOTPTable
+                ).where(
+                    db.and_(
+                        self.dashboardClientsTOTPTable.c.Token == token,
+                        self.dashboardClientsTOTPTable.c.ExpireTime > datetime.datetime.now()
+                    )
+                ).join(
+                    self.dashboardClientsTable,
+                    self.dashboardClientsTOTPTable.c.ClientID == self.dashboardClientsTable.c.ClientID
+                )            
+            ).mappings().fetchone()
+            if totp:
+                return True, dict(totp)
+        return False, None
+
+        
--- a/src/modules/DashboardConfig.py
+++ b/src/modules/DashboardConfig.py
@ -0,0 +1,285 @@
+"""
+Dashboard Configuration
+"""
+import configparser, secrets, os, pyotp, ipaddress, bcrypt
+from sqlalchemy_utils import database_exists, create_database
+import sqlalchemy as db
+from datetime import datetime
+from typing import Any
+from flask import current_app
+from .ConnectionString import ConnectionString
+from .Utilities import (
+    GetRemoteEndpoint, ValidateDNSAddress
+)
+from .DashboardAPIKey import DashboardAPIKey
+
+
+
+class DashboardConfig:
+    DashboardVersion = 'v4.3.1'
+    ConfigurationPath = os.getenv('CONFIGURATION_PATH', '.')
+    ConfigurationFilePath = os.path.join(ConfigurationPath, 'wg-dashboard.ini')
+    
+    def __init__(self):
+        if not os.path.exists(DashboardConfig.ConfigurationFilePath):
+            open(DashboardConfig.ConfigurationFilePath, "x")
+        self.__config = configparser.RawConfigParser(strict=False)
+        self.__config.read_file(open(DashboardConfig.ConfigurationFilePath, "r+"))
+        self.hiddenAttribute = ["totp_key", "auth_req"]
+        self.__default = {
+            "Account": {
+                "username": "admin",
+                "password": "admin",
+                "enable_totp": "false",
+                "totp_verified": "false",
+                "totp_key": pyotp.random_base32()
+            },
+            "Server": {
+                "wg_conf_path": "/etc/wireguard",
+                "awg_conf_path": "/etc/amnezia/amneziawg",
+                "app_prefix": "",
+                "app_ip": "0.0.0.0",
+                "app_port": "10086",
+                "auth_req": "true",
+                "version": DashboardConfig.DashboardVersion,
+                "dashboard_refresh_interval": "60000",
+                "dashboard_peer_list_display": "grid",
+                "dashboard_sort": "status",
+                "dashboard_theme": "dark",
+                "dashboard_api_key": "false",
+                "dashboard_language": "en-US"
+            },
+            "Peers": {
+                "peer_global_DNS": "1.1.1.1",
+                "peer_endpoint_allowed_ip": "0.0.0.0/0",
+                "peer_display_mode": "grid",
+                "remote_endpoint": GetRemoteEndpoint(),
+                "peer_MTU": "1420",
+                "peer_keep_alive": "21"
+            },
+            "Other": {
+                "welcome_session": "true"
+            },
+            "Database":{
+                "type": "sqlite",
+                "host": "",
+                "port": "",
+                "username": "",
+                "password": ""
+            },
+            "Email":{
+                "server": "",
+                "port": "",
+                "encryption": "",
+                "username": "",
+                "email_password": "",
+                "authentication_required": "true",
+                "send_from": "",
+                "email_template": ""
+            },
+            "OIDC": {
+                "admin_enable": "false",
+                "client_enable": "false"
+            },
+            "Clients": {
+                "enable": "true",
+            },
+            "WireGuardConfiguration": {
+                "autostart": ""
+            }
+        }
+
+        for section, keys in self.__default.items():
+            for key, value in keys.items():
+                exist, currentData = self.GetConfig(section, key)
+                if not exist:
+                    self.SetConfig(section, key, value, True)
+
+        self.engine = db.create_engine(ConnectionString('wgdashboard'))
+        self.dbMetadata = db.MetaData()
+        self.__createAPIKeyTable()
+        self.DashboardAPIKeys = self.__getAPIKeys()
+        self.APIAccessed = False
+        self.SetConfig("Server", "version", DashboardConfig.DashboardVersion)
+
+    def getConnectionString(self, database) -> str or None:
+        sqlitePath = os.path.join(DashboardConfig.ConfigurationPath, "db")
+        
+        if not os.path.isdir(sqlitePath):
+            os.mkdir(sqlitePath)
+        
+        if self.GetConfig("Database", "type")[1] == "postgresql":
+            cn = f'postgresql+psycopg2://{self.GetConfig("Database", "username")[1]}:{self.GetConfig("Database", "password")[1]}@{self.GetConfig("Database", "host")[1]}/{database}'
+        elif self.GetConfig("Database", "type")[1] == "mysql":
+            cn = f'mysql+mysqldb://{self.GetConfig("Database", "username")[1]}:{self.GetConfig("Database", "password")[1]}@{self.GetConfig("Database", "host")[1]}/{database}'
+        else:
+            cn = f'sqlite:///{os.path.join(sqlitePath, f"{database}.db")}'
+        if not database_exists(cn):
+            create_database(cn)
+        return cn
+
+    def __createAPIKeyTable(self):
+        self.apiKeyTable = db.Table('DashboardAPIKeys', self.dbMetadata,
+                                    db.Column("Key", db.String(255), nullable=False, primary_key=True),
+                                    db.Column("CreatedAt",
+                                              (db.DATETIME if self.GetConfig('Database', 'type')[1] == 'sqlite' else db.TIMESTAMP),
+                                              server_default=db.func.now()
+                                              ),
+                                    db.Column("ExpiredAt",
+                                              (db.DATETIME if self.GetConfig('Database', 'type')[1] == 'sqlite' else db.TIMESTAMP)
+                                              )
+                                    )
+        self.dbMetadata.create_all(self.engine)
+    def __getAPIKeys(self) -> list[DashboardAPIKey]:
+        try:
+            with self.engine.connect() as conn:
+                keys = conn.execute(self.apiKeyTable.select().where(
+                    db.or_(self.apiKeyTable.columns.ExpiredAt.is_(None), self.apiKeyTable.columns.ExpiredAt > datetime.now())
+                )).fetchall()
+                fKeys = []
+                for k in keys:
+                    fKeys.append(DashboardAPIKey(k[0], k[1].strftime("%Y-%m-%d %H:%M:%S"), (k[2].strftime("%Y-%m-%d %H:%M:%S") if k[2] else None)))
+                return fKeys
+        except Exception as e:
+            current_app.logger.error("API Keys error", e)
+        return []
+
+    def createAPIKeys(self, ExpiredAt = None):
+        newKey = secrets.token_urlsafe(32)
+        with self.engine.begin() as conn:
+            conn.execute(
+                self.apiKeyTable.insert().values({
+                    "Key": newKey,
+                    "ExpiredAt": ExpiredAt
+                })
+            )
+
+        self.DashboardAPIKeys = self.__getAPIKeys()
+
+    def deleteAPIKey(self, key):
+        with self.engine.begin() as conn:
+            conn.execute(
+                self.apiKeyTable.update().values({
+                    "ExpiredAt": datetime.now(),
+                }).where(self.apiKeyTable.columns.Key == key)
+            )
+
+        self.DashboardAPIKeys = self.__getAPIKeys()
+
+    def __configValidation(self, section : str, key: str, value: Any) -> tuple[bool, str]:
+        if (type(value) is str and len(value) == 0
+                and section not in ['Email', 'WireGuardConfiguration'] and
+                (section == 'Peer' and key == 'peer_global_dns')):
+            return False, "Field cannot be empty!"
+        if section == "Peers" and key == "peer_global_dns" and len(value) > 0:
+            return ValidateDNSAddress(value)
+        if section == "Peers" and key == "peer_endpoint_allowed_ip":
+            value = value.split(",")
+            for i in value:
+                i = i.strip()
+                try:
+                    ipaddress.ip_network(i, strict=False)
+                except Exception as e:
+                    return False, str(e)
+        if section == "Server" and key == "wg_conf_path":
+            if not os.path.exists(value):
+                return False, f"{value} is not a valid path"
+        if section == "Account" and key == "password":
+            if self.GetConfig("Account", "password")[0]:
+                if not self.__checkPassword(
+                        value["currentPassword"], self.GetConfig("Account", "password")[1].encode("utf-8")):
+                    return False, "Current password does not match."
+                if value["newPassword"] != value["repeatNewPassword"]:
+                    return False, "New passwords does not match"
+        return True, ""
+
+    def generatePassword(self, plainTextPassword: str):
+        return bcrypt.hashpw(plainTextPassword.encode("utf-8"), bcrypt.gensalt())
+
+    def __checkPassword(self, plainTextPassword: str, hashedPassword: bytes):
+        return bcrypt.checkpw(plainTextPassword.encode("utf-8"), hashedPassword)
+
+    def SetConfig(self, section: str, key: str, value: str | bool | list[str] | dict[str, str], init: bool = False) -> tuple[bool, str] | tuple[bool, None]:
+        if key in self.hiddenAttribute and not init:
+            return False, None
+
+        if not init:
+            valid, msg = self.__configValidation(section, key, value)
+            if not valid:
+                return False, msg
+
+        if section == "Account" and key == "password":
+            if not init:
+                value = self.generatePassword(value["newPassword"]).decode("utf-8")
+            else:
+                value = self.generatePassword(value).decode("utf-8")
+
+        if section == "Email" and key == "email_template":
+            value = value.encode('unicode_escape').decode('utf-8')
+
+        if section == "Server" and key == "wg_conf_path":
+            if not os.path.exists(value):
+                return False, "Path does not exist"
+
+        if section not in self.__config:
+            if init:
+                self.__config[section] = {}
+            else:
+                return False, "Section does not exist"
+
+        if ((key not in self.__config[section].keys() and init) or
+                (key in self.__config[section].keys())):
+            if type(value) is bool:
+                if value:
+                    self.__config[section][key] = "true"
+                else:
+                    self.__config[section][key] = "false"
+            elif type(value) in [int, float]:
+                self.__config[section][key] = str(value)
+            elif type(value) is list:
+                self.__config[section][key] = "||".join(value).strip("||")
+            else:
+                self.__config[section][key] = fr"{value}"
+            return self.SaveConfig(), ""
+        else:
+            return False, f"{key} does not exist under {section}"
+
+    def SaveConfig(self) -> bool:
+        try:
+            with open(DashboardConfig.ConfigurationFilePath, "w+", encoding='utf-8') as configFile:
+                self.__config.write(configFile)
+            return True
+        except Exception as e:
+            return False
+
+    def GetConfig(self, section, key) ->tuple[bool, bool] | tuple[bool, str] | tuple[bool, list[str]] | tuple[bool, None]:
+        if section not in self.__config:
+            return False, None
+
+        if key not in self.__config[section]:
+            return False, None
+
+        if section == "Email" and key == "email_template":
+            return True, self.__config[section][key].encode('utf-8').decode('unicode_escape')
+
+        if section == "WireGuardConfiguration" and key == "autostart":
+            return True, list(filter(lambda x: len(x) > 0, self.__config[section][key].split("||")))
+
+        if self.__config[section][key] in ["1", "yes", "true", "on"]:
+            return True, True
+
+        if self.__config[section][key] in ["0", "no", "false", "off"]:
+            return True, False
+
+
+        return True, self.__config[section][key]
+
+    def toJson(self) -> dict[str, dict[Any, Any]]:
+        the_dict = {}
+
+        for section in self.__config.sections():
+            the_dict[section] = {}
+            for key, val in self.__config.items(section):
+                if key not in self.hiddenAttribute:
+                    the_dict[section][key] = self.GetConfig(section, key)[1]
+        return the_dict
--- a/src/modules/DashboardLogger.py
+++ b/src/modules/DashboardLogger.py
@ -0,0 +1,44 @@
+"""
+Dashboard Logger Class
+"""
+import uuid
+import sqlalchemy as db
+from flask import current_app
+from .ConnectionString import ConnectionString
+
+
+class DashboardLogger:
+    def __init__(self):
+        self.engine = db.create_engine(ConnectionString("wgdashboard_log"))
+        self.metadata = db.MetaData()
+        self.dashboardLoggerTable = db.Table('DashboardLog', self.metadata,
+                                             
+                                             db.Column('LogID', db.String(255), nullable=False, primary_key=True),
+                                             db.Column('LogDate',
+                                                       (db.DATETIME if 'sqlite:///' in ConnectionString("wgdashboard") else db.TIMESTAMP),
+                                                       server_default=db.func.now()),
+                                             db.Column('URL', db.String(255)),
+                                             db.Column('IP', db.String(255)),
+                                             
+                                             db.Column('Status', db.String(255), nullable=False),
+                                             db.Column('Message', db.Text), extend_existing=True,
+                                             )
+        self.metadata.create_all(self.engine)
+        self.log(Message="WGDashboard started")
+
+    def log(self, URL: str = "", IP: str = "", Status: str = "true", Message: str = "") -> bool:
+        try:
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.dashboardLoggerTable.insert().values(
+                        LogID=str(uuid.uuid4()),
+                        URL=URL,
+                        IP=IP,
+                        Status=Status,
+                        Message=Message
+                    )
+                )
+            return True
+        except Exception as e:
+            current_app.logger.error(f"Access Log Error", e)
+            return False
--- a/src/modules/DashboardOIDC.py
+++ b/src/modules/DashboardOIDC.py
@ -0,0 +1,142 @@
+import os
+import json
+import requests
+from jose import jwt
+import certifi
+from flask import current_app
+
+class DashboardOIDC:
+    ConfigurationPath = os.getenv('CONFIGURATION_PATH', '.')
+    ConfigurationFilePath = os.path.join(ConfigurationPath, 'wg-dashboard-oidc-providers.json')
+    def __init__(self, mode):
+        self.mode = mode
+        self.providers: dict[str, dict] = {}
+        self.provider_secret: dict[str, str] = {}
+        self.__default = {
+            "Admin": {
+                'Provider': {
+                    'client_id': '',
+                    'client_secret': '',
+                    'issuer': '',
+                },
+            },
+            "Client": {
+                'Provider': {
+                    'client_id': '',
+                    'client_secret': '',
+                    'issuer': '',
+                },
+            }
+        }
+        
+        if not os.path.exists(DashboardOIDC.ConfigurationFilePath):
+            with open(DashboardOIDC.ConfigurationFilePath, "w+") as f:
+                encoder = json.JSONEncoder(indent=4)
+                f.write(encoder.encode(self.__default))
+        
+        self.ReadFile()
+        
+    def GetProviders(self):
+        return self.providers
+    
+    def GetProviderNameByIssuer(self, issuer):
+        for (key, val) in self.providers.items():
+            if val.get('openid_configuration').get('issuer') == issuer:
+                return key
+        return issuer
+    
+    def VerifyToken(self, provider, code, redirect_uri):
+        try:
+            if not all([provider, code, redirect_uri]):
+                return False, "Please provide all parameters"
+
+            if provider not in self.providers.keys():
+                return False, "Provider does not exist"
+    
+            secrete = self.provider_secret.get(provider)
+            oidc_config_status, oidc_config = self.GetProviderConfiguration(provider)
+            provider_info = self.providers.get(provider)
+            
+    
+            data = {
+                "grant_type": "authorization_code",
+                "code": code,
+                "redirect_uri": redirect_uri,
+                "client_id": provider_info.get('client_id'),
+                "client_secret": secrete
+            }
+    
+            try:
+                tokens = requests.post(oidc_config.get('token_endpoint'), data=data).json()
+                if not all([tokens.get('access_token'), tokens.get('id_token')]):
+                    return False, tokens.get('error_description', None)
+            except Exception as e:
+                current_app.logger.error("Verify token failed", e)
+                return False, str(e)
+            
+            access_token = tokens.get('access_token')
+            id_token = tokens.get('id_token')
+            jwks_uri = oidc_config.get("jwks_uri")
+            issuer = oidc_config.get("issuer")
+            jwks = requests.get(jwks_uri, verify=certifi.where()).json()
+    
+            headers = jwt.get_unverified_header(id_token)
+            kid = headers["kid"]
+    
+            key = next(k for k in jwks["keys"] if k["kid"] == kid)
+                    
+            payload = jwt.decode(
+                id_token,
+                key,
+                algorithms=[key["alg"]],
+                audience=provider_info.get('client_id'),
+                issuer=issuer,
+                access_token=access_token
+            )
+            print(payload)
+            return True, payload
+        except Exception as e:
+            current_app.logger.error('Read OIDC file failed. Reason: ' + str(e), provider, code, redirect_uri)
+            return False, str(e)
+    
+    def GetProviderConfiguration(self, provider_name):
+        if not all([provider_name]):
+            return False, None
+        provider = self.providers.get(provider_name)
+        try:
+            oidc_config = requests.get(
+                f"{provider.get('issuer').strip('/')}/.well-known/openid-configuration",
+                verify=certifi.where()
+            ).json()
+        except Exception as e:
+            current_app.logger.error("Failed to get OpenID Configuration of " + provider.get('issuer'), exc_info=e)
+            return False, None
+        return True, oidc_config
+    
+    def ReadFile(self):
+        decoder = json.JSONDecoder()
+        try:
+            providers = decoder.decode(
+                open(DashboardOIDC.ConfigurationFilePath, 'r').read()
+            )
+            providers = providers[self.mode]
+            for k in providers.keys():
+                if all([providers[k]['client_id'], providers[k]['client_secret'], providers[k]['issuer']]):
+                    try:
+                        oidc_config = requests.get(
+                            f"{providers[k]['issuer'].strip('/')}/.well-known/openid-configuration",
+                            timeout=3,
+                            verify=certifi.where()
+                        ).json()
+                        self.providers[k] = {
+                            'client_id': providers[k]['client_id'],
+                            'issuer': providers[k]['issuer'].strip('/'),
+                            'openid_configuration': oidc_config
+                        }
+                        self.provider_secret[k] = providers[k]['client_secret']
+                        current_app.logger.info(f"Registered OIDC Provider: {k}")
+                    except Exception as e:
+                        current_app.logger.error(f"Failed to register OIDC config for {k}", exc_info=e)
+        except Exception as e:
+            current_app.logger.error('Read OIDC file failed. Reason: ' + str(e))
+            return False
--- a/src/modules/DashboardPlugins.py
+++ b/src/modules/DashboardPlugins.py
@ -0,0 +1,117 @@
+import os
+import sys
+import importlib.util
+from pathlib import Path
+from typing import Dict, Callable, List, Optional
+import threading
+
+
+class DashboardPlugins:
+    
+    def __init__(self, app, WireguardConfigurations, directory: str = 'plugins'):
+        self.directory = Path('plugins')
+        self.loadedPlugins: dict[str, Callable] = {}
+        self.errorPlugins: List[str] = []
+        self.logger = app.logger
+        self.WireguardConfigurations = WireguardConfigurations
+        
+    def startThreads(self):
+        self.loadAllPlugins()
+        self.executeAllPlugins()
+    
+    def preparePlugins(self) -> list[Path]:
+        
+        readyPlugins = []
+        
+        if not self.directory.exists():
+            os.mkdir(self.directory)
+            return []
+        
+        for plugin in self.directory.iterdir():
+            if plugin.is_dir():
+                codeFile = plugin / "main.py"
+                if codeFile.exists():
+                    self.logger.info(f"Prepared plugin: {plugin.name}")
+                    readyPlugins.append(plugin)
+            
+        return readyPlugins
+    
+    def loadPlugin(self, path: Path) -> Optional[Callable]:
+        pluginName = path.name
+        codeFile = path / "main.py"
+        
+        try:
+            spec = importlib.util.spec_from_file_location(
+                f"WGDashboardPlugin_{pluginName}",
+                codeFile
+            )
+            
+            if spec is None or spec.loader is None:
+                raise ImportError(f"Failed to create spec for {pluginName}")
+            
+            module = importlib.util.module_from_spec(spec)
+            
+            plugin_dir_str = str(path)
+            if plugin_dir_str not in sys.path:
+                sys.path.insert(0, plugin_dir_str)
+
+            try:
+                spec.loader.exec_module(module)
+            finally:
+                if plugin_dir_str in sys.path:
+                    sys.path.remove(plugin_dir_str)
+
+            if hasattr(module, 'main'):
+                main_func = getattr(module, 'main')
+                if callable(main_func):
+                    self.logger.info(f"Successfully loaded plugin [{pluginName}]")
+                    return main_func
+                else:
+                    raise AttributeError(f"'main' in {pluginName} is not callable")
+            else:
+                raise AttributeError(f"Plugin {pluginName} does not have a 'main' function")
+            
+        except Exception as e:
+            self.logger.error(f"Failed to load the plugin [{pluginName}]. Reason: {str(e)}")
+            self.errorPlugins.append(pluginName)
+            return None
+        
+    def loadAllPlugins(self):
+        self.loadedPlugins.clear()
+        self.errorPlugins.clear()
+        
+        preparedPlugins = self.preparePlugins()
+        
+        for plugin in preparedPlugins:
+            pluginName = plugin.name
+            mainFunction = self.loadPlugin(plugin)
+            
+            if mainFunction:
+                self.loadedPlugins[pluginName] = mainFunction
+        if self.errorPlugins:
+            self.logger.warning(f"Failed to load {len(self.errorPlugins)} plugin(s): {self.errorPlugins}")
