更新新功能介绍 (#132)

* 更新新功能介绍 * route * update english doc * remark -> note * 增加 OAuth 2文档 * update oauth2
nezhahq · Dec 31, 2024 · 14564f1 · 14564f1
1 parent 72020d4
commit 14564f1
Show file tree

Hide file tree

Showing 24 changed files with 794 additions and 142 deletions.
diff --git a/docs/.vitepress/config.mts b/docs/.vitepress/config.mts
@@ -176,7 +176,9 @@ function getGuideSidebarZhCN() {
         { text: 'DDNS', link: '/guide/ddns.html' },
         { text: '内网穿透', link: '/guide/nat.html' },
         { text: '设置', link: '/guide/settings.html' },
-        { text: '分组', link: '/guide/group.html' }
+        { text: '个人信息', link: '/guide/profile.html' },
+        { text: '分组', link: '/guide/group.html' },
+        { text: '多用户', link: '/guide/user.html' }
       ],
     },
     {
@@ -190,8 +192,10 @@ function getGuideSidebarZhCN() {
         { text: '设置每月重置流量统计', link: '/guide/q6.html' },
         { text: '自定义 Agent 监控项目', link: '/guide/q7.html' },
         { text: '启用 GPU 监控', link: '/guide/q9.html' },
+        { text: '自定义 IP 地理位置数据库', link: '/guide/q11.html' },
         { text: '真实 IP 请求头', link: '/guide/q12.html' },
-        { text: '初始化用户密码', link: '/guide/q13.html' }
+        { text: '初始化用户密码', link: '/guide/q13.html' },
+        { text: '设置 OAuth 2.0 绑定', link: '/guide/q14.html' }
       ]
     },
     {
@@ -252,7 +256,9 @@ function getGuideSidebarEnUS() {
         { text: 'DDNS', link: '/en_US/guide/ddns.html' },
         { text: 'NAT traversal', link: '/en_US/guide/nat.html' },
         { text: 'Settings', link: '/en_US/guide/settings.html' },
-        { text: 'Grouping', link: '/en_US/guide/group.html' }
+        { text: 'Profile', link: '/en_US/guide/profile.html' },
+        { text: 'Grouping', link: '/en_US/guide/group.html' },
+        { text: 'Multi-User', link: '/en_US/guide/user.html' },
       ]
     },
     {
@@ -265,8 +271,10 @@ function getGuideSidebarEnUS() {
         { text: 'Set Monthly Traffic Statistics ResetReset', link: '/en_US/guide/q6.html' },
         { text: 'Custom Agent Monitoring Items', link: '/en_US/guide/q7.html' },
         { text: 'Enable GPU monitoring', link: '/en_US/guide/q9.html' },
+        { text: 'Customize GeoIP database', link: '/en_US/guide/q11.html' },
         { text: 'Real IP Request Header', link: '/en_US/guide/q12.html' },
-        { text: 'Initialize User Password', link: '/en_US/guide/q13.html' }
+        { text: 'Initialize User Password', link: '/en_US/guide/q13.html' },
+        { text: 'Setting Up OAuth 2.0 Binding', link: '/en_US/guide/q14.html' }
       ]
     },
     {
@@ -284,6 +292,7 @@ function getCaseSidebarEnUS() {
     {
       text: 'Community Projects',
       items: [
+        { text: 'Fake-agent, monitoring data cheater', link: '/en_US/case/case4.html' },
         { text: 'Nezha server over Argo tunnel', link: '/en_US/case/case5.html' },
         { text: 'Nezha Mobile - An iOS Client For Nezha Dashboard', link: '/en_US/case/case6.html' },
         { text: 'MDPings - Android Client for Nezha Dashboard', link: '/en_US/case/case9.html' },

diff --git a/docs/case/case4.md b/docs/case/case4.md
@@ -4,11 +4,6 @@ outline: deep
 
 # 重磅推荐！一秒拥有宇宙级算力！让你在人前，不！再！自！卑  
 
-::: info
-
-此项目暂未适配 V1 版本 - 仅作纪念
-
-:::
 ---
 ![2](/images/case4/2.png)  
 <br/>
@@ -20,7 +15,7 @@ outline: deep
 <br/>  
 
 来自南京的名老中医 [dysf888](https://github.com/dysf888) 独家秘方！让你**找回男人本色，激情畅享！**  
-安装 [Fake Agent](https://github.com/dysf888/fake-nezha-agent)，可随意修改服务器监测数据的倍数上传到 Dashboard，让你的小鸡 **脱！胎！换！骨！** 让你在 MJJ 面前<span style="font-size: 5">硬</span>起来！  
+安装 [Fake Agent](https://github.com/dysf888/fake-nezha-agent-v1)，可随意修改服务器监测数据的倍数上传到 Dashboard，让你的小鸡 **脱！胎！换！骨！** 让你在 MJJ 面前<span style="font-size: 5">硬</span>起来！  
 
