feat: 远程数据库增加连接性测试 (#1928 )

Refs #1924
fix: 优化容器清理提示信息 (#1927 )
2023-08-11 14:20:15 +00:00 · 2023-08-11 14:18:17 +00:00 · 2023-08-11 08:08:14 +00:00 · 2023-08-11 07:52:13 +00:00 · 2023-08-11 07:50:13 +00:00 · 2023-08-11 06:04:12 +00:00
680 changed files with 63860 additions and 24052 deletions
--- a/.github/ISSUE_TEMPLATE/bug.yml
+++ b/.github/ISSUE_TEMPLATE/bug.yml
@@ -25,7 +25,7 @@ body:
      required: true
    attributes:
      label: "1Panel 版本"
-      description: "可通过系统右上角下拉菜单中的`关于`选项，或查看安装目录中的 version 文件获取。"
+      description: "登录 1Panel Web 控制台，在页面右下角查看当前版本。"
  - type: markdown
    id: details
    attributes:
--- a/.github/ISSUE_TEMPLATE/feature.yml
+++ b/.github/ISSUE_TEMPLATE/feature.yml
@@ -14,7 +14,7 @@ body:
      required: true
    attributes:
      label: "1Panel 版本"
-      description: "可通过系统右上角下拉菜单中的`关于`选项，或查看安装目录中的 version 文件获取。"
+      description: "登录 1Panel Web 控制台，在页面右下角查看当前版本。"
  - type: markdown
    id: details
    attributes:
--- a/.github/workflows/add-labels-for-pr.yml
+++ b/.github/workflows/add-labels-for-pr.yml
@@ -0,0 +1,17 @@
+on: pull_request
+
+name: 1Panel 通用 PR 处理
+
+permissions:
+  pull-requests: write
+
+jobs:
+  generic_handler:
+    name: 为 PR 添加标签
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions-ecosystem/action-add-labels@v1
+        with:
+          github_token: ${{ secrets.GITHUBTOKEN }}
+          labels: ${{ github.base_ref }}
--- a/.github/workflows/build-test.yml
+++ b/.github/workflows/build-test.yml
@@ -0,0 +1,34 @@
+on:
+  pull_request:
+    branches:
+      - dev
+  push:
+    branches:
+      - dev
+
+name: Build Test
+
+jobs:
+  build-linux-binary:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: '18.14'
+      - name: Build Web
+        id: build_frontend
+        run: |
+          cd frontend && npm install && npm run build:pro
+        env:
+          NODE_OPTIONS: --max-old-space-size=8192
+      - name: Setup Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.20.x'
+      - name: Build Server
+        uses: goreleaser/goreleaser-action@v4
+        with:
+          args: release --snapshot --clean
--- a/.github/workflows/issue-recent-alert.yml
+++ b/.github/workflows/issue-recent-alert.yml
@@ -0,0 +1,17 @@
+on:
+  schedule:
+    - cron: "0 1 * * *"
+
+name: Check recent handle issues
+
+jobs:
+  check-recent-issues-not-handle:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check recent issues and send msg
+        uses: jumpserver/action-issues-alert@master
+        with:
+          hook: ${{ secrets.WECHAT_GROUP_WEB_HOOK }}
+          type: recent
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/issue-untimely-alert.yml
+++ b/.github/workflows/issue-untimely-alert.yml
@@ -0,0 +1,17 @@
+on:
+  schedule:
+    - cron: "0 9 * * 1-5"
+
+name: Check untimely handle issues
+
+jobs:
+  check-untimely-handle-issues:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check untimely issues and send msg
+        uses: jumpserver/action-issues-alert@master
+        with:
+          hook: ${{ secrets.WECHAT_GROUP_WEB_HOOK }}
+          type: untimely
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/release-drafter.yml
+++ b/.github/workflows/release-drafter.yml
@@ -0,0 +1,66 @@
+on:
+  push:
+    # Sequence of patterns matched against refs/tags
+    tags:
+      - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
+
+name: Create Release And Upload assets
+
+jobs:
+  create-release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v2
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: '18.14'
+      - name: Build Web
+        run: |
+          cd frontend && npm install && npm run build:pro
+        env:
+          NODE_OPTIONS: --max-old-space-size=8192
+      - name: Setup Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.20.x'
+      - name: Build Release
+        uses: goreleaser/goreleaser-action@v4
+        with:
+          distribution: goreleaser
+          version: latest
+          args: release --skip-publish --clean
+      - name: Upload Assets
+        uses: softprops/action-gh-release@v1
+        if: startsWith(github.ref, 'refs/tags/')
+        with:
+          draft: true
+          body: |
+            # 一、安装和升级
+
+            ## 1.1 一键安装
+            ```sh
+            curl -sSL https://resource.fit2cloud.com/1panel/package/quick_start.sh -o quick_start.sh && sudo bash quick_start.sh
+            ```
+
+            ## 1.2 在线升级
+
+            登录 1Panel Web 控制台，在页面右下角点击 **【检查更新】** 进行在线升级。
+
+            >更多信息请查阅在线文档：https://1panel.cn/docs/
+
+            # 二、更新日志
+
+          files: |
+            dist/*.tar.gz
+            dist/checksums.txt
+      - name: Setup OSSUTIL
+        uses: yizhoumo/setup-ossutil@v1
+        with:
+          endpoint: ${{ secrets.OSS_ENDPOINT }}
+          access-key-id: ${{ secrets.OSS_ACCESS_KEY_ID }}
+          access-key-secret: ${{ secrets.OSS_ACCESS_KEY_SECRET }}
+          ossutil-version: '1.7.14'
+      - name: Upload Assets to OSS
+        run: ossutil cp -r dist/ oss://resource-fit2cloud-com/1panel/package/stable/${{  github.ref_name }}/release/ --include "*.tar.gz" --include "checksums.txt" --only-current-dir --force
--- a/.github/workflows/sync2gitee.yml
+++ b/.github/workflows/sync2gitee.yml
@@ -0,0 +1,16 @@
+name: sync2gitee
+on: [push]
+
+jobs:
+  repo-sync:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Mirror the Github organization repos to Gitee.
+        uses: Yikun/hub-mirror-action@master
+        with:
+          src: 'github/1Panel-dev'
+          dst: 'gitee/fit2cloud-xlab'
+          dst_key: ${{ secrets.GITEE_PRIVATE_KEY }}
+          dst_token:  ${{ secrets.GITEE_TOKEN }}
+          static_list: "1Panel"
+          force_update: true
--- a/.gitignore
+++ b/.gitignore
@@ -22,5 +22,16 @@ cmd/server/__debug_bin
 cmd/server/web/assets
 cmd/server/web/monacoeditorwork
 cmd/server/web/index.html
-cmd/server/web/favicon.png
 frontend/auto-imports.d.ts
+frontend/components.d.ts
+
+.history/
+dist/
+1pctl
+1panel.service
+install.sh
+quick_start.sh
+cmd/server/web/.DS_Store
+cmd/server/.DS_Store
+cmd/server/fileList.txt
+.fileList.txt
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -0,0 +1,58 @@
+# This is an example .goreleaser.yml file with some sensible defaults.
+# Make sure to check the documentation at https://goreleaser.com
+before:
+  hooks:
+    # - export NODE_OPTIONS="--max-old-space-size=8192"
+    # - make build_web
+    - chmod +x ./script.sh
+    - ./script.sh
+    - sed -i 's@ORIGINAL_VERSION=.*@ORIGINAL_VERSION=v{{ .Version }}@g' 1pctl
+    - go mod tidy
+    
+builds:
+  - main: ./cmd/server/main.go
+    binary: 1panel
+    flags:
+      - -trimpath
+    ldflags:
+      - -w -s
+    env:
+      - CGO_ENABLED=0
+    goos:
+      - linux
+    goarm:
+      - 7
+    goarch:
+      - amd64
+      - arm64
+      - arm
+      - ppc64le
+      - s390x
+
+archives:
+  - format: tar.gz
+    name_template: "1panel-v{{ .Version }}-{{ .Os }}-{{ .Arch }}{{- if .Arm }}v{{ .Arm }}{{ end }}"
+    wrap_in_directory: true
+    files:
+      - 1pctl
+      - 1panel.service
+      - install.sh
+      - README.md
+      - LICENSE
+    
+checksum:
+  name_template: 'checksums.txt'
+snapshot:
+  name_template: "{{ incpatch .Version }}-next"
+release:
+  draft: true
+  mode: append
+  extra_files:
+    - glob: dist/*.tar.gz
+    - glob: dist/checksums.txt
+  name_template: "Release {{.Tag}}"
+
+# The lines beneath this are called `modelines`. See `:help modeline`
+# Feel free to remove those if you don't want/use them.
+# yaml-language-server: $schema=https://goreleaser.com/static/schema.json
+# vim: set ts=2 sw=2 tw=0 fo=cnqoj
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -0,0 +1,3 @@
+{
+    "ansible.python.interpreterPath": "/opt/homebrew/bin/python3"
+}
--- a/23
+++ b/23
@@ -10,16 +10,25 @@ WEB_PATH=$(BASE_PAH)/frontend
 SERVER_PATH=$(BASE_PAH)/backend
 MAIN= $(BASE_PAH)/cmd/server/main.go
 APP_NAME=1panel
+ASSERT_PATH= $(BASE_PAH)/cmd/server/web/assets

-build_web:
-	cd $(WEB_PATH) && npm install && npm run build:dev
+clean_assets:
+	rm -rf $(ASSERT_PATH)

-build_bin:
+upx_bin:
+	upx $(BUILD_PATH)/$(APP_NAME)
+
+build_frontend:
+	cd $(WEB_PATH) && npm install && npm run build:pro
+
+build_backend_on_linux:
 	cd $(SERVER_PATH) \
-    && CGO_ENABLED=1 GOOS=$(GOOS) GOARCH=$(GOARCH) $(GOBUILD) -trimpath -ldflags '-s -w --extldflags "-static -fpic"' -o $(BUILD_PATH)/$(APP_NAME) $(MAIN)
+    && GOOS=$(GOOS) GOARCH=$(GOARCH) $(GOBUILD) -trimpath -ldflags '-s -w' -o $(BUILD_PATH)/$(APP_NAME) $(MAIN)

-build_linux_on_mac:
+build_backend_on_darwin:
 	cd $(SERVER_PATH) \
-    && CGO_ENABLED=1 GOOS=linux GOARCH=amd64 CC=x86_64-linux-musl-gcc CXX=x86_64-linux-musl-g++ $(GOBUILD) -trimpath -ldflags '-s -w --extldflags "-static -fpic"'  -o $(BUILD_PATH)/$(APP_NAME) $(MAIN)
+    && GOOS=linux GOARCH=amd64 $(GOBUILD) -trimpath -ldflags '-s -w'  -o $(BUILD_PATH)/$(APP_NAME) $(MAIN)

-build_all: build_web  build_bin
+build_all: build_frontend build_backend_on_linux
+
+build_on_local: clean_assets build_frontend build_backend_on_darwin upx_bin
--- a/11
+++ b/11
@@ -0,0 +1,11 @@
+reviewers:
+- zhengkunwang223
+- ssongliu
+- wanghe-fit2cloud
+- wangdan-fit2cloud
+
+approvers:
+- zhengkunwang223
+- ssongliu
+- wanghe-fit2cloud
+- wangdan-fit2cloud
--- a/README.md
+++ b/README.md
@@ -1,3 +1,4 @@
+[README_EN.md](README_EN.md)
 <p align="center"><a href="https://1panel.cn"><img src="http://1panel.oss-cn-hangzhou.aliyuncs.com/img/1panel-logo.png" alt="1Panel" width="300" /></a></p>
 <p align="center"><b>现代化、开源的 Linux 服务器运维管理面板</b></p>
 <p align="center">
@@ -5,20 +6,21 @@
  <a href="https://app.codacy.com/gh/1Panel-dev/1Panel?utm_source=github.com&utm_medium=referral&utm_content=1Panel-dev/1Panel&utm_campaign=Badge_Grade_Dashboard"><img src="https://app.codacy.com/project/badge/Grade/da67574fd82b473992781d1386b937ef" alt="Codacy"></a>
  <a href="https://github.com/1Panel-dev/1Panel/releases"><img src="https://img.shields.io/github/v/release/1Panel-dev/1Panel" alt="GitHub release"></a>
  <a href="https://github.com/1Panel-dev/1Panel"><img src="https://img.shields.io/github/stars/1Panel-dev/1Panel?color=%231890FF&style=flat-square" alt="Stars"></a>
+  <a href="https://app.fossa.com/projects/git%2Bgithub.com%2F1Panel-dev%2F1Panel?ref=badge_shield"><img src="https://app.fossa.com/api/projects/git%2Bgithub.com%2F1Panel-dev%2F1Panel.svg?type=shield" alt="FOSSA Status"></a>
 </p>

 ------------------------------

 1Panel 是一个现代化、开源的 Linux 服务器运维管理面板。1Panel 的功能和优势包括：

- **快速建站**：深度集成 Wordpress 和 Halo，域名绑定、SSL 证书配置等一键搞定；
- **高效管理**：通过 Web 端轻松管理 Linux 服务器，包括主机监控、文件管理、数据库管理、容器管理及常用应用软件管理；
- **安全可靠**：最小漏洞暴露面，提供防火墙和安全审计等功能；
- **一键备份**：支持一键备份和恢复，备份数据云端存储，永不丢失。
+- **快速建站**：深度集成 Wordpress 和 [Halo](https://github.com/halo-dev/halo/)，域名绑定、SSL 证书配置等一键搞定；
+- **高效管理**：通过 Web 端轻松管理 Linux 服务器，包括主机监控、文件管理、数据库管理、容器管理等；
+- **安全可靠**：基于容器来管理和部署应用，最小漏洞暴露面，提供防火墙和日志审计等功能；
+- **一键备份**：支持一键备份和恢复，备份数据到各类云端存储，永不丢失。

 ## UI 展示

-![UI展示](https://1panel.oss-cn-hangzhou.aliyuncs.com/img/overview.png)
+![UI展示](https://resource.fit2cloud.com/1panel/img/overview.png)

 ## 快速开始

@@ -30,7 +32,7 @@

 **一键安装**

-以 root 用户执行如下命令一键安装 1Panel:
+执行如下命令一键安装 1Panel:

 ```sh
 curl -sSL https://resource.fit2cloud.com/1panel/package/quick_start.sh -o quick_start.sh && sudo bash quick_start.sh
@@ -39,26 +41,31 @@ curl -sSL https://resource.fit2cloud.com/1panel/package/quick_start.sh -o quick_
 **学习资料**

 - [在线文档](https://1panel.cn/docs/)
- [入门视频](https://1panel.cn/video.html)
+- [教学视频](https://space.bilibili.com/510493147/channel/collectiondetail?sid=1199760)
+- [社区论坛](https://bbs.fit2cloud.com/c/1p/7)

-## 社区
+**加入微信交流群**

-如果您在使用过程中有任何疑问或对建议，欢迎提交 GitHub Issue 或加入到我们微信交流群进行交流沟通。
-
-**微信交流群**
-
-<img src="http://1panel.oss-cn-hangzhou.aliyuncs.com/img/wechat-group.jpg" width="156" height="156"/>
+<img src="https://1panel.cn/img/wechat-group.jpg" width="156" height="156"/>

 ## 安全说明

 如果您在使用过程中发现任何安全问题，请通过以下方式直接联系我们：

- 邮箱：support@fit2cloud.com 
+- 邮箱：support@fit2cloud.com
 - 电话：400-052-0755

+## Star History
+
+[![Star History Chart](https://api.star-history.com/svg?repos=1Panel-dev/1Panel&type=Date)](https://star-history.com/#1Panel-dev/1Panel&Date)
+
+## FOSSA Status
+
+[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2F1Panel-dev%2F1Panel.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2F1Panel-dev%2F1Panel?ref=badge_large)
+
 ## License

-Copyright (c) 2014-2023 飞致云 FIT2CLOUD, All rights reserved.
+Copyright (c) 2014-2023 [FIT2CLOUD 飞致云](https://fit2cloud.com/), All rights reserved.

 Licensed under The GNU General Public License version 3 (GPLv3)  (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

--- a/README_EN.md
+++ b/README_EN.md
@@ -0,0 +1,72 @@
+[中文 README.md](README.md)
+<p align="center"><a href="https://1panel.cn"><img src="http://1panel.oss-cn-hangzhou.aliyuncs.com/img/1panel-logo.png" alt="1Panel" width="300" /></a></p>
+<p align="center"><b>Modern and Open-Source Linux Server Operation and Management Panel</b></p>
+<p align="center">
+  <a href="https://www.gnu.org/licenses/gpl-3.0.html"><img src="https://shields.io/github/license/1Panel-dev/1Panel" alt="License: GPL v3"></a>
+  <a href="https://app.codacy.com/gh/1Panel-dev/1Panel?utm_source=github.com&utm_medium=referral&utm_content=1Panel-dev/1Panel&utm_campaign=Badge_Grade_Dashboard"><img src="https://app.codacy.com/project/badge/Grade/da67574fd82b473992781d1386b937ef" alt="Codacy"></a>
+  <a href="https://github.com/1Panel-dev/1Panel/releases"><img src="https://img.shields.io/github/v/release/1Panel-dev/1Panel" alt="GitHub release"></a>
+  <a href="https://github.com/1Panel-dev/1Panel"><img src="https://img.shields.io/github/stars/1Panel-dev/1Panel?color=%231890FF&style=flat-square" alt="Stars"></a>
+</p>
+
+------------------------------
+
+1Panel is a modern and Open-Source linux server operation and management panel, the functions and advantages of 1Panel include:
+
+- **Quick website building**: Deeply integrated with Wordpress and [Halo](https://github.com/halo-dev/halo/), with one-click solutions for domain name binding, SSL certificate configuration, and more;
+- **Efficient management**: Easily manage Linux servers through the web interface, including application management, host monitoring, file management, database management, container management, and more;
+- **Secure and reliable**: Minimal vulnerability exposure, with firewall and security audit functions provided;
+- **One-click backup**: Support for one-click backup and restore, with backup data stored in the cloud and never lost.
+
+## UI Display
+
+![UI Display](https://resource.fit2cloud.com/1panel/img/overview_en.png)
+
+## Quick Start
+
+**Online Demo**
+
+- Address: <https://demo.1panel.cn/>
+- Username: demo
+- Password: 1panel
+
+**One-Click Installation**
+
+Execute the following command to install 1Panel with one click:
+
+```sh
+curl -sSL https://resource.fit2cloud.com/1panel/package/quick_start.sh -o quick_start.sh && sudo bash quick_start.sh
+```
+
+**Learning Materials**
+
+- [Online Documentation](https://1panel.cn/docs/)
+- [Teaching Videos](https://space.bilibili.com/510493147/channel/collectiondetail?sid=1199760)
+
+## Community
+
+If you have any questions or suggestions, please submit a GitHub Issue or join our WeChat group for communication.
+
+**WeChat Group**
+
+<img src="https://1panel.cn/img/wechat-group.jpg" width="156" height="156"/>
+
+## Security Information
+
+If you discover any security issues, please contact us through:
+
+- Email: support@fit2cloud.com
+- Phone: 400-052-0755
+
+## Star History
+
+[![Star History Chart](https://api.star-history.com/svg?repos=1Panel-dev/1Panel&type=Date)](https://star-history.com/#1Panel-dev/1Panel&Date)
+
+## License
+
+Copyright (c) 2014-2023 [FIT2CLOUD 飞致云](https://fit2cloud.com/), All rights reserved.
+
+Licensed under The GNU General Public License version 3 (GPLv3)  (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
+
+<https://www.gnu.org/licenses/gpl-3.0.html>
+
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,21 @@
+# 安全说明
+
+如果您发现安全问题，请直接联系我们：
+
+- wanghe@fit2cloud.com
+- zhengkun@fit2cloud.com
+- support@fit2cloud.com
+- 400-052-0755
+
+感谢您的支持！
+
+# Security Policy
+
+All security bugs should be reported to the contact as below:
+
+- wanghe@fit2cloud.com
+- zhengkun@fit2cloud.com
+- support@fit2cloud.com
+- 400-052-0755
+
+Thanks for your support!
--- a/backend/app/api/v1/app.go
+++ b/backend/app/api/v1/app.go
@@ -5,6 +5,7 @@ import (
 	"github.com/1Panel-dev/1Panel/backend/app/dto/request"
 	"github.com/1Panel-dev/1Panel/backend/constant"
 	"github.com/1Panel-dev/1Panel/backend/global"
+	"github.com/1Panel-dev/1Panel/backend/i18n"
 	"github.com/gin-gonic/gin"
 )

@@ -38,13 +39,24 @@ func (b *BaseApi) SearchApp(c *gin.Context) {
 // @Router /apps/sync [post]
 // @x-panel-log {"bodyKeys":[],"paramKeys":[],"BeforeFuntions":[],"formatZH":"应用商店同步","formatEN":"App store synchronization"}
 func (b *BaseApi) SyncApp(c *gin.Context) {
-	global.LOG.Infof("sync app list start ...")
-	if err := appService.SyncAppList(); err != nil {
-		global.LOG.Errorf("sync app list error [%s]", err.Error())
+	go appService.SyncAppListFromLocal()
+	res, err := appService.GetAppUpdate()
+	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
-	global.LOG.Infof("sync app list success!")
+	if !res.CanUpdate {
+		helper.SuccessWithMsg(c, i18n.GetMsgByKey("AppStoreIsUpToDate"))
+		return
+	}
+	go func() {
+		global.LOG.Infof("sync app list start ...")
+		if err := appService.SyncAppListFromRemote(); err != nil {
+			global.LOG.Errorf("sync app list error [%s]", err.Error())
+		} else {
+			global.LOG.Infof("sync app list success!")
+		}
+	}()
 	helper.SuccessWithData(c, "")
 }

@@ -71,14 +83,15 @@ func (b *BaseApi) GetApp(c *gin.Context) {
 }

 // @Tags App
-// @Summary Search app detail by id
-// @Description 通过 id 获取应用详情
+// @Summary Search app detail by appid
+// @Description 通过 appid 获取应用详情
 // @Accept json
 // @Param appId path integer true "app id"
 // @Param version path string true "app 版本"
+// @Param version path string true "app 类型"
 // @Success 200 {object} response.AppDetailDTO
 // @Security ApiKeyAuth
-// @Router /apps/detail/:appId/:version [get]
+// @Router /apps/detail/:appId/:version/:type [get]
 func (b *BaseApi) GetAppDetail(c *gin.Context) {
 	appId, err := helper.GetIntParamByKey(c, "appId")
 	if err != nil {
@@ -86,7 +99,8 @@ func (b *BaseApi) GetAppDetail(c *gin.Context) {
 		return
 	}
 	version := c.Param("version")
-	appDetailDTO, err := appService.GetAppDetail(appId, version)
+	appType := c.Param("type")
+	appDetailDTO, err := appService.GetAppDetail(appId, version, appType)
 	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
@@ -94,6 +108,44 @@ func (b *BaseApi) GetAppDetail(c *gin.Context) {
 	helper.SuccessWithData(c, appDetailDTO)
 }

+// @Tags App
+// @Summary Get app detail by id
+// @Description 通过 id 获取应用详情
+// @Accept json
+// @Param appId path integer true "id"
+// @Success 200 {object} response.AppDetailDTO
+// @Security ApiKeyAuth
+// @Router /apps/details/:id [get]
+func (b *BaseApi) GetAppDetailByID(c *gin.Context) {
+	appDetailID, err := helper.GetIntParamByKey(c, "id")
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInternalServer, nil)
+		return
+	}
+	appDetailDTO, err := appService.GetAppDetailByID(appDetailID)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, appDetailDTO)
+}
+
+// @Tags App
+// @Summary Get Ignore App
+// @Description 获取忽略的应用版本
+// @Accept json
+// @Success 200 {object} response.IgnoredApp
+// @Security ApiKeyAuth
+// @Router /apps/ingored [get]
+func (b *BaseApi) GetIgnoredApp(c *gin.Context) {
+	res, err := appService.GetIgnoredApp()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, res)
+}
+
 // @Tags App
 // @Summary Install app
 // @Description 安装应用
@@ -102,7 +154,7 @@ func (b *BaseApi) GetAppDetail(c *gin.Context) {
 // @Success 200 {object} model.AppInstall
 // @Security ApiKeyAuth
 // @Router /apps/install [post]
-// @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"name","input_value":"name","isList":false,"db":"app_installs","output_colume":"app_id","output_value":"appId"},{"info":"appId","isList":false,"db":"apps","output_colume":"key","output_value":"appKey"}],"formatZH":"安装应用 [appKey]-[name]","formatEN":"Install app [appKey]-[name]"}
+// @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[{"input_column":"name","input_value":"name","isList":false,"db":"app_installs","output_column":"app_id","output_value":"appId"},{"info":"appId","isList":false,"db":"apps","output_column":"key","output_value":"appKey"}],"formatZH":"安装应用 [appKey]-[name]","formatEN":"Install app [appKey]-[name]"}
 func (b *BaseApi) InstallApp(c *gin.Context) {
 	var req request.AppInstallCreate
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -128,3 +180,18 @@ func (b *BaseApi) GetAppTags(c *gin.Context) {
 	}
 	helper.SuccessWithData(c, tags)
 }
+
+// @Tags App
+// @Summary Get app list update
+// @Description 获取应用更新版本
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /apps/checkupdate [get]
+func (b *BaseApi) GetAppListUpdate(c *gin.Context) {
+	res, err := appService.GetAppUpdate()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, res)
+}
--- a/backend/app/api/v1/app_install.go
+++ b/backend/app/api/v1/app_install.go
@@ -93,24 +93,24 @@ func (b *BaseApi) LoadPort(c *gin.Context) {

 // @Tags App
 // @Summary Search app password by key
-// @Description 获取应用密码
+// @Description 获取应用连接信息
 // @Accept json
 // @Param key path string true "request"
-// @Success 200 {string} password
+// @Success 200 {string} response.DatabaseConn
 // @Security ApiKeyAuth
-// @Router /apps/installed/loadpassword/:key [get]
-func (b *BaseApi) LoadPassword(c *gin.Context) {
+// @Router /apps/installed/conninfo/:key [get]
+func (b *BaseApi) LoadConnInfo(c *gin.Context) {
 	key, ok := c.Params.Get("key")
 	if !ok {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, errors.New("error key in path"))
 		return
 	}
-	password, err := appInstallService.LoadPassword(key)
+	conn, err := appInstallService.LoadConnInfo(key)
 	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
-	helper.SuccessWithData(c, password)
+	helper.SuccessWithData(c, conn)
 }

 // @Tags App
@@ -118,7 +118,7 @@ func (b *BaseApi) LoadPassword(c *gin.Context) {
 // @Description 删除前检查
 // @Accept json
 // @Param appInstallId path integer true "App install id"
-// @Success 200 {anrry} dto.AppResource
+// @Success 200 {array} dto.AppResource
 // @Security ApiKeyAuth
 // @Router /apps/installed/delete/check/:appInstallId [get]
 func (b *BaseApi) DeleteCheck(c *gin.Context) {
@@ -144,7 +144,7 @@ func (b *BaseApi) DeleteCheck(c *gin.Context) {
 // @Router /apps/installed/sync [post]
 // @x-panel-log {"bodyKeys":[],"paramKeys":[],"BeforeFuntions":[],"formatZH":"同步已安装应用列表","formatEN":"Sync the list of installed apps"}
 func (b *BaseApi) SyncInstalled(c *gin.Context) {
-	if err := appInstallService.SyncAll(); err != nil {
+	if err := appInstallService.SyncAll(false); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
@@ -159,7 +159,7 @@ func (b *BaseApi) SyncInstalled(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /apps/installed/op [post]
-// @x-panel-log {"bodyKeys":["installId","operate"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"installId","isList":false,"db":"app_installs","output_colume":"app_id","output_value":"appId"},{"input_colume":"id","input_value":"installId","isList":false,"db":"app_installs","output_colume":"name","output_value":"appName"},{"input_colume":"id","input_value":"appId","isList":false,"db":"apps","output_colume":"key","output_value":"appKey"}],"formatZH":"[appKey] 应用 [appName] [operate]","formatEN":"[appKey] App [appName] [operate]"}
+// @x-panel-log {"bodyKeys":["installId","operate"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"installId","isList":false,"db":"app_installs","output_column":"app_id","output_value":"appId"},{"input_column":"id","input_value":"installId","isList":false,"db":"app_installs","output_column":"name","output_value":"appName"},{"input_column":"id","input_value":"appId","isList":false,"db":"apps","output_column":"key","output_value":"appKey"}],"formatZH":"[operate] 应用 [appKey][appName]","formatEN":"[operate] App [appKey][appName]"}
 func (b *BaseApi) OperateInstalled(c *gin.Context) {
 	var req request.AppInstalledOperate
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -178,7 +178,7 @@ func (b *BaseApi) OperateInstalled(c *gin.Context) {
 // @Description 通过 key 获取应用 service
 // @Accept json
 // @Param key path string true "request"
-// @Success 200 {anrry} response.AppService
+// @Success 200 {array} response.AppService
 // @Security ApiKeyAuth
 // @Router /apps/services/:key [get]
 func (b *BaseApi) GetServices(c *gin.Context) {
@@ -196,7 +196,7 @@ func (b *BaseApi) GetServices(c *gin.Context) {
 // @Description 通过 install id 获取应用更新版本
 // @Accept json
 // @Param appInstallId path integer true "request"
-// @Success 200 {anrry} dto.AppVersion
+// @Success 200 {array} dto.AppVersion
 // @Security ApiKeyAuth
 // @Router /apps/installed/:appInstallId/versions [get]
 func (b *BaseApi) GetUpdateVersions(c *gin.Context) {
@@ -305,3 +305,25 @@ func (b *BaseApi) UpdateInstalled(c *gin.Context) {
 	}
 	helper.SuccessWithData(c, nil)
 }
+
+// @Tags App
+// @Summary ignore App Update
+// @Description 忽略应用升级版本
+// @Accept json
+// @Param request body request.AppInstalledIgnoreUpgrade true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /apps/installed/ignore [post]
+// @x-panel-log {"bodyKeys":["installId"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"忽略应用 [installId] 版本升级","formatEN":"Application param update [installId]"}
+func (b *BaseApi) IgnoreUpgrade(c *gin.Context) {
+	var req request.AppInstalledIgnoreUpgrade
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := appInstallService.IgnoreUpgrade(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
--- a/backend/app/api/v1/auth.go
+++ b/backend/app/api/v1/auth.go
@@ -1,8 +1,6 @@
 package v1

 import (
-	"errors"
-
 	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
 	"github.com/1Panel-dev/1Panel/backend/app/dto"
 	"github.com/1Panel-dev/1Panel/backend/app/model"
@@ -28,9 +26,11 @@ func (b *BaseApi) Login(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
-	if err := captcha.VerifyCode(req.CaptchaID, req.Captcha); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
-		return
+	if req.AuthMethod != "jwt" && !req.IgnoreCaptcha {
+		if err := captcha.VerifyCode(req.CaptchaID, req.Captcha); err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+			return
+		}
 	}

 	user, err := authService.Login(c, req)
@@ -100,71 +100,38 @@ func (b *BaseApi) Captcha(c *gin.Context) {
 // @Summary Load safety status
 // @Description 获取系统安全登录状态
 // @Success 200
-// @Failure 402
-// @Router /auth/status [get]
-func (b *BaseApi) GetSafetyStatus(c *gin.Context) {
-	if err := authService.SafetyStatus(c); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrUnSafety, constant.ErrTypeNotSafety, err)
-		return
-	}
-	helper.SuccessWithData(c, nil)
-}
-
-func (b *BaseApi) SafeEntrance(c *gin.Context) {
-	code, exist := c.Params.Get("code")
-	if !exist {
-		helper.ErrorWithDetail(c, constant.CodeErrUnSafety, constant.ErrTypeNotSafety, errors.New("missing code"))
-		return
-	}
-	ok, err := authService.VerifyCode(code)
+// @Router /auth/issafety [get]
+func (b *BaseApi) CheckIsSafety(c *gin.Context) {
+	code := c.DefaultQuery("code", "")
+	status, err := authService.CheckIsSafety(code)
 	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrUnSafety, constant.ErrTypeNotSafety, errors.New("missing code"))
-		return
-	}
-	if !ok {
-		helper.ErrorWithDetail(c, constant.CodeErrUnSafety, constant.ErrTypeNotSafety, errors.New("missing code"))
-		return
-	}
-	if err := authService.SafeEntrance(c, code); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrUnSafety, constant.ErrTypeNotSafety, errors.New("missing code"))
-		return
-	}
-
-	helper.SuccessWithData(c, nil)
-}
-
-// @Tags Auth
-// @Summary Check is First login
-// @Description 判断是否为首次登录
-// @Success 200
-// @Router /auth/status [get]
-func (b *BaseApi) CheckIsFirstLogin(c *gin.Context) {
-	helper.SuccessWithData(c, authService.CheckIsFirst())
-}
-
-// @Tags Auth
-// @Summary Init user
-// @Description 初始化用户
-// @Accept json
-// @Param request body dto.InitUser true "request"
-// @Success 200
-// @Router /auth/init [post]
-func (b *BaseApi) InitUserInfo(c *gin.Context) {
-	var req dto.InitUser
-	if err := c.ShouldBindJSON(&req); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	if err := global.VALID.Struct(req); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-
-	if err := authService.InitUser(c, req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
-	helper.SuccessWithData(c, nil)
+	helper.SuccessWithData(c, status)
+}
+
+// @Tags Auth
+// @Summary Check System isDemo
+// @Description 判断是否为demo环境
+// @Success 200
+// @Router /auth/demo [get]
+func (b *BaseApi) CheckIsDemo(c *gin.Context) {
+	helper.SuccessWithData(c, global.CONF.System.IsDemo)
+}
+
+// @Tags Auth
+// @Summary Load System Language
+// @Description 获取系统语言设置
+// @Success 200
+// @Router /auth/language [get]
+func (b *BaseApi) GetLanguage(c *gin.Context) {
+	settingInfo, err := settingService.GetSettingInfo()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, settingInfo.Language)
 }

 func saveLoginLogs(c *gin.Context, err error) {
--- a/backend/app/api/v1/backup.go
+++ b/backend/app/api/v1/backup.go
@@ -1,6 +1,10 @@
 package v1

 import (
+	"encoding/base64"
+	"fmt"
+	"path"
+
 	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
 	"github.com/1Panel-dev/1Panel/backend/app/dto"
 	"github.com/1Panel-dev/1Panel/backend/constant"
@@ -27,6 +31,23 @@ func (b *BaseApi) CreateBackup(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
+	if len(req.Credential) != 0 {
+		credential, err := base64.StdEncoding.DecodeString(req.Credential)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+		req.Credential = string(credential)
+	}
+	if len(req.AccessKey) != 0 {
+		accessKey, err := base64.StdEncoding.DecodeString(req.AccessKey)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+		req.AccessKey = string(accessKey)
+	}
+
 	if err := backupService.Create(req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
@@ -39,7 +60,7 @@ func (b *BaseApi) CreateBackup(c *gin.Context) {
 // @Description 获取 bucket 列表
 // @Accept json
 // @Param request body dto.ForBuckets true "request"
-// @Success 200 {anrry} string
+// @Success 200 {array} string
 // @Security ApiKeyAuth
 // @Router /settings/backup/search [post]
 func (b *BaseApi) ListBuckets(c *gin.Context) {
@@ -52,6 +73,23 @@ func (b *BaseApi) ListBuckets(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
+	if len(req.Credential) != 0 {
+		credential, err := base64.StdEncoding.DecodeString(req.Credential)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+		req.Credential = string(credential)
+	}
+	if len(req.AccessKey) != 0 {
+		accessKey, err := base64.StdEncoding.DecodeString(req.AccessKey)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+		req.AccessKey = string(accessKey)
+	}
+
 	buckets, err := backupService.GetBuckets(req)
 	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
@@ -60,6 +98,22 @@ func (b *BaseApi) ListBuckets(c *gin.Context) {
 	helper.SuccessWithData(c, buckets)
 }

+// @Tags Backup Account
+// @Summary Load OneDrive info
+// @Description 获取 OneDrive 信息
+// @Accept json
+// @Success 200 string clientID
+// @Security ApiKeyAuth
+// @Router /settings/backup/onedrive [get]
+func (b *BaseApi) LoadOneDriveInfo(c *gin.Context) {
+	clientID, err := backupService.LoadOneDriveInfo()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, clientID)
+}
+
 // @Tags Backup Account
 // @Summary Delete backup account
 // @Description 删除备份账号
@@ -68,9 +122,9 @@ func (b *BaseApi) ListBuckets(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /settings/backup/del [post]
-// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"ids","isList":true,"db":"backup_accounts","output_colume":"type","output_value":"types"}],"formatZH":"删除备份账号 [types]","formatEN":"delete backup account [types]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":true,"db":"backup_accounts","output_column":"type","output_value":"types"}],"formatZH":"删除备份账号 [types]","formatEN":"delete backup account [types]"}
 func (b *BaseApi) DeleteBackup(c *gin.Context) {
-	var req dto.BatchDeleteReq
+	var req dto.OperateByID
 	if err := c.ShouldBindJSON(&req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
@@ -80,7 +134,7 @@ func (b *BaseApi) DeleteBackup(c *gin.Context) {
 		return
 	}

-	if err := backupService.BatchDelete(req.Ids); err != nil {
+	if err := backupService.Delete(req.ID); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
@@ -139,7 +193,7 @@ func (b *BaseApi) DownloadRecord(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
-	c.File(filePath)
+	helper.SuccessWithData(c, filePath)
 }

 // @Tags Backup Account
@@ -150,7 +204,7 @@ func (b *BaseApi) DownloadRecord(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /settings/backup/record/del [post]
-// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"ids","isList":true,"db":"backup_records","output_colume":"file_name","output_value":"files"}],"formatZH":"删除备份记录 [files]","formatEN":"delete backup records [files]"}
+// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"ids","isList":true,"db":"backup_records","output_column":"file_name","output_value":"files"}],"formatZH":"删除备份记录 [files]","formatEN":"delete backup records [files]"}
 func (b *BaseApi) DeleteBackupRecord(c *gin.Context) {
 	var req dto.BatchDeleteReq
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -188,6 +242,23 @@ func (b *BaseApi) UpdateBackup(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
+	if len(req.Credential) != 0 {
+		credential, err := base64.StdEncoding.DecodeString(req.Credential)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+		req.Credential = string(credential)
+	}
+	if len(req.AccessKey) != 0 {
+		accessKey, err := base64.StdEncoding.DecodeString(req.AccessKey)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+		req.AccessKey = string(accessKey)
+	}
+
 	if err := backupService.Update(req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
@@ -198,7 +269,7 @@ func (b *BaseApi) UpdateBackup(c *gin.Context) {
 // @Tags Backup Account
 // @Summary List backup accounts
 // @Description 获取备份账号列表
-// @Success 200 {anrry} dto.BackupInfo
+// @Success 200 {array} dto.BackupInfo
 // @Security ApiKeyAuth
 // @Router /settings/backup/search [get]
 func (b *BaseApi) ListBackup(c *gin.Context) {
@@ -216,7 +287,7 @@ func (b *BaseApi) ListBackup(c *gin.Context) {
 // @Description 获取备份账号内文件列表
 // @Accept json
 // @Param request body dto.BackupSearchFile true "request"
-// @Success 200 {anrry} string
+// @Success 200 {array} string
 // @Security ApiKeyAuth
 // @Router /settings/backup/search/files [post]
 func (b *BaseApi) LoadFilesFromBackup(c *gin.Context) {
@@ -303,6 +374,14 @@ func (b *BaseApi) Recover(c *gin.Context) {
 		return
 	}

+	if req.Source != "LOCAL" {
+		downloadPath, err := backupService.DownloadRecord(dto.DownloadRecord{Source: req.Source, FileDir: path.Dir(req.File), FileName: path.Base(req.File)})
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, fmt.Errorf("download file failed, err: %v", err))
+			return
+		}
+		req.File = downloadPath
+	}
 	switch req.Type {
 	case "mysql":
 		if err := backupService.MysqlRecover(req); err != nil {
--- a/backend/app/api/v1/command.go
+++ b/backend/app/api/v1/command.go
@@ -85,7 +85,7 @@ func (b *BaseApi) ListCommand(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /hosts/command/del [post]
-// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"ids","isList":true,"db":"commands","output_colume":"name","output_value":"names"}],"formatZH":"删除快捷命令 [names]","formatEN":"delete quick command [names]"}
+// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"ids","isList":true,"db":"commands","output_column":"name","output_value":"names"}],"formatZH":"删除快捷命令 [names]","formatEN":"delete quick command [names]"}
 func (b *BaseApi) DeleteCommand(c *gin.Context) {
 	var req dto.BatchDeleteReq
 	if err := c.ShouldBindJSON(&req); err != nil {
--- a/backend/app/api/v1/compose_template.go
+++ b/backend/app/api/v1/compose_template.go
@@ -66,7 +66,7 @@ func (b *BaseApi) SearchComposeTemplate(c *gin.Context) {
 // @Summary List compose templates
 // @Description 获取容器编排模版列表
 // @Produce json
-// @Success 200 {anrry} dto.ComposeTemplateInfo
+// @Success 200 {array} dto.ComposeTemplateInfo
 // @Security ApiKeyAuth
 // @Router /containers/template [get]
 func (b *BaseApi) ListComposeTemplate(c *gin.Context) {
@@ -87,7 +87,7 @@ func (b *BaseApi) ListComposeTemplate(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /containers/template/del [post]
-// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"ids","isList":true,"db":"compose_templates","output_colume":"name","output_value":"names"}],"formatZH":"删除 compose 模版 [names]","formatEN":"delete compose template [names]"}
+// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"ids","isList":true,"db":"compose_templates","output_column":"name","output_value":"names"}],"formatZH":"删除 compose 模版 [names]","formatEN":"delete compose template [names]"}
 func (b *BaseApi) DeleteComposeTemplate(c *gin.Context) {
 	var req dto.BatchDeleteReq
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -114,7 +114,7 @@ func (b *BaseApi) DeleteComposeTemplate(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /containers/template/update [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"compose_templates","output_colume":"name","output_value":"name"}],"formatZH":"更新 compose 模版 [name]","formatEN":"update compose template information [name]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"compose_templates","output_column":"name","output_value":"name"}],"formatZH":"更新 compose 模版 [name]","formatEN":"update compose template information [name]"}
 func (b *BaseApi) UpdateComposeTemplate(c *gin.Context) {
 	var req dto.ComposeTemplateUpdate
 	if err := c.ShouldBindJSON(&req); err != nil {
--- a/backend/app/api/v1/container.go
+++ b/backend/app/api/v1/container.go
@@ -40,6 +40,23 @@ func (b *BaseApi) SearchContainer(c *gin.Context) {
 	})
 }

+// @Tags Container
+// @Summary List containers
+// @Description 获取容器名称
+// @Accept json
+// @Produce json
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /containers/list [post]
+func (b *BaseApi) ListContainer(c *gin.Context) {
+	list, err := containerService.List()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, list)
+}
+
 // @Tags Container Compose
 // @Summary Page composes
 // @Description 获取编排列表分页
@@ -70,6 +87,34 @@ func (b *BaseApi) SearchCompose(c *gin.Context) {
 	})
 }

+// @Tags Container Compose
+// @Summary Test compose
+// @Description 测试 compose 是否可用
+// @Accept json
+// @Param request body dto.ComposeCreate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /containers/compose/test [post]
+// @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"检测 compose [name] 格式","formatEN":"check compose [name]"}
+func (b *BaseApi) TestCompose(c *gin.Context) {
+	var req dto.ComposeCreate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	isOK, err := containerService.TestCompose(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, isOK)
+}
+
 // @Tags Container Compose
 // @Summary Create compose
 // @Description 创建容器编排
@@ -90,11 +135,12 @@ func (b *BaseApi) CreateCompose(c *gin.Context) {
 		return
 	}

-	if err := containerService.CreateCompose(req); err != nil {
+	log, err := containerService.CreateCompose(req)
+	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
-	helper.SuccessWithData(c, nil)
+	helper.SuccessWithData(c, log)
 }

 // @Tags Container Compose
@@ -124,17 +170,97 @@ func (b *BaseApi) OperatorCompose(c *gin.Context) {
 	helper.SuccessWithData(c, nil)
 }

+// @Tags Container
+// @Summary Update container
+// @Description 更新容器
+// @Accept json
+// @Param request body dto.ContainerOperate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /containers/update [post]
+// @x-panel-log {"bodyKeys":["name","image"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"更新容器 [name][image]","formatEN":"update container [name][image]"}
+func (b *BaseApi) ContainerUpdate(c *gin.Context) {
+	var req dto.ContainerOperate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := containerService.ContainerUpdate(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Container
+// @Summary Load container info
+// @Description 获取容器表单信息
+// @Accept json
+// @Param request body dto.OperationWithName true "request"
+// @Success 200 {object} dto.ContainerOperate
+// @Security ApiKeyAuth
+// @Router /containers/info [post]
+func (b *BaseApi) ContainerInfo(c *gin.Context) {
+	var req dto.OperationWithName
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	data, err := containerService.ContainerInfo(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, data)
+}
+
+// @Summary Load container limis
+// @Description 获取容器限制
+// @Success 200 {object} dto.ResourceLimit
+// @Security ApiKeyAuth
+// @Router /containers/limit [get]
+func (b *BaseApi) LoadResouceLimit(c *gin.Context) {
+	data, err := containerService.LoadResouceLimit()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, data)
+}
+
+// @Summary Load container stats
+// @Description 获取容器列表资源占用
+// @Success 200 {array} dto.ContainerListStats
+// @Security ApiKeyAuth
+// @Router /containers/list/stats [get]
+func (b *BaseApi) ContainerListStats(c *gin.Context) {
+	datas, err := containerService.ContainerListStats()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, datas)
+}
+
 // @Tags Container
 // @Summary Create container
 // @Description 创建容器
 // @Accept json
-// @Param request body dto.ContainerCreate true "request"
+// @Param request body dto.ContainerOperate true "request"
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /containers [post]
 // @x-panel-log {"bodyKeys":["name","image"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"创建容器 [name][image]","formatEN":"create container [name][image]"}
 func (b *BaseApi) ContainerCreate(c *gin.Context) {
-	var req dto.ContainerCreate
+	var req dto.ContainerOperate
 	if err := c.ShouldBindJSON(&req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
@@ -150,6 +276,103 @@ func (b *BaseApi) ContainerCreate(c *gin.Context) {
 	helper.SuccessWithData(c, nil)
 }

+// @Tags Container
+// @Summary Upgrade container
+// @Description 更新容器镜像
+// @Accept json
+// @Param request body dto.ContainerUpgrade true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /containers/upgrade [post]
+// @x-panel-log {"bodyKeys":["name","image"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"更新容器镜像 [name][image]","formatEN":"upgrade container image [name][image]"}
+func (b *BaseApi) ContainerUpgrade(c *gin.Context) {
+	var req dto.ContainerUpgrade
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := containerService.ContainerUpgrade(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Container
+// @Summary Clean container
+// @Description 容器清理
+// @Accept json
+// @Param request body dto.ContainerPrune true "request"
+// @Success 200 {object} dto.ContainerPruneReport
+// @Security ApiKeyAuth
+// @Router /containers/prune [post]
+// @x-panel-log {"bodyKeys":["pruneType"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"清理容器 [pruneType]","formatEN":"clean container [pruneType]"}
+func (b *BaseApi) ContainerPrune(c *gin.Context) {
+	var req dto.ContainerPrune
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	report, err := containerService.Prune(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, report)
+}
+
+// @Tags Container
+// @Summary Clean container log
+// @Description 清理容器日志
+// @Accept json
+// @Param request body dto.OperationWithName true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /containers/clean/log [post]
+// @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"清理容器 [name] 日志","formatEN":"clean container [name] logs"}
+func (b *BaseApi) CleanContainerLog(c *gin.Context) {
+	var req dto.OperationWithName
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := containerService.ContainerLogClean(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Container
+// @Summary Load container log
+// @Description 获取容器操作日志
+// @Accept json
+// @Param request body dto.OperationWithNameAndType true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /containers/load/log [post]
+func (b *BaseApi) LoadContainerLog(c *gin.Context) {
+	var req dto.OperationWithNameAndType
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	content := containerService.LoadContainerLogs(req)
+	helper.SuccessWithData(c, content)
+}
+
 // @Tags Container
 // @Summary Operate Container
 // @Description 容器操作
@@ -180,7 +403,7 @@ func (b *BaseApi) ContainerOperation(c *gin.Context) {
 // @Summary Container stats
 // @Description 容器监控信息
 // @Param id path integer true "容器id"
-// @Success 200 {object} dto.ContainterStats
+// @Success 200 {object} dto.ContainerStats
 // @Security ApiKeyAuth
 // @Router /containers/stats/:id [get]
 func (b *BaseApi) ContainerStats(c *gin.Context) {
@@ -228,27 +451,29 @@ func (b *BaseApi) Inspect(c *gin.Context) {
 // @Tags Container
 // @Summary Container logs
 // @Description 容器日志
-// @Accept json
-// @Param request body dto.ContainerLog true "request"
-// @Success 200 {string} logs
+// @Param container query string false "容器名称"
+// @Param since query string false "时间筛选"
+// @Param follow query string false "是否追踪"
+// @Param tail query string false "显示行号"
 // @Security ApiKeyAuth
 // @Router /containers/search/log [post]
 func (b *BaseApi) ContainerLogs(c *gin.Context) {
-	var req dto.ContainerLog
-	if err := c.ShouldBindJSON(&req); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	if err := global.VALID.Struct(req); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	logs, err := containerService.ContainerLogs(req)
+	wsConn, err := upGrader.Upgrade(c.Writer, c.Request, nil)
 	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		global.LOG.Errorf("gin context http handler failed, err: %v", err)
+		return
+	}
+	defer wsConn.Close()
+
+	container := c.Query("container")
+	since := c.Query("since")
+	follow := c.Query("follow") == "true"
+	tail := c.Query("tail")
+
+	if err := containerService.ContainerLogs(wsConn, container, since, tail, follow); err != nil {
+		_ = wsConn.WriteMessage(1, []byte(err.Error()))
 		return
 	}
-	helper.SuccessWithData(c, logs)
 }

 // @Tags Container Network
@@ -282,6 +507,23 @@ func (b *BaseApi) SearchNetwork(c *gin.Context) {
 	})
 }

+// @Tags Container Network
+// @Summary List networks
+// @Description 获取容器网络列表
+// @Accept json
+// @Produce json
+// @Success 200 {array} dto.Options
+// @Security ApiKeyAuth
+// @Router /containers/network [get]
+func (b *BaseApi) ListNetwork(c *gin.Context) {
+	list, err := containerService.ListNetwork()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, list)
+}
+
 // @Tags Container Network
 // @Summary Delete network
 // @Description 删除容器网络
@@ -313,13 +555,13 @@ func (b *BaseApi) DeleteNetwork(c *gin.Context) {
 // @Summary Create network
 // @Description 创建容器网络
 // @Accept json
-// @Param request body dto.NetworkCreat true "request"
+// @Param request body dto.NetworkCreate true "request"
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /containers/network [post]
 // @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"创建容器网络 name","formatEN":"create container network [name]"}
 func (b *BaseApi) CreateNetwork(c *gin.Context) {
-	var req dto.NetworkCreat
+	var req dto.NetworkCreate
 	if err := c.ShouldBindJSON(&req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
@@ -371,11 +613,10 @@ func (b *BaseApi) SearchVolume(c *gin.Context) {
 // @Summary List volumes
 // @Description 获取容器存储卷列表
 // @Accept json
-// @Param request body dto.PageInfo true "request"
 // @Produce json
-// @Success 200 {object} dto.PageResult
+// @Success 200 {array} dto.Options
 // @Security ApiKeyAuth
-// @Router /containers/volume/search [get]
+// @Router /containers/volume [get]
 func (b *BaseApi) ListVolume(c *gin.Context) {
 	list, err := containerService.ListVolume()
 	if err != nil {
@@ -416,13 +657,13 @@ func (b *BaseApi) DeleteVolume(c *gin.Context) {
 // @Summary Create volume
 // @Description 创建容器存储卷
 // @Accept json
-// @Param request body dto.VolumeCreat true "request"
+// @Param request body dto.VolumeCreate true "request"
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /containers/volume [post]
 // @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"创建容器存储卷 [name]","formatEN":"create container volume [name]"}
 func (b *BaseApi) CreateVolume(c *gin.Context) {
-	var req dto.VolumeCreat
+	var req dto.VolumeCreate
 	if err := c.ShouldBindJSON(&req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
--- a/backend/app/api/v1/cronjob.go
+++ b/backend/app/api/v1/cronjob.go
@@ -7,6 +7,7 @@ import (
 	"github.com/1Panel-dev/1Panel/backend/app/dto"
 	"github.com/1Panel-dev/1Panel/backend/constant"
 	"github.com/1Panel-dev/1Panel/backend/global"
+	"github.com/1Panel-dev/1Panel/backend/utils/common"
 	"github.com/gin-gonic/gin"
 )

@@ -77,8 +78,9 @@ func (b *BaseApi) SearchJobRecords(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
-	req.StartTime = req.StartTime.Add(8 * time.Hour)
-	req.EndTime = req.EndTime.Add(8 * time.Hour)
+	loc, _ := time.LoadLocation(common.LoadTimeZone())
+	req.StartTime = req.StartTime.In(loc)
+	req.EndTime = req.EndTime.In(loc)

 	total, list, err := cronjobService.SearchRecords(req)
 	if err != nil {
@@ -92,17 +94,63 @@ func (b *BaseApi) SearchJobRecords(c *gin.Context) {
 	})
 }

+// @Tags Cronjob
+// @Summary Load Cronjob record log
+// @Description 获取计划任务记录日志
+// @Accept json
+// @Param request body dto.OperateByID true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /cronjob/record/log [post]
+func (b *BaseApi) LoadRecordLog(c *gin.Context) {
+	var req dto.OperateByID
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	content, err := cronjobService.LoadRecordLog(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, content)
+}
+
+// @Tags Cronjob
+// @Summary Clean job records
+// @Description 清空计划任务记录
+// @Accept json
+// @Param request body dto.CronjobClean true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /cronjobs/records/clean [post]
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"cronjobs","output_column":"name","output_value":"name"}],"formatZH":"清空计划任务记录 [name]","formatEN":"clean cronjob [name] records"}
+func (b *BaseApi) CleanRecord(c *gin.Context) {
+	var req dto.CronjobClean
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	if err := cronjobService.CleanRecord(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
+	helper.SuccessWithData(c, nil)
+}
+
 // @Tags Cronjob
 // @Summary Delete cronjob
 // @Description 删除计划任务
 // @Accept json
-// @Param request body dto.BatchDeleteReq true "request"
+// @Param request body dto.CronjobBatchDelete true "request"
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /cronjobs/del [post]
-// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"ids","isList":true,"db":"cronjobs","output_colume":"name","output_value":"names"}],"formatZH":"删除计划任务 [names]","formatEN":"delete cronjob [names]"}
+// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"ids","isList":true,"db":"cronjobs","output_column":"name","output_value":"names"}],"formatZH":"删除计划任务 [names]","formatEN":"delete cronjob [names]"}
 func (b *BaseApi) DeleteCronjob(c *gin.Context) {
-	var req dto.BatchDeleteReq
+	var req dto.CronjobBatchDelete
 	if err := c.ShouldBindJSON(&req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
@@ -112,7 +160,7 @@ func (b *BaseApi) DeleteCronjob(c *gin.Context) {
 		return
 	}

-	if err := cronjobService.Delete(req.Ids); err != nil {
+	if err := cronjobService.Delete(req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
@@ -127,7 +175,7 @@ func (b *BaseApi) DeleteCronjob(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /cronjobs/update [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"cronjobs","output_colume":"name","output_value":"name"}],"formatZH":"更新计划任务 [name]","formatEN":"update cronjob [name]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"cronjobs","output_column":"name","output_value":"name"}],"formatZH":"更新计划任务 [name]","formatEN":"update cronjob [name]"}
 func (b *BaseApi) UpdateCronjob(c *gin.Context) {
 	var req dto.CronjobUpdate
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -154,7 +202,7 @@ func (b *BaseApi) UpdateCronjob(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /cronjobs/status [post]
-// @x-panel-log {"bodyKeys":["id","status"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"cronjobs","output_colume":"name","output_value":"name"}],"formatZH":"修改计划任务 [name] 状态为 [status]","formatEN":"change the status of cronjob [name] to [status]."}
+// @x-panel-log {"bodyKeys":["id","status"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"cronjobs","output_column":"name","output_value":"name"}],"formatZH":"修改计划任务 [name] 状态为 [status]","formatEN":"change the status of cronjob [name] to [status]."}
 func (b *BaseApi) UpdateCronjobStatus(c *gin.Context) {
 	var req dto.CronjobUpdateStatus
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -181,7 +229,7 @@ func (b *BaseApi) UpdateCronjobStatus(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /cronjobs/download [post]
-// @x-panel-log {"bodyKeys":["recordID"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"recordID","isList":false,"db":"job_records","output_colume":"file","output_value":"file"}],"formatZH":"下载计划任务记录 [file]","formatEN":"download the cronjob record [file]"}
+// @x-panel-log {"bodyKeys":["recordID"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"recordID","isList":false,"db":"job_records","output_column":"file","output_value":"file"}],"formatZH":"下载计划任务记录 [file]","formatEN":"download the cronjob record [file]"}
 func (b *BaseApi) TargetDownload(c *gin.Context) {
 	var req dto.CronjobDownload
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -198,6 +246,7 @@ func (b *BaseApi) TargetDownload(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
+
 	c.File(filePath)
 }

@@ -209,7 +258,7 @@ func (b *BaseApi) TargetDownload(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /cronjobs/handle [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"cronjobs","output_colume":"name","output_value":"name"}],"formatZH":"手动执行计划任务 [name]","formatEN":"manually execute the cronjob [name]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"cronjobs","output_column":"name","output_value":"name"}],"formatZH":"手动执行计划任务 [name]","formatEN":"manually execute the cronjob [name]"}
 func (b *BaseApi) HandleOnce(c *gin.Context) {
 	var req dto.OperateByID
 	if err := c.ShouldBindJSON(&req); err != nil {
--- a/backend/app/api/v1/database_mysql.go
+++ b/backend/app/api/v1/database_mysql.go
@@ -2,6 +2,7 @@ package v1

 import (
 	"context"
+	"encoding/base64"

 	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
 	"github.com/1Panel-dev/1Panel/backend/app/dto"
@@ -29,6 +30,15 @@ func (b *BaseApi) CreateMysql(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
+	if len(req.Password) != 0 {
+		password, err := base64.StdEncoding.DecodeString(req.Password)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+		req.Password = string(password)
+	}
+
 	if _, err := mysqlService.Create(context.Background(), req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
@@ -44,7 +54,7 @@ func (b *BaseApi) CreateMysql(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /databases/description/update [post]
-// @x-panel-log {"bodyKeys":["id","description"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"database_mysqls","output_colume":"name","output_value":"name"}],"formatZH":"mysql 数据库 [name] 描述信息修改 [description]","formatEN":"The description of the mysql database [name] is modified => [description]"}
+// @x-panel-log {"bodyKeys":["id","description"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"database_mysqls","output_column":"name","output_value":"name"}],"formatZH":"mysql 数据库 [name] 描述信息修改 [description]","formatEN":"The description of the mysql database [name] is modified => [description]"}
 func (b *BaseApi) UpdateMysqlDescription(c *gin.Context) {
 	var req dto.UpdateDescription
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -70,7 +80,7 @@ func (b *BaseApi) UpdateMysqlDescription(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /databases/change/password [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"database_mysqls","output_colume":"name","output_value":"name"}],"formatZH":"更新数据库 [name] 密码","formatEN":"Update database [name] password"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"database_mysqls","output_column":"name","output_value":"name"}],"formatZH":"更新数据库 [name] 密码","formatEN":"Update database [name] password"}
 func (b *BaseApi) ChangeMysqlPassword(c *gin.Context) {
 	var req dto.ChangeDBInfo
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -81,6 +91,15 @@ func (b *BaseApi) ChangeMysqlPassword(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
+	if len(req.Value) != 0 {
+		value, err := base64.StdEncoding.DecodeString(req.Value)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+		req.Value = string(value)
+	}
+
 	if err := mysqlService.ChangePassword(req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
@@ -96,7 +115,7 @@ func (b *BaseApi) ChangeMysqlPassword(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /databases/change/access [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"database_mysqls","output_colume":"name","output_value":"name"}],"formatZH":"更新数据库 [name] 访问权限","formatEN":"Update database [name] access"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"database_mysqls","output_column":"name","output_value":"name"}],"formatZH":"更新数据库 [name] 访问权限","formatEN":"Update database [name] access"}
 func (b *BaseApi) ChangeMysqlAccess(c *gin.Context) {
 	var req dto.ChangeDBInfo
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -169,12 +188,12 @@ func (b *BaseApi) UpdateMysqlConfByFile(c *gin.Context) {
 // @Summary Page mysql databases
 // @Description 获取 mysql 数据库列表分页
 // @Accept json
-// @Param request body dto.SearchWithPage true "request"
+// @Param request body dto.MysqlDBSearch true "request"
 // @Success 200 {object} dto.PageResult
 // @Security ApiKeyAuth
 // @Router /databases/search [post]
 func (b *BaseApi) SearchMysql(c *gin.Context) {
-	var req dto.SearchWithPage
+	var req dto.MysqlDBSearch
 	if err := c.ShouldBindJSON(&req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
@@ -197,11 +216,11 @@ func (b *BaseApi) SearchMysql(c *gin.Context) {
 // @Description 获取 mysql 数据库列表
 // @Accept json
 // @Param request body dto.PageInfo true "request"
-// @Success 200 {anrry} string
+// @Success 200 {array} dto.MysqlOption
 // @Security ApiKeyAuth
 // @Router /databases/options [get]
 func (b *BaseApi) ListDBName(c *gin.Context) {
-	list, err := mysqlService.ListDBName()
+	list, err := mysqlService.ListDBOption()
 	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
@@ -210,12 +229,31 @@ func (b *BaseApi) ListDBName(c *gin.Context) {
 	helper.SuccessWithData(c, list)
 }

+// @Tags Database Mysql
+// @Summary Load mysql database from remote
+// @Description 从服务器获取
+// @Security ApiKeyAuth
+// @Router /databases/load/:from [get]
+func (b *BaseApi) LoadDBFromRemote(c *gin.Context) {
+	from, err := helper.GetStrParamByKey(c, "from")
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := mysqlService.LoadFromRemote(from); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
+	helper.SuccessWithData(c, nil)
+}
+
 // @Tags Database Mysql
 // @Summary Check before delete mysql database
 // @Description Mysql 数据库删除前检查
 // @Accept json
 // @Param request body dto.OperateByID true "request"
-// @Success 200 {anrry} string
+// @Success 200 {array} string
 // @Security ApiKeyAuth
 // @Router /databases/del/check [post]
 func (b *BaseApi) DeleteCheckMysql(c *gin.Context) {
@@ -245,7 +283,7 @@ func (b *BaseApi) DeleteCheckMysql(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /databases/del [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"database_mysqls","output_colume":"name","output_value":"name"}],"formatZH":"删除 mysql 数据库 [name]","formatEN":"delete mysql database [name]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"database_mysqls","output_column":"name","output_value":"name"}],"formatZH":"删除 mysql 数据库 [name]","formatEN":"delete mysql database [name]"}
 func (b *BaseApi) DeleteMysql(c *gin.Context) {
 	var req dto.MysqlDBDelete
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -283,6 +321,28 @@ func (b *BaseApi) LoadBaseinfo(c *gin.Context) {
 	helper.SuccessWithData(c, data)
 }

+// @Tags Database
+// @Summary Load Database file
+// @Description 获取数据库文件
+// @Accept json
+// @Param request body dto.OperationWithNameAndType true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /databases/load/file [post]
+func (b *BaseApi) LoadDatabaseFile(c *gin.Context) {
+	var req dto.OperationWithNameAndType
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	content, err := mysqlService.LoadDatabaseFile(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, content)
+}
+
 // @Tags Database Mysql
 // @Summary Load mysql remote access
 // @Description 获取 mysql 远程访问权限
--- a/backend/app/api/v1/database_redis.go
+++ b/backend/app/api/v1/database_redis.go
@@ -2,6 +2,7 @@ package v1

 import (
 	"bufio"
+	"encoding/base64"
 	"fmt"
 	"os"

@@ -106,6 +107,15 @@ func (b *BaseApi) ChangeRedisPassword(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
+	if len(req.Value) != 0 {
+		value, err := base64.StdEncoding.DecodeString(req.Value)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+		req.Value = string(value)
+	}
+
 	if err := redisService.ChangePassword(req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
--- a/backend/app/api/v1/docker.go
+++ b/backend/app/api/v1/docker.go
@@ -1,7 +1,6 @@
 package v1

 import (
-	"io/ioutil"
 	"os"

 	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
@@ -35,7 +34,7 @@ func (b *BaseApi) LoadDaemonJsonFile(c *gin.Context) {
 		helper.SuccessWithData(c, "daemon.json is not find in path")
 		return
 	}
-	content, err := ioutil.ReadFile(constant.DaemonJsonPath)
+	content, err := os.ReadFile(constant.DaemonJsonPath)
 	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
@@ -59,13 +58,13 @@ func (b *BaseApi) LoadDaemonJson(c *gin.Context) {
 // @Summary Update docker daemon.json
 // @Description 修改 docker 配置信息
 // @Accept json
-// @Param request body dto.DaemonJsonConf true "request"
+// @Param request body dto.SettingUpdate true "request"
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /containers/daemonjson/update [post]
-// @x-panel-log {"bodyKeys":[],"paramKeys":[],"BeforeFuntions":[],"formatZH":"更新 docker daemon.json 配置","formatEN":"Updated the docker daemon.json configuration"}
+// @x-panel-log {"bodyKeys":["key", "value"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"更新 docker daemon.json 配置 [key]=>[value]","formatEN":"Updated the docker daemon.json configuration [key]=>[value]"}
 func (b *BaseApi) UpdateDaemonJson(c *gin.Context) {
-	var req dto.DaemonJsonConf
+	var req dto.SettingUpdate
 	if err := c.ShouldBindJSON(&req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
@@ -79,6 +78,30 @@ func (b *BaseApi) UpdateDaemonJson(c *gin.Context) {
 	helper.SuccessWithData(c, nil)
 }

+// @Tags Container Docker
+// @Summary Update docker daemon.json log option
+// @Description 修改 docker 日志配置
+// @Accept json
+// @Param request body dto.LogOption true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /containers/daemonjson/update [post]
+// @x-panel-log {"bodyKeys":[],"paramKeys":[],"BeforeFuntions":[],"formatZH":"更新 docker daemon.json 日志配置","formatEN":"Updated the docker daemon.json log option"}
+func (b *BaseApi) UpdateLogOption(c *gin.Context) {
+	var req dto.LogOption
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	if err := dockerService.UpdateLogOption(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
+	helper.SuccessWithData(c, nil)
+}
+
 // @Tags Container Docker
 // @Summary Update docker daemon.json by upload file
 // @Description 上传替换 docker 配置文件
--- a/backend/app/api/v1/entry.go
+++ b/backend/app/api/v1/entry.go
@@ -9,41 +9,48 @@ type ApiGroup struct {
 var ApiGroupApp = new(ApiGroup)

 var (
-	authService      = service.ServiceGroupApp.AuthService
-	dashboardService = service.ServiceGroupApp.DashboardService
+	authService      = service.NewIAuthService()
+	dashboardService = service.NewIDashboardService()

 	appService        = service.NewIAppService()
-	appInstallService = service.ServiceGroupApp.AppInstallService
+	appInstallService = service.NewIAppInstalledService()

-	containerService       = service.ServiceGroupApp.ContainerService
-	composeTemplateService = service.ServiceGroupApp.ComposeTemplateService
-	imageRepoService       = service.ServiceGroupApp.ImageRepoService
-	imageService           = service.ServiceGroupApp.ImageService
-	dockerService          = service.ServiceGroupApp.DockerService
+	containerService       = service.NewIContainerService()
+	composeTemplateService = service.NewIComposeTemplateService()
+	imageRepoService       = service.NewIImageRepoService()
+	imageService           = service.NewIImageService()
+	dockerService          = service.NewIDockerService()

-	mysqlService = service.ServiceGroupApp.MysqlService
-	redisService = service.ServiceGroupApp.RedisService
+	mysqlService    = service.NewIMysqlService()
+	remoteDBService = service.NewIRemoteDBService()
+	redisService    = service.NewIRedisService()

-	cronjobService = service.ServiceGroupApp.CronjobService
+	cronjobService = service.NewICronjobService()

-	hostService  = service.ServiceGroupApp.HostService
-	groupService = service.ServiceGroupApp.GroupService
-	fileService  = service.ServiceGroupApp.FileService
+	hostService     = service.NewIHostService()
+	groupService    = service.NewIGroupService()
+	fileService     = service.NewIFileService()
+	sshService      = service.NewISSHService()