+    
+    def executePlugin(self, pluginName: str):
+        if pluginName not in self.loadedPlugins.keys():
+            self.logger.error(f"Failed to execute plugin [{pluginName}]. Reason: Not loaded")
+            return False
+        
+        plugin = self.loadedPlugins.get(pluginName)
+        
+        try:
+            t = threading.Thread(target=plugin, args=(self.WireguardConfigurations,), daemon=True)
+            t.name = f'WGDashboardPlugin_{pluginName}'
+            t.start()
+            
+            if t.is_alive():
+                self.logger.info(f"Execute plugin [{pluginName}] success. PID: {t.native_id}")
+            
+        except Exception as e:
+            self.logger.error(f"Failed to execute plugin [{pluginName}]. Reason: {str(e)}")
+            return False
+        
+        return True
+    
+    def executeAllPlugins(self):
+        for plugin in self.loadedPlugins.keys():
+            self.executePlugin(plugin)
--- a/src/modules/DashboardWebHooks.py
+++ b/src/modules/DashboardWebHooks.py
@ -0,0 +1,287 @@
+import json
+import threading
+import time
+import urllib.parse
+import uuid
+from datetime import datetime, timedelta
+
+import requests
+from pydantic import BaseModel, field_serializer
+import sqlalchemy as db
+from .ConnectionString import ConnectionString
+from flask import current_app
+
+WebHookActions = ['peer_created', 'peer_deleted', 'peer_updated']
+class WebHook(BaseModel):
+    WebHookID: str = ''
+    PayloadURL: str = ''
+    ContentType: str = 'application/json'
+    Headers: dict[str, dict[str, str]] = {}
+    VerifySSL: bool = True
+    SubscribedActions: list[str] = WebHookActions
+    IsActive: bool = True
+    CreationDate: datetime = ''
+    Notes: str = ''
+
+class WebHookSessionLog(BaseModel):
+    LogTime: datetime
+    Status: int
+    Message: str = ''
+    
+    @field_serializer('LogTime')
+    def logTimeSerializer(self, LogTime: datetime):
+        return LogTime.strftime("%Y-%m-%d %H:%M:%S")
+
+class WebHookSessionLogs(BaseModel):
+    Logs: list[WebHookSessionLog] = []
+    
+    def addLog(self, status: int, message: str):
+        self.Logs.append(WebHookSessionLog(LogTime=datetime.now(), Status=status, Message=message))
+
+class DashboardWebHooks:
+    def __init__(self, DashboardConfig):
+        self.engine = db.create_engine(ConnectionString("wgdashboard"))
+        self.metadata = db.MetaData()
+        self.webHooksTable = db.Table(
+            'DashboardWebHooks', self.metadata,
+            db.Column('WebHookID', db.String(255), nullable=False, primary_key=True),
+            db.Column('PayloadURL', db.Text, nullable=False),
+            db.Column('ContentType', db.String(255), nullable=False),
+            db.Column('Headers', db.JSON),
+            db.Column('VerifySSL', db.Boolean, nullable=False),
+            db.Column('SubscribedActions', db.JSON),
+            db.Column('IsActive', db.Boolean, nullable=False),
+            db.Column('CreationDate',
+                      (db.DATETIME if DashboardConfig.GetConfig("Database", "type")[1] == 'sqlite' else db.TIMESTAMP),
+                      server_default=db.func.now(),
+                      nullable=False),
+            db.Column('Notes', db.Text),
+            extend_existing=True
+        )
+        self.webHookSessionsTable = db.Table(
+            'DashboardWebHookSessions', self.metadata,
+            db.Column('WebHookSessionID', db.String(255), nullable=False, primary_key=True),
+            db.Column('WebHookID', db.String(255), nullable=False),
+            db.Column('StartDate', 
+                      (db.DATETIME if DashboardConfig.GetConfig("Database", "type")[1] == 'sqlite' else db.TIMESTAMP),
+                      server_default=db.func.now(),
+                      nullable=False
+            ),
+            db.Column('EndDate',
+                      (db.DATETIME if DashboardConfig.GetConfig("Database", "type")[1] == 'sqlite' else db.TIMESTAMP),
+            ),
+            db.Column('Data', db.JSON),
+            db.Column('Status', db.INTEGER),
+            db.Column('Logs', db.JSON)
+        )
+        
+        self.metadata.create_all(self.engine)
+        self.WebHooks: list[WebHook] = []
+        
+        with self.engine.begin() as conn:
+           conn.execute(
+               self.webHookSessionsTable.update().values({
+                   "EndDate": datetime.now(),
+                   "Status": 2
+               }).where(
+                   self.webHookSessionsTable.c.Status == -1
+               )
+           )
+        
+        self.__getWebHooks()
+        
+    def __getWebHooks(self):
+        with self.engine.connect() as conn:
+            webhooks = conn.execute(
+                self.webHooksTable.select().order_by(
+                    self.webHooksTable.c.CreationDate
+                )
+            ).mappings().fetchall()
+            self.WebHooks.clear()
+            self.WebHooks = [WebHook(**webhook) for webhook in webhooks]
+            
+    def GetWebHooks(self):
+        self.__getWebHooks()
+        return list(map(lambda x : x.model_dump(), self.WebHooks))
+    
+    def GetWebHookSessions(self, webHook: WebHook):
+        with self.engine.connect() as conn:
+            sessions = conn.execute(
+                self.webHookSessionsTable.select().where(
+                    self.webHookSessionsTable.c.WebHookID == webHook.WebHookID
+                ).order_by(
+                    db.desc(self.webHookSessionsTable.c.StartDate)
+                )
+            ).mappings().fetchall()
+        return sessions
+    
+    def CreateWebHook(self) -> WebHook:
+        return WebHook(WebHookID=str(uuid.uuid4()))
+    
+    def SearchWebHook(self, webHook: WebHook) -> WebHook | None:
+        try:
+            first = next(filter(lambda x : x.WebHookID == webHook.WebHookID, self.WebHooks))
+        except StopIteration:
+            return None
+        return first
+    
+    def SearchWebHookByID(self, webHookID: str) -> WebHook | None:
+        try:
+            first = next(filter(lambda x : x.WebHookID == webHookID, self.WebHooks))
+        except StopIteration:
+            return None
+        return first
+    
+    def UpdateWebHook(self, webHook: dict[str, str]) -> tuple[bool, str] | tuple[bool, None]:
+        try:
+            webHook = WebHook(**webHook)
+            
+            if len(webHook.PayloadURL) == 0:
+                return False, "Payload URL cannot be empty"
+            
+            if len(webHook.ContentType) == 0 or webHook.ContentType not in [
+                'application/json', 'application/x-www-form-urlencoded'
+            ]:
+                return False, "Content Type is invalid"
+            
+            
+            with self.engine.begin() as conn:
+                if self.SearchWebHook(webHook):
+                    conn.execute(
+                        self.webHooksTable.update().values(
+                            webHook.model_dump(exclude={'WebHookID'})
+                        ).where(
+                            self.webHooksTable.c.WebHookID == webHook.WebHookID
+                        )
+                    )
+                else:
+                    webHook.CreationDate = datetime.now()
+                    conn.execute(
+                        self.webHooksTable.insert().values(
+                            webHook.model_dump()
+                        )
+                    )
+            self.__getWebHooks()
+        except Exception as e:
+            return False, str(e)
+        return True, None
+    
+    def DeleteWebHook(self, webHook) -> tuple[bool, str] | tuple[bool, None]:
+        try:
+            webHook = WebHook(**webHook)
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.webHooksTable.delete().where(
+                        self.webHooksTable.c.WebHookID == webHook.WebHookID
+                    )
+                )
+            self.__getWebHooks()
+        except Exception as e:
+            return False, str(e)
+        return True, None
+    
+    def RunWebHook(self, action: str, data):
+        try:
+            if action not in WebHookActions:
+                return False
+            self.__getWebHooks()
+            subscribedWebHooks = filter(lambda webhook: action in webhook.SubscribedActions and webhook.IsActive, 
+                                        self.WebHooks)
+            data['action'] = action
+            for i in subscribedWebHooks:
+                try:
+                    ws = WebHookSession(i, data)
+                    t = threading.Thread(target=ws.Execute, daemon=True)
+                    t.start()
+                    current_app.logger.info(f"Requesting {i.PayloadURL}")
+                except Exception as e:
+                    current_app.logger.error(f"Requesting {i.PayloadURL} error", e)
+        except Exception as e:
+            current_app.logger.error("Error when running WebHook")
+
+class WebHookSession:
+    def __init__(self, webHook: WebHook, data: dict[str, str]):
+        self.engine = db.create_engine(ConnectionString("wgdashboard"))
+        self.metadata = db.MetaData()
+        self.webHookSessionsTable = db.Table('DashboardWebHookSessions', self.metadata, autoload_with=self.engine)
+        self.webHook = webHook
+        self.sessionID = str(uuid.uuid4())
+        self.webHookSessionLogs: WebHookSessionLogs = WebHookSessionLogs()
+        self.time = datetime.now()
+        data['time'] = self.time.strftime("%Y-%m-%d %H:%M:%S")
+        data['webhook_id'] = webHook.WebHookID
+        data['webhook_session'] = self.sessionID
+        self.data = data
+        self.Prepare()
+        
+    def Prepare(self):
+        with self.engine.begin() as conn:
+            conn.execute(
+                self.webHookSessionsTable.insert().values({
+                    "WebHookSessionID": self.sessionID,
+                    "WebHookID": self.webHook.WebHookID,
+                    "Data": self.data,
+                    "StartDate": self.time,
+                    "Status": -1,
+                    "Logs": self.webHookSessionLogs.model_dump()
+                })
+            )
+        self.UpdateSessionLog(-1, "Preparing webhook session")
+            
+    def UpdateSessionLog(self, status, message):
+        self.webHookSessionLogs.addLog(status, message)
+        with self.engine.begin() as conn:
+            conn.execute(
+                self.webHookSessionsTable.update().values({
+                    "Logs": self.webHookSessionLogs.model_dump()
+                }).where(
+                    self.webHookSessionsTable.c.WebHookSessionID == self.sessionID
+                )
+            )
+    
+    def UpdateStatus(self, status: int):
+        with self.engine.begin() as conn:
+            conn.execute(
+                self.webHookSessionsTable.update().values({
+                    "Status": status,
+                    "EndDate": datetime.now()
+                }).where(
+                    self.webHookSessionsTable.c.WebHookSessionID == self.sessionID
+                )
+            )
+    
+    def Execute(self):
+        success = False
+        
+        for i in range(5):
+            headerDictionary = {
+                'Content-Type': self.webHook.ContentType
+            }
+            for header in self.webHook.Headers.values():
+                if header['key'] not in ['Content-Type']:
+                    headerDictionary[header['key']] = header['value']
+                
+            if self.webHook.ContentType == "application/json":
+                reqData = json.dumps(self.data)
+            else:
+                for (key, val) in self.data.items():
+                    if type(self.data[key]) not in [str, int]:
+                        self.data[key] = json.dumps(self.data[key])
+                reqData = urllib.parse.urlencode(self.data)
+            try:
+                req = requests.post(
+                    self.webHook.PayloadURL, headers=headerDictionary, timeout=10, data=reqData, verify=self.webHook.VerifySSL
+                )
+                req.raise_for_status()
+                success = True
+                self.UpdateSessionLog(0, "Webhook request finished")
+                self.UpdateSessionLog(0, json.dumps({"returned_data": req.text}))
+                self.UpdateStatus(0)
+                break
+            except requests.exceptions.RequestException as e:
+                self.UpdateSessionLog(1, f"Attempt #{i + 1}/5. Request errored. Reason: " + str(e))
+            time.sleep(10)
+        
+        if not success:
+            self.UpdateSessionLog(1, "Webhook request failed & terminated.")
+            self.UpdateStatus(1)
--- a/src/modules/Email.py
+++ b/src/modules/Email.py
@ -0,0 +1,76 @@
+import os.path
+import smtplib
+from email import encoders
+from email.header import Header
+from email.mime.base import MIMEBase
+from email.mime.multipart import MIMEMultipart
+from email.mime.text import MIMEText
+from email.utils import formataddr
+
+class EmailSender:
+    def __init__(self, DashboardConfig):
+        self.smtp = None
+        self.DashboardConfig = DashboardConfig
+        if not os.path.exists('./attachments'):
+            os.mkdir('./attachments')
+        
+    def Server(self):
+        return self.DashboardConfig.GetConfig("Email", "server")[1]
+    
+    def Port(self):
+        return self.DashboardConfig.GetConfig("Email", "port")[1]
+    
+    def Encryption(self):
+        return self.DashboardConfig.GetConfig("Email", "encryption")[1]
+    
+    def Username(self):
+        return self.DashboardConfig.GetConfig("Email", "username")[1]
+    
+    def Password(self):
+        return self.DashboardConfig.GetConfig("Email", "email_password")[1]
+    
+    def SendFrom(self):
+        return self.DashboardConfig.GetConfig("Email", "send_from")[1]
+    
+    # Thank you, @gdeeble from GitHub
+    def AuthenticationRequired(self):
+        return self.DashboardConfig.GetConfig("Email", "authentication_required")[1]
+
+    def ready(self):
+        if self.AuthenticationRequired():
+            return all([self.Server(), self.Port(), self.Encryption(), self.Username(), self.Password(), self.SendFrom()])
+        return all([self.Server(), self.Port(), self.Encryption(), self.SendFrom()])
+
+    def send(self, receiver, subject, body, includeAttachment = False, attachmentName = "") -> tuple[bool, str] | tuple[bool, None]:
+        if self.ready():
+            try:
+                self.smtp = smtplib.SMTP(self.Server(), port=int(self.Port()))
+                self.smtp.ehlo()
+                if self.Encryption() == "STARTTLS":
+                    self.smtp.starttls()
+                if self.AuthenticationRequired():
+                    self.smtp.login(self.Username(), self.Password())
+                message = MIMEMultipart()
+                message['Subject'] = subject
+                message['From'] = self.SendFrom()
+                message["To"] = receiver
+                message.attach(MIMEText(body, "plain"))
+
+                if includeAttachment and len(attachmentName) > 0:
+                    attachmentPath = os.path.join('./attachments', attachmentName)
+                    if os.path.exists(attachmentPath):
+                        attachment = MIMEBase("application", "octet-stream")
+                        with open(os.path.join('./attachments', attachmentName), 'rb') as f:
+                            attachment.set_payload(f.read())
+                        encoders.encode_base64(attachment)
+                        attachment.add_header("Content-Disposition", f"attachment; filename= {attachmentName}",)
+                        message.attach(attachment)
+                    else:
+                        self.smtp.close()
+                        return False, "Attachment does not exist"
+                self.smtp.sendmail(self.SendFrom(), receiver, message.as_string())
+                self.smtp.close()
+                return True, None
+            except Exception as e:
+                return False, f"Send failed | Reason: {e}"
+        return False, "SMTP not configured"
--- a/src/modules/Log.py
+++ b/src/modules/Log.py
@ -0,0 +1,22 @@
+"""
+Log Class
+"""
+class Log:
+    def __init__(self, LogID: str, JobID: str, LogDate: str, Status: str, Message: str):
+        self.LogID = LogID
+        self.JobID = JobID
+        self.LogDate = LogDate
+        self.Status = Status
+        self.Message = Message
+
+    def toJson(self):
+        return {
+            "LogID": self.LogID,
+            "JobID": self.JobID,
+            "LogDate": self.LogDate,
+            "Status": self.Status,
+            "Message": self.Message
+        }
+
+    def __dict__(self):
+        return self.toJson()
--- a/src/modules/NewConfigurationTemplates.py
+++ b/src/modules/NewConfigurationTemplates.py
@ -0,0 +1,88 @@
+import uuid
+
+from pydantic import BaseModel, field_serializer
+import sqlalchemy as db
+from .ConnectionString import ConnectionString
+
+
+class NewConfigurationTemplate(BaseModel):
+    TemplateID: str = ''
+    Subnet: str = ''
+    ListenPortStart: int = 0
+    ListenPortEnd: int = 0
+    Notes: str = ""
+    
+class NewConfigurationTemplates:
+    def __init__(self):
+        self.engine = db.create_engine(ConnectionString("wgdashboard"))
+        self.metadata = db.MetaData()
+        self.templatesTable = db.Table(
+            'NewConfigurationTemplates', self.metadata,
+            db.Column('TemplateID', db.String(255), primary_key=True),
+            db.Column('Subnet', db.String(255)),
+            db.Column('ListenPortStart', db.Integer),
+            db.Column('ListenPortEnd', db.Integer),
+            db.Column('Notes', db.Text),
+        )
+        self.metadata.create_all(self.engine)
+        self.Templates: list[NewConfigurationTemplate] = []
+        self.__getTemplates()
+        
+    def GetTemplates(self):
+        self.__getTemplates()
+        return list(map(lambda x : x.model_dump(), self.Templates))
+    
+    def __getTemplates(self):
+        with self.engine.connect() as conn:
+            templates = conn.execute(
+                self.templatesTable.select()
+            ).mappings().fetchall()
+            self.Templates.clear()
+            self.Templates = [NewConfigurationTemplate(**template) for template in templates]
+    
+    def CreateTemplate(self) -> NewConfigurationTemplate:
+        return NewConfigurationTemplate(TemplateID=str(uuid.uuid4()))
+    
+    def SearchTemplate(self, template: NewConfigurationTemplate):
+        try:
+            first = next(filter(lambda x : x.TemplateID == template.TemplateID, self.Templates))
+        except StopIteration:
+            return None
+        return first
+    
+    def UpdateTemplate(self, template: dict[str, str]) -> tuple[bool, str] | tuple[bool, None]:
+        try:
+            template = NewConfigurationTemplate(**template)
+            with self.engine.begin() as conn:
+                if self.SearchTemplate(template):
+                    conn.execute(
+                        self.templatesTable.update().values(
+                            template.model_dump(exclude={'TemplateID'})
+                        ).where(
+                            self.templatesTable.c.TemplateID == template.TemplateID
+                        )
+                    )
+                else:
+                    conn.execute(
+                        self.templatesTable.insert().values(
+                            template.model_dump()
+                        )
+                    )
+            self.__getTemplates()
+        except Exception as e:
+            return False, str(e)
+        return True, None
+    
+    def DeleteTemplate(self, template: dict[str, str]) -> tuple[bool, str] | tuple[bool, None]:
+        try:
+            template = NewConfigurationTemplate(**template)
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.templatesTable.delete().where(
+                        self.templatesTable.c.TemplateID == template.TemplateID
+                    )
+                )
+            self.__getTemplates()
+        except Exception as e:
+            return False, str(e)
+        return True, None
--- a/src/modules/Peer.py
+++ b/src/modules/Peer.py
@ -0,0 +1,354 @@
+"""
+Peer
+"""
+import base64
+import datetime
+import json
+import os, subprocess, uuid, random, re
+from datetime import timedelta
+
+import jinja2
+import sqlalchemy as db
+from .PeerJob import PeerJob
+from .PeerShareLink import PeerShareLink
+from .Utilities import GenerateWireguardPublicKey, ValidateIPAddressesWithRange, ValidateDNSAddress
+
+
+class Peer:
+    def __init__(self, tableData, configuration):
+        self.configuration = configuration
+        self.id = tableData["id"]
+        self.private_key = tableData["private_key"]
+        self.DNS = tableData["DNS"]
+        self.endpoint_allowed_ip = tableData["endpoint_allowed_ip"]
+        self.name = tableData["name"]
+        self.total_receive = tableData["total_receive"]
+        self.total_sent = tableData["total_sent"]
+        self.total_data = tableData["total_data"]
+        self.endpoint = tableData["endpoint"]
+        self.status = tableData["status"]
+        self.latest_handshake = tableData["latest_handshake"]
+        self.allowed_ip = tableData["allowed_ip"]
+        self.cumu_receive = tableData["cumu_receive"]
+        self.cumu_sent = tableData["cumu_sent"]
+        self.cumu_data = tableData["cumu_data"]
+        self.mtu = tableData["mtu"]
+        self.keepalive = tableData["keepalive"]
+        self.remote_endpoint = tableData["remote_endpoint"]
+        self.preshared_key = tableData["preshared_key"]
+        self.jobs: list[PeerJob] = []
+        self.ShareLink: list[PeerShareLink] = []
+        self.getJobs()
+        self.getShareLink()
+
+    def toJson(self):
+        # self.getJobs()
+        # self.getShareLink()
+        return self.__dict__
+
+    def __repr__(self):
+        return str(self.toJson())
+
+    def updatePeer(self, name: str, private_key: str,
+                   preshared_key: str,
+                   dns_addresses: str, allowed_ip: str, endpoint_allowed_ip: str, mtu: int,
+                   keepalive: int) -> tuple[bool, str] or tuple[bool, None]:
+        if not self.configuration.getStatus():
+            self.configuration.toggleConfiguration()
+
+        existingAllowedIps = [item for row in list(
+            map(lambda x: [q.strip() for q in x.split(',')],
+                map(lambda y: y.allowed_ip,
+                    list(filter(lambda k: k.id != self.id, self.configuration.getPeersList()))))) for item in row]
+
+        if allowed_ip in existingAllowedIps:
+            return False, "Allowed IP already taken by another peer"
+        
+        if not ValidateIPAddressesWithRange(endpoint_allowed_ip):
+            return False, f"Endpoint Allowed IPs format is incorrect"
+        
+        if len(dns_addresses) > 0 and not ValidateDNSAddress(dns_addresses):
+            return False, f"DNS format is incorrect"
+        
+        if type(mtu) is str or mtu is None:
+            mtu = 0
+        
+        if mtu < 0 or mtu > 1460:
+            return False, "MTU format is not correct"
+        
+        if type(keepalive) is str or keepalive is None:
+            keepalive = 0
+        
+        if keepalive < 0:
+            return False, "Persistent Keepalive format is not correct"
+        if len(private_key) > 0:
+            pubKey = GenerateWireguardPublicKey(private_key)
+            if not pubKey[0] or pubKey[1] != self.id:
+                return False, "Private key does not match with the public key"
+        try:
+            rd = random.Random()
+            uid = str(uuid.UUID(int=rd.getrandbits(128), version=4))
+            pskExist = len(preshared_key) > 0
+
+            if pskExist:
+                with open(uid, "w+") as f:
+                    f.write(preshared_key)
+            newAllowedIPs = allowed_ip.replace(" ", "")