 <br/>  
 

diff --git a/docs/developer/i18n.md b/docs/developer/i18n.md
@@ -8,6 +8,16 @@ outline: deep
 
 您可以通过 [Hosted Weblate](https://hosted.weblate.org/engage/nezha/) 参与 Nezha 的国际化翻译工作。  
 
-### 支持范围
+## 支持范围
 
 哪吒面板端所有相关项目，包括 **Nezha**，**用户前端** 与 **管理前端**。
+
+## 说明
+
+给 `nezhahq/nezha` 添加新文本时，除了使用特定的翻译函数，还需要手动更新模板：
+
+```bash
+./script/i18n.sh generate template
+```
+
+之后 Weblate 更新仓库时会自动更新翻译，您便可继续翻译工作。
diff --git a/docs/en_US/case/case4.md b/docs/en_US/case/case4.md
@@ -2,7 +2,7 @@
 Contributor: 
 + [dysf888](https://github.com/dysf888)
 
-GitHub project: [fake-nezha-agent](https://github.com/dysf888/fake-nezha-agent)（Chinese）  
+GitHub project: [fake-nezha-agent](https://github.com/dysf888/fake-nezha-agent-v1)（Chinese）  
 
 You can modify the monitoring data uploaded to Dashboard by the Agent  
 Use it for cheating 😈
diff --git a/docs/en_US/developer/i18n.md b/docs/en_US/developer/i18n.md
@@ -8,6 +8,16 @@ outline: deep
 
 You can contribute to Nezha’s internationalization efforts through [Hosted Weblate](https://hosted.weblate.org/engage/nezha/).
 
-### Scope of Coverage
+## Scope of Coverage
 
 All Dashboard-side projects, including **Nezha** itself, the official user frontend and the admin frontend.
+
+## Note
+
+When adding new text to `nezhahq/nezha`, in addition to using specific translation functions, you also need to manually update the templates:
+
+```bash
+./script/i18n.sh generate template
+```
+
+After that, Weblate will automatically update the repository, allowing you to continue the translation work.
diff --git a/docs/en_US/guide/notifications.md b/docs/en_US/guide/notifications.md
@@ -24,6 +24,29 @@ Nezha Monitoring supports monitoring server metrics such as load, CPU, memory, d
 
 ---
 
+### Supported Placeholders
+
+| Placeholder            | Description               |
+| ----------------------- | ------------------------- |
+| `#NEZHA#`              | Notification content      |
+| `#SERVER.NAME#`        | Server name               |
+| `#SERVER.IP#`          | Server IP address         |
+| `#SERVER.IPV4#`        | Server IPv4 address       |
+| `#SERVER.IPV6#`        | Server IPv6 address       |
+| `#SERVER.CPU#`         | CPU usage rate            |
+| `#SERVER.MEM#`         | Memory usage rate         |
+| `#SERVER.SWAP#`        | Swap usage rate           |
+| `#SERVER.DISK#`        | Disk usage rate           |
+| `#SERVER.NETINSPEED#`  | Real-time inbound speed    |
+| `#SERVER.NETOUTSPEED#` | Real-time outbound speed  |
+| `#SERVER.TRANSFERIN#`  | Total inbound traffic      |
+| `#SERVER.TRANSFEROUT#` | Total outbound traffic    |
+| `#SERVER.LOAD1#`       | 1-minute load average     |
+| `#SERVER.LOAD5#`       | 5-minute load average     |
+| `#SERVER.LOAD15#`      | 15-minute load average    |
+
+---
+
 ### Bark Example
 
 <details>

diff --git a/docs/en_US/guide/profile.md b/docs/en_US/guide/profile.md
@@ -0,0 +1,29 @@
+# Profile
+
+**You can access the profile by clicking on the avatar → Profile.**
+
+The profile page displays the current user's information, such as IP address, number of owned servers, and OAuth 2.0 bindings.
+
+You can also update the current user's information.
+
+---
+
+## Update Profile
+
+Click the "Update Profile" button below the user avatar to open the form.
+
+The values that need to be filled in are as follows:
+
+- **New Username**
+  - The new username, with the current username pre-filled.
+
+- **Original Password**
+  - The user's current password.
+
+- **New Password**
+  - The password to be changed, with a minimum length of 8 characters.
+
+- **Reject Password Login**
+  - See [Reject Password Login](/en_US/guide/q14.html#reject-password-login).
+
+After confirming that the information is correct, click "Confirm" to submit the form, and the page will automatically refresh.
diff --git a/docs/en_US/guide/q11.md b/docs/en_US/guide/q11.md
@@ -3,7 +3,7 @@ outline: deep
 ---
 # Customize GeoIP database
 
