set random password for admin on first startup unless ADMIN_USER_PASS is set

.env-dist

@@ -11,7 +11,8 @@
 
 # ADMIN_USER_* settings are applied on every startup.
 
-# Set admin user password to this value.
+# Set admin user password to this value. If not set, random password will be
+# generated on first launch, look for it in the 'app' container logs.
 #ADMIN_USER_PASS=
 
 # Sets admin user access level to this value.

README.md

@@ -44,9 +44,10 @@ docker-compose up --build -d
 
 See docker-compose documentation for more information and available options.
 
-#### Default login credentials
+#### Login credentials
 
-Username: `admin`, password: `password`
+You can set both internal 'admin' user password or, alternatively, create a separate user with necessary permissions
+on first launch through the environment, see `.env-dist` for more information.
 
 ### Updating
 

app/startup.sh

@@ -1,4 +1,4 @@
-#!/bin/sh -ex
+#!/bin/sh -e
 
 while ! pg_isready -h $TTRSS_DB_HOST -U $TTRSS_DB_USER; do
 	echo waiting until $TTRSS_DB_HOST is ready...
@@ -129,6 +129,17 @@ sudo -Eu app php8 $DST_DIR/update.php --update-schema=force-yes
 
 if [ ! -z "$ADMIN_USER_PASS" ]; then
 	sudo -Eu app php8 $DST_DIR/update.php --user-set-password "admin:$ADMIN_USER_PASS"
+else
+	if sudo -Eu app php8 $DST_DIR/update.php --user-check-password "admin:password"; then
+		RANDOM_PASS=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 16 ; echo '')
+
+		echo "*****************************************************************************"
+		echo "* Setting initial built-in admin user password to '$RANDOM_PASS'        *"
+		echo "* If you want to set it manually, use ADMIN_USER_PASS environment variable. *"
+		echo "*****************************************************************************"
+
+		sudo -Eu app php8 $DST_DIR/update.php --user-set-password "admin:$RANDOM_PASS"
+	fi
 fi
 
 if [ ! -z "$ADMIN_USER_ACCESS_LEVEL" ]; then