christoph/pamietnik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

admin benutzer wird intial angelegt

Browse Source
This commit is contained in:
Christoph K.
2026-04-09 22:17:25 +02:00
parent 735419662c
commit 1ce2f5aa47
4 changed files with 50 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.gitea/workflows/deploy.yml
View File

@@ -23,7 +23,12 @@ jobs:
fi fi
- name: Write .env - name: Write .env
run: printf 'DB_PASSWORD=%s\n' '${{ secrets.DB_PASSWORD }}' > ${{ vars.DEPLOY_DIR }}/.env run: |
printf 'DB_PASSWORD=%s\nADMIN_USER=%s\nADMIN_PASSWORD=%s\n' \
'${{ secrets.DB_PASSWORD }}' \
'${{ vars.ADMIN_USER }}' \
'${{ secrets.ADMIN_PASSWORD }}' \
> ${{ vars.DEPLOY_DIR }}/.env
- name: Build & Deploy - name: Build & Deploy
run: docker compose -f ${{ vars.DEPLOY_DIR }}/docker-compose.yml up --build -d run: docker compose -f ${{ vars.DEPLOY_DIR }}/docker-compose.yml up --build -d

21
backend/cmd/server/main.go
View File

@@ -39,6 +39,27 @@ func main() {
} }
slog.Info("schema ready") slog.Info("schema ready")
if adminUser := os.Getenv("ADMIN_USER"); adminUser != "" {
adminPass := os.Getenv("ADMIN_PASSWORD")
if adminPass == "" {
slog.Error("ADMIN_USER set but ADMIN_PASSWORD is empty")
os.Exit(1)
}
hash, err := auth.HashPassword(adminPass)
if err != nil {
slog.Error("hash admin password", "err", err)
os.Exit(1)
}
created, err := db.SeedAdminUser(ctx, pool, adminUser, hash)
if err != nil {
slog.Error("seed admin user", "err", err)
os.Exit(1)
}
if created {
slog.Info("admin user created", "username", adminUser)
}
}
if err := os.MkdirAll(uploadDir, 0o755); err != nil { if err := os.MkdirAll(uploadDir, 0o755); err != nil {
slog.Error("create upload dir", "err", err) slog.Error("create upload dir", "err", err)
os.Exit(1) os.Exit(1)

21
backend/internal/db/users.go
View File

@@ -2,6 +2,7 @@ package db
import ( import (
"context" "context"
"fmt"
"github.com/jackc/pgx/v5/pgxpool" "github.com/jackc/pgx/v5/pgxpool"
@@ -16,6 +17,26 @@ func NewUserStore(pool *pgxpool.Pool) *UserStore {
return &UserStore{pool: pool} return &UserStore{pool: pool}
} }
// SeedAdminUser creates an admin user if no users exist yet.
// Returns (true, nil) if the user was created, (false, nil) if users already exist.
func SeedAdminUser(ctx context.Context, pool *pgxpool.Pool, username, passwordHash string) (bool, error) {
var count int
if err := pool.QueryRow(ctx, `SELECT COUNT(*) FROM users`).Scan(&count); err != nil {
return false, fmt.Errorf("count users: %w", err)
}
if count > 0 {
return false, nil
}
_, err := pool.Exec(ctx,
`INSERT INTO users (username, password_hash, is_admin) VALUES ($1, $2, true)`,
username, passwordHash,
)
if err != nil {
return false, fmt.Errorf("insert admin: %w", err)
}
return true, nil
}
// ListUsers returns all users ordered by created_at. // ListUsers returns all users ordered by created_at.
func (s *UserStore) ListUsers(ctx context.Context) ([]domain.User, error) { func (s *UserStore) ListUsers(ctx context.Context) ([]domain.User, error) {
rows, err := s.pool.Query(ctx, rows, err := s.pool.Query(ctx,

2
docker-compose.yml
View File

@@ -11,6 +11,8 @@ services:
DATABASE_URL: postgres://${DB_USER:-pamietnik}:${DB_PASSWORD:?DB_PASSWORD is required}@host-gateway:5433/${DB_NAME:-pamietnik}?sslmode=disable DATABASE_URL: postgres://${DB_USER:-pamietnik}:${DB_PASSWORD:?DB_PASSWORD is required}@host-gateway:5433/${DB_NAME:-pamietnik}?sslmode=disable
LISTEN_ADDR: :8080 LISTEN_ADDR: :8080
UPLOAD_DIR: /uploads UPLOAD_DIR: /uploads
ADMIN_USER: ${ADMIN_USER:-}
ADMIN_PASSWORD: ${ADMIN_PASSWORD:-}
volumes: volumes:
- /volume2/docker/pamietnik/uploads:/uploads - /volume2/docker/pamietnik/uploads:/uploads
restart: unless-stopped restart: unless-stopped