+            updateAllowedIp = subprocess.check_output(
+                f"{self.configuration.Protocol} set {self.configuration.Name} peer {self.id} allowed-ips {newAllowedIPs} {f'preshared-key {uid}' if pskExist else 'preshared-key /dev/null'}",
+                shell=True, stderr=subprocess.STDOUT)
+
+            if pskExist: os.remove(uid)
+            if len(updateAllowedIp.decode().strip("\n")) != 0:
+                return False, "Update peer failed when updating Allowed IPs"
+            saveConfig = subprocess.check_output(f"{self.configuration.Protocol}-quick save {self.configuration.Name}",
+                                                 shell=True, stderr=subprocess.STDOUT)
+            if f"wg showconf {self.configuration.Name}" not in saveConfig.decode().strip('\n'):
+                return False, "Update peer failed when saving the configuration"
+            with self.configuration.engine.begin() as conn:
+                conn.execute(
+                    self.configuration.peersTable.update().values({
+                        "name": name,
+                        "private_key": private_key,
+                        "DNS": dns_addresses,
+                        "endpoint_allowed_ip": endpoint_allowed_ip,
+                        "mtu": mtu,
+                        "keepalive": keepalive,
+                        "preshared_key": preshared_key
+                    }).where(
+                        self.configuration.peersTable.c.id == self.id
+                    )
+                )
+            return True, None
+        except subprocess.CalledProcessError as exc:
+            return False, exc.output.decode("UTF-8").strip()
+
+    def downloadPeer(self) -> dict[str, str]:
+        final = {
+            "fileName": "",
+            "file": ""
+        }
+        filename = self.name
+        if len(filename) == 0:
+            filename = "UntitledPeer"
+        filename = "".join(filename.split(' '))
+        filename = f"{filename}"
+        illegal_filename = [".", ",", "/", "?", "<", ">", "\\", ":", "*", '|' '\"', "com1", "com2", "com3",
+                            "com4", "com5", "com6", "com7", "com8", "com9", "lpt1", "lpt2", "lpt3", "lpt4",
+                            "lpt5", "lpt6", "lpt7", "lpt8", "lpt9", "con", "nul", "prn"]
+        for i in illegal_filename:
+            filename = filename.replace(i, "")
+
+        for i in filename:
+            if re.match("^[a-zA-Z0-9_=+.-]$", i):
+                final["fileName"] += i
+                
+        interfaceSection = {
+            "PrivateKey": self.private_key,
+            "Address": self.allowed_ip,
+            "MTU": (
+                self.configuration.configurationInfo.OverridePeerSettings.MTU
+                    if self.configuration.configurationInfo.OverridePeerSettings.MTU else self.mtu
+            ),
+            "DNS": (
+                self.configuration.configurationInfo.OverridePeerSettings.DNS 
+                    if self.configuration.configurationInfo.OverridePeerSettings.DNS else self.DNS
+            )
+        }
+        
+        if self.configuration.Protocol == "awg":
+            interfaceSection.update({
+                "Jc": self.configuration.Jc,
+                "Jmin": self.configuration.Jmin,
+                "Jmax": self.configuration.Jmax,
+                "S1": self.configuration.S1,
+                "S2": self.configuration.S2,
+                "H1": self.configuration.H1,
+                "H2": self.configuration.H2,
+                "H3": self.configuration.H3,
+                "H4": self.configuration.H4
+            })
+            
+        peerSection = {
+            "PublicKey": self.configuration.PublicKey,
+            "AllowedIPs": (
+                self.configuration.configurationInfo.OverridePeerSettings.EndpointAllowedIPs
+                    if self.configuration.configurationInfo.OverridePeerSettings.EndpointAllowedIPs else self.endpoint_allowed_ip
+            ),
+            "Endpoint": f'{(self.configuration.configurationInfo.OverridePeerSettings.PeerRemoteEndpoint if self.configuration.configurationInfo.OverridePeerSettings.PeerRemoteEndpoint else self.configuration.DashboardConfig.GetConfig("Peers", "remote_endpoint")[1])}:{(self.configuration.configurationInfo.OverridePeerSettings.ListenPort if self.configuration.configurationInfo.OverridePeerSettings.ListenPort else self.configuration.ListenPort)}',
+            "PersistentKeepalive": (
+                self.configuration.configurationInfo.OverridePeerSettings.PersistentKeepalive 
+                if self.configuration.configurationInfo.OverridePeerSettings.PersistentKeepalive
+                else self.keepalive
+            ),
+            "PresharedKey": self.preshared_key
+        }
+        combine = [interfaceSection.items(), peerSection.items()]
+        for s in range(len(combine)):
+            if s == 0:
+                final["file"] += "[Interface]\n"
+            else:
+                final["file"] += "\n[Peer]\n"
+            for (key, val) in combine[s]:
+                if val is not None and ((type(val) is str and len(val) > 0) or (type(val) is int and val > 0)):
+                    final["file"] += f"{key} = {val}\n"
+        
+        final["file"] = jinja2.Template(final["file"]).render(configuration=self.configuration)
+
+
+        if self.configuration.Protocol == "awg":
+            final["amneziaVPN"] = json.dumps({
+                "containers": [{
+                    "awg": {
+                        "isThirdPartyConfig": True,
+                        "last_config": final['file'],
+                        "port": self.configuration.ListenPort,
+                        "transport_proto": "udp"
+                    },
+                    "container": "amnezia-awg"
+                }],
+                "defaultContainer": "amnezia-awg",
+                "description": self.name,
+                "hostName": (
+                    self.configuration.configurationInfo.OverridePeerSettings.PeerRemoteEndpoint 
+                        if self.configuration.configurationInfo.OverridePeerSettings.PeerRemoteEndpoint 
+                        else self.configuration.DashboardConfig.GetConfig("Peers", "remote_endpoint")[1])
+            })
+        return final
+
+    def getJobs(self):
+        self.jobs = self.configuration.AllPeerJobs.searchJob(self.configuration.Name, self.id)
+
+    def getShareLink(self):
+        self.ShareLink = self.configuration.AllPeerShareLinks.getLink(self.configuration.Name, self.id)
+
+    def resetDataUsage(self, mode: str):
+        try:
+            with self.configuration.engine.begin() as conn:
+                if mode == "total":
+                    conn.execute(
+                        self.configuration.peersTable.update().values({
+                            "total_data": 0,
+                            "cumu_data": 0,
+                            "total_receive": 0,
+                            "cumu_receive": 0,
+                            "total_sent": 0,
+                            "cumu_sent": 0
+                        }).where(
+                            self.configuration.peersTable.c.id == self.id
+                        )
+                    )
+                    self.total_data = 0
+                    self.total_receive = 0
+                    self.total_sent = 0
+                    self.cumu_data = 0
+                    self.cumu_sent = 0
+                    self.cumu_receive = 0
+                elif mode == "receive":
+                    conn.execute(
+                        self.configuration.peersTable.update().values({
+                            "total_receive": 0,
+                            "cumu_receive": 0,
+                        }).where(
+                            self.configuration.peersTable.c.id == self.id
+                        )
+                    )
+                    self.cumu_receive = 0
+                    self.total_receive = 0
+                elif mode == "sent":
+                    conn.execute(
+                        self.configuration.peersTable.update().values({
+                            "total_sent": 0,
+                            "cumu_sent": 0
+                        }).where(
+                            self.configuration.peersTable.c.id == self.id
+                        )
+                    )
+                    self.cumu_sent = 0
+                    self.total_sent = 0
+                else:
+                    return False
+        except Exception as e:
+            print(e)
+            return False
+        return True
+    
+    def getEndpoints(self):
+        result = []
+        with self.configuration.engine.connect() as conn:
+            result = conn.execute(
+                db.select(
+                    self.configuration.peersHistoryEndpointTable.c.endpoint
+                ).group_by(
+                    self.configuration.peersHistoryEndpointTable.c.endpoint
+                ).where(
+                    self.configuration.peersHistoryEndpointTable.c.id == self.id
+                )
+            ).mappings().fetchall()
+        return list(result)
+    
+    def getTraffics(self, interval: int = 30, startDate: datetime.datetime = None, endDate: datetime.datetime = None):
+        if startDate is None and endDate is None:
+            endDate = datetime.datetime.now()
+            startDate = endDate - timedelta(minutes=interval)
+        else:
+            endDate = endDate.replace(hour=23, minute=59, second=59, microsecond=999999)
+            startDate = startDate.replace(hour=0, minute=0, second=0, microsecond=0)
+
+        with self.configuration.engine.connect() as conn:
+            result = conn.execute(
+                db.select(
+                    self.configuration.peersTransferTable.c.cumu_data,
+                    self.configuration.peersTransferTable.c.total_data,
+                    self.configuration.peersTransferTable.c.cumu_receive,
+                    self.configuration.peersTransferTable.c.total_receive,
+                    self.configuration.peersTransferTable.c.cumu_sent,
+                    self.configuration.peersTransferTable.c.total_sent,
+                    self.configuration.peersTransferTable.c.time
+                ).where(
+                    db.and_(
+                        self.configuration.peersTransferTable.c.id == self.id,
+                        self.configuration.peersTransferTable.c.time <= endDate,
+                        self.configuration.peersTransferTable.c.time >= startDate,
+                        )
+                ).order_by(
+                    self.configuration.peersTransferTable.c.time
+                )
+            ).mappings().fetchall()
+        return list(result)
+            
+    
+    def getSessions(self, startDate: datetime.datetime = None, endDate: datetime.datetime = None):
+        if endDate is None:
+            endDate = datetime.datetime.now()
+        
+        if startDate is None:
+            startDate = endDate
+
+        endDate = endDate.replace(hour=23, minute=59, second=59, microsecond=999999)
+        startDate = startDate.replace(hour=0, minute=0, second=0, microsecond=0)
+            
+
+        with self.configuration.engine.connect() as conn:
+            result = conn.execute(
+                db.select(
+                    self.configuration.peersTransferTable.c.time
+                ).where(
+                    db.and_(
+                        self.configuration.peersTransferTable.c.id == self.id,
+                        self.configuration.peersTransferTable.c.time <= endDate,
+                        self.configuration.peersTransferTable.c.time >= startDate,
+                    )
+                ).order_by(
+                    self.configuration.peersTransferTable.c.time
+                )
+            ).fetchall()
+        time = list(map(lambda x : x[0], result))
+        return time
+    
+    def __duration(self, t1: datetime.datetime, t2: datetime.datetime):
+        delta = t1 - t2
+        
+        hours, remainder = divmod(delta.total_seconds(), 3600)
+        minutes, seconds = divmod(remainder, 60)
+        return f"{int(hours):02}:{int(minutes):02}:{int(seconds):02}"
--- a/src/modules/PeerJob.py
+++ b/src/modules/PeerJob.py
@ -0,0 +1,32 @@
+"""
+Peer Job
+"""
+from datetime import datetime
+class PeerJob:
+    def __init__(self, JobID: str, Configuration: str, Peer: str,
+                 Field: str, Operator: str, Value: str, CreationDate: datetime, ExpireDate: datetime, Action: str):
+        self.Action = Action
+        self.ExpireDate = ExpireDate
+        self.CreationDate = CreationDate
+        self.Value = Value
+        self.Operator = Operator
+        self.Field = Field
+        self.Configuration = Configuration
+        self.Peer = Peer
+        self.JobID = JobID
+
+    def toJson(self):
+        return {
+            "JobID": self.JobID,
+            "Configuration": self.Configuration,
+            "Peer": self.Peer,
+            "Field": self.Field,
+            "Operator": self.Operator,
+            "Value": self.Value,
+            "CreationDate": self.CreationDate.strftime("%Y-%m-%d %H:%M:%S"),
+            "ExpireDate": (self.ExpireDate.strftime("%Y-%m-%d %H:%M:%S") if self.ExpireDate is not None else None),
+            "Action": self.Action
+        }
+
+    def __dict__(self):
+        return self.toJson()
--- a/src/modules/PeerJobLogger.py
+++ b/src/modules/PeerJobLogger.py
@ -0,0 +1,101 @@
+"""
+Peer Job Logger
+"""
+import uuid
+from typing import Sequence
+
+import sqlalchemy as db
+from flask import current_app
+from sqlalchemy import RowMapping
+
+from .ConnectionString import ConnectionString
+from .Log import Log
+
+class PeerJobLogger:
+    def __init__(self, AllPeerJobs, DashboardConfig):
+        self.engine = db.create_engine(ConnectionString("wgdashboard_log"))                
+        self.metadata = db.MetaData()
+        self.jobLogTable = db.Table('JobLog', self.metadata,
+                                    db.Column('LogID', db.String(255), nullable=False, primary_key=True),
+                                    db.Column('JobID', db.String(255), nullable=False),
+                                    db.Column('LogDate', (db.DATETIME if DashboardConfig.GetConfig("Database", "type")[1] == 'sqlite' else db.TIMESTAMP), 
+                                              server_default=db.func.now()),
+                                    db.Column('Status', db.String(255), nullable=False),
+                                    db.Column('Message', db.Text)
+                                    )
+        self.logs: list[Log] = []
+        self.metadata.create_all(self.engine)
+        self.AllPeerJobs = AllPeerJobs
+    def log(self, JobID: str, Status: bool = True, Message: str = "") -> bool:
+        try:
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.jobLogTable.insert().values(
+                        {
+                            "LogID": str(uuid.uuid4()), 
+                            "JobID": JobID, 
+                            "Status": Status, 
+                            "Message": Message
+                        }
+                    )
+                )
+        except Exception as e:
+            current_app.logger.error(f"Peer Job Log Error", e)
+            return False
+        return True
+
+    def getLogs(self, configName = None) -> list[Log]:
+        logs: list[Log] = []
+        try:
+            allJobs = self.AllPeerJobs.getAllJobs(configName)
+            allJobsID = [x.JobID for x in allJobs]
+            stmt = self.jobLogTable.select().where(self.jobLogTable.columns.JobID.in_(
+                allJobsID
+            ))
+            with self.engine.connect() as conn:
+                table = conn.execute(stmt).fetchall()
+                for l in table:
+                    logs.append(
+                        Log(l.LogID, l.JobID, l.LogDate.strftime("%Y-%m-%d %H:%M:%S"), l.Status, l.Message))
+        except Exception as e:
+            current_app.logger.error(f"Getting Peer Job Log Error", e)
+            return logs
+        return logs
+    
+    def getFailingJobs(self) -> Sequence[RowMapping]:
+        with self.engine.connect() as conn:
+            table = conn.execute(
+                db.select(
+                    self.jobLogTable.c.JobID
+                ).where(
+                    (db.or_(
+                        self.jobLogTable.c.Status == 'false',
+                        self.jobLogTable.c.Status == 0
+                    ) if conn.dialect.name == 'sqlite' else self.jobLogTable.c.Status == 'false')
+                ).group_by(
+                    self.jobLogTable.c.JobID
+                ).having(
+                    db.func.count(
+                        self.jobLogTable.c.JobID
+                    ) > 10
+                )
+            ).mappings().fetchall()
+            return table
+    
+    def deleteLogs(self, LogID = None, JobID = None):
+        with self.engine.begin() as conn:
+            print(f"[WGDashboard] Deleted stale logs of JobID: {JobID}")
+            conn.execute(
+                self.jobLogTable.delete().where(
+                    db.and_(
+                        (self.jobLogTable.c.LogID == LogID if LogID is not None else True),
+                        (self.jobLogTable.c.JobID == JobID if JobID is not None else True),
+                    )
+                )
+            )
+    
+    def vacuum(self):
+        with self.engine.begin() as conn:
+            if conn.dialect.name == 'sqlite':
+                print("[WGDashboard] SQLite Vacuuming PeerJobLogs Database")
+                conn.execute(db.text('VACUUM;'))
--- a/src/modules/PeerJobs.py
+++ b/src/modules/PeerJobs.py
@ -0,0 +1,222 @@
+"""
+Peer Jobs
+"""
+import sqlalchemy
+
+from .ConnectionString import ConnectionString
+from .PeerJob import PeerJob
+from .PeerJobLogger import PeerJobLogger
+import sqlalchemy as db
+from datetime import datetime
+from flask import current_app
+
+class PeerJobs:
+    def __init__(self, DashboardConfig, WireguardConfigurations, AllPeerShareLinks):
+        self.Jobs: list[PeerJob] = []
+        self.engine = db.create_engine(ConnectionString('wgdashboard_job'))
+        self.metadata = db.MetaData()
+        self.peerJobTable = db.Table('PeerJobs', self.metadata,
+                                     db.Column('JobID', db.String(255), nullable=False, primary_key=True),
+                                     db.Column('Configuration', db.String(255), nullable=False),
+                                     db.Column('Peer', db.String(255), nullable=False),
+                                     db.Column('Field', db.String(255), nullable=False),
+                                     db.Column('Operator', db.String(255), nullable=False),
+                                     db.Column('Value', db.String(255), nullable=False),
+                                     db.Column('CreationDate', (db.DATETIME if DashboardConfig.GetConfig("Database", "type")[1] == 'sqlite' else db.TIMESTAMP), nullable=False),
+                                     db.Column('ExpireDate', (db.DATETIME if DashboardConfig.GetConfig("Database", "type")[1] == 'sqlite' else db.TIMESTAMP)),
+                                     db.Column('Action', db.String(255), nullable=False),
+                                     )
+        self.metadata.create_all(self.engine)
+        self.__getJobs()
+        self.JobLogger: PeerJobLogger = PeerJobLogger(self, DashboardConfig)
+        self.WireguardConfigurations = WireguardConfigurations
+        self.AllPeerShareLinks = AllPeerShareLinks
+        self.cleanJob(init=True)
+
+    def __getJobs(self):
+        self.Jobs.clear()
+        with self.engine.connect() as conn:
+            jobs = conn.execute(self.peerJobTable.select().where(
+                self.peerJobTable.columns.ExpireDate.is_(None)
+            )).mappings().fetchall()
+            for job in jobs:
+                self.Jobs.append(PeerJob(
+                    job['JobID'], job['Configuration'], job['Peer'], job['Field'], job['Operator'], job['Value'],
+                    job['CreationDate'], job['ExpireDate'], job['Action']))
+
+    def getAllJobs(self, configuration: str = None):
+        if configuration is not None:
+            with self.engine.connect() as conn:
+                jobs = conn.execute(self.peerJobTable.select().where(
+                    self.peerJobTable.columns.Configuration == configuration
+                )).mappings().fetchall()
+                j = []
+                for job in jobs:
+                    j.append(PeerJob(
+                        job['JobID'], job['Configuration'], job['Peer'], job['Field'], job['Operator'], job['Value'],
+                        job['CreationDate'], job['ExpireDate'], job['Action']))
+                return j
+        return []
+
+    def toJson(self):
+        return [x.toJson() for x in self.Jobs]
+
+    def searchJob(self, Configuration: str, Peer: str):
+        return list(filter(lambda x: x.Configuration == Configuration and x.Peer == Peer, self.Jobs))
+
+    def searchJobById(self, JobID):
+        return list(filter(lambda x: x.JobID == JobID, self.Jobs))
+
+    def saveJob(self, Job: PeerJob) -> tuple[bool, list] | tuple[bool, str]:
+        import traceback
+        try:
+            with self.engine.begin() as conn:
+                currentJob = self.searchJobById(Job.JobID)
+                if len(currentJob) == 0:
+                    conn.execute(
+                        self.peerJobTable.insert().values(
+                            {
+                                "JobID": Job.JobID,
+                                "Configuration": Job.Configuration,
+                                "Peer": Job.Peer,
+                                "Field": Job.Field,
+                                "Operator": Job.Operator,
+                                "Value": Job.Value,
+                                "CreationDate": datetime.now(),
+                                "ExpireDate": None,
+                                "Action": Job.Action
+                            }
+                        )
+                    )
+                    self.JobLogger.log(Job.JobID, Message=f"Job is created if {Job.Field} {Job.Operator} {Job.Value} then {Job.Action}")
+                else:
+                    conn.execute(
+                        self.peerJobTable.update().values({
+                            "Field": Job.Field,
+                            "Operator": Job.Operator,
+                            "Value": Job.Value,
+                            "Action": Job.Action
+                        }).where(self.peerJobTable.columns.JobID == Job.JobID)
+                    )
+                    self.JobLogger.log(Job.JobID, Message=f"Job is updated from if {currentJob[0].Field} {currentJob[0].Operator} {currentJob[0].Value} then {currentJob[0].Action}; to if {Job.Field} {Job.Operator} {Job.Value} then {Job.Action}")
+            self.__getJobs()
+            self.WireguardConfigurations.get(Job.Configuration).searchPeer(Job.Peer)[1].getJobs()
+            return True, list(
+                filter(lambda x: x.Configuration == Job.Configuration and x.Peer == Job.Peer and x.JobID == Job.JobID,
+                       self.Jobs))
+        except Exception as e:
+            traceback.print_exc()
+            return False, str(e)
+
+    def deleteJob(self, Job: PeerJob) -> tuple[bool, None] | tuple[bool, str]:
+        try:
+            if len(self.searchJobById(Job.JobID)) == 0:
+                return False, "Job does not exist"
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.peerJobTable.update().values(
+                        {
+                            "ExpireDate": datetime.now()
+                        }
+                    ).where(self.peerJobTable.columns.JobID == Job.JobID)
+                )
+                self.JobLogger.log(Job.JobID, Message=f"Job is removed due to being deleted or finished.")
