feat: support ADMIN_EMAIL and ADMIN_PASSWORD env vars for initial admin setup

Allow the first-boot admin account to be configured via ADMIN_EMAIL and ADMIN_PASSWORD environment variables. If both are set the account is created with those credentials; otherwise the existing random-password fallback is used. Documented across .env.example, docker-compose.yml, Helm chart (values.yaml, secret.yaml, deployment.yaml), and CLAUDE.md. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-01 23:09:57 +02:00
parent d73a5e223c
commit 50424fc574
6 changed files with 51 additions and 2 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -32,6 +32,8 @@ services:
 #      - OIDC_DISPLAY_NAME=SSO # Label shown on the SSO login button
 #      - OIDC_ONLY=false # Set true to disable local password auth entirely (SSO only)
 #      - OIDC_DISCOVERY_URL= # Override the OIDC discovery endpoint for providers with non-standard paths (e.g. Authentik)
+#      - ADMIN_EMAIL=admin@trek.local # Initial admin e-mail — only used on first boot when no users exist
+#      - ADMIN_PASSWORD=changeme      # Initial admin password — only used on first boot when no users exist
    volumes:
      - ./data:/app/data
      - ./uploads:/app/uploads