+	firewallService = service.NewIFirewallService()

-	settingService = service.ServiceGroupApp.SettingService
-	backupService  = service.ServiceGroupApp.BackupService
+	settingService = service.NewISettingService()
+	backupService  = service.NewIBackupService()

-	commandService = service.ServiceGroupApp.CommandService
+	commandService = service.NewICommandService()

-	websiteGroupService       = service.ServiceGroupApp.WebsiteGroupService
-	websiteService            = service.ServiceGroupApp.WebsiteService
-	websiteDnsAccountService  = service.ServiceGroupApp.WebsiteDnsAccountService
-	websiteSSLService         = service.ServiceGroupApp.WebsiteSSLService
-	websiteAcmeAccountService = service.ServiceGroupApp.WebsiteAcmeAccountService
+	websiteService            = service.NewIWebsiteService()
+	websiteDnsAccountService  = service.NewIWebsiteDnsAccountService()
+	websiteSSLService         = service.NewIWebsiteSSLService()
+	websiteAcmeAccountService = service.NewIWebsiteAcmeAccountService()

-	nginxService = service.ServiceGroupApp.NginxService
+	nginxService = service.NewINginxService()

-	logService      = service.ServiceGroupApp.LogService
-	snapshotService = service.ServiceGroupApp.SnapshotService
-	upgradeService  = service.ServiceGroupApp.UpgradeService
+	logService      = service.NewILogService()
+	snapshotService = service.NewISnapshotService()
+	upgradeService  = service.NewIUpgradeService()
+
+	runtimeService = service.NewRuntimeService()
+	processService = service.NewIProcessService()
+
+	hostToolService = service.NewIHostToolService()
 )
--- a/backend/app/api/v1/file.go
+++ b/backend/app/api/v1/file.go
@@ -3,6 +3,15 @@ package v1
 import (
 	"errors"
 	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"os"
+	"path"
+	"path/filepath"
+	"strconv"
+	"strings"
+
 	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
 	"github.com/1Panel-dev/1Panel/backend/app/dto"
 	"github.com/1Panel-dev/1Panel/backend/app/dto/request"
@@ -10,14 +19,10 @@ import (
 	"github.com/1Panel-dev/1Panel/backend/buserr"
 	"github.com/1Panel-dev/1Panel/backend/constant"
 	"github.com/1Panel-dev/1Panel/backend/global"
+	"github.com/1Panel-dev/1Panel/backend/utils/files"
 	websocket2 "github.com/1Panel-dev/1Panel/backend/utils/websocket"
 	"github.com/gin-gonic/gin"
 	"github.com/gorilla/websocket"
-	"io/ioutil"
-	"net/http"
-	"os"
-	"path"
-	"strings"
 )

 // @Tags File
@@ -47,7 +52,7 @@ func (b *BaseApi) ListFiles(c *gin.Context) {
 // @Description 分页获取上传文件
 // @Accept json
 // @Param request body request.SearchUploadWithPage true "request"
-// @Success 200 {anrry} response.FileInfo
+// @Success 200 {array} response.FileInfo
 // @Security ApiKeyAuth
 // @Router /files/upload/search [post]
 func (b *BaseApi) SearchUploadWithPage(c *gin.Context) {
@@ -76,7 +81,7 @@ func (b *BaseApi) SearchUploadWithPage(c *gin.Context) {
 // @Description 加载文件树
 // @Accept json
 // @Param request body request.FileOption true "request"
-// @Success 200 {anrry} response.FileTree
+// @Success 200 {array} response.FileTree
 // @Security ApiKeyAuth
 // @Router /files/tree [post]
 func (b *BaseApi) GetFileTree(c *gin.Context) {
@@ -182,7 +187,29 @@ func (b *BaseApi) ChangeFileMode(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
-	helper.SuccessWithData(c, nil)
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags File
+// @Summary Change file owner
+// @Description 修改文件用户/组
+// @Accept json
+// @Param request body request.FileRoleUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /files/owner [post]
+// @x-panel-log {"bodyKeys":["path","user","group"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"修改用户/组 [paths] => [user]/[group]","formatEN":"Change owner [paths] => [user]/[group]"}
+func (b *BaseApi) ChangeFileOwner(c *gin.Context) {
+	var req request.FileRoleUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := fileService.ChangeOwner(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
 }

 // @Tags File
@@ -428,17 +455,93 @@ func (b *BaseApi) MoveFile(c *gin.Context) {
 // @Router /files/download [post]
 // @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"下载文件 [name]","formatEN":"Download file [name]"}
 func (b *BaseApi) Download(c *gin.Context) {
-	var req request.FileDownload
+	filePath := c.Query("path")
+	file, err := os.Open(filePath)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+	}
+	info, _ := file.Stat()
+	c.Header("Content-Length", strconv.FormatInt(info.Size(), 10))
+	c.Header("Content-Disposition", "attachment; filename*=utf-8''"+url.PathEscape(info.Name()))
+	http.ServeContent(c.Writer, c.Request, info.Name(), info.ModTime(), file)
+}
+
+// @Tags File
+// @Summary Chunk Download file
+// @Description 分片下载下载文件
+// @Accept json
+// @Param request body request.FileDownload true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /files/chunkdownload [post]
+// @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"下载文件 [name]","formatEN":"Download file [name]"}
+func (b *BaseApi) DownloadChunkFiles(c *gin.Context) {
+	var req request.FileChunkDownload
 	if err := c.ShouldBindJSON(&req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
-	filePath, err := fileService.FileDownload(req)
+	fileOp := files.NewFileOp()
+	if !fileOp.Stat(req.Path) {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrPathNotFound, nil)
+		return
+	}
+	filePath := req.Path
+	fstFile, err := fileOp.OpenFile(filePath)
 	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
-	c.File(filePath)
+	info, err := fstFile.Stat()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	if info.IsDir() {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrFileDownloadDir, err)
+		return
+	}
+
+	c.Writer.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=%s", req.Name))
+	c.Writer.Header().Set("Content-Type", "application/octet-stream")
+	c.Writer.Header().Set("Content-Length", strconv.FormatInt(info.Size(), 10))
+	c.Writer.Header().Set("Accept-Ranges", "bytes")
+
+	if c.Request.Header.Get("Range") != "" {
+		rangeHeader := c.Request.Header.Get("Range")
+		rangeArr := strings.Split(rangeHeader, "=")[1]
+		rangeParts := strings.Split(rangeArr, "-")
+
+		startPos, _ := strconv.ParseInt(rangeParts[0], 10, 64)
+
+		var endPos int64
+		if rangeParts[1] == "" {
+			endPos = info.Size() - 1
+		} else {
+			endPos, _ = strconv.ParseInt(rangeParts[1], 10, 64)
+		}
+
+		c.Writer.Header().Set("Content-Range", fmt.Sprintf("bytes %d-%d/%d", startPos, endPos, info.Size()))
+		c.Writer.WriteHeader(http.StatusPartialContent)
+
+		buffer := make([]byte, 1024*1024)
+		file, err := os.Open(filePath)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+			return
+		}
+		defer file.Close()
+
+		_, _ = file.Seek(startPos, 0)
+		reader := io.LimitReader(file, endPos-startPos+1)
+		_, err = io.CopyBuffer(c.Writer, reader, buffer)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+			return
+		}
+	} else {
+		c.File(filePath)
+	}
 }

 // @Tags File
@@ -464,32 +567,121 @@ func (b *BaseApi) Size(c *gin.Context) {
 	helper.SuccessWithData(c, res)
 }

+func mergeChunks(fileName string, fileDir string, dstDir string, chunkCount int) error {
+	if _, err := os.Stat(path.Dir(dstDir)); err != nil && os.IsNotExist(err) {
+		if err = os.MkdirAll(path.Dir(dstDir), os.ModePerm); err != nil {
+			return err
+		}
+	}
+
+	targetFile, err := os.Create(filepath.Join(dstDir, fileName))
+	if err != nil {
+		return err
+	}
+	defer targetFile.Close()
+
+	for i := 0; i < chunkCount; i++ {
+		chunkPath := filepath.Join(fileDir, fmt.Sprintf("%s.%d", fileName, i))
+		chunkData, err := os.ReadFile(chunkPath)
+		if err != nil {
+			return err
+		}
+		_, err = targetFile.Write(chunkData)
+		if err != nil {
+			return err
+		}
+	}
+
+	return files.NewFileOp().DeleteDir(fileDir)
+}
+
 // @Tags File
-// @Summary Read file
-// @Description 读取文件
-// @Accept json
-// @Param request body dto.FilePath true "request"
-// @Success 200 {string} content
+// @Summary ChunkUpload file
+// @Description 分片上传文件
+// @Param file formData file true "request"
+// @Success 200
 // @Security ApiKeyAuth
-// @Router /files/loadfile [post]
-// @x-panel-log {"bodyKeys":["path"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"读取文件 [path]","formatEN":"Read file [path]"}
-func (b *BaseApi) LoadFromFile(c *gin.Context) {
-	var req dto.FilePath
-	if err := c.ShouldBindJSON(&req); err != nil {
+// @Router /files/chunkupload [post]
+func (b *BaseApi) UploadChunkFiles(c *gin.Context) {
+	var err error
+	fileForm, err := c.FormFile("chunk")
+	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
-	if err := global.VALID.Struct(req); err != nil {
+	uploadFile, err := fileForm.Open()
+	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
+	chunkIndex, err := strconv.Atoi(c.PostForm("chunkIndex"))
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	chunkCount, err := strconv.Atoi(c.PostForm("chunkCount"))
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	fileOp := files.NewFileOp()
+	tmpDir := path.Join(global.CONF.System.TmpDir, "upload")
+	if !fileOp.Stat(tmpDir) {
+		if err := fileOp.CreateDir(tmpDir, 0755); err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+	}
+	filename := c.PostForm("filename")
+	fileDir := filepath.Join(tmpDir, filename)
+	if chunkIndex == 0 {
+		if fileOp.Stat(fileDir) {
+			_ = fileOp.DeleteDir(fileDir)
+		}
+		_ = os.MkdirAll(fileDir, 0755)
+	}
+	filePath := filepath.Join(fileDir, filename)
+
+	defer func() {
+		if err != nil {
+			_ = os.Remove(fileDir)
+		}
+	}()
+	var (
+		emptyFile *os.File
+		chunkData []byte
+	)
+
+	emptyFile, err = os.Create(filePath)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	defer emptyFile.Close()
+
+	chunkData, err = io.ReadAll(uploadFile)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, buserr.WithMap(constant.ErrFileUpload, map[string]interface{}{"name": filename, "detail": err.Error()}, err))
+		return
+	}

-	content, err := ioutil.ReadFile(req.Path)
+	chunkPath := filepath.Join(fileDir, fmt.Sprintf("%s.%d", filename, chunkIndex))
+	err = os.WriteFile(chunkPath, chunkData, 0644)
 	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, buserr.WithMap(constant.ErrFileUpload, map[string]interface{}{"name": filename, "detail": err.Error()}, err))
+		return
+	}
+
+	if chunkIndex+1 == chunkCount {
+		err = mergeChunks(filename, fileDir, c.PostForm("path"), chunkCount)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, buserr.WithMap(constant.ErrFileUpload, map[string]interface{}{"name": filename, "detail": err.Error()}, err))
+			return
+		}
+		helper.SuccessWithData(c, true)
+	} else {
 		return
 	}
-	helper.SuccessWithData(c, string(content))
 }

 var wsUpgrade = websocket.Upgrader{
@@ -498,19 +690,12 @@ var wsUpgrade = websocket.Upgrader{
 	},
 }

-var WsManager = websocket2.Manager{
-	Group:       make(map[string]*websocket2.Client),
-	Register:    make(chan *websocket2.Client, 128),
-	UnRegister:  make(chan *websocket2.Client, 128),
-	ClientCount: 0,
-}
-
 func (b *BaseApi) Ws(c *gin.Context) {
 	ws, err := wsUpgrade.Upgrade(c.Writer, c.Request, nil)
 	if err != nil {
 		return
 	}
-	wsClient := websocket2.NewWsClient("wsClient", ws)
+	wsClient := websocket2.NewWsClient("fileClient", ws)
 	go wsClient.Read()
 	go wsClient.Write()
 }
--- a/backend/app/api/v1/file_upload.go
+++ b/backend/app/api/v1/file_upload.go
@@ -1,111 +0,0 @@
-package v1
-
-import (
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"strconv"
-
-	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
-	"github.com/1Panel-dev/1Panel/backend/constant"
-	"github.com/1Panel-dev/1Panel/backend/global"
-	"github.com/1Panel-dev/1Panel/backend/utils/files"
-	"github.com/gin-gonic/gin"
-)
-
-func mergeChunks(fileName string, fileDir string, dstDir string, chunkCount int) error {
-	//fileInfoList, err := ioutil.ReadDir(fileDir)
-	//if err != nil {
-	//	return err
-	//}
-
-	targetFile, err := os.Create(filepath.Join(dstDir, fileName))
-	if err != nil {
-		return err
-	}
-	defer targetFile.Close()
-
-	for i := 0; i < chunkCount; i++ {
-		chunkPath := filepath.Join(fileDir, fmt.Sprintf("%s.%d", fileName, i))
-		chunkData, err := ioutil.ReadFile(chunkPath)
-		if err != nil {
-			return err
-		}
-		_, err = targetFile.Write(chunkData)
-		if err != nil {
-			return err
-		}
-	}
-
-	return files.NewFileOp().DeleteDir(fileDir)
-}
-
-func (b *BaseApi) UploadChunkFiles(c *gin.Context) {
-	fileForm, err := c.FormFile("chunk")
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	uploadFile, err := fileForm.Open()
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-
-	chunkIndex, err := strconv.Atoi(c.PostForm("chunkIndex"))
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-
-	chunkCount, err := strconv.Atoi(c.PostForm("chunkCount"))
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-
-	fileOp := files.NewFileOp()
-	if err := fileOp.CreateDir("uploads", 0755); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	//fileID := uuid.New().String()
-	filename := c.PostForm("filename")
-	fileDir := filepath.Join(global.CONF.System.DataDir, "upload", filename)
-
-	_ = os.MkdirAll(fileDir, 0755)
-	filePath := filepath.Join(fileDir, filename)
-
-	emptyFile, err := os.Create(filePath)
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	emptyFile.Close()
-
-	chunkData, err := ioutil.ReadAll(uploadFile)
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-
-	chunkPath := filepath.Join(fileDir, fmt.Sprintf("%s.%d", filename, chunkIndex))
-	err = ioutil.WriteFile(chunkPath, chunkData, 0644)
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-
-	if chunkIndex+1 == chunkCount {
-		err = mergeChunks(filename, fileDir, c.PostForm("path"), chunkCount)
-		if err != nil {
-			fmt.Println(err.Error())
-			helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrAppDelete, err)
-			return
-		}
-		helper.SuccessWithData(c, true)
-	} else {
-		return
-	}
-}
--- a/backend/app/api/v1/firewall.go
+++ b/backend/app/api/v1/firewall.go
@@ -0,0 +1,207 @@
+package v1
+
+import (
+	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
+	"github.com/1Panel-dev/1Panel/backend/app/dto"
+	"github.com/1Panel-dev/1Panel/backend/constant"
+	"github.com/1Panel-dev/1Panel/backend/global"
+	"github.com/gin-gonic/gin"
+)
+
+// @Tags Firewall
+// @Summary Load firewall base info
+// @Description 获取防火墙基础信息
+// @Success 200 {object} dto.FirewallBaseInfo
+// @Security ApiKeyAuth
+// @Router /hosts/firewall/base [get]
+func (b *BaseApi) LoadFirewallBaseInfo(c *gin.Context) {
+	data, err := firewallService.LoadBaseInfo()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
+	helper.SuccessWithData(c, data)
+}
+
+// @Tags Firewall
+// @Summary Page firewall rules
+// @Description 获取防火墙规则列表分页
+// @Accept json
+// @Param request body dto.SearchWithPage true "request"
+// @Success 200 {object} dto.PageResult
+// @Security ApiKeyAuth
+// @Router /hosts/firewall/search [post]
+func (b *BaseApi) SearchFirewallRule(c *gin.Context) {
+	var req dto.RuleSearch
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	total, list, err := firewallService.SearchWithPage(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
+	helper.SuccessWithData(c, dto.PageResult{
+		Items: list,
+		Total: total,
+	})
+}
+
+// @Tags Firewall
+// @Summary Page firewall status
+// @Description 修改防火墙状态
+// @Accept json
+// @Param request body dto.FirewallOperation true "request"
+// @Success 200 {object} dto.PageResult
+// @Security ApiKeyAuth
+// @Router /hosts/firewall/operate [post]
+// @x-panel-log {"bodyKeys":["operation"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"[operation] 防火墙","formatEN":"[operation] firewall"}
+func (b *BaseApi) OperateFirewall(c *gin.Context) {
+	var req dto.FirewallOperation
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	if err := firewallService.OperateFirewall(req.Operation); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Firewall
+// @Summary Create group
+// @Description 创建防火墙端口规则
+// @Accept json
+// @Param request body dto.PortRuleOperate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /hosts/firewall/port [post]
+// @x-panel-log {"bodyKeys":["port","strategy"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"添加端口规则 [strategy] [port]","formatEN":"create port rules [strategy][port]"}
+func (b *BaseApi) OperatePortRule(c *gin.Context) {
+	var req dto.PortRuleOperate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := firewallService.OperatePortRule(req, true); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Firewall
+// @Summary Create group
+// @Description 创建防火墙 IP 规则
+// @Accept json
+// @Param request body dto.AddrRuleOperate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /hosts/firewall/ip [post]
+// @x-panel-log {"bodyKeys":["strategy","address"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"添加 ip 规则 [strategy] [address]","formatEN":"create address rules [strategy][address]"}
+func (b *BaseApi) OperateIPRule(c *gin.Context) {
+	var req dto.AddrRuleOperate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := firewallService.OperateAddressRule(req, true); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Firewall
+// @Summary Create group
+// @Description 批量删除防火墙规则
+// @Accept json
+// @Param request body dto.BatchRuleOperate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /hosts/firewall/batch [post]
+func (b *BaseApi) BatchOperateRule(c *gin.Context) {
+	var req dto.BatchRuleOperate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := firewallService.BatchOperateRule(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Firewall
+// @Summary Create group
+// @Description 更新端口防火墙规则
+// @Accept json
+// @Param request body dto.PortRuleUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /hosts/firewall/update/port [post]
+func (b *BaseApi) UpdatePortRule(c *gin.Context) {
+	var req dto.PortRuleUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := firewallService.UpdatePortRule(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Firewall
+// @Summary Create group
+// @Description 更新 ip 防火墙规则
+// @Accept json
+// @Param request body dto.AddrRuleUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /hosts/firewall/update/addr [post]
+func (b *BaseApi) UpdateAddrRule(c *gin.Context) {
+	var req dto.AddrRuleUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := firewallService.UpdateAddrRule(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
--- a/backend/app/api/v1/group.go
+++ b/backend/app/api/v1/group.go
@@ -15,7 +15,7 @@ import (
 // @Param request body dto.GroupCreate true "request"
 // @Success 200
 // @Security ApiKeyAuth
-// @Router /hosts/group [post]
+// @Router /groups [post]
 // @x-panel-log {"bodyKeys":["name","type"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"创建组 [name][type]","formatEN":"create group [name][type]"}
 func (b *BaseApi) CreateGroup(c *gin.Context) {
 	var req dto.GroupCreate
@@ -41,8 +41,8 @@ func (b *BaseApi) CreateGroup(c *gin.Context) {
 // @Param request body dto.OperateByID true "request"
 // @Success 200
 // @Security ApiKeyAuth
-// @Router /hosts/group/del [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"groups","output_colume":"name","output_value":"name"},{"input_colume":"id","input_value":"id","isList":false,"db":"groups","output_colume":"type","output_value":"type"}],"formatZH":"删除组 [type][name]","formatEN":"delete group [type][name]"}
+// @Router /groups/del [post]
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"groups","output_column":"name","output_value":"name"},{"input_column":"id","input_value":"id","isList":false,"db":"groups","output_column":"type","output_value":"type"}],"formatZH":"删除组 [type][name]","formatEN":"delete group [type][name]"}
 func (b *BaseApi) DeleteGroup(c *gin.Context) {
 	var req dto.OperateByID
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -68,7 +68,7 @@ func (b *BaseApi) DeleteGroup(c *gin.Context) {
 // @Param request body dto.GroupUpdate true "request"
 // @Success 200
 // @Security ApiKeyAuth
-// @Router /hosts/group/update [post]
+// @Router /groups/update [post]
 // @x-panel-log {"bodyKeys":["name","type"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"更新组 [name][type]","formatEN":"update group [name][type]"}
 func (b *BaseApi) UpdateGroup(c *gin.Context) {
 	var req dto.GroupUpdate
@@ -92,9 +92,9 @@ func (b *BaseApi) UpdateGroup(c *gin.Context) {
 // @Description 查询系统组
 // @Accept json
 // @Param request body dto.GroupSearch true "request"
-// @Success 200 {anrry} dto.GroupInfo
+// @Success 200 {array} dto.GroupInfo
 // @Security ApiKeyAuth
-// @Router /hosts/group/search [post]
+// @Router /groups/search [post]
 func (b *BaseApi) ListGroup(c *gin.Context) {
 	var req dto.GroupSearch
 	if err := c.ShouldBindJSON(&req); err != nil {
--- a/backend/app/api/v1/helper/helper.go
+++ b/backend/app/api/v1/helper/helper.go
@@ -83,6 +83,15 @@ func SuccessWithData(ctx *gin.Context, data interface{}) {
 	ctx.Abort()
 }

+func SuccessWithOutData(ctx *gin.Context) {
+	res := dto.Response{
+		Code:    constant.CodeSuccess,
+		Message: "success",
+	}
+	ctx.JSON(http.StatusOK, res)
+	ctx.Abort()
+}
+
 func SuccessWithMsg(ctx *gin.Context, msg string) {
 	res := dto.Response{
 		Code:    constant.CodeSuccess,
--- a/backend/app/api/v1/host.go
+++ b/backend/app/api/v1/host.go
@@ -5,8 +5,7 @@ import (
 	"github.com/1Panel-dev/1Panel/backend/app/dto"
 	"github.com/1Panel-dev/1Panel/backend/constant"
 	"github.com/1Panel-dev/1Panel/backend/global"
-	"github.com/1Panel-dev/1Panel/backend/utils/copier"
-	"github.com/1Panel-dev/1Panel/backend/utils/ssh"
+	"github.com/1Panel-dev/1Panel/backend/utils/encrypt"
 	"github.com/gin-gonic/gin"
 )

@@ -29,6 +28,7 @@ func (b *BaseApi) CreateHost(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
+
 	host, err := hostService.Create(req)
 	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
@@ -56,17 +56,8 @@ func (b *BaseApi) TestByInfo(c *gin.Context) {
 		return
 	}

-	var connInfo ssh.ConnInfo
-	if err := copier.Copy(&connInfo, &req); err != nil {
-		helper.SuccessWithData(c, false)
-	}
-	client, err := connInfo.NewClient()
-	if err != nil {
-		helper.SuccessWithData(c, false)
-	}
-	defer client.Close()
-
-	helper.SuccessWithData(c, true)
+	connStatus := hostService.TestByInfo(req)
+	helper.SuccessWithData(c, connStatus)
 }

 // @Tags Host
@@ -93,7 +84,7 @@ func (b *BaseApi) TestByID(c *gin.Context) {
 // @Description 加载主机树
 // @Accept json
 // @Param request body dto.SearchForTree true "request"
-// @Success 200 {anrry} dto.HostTree
+// @Success 200 {array} dto.HostTree
 // @Security ApiKeyAuth
 // @Router /hosts/tree [post]
 func (b *BaseApi) HostTree(c *gin.Context) {
@@ -117,7 +108,7 @@ func (b *BaseApi) HostTree(c *gin.Context) {
 // @Description 获取主机列表分页
 // @Accept json
 // @Param request body dto.SearchHostWithPage true "request"
-// @Success 200 {anrry} dto.HostTree
+// @Success 200 {array} dto.HostTree
 // @Security ApiKeyAuth
 // @Router /hosts/search [post]
 func (b *BaseApi) SearchHost(c *gin.Context) {
@@ -139,33 +130,6 @@ func (b *BaseApi) SearchHost(c *gin.Context) {
 	})
 }

-// @Tags Host
-// @Summary Load host info
-// @Description 加载主机信息
-// @Accept json
-// @Param id path integer true "request"
-// @Success 200 {object} dto.HostInfo
-// @Security ApiKeyAuth
-// @Router /hosts/:id [get]
-func (b *BaseApi) GetHostInfo(c *gin.Context) {
-	id, err := helper.GetParamID(c)
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	host, err := hostService.GetHostInfo(id)
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
-		return
-	}
-	var hostDto dto.HostInfo
-	if err := copier.Copy(&hostDto, host); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
-		return
-	}
-	helper.SuccessWithData(c, hostDto)
-}
-
 // @Tags Host
 // @Summary Delete host
 // @Description 删除主机
@@ -174,7 +138,7 @@ func (b *BaseApi) GetHostInfo(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /hosts/del [post]
-// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"ids","isList":true,"db":"hosts","output_colume":"addr","output_value":"addrs"}],"formatZH":"删除主机 [addrs]","formatEN":"delete host [addrs]"}
+// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"ids","isList":true,"db":"hosts","output_column":"addr","output_value":"addrs"}],"formatZH":"删除主机 [addrs]","formatEN":"delete host [addrs]"}
 func (b *BaseApi) DeleteHost(c *gin.Context) {
 	var req dto.BatchDeleteReq
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -212,6 +176,31 @@ func (b *BaseApi) UpdateHost(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
+	var err error
+	if len(req.Password) != 0 && req.AuthMode == "password" {
+		req.Password, err = hostService.EncryptHost(req.Password)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+		req.PrivateKey = ""
+		req.PassPhrase = ""
+	}
+	if len(req.PrivateKey) != 0 && req.AuthMode == "key" {
+		req.PrivateKey, err = hostService.EncryptHost(req.PrivateKey)
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+			return
+		}
+		if len(req.PassPhrase) != 0 {
+			req.PassPhrase, err = encrypt.StringEncrypt(req.PassPhrase)
+			if err != nil {
+				helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+				return
+			}
+		}
+		req.Password = ""
+	}

 	upMap := make(map[string]interface{})
 	upMap["name"] = req.Name
@@ -220,11 +209,15 @@ func (b *BaseApi) UpdateHost(c *gin.Context) {
 	upMap["port"] = req.Port
 	upMap["user"] = req.User
 	upMap["auth_mode"] = req.AuthMode
-	if len(req.Password) != 0 {
+	upMap["remember_password"] = req.RememberPassword
+	if req.AuthMode == "password" {
 		upMap["password"] = req.Password
-	}
-	if len(req.PrivateKey) != 0 {
+		upMap["private_key"] = ""
+		upMap["pass_phrase"] = ""
+	} else {
+		upMap["password"] = ""
 		upMap["private_key"] = req.PrivateKey
+		upMap["pass_phrase"] = req.PassPhrase
 	}
 	upMap["description"] = req.Description
 	if err := hostService.Update(req.ID, upMap); err != nil {
@@ -241,8 +234,8 @@ func (b *BaseApi) UpdateHost(c *gin.Context) {
 // @Param request body dto.ChangeHostGroup true "request"
 // @Success 200
 // @Security ApiKeyAuth
-// @Router /hosts/update [post]
-// @x-panel-log {"bodyKeys":["id","group"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"hosts","output_colume":"addr","output_value":"addr"}],"formatZH":"切换主机[addr]分组 => [group]","formatEN":"change host [addr] group => [group]"}
+// @Router /hosts/update/group [post]
+// @x-panel-log {"bodyKeys":["id","group"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"hosts","output_column":"addr","output_value":"addr"}],"formatZH":"切换主机[addr]分组 => [group]","formatEN":"change host [addr] group => [group]"}
 func (b *BaseApi) UpdateHostGroup(c *gin.Context) {
 	var req dto.ChangeHostGroup
 	if err := c.ShouldBindJSON(&req); err != nil {
--- a/backend/app/api/v1/host_tool.go
+++ b/backend/app/api/v1/host_tool.go
@@ -0,0 +1,213 @@
+package v1
+
+import (
+	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
+	"github.com/1Panel-dev/1Panel/backend/app/dto/request"
+	"github.com/1Panel-dev/1Panel/backend/constant"
+	"github.com/1Panel-dev/1Panel/backend/global"
+	"github.com/gin-gonic/gin"
+)
+
+// @Tags Host tool
+// @Summary Get tool
+// @Description 获取主机工具状态
+// @Accept json
+// @Param request body request.HostToolReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/tool [post]
+func (b *BaseApi) GetToolStatus(c *gin.Context) {
+	var req request.HostToolReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	config, err := hostToolService.GetToolStatus(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, config)
+}
+
+// @Tags Host tool
+// @Summary Create Host tool Config
+// @Description 创建主机工具配置
+// @Accept json
+// @Param request body request.HostToolCreate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/tool/create [post]
+// @x-panel-log {"bodyKeys":["type"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"创建 [type] 配置","formatEN":"create [type] config"}
+func (b *BaseApi) InitToolConfig(c *gin.Context) {
+	var req request.HostToolCreate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	if err := hostToolService.CreateToolConfig(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Host tool
+// @Summary Operate tool
+// @Description 操作主机工具
+// @Accept json
+// @Param request body request.HostToolReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/tool/operate [post]
+// @x-panel-log {"bodyKeys":["operate","type"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"[operate] [type] ","formatEN":"[operate] [type]"}
+func (b *BaseApi) OperateTool(c *gin.Context) {
+	var req request.HostToolReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	err := hostToolService.OperateTool(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Host tool
+// @Summary Get tool config
+// @Description 操作主机工具配置文件
+// @Accept json
+// @Param request body request.HostToolConfig true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/tool/config [post]
+// @x-panel-log {"bodyKeys":["operate"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"[operate] 主机工具配置文件 ","formatEN":"[operate] tool config"}
+func (b *BaseApi) OperateToolConfig(c *gin.Context) {
+	var req request.HostToolConfig
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	config, err := hostToolService.OperateToolConfig(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, config)
+}
+
+// @Tags Host tool
+// @Summary Get tool
+// @Description 获取主机工具日志
+// @Accept json
+// @Param request body request.HostToolLogReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/tool/log [post]
+func (b *BaseApi) GetToolLog(c *gin.Context) {
+	var req request.HostToolLogReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	logContent, err := hostToolService.GetToolLog(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, logContent)
+}
+
+// @Tags Host tool
+// @Summary Create Supervisor process
+// @Description 操作守护进程
+// @Accept json
+// @Param request body request.SupervisorProcessConfig true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/tool/supervisor/process [post]
+// @x-panel-log {"bodyKeys":["operate"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"[operate] 守护进程 ","formatEN":"[operate] process"}
+func (b *BaseApi) OperateProcess(c *gin.Context) {
+	var req request.SupervisorProcessConfig
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	err := hostToolService.OperateSupervisorProcess(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Host tool
+// @Summary Get Supervisor process config
+// @Description 获取 Supervisor 进程配置
+// @Accept json
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/tool/supervisor/process [get]
+func (b *BaseApi) GetProcess(c *gin.Context) {
+	configs, err := hostToolService.GetSupervisorProcessConfig()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, configs)
+}
+
+// @Tags Host tool
+// @Summary Get Supervisor process config
+// @Description 操作 Supervisor 进程文件
+// @Accept json
+// @Param request body request.SupervisorProcessFileReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/tool/supervisor/process/file [post]
+// @x-panel-log {"bodyKeys":["operate"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"[operate] Supervisor 进程文件 ","formatEN":"[operate] Supervisor Process Config file"}
+func (b *BaseApi) GetProcessFile(c *gin.Context) {
+	var req request.SupervisorProcessFileReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	content, err := hostToolService.OperateSupervisorProcessFile(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, content)
+}
--- a/backend/app/api/v1/image.go
+++ b/backend/app/api/v1/image.go
@@ -44,7 +44,7 @@ func (b *BaseApi) SearchImage(c *gin.Context) {
 // @Summary List images
 // @Description 获取镜像列表
 // @Produce json
-// @Success 200 {anrry} dto.Options
+// @Success 200 {array} dto.Options
 // @Security ApiKeyAuth
 // @Router /containers/image [get]
 func (b *BaseApi) ListImage(c *gin.Context) {
@@ -93,7 +93,7 @@ func (b *BaseApi) ImageBuild(c *gin.Context) {
 // @Success 200 {string} log
 // @Security ApiKeyAuth
 // @Router /containers/image/pull [post]
-// @x-panel-log {"bodyKeys":["repoID","imageName"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"repoID","isList":false,"db":"image_repos","output_colume":"name","output_value":"reponame"}],"formatZH":"镜像拉取 [reponame][imageName]","formatEN":"image pull [reponame][imageName]"}
+// @x-panel-log {"bodyKeys":["repoID","imageName"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"repoID","isList":false,"db":"image_repos","output_column":"name","output_value":"reponame"}],"formatZH":"镜像拉取 [reponame][imageName]","formatEN":"image pull [reponame][imageName]"}
 func (b *BaseApi) ImagePull(c *gin.Context) {
 	var req dto.ImagePull
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -122,7 +122,7 @@ func (b *BaseApi) ImagePull(c *gin.Context) {
 // @Success 200 {string} log
 // @Security ApiKeyAuth
 // @Router /containers/image/push [post]
-// @x-panel-log {"bodyKeys":["repoID","tagName","name"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"repoID","isList":false,"db":"image_repos","output_colume":"name","output_value":"reponame"}],"formatZH":"[tagName] 推送到 [reponame][name]","formatEN":"push [tagName] to [reponame][name]"}