+            self.__getJobs()
+            self.WireguardConfigurations.get(Job.Configuration).searchPeer(Job.Peer)[1].getJobs()
+            return True, None
+        except Exception as e:
+            return False, str(e)
+
+    def updateJobConfigurationName(self, ConfigurationName: str, NewConfigurationName: str) -> tuple[bool, str] | tuple[bool, None]:
+        try:
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.peerJobTable.update().values({
+                        "Configuration": NewConfigurationName
+                    }).where(self.peerJobTable.columns.Configuration == ConfigurationName)
+                )
+            self.__getJobs()
+            return True, None
+        except Exception as e:
+            return False, str(e)
+    
+    def getPeerJobLogs(self, configurationName):
+        return self.JobLogger.getLogs(configurationName)
+
+
+    def runJob(self):
+        self.cleanJob()
+        needToDelete = []
+        self.__getJobs()
+        for job in self.Jobs:
+            c = self.WireguardConfigurations.get(job.Configuration)
+            if c is not None:
+                f, fp = c.searchPeer(job.Peer)
+                if f:
+                    if job.Field in ["total_receive", "total_sent", "total_data"]:
+                        s = job.Field.split("_")[1]
+                        x: float = getattr(fp, f"total_{s}") + getattr(fp, f"cumu_{s}")
+                        y: float = float(job.Value)
+                    else:
+                        x: datetime = datetime.now()
+                        y: datetime = datetime.strptime(job.Value, "%Y-%m-%d %H:%M:%S")
+                    runAction: bool = self.__runJob_Compare(x, y, job.Operator)
+                    if runAction:
+                        s = False
+                        if job.Action == "restrict":
+                            s, msg = c.restrictPeers([fp.id])
+                        elif job.Action == "delete":
+                            s, msg = c.deletePeers([fp.id], self, self.AllPeerShareLinks)
+                        elif job.Action == "reset_total_data_usage":
+                            s = fp.resetDataUsage("total")
+                            c.restrictPeers([fp.id])
+                            c.allowAccessPeers([fp.id])
+                        if s is True:
+                            self.JobLogger.log(job.JobID, s,
+                                          f"Peer {fp.id} from {c.Name} is successfully {job.Action}ed."
+                                          )
+                            needToDelete.append(job)
+                        else:
+                            self.JobLogger.log(job.JobID, s,
+                                          f"Peer {fp.id} from {c.Name} failed {job.Action}ed."
+                                          )
+                else:
+                    self.JobLogger.log(job.JobID, False,
+                                  f"Somehow can't find this peer {job.Peer} from {c.Name} failed {job.Action}ed."
+                                  )
+            else:
+                self.JobLogger.log(job.JobID, False,
+                              f"Somehow can't find this peer {job.Peer} from {job.Configuration} failed {job.Action}ed."
+                              )
+        for j in needToDelete:
+            self.deleteJob(j)
+            
+    def cleanJob(self, init = False):
+        failingJobs = self.JobLogger.getFailingJobs()
+        with self.engine.begin() as conn:
+            for job in failingJobs:
+                conn.execute(
+                    self.peerJobTable.update().values(
+                        {
+                            "ExpireDate": datetime.now()
+                        }
+                    ).where(self.peerJobTable.columns.JobID == job.get('JobID'))
+                )
+                self.JobLogger.deleteLogs(JobID=job.get('JobID'))
+                self.JobLogger.log(job.get('JobID'), Message=f"Job is removed due to being stale.")
+        
+        with self.engine.connect() as conn:
+            if init and conn.dialect.name == 'sqlite':
+                print("[WGDashboard] SQLite Vacuuming PeerJobs Database")
+                self.JobLogger.vacuum()
+                conn.execute(sqlalchemy.text('VACUUM;'))
+
+    def __runJob_Compare(self, x: float | datetime, y: float | datetime, operator: str):
+        if operator == "eq":
+            return x == y
+        if operator == "neq":
+            return x != y
+        if operator == "lgt":
+            return x > y
+        if operator == "lst":
+            return x < y
--- a/src/modules/PeerShareLink.py
+++ b/src/modules/PeerShareLink.py
@ -0,0 +1,22 @@
+from datetime import datetime
+"""
+Peer Share Link
+"""
+class PeerShareLink:
+    def __init__(self, ShareID:str, Configuration: str, Peer: str, ExpireDate: datetime, SharedDate: datetime):
+        self.ShareID = ShareID
+        self.Peer = Peer
+        self.Configuration = Configuration
+        self.SharedDate = SharedDate
+        self.ExpireDate = ExpireDate
+        if not self.ExpireDate:
+            self.ExpireDate = datetime.strptime("2199-12-31","%Y-%m-%d")
+
+    def toJson(self):
+        return {
+            "ShareID": self.ShareID,
+            "Peer": self.Peer,
+            "Configuration": self.Configuration,
+            "ExpireDate": self.ExpireDate.strftime("%Y-%m-%d %H:%M:%S"),
+            "SharedDate": self.SharedDate.strftime("%Y-%m-%d %H:%M:%S"),
+        }
--- a/src/modules/PeerShareLinks.py
+++ b/src/modules/PeerShareLinks.py
@ -0,0 +1,89 @@
+from .ConnectionString import ConnectionString
+from .PeerShareLink import PeerShareLink
+import sqlalchemy as db
+from datetime import datetime
+import uuid
+
+"""
+Peer Share Links
+"""
+class PeerShareLinks:
+    def __init__(self, DashboardConfig, WireguardConfigurations):
+        self.Links: list[PeerShareLink] = []
+        self.engine = db.create_engine(ConnectionString("wgdashboard"))
+        self.metadata = db.MetaData()
+        self.peerShareLinksTable = db.Table(
+            'PeerShareLinks', self.metadata,
+            db.Column('ShareID', db.String(255), nullable=False, primary_key=True),
+            db.Column('Configuration', db.String(255), nullable=False),
+            db.Column('Peer', db.String(255), nullable=False),
+            db.Column('ExpireDate', (db.DATETIME if DashboardConfig.GetConfig("Database", "type")[1] == 'sqlite' else db.TIMESTAMP)),
+            db.Column('SharedDate', (db.DATETIME if DashboardConfig.GetConfig("Database", "type")[1] == 'sqlite' else db.TIMESTAMP),
+                      server_default=db.func.now()),
+        )
+        self.metadata.create_all(self.engine)
+        self.__getSharedLinks()
+        self.wireguardConfigurations = WireguardConfigurations
+    def __getSharedLinks(self):
+        self.Links.clear()
+        with self.engine.connect() as conn:
+            allLinks = conn.execute(
+                self.peerShareLinksTable.select().where(
+                    db.or_(self.peerShareLinksTable.columns.ExpireDate.is_(None), self.peerShareLinksTable.columns.ExpireDate > datetime.now())
+                )
+            ).mappings().fetchall()
+            for link in allLinks:
+                self.Links.append(PeerShareLink(**link))
+
+
+
+    def getLink(self, Configuration: str, Peer: str) -> list[PeerShareLink]:
+        self.__getSharedLinks()
+        return list(filter(lambda x : x.Configuration == Configuration and x.Peer == Peer, self.Links))
+
+    def getLinkByID(self, ShareID: str) -> list[PeerShareLink]:
+        self.__getSharedLinks()
+        return list(filter(lambda x : x.ShareID == ShareID, self.Links))
+
+    def addLink(self, Configuration: str, Peer: str, ExpireDate: datetime = None) -> tuple[bool, str]:
+        try:
+            newShareID = str(uuid.uuid4())
+            with self.engine.begin() as conn:
+                if len(self.getLink(Configuration, Peer)) > 0:
+                    conn.execute(
+                        self.peerShareLinksTable.update().values(
+                            {
+                                "ExpireDate": datetime.now()
+                            }
+                        ).where(db.and_(self.peerShareLinksTable.columns.Configuration == Configuration, self.peerShareLinksTable.columns.Peer == Peer))
+                    )
+
+                conn.execute(
+                    self.peerShareLinksTable.insert().values(
+                        {
+                            "ShareID": newShareID,
+                            "Configuration": Configuration,
+                            "Peer": Peer,
+                            "ExpireDate": ExpireDate
+                        }
+                    )
+                )
+            self.__getSharedLinks()
+            self.wireguardConfigurations.get(Configuration).searchPeer(Peer)[1].getShareLink()
+        except Exception as e:
+            return False, str(e)
+        return True, newShareID
+
+    def updateLinkExpireDate(self, ShareID, ExpireDate: datetime = None) -> tuple[bool, str]:
+        with self.engine.begin() as conn:
+            updated = conn.execute(
+                self.peerShareLinksTable.update().values(
+                    {
+                        "ExpireDate": ExpireDate
+                    }
+                ).returning(self.peerShareLinksTable.c.Configuration, self.peerShareLinksTable.c.Peer)
+                .where(self.peerShareLinksTable.columns.ShareID == ShareID)
+            ).mappings().fetchone()
+        self.__getSharedLinks()
+        self.wireguardConfigurations.get(updated.Configuration).searchPeer(updated.Peer)[1].getShareLink()
+        return True, ""
--- a/src/modules/SystemStatus.py
+++ b/src/modules/SystemStatus.py
@ -0,0 +1,204 @@
+import shutil, subprocess, time, threading, psutil
+from flask import current_app
+
+class SystemStatus:
+    def __init__(self):
+        self.CPU = CPU()
+        self.MemoryVirtual = Memory('virtual')
+        self.MemorySwap = Memory('swap')
+        self.Disks = Disks()
+        self.NetworkInterfaces = NetworkInterfaces()
+        self.Processes = Processes()
+    def toJson(self):
+        process = [
+            threading.Thread(target=self.CPU.getCPUPercent), 
+            threading.Thread(target=self.CPU.getPerCPUPercent),
+            threading.Thread(target=self.NetworkInterfaces.getData)
+        ]
+        for p in process:
+            p.start()
+        for p in process:
+            p.join()
+        
+        
+        return {
+            "CPU": self.CPU,
+            "Memory": {
+                "VirtualMemory": self.MemoryVirtual,
+                "SwapMemory": self.MemorySwap
+            },
+            "Disks": self.Disks,
+            "NetworkInterfaces": self.NetworkInterfaces,
+            "NetworkInterfacesPriority": self.NetworkInterfaces.getInterfacePriorities(),
+            "Processes": self.Processes
+        }
+        
+
+class CPU:
+    def __init__(self):
+        self.cpu_percent: float = 0
+        self.cpu_percent_per_cpu: list[float] = []
+        
+    def getCPUPercent(self):
+        try:
+            self.cpu_percent = psutil.cpu_percent(interval=1)
+        except Exception as e:
+            current_app.logger.error("Get CPU Percent error", e)
+    
+    def getPerCPUPercent(self):
+        try:
+            self.cpu_percent_per_cpu = psutil.cpu_percent(interval=1, percpu=True)
+        except Exception as e:
+            current_app.logger.error("Get Per CPU Percent error", e)
+    
+    def toJson(self):
+        return self.__dict__
+
+class Memory:
+    def __init__(self, memoryType: str):
+        self.__memoryType__ = memoryType
+        self.total = 0
+        self.available = 0
+        self.percent = 0
+    def getData(self):
+        try:
+            if self.__memoryType__ == "virtual":
+                memory = psutil.virtual_memory()
+                self.available = memory.available
+            else:
+                memory = psutil.swap_memory()
+                self.available = memory.free
+            self.total = memory.total
+            
+            self.percent = memory.percent
+        except Exception as e:
+            current_app.logger.error("Get Memory percent error", e)
+    def toJson(self):
+        self.getData()
+        return self.__dict__
+
+class Disks:
+    def __init__(self):
+        self.disks : list[Disk] = []
+    def getData(self):
+        try:
+            self.disks = list(map(lambda x : Disk(x.mountpoint), psutil.disk_partitions()))
+        except Exception as e:
+            current_app.logger.error("Get Disk percent error", e)
+    def toJson(self):
+        self.getData()
+        return self.disks
+
+class Disk:
+    def __init__(self, mountPoint: str):
+        self.total = 0
+        self.used = 0
+        self.free = 0
+        self.percent = 0
+        self.mountPoint = mountPoint
+    def getData(self):
+        try:
+            disk = psutil.disk_usage(self.mountPoint)
+            self.total = disk.total
+            self.free = disk.free
+            self.used = disk.used
+            self.percent = disk.percent
+        except Exception as e:
+            current_app.logger.error("Get Disk percent error", e)
+    def toJson(self):
+        self.getData()
+        return self.__dict__
+    
+class NetworkInterfaces:
+    def __init__(self):
+        self.interfaces = {}
+        
+    def getInterfacePriorities(self):
+        if shutil.which("ip"):
+            result = subprocess.check_output(["ip", "route", "show"]).decode()
+            priorities = {}
+            for line in result.splitlines():
+                if "metric" in line and "dev" in line:
+                    parts = line.split()
+                    dev = parts[parts.index("dev")+1]
+                    metric = int(parts[parts.index("metric")+1])
+                    if dev not in priorities:
+                        priorities[dev] = metric
+            return priorities
+        return {}
+
+    def getData(self):
+        self.interfaces.clear()
+        try:
+            network = psutil.net_io_counters(pernic=True, nowrap=True)
+            for i in network.keys():
+                self.interfaces[i] = network[i]._asdict()
+            time.sleep(1)
+            network = psutil.net_io_counters(pernic=True, nowrap=True)
+            for i in network.keys():
+                self.interfaces[i]['realtime'] = {
+                    'sent': round((network[i].bytes_sent - self.interfaces[i]['bytes_sent']) / 1024 / 1024, 4),
+                    'recv': round((network[i].bytes_recv - self.interfaces[i]['bytes_recv']) / 1024 / 1024, 4)
+                }
+        except Exception as e:
+            current_app.logger.error("Get network error", e)
+
+    def toJson(self):
+        return self.interfaces
+
+class Process:
+    def __init__(self, name, command, pid, percent):
+        self.name = name
+        self.command = command
+        self.pid = pid
+        self.percent = percent
+    def toJson(self):
+        return self.__dict__
+
+class Processes:
+    def __init__(self):
+        self.CPU_Top_10_Processes: list[Process] = []
+        self.Memory_Top_10_Processes: list[Process] = []
+    def getData(self):
+        try:
+            processes = list(psutil.process_iter())
+
+            cpu_processes = []
+            memory_processes = []
+
+            for proc in processes:
+                try:
+                    name = proc.name()
+                    cmdline = " ".join(proc.cmdline())
+                    pid = proc.pid
+                    cpu_percent = proc.cpu_percent()
+                    mem_percent = proc.memory_percent()
+
+                    # Create Process object for CPU and memory tracking
+                    cpu_process = Process(name, cmdline, pid, cpu_percent)
+                    mem_process = Process(name, cmdline, pid, mem_percent)
+
+                    cpu_processes.append(cpu_process)
+                    memory_processes.append(mem_process)
+
+                except (psutil.NoSuchProcess, psutil.AccessDenied, psutil.ZombieProcess):
+                    # Skip processes we can’t access or that no longer exist
+                    continue
+
+            # Sort by CPU and memory usage (descending order)
+            cpu_sorted = sorted(cpu_processes, key=lambda p: p.percent, reverse=True)
+            mem_sorted = sorted(memory_processes, key=lambda p: p.percent, reverse=True)
+
+            # Get top 20 processes for each
+            self.CPU_Top_10_Processes = cpu_sorted[:20]
+            self.Memory_Top_10_Processes = mem_sorted[:20]
+
+        except Exception as e:
+            current_app.logger.error("Get processes error", e)
+
+    def toJson(self):
+        self.getData()
+        return {
+            "cpu_top_10": self.CPU_Top_10_Processes,
+            "memory_top_10": self.Memory_Top_10_Processes
+        }
--- a/src/modules/Utilities.py
+++ b/src/modules/Utilities.py
@ -0,0 +1,104 @@
+import re, ipaddress
+import subprocess
+
+
+def RegexMatch(regex, text) -> bool:
+    """
+    Regex Match
+    @param regex: Regex patter
+    @param text: Text to match
+    @return: Boolean indicate if the text match the regex pattern
+    """
+    pattern = re.compile(regex)
+    return pattern.search(text) is not None
+
+def GetRemoteEndpoint() -> str:
+    """
+    Using socket to determine default interface IP address. Thanks, @NOXICS
+    @return: 
+    """
+    import socket
+    with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as s:
+        s.connect(("1.1.1.1", 80))  # Connecting to a public IP
+        wgd_remote_endpoint = s.getsockname()[0]
+        return str(wgd_remote_endpoint)
+
+
+def StringToBoolean(value: str):
+    """
+    Convert string boolean to boolean
+    @param value: Boolean value in string came from Configuration file
+    @return: Boolean value
+    """
+    return (value.strip().replace(" ", "").lower() in 
+            ("yes", "true", "t", "1", 1))
+
+def ValidateIPAddressesWithRange(ips: str) -> bool:
+    s = ips.replace(" ", "").split(",")
+    for ip in s:
+        try:
+            ipaddress.ip_network(ip)
+        except ValueError as e:
+            return False
+    return True
+
+def ValidateIPAddresses(ips) -> bool:
+    s = ips.replace(" ", "").split(",")
+    for ip in s:
+        try:
+            ipaddress.ip_address(ip)
+        except ValueError as e:
+            return False
+    return True
+
+def ValidateDNSAddress(addresses) -> tuple[bool, str]:
+    s = addresses.replace(" ", "").split(",")
+    for address in s:
+        if not ValidateIPAddresses(address) and not RegexMatch(
+                r"(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z][a-z]{0,61}[a-z]", address):
+            return False, f"{address} does not appear to be an valid DNS address"
+    return True, ""
+
+def ValidateEndpointAllowedIPs(IPs) -> tuple[bool, str] | tuple[bool, None]:
+    ips = IPs.replace(" ", "").split(",")
+    for ip in ips:
+        try:
+            ipaddress.ip_network(ip, strict=False)
+        except ValueError as e:
+            return False, str(e)
+    return True, None
+
+def GenerateWireguardPublicKey(privateKey: str) -> tuple[bool, str] | tuple[bool, None]:
+    try:
+        publicKey = subprocess.check_output(f"wg pubkey", input=privateKey.encode(), shell=True,
+                                            stderr=subprocess.STDOUT)
+        return True, publicKey.decode().strip('\n')
+    except subprocess.CalledProcessError:
+        return False, None
+    
+def GenerateWireguardPrivateKey() -> tuple[bool, str] | tuple[bool, None]:
+    try:
+        publicKey = subprocess.check_output(f"wg genkey", shell=True,
+                                            stderr=subprocess.STDOUT)
+        return True, publicKey.decode().strip('\n')
+    except subprocess.CalledProcessError:
+        return False, None
+    
+def ValidatePasswordStrength(password: str) -> tuple[bool, str] | tuple[bool, None]:
+    # Rules:
+    #     - Must be over 8 characters & numbers
+    #     - Must contain at least 1 Uppercase & Lowercase letters
+    #     - Must contain at least 1 Numbers (0-9)
+    #     - Must contain at least 1 special characters from $&+,:;=?@#|'<>.-^*()%!~_-
+    if len(password) < 8:
+        return False, "Password must be 8 characters or more"
+    if not re.search(r'[a-z]', password):
+        return False, "Password must contain at least 1 lowercase character"
+    if not re.search(r'[A-Z]', password):
+        return False, "Password must contain at least 1 uppercase character"
+    if not re.search(r'\d', password):
+        return False, "Password must contain at least 1 number"
+    if not re.search(r'[$&+,:;=?@#|\'<>.\-^*()%!~_-]', password):
+        return False, "Password must contain at least 1 special character from $&+,:;=?@#|'<>.-^*()%!~_-"
+    
+    return True, None
--- a/src/modules/WireguardConfiguration.py
+++ b/src/modules/WireguardConfiguration.py
--- a/src/modules/WireguardConfigurationInfo.py
+++ b/src/modules/WireguardConfigurationInfo.py
@ -0,0 +1,23 @@
+from pydantic import BaseModel
+
+class OverridePeerSettingsClass(BaseModel):
+    DNS: str = ''
+    EndpointAllowedIPs: str = ''
+    MTU: str | int = ''
+    PersistentKeepalive: int | str = ''
+    PeerRemoteEndpoint: str = ''
+    ListenPort: int | str = ''
+    
+class PeerGroupsClass(BaseModel):
+    GroupName: str = ''
+    Description: str = ''
+    BackgroundColor: str = ''
+    Icon: str = ''
+    Peers: list[str] = []
+
+class WireguardConfigurationInfo(BaseModel):
+    Description: str = ''
+    OverridePeerSettings: OverridePeerSettingsClass = OverridePeerSettingsClass(**{})
+    PeerGroups: dict[str, PeerGroupsClass] = {}
+    PeerTrafficTracking: bool = True
+    PeerHistoricalEndpointTracking: bool = True
--- a/src/requirements.txt
+++ b/src/requirements.txt
@ -1,8 +1,17 @@
-bcrypt
-ifcfg
-psutil
-pyotp
-Flask
-flask-cors
-icmplib
-gunicorn
+bcrypt==5.0.0
+ifcfg==0.24
+psutil==7.1.3
+pyotp==2.9.0
+Flask==3.1.2
+flask-cors==6.0.1
+icmplib==3.0.4
+gunicorn==23.0.0
+requests==2.32.5
+tcconfig==0.30.1
+sqlalchemy==2.0.44
+sqlalchemy_utils==0.42.0
+psycopg[binary]==3.3.2
+PyMySQL==1.1.2
+tzlocal==5.3.1
+python-jose==3.5.0
+pydantic==2.12.5
--- a/src/static/app/build.sh
+++ b/src/static/app/build.sh
@ -0,0 +1,27 @@
+#!/bin/bash
+echo "Running vite build..."