-Dashboard v0.18.3+ uses an embedded GeoIP database to query IP locations. An IPinfo format mmdb database is required to be placed at `pkg/geoip/geoip.db` to compile the Dashboard with working GeoIP queries.
+Nezha uses an embedded GeoIP database to query IP locations. An IPinfo format mmdb database is required to be placed at `pkg/geoip/geoip.db` to compile the Dashboard with working GeoIP queries.
 
 An IPinfo format mmdb is constructed by those fields:
 

diff --git a/docs/en_US/guide/q14.md b/docs/en_US/guide/q14.md
@@ -0,0 +1,192 @@
+---
+outline: deep
+---
+
+# Setting Up OAuth 2.0 Binding
+
+Nezha supports binding third-party website accounts to existing local accounts using OAuth 2.0.
+
+---
+
+## Configuration
+
+Using OAuth 2.0 requires manually modifying the Dashboard configuration file.
+
+```yaml
+oauth2:
+  Example: # replace it with desired name, like `GitHub`
+    clientid: "a-unique-id"
+    clientsecret: "a-unique-secret"
+    endpoint:
+      authurl: "https://example.com/authorize"
+      tokenurl: "https://example.com/token"
+    scopes:
+      - "read"
+    userinfourl: "https://api.example.com/user"
+    useridpath: "id"
+```
+
+Configuration explanation:
+
+- **`clientid`**
+  - OAuth 2.0 client ID.
+
+- **`clientsecret`**
+  - OAuth 2.0 client secret.
+
+- **`endpoint.authurl`**
+  - Authorization endpoint.
+
+- **`endpoint.tokenurl`**
+  - Token endpoint.
+
+- **`endpoint.scopes`**
+  - List of specified permissions, needs to be filled according to the situation.
+
+- **`endpoint.userinfourl`**
+  - User API endpoint of the third-party website.
+
+- **`endpoint.useridpath`**
+  - The field representing the ID in the user API.
+
+---
+
+## Creating an OAuth 2.0 Application
+
+Before using this feature, you need to create an OAuth 2.0 application on the third-party website.
+
+The Callback URI of Nezha is: `https://nezha.example.com/api/v1/oauth2/callback`
+
+Since the steps vary across different websites, only some examples can be provided here. Generally speaking, the operations on each platform are similar, and you only need to obtain the information needed by Nezha.
+
+### Examples
+
+#### GitHub
+
+<details>
+  <summary>Expand/Collapse</summary>
+
+1. Open <https://github.com/settings/developers>, and select “OAuth Apps” - “New OAuth App”.
+2. Fill in the following required fields:
+- `Application name`：Application name
+- `Homepage URL`：Dashboard access address, such as `https://nezha.example.com`
+- `Authorization callback URL` Dashboard Callback address, only the prefix is checked here, so you can fill in ``https://nezha.example.com/api/v1/oauth2/callback``.
+3. On the new page, save the Client ID and Client secrets, and complete the Dashboard OAuth 2.0 configuration:
+```yaml
+oauth2:
+  GitHub:
+    clientid: "a-unique-id"
+    clientsecret: "a-unique-secret"
+    endpoint:
+      authurl: "https://github.com/login/oauth/authorize"
+      tokenurl: "https://github.com/login/oauth/access_token"
+    userinfourl: "https://api.github.com/user"
+    useridpath: "id"
+```
+
+</details>
+
+#### Cloudflare Access
+
+<details>
+  <summary>Expand/Collapse</summary>
+
+Go to the Zero Trust Dashboard: [https://one.dash.cloudflare.com/](https://one.dash.cloudflare.com/), select or create an account, and then follow these steps:
+
+1. `My Team` -> `Users` -> Click on `<specific user>` -> Get `User ID` and save it *(If you are using Zero Trust for the first time, the Users list will be empty, you can temporarily skip this step; you need to complete a verification before the user appears in the Users list)*;
+2. `Access` -> `Applications` -> `Add an Application`;
+3. Select `SaaS`, enter a custom application name (e.g., `nezha`) in the `Application` field, select `OIDC` and click `Add application`;
+4. `Scopes` need to select `openid` and `profile`;
+5. Add your Dashboard Callback address to `Redirect URLs`, you need to add two, in the following format:
+- `https://nezha.example.com/api/v1/oauth2/callback`
+6. Add a `Policy`, set `Action` to `Allow`, add an Include rule, select `Emails` in `Selector`, enter your email address in the text box, and save the policy;
