github/TREK
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: support ADMIN_EMAIL and ADMIN_PASSWORD env vars for initial admin setup

Browse Source 
Allow the first-boot admin account to be configured via ADMIN_EMAIL and
ADMIN_PASSWORD environment variables. If both are set the account is created
with those credentials; otherwise the existing random-password fallback is
used. Documented across .env.example, docker-compose.yml, Helm chart
(values.yaml, secret.yaml, deployment.yaml), and CLAUDE.md.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
jubnl
2026-04-01 23:09:57 +02:00
parent d73a5e223c
commit 50424fc574
6 changed files with 51 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
server/src/db/seeds.ts
View File

@@ -22,9 +22,21 @@ function seedAdminAccount(db: Database.Database): void {
}
const bcrypt = require('bcryptjs');
const password = crypto.randomBytes(12).toString('base64url');
const env_admin_email = process.env.ADMIN_EMAIL;
const env_admin_pw = process.env.ADMIN_PASSWORD;
let password;
let email;
if (env_admin_email && env_admin_pw) {
password = env_admin_pw;
email = env_admin_email;
} else {
password = crypto.randomBytes(12).toString('base64url');
email = 'admin@trek.local';
}
const hash = bcrypt.hashSync(password, 12);
const email = 'admin@trek.local';
const username = 'admin';
db.prepare('INSERT INTO users (username, email, password_hash, role, must_change_password) VALUES (?, ?, ?, ?, 1)').run(username, email, hash, 'admin');