+// @x-panel-log {"bodyKeys":["repoID","tagName","name"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"repoID","isList":false,"db":"image_repos","output_column":"name","output_value":"reponame"}],"formatZH":"[tagName] 推送到 [reponame][name]","formatEN":"push [tagName] to [reponame][name]"}
 func (b *BaseApi) ImagePush(c *gin.Context) {
 	var req dto.ImagePush
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -207,7 +207,7 @@ func (b *BaseApi) ImageSave(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /containers/image/tag [post]
-// @x-panel-log {"bodyKeys":["repoID","targetName"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"repoID","isList":false,"db":"image_repos","output_colume":"name","output_value":"reponame"}],"formatZH":"tag 镜像 [reponame][targetName]","formatEN":"tag image [reponame][targetName]"}
+// @x-panel-log {"bodyKeys":["repoID","targetName"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"repoID","isList":false,"db":"image_repos","output_column":"name","output_value":"reponame"}],"formatZH":"tag 镜像 [reponame][targetName]","formatEN":"tag image [reponame][targetName]"}
 func (b *BaseApi) ImageTag(c *gin.Context) {
 	var req dto.ImageTag
 	if err := c.ShouldBindJSON(&req); err != nil {
--- a/backend/app/api/v1/image_repo.go
+++ b/backend/app/api/v1/image_repo.go
@@ -44,7 +44,7 @@ func (b *BaseApi) SearchRepo(c *gin.Context) {
 // @Summary List image repos
 // @Description 获取镜像仓库列表
 // @Produce json
-// @Success 200 {anrry} dto.ImageRepoOption
+// @Success 200 {array} dto.ImageRepoOption
 // @Security ApiKeyAuth
 // @Router /containers/repo [get]
 func (b *BaseApi) ListRepo(c *gin.Context) {
@@ -119,7 +119,7 @@ func (b *BaseApi) CreateRepo(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /containers/repo/del [post]
-// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"ids","isList":true,"db":"image_repos","output_colume":"name","output_value":"names"}],"formatZH":"删除镜像仓库 [names]","formatEN":"delete image repo [names]"}
+// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"ids","isList":true,"db":"image_repos","output_column":"name","output_value":"names"}],"formatZH":"删除镜像仓库 [names]","formatEN":"delete image repo [names]"}
 func (b *BaseApi) DeleteRepo(c *gin.Context) {
 	var req dto.ImageRepoDelete
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -147,7 +147,7 @@ func (b *BaseApi) DeleteRepo(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /containers/repo/update [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"image_repos","output_colume":"name","output_value":"name"}],"formatZH":"更新镜像仓库 [name]","formatEN":"update image repo information [name]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"image_repos","output_column":"name","output_value":"name"}],"formatZH":"更新镜像仓库 [name]","formatEN":"update image repo information [name]"}
 func (b *BaseApi) UpdateRepo(c *gin.Context) {
 	var req dto.ImageRepoUpdate
 	if err := c.ShouldBindJSON(&req); err != nil {
--- a/backend/app/api/v1/logs.go
+++ b/backend/app/api/v1/logs.go
@@ -89,3 +89,19 @@ func (b *BaseApi) CleanLogs(c *gin.Context) {

 	helper.SuccessWithData(c, nil)
 }
+
+// @Tags Logs
+// @Summary Load system logs
+// @Description 获取系统日志
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /logs/system [get]
+func (b *BaseApi) GetSystemLogs(c *gin.Context) {
+	data, err := logService.LoadSystemLog()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
+	helper.SuccessWithData(c, data)
+}
--- a/backend/app/api/v1/monitor.go
+++ b/backend/app/api/v1/monitor.go
@@ -1,6 +1,7 @@
 package v1

 import (
+	"sort"
 	"time"

 	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
@@ -8,6 +9,7 @@ import (
 	"github.com/1Panel-dev/1Panel/backend/app/model"
 	"github.com/1Panel-dev/1Panel/backend/constant"
 	"github.com/1Panel-dev/1Panel/backend/global"
+	"github.com/1Panel-dev/1Panel/backend/utils/common"
 	"github.com/gin-gonic/gin"
 	"github.com/shirou/gopsutil/v3/disk"
 	"github.com/shirou/gopsutil/v3/net"
@@ -23,8 +25,9 @@ func (b *BaseApi) LoadMonitor(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
-	req.StartTime = req.StartTime.Add(8 * time.Hour)
-	req.EndTime = req.EndTime.Add(8 * time.Hour)
+	loc, _ := time.LoadLocation(common.LoadTimeZone())
+	req.StartTime = req.StartTime.In(loc)
+	req.EndTime = req.EndTime.In(loc)

 	var backdatas []dto.MonitorData
 	if req.Param == "all" || req.Param == "cpu" || req.Param == "memory" || req.Param == "load" {
@@ -88,6 +91,7 @@ func (b *BaseApi) GetNetworkOptions(c *gin.Context) {
 	for _, net := range netStat {
 		options = append(options, net.Name)
 	}
+	sort.Strings(options)
 	helper.SuccessWithData(c, options)
 }

@@ -98,5 +102,6 @@ func (b *BaseApi) GetIOOptions(c *gin.Context) {
 	for _, net := range diskStat {
 		options = append(options, net.Name)
 	}
+	sort.Strings(options)
 	helper.SuccessWithData(c, options)
 }
--- a/backend/app/api/v1/nginx.go
+++ b/backend/app/api/v1/nginx.go
@@ -27,7 +27,7 @@ func (b *BaseApi) GetNginx(c *gin.Context) {
 // @Description 获取部分 OpenResty 配置信息
 // @Accept json
 // @Param request body request.NginxScopeReq true "request"
-// @Success 200 {anrry} response.NginxParam
+// @Success 200 {array} response.NginxParam
 // @Security ApiKeyAuth
 // @Router /openResty/scope [post]
 func (b *BaseApi) GetNginxConfigByScope(c *gin.Context) {
@@ -53,7 +53,7 @@ func (b *BaseApi) GetNginxConfigByScope(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /openResty/update [post]
-// @x-panel-log {"bodyKeys":["websiteId"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"websiteId","isList":false,"db":"websites","output_colume":"primary_domain","output_value":"domain"}],"formatZH":"更新 nginx 配置 [domain]","formatEN":"Update nginx conf [domain]"}
+// @x-panel-log {"bodyKeys":["websiteId"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"websiteId","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"更新 nginx 配置 [domain]","formatEN":"Update nginx conf [domain]"}
 func (b *BaseApi) UpdateNginxConfigByScope(c *gin.Context) {
 	var req request.NginxConfigUpdate
 	if err := c.ShouldBindJSON(&req); err != nil {
--- a/backend/app/api/v1/process.go
+++ b/backend/app/api/v1/process.go
@@ -0,0 +1,40 @@
+package v1
+
+import (
+	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
+	"github.com/1Panel-dev/1Panel/backend/app/dto/request"
+	"github.com/1Panel-dev/1Panel/backend/constant"
+	websocket2 "github.com/1Panel-dev/1Panel/backend/utils/websocket"
+	"github.com/gin-gonic/gin"
+)
+
+func (b *BaseApi) ProcessWs(c *gin.Context) {
+	ws, err := wsUpgrade.Upgrade(c.Writer, c.Request, nil)
+	if err != nil {
+		return
+	}
+	wsClient := websocket2.NewWsClient("processClient", ws)
+	go wsClient.Read()
+	go wsClient.Write()
+}
+
+// @Tags Process
+// @Summary Stop Process
+// @Description 停止进程
+// @Param request body request.ProcessReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /process/stop [post]
+// @x-panel-log {"bodyKeys":["PID"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"结束进程 [PID]","formatEN":"结束进程 [PID]"}
+func (b *BaseApi) StopProcess(c *gin.Context) {
+	var req request.ProcessReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := processService.StopProcess(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
--- a/backend/app/api/v1/remote_db.go
+++ b/backend/app/api/v1/remote_db.go
@@ -0,0 +1,180 @@
+package v1
+
+import (
+	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
+	"github.com/1Panel-dev/1Panel/backend/app/dto"
+	"github.com/1Panel-dev/1Panel/backend/constant"
+	"github.com/1Panel-dev/1Panel/backend/global"
+	"github.com/gin-gonic/gin"
+)
+
+// @Tags Database
+// @Summary Create remote database
+// @Description 创建远程数据库
+// @Accept json
+// @Param request body dto.RemoteDBCreate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /databases/remote [post]
+// @x-panel-log {"bodyKeys":["name", "type"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"创建远程数据库 [name][type]","formatEN":"create remote database [name][type]"}
+func (b *BaseApi) CreateRemoteDB(c *gin.Context) {
+	var req dto.RemoteDBCreate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := remoteDBService.Create(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Database
+// @Summary Check remote database
+// @Description 检测远程数据库连接性
+// @Accept json
+// @Param request body dto.RemoteDBCreate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /databases/remote/check [post]
+// @x-panel-log {"bodyKeys":["name", "type"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"检测远程数据库 [name][type] 连接性","formatEN":"check if remote database [name][type] is connectable"}
+func (b *BaseApi) CheckeRemoteDB(c *gin.Context) {
+	var req dto.RemoteDBCreate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	helper.SuccessWithData(c, remoteDBService.CheckeRemoteDB(req))
+}
+
+// @Tags Database
+// @Summary Page remote databases
+// @Description 获取远程数据库列表分页
+// @Accept json
+// @Param request body dto.RemoteDBSearch true "request"
+// @Success 200 {object} dto.PageResult
+// @Security ApiKeyAuth
+// @Router /databases/remote/search [post]
+func (b *BaseApi) SearchRemoteDB(c *gin.Context) {
+	var req dto.RemoteDBSearch
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	total, list, err := remoteDBService.SearchWithPage(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
+	helper.SuccessWithData(c, dto.PageResult{
+		Items: list,
+		Total: total,
+	})
+}
+
+// @Tags Database
+// @Summary List remote databases
+// @Description 获取远程数据库列表
+// @Success 200 {array} dto.RemoteDBOption
+// @Security ApiKeyAuth
+// @Router /databases/remote/list/:type [get]
+func (b *BaseApi) ListRemoteDB(c *gin.Context) {
+	dbType, err := helper.GetStrParamByKey(c, "type")
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	list, err := remoteDBService.List(dbType)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
+	helper.SuccessWithData(c, list)
+}
+
+// @Tags Database
+// @Summary Get remote databases
+// @Description 获取远程数据库
+// @Success 200 {object} dto.RemoteDBInfo
+// @Security ApiKeyAuth
+// @Router /databases/remote/:name [get]
+func (b *BaseApi) GetRemoteDB(c *gin.Context) {
+	name, err := helper.GetStrParamByKey(c, "name")
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	data, err := remoteDBService.Get(name)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
+	helper.SuccessWithData(c, data)
+}
+
+// @Tags Database
+// @Summary Delete remote database
+// @Description 删除远程数据库
+// @Accept json
+// @Param request body dto.OperateByID true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /databases/remote/del [post]
+// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"ids","isList":true,"db":"databases","output_column":"name","output_value":"names"}],"formatZH":"删除远程数据库 [names]","formatEN":"delete remote database [names]"}
+func (b *BaseApi) DeleteRemoteDB(c *gin.Context) {
+	var req dto.OperateByID
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	if err := remoteDBService.Delete(req.ID); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Database
+// @Summary Update remote database
+// @Description 更新远程数据库
+// @Accept json
+// @Param request body dto.RemoteDBUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /databases/remote/update [post]
+// @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"更新远程数据库 [name]","formatEN":"update remote database [name]"}
+func (b *BaseApi) UpdateRemoteDB(c *gin.Context) {
+	var req dto.RemoteDBUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	if err := remoteDBService.Update(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
--- a/backend/app/api/v1/runtime.go
+++ b/backend/app/api/v1/runtime.go
@@ -0,0 +1,123 @@
+package v1
+
+import (
+	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
+	"github.com/1Panel-dev/1Panel/backend/app/dto"
+	"github.com/1Panel-dev/1Panel/backend/app/dto/request"
+	"github.com/1Panel-dev/1Panel/backend/constant"
+	"github.com/gin-gonic/gin"
+)
+
+// @Tags Runtime
+// @Summary List runtimes
+// @Description 获取运行环境列表
+// @Accept json
+// @Param request body request.RuntimeSearch true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /runtimes/search [post]
+func (b *BaseApi) SearchRuntimes(c *gin.Context) {
+	var req request.RuntimeSearch
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	total, items, err := runtimeService.Page(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, dto.PageResult{
+		Total: total,
+		Items: items,
+	})
+}
+
+// @Tags Runtime
+// @Summary Create runtime
+// @Description 创建运行环境
+// @Accept json
+// @Param request body request.RuntimeCreate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /runtimes [post]
+// @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"创建运行环境 [name]","formatEN":"Create runtime [name]"}
+func (b *BaseApi) CreateRuntime(c *gin.Context) {
+	var req request.RuntimeCreate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := runtimeService.Create(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Website
+// @Summary Delete runtime
+// @Description 删除运行环境
+// @Accept json
+// @Param request body request.RuntimeDelete true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /runtimes/del [post]
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"删除网站 [name]","formatEN":"Delete website [name]"}
+func (b *BaseApi) DeleteRuntime(c *gin.Context) {
+	var req request.RuntimeDelete
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	err := runtimeService.Delete(req.ID)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Runtime
+// @Summary Update runtime
+// @Description 更新运行环境
+// @Accept json
+// @Param request body request.RuntimeUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /runtimes/update [post]
+// @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"更新运行环境 [name]","formatEN":"Update runtime [name]"}
+func (b *BaseApi) UpdateRuntime(c *gin.Context) {
+	var req request.RuntimeUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := runtimeService.Update(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Runtime
+// @Summary Get runtime
+// @Description 获取运行环境
+// @Accept json
+// @Param id path string true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /runtimes/:id [get]
+func (b *BaseApi) GetRuntime(c *gin.Context) {
+	id, err := helper.GetIntParamByKey(c, "id")
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInternalServer, nil)
+		return
+	}
+	res, err := runtimeService.Get(id)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, res)
+}
--- a/backend/app/api/v1/setting.go
+++ b/backend/app/api/v1/setting.go
@@ -2,14 +2,16 @@ package v1

 import (
 	"errors"
-	"time"
+	"fmt"
+	"os"
+	"path"
+	"strconv"

 	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
 	"github.com/1Panel-dev/1Panel/backend/app/dto"
 	"github.com/1Panel-dev/1Panel/backend/constant"
 	"github.com/1Panel-dev/1Panel/backend/global"
 	"github.com/1Panel-dev/1Panel/backend/utils/mfa"
-	"github.com/1Panel-dev/1Panel/backend/utils/ntp"
 	"github.com/gin-gonic/gin"
 )

@@ -92,6 +94,64 @@ func (b *BaseApi) UpdatePassword(c *gin.Context) {
 	helper.SuccessWithData(c, nil)
 }

+// @Tags System Setting
+// @Summary Update system ssl
+// @Description 修改系统 ssl 登录
+// @Accept json
+// @Param request body dto.SSLUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /settings/ssl/update [post]
+// @x-panel-log {"bodyKeys":["ssl"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"修改系统 ssl => [ssl]","formatEN":"update system ssl => [ssl]"}
+func (b *BaseApi) UpdateSSL(c *gin.Context) {
+	var req dto.SSLUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	if err := settingService.UpdateSSL(c, req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags System Setting
+// @Summary Load system cert info
+// @Description 获取证书信息
+// @Success 200 {object} dto.SettingInfo
+// @Security ApiKeyAuth
+// @Router /settings/ssl/info [get]
+func (b *BaseApi) LoadFromCert(c *gin.Context) {
+	info, err := settingService.LoadFromCert()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, info)
+}
+
+// @Tags System Setting
+// @Summary Download system cert
+// @Description 下载证书
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /settings/ssl/download [post]
+func (b *BaseApi) DownloadSSL(c *gin.Context) {
+	pathItem := path.Join(global.CONF.System.BaseDir, "1panel/secret/server.crt")
+	if _, err := os.Stat(pathItem); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
+	c.File(pathItem)
+}
+
 // @Tags System Setting
 // @Summary Update system port
 // @Description 更新系统端口
@@ -147,26 +207,40 @@ func (b *BaseApi) HandlePasswordExpired(c *gin.Context) {
 }

 // @Tags System Setting
-// @Summary Sync system time
-// @Description 系统时间同步
-// @Success 200 {string} ntime
+// @Summary Load time zone options
+// @Description 加载系统可用时区
+// @Success 200
 // @Security ApiKeyAuth
-// @Router /settings/time/sync [post]
-// @x-panel-log {"bodyKeys":[],"paramKeys":[],"BeforeFuntions":[],"formatZH":"系统时间同步","formatEN":"sync system time"}
-func (b *BaseApi) SyncTime(c *gin.Context) {
-	ntime, err := ntp.Getremotetime()
+// @Router /settings/time/option [get]
+func (b *BaseApi) LoadTimeZone(c *gin.Context) {
+	zones, err := settingService.LoadTimeZone()
 	if err != nil {
-		helper.SuccessWithData(c, time.Now().Format("2006-01-02 15:04:05 MST -0700"))
-		return
-	}
-
-	ts := ntime.Format("2006-01-02 15:04:05")
-	if err := ntp.UpdateSystemDate(ts); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
+	helper.SuccessWithData(c, zones)
+}

-	helper.SuccessWithData(c, ntime.Format("2006-01-02 15:04:05 MST -0700"))
+// @Tags System Setting
+// @Summary Sync system time
+// @Description 系统时间同步
+// @Accept json
+// @Param request body dto.SyncTime true "request"
+// @Success 200 {string} ntime
+// @Security ApiKeyAuth
+// @Router /settings/time/sync [post]
+// @x-panel-log {"bodyKeys":["ntpSite"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"系统时间同步[ntpSite]","formatEN":"sync system time [ntpSite]"}
+func (b *BaseApi) SyncTime(c *gin.Context) {
+	var req dto.SyncTime
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := settingService.SyncTime(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
 }

 // @Tags System Setting
@@ -206,11 +280,23 @@ func (b *BaseApi) CleanMonitor(c *gin.Context) {
 // @Tags System Setting
 // @Summary Load mfa info
 // @Description 获取 mfa 信息
+// @Param interval path string true "request"
 // @Success 200 {object} mfa.Otp
 // @Security ApiKeyAuth
-// @Router /settings/mfa [get]
+// @Router /settings/mfa/:interval [get]
 func (b *BaseApi) GetMFA(c *gin.Context) {
-	otp, err := mfa.GetOtp("admin")
+	intervalStr, ok := c.Params.Get("interval")
+	if !ok {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, errors.New("error interval in path"))
+		return
+	}
+	interval, err := strconv.Atoi(intervalStr)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, fmt.Errorf("type conversion failed, err: %v", err))
+		return
+	}
+
+	otp, err := mfa.GetOtp("admin", interval)
 	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
@@ -234,12 +320,17 @@ func (b *BaseApi) MFABind(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
-	success := mfa.ValidCode(req.Code, req.Secret)
+	success := mfa.ValidCode(req.Code, req.Interval, req.Secret)
 	if !success {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, errors.New("code is not valid"))
 		return
 	}

+	if err := settingService.Update("MFAInterval", req.Interval); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+
 	if err := settingService.Update("MFAStatus", "enable"); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
--- a/backend/app/api/v1/snapshot.go
+++ b/backend/app/api/v1/snapshot.go
@@ -68,7 +68,7 @@ func (b *BaseApi) ImportSnapshot(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /settings/snapshot/description/update [post]
-// @x-panel-log {"bodyKeys":["id","description"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"snapshots","output_colume":"name","output_value":"name"}],"formatZH":"快照 [name] 描述信息修改 [description]","formatEN":"The description of the snapshot [name] is modified => [description]"}
+// @x-panel-log {"bodyKeys":["id","description"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"snapshots","output_column":"name","output_value":"name"}],"formatZH":"快照 [name] 描述信息修改 [description]","formatEN":"The description of the snapshot [name] is modified => [description]"}
 func (b *BaseApi) UpdateSnapDescription(c *gin.Context) {
 	var req dto.UpdateDescription
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -119,7 +119,7 @@ func (b *BaseApi) SearchSnapshot(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /settings/snapshot/recover [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"snapshots","output_colume":"name","output_value":"name"}],"formatZH":"从系统快照 [name] 恢复","formatEN":"Recover from system backup [name]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"snapshots","output_column":"name","output_value":"name"}],"formatZH":"从系统快照 [name] 恢复","formatEN":"Recover from system backup [name]"}
 func (b *BaseApi) RecoverSnapshot(c *gin.Context) {
 	var req dto.SnapshotRecover
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -146,7 +146,7 @@ func (b *BaseApi) RecoverSnapshot(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /settings/snapshot/rollback [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"snapshots","output_colume":"name","output_value":"name"}],"formatZH":"从系统快照 [name] 回滚","formatEN":"Rollback from system backup [name]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"snapshots","output_column":"name","output_value":"name"}],"formatZH":"从系统快照 [name] 回滚","formatEN":"Rollback from system backup [name]"}
 func (b *BaseApi) RollbackSnapshot(c *gin.Context) {
 	var req dto.SnapshotRecover
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -173,7 +173,7 @@ func (b *BaseApi) RollbackSnapshot(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /settings/snapshot/del [post]
-// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"ids","isList":true,"db":"snapshots","output_colume":"name","output_value":"name"}],"formatZH":"删除系统快照 [name]","formatEN":"Delete system backup [name]"}
+// @x-panel-log {"bodyKeys":["ids"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"ids","isList":true,"db":"snapshots","output_column":"name","output_value":"name"}],"formatZH":"删除系统快照 [name]","formatEN":"Delete system backup [name]"}
 func (b *BaseApi) DeleteSnapshot(c *gin.Context) {
 	var req dto.BatchDeleteReq
 	if err := c.ShouldBindJSON(&req); err != nil {
--- a/backend/app/api/v1/ssh.go
+++ b/backend/app/api/v1/ssh.go
@@ -0,0 +1,200 @@
+package v1
+
+import (
+	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
+	"github.com/1Panel-dev/1Panel/backend/app/dto"
+	"github.com/1Panel-dev/1Panel/backend/constant"
+	"github.com/1Panel-dev/1Panel/backend/global"
+	"github.com/gin-gonic/gin"
+)
+
+// @Tags SSH
+// @Summary Load host ssh setting info
+// @Description 加载 SSH 配置信息
+// @Success 200 {object} dto.SSHInfo
+// @Security ApiKeyAuth
+// @Router /host/ssh/search [post]
+func (b *BaseApi) GetSSHInfo(c *gin.Context) {
+	info, err := sshService.GetSSHInfo()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, info)
+}
+
+// @Tags SSH
+// @Summary Operate ssh
+// @Description 修改 SSH 服务状态
+// @Accept json
+// @Param request body dto.Operate true "request"
+// @Security ApiKeyAuth
+// @Router /host/ssh/operate [post]
+// @x-panel-log {"bodyKeys":["operation"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"[operation] SSH ","formatEN":"[operation] SSH"}
+func (b *BaseApi) OperateSSH(c *gin.Context) {
+	var req dto.Operate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	if err := sshService.OperateSSH(req.Operation); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags SSH
+// @Summary Update host ssh setting
+// @Description 更新 SSH 配置
+// @Accept json
+// @Param request body dto.SettingUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/ssh/update [post]
+// @x-panel-log {"bodyKeys":["key","value"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"修改 SSH 配置 [key] => [value]","formatEN":"update SSH setting [key] => [value]"}
+func (b *BaseApi) UpdateSSH(c *gin.Context) {
+	var req dto.SettingUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	if err := sshService.Update(req.Key, req.Value); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags SSH
+// @Summary Update host ssh setting by file
+// @Description 上传文件更新 SSH 配置
+// @Accept json
+// @Param request body dto.SSHConf true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/conffile/update [post]
+// @x-panel-log {"bodyKeys":[],"paramKeys":[],"BeforeFuntions":[],"formatZH":"修改 SSH 配置文件","formatEN":"update SSH conf"}
+func (b *BaseApi) UpdateSSHByfile(c *gin.Context) {
+	var req dto.SSHConf
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	if err := sshService.UpdateByFile(req.File); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags SSH
+// @Summary Generate host ssh secret
+// @Description 生成 ssh 密钥
+// @Accept json
+// @Param request body dto.GenerateSSH true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/ssh/generate [post]
+// @x-panel-log {"bodyKeys":[],"paramKeys":[],"BeforeFuntions":[],"formatZH":"生成 SSH 密钥 ","formatEN":"generate SSH secret"}
+func (b *BaseApi) GenerateSSH(c *gin.Context) {
+	var req dto.GenerateSSH
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	if err := sshService.GenerateSSH(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags SSH
+// @Summary Load host ssh secret
+// @Description 获取 ssh 密钥
+// @Accept json
+// @Param request body dto.GenerateLoad true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/ssh/secret [post]
+func (b *BaseApi) LoadSSHSecret(c *gin.Context) {
+	var req dto.GenerateLoad
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	data, err := sshService.LoadSSHSecret(req.EncryptionMode)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, data)
+}
+
+// @Tags SSH
+// @Summary Load host ssh logs
+// @Description 获取 ssh 登录日志
+// @Accept json
+// @Param request body dto.SearchSSHLog true "request"
+// @Success 200 {object} dto.SSHLog
+// @Security ApiKeyAuth
+// @Router /host/ssh/logs [post]
+func (b *BaseApi) LoadSSHLogs(c *gin.Context) {
+	var req dto.SearchSSHLog
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := global.VALID.Struct(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+
+	data, err := sshService.LoadLog(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, data)
+}
+
+// @Tags SSH
+// @Summary Load host ssh conf
+// @Description 获取 ssh 配置文件
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /host/ssh/conf [get]
+func (b *BaseApi) LoadSSHConf(c *gin.Context) {
+	data, err := sshService.LoadSSHConf()
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, data)
+}
--- a/backend/app/api/v1/terminal.go
+++ b/backend/app/api/v1/terminal.go
@@ -1,14 +1,16 @@
 package v1

 import (
+	"encoding/base64"
+	"encoding/json"
 	"fmt"
 	"net/http"
 	"strconv"
+	"strings"
 	"time"

-	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
-	"github.com/1Panel-dev/1Panel/backend/constant"
 	"github.com/1Panel-dev/1Panel/backend/global"
+	"github.com/1Panel-dev/1Panel/backend/utils/cmd"
 	"github.com/1Panel-dev/1Panel/backend/utils/copier"
 	"github.com/1Panel-dev/1Panel/backend/utils/ssh"
 	"github.com/1Panel-dev/1Panel/backend/utils/terminal"
@@ -18,32 +20,6 @@ import (
 )

 func (b *BaseApi) WsSsh(c *gin.Context) {
-	id, err := strconv.Atoi(c.Query("id"))
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	cols, err := strconv.Atoi(c.DefaultQuery("cols", "80"))
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	rows, err := strconv.Atoi(c.DefaultQuery("rows", "40"))
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	host, err := hostService.GetHostInfo(uint(id))
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	var connInfo ssh.ConnInfo
-	if err := copier.Copy(&connInfo, &host); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, constant.ErrStructTransform)
-		return
-	}
-
 	wsConn, err := upGrader.Upgrade(c.Writer, c.Request, nil)
 	if err != nil {
 		global.LOG.Errorf("gin context http handler failed, err: %v", err)
@@ -51,17 +27,35 @@ func (b *BaseApi) WsSsh(c *gin.Context) {
 	}
 	defer wsConn.Close()

+	id, err := strconv.Atoi(c.Query("id"))
+	if wshandleError(wsConn, errors.WithMessage(err, "invalid param id in request")) {
+		return
+	}
+	cols, err := strconv.Atoi(c.DefaultQuery("cols", "80"))
+	if wshandleError(wsConn, errors.WithMessage(err, "invalid param cols in request")) {
+		return
+	}
+	rows, err := strconv.Atoi(c.DefaultQuery("rows", "40"))
+	if wshandleError(wsConn, errors.WithMessage(err, "invalid param rows in request")) {
+		return
+	}
+	host, err := hostService.GetHostInfo(uint(id))
+	if wshandleError(wsConn, errors.WithMessage(err, "load host info by id failed")) {
+		return
+	}
+	var connInfo ssh.ConnInfo
+	_ = copier.Copy(&connInfo, &host)
+	connInfo.PrivateKey = []byte(host.PrivateKey)
+	if len(host.PassPhrase) != 0 {
+		connInfo.PassPhrase = []byte(host.PassPhrase)
+	}
+
 	client, err := connInfo.NewClient()
 	if wshandleError(wsConn, errors.WithMessage(err, "failed to set up the connection. Please check the host information")) {
 		return
 	}
 	defer client.Close()
-	ssConn, err := connInfo.NewSshConn(cols, rows)
-	if wshandleError(wsConn, err) {
-		return
-	}
-	defer ssConn.Close()
-
+	
 	sws, err := terminal.NewLogicSshWsSession(cols, rows, true, connInfo.Client, wsConn)
 	if wshandleError(wsConn, err) {
 		return
@@ -80,37 +74,36 @@ func (b *BaseApi) WsSsh(c *gin.Context) {
 }

 func (b *BaseApi) RedisWsSsh(c *gin.Context) {
-	cols, err := strconv.Atoi(c.DefaultQuery("cols", "80"))
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	rows, err := strconv.Atoi(c.DefaultQuery("rows", "40"))
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	redisConf, err := redisService.LoadConf()
-	if err != nil {
-		global.LOG.Errorf("load redis container failed, err: %v", err)
-		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
-		return
-	}
-
 	wsConn, err := upGrader.Upgrade(c.Writer, c.Request, nil)
 	if err != nil {
 		global.LOG.Errorf("gin context http handler failed, err: %v", err)
 		return
 	}
-	defer wsConn.Close()
-	commands := fmt.Sprintf("docker exec -it %s redis-cli", redisConf.ContainerName)
-	if len(redisConf.Requirepass) != 0 {
-		commands = fmt.Sprintf("docker exec -it %s redis-cli -a %s --no-auth-warning", redisConf.ContainerName, redisConf.Requirepass)
+
+	cols, err := strconv.Atoi(c.DefaultQuery("cols", "80"))
+	if wshandleError(wsConn, errors.WithMessage(err, "invalid param cols in request")) {
+		return
 	}
-	slave, err := terminal.NewCommand(commands)
+	rows, err := strconv.Atoi(c.DefaultQuery("rows", "40"))
+	if wshandleError(wsConn, errors.WithMessage(err, "invalid param rows in request")) {
+		return
+	}
+	redisConf, err := redisService.LoadConf()
+	if wshandleError(wsConn, errors.WithMessage(err, "load redis container failed")) {
+		return
+	}
+
+	defer wsConn.Close()
+	commands := "redis-cli"
+	if len(redisConf.Requirepass) != 0 {
+		commands = fmt.Sprintf("redis-cli -a %s --no-auth-warning", redisConf.Requirepass)
+	}
+	pidMap := loadMapFromDockerTop(redisConf.ContainerName)
+	slave, err := terminal.NewCommand(fmt.Sprintf("docker exec -it %s %s", redisConf.ContainerName, commands))
 	if wshandleError(wsConn, err) {
 		return
 	}
+	defer killBash(redisConf.ContainerName, commands, pidMap)
 	defer slave.Close()

 	tty, err := terminal.NewLocalWsSession(cols, rows, wsConn, slave)
@@ -131,24 +124,6 @@ func (b *BaseApi) RedisWsSsh(c *gin.Context) {
 }

 func (b *BaseApi) ContainerWsSsh(c *gin.Context) {
-	containerID := c.Query("containerid")
-	command := c.Query("command")
-	user := c.Query("user")
-	if len(command) == 0 || len(containerID) == 0 {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, errors.New("error param of command or containerID"))
-		return
-	}
-	cols, err := strconv.Atoi(c.DefaultQuery("cols", "80"))
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	rows, err := strconv.Atoi(c.DefaultQuery("rows", "40"))
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-
 	wsConn, err := upGrader.Upgrade(c.Writer, c.Request, nil)
 	if err != nil {
 		global.LOG.Errorf("gin context http handler failed, err: %v", err)
@@ -156,14 +131,47 @@ func (b *BaseApi) ContainerWsSsh(c *gin.Context) {
 	}
 	defer wsConn.Close()

+	containerID := c.Query("containerid")
+	command := c.Query("command")
+	user := c.Query("user")
+	if len(command) == 0 || len(containerID) == 0 {
+		if wshandleError(wsConn, errors.New("error param of command or containerID")) {
+			return
+		}
+	}
+	cols, err := strconv.Atoi(c.DefaultQuery("cols", "80"))
+	if wshandleError(wsConn, errors.WithMessage(err, "invalid param cols in request")) {
+		return
+	}
+	rows, err := strconv.Atoi(c.DefaultQuery("rows", "40"))
+	if wshandleError(wsConn, errors.WithMessage(err, "invalid param rows in request")) {
+		return
+	}
+
+	cmds := []string{"exec", containerID, command}
+	if len(user) != 0 {
+		cmds = []string{"exec", "-u", user, containerID, command}
+	}
+	if cmd.CheckIllegal(user, containerID, command) {
+		if wshandleError(wsConn, errors.New("  The command contains illegal characters.")) {
+			return
+		}
+	}
+	stdout, err := cmd.ExecWithCheck("docker", cmds...)