+if vite build; then
+  echo "Vite build successful."
+else
+  echo "Vite build failed. Exiting."
+  exit 1
+fi
+echo "Checking for changes to commit..."
+if git diff-index --quiet HEAD --; then
+  
+  if git commit -a; then
+      echo "Git commit successful."
+    else
+      echo "Git commit failed. Exiting."
+      exit 1
+    fi
+else
+  echo "No changes to commit. Skipping commit."
+fi
+echo "Pushing changes to remote..."
+if git push; then
+  echo "Git push successful."
+else
+  echo "Git push failed. Exiting."
+  exit 1
+fi
--- a/src/static/app/dist/assets/bootstrap-icons.woff
+++ b/src/static/app/dist/assets/bootstrap-icons.woff
--- a/src/static/app/dist/assets/bootstrap-icons.woff2
+++ b/src/static/app/dist/assets/bootstrap-icons.woff2
--- a/src/static/app/dist/assets/index.css
+++ b/src/static/app/dist/assets/index.css
--- a/src/static/app/dist/assets/index.js
+++ b/src/static/app/dist/assets/index.js
--- a/src/static/app/dist/favicon.png
+++ b/src/static/app/dist/favicon.png
--- a/src/static/app/dist/index.html
+++ b/src/static/app/dist/index.html
@ -1,14 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-  <head>
-    <meta charset="UTF-8">
-    <link rel="icon" href="/static/app/dist/favicon.png">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>WGDashboard</title>
-    <script type="module" crossorigin src="/static/app/dist/assets/index.js"></script>
-    <link rel="stylesheet" crossorigin href="/static/app/dist/assets/index.css">
-  </head>
-  <body>
-    <div id="app" class="w-100 vh-100"></div>
-  </body>
-</html>
--- a/src/static/app/index.html
+++ b/src/static/app/index.html
@ -2,12 +2,18 @@
 <html lang="en">
 	<head>
 		<meta charset="UTF-8">
-    <link rel="icon" href="/favicon.png">
+		<meta name="mobile-web-app-capable" content="yes">
+		<meta name="apple-mobile-web-app-capable" content="yes">
+		<meta name="application-name" content="WGDashboard">
+		<meta name="apple-mobile-web-app-title" content="WGDashboard">
+		<link rel="manifest" href="/json/manifest.json">
+		<link rel="icon" href="/img/Logo-2-512x512.png">
 		<meta name="viewport" content="width=device-width, initial-scale=1.0">
 		<title>WGDashboard</title>
 	</head>
 	<body>
-    <div id="app" class="w-100 vh-100"></div>
+		<div id="app"></div>
+
 		<script type="module" src="./src/main.js"></script>
 	</body>
 </html>
--- a/src/static/app/package-lock.json
+++ b/src/static/app/package-lock.json
--- a/src/static/app/package.json
+++ b/src/static/app/package.json
@ -1,38 +1,46 @@
 {
  "name": "app",
-  "version": "4.0.0",
+  "version": "4.3.1",
  "private": true,
  "type": "module",
+  "module": "es2022",
  "scripts": {
    "dev": "vite",
-    "build": "vite build",
-    "build electron": "vite build && vite build --mode electron && cd ../../../../WGDashboard-Desktop && electron-builder",
+    "build": "vite build --emptyOutDir",
+    "buildcommitpush": "./build.sh",
+    "build electron": "vite build --emptyOutDir && vite build --mode electron && cd ../../../../WGDashboard-Desktop && /opt/homebrew/bin/npm run \"electron dist\"",
    "preview": "vite preview"
  },
  "dependencies": {
-    "@vuepic/vue-datepicker": "^9.0.1",
-    "@vueuse/core": "^10.9.0",
-    "@vueuse/shared": "^10.9.0",
+    "@volar/language-server": "2.4.26",
+    "@vue/language-server": "3.1.8",
+    "@vuepic/vue-datepicker": "^12.1.0",
+    "@vueuse/core": "^14.0.0",
+    "@vueuse/shared": "^14.1.0",
    "animate.css": "^4.1.1",
    "bootstrap": "^5.3.2",
-    "bootstrap-icons": "^1.11.2",
-    "cidr-tools": "^7.0.4",
+    "bootstrap-icons": "^1.11.3",
+    "cidr-tools": "^11.0.3",
+    "css-color-converter": "^2.0.0",
    "dayjs": "^1.11.12",
-    "electron-builder": "^24.13.3",
+    "electron-builder": "^26.0.12",
    "fuse.js": "^7.0.0",
    "i": "^0.3.7",
-    "is-cidr": "^5.0.3",
-    "npm": "^10.5.0",
-    "pinia": "^2.1.7",
+    "is-cidr": "^6.0.1",
+    "npm": "^11.6.4",
+    "ol": "^10.7.0",
+    "pinia": "^3.0.3",
+    "pinia-plugin-persistedstate": "^4.7.1",
    "qrcode": "^1.5.3",
    "qrcodejs": "^1.0.0",
-    "uuid": "^9.0.1",
-    "vue": "^3.4.29",
+    "simple-code-editor": "^2.0.9",
+    "uuid": "^13.0.0",
+    "vue": "^3.5.24",
    "vue-chartjs": "^5.3.0",
-    "vue-router": "^4.2.5"
+    "vue-router": "^4.6.3"
  },
  "devDependencies": {
-    "@vitejs/plugin-vue": "^5.0.0",
-    "vite": "^5.0.10"
+    "@vitejs/plugin-vue": "^6.0.0",
+    "vite": "^7.2.2"
  }
 }
--- a/src/static/app/public/favicon.png
+++ b/src/static/app/public/favicon.png
--- a/src/static/app/public/img/Logo-1-128x128.png
+++ b/src/static/app/public/img/Logo-1-128x128.png
--- a/src/static/app/public/img/Logo-1-256x256.png
+++ b/src/static/app/public/img/Logo-1-256x256.png
--- a/src/static/app/public/img/Logo-1-384x384.png
+++ b/src/static/app/public/img/Logo-1-384x384.png
--- a/src/static/app/public/img/Logo-1-512x512.png
+++ b/src/static/app/public/img/Logo-1-512x512.png
--- a/src/static/app/public/img/Logo-1-Maskable-512x512.png
+++ b/src/static/app/public/img/Logo-1-Maskable-512x512.png
--- a/src/static/app/public/img/Logo-1-Rounded-128x128.png
+++ b/src/static/app/public/img/Logo-1-Rounded-128x128.png
--- a/src/static/app/public/img/Logo-1-Rounded-256x256.png
+++ b/src/static/app/public/img/Logo-1-Rounded-256x256.png
--- a/src/static/app/public/img/Logo-1-Rounded-384x384.png
+++ b/src/static/app/public/img/Logo-1-Rounded-384x384.png
--- a/src/static/app/public/img/Logo-1-Rounded-512x512.png
+++ b/src/static/app/public/img/Logo-1-Rounded-512x512.png
--- a/src/static/app/public/img/Logo-2-128x128.png
+++ b/src/static/app/public/img/Logo-2-128x128.png
--- a/src/static/app/public/img/Logo-2-256x256.png
+++ b/src/static/app/public/img/Logo-2-256x256.png
--- a/src/static/app/public/img/Logo-2-384x384.png
+++ b/src/static/app/public/img/Logo-2-384x384.png
--- a/src/static/app/public/img/Logo-2-512x512.png
+++ b/src/static/app/public/img/Logo-2-512x512.png
--- a/src/static/app/public/img/Logo-2-Rounded-128x128.png
+++ b/src/static/app/public/img/Logo-2-Rounded-128x128.png
--- a/src/static/app/public/img/Logo-2-Rounded-256x256.png
+++ b/src/static/app/public/img/Logo-2-Rounded-256x256.png
--- a/src/static/app/public/img/Logo-2-Rounded-384x384.png
+++ b/src/static/app/public/img/Logo-2-Rounded-384x384.png
--- a/src/static/app/public/img/Logo-2-Rounded-512x512.png
+++ b/src/static/app/public/img/Logo-2-Rounded-512x512.png
--- a/src/static/app/public/json/manifest.json
+++ b/src/static/app/public/json/manifest.json
@ -0,0 +1,48 @@
+{
+    "theme_color": "#343a40",
+    "background_color": "#343a40",
+    "display": "fullscreen",
+    "scope": "/",
+    "start_url": "/",
+    "name": "WGDashboard",
+    "short_name": "WGDashboard",
+    "screenshots": [
+        {
+            "src": "https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/sign-in.png",
+            "sizes": "2880x1826",
+            "type": "image/png",
+            "form_factor": "wide"
+        },
+        {
+            "src": "https://wgdashboard-resources.tor1.cdn.digitaloceanspaces.com/Documentation%20Images/index.png",
+            "sizes": "2880x1826",
+            "type": "image/png"
+        }
+    ],
+    "icons": [
+        {
+            "src": "../img/Logo-2-Rounded-128x128.png",
+            "sizes": "128x128",
+            "type": "image/png",
+            "purpose": "any"
+        },
+        {
+            "src": "../img/Logo-2-Rounded-256x256.png",
+            "sizes": "256x256",
+            "type": "image/png",
+            "purpose": "any"
+        },
+        {
+            "src": "../img/Logo-2-Rounded-384x384.png",
+            "sizes": "384x384",
+            "type": "image/png",
+            "purpose": "any"
+        },
+        {
+            "src": "../img/Logo-2-Rounded-512x512.png",
+            "sizes": "512x512",
+            "type": "image/png",
+            "purpose": "any"
+        }
+    ]
+}
--- a/src/static/app/src/App.vue
+++ b/src/static/app/src/App.vue
@ -1,72 +1,75 @@
-<script setup>
-import { RouterView } from 'vue-router'
+<script setup async>
+import {RouterView, useRoute} from 'vue-router'
 import {DashboardConfigurationStore} from "@/stores/DashboardConfigurationStore.js";
 import {computed, watch} from "vue";
 const store = DashboardConfigurationStore();
+import "@/utilities/wireguard.js"
+import {fetchGet} from "@/utilities/fetch.js";
 store.initCrossServerConfiguration();
 if (window.IS_WGDASHBOARD_DESKTOP){
 	store.IsElectronApp = true;
 	store.CrossServerConfiguration.Enable = true;
+	if (store.ActiveServerConfiguration){
+		fetchGet("/api/locale", {}, (res) => {
+			store.Locale = res.data
+		})
+	}
+}else{
+	fetchGet("/api/locale", {}, (res) => {
+		store.Locale = res.data
+	})
 }
-
 watch(store.CrossServerConfiguration, () => {
 	store.syncCrossServerConfiguration()
 }, {
 	deep: true
 });
-
-const getActiveCrossServer = computed(() => {
-	if (store.ActiveServerConfiguration){
-		return store.CrossServerConfiguration.ServerList[store.ActiveServerConfiguration]
-	}
-	return undefined
-})
+const route = useRoute()

 </script>

 <template>
-	<nav class="navbar bg-dark sticky-top" data-bs-theme="dark">
+	<div class="h-100 bg-body" :data-bs-theme="store.Configuration?.Server.dashboard_theme">
+		<div style="z-index: 9999; height: 5px" class="position-absolute loadingBar top-0 start-0"></div>
+		<nav class="navbar bg-dark sticky-top" data-bs-theme="dark" v-if="!route.meta.hideTopNav">
 			<div class="container-fluid d-flex text-body align-items-center">
-			<span class="navbar-brand mb-0 h1">WGDashboard</span>
-			<small class="ms-auto text-muted" v-if="getActiveCrossServer !== undefined">
-				<i class="bi bi-server me-2"></i>{{getActiveCrossServer.host}}
-			</small>
+				<RouterLink to="/" class="navbar-brand mb-0 h1">
+					<img src="/img/Logo-2-Rounded-512x512.png" alt="WGDashboard Logo" style="width: 32px">
+				</RouterLink>
 				<a role="button" class="navbarBtn text-body"
 				   @click="store.ShowNavBar = !store.ShowNavBar"
 				   style="line-height: 0; font-size: 2rem">
-				<i class="bi bi-list"></i></a>
+					<Transition name="fade2" mode="out-in">
+						<i class="bi bi-list" v-if="!store.ShowNavBar"></i>
+						<i class="bi bi-x-lg" v-else></i>
+					</Transition>
+				</a>
 			</div>
 		</nav>
 		<Suspense>
 			<RouterView v-slot="{ Component }">
-			<Transition name="app" mode="out-in">
+				<Transition name="app" mode="out-in" type="transition" appear>
 					<Component :is="Component"></Component>
 				</Transition>
 			</RouterView>
 		</Suspense>
+	</div>
 </template>

 <style scoped>
 .app-enter-active,
 .app-leave-active {
-	transition: all 0.3s cubic-bezier(0.82, 0.58, 0.17, 0.9);
+	transition: all 0.7s cubic-bezier(0.82, 0.58, 0.17, 1);
 }
-
-.app-enter-from{
-	transform: translateY(20px);
-	opacity: 0;
-}
-
+.app-enter-from,
 .app-leave-to{
-	transform: translateY(-20px);
 	opacity: 0;
+	transform: scale(1.05);
+	filter: blur(8px);
 }
-
@media screen and (min-width: 768px) {
-	.navbarBtn{
+	.navbar{
 		display: none;
 	}
 }
-
-
 </style>
--- a/src/static/app/src/components/clientComponents/availablePeersGroup.vue
+++ b/src/static/app/src/components/clientComponents/availablePeersGroup.vue
@ -0,0 +1,96 @@
+<script setup lang="ts">
+import {computed, ref} from "vue";
+import {DashboardClientAssignmentStore} from "@/stores/DashboardClientAssignmentStore.js";
+import LocaleText from "@/components/text/localeText.vue";
+
+const props = defineProps(['configuration', 'peers', 'clientAssignedPeers', 'availablePeerSearchString'])
+const emits = defineEmits(['assign', 'unassign'])
+const assignmentStore = DashboardClientAssignmentStore()
+const available = computed(() => {
+	if (props.clientAssignedPeers){
+		if (Object.keys(props.clientAssignedPeers).includes(props.configuration)){
+			return props.peers.filter(
+				x => {
+					return !props.clientAssignedPeers[props.configuration].map(
+						x => x.id
+					).includes(x.id) &&
+						(!props.availablePeerSearchString ||
+							(props.availablePeerSearchString &&
+								(x.id.includes(props.availablePeerSearchString) || x.name.includes(props.availablePeerSearchString))))
+				}
+			)
+		}
+	}
+	return props.availablePeerSearchString ? props.peers.filter(
+		x => x.id.includes(props.availablePeerSearchString) || x.name.includes(props.availablePeerSearchString)
+	) : props.peers
+})
+const confirmDelete = ref(false)
+const collapse = ref(false)
+</script>
+
+<template>
+	<div class="card rounded-0 border-0">
+		<div
+			@click="collapse = !collapse"
+			role="button"
+			class="card-header rounded-0 sticky-top  bg-body-secondary border-0 border-bottom text-white d-flex">
+			<small><samp>{{ configuration }}</samp></small>
+			<a role="button" class="ms-auto text-white" >
+				<i class="bi bi-chevron-compact-down" v-if="collapse"></i>
+				<i class="bi bi-chevron-compact-up" v-else></i>
+			</a>
+		</div>
+		<div class="card-body p-0" v-if="!collapse">
+			<div class="list-group list-group-flush" >
+				<div
+					class="list-group-item d-flex border-bottom list-group-item-action d-flex align-items-center gap-3"
+					:key="peer.id"
+					v-for="peer in available" >
+					<div v-if="!confirmDelete">
+						<small class="text-body">
+							<RouterLink
+								class="text-decoration-none"
+								target="_blank"
+								:to="'/configuration/' + configuration +'/peers?id=' + encodeURIComponent(peer.id)">
+								<samp>{{ peer.id }}</samp>
+							</RouterLink>
+						</small><br>
+						<small class="text-muted">
+							{{ peer.name ? peer.name : 'Untitled Peer'}}
+						</small>
+					</div>
+					<div v-else>
+						<small class="text-body">
+							<LocaleText t="Are you sure to remove this peer?"></LocaleText>
+						</small><br>
+						<small class="text-muted">
+							<samp>{{ peer.id }}</samp>
+						</small>
+					</div>
+					<template v-if="clientAssignedPeers">
+						<button
+							@click="emits('assign', peer.id)"
+							:class="{disabled: assignmentStore.assigning}"
+							class="btn bg-success-subtle text-success-emphasis ms-auto">
+							<i class="bi bi-plus-circle-fill" ></i>
+						</button>
+					</template>
+					<button
+						v-else
+						@click="emits('unassign', peer.assignment_id)"
+						:class="{disabled: assignmentStore.unassigning}"
+						aria-label="Delete Assignment"
+						class="btn bg-danger-subtle text-danger-emphasis ms-auto">
+						<i class="bi bi-trash-fill"></i>
+					</button>
+				</div>
+			</div>
+
+		</div>
+	</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/clientComponents/clientAssignedPeers.vue
+++ b/src/static/app/src/components/clientComponents/clientAssignedPeers.vue
@ -0,0 +1,109 @@
+<script setup lang="ts" async>
+import {onMounted, ref, watch, watchEffect} from "vue";
+import { fetchGet } from "@/utilities/fetch.js"
+import {DashboardClientAssignmentStore} from "@/stores/DashboardClientAssignmentStore.js";
+import AvailablePeersGroup from "@/components/clientComponents/availablePeersGroup.vue";
+import LocaleText from "@/components/text/localeText.vue";
+const props = defineProps(['client', 'clientAssignedPeers'])
+const loading = ref(false)
+const assignmentStore = DashboardClientAssignmentStore()
+const manage = ref(false)
+const emits = defineEmits(['refresh'])
+
+const assign = async (ConfigurationName, Peer, ClientID) => {
+	await assignmentStore.assignClient(ConfigurationName, Peer, ClientID, false)
+	emits('refresh')
+}
+
+const unassign = async (AssignmentID) => {
+	await assignmentStore.unassignClient(undefined, undefined, AssignmentID)
+	emits('refresh')
+}
+
+const availablePeerSearchString = ref("")
+
+</script>
+
+<template>
+<div>
+	<div class="d-flex rounded-0 border-0 flex-column d-flex flex-column border-bottom pb-1" v-if="!loading">
+		<div class="d-flex flex-column p-3 gap-3">
+			<div class="d-flex align-items-center">
+				<h6 class="mb-0">
+					<LocaleText t="Assigned Peers"></LocaleText>
+					<span class="text-bg-primary badge ms-2">
+						{{ Object.keys(clientAssignedPeers).length }} <LocaleText :t="Object.keys(clientAssignedPeers).length > 1 ? 'Configurations' : 'Configuration'"></LocaleText>
+					</span>
+					<span class="text-bg-info badge ms-2">
+						{{ Object.values(clientAssignedPeers).flat().length }} <LocaleText :t="Object.values(clientAssignedPeers).flat().length > 1 ? 'Peers' : 'Peer'"></LocaleText>
+					</span>
+				</h6>
+				<button class="btn btn-sm bg-primary-subtle text-primary-emphasis rounded-3 ms-auto"
+						@click="manage = !manage">
+					<template v-if="!manage">
+						<i class="bi bi-list-check me-2"></i>
+						<LocaleText t="Manage"></LocaleText>
+					</template>
+					<template v-else>
+						<i class="bi bi-check me-2"></i>
+						<LocaleText t="Done"></LocaleText>
+					</template>
+				</button>
+			</div>
+			<div class="rounded-3 availablePeers border h-100 overflow-scroll flex-grow-1 d-flex flex-column">
+				<AvailablePeersGroup
+					:configuration="configuration"
+					:peers="peers"
+					@unassign="async (id) => await unassign(id)"
+					v-for="(peers, configuration) in clientAssignedPeers">
+				</AvailablePeersGroup>
+				<h6 class="text-muted m-auto p-3" v-if="Object.keys(clientAssignedPeers).length === 0">
+					<LocaleText t="No peer assigned to this client"></LocaleText>
+				</h6>
+			</div>
+		</div>
+		<div style="height: 500px" class="d-flex flex-column p-3" v-if="manage">
+			<div class="availablePeers border h-100 card rounded-3">
+				<div class="card-header sticky-top p-3">
+					<h6 class="mb-0 d-flex align-items-center">
+						<LocaleText t="Available Peers"></LocaleText>
+					</h6>
+				</div>
+				<div class="card-body p-0 overflow-scroll">
+					<AvailablePeersGroup
+						:availablePeerSearchString="availablePeerSearchString"
+						:configuration="configuration"
+						:clientAssignedPeers="clientAssignedPeers"
+						:peers="peers"
+						:key="configuration"
+						@assign="async (id) => await assign(configuration, id, props.client.ClientID)"
+						v-for="(peers, configuration) in assignmentStore.allConfigurationsPeers">
+					</AvailablePeersGroup>
+					<h6 class="text-muted m-auto" v-if="Object.keys(assignmentStore.allConfigurationsPeers).length === 0">
+						<LocaleText t="No peer is available to assign"></LocaleText>
+					</h6>
+				</div>
+				<div class="card-footer d-flex gap-2 p-3 align-items-center justify-content-end">
+					<label for="availablePeerSearchString">
+						<i class="bi bi-search me-2"></i>
+					</label>
+					<input
+						id="availablePeerSearchString"
+						v-model="availablePeerSearchString"
+						class="form-control form-control-sm rounded-3 w-auto" type="text">
+				</div>
+			</div>
+		</div>
+	</div>
+	<div v-else>
+		<div class="p-3 placeholder-glow border-bottom">
+			<h6 class="placeholder w-100 rounded-3"></h6>
+			<div class="placeholder w-100 rounded-3" style="height: 400px"></div>
+		</div>
+	</div>