+7. Record `Client ID`, `Client Secret`, `Token endpoint` and `Authorization endpoint`;
+8. Fill in the Nezha OAuth 2.0 configuration, save and restart the Dashboard:
+```yaml
+oauth2:
+  Cloudflare:
+    clientid: "a-unique-id"
+    clientsecret: "a-unique-secret"
+    endpoint:
+      authurl: "https://xxx.cloudflareaccess.com/cdn-cgi/access/sso/oidc/xxx/authorization"
+      tokenurl: "https://xxx.cloudflareaccess.com/cdn-cgi/access/sso/oidc/xxx/token"
+    scopes:
+      - openid
+      - profile
+    userinfourl: "https://xxx.cloudflareaccess.com/cdn-cgi/access/sso/oidc/xxx/userinfo"
+    useridpath: "sub"
+```
+
+</details>
+
+#### Gitea / Forgejo
+
+<details>
+  <summary>Expand/Collapse</summary>
+
+Take Codeberg as an example:
+
+1. Go to `https://codeberg.org/user/settings/applications`, create a new OAuth 2.0 application under `Manage OAuth2 applications`, fill in the Redirect URIs, in the following format:
+- `https://nezha.example.com/api/v1/oauth2/callback`
+2. After creation, you will be redirected to the newly created application, save the Client ID and Client Secret;
+3. Fill in the Nezha OAuth 2.0 configuration, save and restart the Dashboard:
+```yaml
+oauth2:
+  Codeberg:
+    clientid: "a-unique-id"
+    clientsecret: "a-unique-secret"
+    endpoint:
+      authurl: "https://codeberg.org/login/oauth/authorize"
+      tokenurl: "https://codeberg.org/login/oauth/access_token"
+    userinfourl: "https://codeberg.org/api/v1/user"
+    useridpath: "id"
+```
+
+</details>
+
+#### GitLab
+
+<details>
+  <summary>Expand/Collapse</summary>
+
+1. Go to `https://gitlab.com/-/user_settings/applications`, click Create new application on the right side, and fill in the following contents:
+- `Callback URL`: Nezha Callback URL, for example `https://nezha.example.com/api/v1/oauth2/callback`;
+- `Scopes`: Only `read_user` is needed here.
+The rest can be default
+2. After creation, you will be redirected to the application page, save the Client ID (Application ID) and Client Secret (Secret);
+3. Fill in the Nezha OAuth 2.0 configuration, save and restart the Dashboard:
+```yaml
+oauth2:
+  GitLab:
+    clientid: "a-unique-id"
+    clientsecret: "a-unique-secret"
+    endpoint:
+      authurl: "https://gitlab.com/oauth/authorize"
+      tokenurl: "https://gitlab.com/oauth/token"
+    scopes:
+      - read_user
+    userinfourl: "https://gitlab.com/api/v4/user"
+    useridpath: "id"
+```
+
+</details>
+
+---
+
+## Binding Accounts
+
+After configuring the OAuth 2.0 information, log in to the Dashboard and click on the avatar in the upper right corner to enter personal settings.
+
+In the card list on the personal information page, you can see the OAuth 2 binding, which includes the OAuth 2.0 configuration name you filled in and the corresponding user. Click the `Bind` button on the right side of the configuration name to jump to the authentication page and bind your account.
+
+After completing the binding, you can use the OAuth 2 button at the bottom of the login page to log in to your account.
+
+---
+
+## Reject Password Login
+
+This option can be enabled for the current user in the update personal information form.
+
+Once enabled, the current user will not be able to log in using a password, similar to a failed authentication error.
+
+If the current user does not have any OAuth 2.0 binding, this option cannot be enabled; correspondingly, if this option is enabled, the current user will not be able to delete their last remaining OAuth 2.0 binding.
diff --git a/docs/en_US/guide/q3.md b/docs/en_US/guide/q3.md
@@ -108,8 +108,6 @@ dashboard.example.com {
         header_up nz-realip {http.CF-Connecting-IP} # Replace with your CDN's private header
         # Uncomment the next line and comment the above if Caddy is the outermost layer
         # header_up nz-realip {remote_host};
-        header_up Upgrade {http.upgrade} # Comment this line if Agent TLS communication is enabled
-        header_up Connection "upgrade"
         transport http {
             read_buffer 16384
         }