+	if wshandleError(wsConn, errors.WithMessage(err, stdout)) {
+		return
+	}
+
 	commands := fmt.Sprintf("docker exec -it %s %s", containerID, command)
 	if len(user) != 0 {
 		commands = fmt.Sprintf("docker exec -it -u %s %s %s", user, containerID, command)
 	}
+	pidMap := loadMapFromDockerTop(containerID)
 	slave, err := terminal.NewCommand(commands)
 	if wshandleError(wsConn, err) {
 		return
 	}
+	defer killBash(containerID, command, pidMap)
 	defer slave.Close()

 	tty, err := terminal.NewLocalWsSession(cols, rows, wsConn, slave)
@@ -187,14 +195,58 @@ func wshandleError(ws *websocket.Conn, err error) bool {
 	if err != nil {
 		global.LOG.Errorf("handler ws faled:, err: %v", err)
 		dt := time.Now().Add(time.Second)
-		if err := ws.WriteControl(websocket.CloseMessage, []byte(err.Error()), dt); err != nil {
-			global.LOG.Errorf("websocket writes control message failed, err: %v", err)
+		if ctlerr := ws.WriteControl(websocket.CloseMessage, []byte(err.Error()), dt); ctlerr != nil {
+			wsData, err := json.Marshal(terminal.WsMsg{
+				Type: terminal.WsMsgCmd,
+				Data: base64.StdEncoding.EncodeToString([]byte(err.Error())),
+			})
+			if err != nil {
+				_ = ws.WriteMessage(websocket.TextMessage, []byte("{\"type\":\"cmd\",\"data\":\"failed to encoding to json\"}"))
+			} else {
+				_ = ws.WriteMessage(websocket.TextMessage, wsData)
+			}
 		}
 		return true
 	}
 	return false
 }

+func loadMapFromDockerTop(containerID string) map[string]string {
+	pidMap := make(map[string]string)
+	sudo := cmd.SudoHandleCmd()
+
+	stdout, err := cmd.Execf("%s docker top %s -eo pid,command ", sudo, containerID)
+	if err != nil {
+		return pidMap
+	}
+	lines := strings.Split(stdout, "\n")
+	for _, line := range lines {
+		parts := strings.Fields(line)
+		if len(parts) != 2 {
+			continue
+		}
+		pidMap[parts[0]] = parts[1]
+	}
+	return pidMap
+}
+
+func killBash(containerID, comm string, pidMap map[string]string) {
+	sudo := cmd.SudoHandleCmd()
+	newPidMap := loadMapFromDockerTop(containerID)
+	for pid, command := range newPidMap {
+		isOld := false
+		for pid2 := range pidMap {
+			if pid == pid2 {
+				isOld = true
+				break
+			}
+		}
+		if !isOld && command == comm {
+			_, _ = cmd.Execf("%s kill -9 %s", sudo, pid)
+		}
+	}
+}
+
 var upGrader = websocket.Upgrader{
 	ReadBufferSize:  1024,
 	WriteBufferSize: 1024 * 1024 * 10,
--- a/backend/app/api/v1/upgrade.go
+++ b/backend/app/api/v1/upgrade.go
@@ -22,6 +22,28 @@ func (b *BaseApi) GetUpgradeInfo(c *gin.Context) {
 	helper.SuccessWithData(c, info)
 }

+// @Tags System Setting
+// @Summary Load release notes by version
+// @Description 获取版本 release notes
+// @Accept json
+// @Param request body dto.Upgrade true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /settings/upgrade [get]
+func (b *BaseApi) GetNotesByVersion(c *gin.Context) {
+	var req dto.Upgrade
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	notes, err := upgradeService.LoadNotes(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, notes)
+}
+
 // @Tags System Setting
 // @Summary Upgrade
 // @Description 系统更新
--- a/backend/app/api/v1/website.go
+++ b/backend/app/api/v1/website.go
@@ -36,7 +36,7 @@ func (b *BaseApi) PageWebsite(c *gin.Context) {
 // @Tags Website
 // @Summary List websites
 // @Description 获取网站列表
-// @Success 200 {anrry} response.WebsiteDTO
+// @Success 200 {array} response.WebsiteDTO
 // @Security ApiKeyAuth
 // @Router /websites/list [get]
 func (b *BaseApi) GetWebsites(c *gin.Context) {
@@ -51,7 +51,7 @@ func (b *BaseApi) GetWebsites(c *gin.Context) {
 // @Tags Website
 // @Summary List website names
 // @Description 获取网站列表
-// @Success 200 {anrry} string
+// @Success 200 {array} string
 // @Security ApiKeyAuth
 // @Router /websites/options [get]
 func (b *BaseApi) GetWebsiteOptions(c *gin.Context) {
@@ -78,14 +78,12 @@ func (b *BaseApi) CreateWebsite(c *gin.Context) {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
-	tx, ctx := helper.GetTxAndContext()
-	err := websiteService.CreateWebsite(ctx, req)
+
+	err := websiteService.CreateWebsite(req)
 	if err != nil {
-		tx.Rollback()
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
-	tx.Commit()
 	helper.SuccessWithData(c, nil)
 }

@@ -97,7 +95,7 @@ func (b *BaseApi) CreateWebsite(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /websites/operate [post]
-// @x-panel-log {"bodyKeys":["id", "operate"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"websites","output_colume":"primary_domain","output_value":"domain"}],"formatZH":"[operate] 网站 [domain]","formatEN":"[operate] website [domain]"}
+// @x-panel-log {"bodyKeys":["id", "operate"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"[operate] 网站 [domain]","formatEN":"[operate] website [domain]"}
 func (b *BaseApi) OpWebsite(c *gin.Context) {
 	var req request.WebsiteOp
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -120,21 +118,19 @@ func (b *BaseApi) OpWebsite(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /websites/del [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"websites","output_colume":"primary_domain","output_value":"domain"}],"formatZH":"删除网站 [domain]","formatEN":"Delete website [domain]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"删除网站 [domain]","formatEN":"Delete website [domain]"}
 func (b *BaseApi) DeleteWebsite(c *gin.Context) {
 	var req request.WebsiteDelete
 	if err := c.ShouldBindJSON(&req); err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
 		return
 	}
-	tx, ctx := helper.GetTxAndContext()
-	err := websiteService.DeleteWebsite(ctx, req)
+
+	err := websiteService.DeleteWebsite(req)
 	if err != nil {
-		tx.Rollback()
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
 	}
-	tx.Commit()
 	helper.SuccessWithData(c, nil)
 }

@@ -189,14 +185,16 @@ func (b *BaseApi) GetWebsite(c *gin.Context) {
 // @Param id path integer true "request"
 // @Success 200 {object} response.FileInfo
 // @Security ApiKeyAuth
-// @Router /websites/:id/nginx [get]
+// @Router /websites/:id/config/:type [get]
 func (b *BaseApi) GetWebsiteNginx(c *gin.Context) {
 	id, err := helper.GetParamID(c)
 	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInternalServer, nil)
 		return
 	}
-	fileInfo, err := websiteService.GetWebsiteNginxConfig(id)
+	configType := c.Param("type")
+
+	fileInfo, err := websiteService.GetWebsiteNginxConfig(id, configType)
 	if err != nil {
 		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 		return
@@ -209,7 +207,7 @@ func (b *BaseApi) GetWebsiteNginx(c *gin.Context) {
 // @Description 通过网站 id 查询域名
 // @Accept json
 // @Param websiteId path integer true "request"
-// @Success 200 {anrry} model.WebsiteDomain
+// @Success 200 {array} model.WebsiteDomain
 // @Security ApiKeyAuth
 // @Router /websites/domains/:websiteId [get]
 func (b *BaseApi) GetWebDomains(c *gin.Context) {
@@ -234,7 +232,7 @@ func (b *BaseApi) GetWebDomains(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /websites/domains/del [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"website_domains","output_colume":"domain","output_value":"domain"}],"formatZH":"删除域名 [domain]","formatEN":"Delete domain [domain]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"website_domains","output_column":"domain","output_value":"domain"}],"formatZH":"删除域名 [domain]","formatEN":"Delete domain [domain]"}
 func (b *BaseApi) DeleteWebDomain(c *gin.Context) {
 	var req request.WebsiteDomainDelete
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -302,7 +300,7 @@ func (b *BaseApi) GetNginxConfig(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /websites/config/update [post]
-// @x-panel-log {"bodyKeys":["websiteId"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"websiteId","isList":false,"db":"websites","output_colume":"primary_domain","output_value":"domain"}],"formatZH":"nginx 配置修改 [domain]","formatEN":"Nginx conf update [domain]"}
+// @x-panel-log {"bodyKeys":["websiteId"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"websiteId","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"nginx 配置修改 [domain]","formatEN":"Nginx conf update [domain]"}
 func (b *BaseApi) UpdateNginxConfig(c *gin.Context) {
 	var req request.NginxConfigUpdate
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -346,7 +344,7 @@ func (b *BaseApi) GetHTTPSConfig(c *gin.Context) {
 // @Success 200 {object} response.WebsiteHTTPS
 // @Security ApiKeyAuth
 // @Router /websites/:id/https [post]
-// @x-panel-log {"bodyKeys":["websiteId"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"websiteId","isList":false,"db":"websites","output_colume":"primary_domain","output_value":"domain"}],"formatZH":"更新网站 [domain] https 配置","formatEN":"Update website https [domain] conf"}
+// @x-panel-log {"bodyKeys":["websiteId"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"websiteId","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"更新网站 [domain] https 配置","formatEN":"Update website https [domain] conf"}
 func (b *BaseApi) UpdateHTTPSConfig(c *gin.Context) {
 	var req request.WebsiteHTTPSOp
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -369,7 +367,7 @@ func (b *BaseApi) UpdateHTTPSConfig(c *gin.Context) {
 // @Description 网站创建前检查
 // @Accept json
 // @Param request body request.WebsiteInstallCheckReq true "request"
-// @Success 200 {anrry} request.WebsitePreInstallCheck
+// @Success 200 {array} response.WebsitePreInstallCheck
 // @Security ApiKeyAuth
 // @Router /websites/check [post]
 func (b *BaseApi) CreateWebsiteCheck(c *gin.Context) {
@@ -416,7 +414,7 @@ func (b *BaseApi) GetWebsiteWafConfig(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /websites/waf/update [post]
-// @x-panel-log {"bodyKeys":["websiteId"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"websiteId","isList":false,"db":"websites","output_colume":"primary_domain","output_value":"domain"}],"formatZH":"WAF 配置修改 [domain]","formatEN":"WAF conf update [domain]"}
+// @x-panel-log {"bodyKeys":["websiteId"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"websiteId","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"WAF 配置修改 [domain]","formatEN":"WAF conf update [domain]"}
 func (b *BaseApi) UpdateWebsiteWafConfig(c *gin.Context) {
 	var req request.WebsiteWafUpdate
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -430,6 +428,28 @@ func (b *BaseApi) UpdateWebsiteWafConfig(c *gin.Context) {
 	helper.SuccessWithData(c, nil)
 }

+// @Tags Website WAF
+// @Summary Update website waf  file
+// @Description 更新 网站 waf 配置文件
+// @Accept json
+// @Param request body request.WebsiteWafUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/waf/file/update [post]
+// @x-panel-log {"bodyKeys":["websiteId"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"websiteId","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"WAF 配置文件修改 [domain]","formatEN":"WAF conf file update [domain]"}
+func (b *BaseApi) UpdateWebsiteWafFile(c *gin.Context) {
+	var req request.WebsiteWafFileUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteService.UpdateWafFile(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
 // @Tags Website Nginx
 // @Summary Update website nginx conf
 // @Description 更新 网站 nginx 配置
@@ -438,7 +458,7 @@ func (b *BaseApi) UpdateWebsiteWafConfig(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /websites/nginx/update [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"websites","output_colume":"primary_domain","output_value":"domain"}],"formatZH":"[domain] Nginx 配置修改","formatEN":"[domain] Nginx conf update"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"[domain] Nginx 配置修改","formatEN":"[domain] Nginx conf update"}
 func (b *BaseApi) UpdateWebsiteNginxConfig(c *gin.Context) {
 	var req request.WebsiteNginxUpdate
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -460,7 +480,7 @@ func (b *BaseApi) UpdateWebsiteNginxConfig(c *gin.Context) {
 // @Success 200 {object} response.WebsiteLog
 // @Security ApiKeyAuth
 // @Router /websites/log [post]
-// @x-panel-log {"bodyKeys":["id", "operate"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"websites","output_colume":"primary_domain","output_value":"domain"}],"formatZH":"[domain][operate] 日志","formatEN":"[domain][operate] logs"}
+// @x-panel-log {"bodyKeys":["id", "operate"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"[domain][operate] 日志","formatEN":"[domain][operate] logs"}
 func (b *BaseApi) OpWebsiteLog(c *gin.Context) {
 	var req request.WebsiteLogReq
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -483,7 +503,7 @@ func (b *BaseApi) OpWebsiteLog(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /websites/default/server [post]
-// @x-panel-log {"bodyKeys":["id", "operate"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"websites","output_colume":"primary_domain","output_value":"domain"}],"formatZH":"修改默认 server => [domain]","formatEN":"Change default server => [domain]"}
+// @x-panel-log {"bodyKeys":["id", "operate"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"修改默认 server => [domain]","formatEN":"Change default server => [domain]"}
 func (b *BaseApi) ChangeDefaultServer(c *gin.Context) {
 	var req request.WebsiteDefaultUpdate
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -496,3 +516,399 @@ func (b *BaseApi) ChangeDefaultServer(c *gin.Context) {
 	}
 	helper.SuccessWithData(c, nil)
 }
+
+// @Tags Website
+// @Summary Load websit php conf
+// @Description 获取网站 php 配置
+// @Accept json
+// @Param id path integer true "request"
+// @Success 200 {object} response.PHPConfig
+// @Security ApiKeyAuth
+// @Router /websites/php/config/:id [get]
+func (b *BaseApi) GetWebsitePHPConfig(c *gin.Context) {
+	id, err := helper.GetParamID(c)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInternalServer, nil)
+		return
+	}
+	data, err := websiteService.GetPHPConfig(id)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, data)
+}
+
+// @Tags Website PHP
+// @Summary Update website php conf
+// @Description 更新 网站 PHP 配置
+// @Accept json
+// @Param request body request.WebsitePHPConfigUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/php/config [post]
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"[domain] PHP 配置修改","formatEN":"[domain] PHP conf update"}
+func (b *BaseApi) UpdateWebsitePHPConfig(c *gin.Context) {
+	var req request.WebsitePHPConfigUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteService.UpdatePHPConfig(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Website PHP
+// @Summary Update php conf
+// @Description 更新 php 配置文件
+// @Accept json
+// @Param request body request.WebsitePHPFileUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/php/update [post]
+// @x-panel-log {"bodyKeys":["websiteId"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"websiteId","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"php 配置修改 [domain]","formatEN":"Nginx conf update [domain]"}
+func (b *BaseApi) UpdatePHPFile(c *gin.Context) {
+	var req request.WebsitePHPFileUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteService.UpdatePHPConfigFile(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Website PHP
+// @Summary Update php version
+// @Description 变更 php 版本
+// @Accept json
+// @Param request body request.WebsitePHPVersionReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/php/version [post]
+// @x-panel-log {"bodyKeys":["websiteId"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"websiteId","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"php 版本变更 [domain]","formatEN":"php version update [domain]"}
+func (b *BaseApi) ChangePHPVersion(c *gin.Context) {
+	var req request.WebsitePHPVersionReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteService.ChangePHPVersion(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Website
+// @Summary Get rewrite conf
+// @Description 获取伪静态配置
+// @Accept json
+// @Param request body request.NginxRewriteReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/rewrite [post]
+func (b *BaseApi) GetRewriteConfig(c *gin.Context) {
+	var req request.NginxRewriteReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	res, err := websiteService.GetRewriteConfig(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, res)
+}
+
+// @Tags Website
+// @Summary Update rewrite conf
+// @Description 更新伪静态配置
+// @Accept json
+// @Param request body request.NginxRewriteUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/rewrite/update [post]
+// @x-panel-log {"bodyKeys":["websiteID"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"websiteID","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"伪静态配置修改 [domain]","formatEN":"Nginx conf rewrite update [domain]"}
+func (b *BaseApi) UpdateRewriteConfig(c *gin.Context) {
+	var req request.NginxRewriteUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteService.UpdateRewriteConfig(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
+
+// @Tags Website
+// @Summary Update Site Dir
+// @Description 更新网站目录
+// @Accept json
+// @Param request body request.WebsiteUpdateDir true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/dir/update [post]
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"更新网站 [domain] 目录","formatEN":"Update  domain [domain] dir"}
+func (b *BaseApi) UpdateSiteDir(c *gin.Context) {
+	var req request.WebsiteUpdateDir
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteService.UpdateSiteDir(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Website
+// @Summary Update Site Dir permission
+// @Description 更新网站目录权限
+// @Accept json
+// @Param request body request.WebsiteUpdateDirPermission true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/dir/permission [post]
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"更新网站 [domain] 目录权限","formatEN":"Update  domain [domain] dir permission"}
+func (b *BaseApi) UpdateSiteDirPermission(c *gin.Context) {
+	var req request.WebsiteUpdateDirPermission
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteService.UpdateSitePermission(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Website
+// @Summary Get proxy conf
+// @Description 获取反向代理配置
+// @Accept json
+// @Param request body request.WebsiteProxyReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/proxies [post]
+func (b *BaseApi) GetProxyConfig(c *gin.Context) {
+	var req request.WebsiteProxyReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	res, err := websiteService.GetProxies(req.ID)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, res)
+}
+
+// @Tags Website
+// @Summary Update proxy conf
+// @Description 修改反向代理配置
+// @Accept json
+// @Param request body request.WebsiteProxyConfig true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/proxies/update [post]
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"修改网站 [domain] 反向代理配置 ","formatEN":"Update domain [domain] proxy config"}
+func (b *BaseApi) UpdateProxyConfig(c *gin.Context) {
+	var req request.WebsiteProxyConfig
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	err := websiteService.OperateProxy(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Website
+// @Summary Update proxy file
+// @Description 更新反向代理文件
+// @Accept json
+// @Param request body request.NginxProxyUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/proxy/file [post]
+// @x-panel-log {"bodyKeys":["websiteID"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"websiteID","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"更新反向代理文件 [domain]","formatEN":"Nginx conf proxy file update [domain]"}
+func (b *BaseApi) UpdateProxyConfigFile(c *gin.Context) {
+	var req request.NginxProxyUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteService.UpdateProxyFile(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Website
+// @Summary Get AuthBasic conf
+// @Description 获取密码访问配置
+// @Accept json
+// @Param request body request.NginxAuthReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/auths [post]
+func (b *BaseApi) GetAuthConfig(c *gin.Context) {
+	var req request.NginxAuthReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	res, err := websiteService.GetAuthBasics(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, res)
+}
+
+// @Tags Website
+// @Summary Get AuthBasic conf
+// @Description 更新密码访问配置
+// @Accept json
+// @Param request body request.NginxAuthUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/auths/update [post]
+func (b *BaseApi) UpdateAuthConfig(c *gin.Context) {
+	var req request.NginxAuthUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteService.UpdateAuthBasic(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Website
+// @Summary Get AntiLeech conf
+// @Description 获取防盗链配置
+// @Accept json
+// @Param request body request.NginxCommonReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/leech [post]
+func (b *BaseApi) GetAntiLeech(c *gin.Context) {
+	var req request.NginxCommonReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	res, err := websiteService.GetAntiLeech(req.WebsiteID)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, res)
+}
+
+// @Tags Website
+// @Summary Update AntiLeech
+// @Description 更新防盗链配置
+// @Accept json
+// @Param request body request.NginxAntiLeechUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/leech/update [post]
+func (b *BaseApi) UpdateAntiLeech(c *gin.Context) {
+	var req request.NginxAntiLeechUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteService.UpdateAntiLeech(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Website
+// @Summary Update redirect conf
+// @Description 修改重定向配置
+// @Accept json
+// @Param request body request.NginxRedirectReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/redirect/update [post]
+// @x-panel-log {"bodyKeys":["websiteID"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"websiteID","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"修改网站 [domain] 重定向理配置 ","formatEN":"Update domain [domain] redirect config"}
+func (b *BaseApi) UpdateRedirectConfig(c *gin.Context) {
+	var req request.NginxRedirectReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	err := websiteService.OperateRedirect(req)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
+
+// @Tags Website
+// @Summary Get redirect conf
+// @Description 获取重定向配置
+// @Accept json
+// @Param request body request.WebsiteProxyReq true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/redirect [post]
+func (b *BaseApi) GetRedirectConfig(c *gin.Context) {
+	var req request.WebsiteRedirectReq
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	res, err := websiteService.GetRedirect(req.WebsiteID)
+	if err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, res)
+}
+
+// @Tags Website
+// @Summary Update redirect file
+// @Description 更新重定向文件
+// @Accept json
+// @Param request body request.NginxRedirectUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/redirect/file [post]
+// @x-panel-log {"bodyKeys":["websiteID"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"websiteID","isList":false,"db":"websites","output_column":"primary_domain","output_value":"domain"}],"formatZH":"更新重定向文件 [domain]","formatEN":"Nginx conf redirect file update [domain]"}
+func (b *BaseApi) UpdateRedirectConfigFile(c *gin.Context) {
+	var req request.NginxRedirectUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteService.UpdateRedirectFile(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithOutData(c)
+}
--- a/backend/app/api/v1/website_acme_account.go
+++ b/backend/app/api/v1/website_acme_account.go
@@ -64,7 +64,7 @@ func (b *BaseApi) CreateWebsiteAcmeAccount(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /websites/acme/del [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"website_acme_accounts","output_colume":"email","output_value":"email"}],"formatZH":"删除网站 acme [email]","formatEN":"Delete website acme [email]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"website_acme_accounts","output_column":"email","output_value":"email"}],"formatZH":"删除网站 acme [email]","formatEN":"Delete website acme [email]"}
 func (b *BaseApi) DeleteWebsiteAcmeAccount(c *gin.Context) {
 	var req request.WebsiteResourceReq
 	if err := c.ShouldBindJSON(&req); err != nil {
--- a/backend/app/api/v1/website_dns_account.go
+++ b/backend/app/api/v1/website_dns_account.go
@@ -85,7 +85,7 @@ func (b *BaseApi) UpdateWebsiteDnsAccount(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /websites/dns/del [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"website_dns_accounts","output_colume":"name","output_value":"name"}],"formatZH":"删除网站 dns [name]","formatEN":"Delete website dns [name]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"website_dns_accounts","output_column":"name","output_value":"name"}],"formatZH":"删除网站 dns [name]","formatEN":"Delete website dns [name]"}
 func (b *BaseApi) DeleteWebsiteDnsAccount(c *gin.Context) {
 	var req request.WebsiteResourceReq
 	if err := c.ShouldBindJSON(&req); err != nil {
--- a/backend/app/api/v1/website_group.go
+++ b/backend/app/api/v1/website_group.go
@@ -1,89 +0,0 @@
-package v1
-
-import (
-	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
-	"github.com/1Panel-dev/1Panel/backend/app/dto/request"
-	"github.com/1Panel-dev/1Panel/backend/constant"
-	"github.com/gin-gonic/gin"
-)
-
-// @Tags Website Group
-// @Summary List website groups
-// @Description 获取网站组
-// @Success 200 {anrry} model.WebsiteGroup
-// @Security ApiKeyAuth
-// @Router /websites/groups [get]
-func (b *BaseApi) GetWebGroups(c *gin.Context) {
-	list, err := websiteGroupService.GetGroups()
-	if err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
-		return
-	}
-	helper.SuccessWithData(c, list)
-}
-
-// @Tags Website Group
-// @Summary Create website group
-// @Description 创建网站组
-// @Accept json
-// @Param request body request.WebsiteGroupCreate true "request"
-// @Success 200
-// @Security ApiKeyAuth
-// @Router /websites/groups [post]
-// @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"创建网站组 [name]","formatEN":"Create website groups [name]"}
-func (b *BaseApi) CreateWebGroup(c *gin.Context) {
-	var req request.WebsiteGroupCreate
-	if err := c.ShouldBindJSON(&req); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	if err := websiteGroupService.CreateGroup(req); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
-		return
-	}
-	helper.SuccessWithData(c, nil)
-}
-
-// @Tags Website Group
-// @Summary Update website group
-// @Description 更新网站组
-// @Accept json
-// @Param request body request.WebsiteGroupUpdate true "request"
-// @Success 200
-// @Security ApiKeyAuth
-// @Router /websites/groups/update [post]
-// @x-panel-log {"bodyKeys":["name"],"paramKeys":[],"BeforeFuntions":[],"formatZH":"更新网站组 [name]","formatEN":"Update website groups [name]"}
-func (b *BaseApi) UpdateWebGroup(c *gin.Context) {
-	var req request.WebsiteGroupUpdate
-	if err := c.ShouldBindJSON(&req); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	if err := websiteGroupService.UpdateGroup(req); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
-		return
-	}
-	helper.SuccessWithData(c, nil)
-}
-
-// @Tags Website Group
-// @Summary Delete website group
-// @Description 删除网站组
-// @Accept json
-// @Param request body request.WebsiteResourceReq true "request"
-// @Success 200
-// @Security ApiKeyAuth
-// @Router /websites/groups/del [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"website_groups","output_colume":"name","output_value":"name"}],"formatZH":"删除网站组 [name]","formatEN":"Delete website group [name]"}
-func (b *BaseApi) DeleteWebGroup(c *gin.Context) {
-	var req request.WebsiteResourceReq