+</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/clientComponents/clientDelete.vue
+++ b/src/static/app/src/components/clientComponents/clientDelete.vue
@ -0,0 +1,62 @@
+<script setup lang="ts">
+import LocaleText from "@/components/text/localeText.vue";
+import { fetchPost } from "@/utilities/fetch"
+import {ref} from "vue";
+import { DashboardConfigurationStore } from "@/stores/DashboardConfigurationStore.js"
+
+const props = defineProps(['client'])
+const deleting = ref(false)
+const confirmDelete = ref(false)
+const emits = defineEmits(['refresh'])
+const dashboardConfigurationStore = DashboardConfigurationStore()
+const deleteClient = async () => {
+	deleting.value = true
+	await fetchPost("/api/clients/deleteClient", {
+		ClientID: props.client.ClientID
+	}, (res) => {
+		deleting.value = false
+		if (res.status){
+			emits("deleteSuccess")
+			dashboardConfigurationStore.newMessage("Server", "Delete client successfully", "success")
+		}else {
+			dashboardConfigurationStore.newMessage("Server", "Failed to delete client", "danger")
+		}
+	})
+}
+</script>
+
+<template>
+	<div class="p-3 d-flex gap-3 flex-column border-bottom">
+		<div class="d-flex align-items-center gap-2">
+			<h6 class="mb-0">
+				<LocaleText t="Delete Client" v-if="!confirmDelete"></LocaleText>
+				<LocaleText t="Are you sure to delete this client?" v-else></LocaleText>
+			</h6>
+			<button class="btn btn-sm bg-danger-subtle text-danger-emphasis rounded-3 ms-auto"
+					v-if="!confirmDelete"
+					@click="confirmDelete = true"
+			>
+				<i class="bi bi-trash-fill me-2"></i>
+				<LocaleText t="Delete"></LocaleText>
+			</button>
+
+			<template v-if="confirmDelete">
+				<button
+					@click="deleteClient"
+					class="btn btn-sm bg-danger-subtle text-danger-emphasis rounded-3 ms-auto">
+					<i class="bi bi-trash-fill me-2"></i>
+					<LocaleText t="Yes"></LocaleText>
+				</button>
+				<button class="btn btn-sm bg-secondary-subtle text-secondary-emphasis rounded-3"
+						v-if="confirmDelete" @click="confirmDelete = false">
+					<i class="bi bi-x-lg me-2"></i>
+					<LocaleText t="No"></LocaleText>
+				</button>
+			</template>
+		</div>
+	</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/clientComponents/clientGroup.vue
+++ b/src/static/app/src/components/clientComponents/clientGroup.vue
@ -0,0 +1,57 @@
+<script setup lang="ts">
+import {computed, onMounted} from "vue";
+import LocaleText from "@/components/text/localeText.vue";
+import {useRoute} from "vue-router";
+
+const props = defineProps(['groupName', 'clients', 'searchString'])
+
+const getClients = computed(() => {
+	const s = props.searchString.toLowerCase()
+	if (!props.searchString){
+		return props.clients
+	}
+	return props.clients.filter(
+		x =>
+			(x.ClientID && x.ClientID.toLowerCase().includes(s)) || 
+			(x.Email && x.Email.toLowerCase().includes(s) || 
+				(x.Name && x.Name.toLowerCase().includes(s)))
+	)
+})
+const route = useRoute()
+onMounted(() => {
+	document.querySelector(".clientList .active")?.scrollIntoView()
+})
+</script>
+
+<template>
+	<div class="card rounded-0 border-0">
+		<div class="card-header d-flex align-items-center rounded-0">
+			<h6 class="my-2">{{ groupName }}</h6>
+			<span class="badge text-bg-primary ms-auto">
+				<LocaleText :t="getClients.length + ' Client' + (getClients.length > 1 ? 's': '')"></LocaleText>
+			</span>
+		</div>
+		<div class="card-body p-0">
+			<div class="list-group list-group-flush clientList">
+				<RouterLink
+					:key="client.ClientID"
+					:id="'client_' + client.ClientID"
+					active-class="active"
+					:to="{ name: 'Client Viewer', params: { id: client.ClientID } }"
+					class="list-group-item d-flex flex-column border-bottom list-group-item-action client"
+				    v-for="client in getClients" >
+					<small class="text-body">
+						{{ client.Email }}
+					</small>
+					<small class="text-muted">
+						{{ client.Name ? client.Name : 'No Name'}}
+					</small>
+				</RouterLink>
+			</div>
+		</div>
+	</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/clientComponents/clientProfile.vue
+++ b/src/static/app/src/components/clientComponents/clientProfile.vue
@ -0,0 +1,11 @@
+<script setup lang="ts">
+
+</script>
+
+<template>
+
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/clientComponents/clientResetPassword.vue
+++ b/src/static/app/src/components/clientComponents/clientResetPassword.vue
@ -0,0 +1,96 @@
+<script setup lang="ts">
+import LocaleText from "@/components/text/localeText.vue";
+import { fetchGet, fetchPost } from "@/utilities/fetch.js"
+import {ref} from "vue";
+import {DashboardConfigurationStore } from "@/stores/DashboardConfigurationStore.js"
+import {useRouter} from "vue-router";
+const props = defineProps(['client'])
+
+
+const alert = ref(false)
+const alertStatus = ref(false)
+const alertMessage = ref(false)
+const resetting = ref(false)
+const store = DashboardConfigurationStore();
+const router = useRouter()
+
+const getUrl = (token) => {
+	const crossServer = store.getActiveCrossServer();
+	if(crossServer){
+		return new URL('/client/#/reset_password?token=' + token, crossServer.host).href
+	}
+	return new URL('/client/#/reset_password?token=' + token, window.location.href).href
+}
+
+const sendResetLink = async () => {
+	resetting.value = true
+	let smtpReady = false;
+	let token = undefined;
+	await fetchPost('/api/clients/generatePasswordResetLink', {
+		ClientID: props.client.ClientID
+	},async (res) => {
+		if (res.status){
+			token = res.data
+			alertStatus.value = true
+			await fetchGet('/api/email/ready', {}, (res) => {
+				smtpReady = res.status
+			});
+			if (smtpReady){
+				let body = {
+					"Receiver": props.client.Email,
+					"Subject": "[WGDashboard | Client] Reset Password",
+					"Body":
+						`Hi${props.client.Name ? ' ' + props.client.Name: ''},\n\nWe received a request to reset the password for your account. You can reset your password by visiting the link below:\n\n${getUrl(token)}\n\nThis link will expire in 30 minutes for your security. If you didn’t request a password reset, you can safely ignore this email—your current password will remain unchanged.\n\nIf you need help, feel free to contact support.\n\nBest regards,\nWGDashboard`
+				}
+				await fetchPost('/api/email/send', body, (res) => {
+					if (res.status){
+						alertMessage.value = `Send email success.`
+						alert.value = true;
+					}else{
+						alertMessage.value = `Send email failed.`
+						alertStatus.value = false;
+						alert.value = true;
+					}
+				});
+			}else{
+				alertMessage.value = `Please share this URL to your client to reset the password: ${getUrl(token)}`
+				alert.value = true;
+
+			}
+		}else{
+			alertStatus.value = false
+			alertMessage.value = res.message
+			alert.value = true
+		}
+	})
+	resetting.value = false;
+}
+
+</script>
+
+<template>
+<div class="p-3 d-flex gap-3 flex-column border-bottom">
+	<div class="d-flex align-items-center">
+		<h6 class="mb-0">
+			<LocaleText t="Reset Password"></LocaleText>
+		</h6>
+		<button class="btn btn-sm bg-primary-subtle text-primary-emphasis rounded-3 ms-auto"
+			@click="sendResetLink()"
+				:class="{disabled: resetting}"
+		>
+			<i class="bi bi-send me-2"></i>
+			<LocaleText t="Send Password Reset Link" v-if="!resetting"></LocaleText>
+			<LocaleText t="Sending..." v-else></LocaleText>
+		</button>
+	</div>
+	<div class="alert rounded-3 mb-0"
+		 :class="[alertStatus ? 'alert-success' : 'alert-danger']"
+		 v-if="alert">
+		{{ alertMessage }}
+	</div>
+</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/clientComponents/clientSettingComponents/oidcSettings.vue
+++ b/src/static/app/src/components/clientComponents/clientSettingComponents/oidcSettings.vue
@ -0,0 +1,63 @@
+<script setup lang="ts">
+import {ref} from "vue"
+import LocaleText from "@/components/text/localeText.vue";
+import { fetchGet } from "@/utilities/fetch.js"
+import { DashboardConfigurationStore } from "@/stores/DashboardConfigurationStore"
+
+const props = defineProps(['mode'])
+const dashboardConfigurationStore = DashboardConfigurationStore()
+const oidcStatus = ref(false)
+const oidcStatusLoading = ref(false)
+
+const getStatus = async () => {
+	await fetchGet("/api/oidc/status", {
+		mode: props.mode
+	}, (res) => {
+		oidcStatus.value = res.data
+		oidcStatusLoading.value = false
+	})
+}
+await getStatus()
+const toggle = async () => {
+	oidcStatusLoading.value = true
+	await fetchGet('/api/oidc/toggle', {
+		mode: props.mode
+	}, (res) => {
+		if (!res.status){
+			oidcStatus.value = !oidcStatus.value
+			dashboardConfigurationStore.newMessage("Server", res.message, "danger")
+		}
+		oidcStatusLoading.value = false
+	})
+}
+</script>
+
+<template>
+<div class="d-flex flex-column gap-2">
+	<div class="d-flex align-items-center">
+		<h6 class="mb-0">
+			<LocaleText t="OpenID Connect (OIDC)"></LocaleText>
+		</h6>
+		<div class="form-check form-switch ms-auto">
+			<label class="form-check-label" for="oidc_switch">
+				<LocaleText :t="oidcStatus ? 'Enabled':'Disabled'"></LocaleText>
+			</label>
+			<input
+				:disabled="oidcStatusLoading"
+				v-model="oidcStatus"
+				@change="toggle()"
+				class="form-check-input" type="checkbox" role="switch" id="oidc_switch">
+		</div>
+	</div>
+<!--	<div>-->
+<!--		<div class="alert alert-dark rounded-3 mb-0">-->
+<!--			<LocaleText t="Due to security reason, in order to edit OIDC configuration, you will need to edit "></LocaleText>-->
+<!--			<code>wg-dashboard-oidc-providers.json</code> <LocaleText t="directly, then restart WGDashboard to apply the latest settings."></LocaleText>-->
+<!--		</div>-->
+<!--	</div>-->
+</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/clientComponents/clientSettings.vue
+++ b/src/static/app/src/components/clientComponents/clientSettings.vue
@ -0,0 +1,57 @@
+<script setup lang="ts">
+import { ref, reactive } from "vue"
+import LocaleText from "@/components/text/localeText.vue";
+import OidcSettings from "@/components/clientComponents/clientSettingComponents/oidcSettings.vue";
+import { fetchGet } from "@/utilities/fetch.js"
+const emits = defineEmits(['close'])
+import { DashboardConfigurationStore } from "@/stores/DashboardConfigurationStore"
+const dashboardConfigurationStore = DashboardConfigurationStore()
+const loading = ref(false)
+const values = reactive({
+	enableClients: dashboardConfigurationStore.Configuration.Clients.enable
+})
+
+const toggling = ref(false)
+const toggleClientSideApp = async () => {
+	toggling.value = true
+	await fetchGet("/api/clients/toggleStatus", {}, (res) => {
+		values.enableClients = res.data
+	})
+	toggling.value = false
+}
+</script>
+
+<template>
+<div class="position-absolute w-100 h-100 top-0 start-0 z-1 rounded-3 d-flex p-2" style="background-color: #00000070; z-index: 9999">
+	<div class="card m-auto rounded-3" style="width: 700px">
+		<div class="card-header bg-transparent d-flex align-items-center gap-2 border-0 p-4 pb-2">
+			<h4 class="mb-0">
+				<LocaleText t="Clients Settings"></LocaleText>
+			</h4>
+			<button type="button" class="btn-close ms-auto" @click="emits('close')"></button>
+		</div>
+		<div class="card-body px-4 d-flex gap-3 flex-column">
+			<div class="d-flex align-items-center">
+				<h6 class="mb-0">
+					<LocaleText t="Client Side App"></LocaleText>
+				</h6>
+				<div class="form-check form-switch ms-auto">
+					<label class="form-check-label" for="oidc_switch">
+						<LocaleText :t="values.enableClients ? 'Enabled':'Disabled'"></LocaleText>
+					</label>
+					<input
+						:disabled="oidcStatusLoading"
+						v-model="values.enableClients"
+						@change="toggleClientSideApp()"
+						class="form-check-input" type="checkbox" role="switch" id="oidc_switch">
+				</div>
+			</div>
+			<OidcSettings mode="Client"></OidcSettings>
+		</div>
+	</div>
+</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/clientComponents/clientViewer.vue
+++ b/src/static/app/src/components/clientComponents/clientViewer.vue
@ -0,0 +1,143 @@
+<script setup lang="ts" async>
+import {useRoute, useRouter} from "vue-router";
+import { fetchGet, fetchPost } from "@/utilities/fetch.js"
+
+
+import {DashboardClientAssignmentStore} from "@/stores/DashboardClientAssignmentStore.js";
+import { DashboardConfigurationStore } from "@/stores/DashboardConfigurationStore.js"
+
+import {computed, reactive, ref, watch} from "vue";
+import LocaleText from "@/components/text/localeText.vue";
+import ClientAssignedPeers from "@/components/clientComponents/clientAssignedPeers.vue";
+import ClientResetPassword from "@/components/clientComponents/clientResetPassword.vue";
+import ClientDelete from "@/components/clientComponents/clientDelete.vue";
+const assignmentStore = DashboardClientAssignmentStore()
+const dashboardConfigurationStore = DashboardConfigurationStore()
+
+const route = useRoute()
+const router = useRouter()
+const client = computed(() => {
+	return assignmentStore.getClientById(route.params.id)
+})
+const clientAssignedPeers = ref({})
+const getAssignedPeers = async () => {
+	await fetchGet('/api/clients/assignedPeers', {
+		ClientID: client.value.ClientID
+	}, (res) => {
+		clientAssignedPeers.value = res.data;
+	})
+}
+const emits = defineEmits(['deleteSuccess'])
+
+const clientProfile = reactive({
+	Name: undefined
+})
+
+if (client.value){
+	watch(() => client.value.ClientID, async () => {
+		clientProfile.Name = client.value.Name;
+		await getAssignedPeers()
+	})
+	await getAssignedPeers()
+	clientProfile.Name = client.value.Name
+}else{
+	router.push('/clients')
+	dashboardConfigurationStore.newMessage("WGDashboard", "Client does not exist", "danger")
+}
+
+
+
+const updatingProfile = ref(false)
+const updateProfile = async () => {
+	updatingProfile.value = true
+	await fetchPost("/api/clients/updateProfileName", {
+		ClientID: client.value.ClientID,
+		Name: clientProfile.Name
+	}, (res) => {
+		if (res.status){
+			client.value.Name = clientProfile.Name;
+			dashboardConfigurationStore.newMessage("Server", "Client name update success", "success")
+		}else{
+			clientProfile.Name = client.value.Name;
+			dashboardConfigurationStore.newMessage("Server", "Client name update failed", "danger")
+		}
+		updatingProfile.value = false
+	})
+}
+const deleteSuccess = async () => {
+	await router.push('/clients')
+	await assignmentStore.getClients()
+}
+
+</script>
+
+<template>
+	<div class="text-body d-flex flex-column overflow-y-scroll h-100" v-if="client" :key="client.ClientID">
+		<div class="p-4 border-bottom bg-body-tertiary z-0">
+			<div class="mb-3 backLink">
+				<RouterLink to="/clients" class="text-body text-decoration-none">
+					<i class="bi bi-arrow-left me-2"></i>
+					Back</RouterLink>
+			</div>
+			<small class="text-muted">
+				<LocaleText t="Email"></LocaleText>
+			</small>
+			<h1>
+				{{ client.Email }}
+			</h1>
+			<div class="d-flex flex-column gap-2">
+				<div class="d-flex align-items-center">
+					<small class="text-muted">
+						<LocaleText t="Client ID"></LocaleText>
+					</small>
+					<small class="ms-auto">
+						<samp>{{ client.ClientID }}</samp>
+					</small>
+				</div>
+				<div class="d-flex align-items-center gap-2">
+					<small class="text-muted">
+						<LocaleText t="Client Name"></LocaleText>
+					</small>
+					<input class="form-control form-control-sm rounded-3 ms-auto"
+						   style="width: 300px"
+						   type="text" v-model="clientProfile.Name">
+					<button
+						@click="updateProfile()"
+						aria-label="Save Client Name"
+						class="btn btn-sm rounded-3 bg-success-subtle border-success-subtle text-success-emphasis">
+						<i class="bi bi-save-fill"></i>
+					</button>
+				</div>
+			</div>
+		</div>
+		<div style="flex: 1 0 0; overflow-y: scroll;">
+			<ClientAssignedPeers
+				@refresh="getAssignedPeers()"
+				:clientAssignedPeers="clientAssignedPeers"
+				:client="client"></ClientAssignedPeers>
+<!--			<ClientResetPassword-->
+<!--				:client="client" v-if="client.ClientGroup === 'Local'"></ClientResetPassword>-->
+			<ClientDelete
+				@deleteSuccess="deleteSuccess()"
+				:client="client"></ClientDelete>
+		</div>
+	</div>
+	<div v-else class="d-flex w-100 h-100 text-muted">
+		<div class="m-auto text-center">
+			<h1>
+				<i class="bi bi-person-x"></i>
+			</h1>
+			<p>
+				<LocaleText t="Client does not exist"></LocaleText>
+			</p>
+		</div>
+	</div>
+</template>
+
+<style scoped>
+@media screen and (min-width: 576px) {
+	.backLink{
+		display: none;
+	}
+}
+</style>
--- a/src/static/app/src/components/configurationComponents/backupRestoreComponents/backup.vue
+++ b/src/static/app/src/components/configurationComponents/backupRestoreComponents/backup.vue
@ -0,0 +1,191 @@
+<script setup>
+import dayjs from "dayjs";
+import {computed, ref} from "vue";
+import {fetchGet, fetchPost, getUrl} from "@/utilities/fetch.js";
+import {useRoute} from "vue-router";
+import {DashboardConfigurationStore} from "@/stores/DashboardConfigurationStore.js";
+import LocaleText from "@/components/text/localeText.vue";
+const props = defineProps(["b", "delay"])
+const deleteConfirmation = ref(false)
+const restoreConfirmation = ref(false)
+const route = useRoute()
+const emit = defineEmits(["refresh", "refreshPeersList"])
+const store = DashboardConfigurationStore()
+const loading = ref(false);
+const deleteBackup = () => {
+	loading.value = true;
+	fetchPost("/api/deleteWireguardConfigurationBackup", {
+		ConfigurationName: route.params.id,
+		BackupFileName: props.b.filename
+	}, (res) => {
+		loading.value = false;
+		if (res.status){
+			emit("refresh")
+			store.newMessage("Server", "Backup deleted", "success")
+		}else{
+			store.newMessage("Server", "Backup failed to delete", "danger")
+		}
+	})
+}
+
+const restoreBackup = () => {
+	loading.value = true;
+	fetchPost("/api/restoreWireguardConfigurationBackup", {
+		ConfigurationName: route.params.id,
+		BackupFileName: props.b.filename
+	}, (res) => {
+		loading.value = false;
+		restoreConfirmation.value = false;
+		if (res.status){
+			emit("refreshPeersList")
+			store.newMessage("Server", "Backup restored with " + props.b.filename, "success")
+		}else{
+			store.newMessage("Server", "Backup failed to restore", "danger")
+		}
+	})
+}
+
+const downloadBackup = () => {
+	fetchGet("/api/downloadWireguardConfigurationBackup", {
+		configurationName: route.params.id,
+		backupFileName: props.b.filename
+	}, (res) => {
+		if (res.status){
+			window.open(getUrl(`/fileDownload?file=${res.data}`), '_blank')
+		}
+	})
+}
+
+const delaySeconds = computed(() => {
+	return props.delay + 's'
+})
+
+const showContent = ref(false);
+</script>
+ 
+<template>
+	<div class="card my-0 rounded-3">
+		<div class="card-body position-relative">
+			<Transition name="zoomReversed">
+				<div 
+					v-if="deleteConfirmation"
+					class="position-absolute w-100 h-100 confirmationContainer start-0 top-0 rounded-3 d-flex p-2">
