set random password for admin when using default unless ADMIN_USER_PASS is set

2 years ago · c8b2b66402
parent 5a41bb1850
commit c8b2b66402
3 changed files with 19 additions and 5 deletions
--- a/.env-dist
+++ b/.env-dist
@ -11,7 +11,9 @@

 # ADMIN_USER_* settings are applied on every startup.

-# Set admin user password to this value.
+# Set admin user password to this value. If not set, random password will be
+# generated if default password is being used, look for it in the 'app'
+# container logs.
 #ADMIN_USER_PASS=

 # Sets admin user access level to this value.
--- a/README.md
+++ b/README.md
@ -52,18 +52,19 @@ docker-compose pull && docker-compose up -d

 See ``docker-compose`` documentation for more information and available options.

-#### Default login credentials
+#### Login credentials

-Username: `admin`, password: `password`
+You can set both internal 'admin' user password or, alternatively, create a separate user with necessary permissions
+on first launch through the environment, see `.env-dist` for more information.

 ### Updating

 You will need to pull a fresh image from Docker Hub to update tt-rss source code. Working copy
-will be synchronized on startup. 
+will be synchronized on startup.

 [Ouroboros](https://hub.docker.com/r/pyouroboros/ouroboros) or [Watchtower](https://hub.docker.com/r/containrrr/watchtower) easily automates this process.

-If database needs to be updated, tt-rss will prompt you to do so on next page refresh. Normally this happens 
+If database needs to be updated, tt-rss will prompt you to do so on next page refresh. Normally this happens
 automatically on container startup.

 #### Updating container scripts
--- a/src/app/startup.sh
+++ b/src/app/startup.sh
@ -120,6 +120,17 @@ sudo -Eu app php8 $DST_DIR/update.php --update-schema=force-yes

 if [ ! -z "$ADMIN_USER_PASS" ]; then
 	sudo -Eu app php8 $DST_DIR/update.php --user-set-password "admin:$ADMIN_USER_PASS"
+else
+	if sudo -Eu app php8 $DST_DIR/update.php --user-check-password "admin:password"; then
+		RANDOM_PASS=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 16 ; echo '')
+
+		echo "*****************************************************************************"
+		echo "* Setting initial built-in admin user password to '$RANDOM_PASS'        *"
+		echo "* If you want to set it manually, use ADMIN_USER_PASS environment variable. *"
+		echo "*****************************************************************************"
+
+		sudo -Eu app php8 $DST_DIR/update.php --user-set-password "admin:$RANDOM_PASS"
+	fi
 fi

 if [ ! -z "$ADMIN_USER_ACCESS_LEVEL" ]; then