-	if err := c.ShouldBindJSON(&req); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
-		return
-	}
-	if err := websiteGroupService.DeleteGroup(req.ID); err != nil {
-		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
-		return
-	}
-	helper.SuccessWithData(c, nil)
-}
--- a/backend/app/api/v1/website_ssl.go
+++ b/backend/app/api/v1/website_ssl.go
@@ -35,7 +35,7 @@ func (b *BaseApi) PageWebsiteSSL(c *gin.Context) {
 			Items: accounts,
 		})
 	} else {
-		list, err := websiteSSLService.Search()
+		list, err := websiteSSLService.Search(req)
 		if err != nil {
 			helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
 			return
@@ -75,7 +75,7 @@ func (b *BaseApi) CreateWebsiteSSL(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /websites/ssl/renew [post]
-// @x-panel-log {"bodyKeys":["SSLId"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"SSLId","isList":false,"db":"website_ssls","output_colume":"primary_domain","output_value":"domain"}],"formatZH":"重置 ssl [domain]","formatEN":"Renew ssl [domain]"}
+// @x-panel-log {"bodyKeys":["SSLId"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"SSLId","isList":false,"db":"website_ssls","output_column":"primary_domain","output_value":"domain"}],"formatZH":"重置 ssl [domain]","formatEN":"Renew ssl [domain]"}
 func (b *BaseApi) RenewWebsiteSSL(c *gin.Context) {
 	var req request.WebsiteSSLRenew
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -94,7 +94,7 @@ func (b *BaseApi) RenewWebsiteSSL(c *gin.Context) {
 // @Description 解析网站 ssl
 // @Accept json
 // @Param request body request.WebsiteDNSReq true "request"
-// @Success 200 {anrry} response.WebsiteDNSRes
+// @Success 200 {array} response.WebsiteDNSRes
 // @Security ApiKeyAuth
 // @Router /websites/ssl/resolve [post]
 func (b *BaseApi) GetDNSResolve(c *gin.Context) {
@@ -119,7 +119,7 @@ func (b *BaseApi) GetDNSResolve(c *gin.Context) {
 // @Success 200
 // @Security ApiKeyAuth
 // @Router /websites/ssl/del [post]
-// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_colume":"id","input_value":"id","isList":false,"db":"website_ssls","output_colume":"primary_domain","output_value":"domain"}],"formatZH":"删除 ssl [domain]","formatEN":"Delete ssl [domain]"}
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"website_ssls","output_column":"primary_domain","output_value":"domain"}],"formatZH":"删除 ssl [domain]","formatEN":"Delete ssl [domain]"}
 func (b *BaseApi) DeleteWebsiteSSL(c *gin.Context) {
 	var req request.WebsiteResourceReq
 	if err := c.ShouldBindJSON(&req); err != nil {
@@ -176,3 +176,25 @@ func (b *BaseApi) GetWebsiteSSLById(c *gin.Context) {
 	}
 	helper.SuccessWithData(c, websiteSSL)
 }
+
+// @Tags Website SSL
+// @Summary Update ssl
+// @Description 更新 ssl
+// @Accept json
+// @Param request body request.WebsiteSSLUpdate true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /websites/ssl/update [post]
+// @x-panel-log {"bodyKeys":["id"],"paramKeys":[],"BeforeFuntions":[{"input_column":"id","input_value":"id","isList":false,"db":"website_ssls","output_column":"primary_domain","output_value":"domain"}],"formatZH":"更新证书设置 [domain]","formatEN":"Update ssl config [domain]"}
+func (b *BaseApi) UpdateWebsiteSSL(c *gin.Context) {
+	var req request.WebsiteSSLUpdate
+	if err := c.ShouldBindJSON(&req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
+		return
+	}
+	if err := websiteSSLService.Update(req); err != nil {
+		helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
+		return
+	}
+	helper.SuccessWithData(c, nil)
+}
--- a/backend/app/dto/app.go
+++ b/backend/app/dto/app.go
@@ -1,7 +1,7 @@
 package dto

 import (
-	"encoding/json"
+	"github.com/1Panel-dev/1Panel/backend/app/model"
 )

 type AppDatabase struct {
@@ -15,6 +15,10 @@ type AuthParam struct {
 	RootPassword string `json:"PANEL_DB_ROOT_PASSWORD"`
 }

+type RedisAuthParam struct {
+	RootPassword string `json:"PANEL_REDIS_ROOT_PASSWORD"`
+}
+
 type ContainerExec struct {
 	ContainerName string      `json:"containerName"`
 	DbParam       AppDatabase `json:"dbParam"`
@@ -32,19 +36,47 @@ type AppVersion struct {
 }

 type AppList struct {
-	Version string      `json:"version"`
-	Tags    []Tag       `json:"tags"`
-	Items   []AppDefine `json:"items"`
+	Valid        bool     `json:"valid"`
+	Violations   []string `json:"violations"`
+	LastModified int      `json:"lastModified"`
+
+	Apps  []AppDefine     `json:"apps"`
+	Extra ExtraProperties `json:"additionalProperties"`
 }

 type AppDefine struct {
-	Key                string   `json:"key"`
+	Icon         string `json:"icon"`
+	Name         string `json:"name"`
+	ReadMe       string `json:"readMe"`
+	LastModified int    `json:"lastModified"`
+
+	AppProperty AppProperty        `json:"additionalProperties"`
+	Versions    []AppConfigVersion `json:"versions"`
+}
+
+type LocalAppAppDefine struct {
+	AppProperty model.App `json:"additionalProperties" yaml:"additionalProperties"`
+}
+
+type LocalAppParam struct {
+	AppParams LocalAppInstallDefine `json:"additionalProperties" yaml:"additionalProperties"`
+}
+
+type LocalAppInstallDefine struct {
+	FormFields interface{} `json:"formFields" yaml:"formFields"`
+}
+
+type ExtraProperties struct {
+	Tags []Tag `json:"tags"`
+}
+
+type AppProperty struct {
 	Name               string   `json:"name"`
+	Type               string   `json:"type"`
 	Tags               []string `json:"tags"`
-	Versions           []string `json:"versions"`
 	ShortDescZh        string   `json:"shortDescZh"`
 	ShortDescEn        string   `json:"shortDescEn"`
-	Type               string   `json:"type"`
+	Key                string   `json:"key"`
 	Required           []string `json:"Required"`
 	CrossVersionUpdate bool     `json:"crossVersionUpdate"`
 	Limit              int      `json:"limit"`
@@ -54,9 +86,12 @@ type AppDefine struct {
 	Document           string   `json:"document"`
 }

-func (define AppDefine) GetRequired() string {
-	by, _ := json.Marshal(define.Required)
-	return string(by)
+type AppConfigVersion struct {
+	Name                string      `json:"name"`
+	LastModified        int         `json:"lastModified"`
+	DownloadUrl         string      `json:"downloadUrl"`
+	DownloadCallBackUrl string      `json:"downloadCallBackUrl"`
+	AppForm             interface{} `json:"additionalProperties"`
 }

 type Tag struct {
@@ -69,15 +104,23 @@ type AppForm struct {
 }

 type AppFormFields struct {
-	Type     string      `json:"type"`
-	LabelZh  string      `json:"labelZh"`
-	LabelEn  string      `json:"labelEn"`
-	Required bool        `json:"required"`
-	Default  interface{} `json:"default"`
-	EnvKey   string      `json:"envKey"`
-	Disabled bool        `json:"disabled"`
-	Edit     bool        `json:"edit"`
-	Rule     string      `json:"rule"`
+	Type     string         `json:"type"`
+	LabelZh  string         `json:"labelZh"`
+	LabelEn  string         `json:"labelEn"`
+	Required bool           `json:"required"`
+	Default  interface{}    `json:"default"`
+	EnvKey   string         `json:"envKey"`
+	Disabled bool           `json:"disabled"`
+	Edit     bool           `json:"edit"`
+	Rule     string         `json:"rule"`
+	Multiple bool           `json:"multiple"`
+	Child    interface{}    `json:"child"`
+	Values   []AppFormValue `json:"values"`
+}
+
+type AppFormValue struct {
+	Label string `json:"label"`
+	Value string `json:"value"`
 }

 type AppResource struct {
--- a/backend/app/dto/auth.go
+++ b/backend/app/dto/auth.go
@@ -9,31 +9,27 @@ type UserLoginInfo struct {
 	Name      string `json:"name"`
 	Token     string `json:"token"`
 	MfaStatus string `json:"mfaStatus"`
-	MfaSecret string `json:"mfaSecret"`
 }

 type MfaCredential struct {
-	Secret string `json:"secret"`
-	Code   string `json:"code"`
+	Secret   string `json:"secret"`
+	Code     string `json:"code"`
+	Interval string `json:"interval"`
 }

 type Login struct {
-	Name       string `json:"name"`
-	Password   string `json:"password"`
-	Captcha    string `json:"captcha"`
-	CaptchaID  string `json:"captchaID"`
-	AuthMethod string `json:"authMethod"`
+	Name          string `json:"name"`
+	Password      string `json:"password"`
+	IgnoreCaptcha bool   `json:"ignoreCaptcha"`
+	Captcha       string `json:"captcha"`
+	CaptchaID     string `json:"captchaID"`
+	AuthMethod    string `json:"authMethod"`
+	Language      string `json:"language"`
 }

 type MFALogin struct {
 	Name       string `json:"name"`
 	Password   string `json:"password"`
-	Secret     string `json:"secret"`
 	Code       string `json:"code"`
 	AuthMethod string `json:"authMethod"`
 }
-
-type InitUser struct {
-	Name     string `json:"name" validate:"required"`
-	Password string `json:"password" validate:"required"`
-}
--- a/backend/app/dto/backup.go
+++ b/backend/app/dto/backup.go
@@ -8,15 +8,17 @@ type BackupOperate struct {
 	Bucket     string `json:"bucket"`
 	AccessKey  string `json:"accessKey"`
 	Credential string `json:"credential"`
+	BackupPath string `json:"backupPath"`
 	Vars       string `json:"vars" validate:"required"`
 }

 type BackupInfo struct {
-	ID        uint      `json:"id"`
-	CreatedAt time.Time `json:"createdAt"`
-	Type      string    `json:"type"`
-	Bucket    string    `json:"bucket"`
-	Vars      string    `json:"vars"`
+	ID         uint      `json:"id"`
+	CreatedAt  time.Time `json:"createdAt"`
+	Type       string    `json:"type"`
+	Bucket     string    `json:"bucket"`
+	BackupPath string    `json:"backupPath"`
+	Vars       string    `json:"vars"`
 }

 type BackupSearch struct {
@@ -36,6 +38,7 @@ type CommonBackup struct {
 	DetailName string `json:"detailName"`
 }
 type CommonRecover struct {
+	Source     string `json:"source" validate:"required,oneof=OSS S3 SFTP MINIO LOCAL COS KODO OneDrive"`
 	Type       string `json:"type" validate:"required,oneof=app mysql redis website"`
 	Name       string `json:"name"`
 	DetailName string `json:"detailName"`
@@ -59,7 +62,7 @@ type BackupRecords struct {
 }

 type DownloadRecord struct {
-	Source   string `json:"source" validate:"required,oneof=OSS S3 SFTP MINIO LOCAL"`
+	Source   string `json:"source" validate:"required,oneof=OSS S3 SFTP MINIO LOCAL COS KODO OneDrive"`
 	FileDir  string `json:"fileDir" validate:"required"`
 	FileName string `json:"fileName" validate:"required"`
 }
--- a/backend/app/dto/common_req.go
+++ b/backend/app/dto/common_req.go
@@ -2,7 +2,9 @@ package dto

 type SearchWithPage struct {
 	PageInfo
-	Info string `json:"info"`
+	Info    string `json:"info"`
+	OrderBy string `json:"orderBy"`
+	Order   string `json:"order"`
 }

 type PageInfo struct {
@@ -12,7 +14,7 @@ type PageInfo struct {

 type UpdateDescription struct {
 	ID          uint   `json:"id" validate:"required"`
-	Description string `json:"description"`
+	Description string `json:"description" validate:"max=256"`
 }

 type OperationWithName struct {
@@ -23,6 +25,10 @@ type OperateByID struct {
 	ID uint `json:"id" validate:"required"`
 }

+type Operate struct {
+	Operation string `json:"operation" validate:"required"`
+}
+
 type BatchDeleteReq struct {
 	Ids []uint `json:"ids" validate:"required"`
 }
--- a/backend/app/dto/container.go
+++ b/backend/app/dto/container.go
@@ -5,6 +5,8 @@ import "time"
 type PageContainer struct {
 	PageInfo
 	Name    string `json:"name"`
+	OrderBy string `json:"orderBy"`
+	Order   string `json:"order"`
 	Filters string `json:"filters"`
 }

@@ -22,17 +24,29 @@ type ContainerInfo struct {
 	State       string `json:"state"`
 	RunTime     string `json:"runTime"`

+	Ports []string `json:"ports"`
+
+	IsFromApp     bool `json:"isFromApp"`
 	IsFromCompose bool `json:"isFromCompose"`
 }

-type ContainerCreate struct {
+type ResourceLimit struct {
+	CPU    int `json:"cpu"`
+	Memory int `json:"memory"`
+}
+
+type ContainerOperate struct {
+	ContainerID     string         `json:"containerID"`
+	ForcePull       bool           `json:"forcePull"`
 	Name            string         `json:"name"`
 	Image           string         `json:"image"`
+	Network         string         `json:"network"`
 	PublishAllPorts bool           `json:"publishAllPorts"`
 	ExposedPorts    []PortHelper   `json:"exposedPorts"`
 	Cmd             []string       `json:"cmd"`
-	NanoCPUs        int64          `json:"nanoCPUs"`
-	Memory          int64          `json:"memory"`
+	CPUShares       int64          `json:"cpuShares"`
+	NanoCPUs        float64        `json:"nanoCPUs"`
+	Memory          float64        `json:"memory"`
 	AutoRemove      bool           `json:"autoRemove"`
 	Volumes         []VolumeHelper `json:"volumes"`
 	Labels          []string       `json:"labels"`
@@ -40,7 +54,19 @@ type ContainerCreate struct {
 	RestartPolicy   string         `json:"restartPolicy"`
 }

-type ContainterStats struct {
+type ContainerUpgrade struct {
+	Name      string `json:"name" validate:"required"`
+	Image     string `json:"image" validate:"required"`
+	ForcePull bool   `json:"forcePull"`
+}
+
+type ContainerListStats struct {
+	ContainerID   string  `json:"containerID"`
+	CPUPercent    float64 `json:"cpuPercent"`
+	MemoryPercent float64 `json:"memoryPercent"`
+}
+
+type ContainerStats struct {
 	CPUPercent float64 `json:"cpuPercent"`
 	Memory     float64 `json:"memory"`
 	Cache      float64 `json:"cache"`
@@ -58,13 +84,10 @@ type VolumeHelper struct {
 	Mode         string `json:"mode"`
 }
 type PortHelper struct {
-	ContainerPort int `json:"containerPort"`
-	HostPort      int `json:"hostPort"`
-}
-
-type ContainerLog struct {
-	ContainerID string `json:"containerID" validate:"required"`
-	Mode        string `json:"mode" validate:"required"`
+	HostIP        string `json:"hostIP"`
+	HostPort      string `json:"hostPort"`
+	ContainerPort string `json:"containerPort"`
+	Protocol      string `json:"protocol"`
 }

 type ContainerOperation struct {
@@ -73,6 +96,16 @@ type ContainerOperation struct {
 	NewName   string `json:"newName"`
 }

+type ContainerPrune struct {
+	PruneType  string `json:"pruneType" validate:"required,oneof=container image volume network"`
+	WithTagAll bool   `json:"withTagAll"`
+}
+
+type ContainerPruneReport struct {
+	DeletedNumber  int `json:"deletedNumber"`
+	SpaceReclaimed int `json:"spaceReclaimed"`
+}
+
 type Network struct {
 	ID         string    `json:"id"`
 	Name       string    `json:"name"`
@@ -84,7 +117,7 @@ type Network struct {
 	CreatedAt  time.Time `json:"createdAt"`
 	Attachable bool      `json:"attachable"`
 }
-type NetworkCreat struct {
+type NetworkCreate struct {
 	Name    string   `json:"name"`
 	Driver  string   `json:"driver"`
 	Options []string `json:"options"`
@@ -101,7 +134,7 @@ type Volume struct {
 	Mountpoint string    `json:"mountpoint"`
 	CreatedAt  time.Time `json:"createdAt"`
 }
-type VolumeCreat struct {
+type VolumeCreate struct {
 	Name    string   `json:"name"`
 	Driver  string   `json:"driver"`
 	Options []string `json:"options"`
@@ -129,7 +162,7 @@ type ComposeContainer struct {
 	State       string `json:"state"`
 }
 type ComposeCreate struct {
-	Name     string `json:"name" validate:"required"`
+	Name     string `json:"name"`
 	From     string `json:"from" validate:"required,oneof=edit path template"`
 	File     string `json:"file"`
 	Path     string `json:"path"`
@@ -139,6 +172,7 @@ type ComposeOperation struct {
 	Name      string `json:"name" validate:"required"`
 	Path      string `json:"path" validate:"required"`
 	Operation string `json:"operation" validate:"required,oneof=start stop down"`
+	WithFile  bool   `json:"withFile"`
 }
 type ComposeUpdate struct {
 	Name    string `json:"name" validate:"required"`
--- a/backend/app/dto/cronjob.go
+++ b/backend/app/dto/cronjob.go
@@ -6,12 +6,14 @@ type CronjobCreate struct {
 	Name     string `json:"name" validate:"required"`
 	Type     string `json:"type" validate:"required"`
 	SpecType string `json:"specType" validate:"required"`
-	Week     int    `json:"week" validate:"number,max=7,min=1"`
+	Week     int    `json:"week" validate:"number,max=6,min=0"`
 	Day      int    `json:"day" validate:"number"`
 	Hour     int    `json:"hour" validate:"number"`
 	Minute   int    `json:"minute" validate:"number"`
+	Second   int    `json:"second" validate:"number"`

 	Script         string `json:"script"`
+	ContainerName  string `json:"containerName"`
 	Website        string `json:"website"`
 	ExclusionRules string `json:"exclusionRules"`
 	DBName         string `json:"dbName"`
@@ -26,12 +28,14 @@ type CronjobUpdate struct {
 	ID       uint   `json:"id" validate:"required"`
 	Name     string `json:"name" validate:"required"`
 	SpecType string `json:"specType" validate:"required"`
-	Week     int    `json:"week" validate:"number,max=7,min=1"`
+	Week     int    `json:"week" validate:"number,max=6,min=0"`
 	Day      int    `json:"day" validate:"number"`
 	Hour     int    `json:"hour" validate:"number"`
 	Minute   int    `json:"minute" validate:"number"`
+	Second   int    `json:"second" validate:"number"`

 	Script         string `json:"script"`
+	ContainerName  string `json:"containerName"`
 	Website        string `json:"website"`
 	ExclusionRules string `json:"exclusionRules"`
 	DBName         string `json:"dbName"`
@@ -52,6 +56,16 @@ type CronjobDownload struct {
 	BackupAccountID uint `json:"backupAccountID" validate:"required"`
 }

+type CronjobClean struct {
+	CleanData bool `json:"cleanData"`
+	CronjobID uint `json:"cronjobID" validate:"required"`
+}
+
+type CronjobBatchDelete struct {
+	CleanData bool   `json:"cleanData"`
+	IDs       []uint `json:"ids"`
+}
+
 type CronjobInfo struct {
 	ID       uint   `json:"id"`
 	Name     string `json:"name"`
@@ -61,8 +75,10 @@ type CronjobInfo struct {
 	Day      int    `json:"day"`
 	Hour     int    `json:"hour"`
 	Minute   int    `json:"minute"`
+	Second   int    `json:"second"`

 	Script         string `json:"script"`
+	ContainerName  string `json:"containerName"`
 	Website        string `json:"website"`
 	ExclusionRules string `json:"exclusionRules"`
 	DBName         string `json:"dbName"`
@@ -73,7 +89,7 @@ type CronjobInfo struct {
 	TargetDirID    int    `json:"targetDirID"`
 	RetainCopies   int    `json:"retainCopies"`

-	LastRecrodTime string `json:"lastRecrodTime"`
+	LastRecordTime string `json:"lastRecordTime"`
 	Status         string `json:"status"`
 }

--- a/backend/app/dto/dashboard.go
+++ b/backend/app/dto/dashboard.go
@@ -3,13 +3,6 @@ package dto
 import "time"

 type DashboardBase struct {
-	HaloID         uint `json:"haloID"`
-	DateeaseID     uint `json:"dateeaseID"`
-	JumpServerID   uint `json:"jumpserverID"`
-	MeterSphereID  uint `json:"metersphereID"`
-	KubeoperatorID uint `json:"kubeoperatorID"`
-	KubepiID       uint `json:"kubepiID"`
-
 	WebsiteNumber     int `json:"websiteNumber"`
 	DatabaseNumber    int `json:"databaseNumber"`
 	CronjobNumber     int `json:"cronjobNumber"`
@@ -55,8 +48,21 @@ type DashboardCurrent struct {
 	IOReadBytes  uint64 `json:"ioReadBytes"`
 	IOWriteBytes uint64 `json:"ioWriteBytes"`
 	IOCount      uint64 `json:"ioCount"`
-	IOTime       uint64 `json:"ioTime"`
+	IOReadTime   uint64 `json:"ioReadTime"`
+	IOWriteTime  uint64 `json:"ioWriteTime"`

+	DiskData []DiskInfo `json:"diskData"`
+
+	NetBytesSent uint64 `json:"netBytesSent"`
+	NetBytesRecv uint64 `json:"netBytesRecv"`
+
+	ShotTime time.Time `json:"shotTime"`
+}
+
+type DiskInfo struct {
+	Path        string  `json:"path"`
+	Type        string  `json:"type"`
+	Device      string  `json:"device"`
 	Total       uint64  `json:"total"`
 	Free        uint64  `json:"free"`
 	Used        uint64  `json:"used"`
@@ -66,9 +72,4 @@ type DashboardCurrent struct {
 	InodesUsed        uint64  `json:"inodesUsed"`
 	InodesFree        uint64  `json:"inodesFree"`
 	InodesUsedPercent float64 `json:"inodesUsedPercent"`
-
-	NetBytesSent uint64 `json:"netBytesSent"`
-	NetBytesRecv uint64 `json:"netBytesRecv"`
-
-	ShotTime time.Time `json:"shotTime"`
 }
--- a/backend/app/dto/database.go
+++ b/backend/app/dto/database.go
@@ -2,10 +2,20 @@ package dto

 import "time"

+type MysqlDBSearch struct {
+	PageInfo
+	Info    string `json:"info"`
+	From    string `json:"from"`
+	OrderBy string `json:"orderBy"`
+	Order   string `json:"order"`
+}
+
 type MysqlDBInfo struct {
 	ID          uint      `json:"id"`
 	CreatedAt   time.Time `json:"createdAt"`
 	Name        string    `json:"name"`
+	From        string    `json:"from"`
+	MysqlName   string    `json:"mysqlName"`
 	Format      string    `json:"format"`
 	Username    string    `json:"username"`
 	Password    string    `json:"password"`
@@ -14,8 +24,15 @@ type MysqlDBInfo struct {
 	Description string    `json:"description"`
 }

+type MysqlOption struct {
+	ID   uint   `json:"id"`
+	Name string `json:"name"`
+	From string `json:"from"`
+}
+
 type MysqlDBCreate struct {
 	Name        string `json:"name" validate:"required"`
+	From        string `json:"from" validate:"required"`
 	Format      string `json:"format" validate:"required,oneof=utf8mb4 utf8 gbk big5"`
 	Username    string `json:"username" validate:"required"`
 	Password    string `json:"password" validate:"required"`
@@ -100,6 +117,7 @@ type MysqlConfUpdateByFile struct {

 type ChangeDBInfo struct {
 	ID    uint   `json:"id"`
+	From  string `json:"from"`
 	Value string `json:"value" validate:"required"`
 }

--- a/backend/app/dto/docker.go
+++ b/backend/app/dto/docker.go
@@ -5,16 +5,24 @@ type DaemonJsonUpdateByFile struct {
 }

 type DaemonJsonConf struct {
+	IsSwarm      bool     `json:"isSwarm"`
 	Status       string   `json:"status"`
 	Version      string   `json:"version"`
 	Mirrors      []string `json:"registryMirrors"`
 	Registries   []string `json:"insecureRegistries"`
 	LiveRestore  bool     `json:"liveRestore"`
+	IPTables     bool     `json:"iptables"`
 	CgroupDriver string   `json:"cgroupDriver"`
+
+	LogMaxSize string `json:"logMaxSize"`
+	LogMaxFile string `json:"logMaxFile"`
+}
+
+type LogOption struct {
+	LogMaxSize string `json:"logMaxSize"`
+	LogMaxFile string `json:"logMaxFile"`
 }

 type DockerOperation struct {
-	StopSocket  bool   `json:"stopSocket"`
-	StopService bool   `json:"stopService"`
-	Operation   string `json:"operation" validate:"required,oneof=start restart stop"`
+	Operation string `json:"operation" validate:"required,oneof=start restart stop"`
 }
--- a/backend/app/dto/firewall.go
+++ b/backend/app/dto/firewall.go
@@ -0,0 +1,47 @@
+package dto
+
+type FirewallBaseInfo struct {
+	Name       string `json:"name"`
+	Status     string `json:"status"`
+	Version    string `json:"version"`
+	PingStatus string `json:"pingStatus"`
+}
+
+type RuleSearch struct {
+	PageInfo
+	Info string `json:"info"`
+	Type string `json:"type" validate:"required"`
+}
+
+type FirewallOperation struct {
+	Operation string `json:"operation" validate:"required,oneof=start stop disablePing enablePing"`
+}
+
+type PortRuleOperate struct {
+	Operation string `json:"operation" validate:"required,oneof=add remove"`
+	Address   string `json:"address"`
+	Port      string `json:"port" validate:"required"`
+	Protocol  string `json:"protocol" validate:"required,oneof=tcp udp tcp/udp"`
+	Strategy  string `json:"strategy" validate:"required,oneof=accept drop"`
+}
+
+type AddrRuleOperate struct {
+	Operation string `json:"operation" validate:"required,oneof=add remove"`
+	Address   string `json:"address"  validate:"required"`
+	Strategy  string `json:"strategy" validate:"required,oneof=accept drop"`
+}
+
+type PortRuleUpdate struct {
+	OldRule PortRuleOperate `json:"oldRule"`
+	NewRule PortRuleOperate `json:"newRule"`
+}
+
+type AddrRuleUpdate struct {
+	OldRule AddrRuleOperate `json:"oldRule"`
+	NewRule AddrRuleOperate `json:"newRule"`
+}
+
+type BatchRuleOperate struct {
+	Type  string            `json:"type" validate:"required"`
+	Rules []PortRuleOperate `json:"rules"`
+}
--- a/backend/app/dto/group.go
+++ b/backend/app/dto/group.go
@@ -13,6 +13,7 @@ type GroupSearch struct {
 type GroupUpdate struct {
 	ID        uint   `json:"id"`
 	Name      string `json:"name"`
+	Type      string `json:"type" validate:"required"`
 	IsDefault bool   `json:"isDefault"`
 }

--- a/backend/app/dto/host.go
+++ b/backend/app/dto/host.go
@@ -5,26 +5,29 @@ import (
 )

 type HostOperate struct {
-	ID         uint   `json:"id"`
-	GroupID    uint   `json:"groupID"`
-	Name       string `json:"name"`
-	Addr       string `json:"addr" validate:"required,ip"`
-	Port       uint   `json:"port" validate:"required,number,max=65535,min=1"`
-	User       string `json:"user" validate:"required"`
-	AuthMode   string `json:"authMode" validate:"oneof=password key"`
-	PrivateKey string `json:"privateKey"`
-	Password   string `json:"password"`
+	ID               uint   `json:"id"`
+	GroupID          uint   `json:"groupID"`
+	Name             string `json:"name"`
+	Addr             string `json:"addr" validate:"required"`
+	Port             uint   `json:"port" validate:"required,number,max=65535,min=1"`
+	User             string `json:"user" validate:"required"`
+	AuthMode         string `json:"authMode" validate:"oneof=password key"`
+	Password         string `json:"password"`
+	PrivateKey       string `json:"privateKey"`
+	PassPhrase       string `json:"passPhrase"`
+	RememberPassword bool   `json:"rememberPassword"`

 	Description string `json:"description"`
 }

 type HostConnTest struct {
-	Addr       string `json:"addr" validate:"required,ip"`
+	Addr       string `json:"addr" validate:"required"`
 	Port       uint   `json:"port" validate:"required,number,max=65535,min=1"`
 	User       string `json:"user" validate:"required"`
 	AuthMode   string `json:"authMode" validate:"oneof=password key"`
-	PrivateKey string `json:"privateKey"`
 	Password   string `json:"password"`
+	PrivateKey string `json:"privateKey"`
+	PassPhrase string `json:"passPhrase"`
 }

 type SearchHostWithPage struct {
@@ -43,15 +46,19 @@ type ChangeHostGroup struct {
 }

 type HostInfo struct {
-	ID          uint      `json:"id"`
-	CreatedAt   time.Time `json:"createdAt"`
-	GroupID     uint      `json:"groupID"`
-	GroupBelong string    `json:"groupBelong"`
-	Name        string    `json:"name"`
-	Addr        string    `json:"addr"`
-	Port        uint      `json:"port"`
-	User        string    `json:"user"`
-	AuthMode    string    `json:"authMode"`
+	ID               uint      `json:"id"`
+	CreatedAt        time.Time `json:"createdAt"`
+	GroupID          uint      `json:"groupID"`
+	GroupBelong      string    `json:"groupBelong"`
+	Name             string    `json:"name"`
+	Addr             string    `json:"addr"`
+	Port             uint      `json:"port"`
+	User             string    `json:"user"`
+	AuthMode         string    `json:"authMode"`
+	Password         string    `json:"password"`
+	PrivateKey       string    `json:"privateKey"`
+	PassPhrase       string    `json:"passPhrase"`
+	RememberPassword bool      `json:"rememberPassword"`

 	Description string `json:"description"`
 }
--- a/backend/app/dto/image.go
+++ b/backend/app/dto/image.go
@@ -10,35 +10,35 @@ type ImageInfo struct {
 }

 type ImageLoad struct {
-	Path string `josn:"path" validate:"required"`
+	Path string `json:"path" validate:"required"`
 }

 type ImageBuild struct {
-	From       string   `josn:"from" validate:"required"`
+	From       string   `json:"from" validate:"required"`
 	Name       string   `json:"name" validate:"required"`
-	Dockerfile string   `josn:"dockerfile" validate:"required"`
-	Tags       []string `josn:"tags"`
+	Dockerfile string   `json:"dockerfile" validate:"required"`
+	Tags       []string `json:"tags"`
 }

 type ImagePull struct {
-	RepoID    uint   `josn:"repoID"`