+					<div class="m-auto">
+						<h5>
+							<LocaleText t="Are you sure to delete this backup?"></LocaleText>
+						</h5>
+						<div class="d-flex gap-2 align-items-center justify-content-center">
+							<button class="btn btn-danger rounded-3" 
+							        :disabled="loading"
+							        @click='deleteBackup()'>
+								<LocaleText t="Yes"></LocaleText>
+							</button>
+							<button
+								@click="deleteConfirmation = false"
+								:disabled="loading"
+								class="btn bg-secondary-subtle text-secondary-emphasis border-secondary-subtle rounded-3">
+								<LocaleText t="No"></LocaleText>
+							</button>
+						</div>
+					</div>
+				</div>
+			</Transition>
+			<Transition name="zoomReversed">
+				<div
+					v-if="restoreConfirmation"
+					class="position-absolute w-100 h-100 confirmationContainer start-0 top-0 rounded-3 d-flex p-2">
+					<div class="m-auto">
+						<h5>
+							<LocaleText t="Are you sure to restore this backup?"></LocaleText>
+						</h5>
+						<div class="d-flex gap-2 align-items-center justify-content-center">
+							<button
+								:disabled="loading"
+								@click="restoreBackup()"
+								class="btn btn-success rounded-3">
+								<LocaleText t="Yes"></LocaleText>
+							</button>
+							<button
+								@click="restoreConfirmation = false"
+								:disabled="loading"
+								class="btn bg-secondary-subtle text-secondary-emphasis border-secondary-subtle rounded-3">
+								<LocaleText t="No"></LocaleText>
+							</button>
+						</div>
+					</div>
+				</div>
+			</Transition>
+			<div class="d-flex gap-3">
+				<div class="d-flex flex-column">
+					<small class="text-muted">
+						<LocaleText t="Backup"></LocaleText>
+					</small>
+					<samp>{{b.filename}}</samp>
+				</div>
+				<div class="d-flex flex-column">
+					<small class="text-muted">
+						<LocaleText t="Backup Date"></LocaleText>
+					</small>
+					{{dayjs(b.backupDate, "YYYYMMDDHHmmss").format("YYYY-MM-DD HH:mm:ss")}}
+				</div>
+				<div class="d-flex gap-2 align-items-center ms-auto">
+					<button
+						@click="downloadBackup()"
+						class="btn bg-primary-subtle text-primary-emphasis border-primary-subtle rounded-3 btn-sm">
+						<i class="bi bi-download"></i>
+					</button>
+					<button 
+						@click="restoreConfirmation = true"
+						class="btn bg-warning-subtle text-warning-emphasis border-warning-subtle rounded-3 btn-sm">
+						<i class="bi bi-clock-history"></i>
+					</button>
+					<button 
+						@click="deleteConfirmation = true"
+						class="btn bg-danger-subtle text-danger-emphasis border-danger-subtle rounded-3 btn-sm">
+						<i class="bi bi-trash-fill"></i>
+					</button>
+				</div>
+			</div>
+			<hr>
+			<div class="card rounded-3">
+				<a role="button" class="card-header d-flex text-decoration-none align-items-center" 
+				   :class="{'border-bottom-0': !showContent}"
+				   style="cursor: pointer" @click="showContent = !showContent">
+					<small>.conf <LocaleText t="File"></LocaleText>
+						</small>
+					<i class="bi bi-chevron-down ms-auto"></i>
+				</a>
+				<div class="card-body" v-if="showContent">
+					<textarea class="form-control rounded-3" :value="b.content"
+					          disabled
+					          style="height: 300px; font-family: var(--bs-font-monospace),sans-serif !important;"></textarea>
+				</div>
+			</div>
+			<hr>
+			<div class="d-flex">
+				<span>
+					<i class="bi bi-database me-1"></i>
+					<LocaleText t="Database File"></LocaleText>
+				</span>
+				<i class="bi ms-auto"
+					:class="[b.database ? 'text-success bi-check-circle-fill' : 'text-danger bi-x-circle-fill']"
+				></i>
+			</div>
+			
+			
+		</div>
+	</div>
+</template>
+
+<style scoped>
+.confirmationContainer{
+	background-color: rgba(0, 0, 0, 0.53);
+	z-index: 9999;
+	backdrop-filter: blur(1px);
+	-webkit-backdrop-filter: blur(1px);
+}
+
+.list1-enter-active{
+	transition-delay: v-bind(delaySeconds) !important;
+}
+</style>
--- a/src/static/app/src/components/configurationComponents/configurationBackupRestore.vue
+++ b/src/static/app/src/components/configurationComponents/configurationBackupRestore.vue
@ -0,0 +1,123 @@
+<script setup>
+import {onBeforeUnmount, onMounted, reactive, ref} from "vue";
+import {fetchGet} from "@/utilities/fetch.js";
+import {useRoute} from "vue-router";
+import dayjs from "dayjs";
+import LocaleText from "@/components/text/localeText.vue";
+import Backup from "@/components/configurationComponents/backupRestoreComponents/backup.vue";
+
+const route = useRoute()
+const backups = ref([])
+const loading = ref(true)
+const emit = defineEmits(["close", "refreshPeersList"])
+
+onMounted(() => {
+	loadBackup();
+})
+
+const loadBackup = () => {
+	loading.value = true
+	fetchGet("/api/getWireguardConfigurationBackup", {
+		configurationName: route.params.id
+	}, (res) => {
+		backups.value = res.data;
+		loading.value = false;
+	})
+}
+
+const createBackup = () => {
+	fetchGet("/api/createWireguardConfigurationBackup", {
+		configurationName: route.params.id
+	}, (res) => {
+		backups.value = res.data;
+		loading.value = false;
+	})
+}
+</script>
+
+<template>
+<div class="peerSettingContainer w-100 h-100 position-absolute top-0 start-0 overflow-y-scroll" ref="editConfigurationContainer">
+	<div class="d-flex h-100 w-100">
+		<div class="modal-dialog-centered dashboardModal w-100 h-100 overflow-x-scroll flex-column gap-3 mx-3">
+			<div class="my-5 d-flex gap-3 flex-column position-relative">
+				<div class="title">
+					<div class="d-flex mb-3">
+						<h4 class="mb-0">
+							<LocaleText t="Backup & Restore"></LocaleText>
+						</h4>
+						<button type="button" class="btn-close ms-auto" @click="$emit('close')"></button>
+					</div>
+					<button 
+						@click="createBackup()"
+						class="btn bg-primary-subtle text-primary-emphasis border-primary-subtle rounded-3 w-100">
+						<i class="bi bi-plus-circle-fill me-2"></i>
+						<LocaleText t="Create Backup"></LocaleText>
+					</button>
+				</div>
+				<div class="position-relative d-flex flex-column gap-3">
+					<TransitionGroup name="list1" >
+						<div class="text-center title" 
+						     key="spinner"
+						     v-if="loading && backups.length === 0">
+							<div class="spinner-border"></div>
+						</div>
+						<div class="card my-0 rounded-3"
+						     v-else-if="!loading && backups.length === 0"
+						     key="noBackups"
+						>
+							<div class="card-body text-center text-muted">
+								<i class="bi bi-x-circle-fill me-2"></i>
+								<LocaleText t="No backup yet, click the button above to create backup."></LocaleText>
+							</div>
+						</div>
+						<Backup
+							@refresh="loadBackup()"
+							@refreshPeersList="emit('refreshPeersList')"
+							:b="b" v-for="b in backups"
+							:key="b.filename"
+						></Backup>
+					</TransitionGroup>
+				</div>
+			</div>
+
+		</div>
+	</div>
+</div>
+</template>
+
+<style scoped>
+.card, .title{
+	width: 100%;
+}
+
+@media screen and (min-width: 700px) {
+	.card, .title{
+		width: 700px;
+	}
+}
+
+.animate__fadeInUp{
+	animation-timing-function: cubic-bezier(0.42, 0, 0.22, 1.0)
+}
+
+.list1-move, /* apply transition to moving elements */
+.list1-enter-active,
+.list1-leave-active {
+	transition: all 0.5s cubic-bezier(0.42, 0, 0.22, 1.0);
+}
+
+
+
+.list1-enter-from,
+.list1-leave-to {
+	opacity: 0;
+	transform: translateY(30px);
+}
+
+/* ensure leaving items are taken out of layout flow so that moving
+   animations can be calculated correctly. */
+.list1-leave-active {
+	width: 100%;
+	position: absolute;
+}
+</style>
--- a/src/static/app/src/components/configurationComponents/configurationDescription.vue
+++ b/src/static/app/src/components/configurationComponents/configurationDescription.vue
@ -0,0 +1,57 @@
+<script setup lang="ts">
+import {ref} from "vue";
+import { fetchPost } from "@/utilities/fetch.js"
+
+const props = defineProps(['configuration'])
+const description = ref(props.configuration.Info.Description)
+const showStatus = ref(false)
+const status = ref(false)
+
+const updateDescription = async () => {
+	await fetchPost("/api/updateWireguardConfigurationInfo", {
+		Name: props.configuration.Name,
+		Key: "Description",
+		Value: description.value
+	}, (res) => {
+		status.value = res.status
+		toggleStatus()
+	})
+}
+
+const toggleSuccess = () => {
+	status.value = true
+	toggleStatus()
+}
+
+const toggleFail = () => {
+	status.value = false
+	toggleStatus()
+}
+
+const toggleStatus = () => {
+	showStatus.value = true
+	setTimeout(() => {
+		showStatus.value = false
+	}, 3000)
+}
+</script>
+
+<template>
+	<div class="d-flex gap-1 flex-column">
+		<label for="configurationDescription">
+			<small style="white-space: nowrap" class="text-muted">
+				<i class="bi bi-pencil-fill me-2"></i>Notes
+			</small>
+		</label>
+		<input type="text"
+			   :class="[showStatus ? [status ? 'is-valid':'is-invalid'] : undefined]"
+			   id="configurationDescription"
+			   v-model="description"
+			   @change="updateDescription()"
+			   class="form-control rounded-3 bg-transparent form-control-sm">
+	</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/configurationComponents/deleteConfiguration.vue
+++ b/src/static/app/src/components/configurationComponents/deleteConfiguration.vue
@ -0,0 +1,122 @@
+<script setup>
+import LocaleText from "@/components/text/localeText.vue";
+import {useRoute, useRouter} from "vue-router";
+import {onMounted, ref, useTemplateRef} from "vue";
+import {fetchGet, fetchPost} from "@/utilities/fetch.js";
+import {WireguardConfigurationsStore} from "@/stores/WireguardConfigurationsStore.js";
+import {DashboardConfigurationStore} from "@/stores/DashboardConfigurationStore.js";
+const route = useRoute()
+const configurationName = route.params.id;
+const input = ref("")
+const router = useRouter()
+const store = DashboardConfigurationStore()
+const deleting = ref(false)
+
+const deleteConfiguration = () => {
+	clearInterval(store.Peers.RefreshInterval)
+	deleting.value = true;
+	fetchPost("/api/deleteWireguardConfiguration", {
+		ConfigurationName: configurationName
+	}, (res) => {
+		if (res.status){
+			router.push('/')
+			store.newMessage("Server", "Configuration deleted", "success")
+		}else{
+			deleting.value = false;
+		}
+	})
+}
+
+
+const loading = ref(true)
+const backups = ref([])
+const getBackup = () => {
+	loading.value = true;
+	fetchGet("/api/getWireguardConfigurationBackup", {
+		configurationName: configurationName
+	}, (res) => {
+		backups.value = res.data;
+		loading.value = false;
+	})
+}
+onMounted(() => {
+	getBackup()
+})
+const emits = defineEmits(["backup", "close"])
+</script>
+
+<template>
+	<div class="peerSettingContainer w-100 h-100 position-absolute top-0 start-0 overflow-y-scroll">
+		<div class="container d-flex h-100 w-100">
+			<div class="m-auto modal-dialog-centered dashboardModal" style="width: 700px">
+				<div class="card rounded-3 shadow flex-grow-1 bg-danger-subtle border-danger-subtle" id="deleteConfigurationContainer">
+					<div class="card-header bg-transparent d-flex align-items-center gap-2 border-0 p-4 pb-0">
+						<h5 class="mb-0">
+							<LocaleText t="Are you sure to delete this configuration?"></LocaleText>
+						</h5>
+						<button type="button" class="btn-close ms-auto" @click="emits('close')"></button>
+					</div>
+					<div class="card-body px-4 text-muted">
+						<p class="mb-0">
+							<LocaleText t="Once you deleted this configuration:"></LocaleText>
+						</p>
+						<ul>
+							<li>
+								<LocaleText t="All connected peers will get disconnected"></LocaleText>
+							</li>
+							<li>
+								<LocaleText t="Both configuration file (.conf) and database table related to this configuration will get deleted"></LocaleText>
+							</li>
+						</ul>
+						 
+						<div class="alert"
+						     :class="[loading ? 'alert-secondary' : (backups.length > 0 ? 'alert-success' : 'alert-danger')]">
+							<div v-if="loading">
+								<i class="bi bi-search me-2"></i>
+								<LocaleText t="Checking backups..."></LocaleText>
+							</div>
+							<div v-else-if="backups.length > 0">
+								<i class="bi bi-check-circle-fill me-2"></i>
+								<LocaleText :t="'This configuration has ' + backups.length + ' backups'"></LocaleText>
+							</div>
+							<div v-else class="d-flex align-items-center gap-2">
+								<i class="bi bi-x-circle-fill me-2"></i>
+								<LocaleText t="This configuration has no backup"></LocaleText>
+								<a role="button" 
+								   @click="emits('backup')"
+								   class="ms-auto btn btn-sm btn-primary rounded-3">
+									<i class="bi bi-clock-history me-2"></i>
+									<LocaleText t="Backup"></LocaleText>
+								</a>
+								<a role="button"
+								   @click="getBackup()"
+								   class="btn btn-sm btn-primary rounded-3">
+									<i class="bi bi-arrow-clockwise"></i>
+								</a>
+							</div>
+						</div>
+						<hr>
+						<p>
+							<LocaleText t="If you're sure, please type in the configuration name below and click Delete"></LocaleText>
+						</p>
+						<input class="form-control rounded-3 mb-3" 
+						       :placeholder="configurationName"
+						       v-model="input"
+						       type="text">
+						<button class="btn btn-danger w-100" 
+						        @click="deleteConfiguration()"
+						        :disabled="input !== configurationName || deleting">
+							<i class="bi bi-trash-fill me-2 rounded-3"></i>
+							<LocaleText t="Delete" v-if="!deleting"></LocaleText>
+							<LocaleText t="Deleting..." v-else></LocaleText>
+						</button>
+					</div>
+				</div>
+			</div>
+		</div>
+	</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/configurationComponents/editConfiguration.vue
+++ b/src/static/app/src/components/configurationComponents/editConfiguration.vue
@ -0,0 +1,270 @@
+<script setup>
+import LocaleText from "@/components/text/localeText.vue";
+import {reactive, ref, watch} from "vue";
+import {WireguardConfigurationsStore} from "@/stores/WireguardConfigurationsStore.js";
+import {fetchPost} from "@/utilities/fetch.js";
+import {DashboardConfigurationStore} from "@/stores/DashboardConfigurationStore.js";
+import UpdateConfigurationName
+	from "@/components/configurationComponents/editConfigurationComponents/updateConfigurationName.vue";
+import EditRawConfigurationFile
+	from "@/components/configurationComponents/editConfigurationComponents/editRawConfigurationFile.vue";
+import DeleteConfiguration from "@/components/configurationComponents/deleteConfiguration.vue";
+import ConfigurationBackupRestore from "@/components/configurationComponents/configurationBackupRestore.vue";
+import EditPeerSettingsOverride
+	from "@/components/configurationComponents/editConfigurationComponents/editPeerSettingsOverride.vue";
+const props = defineProps({
+	configurationInfo: Object
+})
+const wgStore = WireguardConfigurationsStore()
+const store = DashboardConfigurationStore()
+const saving = ref(false)
+const data = reactive(JSON.parse(JSON.stringify(props.configurationInfo)))
+const editPrivateKey = ref(false)
+const dataChanged = ref(false)
+const reqField = reactive({
+	PrivateKey: true,
+	IPAddress: true,
+	ListenPort: true
+})
+const genKey = () => {
+	if (wgStore.checkWGKeyLength(data.PrivateKey)){
+		reqField.PrivateKey = true;
+		data.PublicKey = window.wireguard.generatePublicKey(data.PrivateKey)
+	}else{
+		reqField.PrivateKey = false;
+	}
+}
+const resetForm = () => {
+	dataChanged.value = false;
+	Object.assign(data, JSON.parse(JSON.stringify(props.configurationInfo)))
+}
+const emit = defineEmits(["changed", "close", "refresh", "dataChanged"])
+const saveForm = ()  => {
+	saving.value = true
+	fetchPost("/api/updateWireguardConfiguration", data, (res) => {
+		saving.value = false
+		if (res.status){
+			store.newMessage("Server", "Configuration saved", "success")
+			dataChanged.value = false
+			emit("dataChanged", res.data)
+			
+		}else{
+			store.newMessage("Server", res.message, "danger")
+		}
+	})
+}
+const updateConfigurationName = ref(false)
+
+watch(data, () => {
+	dataChanged.value = JSON.stringify(data) !== JSON.stringify(props.configurationInfo);
+}, {
+	deep: true
+})
+
+const editRawConfigurationFileModal = ref(false)
+const backupRestoreModal = ref(false)
+const deleteConfigurationModal = ref(false)
+
+
+</script>
+
+<template>
+	<div class="peerSettingContainer w-100 h-100 position-absolute top-0 start-0" ref="editConfigurationContainer">
+		<div class="w-100 h-100  overflow-y-scroll">
+			<TransitionGroup name="zoom">
+				<EditRawConfigurationFile
+					name="EditRawConfigurationFile"
+					v-if="editRawConfigurationFileModal"
+					@close="editRawConfigurationFileModal = false">
+				</EditRawConfigurationFile>
+				<DeleteConfiguration
+					key="DeleteConfiguration"
+					@backup="backupRestoreModal = true"
+					@close="deleteConfigurationModal = false"
+					v-if="deleteConfigurationModal">
+				</DeleteConfiguration>
+				<ConfigurationBackupRestore
+					@close="backupRestoreModal = false"
+					@refreshPeersList="emit('refresh')"
+					v-if="backupRestoreModal">
+				</ConfigurationBackupRestore>
+			</TransitionGroup>
+
+			<div class="container d-flex h-100 w-100">
+				<div class="m-auto modal-dialog-centered dashboardModal" style="width: 700px">
+					<div class="card rounded-3 shadow flex-grow-1">
+						<div class="card-header bg-transparent d-flex align-items-center gap-2 border-0 p-4">
+							<h4 class="mb-0">
+								<LocaleText t="Configuration Settings"></LocaleText>
+							</h4>
+							<button type="button" class="btn-close ms-auto" @click="$emit('close')"></button>
+						</div>
+						<div class="card-body px-4 pb-4">
+							<div class="d-flex gap-2 flex-column">
+								<div class="d-flex align-items-center gap-3" v-if="!updateConfigurationName">
+									<small class="text-muted">
+										<LocaleText t="Name"></LocaleText>
+									</small>
+									<small>{{data.Name}}</small>
+									<button
+										@click="updateConfigurationName = true"
+										class="btn btn-sm bg-danger-subtle border-danger-subtle text-danger-emphasis rounded-3 ms-auto">
+										<LocaleText t="Update Name"></LocaleText>
+									</button>
+								</div>
+								<UpdateConfigurationName
+									@close="updateConfigurationName = false"
+									:configuration-name="data.Name"
+									v-if="updateConfigurationName"></UpdateConfigurationName>
+								<template v-else>
+									<hr>
+									<div class="d-flex align-items-center gap-3">
+										<small class="text-muted" style="word-break: keep-all">
+											<LocaleText t="Public Key"></LocaleText>
+										</small>
+										<small class="ms-auto"  style="word-break: break-all">
+											{{data.PublicKey}}
+										</small>
+									</div>
+									<hr>
+									<div>
+										<div class="d-flex">
