From a35f70aa15fb27d7125b9263f446fecfcc757a9a Mon Sep 17 00:00:00 2001 From: Florent Date: Sat, 2 Mar 2024 23:35:57 +0100 Subject: [PATCH] Generate a default password The default password is obvious and can be dangerous if the administrator installs the app and forget to change it (may happen for many reasons). Instead we generate a strong one and print it after the login, s/he is then free to change it or to keep it. --- doc/POST_INSTALL.md | 8 +++++--- manifest.toml | 2 +- scripts/_common.sh | 5 +++++ scripts/install | 16 +++++++++++++++- 4 files changed, 26 insertions(+), 5 deletions(-) diff --git a/doc/POST_INSTALL.md b/doc/POST_INSTALL.md index 8601988..357fd23 100644 --- a/doc/POST_INSTALL.md +++ b/doc/POST_INSTALL.md @@ -1,4 +1,6 @@ -Default credentials: +Now login to Joplin + - Url: https://__DOMAIN____PATH__ + - Email: admin@localhost + - Password: __ADMIN_PASS__ -Email: admin@localhost -Password: admin \ No newline at end of file +Then you may change the default email and password at this page: https://joplin.local/admin/users diff --git a/manifest.toml b/manifest.toml index 19c982a..3ae4901 100644 --- a/manifest.toml +++ b/manifest.toml @@ -63,7 +63,7 @@ ram.runtime = "50M" main.default = 22300 [resources.apt] - packages = "postgresql, postgresql-client" + packages = "postgresql, postgresql-client, python3-bcrypt" extras.yarn.repo = "deb https://dl.yarnpkg.com/debian/ stable main" extras.yarn.key = "https://dl.yarnpkg.com/debian/pubkey.gpg" extras.yarn.packages = "yarn" diff --git a/scripts/_common.sh b/scripts/_common.sh index 9195d57..c661840 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -10,6 +10,11 @@ nodejs_version=18 # PERSONAL HELPERS #================================================= +function bcrypt_password() { + echo -n "$1" | \ + python3 -c "import bcrypt; import sys; print(bcrypt.hashpw(bytes(sys.stdin.read(), 'ascii'), bcrypt.gensalt(rounds=10)).decode('ascii'))" +} + #================================================= # EXPERIMENTAL HELPERS #================================================= diff --git a/scripts/install b/scripts/install index 2a06a84..8bdd170 100755 --- a/scripts/install +++ b/scripts/install @@ -9,6 +9,9 @@ source _common.sh source /usr/share/yunohost/helpers +admin_pass=$(ynh_string_random --length=24) +ynh_app_setting_set --app=$app --key=admin_pass --value=$admin_pass + #================================================= # INSTALL DEPENDENCIES #================================================= @@ -74,7 +77,18 @@ popd ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Starting services..." + +#================================================= +# CHANGING DEFAULT ADMIN PASSWORD +#================================================= + +ynh_script_progression --message="Changing default admin password..." --weight=1 + +hashed_pwd=$(bcrypt_password "$admin_pass") + +ynh_psql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" <<< \ + "UPDATE users SET password='$hashed_pwd' WHERE email='admin@localhost'" #================================================= # END OF SCRIPT