-	ImageName string `josn:"imageName" validate:"required"`
+	RepoID    uint   `json:"repoID"`
+	ImageName string `json:"imageName" validate:"required"`
 }

 type ImageTag struct {
-	RepoID     uint   `josn:"repoID"`
+	RepoID     uint   `json:"repoID"`
 	SourceID   string `json:"sourceID" validate:"required"`
-	TargetName string `josn:"targetName" validate:"required"`
+	TargetName string `json:"targetName" validate:"required"`
 }

 type ImagePush struct {
-	RepoID  uint   `josn:"repoID" validate:"required"`
+	RepoID  uint   `json:"repoID" validate:"required"`
 	TagName string `json:"tagName" validate:"required"`
 	Name    string `json:"name" validate:"required"`
 }

 type ImageSave struct {
 	TagName string `json:"tagName" validate:"required"`
-	Path    string `josn:"path" validate:"required"`
+	Path    string `json:"path" validate:"required"`
 	Name    string `json:"name" validate:"required"`
 }
--- a/backend/app/dto/image_repo.go
+++ b/backend/app/dto/image_repo.go
@@ -6,8 +6,8 @@ type ImageRepoCreate struct {
 	Name        string `json:"name" validate:"required"`
 	DownloadUrl string `json:"downloadUrl"`
 	Protocol    string `json:"protocol"`
-	Username    string `json:"username"`
-	Password    string `json:"password"`
+	Username    string `json:"username" validate:"max=256"`
+	Password    string `json:"password" validate:"max=256"`
 	Auth        bool   `json:"auth"`
 }

@@ -15,8 +15,8 @@ type ImageRepoUpdate struct {
 	ID          uint   `json:"id"`
 	DownloadUrl string `json:"downloadUrl"`
 	Protocol    string `json:"protocol"`
-	Username    string `json:"username"`
-	Password    string `json:"password"`
+	Username    string `json:"username" validate:"max=256"`
+	Password    string `json:"password" validate:"max=256"`
 	Auth        bool   `json:"auth"`
 }

--- a/backend/app/dto/nginx.go
+++ b/backend/app/dto/nginx.go
@@ -28,13 +28,20 @@ type NginxParam struct {
 	Params      []string
 }

+type NginxAuth struct {
+	Username string `json:"username"`
+	Remark   string `json:"remark"`
+}
+
 type NginxKey string

 const (
-	Index     NginxKey = "index"
-	LimitConn NginxKey = "limit-conn"
-	SSL       NginxKey = "ssl"
-	HttpPer   NginxKey = "http-per"
+	Index      NginxKey = "index"
+	LimitConn  NginxKey = "limit-conn"
+	SSL        NginxKey = "ssl"
+	CACHE      NginxKey = "cache"
+	HttpPer    NginxKey = "http-per"
+	ProxyCache NginxKey = "proxy-cache"
 )

 var ScopeKeyMap = map[NginxKey][]string{
@@ -46,5 +53,7 @@ var ScopeKeyMap = map[NginxKey][]string{

 var StaticFileKeyMap = map[NginxKey]struct {
 }{
-	SSL: {},
+	SSL:        {},
+	CACHE:      {},
+	ProxyCache: {},
 }
--- a/backend/app/dto/remote_db.go
+++ b/backend/app/dto/remote_db.go
@@ -0,0 +1,52 @@
+package dto
+
+import "time"
+
+type RemoteDBSearch struct {
+	PageInfo
+	Info    string `json:"info"`
+	Type    string `json:"type"`
+	OrderBy string `json:"orderBy"`
+	Order   string `json:"order"`
+}
+
+type RemoteDBInfo struct {
+	ID          uint      `json:"id"`
+	CreatedAt   time.Time `json:"createdAt"`
+	Name        string    `json:"name" validate:"max=256"`
+	From        string    `json:"from"`
+	Version     string    `json:"version"`
+	Address     string    `json:"address"`
+	Port        uint      `json:"port"`
+	Username    string    `json:"username"`
+	Password    string    `json:"password"`
+	Description string    `json:"description"`
+}
+
+type RemoteDBOption struct {
+	ID      uint   `json:"id"`
+	Name    string `json:"name"`
+	Address string `json:"address"`
+}
+
+type RemoteDBCreate struct {
+	Name        string `json:"name" validate:"required,max=256"`
+	Type        string `json:"type" validate:"required,oneof=mysql"`
+	From        string `json:"from" validate:"required,oneof=local remote"`
+	Version     string `json:"version" validate:"required"`
+	Address     string `json:"address"`
+	Port        uint   `json:"port"`
+	Username    string `json:"username" validate:"required"`
+	Password    string `json:"password" validate:"required"`
+	Description string `json:"description"`
+}
+
+type RemoteDBUpdate struct {
+	ID          uint   `json:"id"`
+	Version     string `json:"version" validate:"required"`
+	Address     string `json:"address"`
+	Port        uint   `json:"port"`
+	Username    string `json:"username" validate:"required"`
+	Password    string `json:"password" validate:"required"`
+	Description string `json:"description"`
+}
--- a/backend/app/dto/request/app.go
+++ b/backend/app/dto/request/app.go
@@ -18,6 +18,18 @@ type AppInstallCreate struct {
 	Params      map[string]interface{} `json:"params"`
 	Name        string                 `json:"name" validate:"required"`
 	Services    map[string]string      `json:"services"`
+	AppContainerConfig
+}
+
+type AppContainerConfig struct {
+	Advanced      bool    `json:"advanced"`
+	CpuQuota      float64 `json:"cpuQuota"`
+	MemoryLimit   float64 `json:"memoryLimit"`
+	MemoryUnit    string  `json:"memoryUnit"`
+	ContainerName string  `json:"containerName"`
+	AllowPort     bool    `json:"allowPort"`
+	EditCompose   bool    `json:"editCompose"`
+	DockerCompose string  `json:"dockerCompose"`
 }

 type AppInstalledSearch struct {
@@ -46,11 +58,18 @@ type AppInstalledOperate struct {
 	ForceDelete  bool                `json:"forceDelete"`
 	DeleteBackup bool                `json:"deleteBackup"`
 	DeleteDB     bool                `json:"deleteDB"`
+	Backup       bool                `json:"backup"`
 }

 type AppInstalledUpdate struct {
 	InstallId uint                   `json:"installId" validate:"required"`
 	Params    map[string]interface{} `json:"params" validate:"required"`
+	AppContainerConfig
+}
+
+type AppInstalledIgnoreUpgrade struct {
+	DetailID uint   `json:"detailID"  validate:"required"`
+	Operate  string `json:"operate"   validate:"required,oneof=cancel ignore"`
 }

 type PortUpdate struct {
--- a/backend/app/dto/request/file.go
+++ b/backend/app/dto/request/file.go
@@ -22,6 +22,7 @@ type FileCreate struct {
 	IsLink    bool   `json:"isLink"`
 	IsSymlink bool   `json:"isSymlink"`
 	LinkPath  string `json:"linkPath"`
+	Sub       bool   `json:"sub"`
 }

 type FileDelete struct {
@@ -81,6 +82,11 @@ type FileDownload struct {
 	Compress bool     `json:"compress" validate:"required"`
 }

+type FileChunkDownload struct {
+	Path string `json:"path" validate:"required"`
+	Name string `json:"name" validate:"required"`
+}
+
 type DirSizeReq struct {
 	Path string `json:"path" validate:"required"`
 }
@@ -88,3 +94,10 @@ type DirSizeReq struct {
 type FileProcessReq struct {
 	Key string `json:"key"`
 }
+
+type FileRoleUpdate struct {
+	Path  string `json:"path" validate:"required"`
+	User  string `json:"user" validate:"required"`
+	Group string `json:"group" validate:"required"`
+	Sub   bool   `json:"sub" validate:"required"`
+}
--- a/backend/app/dto/request/host_tool.go
+++ b/backend/app/dto/request/host_tool.go
@@ -0,0 +1,41 @@
+package request
+
+type HostToolReq struct {
+	Type    string `json:"type" validate:"required,oneof=supervisord"`
+	Operate string `json:"operate" validate:"oneof=status restart start stop"`
+}
+
+type HostToolCreate struct {
+	Type string `json:"type" validate:"required"`
+	SupervisorConfig
+}
+
+type SupervisorConfig struct {
+	ConfigPath  string `json:"configPath"`
+	ServiceName string `json:"serviceName"`
+}
+
+type HostToolLogReq struct {
+	Type string `json:"type" validate:"required,oneof=supervisord"`
+}
+
+type HostToolConfig struct {
+	Type    string `json:"type" validate:"required,oneof=supervisord"`
+	Operate string `json:"operate" validate:"oneof=get set"`
+	Content string `json:"content"`
+}
+
+type SupervisorProcessConfig struct {
+	Name     string `json:"name"`
+	Operate  string `json:"operate"`
+	Command  string `json:"command"`
+	User     string `json:"user"`
+	Dir      string `json:"dir"`
+	Numprocs string `json:"numprocs"`
+}
+type SupervisorProcessFileReq struct {
+	Name    string `json:"name" validate:"required"`
+	Operate string `json:"operate" validate:"required,oneof=get clear update" `
+	Content string `json:"content"`
+	File    string `json:"file" validate:"required,oneof=out.log err.log config"`
+}
--- a/backend/app/dto/request/nginx.go
+++ b/backend/app/dto/request/nginx.go
@@ -3,9 +3,8 @@ package request
 import "github.com/1Panel-dev/1Panel/backend/app/dto"

 type NginxConfigFileUpdate struct {
-	Content  string `json:"content" validate:"required"`
-	FilePath string `json:"filePath" validate:"required"`
-	Backup   bool   `json:"backup" validate:"required"`
+	Content string `json:"content" validate:"required"`
+	Backup  bool   `json:"backup" validate:"required"`
 }

 type NginxScopeReq struct {
@@ -19,3 +18,70 @@ type NginxConfigUpdate struct {
 	WebsiteID uint         `json:"websiteId" validate:"required"`
 	Params    interface{}  `json:"params"`
 }
+
+type NginxRewriteReq struct {
+	WebsiteID uint   `json:"websiteId" validate:"required"`
+	Name      string `json:"name" validate:"required"`
+}
+
+type NginxRewriteUpdate struct {
+	WebsiteID uint   `json:"websiteId" validate:"required"`
+	Name      string `json:"name" validate:"required"`
+	Content   string `json:"content" validate:"required"`
+}
+
+type NginxProxyUpdate struct {
+	WebsiteID uint   `json:"websiteID" validate:"required"`
+	Content   string `json:"content" validate:"required"`
+	Name      string `json:"name" validate:"required"`
+}
+
+type NginxAuthUpdate struct {
+	WebsiteID uint   `json:"websiteID" validate:"required"`
+	Operate   string `json:"operate" validate:"required"`
+	Username  string `json:"username"  validate:"required"`
+	Password  string `json:"password" validate:"required"`
+	Remark    string `json:"remark"`
+}
+
+type NginxAuthReq struct {
+	WebsiteID uint `json:"websiteID" validate:"required"`
+}
+
+type NginxCommonReq struct {
+	WebsiteID uint `json:"websiteID" validate:"required"`
+}
+
+type NginxAntiLeechUpdate struct {
+	WebsiteID   uint     `json:"websiteID" validate:"required"`
+	Extends     string   `json:"extends" validate:"required"`
+	Return      string   `json:"return" validate:"required"`
+	Enable      bool     `json:"enable"  validate:"required"`
+	ServerNames []string `json:"serverNames"`
+	Cache       bool     `json:"cache"`
+	CacheTime   int      `json:"cacheTime"`
+	CacheUint   string   `json:"cacheUint"`
+	NoneRef     bool     `json:"noneRef"`
+	LogEnable   bool     `json:"logEnable"`
+	Blocked     bool     `json:"blocked"`
+}
+
+type NginxRedirectReq struct {
+	Name         string   `json:"name" validate:"required"`
+	WebsiteID    uint     `json:"websiteID" validate:"required"`
+	Domains      []string `json:"domains"`
+	KeepPath     bool     `json:"keepPath" validate:"required"`
+	Enable       bool     `json:"enable" validate:"required"`
+	Type         string   `json:"type" validate:"required"`
+	Redirect     string   `json:"redirect" validate:"required"`
+	Path         string   `json:"path"`
+	Target       string   `json:"target" validate:"required"`
+	Operate      string   `json:"operate" validate:"required"`
+	RedirectRoot bool     `json:"redirectRoot"`
+}
+
+type NginxRedirectUpdate struct {
+	WebsiteID uint   `json:"websiteID" validate:"required"`
+	Content   string `json:"content" validate:"required"`
+	Name      string `json:"name" validate:"required"`
+}
--- a/backend/app/dto/request/process.go
+++ b/backend/app/dto/request/process.go
@@ -0,0 +1,5 @@
+package request
+
+type ProcessReq struct {
+	PID int32 `json:"PID"  validate:"required"`
+}
--- a/backend/app/dto/request/runtime.go
+++ b/backend/app/dto/request/runtime.go
@@ -0,0 +1,32 @@
+package request
+
+import "github.com/1Panel-dev/1Panel/backend/app/dto"
+
+type RuntimeSearch struct {
+	dto.PageInfo
+	Type   string `json:"type"`
+	Name   string `json:"name"`
+	Status string `json:"status"`
+}
+
+type RuntimeCreate struct {
+	AppDetailID uint                   `json:"appDetailId"`
+	Name        string                 `json:"name"`
+	Params      map[string]interface{} `json:"params"`
+	Resource    string                 `json:"resource"`
+	Image       string                 `json:"image"`
+	Type        string                 `json:"type"`
+	Version     string                 `json:"version"`
+}
+
+type RuntimeDelete struct {
+	ID uint `json:"id"`
+}
+
+type RuntimeUpdate struct {
+	Name    string                 `json:"name"`
+	ID      uint                   `json:"id"`
+	Params  map[string]interface{} `json:"params"`
+	Image   string                 `json:"image"`
+	Version string                 `json:"version"`
+}
--- a/backend/app/dto/request/website.go
+++ b/backend/app/dto/request/website.go
@@ -7,6 +7,8 @@ import (
 type WebsiteSearch struct {
 	dto.PageInfo
 	Name           string `json:"name"`
+	OrderBy        string `json:"orderBy"`
+	Order          string `json:"order"`
 	WebsiteGroupID uint   `json:"websiteGroupId"`
 }

@@ -18,17 +20,28 @@ type WebsiteCreate struct {
 	OtherDomains   string `json:"otherDomains"`
 	Proxy          string `json:"proxy"`
 	WebsiteGroupID uint   `json:"webSiteGroupID" validate:"required"`
+	IPV6           bool   `json:"IPV6"`

 	AppType      string        `json:"appType" validate:"oneof=new installed"`
 	AppInstall   NewAppInstall `json:"appInstall"`
 	AppID        uint          `json:"appID"`
 	AppInstallID uint          `json:"appInstallID"`
+
+	RuntimeID uint `json:"runtimeID"`
+	RuntimeConfig
+}
+
+type RuntimeConfig struct {
+	ProxyType string `json:"proxyType"`
+	Port      int    `json:"port"`
 }

 type NewAppInstall struct {
 	Name        string                 `json:"name"`
 	AppDetailId uint                   `json:"appDetailID"`
 	Params      map[string]interface{} `json:"params"`
+
+	AppContainerConfig
 }

 type WebsiteInstallCheckReq struct {
@@ -41,6 +54,7 @@ type WebsiteUpdate struct {
 	Remark         string `json:"remark"`
 	WebsiteGroupID uint   `json:"webSiteGroupID" validate:"required"`
 	ExpireDate     string `json:"expireDate"`
+	IPV6           bool   `json:"IPV6"`
 }

 type WebsiteDelete struct {
@@ -61,6 +75,12 @@ type WebsiteWafReq struct {
 	Rule      string `json:"rule" validate:"required"`
 }

+type WebsiteRedirectUpdate struct {
+	WebsiteID uint   `json:"websiteId" validate:"required"`
+	Key       string `json:"key" validate:"required"`
+	Enable    bool   `json:"enable" validate:"required"`
+}
+
 type WebsiteWafUpdate struct {
 	WebsiteID uint   `json:"websiteId" validate:"required"`
 	Key       string `json:"key" validate:"required"`
@@ -101,15 +121,18 @@ type WebsiteDomainDelete struct {
 }

 type WebsiteHTTPSOp struct {
-	WebsiteID    uint     `json:"websiteId" validate:"required"`
-	Enable       bool     `json:"enable" validate:"required"`
-	WebsiteSSLID uint     `json:"websiteSSLId"`
-	Type         string   `json:"type"  validate:"oneof=existed auto manual"`
-	PrivateKey   string   `json:"privateKey"`
-	Certificate  string   `json:"certificate"`
-	HttpConfig   string   `json:"HttpConfig"  validate:"oneof=HTTPSOnly HTTPAlso HTTPToHTTPS"`
-	SSLProtocol  []string `json:"SSLProtocol"`
-	Algorithm    string   `json:"algorithm"`
+	WebsiteID       uint     `json:"websiteId" validate:"required"`
+	Enable          bool     `json:"enable" validate:"required"`
+	WebsiteSSLID    uint     `json:"websiteSSLId"`
+	Type            string   `json:"type"  validate:"oneof=existed auto manual"`
+	PrivateKey      string   `json:"privateKey"`
+	Certificate     string   `json:"certificate"`
+	PrivateKeyPath  string   `json:"privateKeyPath"`
+	CertificatePath string   `json:"certificatePath"`
+	ImportType      string   `json:"importType"`
+	HttpConfig      string   `json:"httpConfig"  validate:"oneof=HTTPSOnly HTTPAlso HTTPToHTTPS"`
+	SSLProtocol     []string `json:"SSLProtocol"`
+	Algorithm       string   `json:"algorithm"`
 }

 type WebsiteNginxUpdate struct {
@@ -126,3 +149,65 @@ type WebsiteLogReq struct {
 type WebsiteDefaultUpdate struct {
 	ID uint `json:"id" validate:"required"`
 }
+
+type WebsitePHPConfigUpdate struct {
+	ID               uint              `json:"id" validate:"required"`
+	Params           map[string]string `json:"params"`
+	Scope            string            `json:"scope" validate:"required"`
+	DisableFunctions []string          `json:"disableFunctions"`
+	UploadMaxSize    string            `json:"uploadMaxSize"`
+}
+
+type WebsitePHPFileUpdate struct {
+	ID      uint   `json:"id" validate:"required"`
+	Type    string `json:"type" validate:"required"`
+	Content string `json:"content" validate:"required"`
+}
+
+type WebsitePHPVersionReq struct {
+	WebsiteID    uint `json:"websiteID" validate:"required"`
+	RuntimeID    uint `json:"runtimeID" validate:"required"`
+	RetainConfig bool `json:"retainConfig" validate:"required"`
+}
+
+type WebsiteUpdateDir struct {
+	ID      uint   `json:"id" validate:"required"`
+	SiteDir string `json:"siteDir" validate:"required"`
+}
+
+type WebsiteUpdateDirPermission struct {
+	ID    uint   `json:"id" validate:"required"`
+	User  string `json:"user" validate:"required"`
+	Group string `json:"group" validate:"required"`
+}
+
+type WebsiteProxyConfig struct {
+	ID        uint              `json:"id" validate:"required"`
+	Operate   string            `json:"operate" validate:"required"`
+	Enable    bool              `json:"enable"  validate:"required"`
+	Cache     bool              `json:"cache"  validate:"required"`
+	CacheTime int               `json:"cacheTime"  validate:"required"`
+	CacheUnit string            `json:"cacheUnit" validate:"required"`
+	Name      string            `json:"name" validate:"required"`
+	Modifier  string            `json:"modifier" validate:"required"`
+	Match     string            `json:"match" validate:"required"`
+	ProxyPass string            `json:"proxyPass" validate:"required"`
+	ProxyHost string            `json:"proxyHost" validate:"required"`
+	Content   string            `json:"content"`
+	FilePath  string            `json:"filePath"`
+	Replaces  map[string]string `json:"replaces"`
+}
+
+type WebsiteProxyReq struct {
+	ID uint `json:"id" validate:"required"`
+}
+
+type WebsiteRedirectReq struct {
+	WebsiteID uint `json:"websiteId" validate:"required"`
+}
+
+type WebsiteWafFileUpdate struct {
+	WebsiteID uint   `json:"websiteID" validate:"required"`
+	Content   string `json:"content" validate:"required"`
+	Type      string `json:"type" validate:"required,oneof=cc ip_white ip_block url_white url_block cookie_block args_check post_check ua_check file_ext_block"`
+}
--- a/backend/app/dto/request/website_ssl.go
+++ b/backend/app/dto/request/website_ssl.go
@@ -4,6 +4,7 @@ import "github.com/1Panel-dev/1Panel/backend/app/dto"

 type WebsiteSSLSearch struct {
 	dto.PageInfo
+	AcmeAccountID string `json:"acmeAccountID"`
 }

 type WebsiteSSLCreate struct {
@@ -44,3 +45,8 @@ type WebsiteDnsAccountUpdate struct {
 type WebsiteResourceReq struct {
 	ID uint `json:"id" validate:"required"`
 }
+
+type WebsiteSSLUpdate struct {
+	ID        uint `json:"id" validate:"required"`
+	AutoRenew bool `json:"autoRenew" validate:"required"`
+}
--- a/backend/app/dto/response/app.go
+++ b/backend/app/dto/response/app.go
@@ -1,8 +1,10 @@
 package response

 import (
-	"github.com/1Panel-dev/1Panel/backend/app/model"
+	"github.com/1Panel-dev/1Panel/backend/app/dto/request"
 	"time"
+
+	"github.com/1Panel-dev/1Panel/backend/app/model"
 )

 type AppRes struct {
@@ -11,15 +13,15 @@ type AppRes struct {
 }

 type AppUpdateRes struct {
-	Version      string `json:"version"`
-	CanUpdate    bool   `json:"canUpdate"`
-	DownloadPath string `json:"downloadPath"`
+	CanUpdate            bool `json:"canUpdate"`
+	AppStoreLastModified int  `json:"appStoreLastModified"`
 }

 type AppDTO struct {
 	model.App
-	Versions []string    `json:"versions"`
-	Tags     []model.Tag `json:"tags"`
+	Installed bool        `json:"installed"`
+	Versions  []string    `json:"versions"`
+	Tags      []model.Tag `json:"tags"`
 }

 type TagDTO struct {
@@ -43,6 +45,14 @@ type AppDetailDTO struct {
 	model.AppDetail
 	Enable bool        `json:"enable"`
 	Params interface{} `json:"params"`
+	Image  string      `json:"image"`
+}
+
+type IgnoredApp struct {
+	Icon     string `json:"icon"`
+	Name     string `json:"name"`
+	Version  string `json:"version"`
+	DetailID uint   `json:"detailID"`
 }

 type AppInstalledDTO struct {
@@ -52,6 +62,13 @@ type AppInstalledDTO struct {
 	AppName   string `json:"appName"`
 	Icon      string `json:"icon"`
 	CanUpdate bool   `json:"canUpdate"`
+	Path      string `json:"path"`
+}
+
+type DatabaseConn struct {
+	Password    string `json:"password"`
+	ServiceName string `json:"serviceName"`
+	Port        int64  `json:"port"`
 }

 type AppService struct {
@@ -61,11 +78,20 @@ type AppService struct {
 }

 type AppParam struct {
-	Value   interface{} `json:"value"`
-	Edit    bool        `json:"edit"`
-	Key     string      `json:"key"`
-	Rule    string      `json:"rule"`
-	LabelZh string      `json:"labelZh"`
-	LabelEn string      `json:"labelEn"`
-	Type    string      `json:"type"`
+	Value     interface{} `json:"value"`
+	Edit      bool        `json:"edit"`
+	Key       string      `json:"key"`
+	Rule      string      `json:"rule"`
+	LabelZh   string      `json:"labelZh"`
+	LabelEn   string      `json:"labelEn"`
+	Type      string      `json:"type"`
+	Values    interface{} `json:"values"`
+	ShowValue string      `json:"showValue"`
+	Required  bool        `json:"required"`
+	Multiple  bool        `json:"multiple"`
+}
+
+type AppConfig struct {
+	Params []AppParam `json:"params"`
+	request.AppContainerConfig
 }
--- a/backend/app/dto/response/host_tool.go
+++ b/backend/app/dto/response/host_tool.go
@@ -0,0 +1,41 @@
+package response
+
+type HostToolRes struct {
+	Type   string      `json:"type"`
+	Config interface{} `json:"config"`
+}
+
+type Supervisor struct {
+	ConfigPath  string `json:"configPath"`
+	IncludeDir  string `json:"includeDir"`
+	LogPath     string `json:"logPath"`
+	IsExist     bool   `json:"isExist"`
+	Init        bool   `json:"init"`
+	Msg         string `json:"msg"`
+	Version     string `json:"version"`
+	Status      string `json:"status"`
+	CtlExist    bool   `json:"ctlExist"`
+	ServiceName string `json:"serviceName"`
+}
+
+type HostToolConfig struct {
+	Content string `json:"content"`
+}
+
+type SupervisorProcessConfig struct {
+	Name     string          `json:"name"`
+	Command  string          `json:"command"`
+	User     string          `json:"user"`
+	Dir      string          `json:"dir"`
+	Numprocs string          `json:"numprocs"`
+	Msg      string          `json:"msg"`
+	Status   []ProcessStatus `json:"status"`
+}
+
+type ProcessStatus struct {
+	Name   string `json:"name"`
+	Status string `json:"status"`
+	PID    string `json:"PID"`
+	Uptime string `json:"uptime"`
+	Msg    string `json:"msg"`
+}
--- a/backend/app/dto/response/nginx.go
+++ b/backend/app/dto/response/nginx.go
@@ -1,5 +1,7 @@
 package response

+import "github.com/1Panel-dev/1Panel/backend/app/dto"
+
 type NginxStatus struct {
 	Active   string `json:"active"`
 	Accepts  string `json:"accepts"`
@@ -14,3 +16,40 @@ type NginxParam struct {
 	Name   string   `json:"name"`
 	Params []string `json:"params"`
 }
+
+type NginxAuthRes struct {
+	Enable bool            `json:"enable"`
+	Items  []dto.NginxAuth `json:"items"`
+}
+
+type NginxAntiLeechRes struct {
+	Enable      bool     `json:"enable"`
+	Extends     string   `json:"extends"`
+	Return      string   `json:"return"`
+	ServerNames []string `json:"serverNames"`
+	Cache       bool     `json:"cache"`
+	CacheTime   int      `json:"cacheTime"`
+	CacheUint   string   `json:"cacheUint"`
+	NoneRef     bool     `json:"noneRef"`
+	LogEnable   bool     `json:"logEnable"`
+	Blocked     bool     `json:"blocked"`
+}
+
+type NginxRedirectConfig struct {
+	WebsiteID    uint     `json:"websiteID"`
+	Name         string   `json:"name"`
+	Domains      []string `json:"domains"`
+	KeepPath     bool     `json:"keepPath"`
+	Enable       bool     `json:"enable"`
+	Type         string   `json:"type"`
+	Redirect     string   `json:"redirect"`
+	Path         string   `json:"path"`
+	Target       string   `json:"target"`
+	FilePath     string   `json:"filePath"`
+	Content      string   `json:"content"`
+	RedirectRoot bool     `json:"redirectRoot"`
+}
+
+type NginxFile struct {
+	Content string `json:"content"`
+}
--- a/backend/app/dto/response/runtime.go
+++ b/backend/app/dto/response/runtime.go
@@ -0,0 +1,9 @@
+package response
+
+import "github.com/1Panel-dev/1Panel/backend/app/model"
+
+type RuntimeRes struct {
+	model.Runtime
+	AppParams []AppParam `json:"appParams"`
+	AppID     uint       `json:"appId"`
+}
--- a/backend/app/dto/response/website.go
+++ b/backend/app/dto/response/website.go
@@ -10,6 +10,7 @@ type WebsiteDTO struct {
 	AccessLogPath string `json:"accessLogPath"`
 	SitePath      string `json:"sitePath"`
 	AppName       string `json:"appName"`
+	RuntimeName   string `json:"runtimeName"`
 }

 type WebsitePreInstallCheck struct {
@@ -25,9 +26,8 @@ type WebsiteNginxConfig struct {
 }

 type WebsiteWafConfig struct {
-	Enable   bool   `json:"enable"`
-	FilePath string `json:"filePath"`
-	Content  string `json:"content"`
+	Enable  bool   `json:"enable"`
+	Content string `json:"content"`
 }

 type WebsiteHTTPS struct {
@@ -42,3 +42,13 @@ type WebsiteLog struct {
 	Enable  bool   `json:"enable"`
 	Content string `json:"content"`
 }
+
+type PHPConfig struct {
+	Params           map[string]string `json:"params"`
+	DisableFunctions []string          `json:"disableFunctions"`
+	UploadMaxSize    string            `json:"uploadMaxSize"`
+}
+
+type NginxRewriteRes struct {
+	Content string `json:"content"`
+}
--- a/backend/app/dto/setting.go
+++ b/backend/app/dto/setting.go
@@ -5,10 +5,13 @@ import "time"
 type SettingInfo struct {
 	UserName      string `json:"userName"`
 	Email         string `json:"email"`
+	SystemIP      string `json:"systemIP"`
 	SystemVersion string `json:"systemVersion"`

 	SessionTimeout string `json:"sessionTimeout"`
 	LocalTime      string `json:"localTime"`
+	TimeZone       string `json:"timeZone"`
+	NtpSite        string `json:"ntpSite"`

 	Port      string `json:"port"`
 	PanelName string `json:"panelName"`
@@ -16,14 +19,20 @@ type SettingInfo struct {
 	Language  string `json:"language"`

 	ServerPort             string `json:"serverPort"`
+	SSL                    string `json:"ssl"`
+	SSLType                string `json:"sslType"`
+	BindDomain             string `json:"bindDomain"`
+	AllowIPs               string `json:"allowIPs"`
 	SecurityEntrance       string `json:"securityEntrance"`
 	ExpirationDays         string `json:"expirationDays"`
 	ExpirationTime         string `json:"expirationTime"`
 	ComplexityVerification string `json:"complexityVerification"`
 	MFAStatus              string `json:"mfaStatus"`
 	MFASecret              string `json:"mfaSecret"`
+	MFAInterval            string `json:"mfaInterval"`

 	MonitorStatus    string `json:"monitorStatus"`
+	MonitorInterval  string `json:"monitorInterval"`
 	MonitorStoreDays string `json:"monitorStoreDays"`

 	MessageType string `json:"messageType"`
@@ -31,7 +40,8 @@ type SettingInfo struct {
 	WeChatVars  string `json:"weChatVars"`
 	DingVars    string `json:"dingVars"`

-	AppStoreVersion string `json:"appStoreVersion"`
+	AppStoreVersion      string `json:"appStoreVersion"`
+	AppStoreLastModified string `json:"appStoreLastModified"`
 }

 type SettingUpdate struct {
@@ -39,6 +49,23 @@ type SettingUpdate struct {
 	Value string `json:"value"`
 }

+type SSLUpdate struct {