+											<label for="configuration_private_key" class="form-label">
+												<small class="text-muted d-block">
+													<LocaleText t="Private Key"></LocaleText>
+												</small>
+											</label>
+											<div class="form-check form-switch ms-auto">
+												<input class="form-check-input"
+												       type="checkbox" role="switch" id="editPrivateKeySwitch"
+												       v-model="editPrivateKey"
+												>
+												<label class="form-check-label" for="editPrivateKeySwitch">
+													<small>Edit</small>
+												</label>
+											</div>
+										</div>
+										<input type="text" class="form-control form-control-sm rounded-3"
+										       :disabled="saving || !editPrivateKey"
+										       :class="{'is-invalid': !reqField.PrivateKey}"
+										       @keyup="genKey()"
+										       v-model="data.PrivateKey"
+										       id="configuration_private_key">
+									</div>
+									<div>
+										<label for="configuration_ipaddress_cidr" class="form-label">
+											<small class="text-muted">
+												<LocaleText t="IP Address/CIDR"></LocaleText>
+											</small>
+										</label>
+										<input type="text" class="form-control form-control-sm rounded-3"
+										       :disabled="saving"
+										       v-model="data.Address"
+										       id="configuration_ipaddress_cidr">
+									</div>
+									<div>
+										<label for="configuration_listen_port" class="form-label">
+											<small class="text-muted">
+												<LocaleText t="Listen Port"></LocaleText>
+											</small>
+										</label>
+										<input type="number" class="form-control form-control-sm rounded-3"
+										       :disabled="saving"
+										       v-model="data.ListenPort"
+										       id="configuration_listen_port">
+
+									</div>
+									<div class="accordion mt-2" id="editConfigurationOptionalAccordion">
+										<div class="accordion-item">
+											<h2 class="accordion-header">
+												<button class="accordion-button collapsed px-3 py-2" type="button" data-bs-toggle="collapse" data-bs-target="#editOptionalAccordionCollapse">
+													<small class="text-muted">
+														<LocaleText t="Optional Settings"></LocaleText>
+													</small>
+												</button>
+											</h2>
+											<div id="editOptionalAccordionCollapse"
+											     class="accordion-collapse collapse" data-bs-parent="#editConfigurationOptionalAccordion">
+												<div class="accordion-body d-flex flex-column gap-3">
+													<div v-for="key in ['Table', 'PreUp', 'PreDown', 'PostUp', 'PostDown']">
+														<label :for="'configuration_' + key" class="form-label">
+															<small class="text-muted">
+																<LocaleText :t="key"></LocaleText>
+															</small>
+														</label>
+														<input type="text" class="form-control form-control-sm rounded-3"
+														       :disabled="saving"
+														       v-model="data[key]"
+														       :id="'configuration_' + key">
+													</div>
+													<div v-for="key in ['Jc', 'Jmin', 'Jmax', 'S1', 'S2', 'H1', 'H2', 'H3', 'H4']"
+													     v-if="configurationInfo.Protocol === 'awg'">
+														<label :for="'configuration_' + key" class="form-label">
+															<small class="text-muted">
+																<LocaleText :t="key"></LocaleText>
+															</small>
+														</label>
+														<input type="number" class="form-control form-control-sm rounded-3"
+														       :disabled="saving"
+														       v-model="data[key]"
+														       :id="'configuration_' + key">
+													</div>
+												</div>
+											</div>
+										</div>
+									</div>
+									<div class="d-flex align-items-center gap-2 mt-1">
+										<button class="btn btn-sm bg-secondary-subtle border-secondary-subtle text-secondary-emphasis rounded-3 shadow ms-auto"
+										        @click="resetForm()"
+										        :disabled="!dataChanged || saving">
+											<i class="bi bi-arrow-clockwise me-2"></i>
+											<LocaleText t="Reset"></LocaleText>
+										</button>
+										<button class="btn btn-sm bg-primary-subtle border-primary-subtle text-primary-emphasis rounded-3 shadow"
+										        :disabled="!dataChanged || saving"
+										        @click="saveForm()"
+										>
+											<i class="bi bi-save-fill me-2"></i>
+											<LocaleText t="Save"></LocaleText>
+										</button>
+									</div>
+									<hr>
+									<EditPeerSettingsOverride :configuration="configurationInfo"></EditPeerSettingsOverride>
+									<hr>
+									<h5 class="mb-3">
+										<LocaleText t="Danger Zone"></LocaleText>
+									</h5>
+									<div class="d-flex gap-2 flex-column">
+										<button
+											@click="backupRestoreModal = true"
+											class="btn bg-warning-subtle border-warning-subtle text-warning-emphasis rounded-3 text-start d-flex">
+											<i class="bi bi-copy me-auto"></i>
+											<LocaleText t="Backup & Restore"></LocaleText>
+										</button>
+										<button
+											@click="editRawConfigurationFileModal = true"
+											class="btn bg-warning-subtle border-warning-subtle text-warning-emphasis rounded-3 d-flex">
+											<i class="bi bi-pen me-auto"></i>
+											<LocaleText t="Edit Raw Configuration File"></LocaleText>
+										</button>
+
+										<button
+											@click="deleteConfigurationModal = true"
+											class="btn bg-danger-subtle border-danger-subtle text-danger-emphasis rounded-3 d-flex mt-4">
+											<i class="bi bi-trash-fill me-auto"></i>
+											<LocaleText t="Delete Configuration"></LocaleText>
+										</button>
+									</div>
+								</template>
+							</div>
+						</div>
+					</div>
+				</div>
+			</div>
+		</div>
+	</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/configurationComponents/editConfigurationComponents/editPeerSettingsOverride.vue
+++ b/src/static/app/src/components/configurationComponents/editConfigurationComponents/editPeerSettingsOverride.vue
@ -0,0 +1,152 @@
+<script setup lang="ts">
+import LocaleText from "@/components/text/localeText.vue";
+import { fetchPost } from "@/utilities/fetch.js"
+import {onMounted, reactive, ref} from "vue";
+const props = defineProps(['configuration'])
+const saving = ref(false)
+const overridePeerSettings = ref({...props.configuration.Info.OverridePeerSettings})
+const edited = ref(false)
+const errorMsg = ref("")
+
+onMounted(() => {
+	document.querySelectorAll("#editPeerSettingsOverride input").forEach(
+		x => x.addEventListener("change", () => {
+			edited.value = true
+		})
+	)
+})
+
+const resetForm = () => {
+	overridePeerSettings.value = props.configuration.Info.OverridePeerSettings
+	edited.value = false
+}
+
+const submitForm = async () => {
+	document.querySelectorAll("#editPeerSettingsOverride input").forEach(
+		x => x.classList.remove("is-invalid", "is-valid")
+	)
+	await fetchPost("/api/updateWireguardConfigurationInfo", {
+		Name: props.configuration.Name,
+		Key: "OverridePeerSettings",
+		Value: overridePeerSettings.value
+	}, (res) => {
+		if (res.status){
+			edited.value = false
+			props.configuration.Info.OverridePeerSettings = overridePeerSettings.value
+			document.querySelectorAll("#editPeerSettingsOverride input").forEach(
+				x => x.classList.add("is-valid")
+			)
+		}else{
+			errorMsg.value = res.message
+			document.querySelector(`#override_${res.data}`).classList.add("is-invalid")
+		}
+	})
+}
+</script>
+
+<template>
+<div id="editPeerSettingsOverride">
+	<h5 class="mb-0">
+		<LocaleText t="Override Peer Settings"></LocaleText>
+	</h5>
+	<h6 class="mb-3 text-muted">
+		<small>
+			<LocaleText t="Only apply to peers in this configuration"></LocaleText>
+		</small>
+	</h6>
+	<div class="d-flex gap-2 flex-column">
+		<div>
+			<label for="override_DNS" class="form-label">
+				<small class="text-muted">
+					<LocaleText t="DNS"></LocaleText>
+				</small>
+			</label>
+			<input type="text" class="form-control form-control-sm rounded-3"
+				   :disabled="saving"
+				   v-model="overridePeerSettings.DNS"
+				   id="override_DNS">
+			<div class="invalid-feedback">{{ errorMsg }}</div>
+		</div>
+		<div>
+			<label for="override_EndpointAllowedIPs" class="form-label">
+				<small class="text-muted">
+					<LocaleText t="Endpoint Allowed IPs"></LocaleText>
+				</small>
+			</label>
+			<input type="text" class="form-control form-control-sm rounded-3"
+				   :disabled="saving"
+				   v-model="overridePeerSettings.EndpointAllowedIPs"
+				   id="override_EndpointAllowedIPs">
+			<div class="invalid-feedback">{{ errorMsg }}</div>
+		</div>
+		<div>
+			<label for="override_ListenPort" class="form-label">
+				<small class="text-muted">
+					<LocaleText t="Listen Port"></LocaleText>
+				</small>
+			</label>
+			<input type="text" class="form-control form-control-sm rounded-3"
+				   :disabled="saving"
+				   v-model="overridePeerSettings.ListenPort"
+				   id="override_ListenPort">
+			<div class="invalid-feedback">{{ errorMsg }}</div>
+		</div>
+		<div>
+			<label for="override_MTU" class="form-label">
+				<small class="text-muted">
+					<LocaleText t="MTU"></LocaleText>
+				</small>
+			</label>
+			<input type="text"
+				   class="form-control form-control-sm rounded-3"
+				   :disabled="saving"
+				   v-model="overridePeerSettings.MTU"
+				   id="override_MTU">
+			<div class="invalid-feedback">{{ errorMsg }}</div>
+		</div>
+		<div>
+			<label for="override_PeerRemoteEndpoint" class="form-label">
+				<small class="text-muted">
+					<LocaleText t="Peer Remote Endpoint"></LocaleText>
+				</small>
+			</label>
+			<input type="text" class="form-control form-control-sm rounded-3"
+				   :disabled="saving"
+				   v-model="overridePeerSettings.PeerRemoteEndpoint"
+				   id="override_PeerRemoteEndpoint">
+		</div>
+		<div>
+			<label for="override_persistent_keepalive" class="form-label">
+				<small class="text-muted">
+					<LocaleText t="Persistent Keepalive"></LocaleText>
+				</small>
+			</label>
+			<input type="text" class="form-control form-control-sm rounded-3"
+				   :disabled="saving"
+				   v-model="overridePeerSettings.PersistentKeepalive"
+				   id="override_PersistentKeepalive">
+			<div class="invalid-feedback">{{ errorMsg }}</div>
+		</div>
+		<div class="d-flex mt-1 gap-2">
+			<button
+				:class="{disabled: !edited}"
+				@click="resetForm()"
+				class="btn btn-sm bg-secondary-subtle border-secondary-subtle text-secondary-emphasis rounded-3 shadow ms-auto">
+				<i class="bi bi-arrow-clockwise me-2"></i>
+				<LocaleText t="Reset"></LocaleText>
+			</button>
+			<button
+				:class="{disabled: !edited}"
+				@click="submitForm()"
+				class="btn btn-sm bg-primary-subtle border-primary-subtle text-primary-emphasis rounded-3 shadow">
+				<i class="bi bi-save-fill me-2"></i>
+				<LocaleText t="Save"></LocaleText>
+			</button>
+		</div>
+	</div>
+</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/configurationComponents/editConfigurationComponents/editRawConfigurationFile.vue
+++ b/src/static/app/src/components/configurationComponents/editConfigurationComponents/editRawConfigurationFile.vue
@ -0,0 +1,103 @@
+<script setup>
+import LocaleText from "@/components/text/localeText.vue";
+import CodeEditor from "@/utilities/simple-code-editor/CodeEditor.vue";
+import {fetchGet, fetchPost} from "@/utilities/fetch.js";
+import {useRoute} from "vue-router";
+import {ref} from "vue";
+import {DashboardConfigurationStore} from "@/stores/DashboardConfigurationStore.js";
+const emits = defineEmits(['close'])
+const route = useRoute()
+
+const content = ref("")
+const path = ref("")
+const error = ref(false)
+const errorMessage = ref("")
+
+const getRaw = async () => {
+	await fetchGet('/api/getWireguardConfigurationRawFile', {
+		configurationName: route.params.id
+	}, (res) => {
+		content.value = res.data.content
+		path.value = res.data.path
+	})
+}
+
+await getRaw()
+const dashboardStore = DashboardConfigurationStore();
+const saving = ref(false)
+
+const saveRaw = async () => {
+	saving.value = true
+	await fetchPost('/api/updateWireguardConfigurationRawFile', {
+		configurationName: route.params.id,
+		rawConfiguration: content.value
+	}, (res) => {
+		if (res.status){
+			error.value = false
+			dashboardStore.newMessage("Server", "Configuration saved", "success")
+		}else{
+			error.value = true
+			errorMessage.value = res.message
+		}
+		saving.value = false
+	})
+}
+</script>
+
+<template>
+	<div class="peerSettingContainer w-100 h-100 position-absolute top-0 start-0 overflow-y-scroll">
+		<div class="container d-flex h-100 w-100">
+			<div class="m-auto modal-dialog-centered dashboardModal" style="width: 1000px">
+				<div class="card rounded-3 shadow flex-grow-1" id="deleteConfigurationContainer">
+					<div class="card-header bg-transparent d-flex align-items-center gap-2 border-0 p-4 pb-0">
+						<h5 class="mb-0">
+							<LocaleText t="Edit Raw Configuration File"></LocaleText>
+						</h5>
+						<button type="button" class="btn-close ms-auto" @click="emits('close')"></button>
+					</div>
+					<div class="card-body px-4 d-flex flex-column gap-3">
+						<div class="alert alert-danger rounded-3 mb-0" v-if="error">
+							<div class="mb-2">
+								<strong>
+									<LocaleText t="Failed to save configuration. Please see the following error message:"></LocaleText>
+								</strong>
+							</div>
+							<div class="bg-body w-100 p-2 rounded-3">
+								<pre>{{errorMessage}}</pre>
+							</div>
+						</div>
+						<CodeEditor
+							:disabled="true"
+							:read-only="saving"
+							v-model="content"
+							:theme="dashboardStore.Configuration.Server.dashboard_theme === 'dark' ? 'github-dark':'github'"
+							:languages="[['ini', path]]"
+							width="100%" height="600px">
+						</CodeEditor>
+						<div class="d-flex gap-2">
+							<button class="btn bg-secondary-subtle border-secondary-subtle text-secondary-emphasis rounded-3 shadow ms-auto px-3 py-2"
+							        :disabled="saving"
+							        @click="getRaw()">
+								<i class="bi bi-arrow-clockwise me-2"></i>
+								<LocaleText t="Reset"></LocaleText>
+							</button>
+							<button 
+								@click="saveRaw()"
+								:disabled="saving"
+								class="btn bg-danger-subtle border-danger-subtle text-danger-emphasis rounded-3 px-3 py-2 shadow"
+							>
+								<i class="bi bi-save-fill me-2"></i>
+								<LocaleText t="Save" v-if="!saving"></LocaleText>
+								<LocaleText t="Saving..." v-else></LocaleText>
+							</button>
+						</div>
+					</div>
+				</div>
+			</div>
+		</div>
+	</div>
+</template>
+
+<style scoped>
+
+</style>
--- a/src/static/app/src/components/configurationComponents/editConfigurationComponents/updateConfigurationName.vue
+++ b/src/static/app/src/components/configurationComponents/editConfigurationComponents/updateConfigurationName.vue
@ -0,0 +1,110 @@
+<script setup>
+import {onMounted, reactive, ref, watch} from "vue";
+import {WireguardConfigurationsStore} from "@/stores/WireguardConfigurationsStore.js";
+import LocaleText from "@/components/text/localeText.vue";
+import {fetchPost} from "@/utilities/fetch.js";
+import {useRouter} from "vue-router";
+import {DashboardConfigurationStore} from "@/stores/DashboardConfigurationStore.js";
+const props = defineProps({
+	configurationName: String
+})
+const emit = defineEmits(['close'])
+const newConfigurationName = reactive({
+	data: "",
+	valid: false
+});
+const store = WireguardConfigurationsStore()
+
+onMounted(() => {
+	watch(() => newConfigurationName.data, (newVal) => {
+		newConfigurationName.valid = /^[a-zA-Z0-9_=+.-]{1,15}$/.test(newVal) && newVal.length > 0 && !store.Configurations.find(x => x.Name === newVal);
+	})
+})
+const dashboardConfigurationStore = DashboardConfigurationStore()
+const loading = ref(false)
+const router = useRouter()
+const rename = async () => {
+	if (newConfigurationName.data){
+		loading.value = true
+		clearInterval(dashboardConfigurationStore.Peers.RefreshInterval)
+		await fetchPost("/api/renameWireguardConfiguration", {
+			ConfigurationName: props.configurationName,
+			NewConfigurationName: newConfigurationName.data
+		}, async (res) => {
+			if (res.status){
+				await store.getConfigurations()
+				dashboardConfigurationStore.newMessage("Server", "Configuration renamed", "success")
+				router.push(`/configuration/${newConfigurationName.data}/peers`)
+			}else{
+				dashboardConfigurationStore.newMessage("Server", res.message, "danger")
+				loading.value = false
+			}
+			
+		})
+	}
+}
+</script>
+
+<template>
+<div class="card rounded-3 flex-grow-1 bg-danger-subtle border-danger-subtle border shadow">
+	<div class="card-body">
+		<p>
+			<LocaleText t="To update this configuration's name, WGDashboard will execute the following operations:"></LocaleText>
+		</p>
+		<ol>
+			<li>
+				<LocaleText t="Duplicate current configuration's database table and .conf file with the new name"></LocaleText>
+			</li>
+			<li>
+				<LocaleText t="Delete current configuration's database table and .conf file"></LocaleText>
+			</li>
+		</ol>
+		<div class="d-flex align-items-center gap-3 inputGroup">
+			<input class="form-control form-control-sm rounded-3" :value="configurationName" disabled>
+			<h3 class="mb-0">
+				<i class="bi bi-arrow-right"></i>
+			</h3>
+			<input class="form-control form-control-sm rounded-3"
+			       id="newConfigurationName"
+			       :class="[newConfigurationName.data ? (newConfigurationName.valid ? 'is-valid' : 'is-invalid') : '']"
+			       v-model="newConfigurationName.data">
+		</div>
+		<div class="invalid-feedback" :class="{'d-block': !newConfigurationName.valid && newConfigurationName.data}">
+			<LocaleText t="Configuration name is invalid. Possible reasons:"></LocaleText>
+			<ul class="mb-0">
+				<li>
+					<LocaleText t="Configuration name already exist"></LocaleText>
+				</li>
+				<li>
+					<LocaleText t="Configuration name can only contain 15 lower/uppercase alphabet, numbers, underscore, equal sign, plus sign, period and hyphen."></LocaleText>
+				</li>
+			</ul>
+		</div>
+		<div class="d-flex mt-3">
+			<button
+				@click="emit('close')"
+				class="btn btn-sm bg-secondary-subtle border-secondary-subtle text-secondary-emphasis rounded-3">
+				<LocaleText t="Cancel"></LocaleText>
+			</button>
+			<button
+				@click="rename()"
+				:disabled="!newConfigurationName.data || loading"
+				class="btn btn-sm btn-danger rounded-3 ms-auto">
+				<LocaleText t="Save"></LocaleText>
+			</button>
+		</div>
+	</div>
+</div>
+</template>
+
+<style scoped>
+@media screen and (max-width: 567px) {
+	.inputGroup{
+		flex-direction: column;
+		
+		h3{
+			transform: rotate(90deg);
+		}
+	}
+}
+</style>
--- a/Show More
+++ b/Show More