+	SSLType string `json:"sslType"`
+	Domain  string `json:"domain"`
+	SSL     string `json:"ssl" validate:"required,oneof=enable disable"`
+	Cert    string `json:"cert"`
+	Key     string `json:"key"`
+	SSLID   uint   `json:"sslID"`
+}
+type SSLInfo struct {
+	Domain   string `json:"domain"`
+	Timeout  string `json:"timeout"`
+	RootPath string `json:"rootPath"`
+	Cert     string `json:"cert"`
+	Key      string `json:"key"`
+	SSLID    uint   `json:"sslID"`
+}
+
 type PasswordUpdate struct {
 	OldPassword string `json:"oldPassword" validate:"required"`
 	NewPassword string `json:"newPassword" validate:"required"`
@@ -49,8 +76,8 @@ type PortUpdate struct {
 }

 type SnapshotCreate struct {
-	From        string `json:"from" validate:"required,oneof=OSS S3 SFTP MINIO"`
-	Description string `json:"description"`
+	From        string `json:"from" validate:"required,oneof=OSS S3 SFTP MINIO COS KODO OneDrive"`
+	Description string `json:"description" validate:"max=256"`
 }
 type SnapshotRecover struct {
 	IsNew      bool `json:"isNew"`
@@ -60,12 +87,12 @@ type SnapshotRecover struct {
 type SnapshotImport struct {
 	From        string   `json:"from"`
 	Names       []string `json:"names"`
-	Description string   `json:"description"`
+	Description string   `json:"description" validate:"max=256"`
 }
 type SnapshotInfo struct {
 	ID          uint      `json:"id"`
 	Name        string    `json:"name"`
-	Description string    `json:"description"`
+	Description string    `json:"description" validate:"max=256"`
 	From        string    `json:"from"`
 	Status      string    `json:"status"`
 	Message     string    `json:"message"`
@@ -82,9 +109,15 @@ type SnapshotInfo struct {
 }

 type UpgradeInfo struct {
-	NewVersion  string `json:"newVersion"`
-	ReleaseNote string `json:"releaseNote"`
+	NewVersion    string `json:"newVersion"`
+	LatestVersion string `json:"latestVersion"`
+	ReleaseNote   string `json:"releaseNote"`
 }
+
+type SyncTime struct {
+	NtpSite string `json:"ntpSite"`
+}
+
 type Upgrade struct {
 	Version string `json:"version"`
 }
--- a/backend/app/dto/ssh.go
+++ b/backend/app/dto/ssh.go
@@ -0,0 +1,49 @@
+package dto
+
+import "time"
+
+type SSHInfo struct {
+	Status                 string `json:"status"`
+	Message                string `json:"message"`
+	Port                   string `json:"port"`
+	ListenAddress          string `json:"listenAddress"`
+	PasswordAuthentication string `json:"passwordAuthentication"`
+	PubkeyAuthentication   string `json:"pubkeyAuthentication"`
+	PermitRootLogin        string `json:"permitRootLogin"`
+	UseDNS                 string `json:"useDNS"`
+}
+
+type GenerateSSH struct {
+	EncryptionMode string `json:"encryptionMode" validate:"required,oneof=rsa ed25519 ecdsa dsa"`
+	Password       string `json:"password"`
+}
+
+type GenerateLoad struct {
+	EncryptionMode string `json:"encryptionMode" validate:"required,oneof=rsa ed25519 ecdsa dsa"`
+}
+
+type SSHConf struct {
+	File string `json:"file"`
+}
+type SearchSSHLog struct {
+	PageInfo
+	Info   string `json:"info"`
+	Status string `json:"Status" validate:"required,oneof=Success Failed All"`
+}
+type SSHLog struct {
+	Logs            []SSHHistory `json:"logs"`
+	TotalCount      int          `json:"totalCount"`
+	SuccessfulCount int          `json:"successfulCount"`
+	FailedCount     int          `json:"failedCount"`
+}
+type SSHHistory struct {
+	Date     time.Time `json:"date"`
+	DateStr  string    `json:"dateStr"`
+	Area     string    `json:"area"`
+	User     string    `json:"user"`
+	AuthMode string    `json:"authMode"`
+	Address  string    `json:"address"`
+	Port     string    `json:"port"`
+	Status   string    `json:"status"`
+	Message  string    `json:"message"`
+}
--- a/backend/app/model/app.go
+++ b/backend/app/model/app.go
@@ -2,21 +2,25 @@ package model

 type App struct {
 	BaseModel
-	Name               string      `json:"name" gorm:"type:varchar(64);not null"`
-	Key                string      `json:"key" gorm:"type:varchar(64);not null;uniqueIndex"`
-	ShortDescZh        string      `json:"shortDescZh" gorm:"type:longtext;"`
-	ShortDescEn        string      `json:"shortDescEn" gorm:"type:longtext;"`
-	Icon               string      `json:"icon" gorm:"type:longtext;"`
-	Type               string      `json:"type" gorm:"type:varchar(64);not null"`
-	Status             string      `json:"status" gorm:"type:varchar(64);not null"`
-	Required           string      `json:"required" gorm:"type:varchar(64);not null"`
-	CrossVersionUpdate bool        `json:"crossVersionUpdate"`
-	Limit              int         `json:"limit" gorm:"type:Integer;not null"`
-	Website            string      `json:"website" gorm:"type:varchar(64);not null"`
-	Github             string      `json:"github" gorm:"type:varchar(64);not null"`
-	Document           string      `json:"document" gorm:"type:varchar(64);not null"`
-	Recommend          int         `json:"recommend" gorm:"type:Integer;not null"`
-	Details            []AppDetail `json:"-" gorm:"-:migration"`
-	TagsKey            []string    `json:"-" gorm:"-"`
-	AppTags            []AppTag    `json:"-" gorm:"-:migration"`
+	Name               string `json:"name" gorm:"type:varchar(64);not null"`
+	Key                string `json:"key" gorm:"type:varchar(64);not null;"`
+	ShortDescZh        string `json:"shortDescZh" yaml:"shortDescZh" gorm:"type:longtext;"`
+	ShortDescEn        string `json:"shortDescEn" yaml:"shortDescEn" gorm:"type:longtext;"`
+	Icon               string `json:"icon" gorm:"type:longtext;"`
+	Type               string `json:"type" gorm:"type:varchar(64);not null"`
+	Status             string `json:"status" gorm:"type:varchar(64);not null"`
+	Required           string `json:"required" gorm:"type:varchar(64);"`
+	CrossVersionUpdate bool   `json:"crossVersionUpdate"`
+	Limit              int    `json:"limit" gorm:"type:Integer;not null"`
+	Website            string `json:"website" gorm:"type:varchar(64);not null"`
+	Github             string `json:"github" gorm:"type:varchar(64);not null"`
+	Document           string `json:"document" gorm:"type:varchar(64);not null"`
+	Recommend          int    `json:"recommend" gorm:"type:Integer;not null"`
+	Resource           string `json:"resource" gorm:"type:varchar;not null;default:remote"`
+	ReadMe             string `json:"readMe" gorm:"type:varchar;"`
+	LastModified       int    `json:"lastModified" gorm:"type:Integer;"`
+
+	Details []AppDetail `json:"-" gorm:"-:migration"`
+	TagsKey []string    `json:"tags" yaml:"tags" gorm:"-"`
+	AppTags []AppTag    `json:"-" gorm:"-:migration"`
 }
--- a/backend/app/model/app_detail.go
+++ b/backend/app/model/app_detail.go
@@ -2,11 +2,15 @@ package model

 type AppDetail struct {
 	BaseModel
-	AppId         uint   `json:"appId" gorm:"type:integer;not null"`
-	Version       string `json:"version" gorm:"type:varchar(64);not null"`
-	Params        string `json:"-" gorm:"type:longtext;"`
-	DockerCompose string `json:"-"  gorm:"type:longtext;not null"`
-	Readme        string `json:"readme"  gorm:"type:longtext;"`
-	Status        string `json:"status" gorm:"type:varchar(64);not null"`
-	LastVersion   string `json:"lastVersion" gorm:"type:varchar(64);"`
+	AppId               uint   `json:"appId" gorm:"type:integer;not null"`
+	Version             string `json:"version" gorm:"type:varchar(64);not null"`
+	Params              string `json:"-" gorm:"type:longtext;"`
+	DockerCompose       string `json:"dockerCompose"  gorm:"type:longtext;"`
+	Status              string `json:"status" gorm:"type:varchar(64);not null"`
+	LastVersion         string `json:"lastVersion" gorm:"type:varchar(64);"`
+	LastModified        int    `json:"lastModified" gorm:"type:integer;"`
+	DownloadUrl         string `json:"downloadUrl"  gorm:"type:varchar;"`
+	DownloadCallBackUrl string `json:"downloadCallBackUrl" gorm:"type:longtext;"`
+	Update              bool   `json:"update"`
+	IgnoreUpgrade       bool   `json:"ignoreUpgrade"`
 }
--- a/backend/app/model/app_install.go
+++ b/backend/app/model/app_install.go
@@ -2,6 +2,7 @@ package model

 import (
 	"path"
+	"strings"

 	"github.com/1Panel-dev/1Panel/backend/constant"
 )
@@ -26,9 +27,21 @@ type AppInstall struct {
 }

 func (i *AppInstall) GetPath() string {
-	return path.Join(constant.AppInstallDir, i.App.Key, i.Name)
+	return path.Join(i.getAppPath(), i.Name)
 }

 func (i *AppInstall) GetComposePath() string {
-	return path.Join(constant.AppInstallDir, i.App.Key, i.Name, "docker-compose.yml")
+	return path.Join(i.getAppPath(), i.Name, "docker-compose.yml")
+}
+
+func (i *AppInstall) GetEnvPath() string {
+	return path.Join(i.getAppPath(), i.Name, ".env")
+}
+
+func (i *AppInstall) getAppPath() string {
+	if i.App.Resource == constant.AppResourceLocal {
+		return path.Join(constant.LocalAppInstallDir, strings.TrimPrefix(i.App.Key, constant.AppResourceLocal))
+	} else {
+		return path.Join(constant.AppInstallDir, i.App.Key)
+	}
 }
--- a/backend/app/model/backup.go
+++ b/backend/app/model/backup.go
@@ -6,6 +6,7 @@ type BackupAccount struct {
 	Bucket     string `gorm:"type:varchar(256)" json:"bucket"`
 	AccessKey  string `gorm:"type:varchar(256)" json:"accessKey"`
 	Credential string `gorm:"type:varchar(256)" json:"credential"`
+	BackupPath string `gorm:"type:varchar(256)" json:"backupPath"`
 	Vars       string `gorm:"type:longText" json:"vars"`
 }

--- a/backend/app/model/cronjob.go
+++ b/backend/app/model/cronjob.go
@@ -13,7 +13,9 @@ type Cronjob struct {
 	Day      uint64 `gorm:"type:decimal" json:"day"`
 	Hour     uint64 `gorm:"type:decimal" json:"hour"`
 	Minute   uint64 `gorm:"type:decimal" json:"minute"`
+	Second   uint64 `gorm:"type:decimal" json:"second"`

+	ContainerName  string `gorm:"type:varchar(64)" json:"containerName"`
 	Script         string `gorm:"longtext" json:"script"`
 	Website        string `gorm:"type:varchar(64)" json:"website"`
 	DBName         string `gorm:"type:varchar(64)" json:"dbName"`
--- a/backend/app/model/database_mysql.go
+++ b/backend/app/model/database_mysql.go
@@ -3,6 +3,7 @@ package model
 type DatabaseMysql struct {
 	BaseModel
 	Name        string `json:"name" gorm:"type:varchar(256);not null"`
+	From        string `json:"from" gorm:"type:varchar(256);not null;default:local"`
 	MysqlName   string `json:"mysqlName" gorm:"type:varchar(64);not null"`
 	Format      string `json:"format" gorm:"type:varchar(64);not null"`
 	Username    string `json:"username" gorm:"type:varchar(256);not null"`
--- a/backend/app/model/host.go
+++ b/backend/app/model/host.go
@@ -2,14 +2,17 @@ package model

 type Host struct {
 	BaseModel
-	GroupID    uint   `gorm:"type:decimal;not null" json:"group_id"`
-	Name       string `gorm:"type:varchar(64);not null" json:"name"`
-	Addr       string `gorm:"type:varchar(16);not null" json:"addr"`
-	Port       int    `gorm:"type:decimal;not null" json:"port"`
-	User       string `gorm:"type:varchar(64);not null" json:"user"`
-	AuthMode   string `gorm:"type:varchar(16);not null" json:"authMode"`
-	Password   string `gorm:"type:varchar(64)" json:"password"`
-	PrivateKey string `gorm:"type:varchar(256)" json:"privateKey"`
+
+	GroupID          uint   `gorm:"type:decimal;not null" json:"group_id"`
+	Name             string `gorm:"type:varchar(64);not null" json:"name"`
+	Addr             string `gorm:"type:varchar(16);not null" json:"addr"`
+	Port             int    `gorm:"type:decimal;not null" json:"port"`
+	User             string `gorm:"type:varchar(64);not null" json:"user"`
+	AuthMode         string `gorm:"type:varchar(16);not null" json:"authMode"`
+	Password         string `gorm:"type:varchar(64)" json:"password"`
+	PrivateKey       string `gorm:"type:varchar(256)" json:"privateKey"`
+	PassPhrase       string `gorm:"type:varchar(256)" json:"passPhrase"`
+	RememberPassword bool   `json:"rememberPassword"`

 	Description string `gorm:"type:varchar(256)" json:"description"`
 }
--- a/backend/app/model/remote_db.go
+++ b/backend/app/model/remote_db.go
@@ -0,0 +1,14 @@
+package model
+
+type RemoteDB struct {
+	BaseModel
+	Name        string `json:"name" gorm:"type:varchar(64);not null"`
+	Type        string `json:"type" gorm:"type:varchar(64);not null"`
+	Version     string `json:"version" gorm:"type:varchar(64);not null"`
+	From        string `json:"from" gorm:"type:varchar(64);not null"`
+	Address     string `json:"address" gorm:"type:varchar(64);not null"`
+	Port        uint   `json:"port" gorm:"type:decimal;not null"`
+	Username    string `json:"username" gorm:"type:varchar(64)"`
+	Password    string `json:"password" gorm:"type:varchar(64)"`
+	Description string `json:"description" gorm:"type:varchar(256);"`
+}
--- a/backend/app/model/runtime.go
+++ b/backend/app/model/runtime.go
@@ -0,0 +1,17 @@
+package model
+
+type Runtime struct {
+	BaseModel
+	Name          string `gorm:"type:varchar;not null" json:"name"`
+	AppDetailID   uint   `gorm:"type:integer" json:"appDetailId"`
+	Image         string `gorm:"type:varchar" json:"image"`
+	WorkDir       string `gorm:"type:varchar" json:"workDir"`
+	DockerCompose string `gorm:"type:varchar" json:"dockerCompose"`
+	Env           string `gorm:"type:varchar" json:"env"`
+	Params        string `gorm:"type:varchar" json:"params"`
+	Version       string `gorm:"type:varchar;not null" json:"version"`
+	Type          string `gorm:"type:varchar;not null" json:"type"`
+	Status        string `gorm:"type:varchar;not null" json:"status"`
+	Resource      string `gorm:"type:varchar;not null" json:"resource"`
+	Message       string `gorm:"type:longtext;" json:"message"`
+}
--- a/backend/app/model/website.go
+++ b/backend/app/model/website.go
@@ -4,23 +4,34 @@ import "time"

 type Website struct {
 	BaseModel
-	Protocol       string          `gorm:"type:varchar(64);not null" json:"protocol"`
-	PrimaryDomain  string          `gorm:"type:varchar(128);not null" json:"primaryDomain"`
-	Type           string          `gorm:"type:varchar(64);not null" json:"type"`
-	Alias          string          `gorm:"type:varchar(128);not null" json:"alias"`
-	Remark         string          `gorm:"type:longtext;" json:"remark"`
-	Status         string          `gorm:"type:varchar(64);not null" json:"status"`
-	HttpConfig     string          `gorm:"type:varchar(64);not null" json:"httpConfig"`
-	ExpireDate     time.Time       `json:"expireDate"`
-	AppInstallID   uint            `gorm:"type:integer" json:"appInstallId"`
-	WebsiteGroupID uint            `gorm:"type:integer" json:"webSiteGroupId"`
-	WebsiteSSLID   uint            `gorm:"type:integer" json:"webSiteSSLId"`
-	Proxy          string          `gorm:"type:varchar(128);not null" json:"proxy"`
-	ErrorLog       bool            `json:"errorLog"`
-	AccessLog      bool            `json:"accessLog"`
-	DefaultServer  bool            `json:"defaultServer"`
-	Domains        []WebsiteDomain `json:"domains" gorm:"-:migration"`
-	WebsiteSSL     WebsiteSSL      `json:"webSiteSSL" gorm:"-:migration"`
+	Protocol      string    `gorm:"type:varchar;not null" json:"protocol"`
+	PrimaryDomain string    `gorm:"type:varchar;not null" json:"primaryDomain"`
+	Type          string    `gorm:"type:varchar;not null" json:"type"`
+	Alias         string    `gorm:"type:varchar;not null" json:"alias"`
+	Remark        string    `gorm:"type:longtext;" json:"remark"`
+	Status        string    `gorm:"type:varchar;not null" json:"status"`
+	HttpConfig    string    `gorm:"type:varchar;not null" json:"httpConfig"`
+	ExpireDate    time.Time `json:"expireDate"`
+
+	Proxy         string `gorm:"type:varchar;" json:"proxy"`
+	ProxyType     string `gorm:"type:varchar;" json:"proxyType"`
+	SiteDir       string `gorm:"type:varchar;" json:"siteDir"`
+	ErrorLog      bool   `json:"errorLog"`
+	AccessLog     bool   `json:"accessLog"`
+	DefaultServer bool   `json:"defaultServer"`
+	IPV6          bool   `json:"IPV6"`
+	Rewrite       string `gorm:"type:varchar" json:"rewrite"`
+
+	WebsiteGroupID uint `gorm:"type:integer" json:"webSiteGroupId"`
+	WebsiteSSLID   uint `gorm:"type:integer" json:"webSiteSSLId"`
+	RuntimeID      uint `gorm:"type:integer" json:"runtimeID"`
+	AppInstallID   uint `gorm:"type:integer" json:"appInstallId"`
+
+	User  string `gorm:"type:varchar;" json:"user"`
+	Group string `gorm:"type:varchar;" json:"group"`
+
+	Domains    []WebsiteDomain `json:"domains" gorm:"-:migration"`
+	WebsiteSSL WebsiteSSL      `json:"webSiteSSL" gorm:"-:migration"`
 }

 func (w Website) TableName() string {
--- a/backend/app/model/website_group.go
+++ b/backend/app/model/website_group.go
@@ -1,11 +0,0 @@
-package model
-
-type WebsiteGroup struct {
-	BaseModel
-	Name    string `gorm:"type:varchar(64);not null" json:"name"`
-	Default bool   `json:"default"`
-}
-
-func (w WebsiteGroup) TableName() string {
-	return "website_groups"
-}
--- a/backend/app/repo/app.go
+++ b/backend/app/repo/app.go
@@ -11,6 +11,26 @@ import (
 type AppRepo struct {
 }

+type IAppRepo interface {
+	WithKey(key string) DBOption
+	WithType(typeStr string) DBOption
+	OrderByRecommend() DBOption
+	GetRecommend() DBOption
+	WithResource(resource string) DBOption
+	Page(page, size int, opts ...DBOption) (int64, []model.App, error)
+	GetFirst(opts ...DBOption) (model.App, error)
+	GetBy(opts ...DBOption) ([]model.App, error)
+	BatchCreate(ctx context.Context, apps []model.App) error
+	GetByKey(ctx context.Context, key string) (model.App, error)
+	Create(ctx context.Context, app *model.App) error
+	Save(ctx context.Context, app *model.App) error
+	BatchDelete(ctx context.Context, apps []model.App) error
+}
+
+func NewIAppRepo() IAppRepo {
+	return &AppRepo{}
+}
+
 func (a AppRepo) WithKey(key string) DBOption {
 	return func(db *gorm.DB) *gorm.DB {
 		return db.Where("key = ?", key)
@@ -35,12 +55,18 @@ func (a AppRepo) GetRecommend() DBOption {
 	}
 }

+func (a AppRepo) WithResource(resource string) DBOption {
+	return func(g *gorm.DB) *gorm.DB {
+		return g.Where("resource = ?", resource)
+	}
+}
+
 func (a AppRepo) Page(page, size int, opts ...DBOption) (int64, []model.App, error) {
 	var apps []model.App
 	db := getDb(opts...).Model(&model.App{})
 	count := int64(0)
 	db = db.Count(&count)
-	err := db.Limit(size).Offset(size * (page - 1)).Preload("AppTags").Find(&apps).Error
+	err := db.Debug().Limit(size).Offset(size * (page - 1)).Preload("AppTags").Find(&apps).Error
 	return count, apps, err
 }

@@ -81,3 +107,7 @@ func (a AppRepo) Create(ctx context.Context, app *model.App) error {
 func (a AppRepo) Save(ctx context.Context, app *model.App) error {
 	return getTx(ctx).Omit(clause.Associations).Save(app).Error
 }
+
+func (a AppRepo) BatchDelete(ctx context.Context, apps []model.App) error {
+	return getTx(ctx).Omit(clause.Associations).Delete(&apps).Error
+}
--- a/backend/app/repo/app_detail.go
+++ b/backend/app/repo/app_detail.go
@@ -4,22 +4,47 @@ import (
 	"context"
 	"github.com/1Panel-dev/1Panel/backend/app/model"
 	"gorm.io/gorm"
+	"gorm.io/gorm/clause"
 )

 type AppDetailRepo struct {
 }

+type IAppDetailRepo interface {
+	WithVersion(version string) DBOption
+	WithAppId(id uint) DBOption
+	WithIgnored() DBOption
+	GetFirst(opts ...DBOption) (model.AppDetail, error)
+	Update(ctx context.Context, detail model.AppDetail) error
+	BatchCreate(ctx context.Context, details []model.AppDetail) error
+	DeleteByAppIds(ctx context.Context, appIds []uint) error
+	GetBy(opts ...DBOption) ([]model.AppDetail, error)
+	BatchUpdateBy(maps map[string]interface{}, opts ...DBOption) error
+	BatchDelete(ctx context.Context, appDetails []model.AppDetail) error
+}
+
+func NewIAppDetailRepo() IAppDetailRepo {
+	return &AppDetailRepo{}
+}
+
 func (a AppDetailRepo) WithVersion(version string) DBOption {
 	return func(g *gorm.DB) *gorm.DB {
 		return g.Where("version = ?", version)
 	}
 }
+
 func (a AppDetailRepo) WithAppId(id uint) DBOption {
 	return func(g *gorm.DB) *gorm.DB {
 		return g.Where("app_id = ?", id)
 	}
 }

+func (a AppDetailRepo) WithIgnored() DBOption {
+	return func(g *gorm.DB) *gorm.DB {
+		return g.Where("ignore_upgrade = 1")
+	}
+}
+
 func (a AppDetailRepo) GetFirst(opts ...DBOption) (model.AppDetail, error) {
 	var detail model.AppDetail
 	err := getDb(opts...).Model(&model.AppDetail{}).Find(&detail).Error
@@ -51,3 +76,7 @@ func (a AppDetailRepo) BatchUpdateBy(maps map[string]interface{}, opts ...DBOpti
 	}
 	return db.Updates(&maps).Error
 }
+
+func (a AppDetailRepo) BatchDelete(ctx context.Context, appDetails []model.AppDetail) error {
+	return getTx(ctx).Omit(clause.Associations).Delete(&appDetails).Error
+}
--- a/backend/app/repo/app_install.go
+++ b/backend/app/repo/app_install.go
@@ -3,6 +3,7 @@ package repo
 import (
 	"context"
 	"encoding/json"
+	"gorm.io/gorm/clause"

 	"github.com/1Panel-dev/1Panel/backend/app/model"
 	"github.com/1Panel-dev/1Panel/backend/global"
@@ -11,6 +12,33 @@ import (

 type AppInstallRepo struct{}

+type IAppInstallRepo interface {
+	WithDetailIdsIn(detailIds []uint) DBOption
+	WithDetailIdNotIn(detailIds []uint) DBOption
+	WithAppId(appId uint) DBOption
+	WithAppIdsIn(appIds []uint) DBOption
+	WithStatus(status string) DBOption
+	WithServiceName(serviceName string) DBOption
+	WithContainerName(containerName string) DBOption
+	WithPort(port int) DBOption
+	WithIdNotInWebsite() DBOption
+	WithIDNotIs(id uint) DBOption
+	ListBy(opts ...DBOption) ([]model.AppInstall, error)
+	GetFirst(opts ...DBOption) (model.AppInstall, error)
+	Create(ctx context.Context, install *model.AppInstall) error
+	Save(ctx context.Context, install *model.AppInstall) error
+	DeleteBy(opts ...DBOption) error
+	Delete(ctx context.Context, install model.AppInstall) error
+	Page(page, size int, opts ...DBOption) (int64, []model.AppInstall, error)
+	BatchUpdateBy(maps map[string]interface{}, opts ...DBOption) error
+	LoadBaseInfo(key string, name string) (*RootInfo, error)
+	GetFirstByCtx(ctx context.Context, opts ...DBOption) (model.AppInstall, error)
+}
+
+func NewIAppInstallRepo() IAppInstallRepo {
+	return &AppInstallRepo{}
+}
+
 func (a *AppInstallRepo) WithDetailIdsIn(detailIds []uint) DBOption {
 	return func(g *gorm.DB) *gorm.DB {
 		return g.Where("app_detail_id in (?)", detailIds)
@@ -29,6 +57,12 @@ func (a *AppInstallRepo) WithAppId(appId uint) DBOption {
 	}
 }

+func (a *AppInstallRepo) WithIDNotIs(id uint) DBOption {
+	return func(g *gorm.DB) *gorm.DB {
+		return g.Where("id != ?", id)
+	}
+}
+
 func (a *AppInstallRepo) WithAppIdsIn(appIds []uint) DBOption {
 	return func(g *gorm.DB) *gorm.DB {
 		return g.Where("app_id in (?)", appIds)
@@ -47,6 +81,12 @@ func (a *AppInstallRepo) WithServiceName(serviceName string) DBOption {
 	}
 }

+func (a *AppInstallRepo) WithContainerName(containerName string) DBOption {
+	return func(db *gorm.DB) *gorm.DB {
+		return db.Where("container_name = ?", containerName)
+	}
+}
+
 func (a *AppInstallRepo) WithPort(port int) DBOption {
 	return func(db *gorm.DB) *gorm.DB {
 		return db.Where("https_port = ? or  http_port = ?", port, port)
@@ -73,13 +113,20 @@ func (a *AppInstallRepo) GetFirst(opts ...DBOption) (model.AppInstall, error) {
 	return install, err
 }

-func (a *AppInstallRepo) Create(ctx context.Context, install *model.AppInstall) error {
-	db := getTx(ctx).Model(&model.AppInstall{})
-	return db.Create(&install).Error
+func (a *AppInstallRepo) GetFirstByCtx(ctx context.Context, opts ...DBOption) (model.AppInstall, error) {
+	var install model.AppInstall
+	db := getTx(ctx, opts...).Model(&model.AppInstall{})
+	err := db.Preload("App").First(&install).Error
+	return install, err
 }

-func (a *AppInstallRepo) Save(install *model.AppInstall) error {
-	return getDb().Save(&install).Error
+func (a *AppInstallRepo) Create(ctx context.Context, install *model.AppInstall) error {
+	db := getTx(ctx).Model(&model.AppInstall{})
+	return db.Omit(clause.Associations).Create(&install).Error
+}
+
+func (a *AppInstallRepo) Save(ctx context.Context, install *model.AppInstall) error {
+	return getTx(ctx).Save(&install).Error
 }

 func (a *AppInstallRepo) DeleteBy(opts ...DBOption) error {
@@ -112,8 +159,11 @@ type RootInfo struct {
 	ID            uint   `json:"id"`
 	Name          string `json:"name"`
 	Port          int64  `json:"port"`
+	HttpsPort     int64  `json:"httpsPort"`
 	Password      string `json:"password"`
+	UserPassword  string `json:"userPassword"`
 	ContainerName string `json:"containerName"`
+	ServiceName   string `json:"serviceName"`
 	Param         string `json:"param"`
 	Env           string `json:"env"`
 	Key           string `json:"key"`
@@ -142,12 +192,27 @@ func (a *AppInstallRepo) LoadBaseInfo(key string, name string) (*RootInfo, error
 	if err := json.Unmarshal([]byte(appInstall.Env), &envMap); err != nil {
 		return nil, err
 	}
-	password, ok := envMap["PANEL_DB_ROOT_PASSWORD"].(string)
+	switch app.Key {
+	case "mysql":
+		password, ok := envMap["PANEL_DB_ROOT_PASSWORD"].(string)
+		if ok {
+			info.Password = password
+		}
+	case "redis":
+		password, ok := envMap["PANEL_REDIS_ROOT_PASSWORD"].(string)
+		if ok {
+			info.Password = password
+		}
+	}
+
+	userPassword, ok := envMap["PANEL_DB_USER_PASSWORD"].(string)
 	if ok {
-		info.Password = password
+		info.UserPassword = userPassword
 	}
 	info.Port = int64(appInstall.HttpPort)
+	info.HttpsPort = int64(appInstall.HttpsPort)
 	info.ID = appInstall.ID
+	info.ServiceName = appInstall.ServiceName
 	info.ContainerName = appInstall.ContainerName
 	info.Name = appInstall.Name
 	info.Env = appInstall.Env
--- a/backend/app/repo/app_install_resource.go
+++ b/backend/app/repo/app_install_resource.go
@@ -11,6 +11,21 @@ import (
 type AppInstallResourceRpo struct {
 }

+type IAppInstallResourceRpo interface {
+	WithAppInstallId(appInstallId uint) DBOption
+	WithLinkId(linkId uint) DBOption
+	WithResourceId(resourceId uint) DBOption
+	GetBy(opts ...DBOption) ([]model.AppInstallResource, error)
+	GetFirst(opts ...DBOption) (model.AppInstallResource, error)
+	Create(ctx context.Context, resource *model.AppInstallResource) error
+	DeleteBy(ctx context.Context, opts ...DBOption) error
+	BatchUpdateBy(maps map[string]interface{}, opts ...DBOption) error
+}
+
+func NewIAppInstallResourceRpo() IAppInstallResourceRpo {
+	return &AppInstallResourceRpo{}
+}
+
 func (a AppInstallResourceRpo) WithAppInstallId(appInstallId uint) DBOption {
 	return func(db *gorm.DB) *gorm.DB {
 		return db.Where("app_install_id = ?", appInstallId)
@@ -57,3 +72,11 @@ func (a AppInstallResourceRpo) Create(ctx context.Context, resource *model.AppIn
 func (a AppInstallResourceRpo) DeleteBy(ctx context.Context, opts ...DBOption) error {
 	return getTx(ctx, opts...).Delete(&model.AppInstallResource{}).Error
 }
+
+func (a *AppInstallResourceRpo) BatchUpdateBy(maps map[string]interface{}, opts ...DBOption) error {
+	db := getDb(opts...).Model(&model.AppInstallResource{})
+	if len(opts) == 0 {
+		db = db.Where("1=1")
+	}
+	return db.Updates(&maps).Error
+}
--- a/backend/app/repo/app_tag.go
+++ b/backend/app/repo/app_tag.go
@@ -8,6 +8,18 @@ import (
 type AppTagRepo struct {
 }

+type IAppTagRepo interface {
+	BatchCreate(ctx context.Context, tags []*model.AppTag) error
+	DeleteByAppIds(ctx context.Context, appIds []uint) error
+	DeleteAll(ctx context.Context) error
+	GetByAppId(appId uint) ([]model.AppTag, error)
+	GetByTagIds(tagIds []uint) ([]model.AppTag, error)
+}
+
+func NewIAppTagRepo() IAppTagRepo {
+	return &AppTagRepo{}
+}
+
 func (a AppTagRepo) BatchCreate(ctx context.Context, tags []*model.AppTag) error {
 	return getTx(ctx).Create(&tags).Error
 }
--- a/Show More
+++ b/Show More