data provider: remove default admin

you need to load initial data or set "create_default_admin" to true and the appropriate env vars if you don't want to use the web admin setup screen to create the default admin
2024-11-25 00:50:31 +00:00 · 2021-08-20 10:37:51 +02:00 · 2021-08-20 10:37:51 +02:00 · b903a6e46f
commit b903a6e46f
parent bcf088f586
8 changed files with 22 additions and 14 deletions
--- a/common/protocol_test.go
+++ b/common/protocol_test.go
@ -62,6 +62,8 @@ func TestMain(m *testing.M) {
 	logger.InitLogger(logFilePath, 5, 1, 28, false, zerolog.DebugLevel)

 	os.Setenv("SFTPGO_DATA_PROVIDER__CREATE_DEFAULT_ADMIN", "1")
+	os.Setenv("SFTPGO_DEFAULT_ADMIN_USERNAME", "admin")
+	os.Setenv("SFTPGO_DEFAULT_ADMIN_PASSWORD", "password")
 	err := config.LoadConfig(configDir, "")
 	if err != nil {
 		logger.ErrorToConsole("error loading configuration: %v", err)
--- a/dataprovider/admin.go
+++ b/dataprovider/admin.go
@ -272,19 +272,15 @@ func (a *Admin) getACopy() Admin {
 	}
 }

-// setDefaults sets the appropriate value for the default admin
-func (a *Admin) setDefaults() {
-	envUsername := strings.TrimSpace(os.Getenv(`SFTPGO_DEFAULT_ADMIN_USERNAME`))
-	envPassword := strings.TrimSpace(os.Getenv(`SFTPGO_DEFAULT_ADMIN_PASSWORD`))
-
-	a.Username = "admin"
-	if envUsername != "" {
-		a.Username = envUsername
-	}
-	a.Password = "password"
-	if envPassword != "" {
-		a.Password = envPassword
+func (a *Admin) setFromEnv() error {
+	envUsername := strings.TrimSpace(os.Getenv("SFTPGO_DEFAULT_ADMIN_USERNAME"))
+	envPassword := strings.TrimSpace(os.Getenv("SFTPGO_DEFAULT_ADMIN_PASSWORD"))
+	if envUsername == "" || envPassword == "" {
+		return errors.New(`to create the default admin you need to set the env vars "SFTPGO_DEFAULT_ADMIN_USERNAME" and "SFTPGO_DEFAULT_ADMIN_PASSWORD"`)
 	}
+	a.Username = envUsername
+	a.Password = envPassword
 	a.Status = 1
 	a.Permissions = []string{PermAdminAny}
+	return nil
 }
--- a/dataprovider/dataprovider.go
+++ b/dataprovider/dataprovider.go
@ -580,7 +580,9 @@ func checkDefaultAdmin() error {
 	logger.Debug(logSender, "", "no admins found, try to create the default one")
 	// we need to create the default admin
 	admin := &Admin{}
-	admin.setDefaults()
+	if err := admin.setFromEnv(); err != nil {
+		return err
+	}
 	return provider.addAdmin(admin)
 }

--- a/docs/full-configuration.md
+++ b/docs/full-configuration.md
@ -201,7 +201,7 @@ The configuration file contains the following sections:
  - `password_caching`, boolean. Verifying argon2id passwords has a high memory and computational cost, verifying bcrypt passwords has a high computational cost, by enabling, in memory, password caching you reduce these costs. Default: `true`
  - `update_mode`, integer. Defines how the database will be initialized/updated. 0 means automatically. 1 means manually using the initprovider sub-command.
  - `skip_natural_keys_validation`, boolean. If `true` you can use any UTF-8 character for natural keys as username, admin name, folder name. These keys are used in URIs for REST API and Web admin. If `false` only unreserved URI characters are allowed: ALPHA / DIGIT / "-" / "." / "_" / "~". Default: `false`.
-  - `create_default_admin`, boolean. If enabled, a default admin user with username `admin` and password `password` will be created on first start. The default values can be overridden using the environment variables `SFTPGO_DEFAULT_ADMIN_USERNAME` and `SFTPGO_DEFAULT_ADMIN_PASSWORD`. You can also create the first admin user by using the web interface or by loading initial data. Default `false`.
+  - `create_default_admin`, boolean. Before you can use SFTPGo you need to create an admin account. If you open the admin web UI, a setup screen will guide you in creating the first admin account. You can automatically create the first admin account by enabling this setting and setting the environment variables `SFTPGO_DEFAULT_ADMIN_USERNAME` and `SFTPGO_DEFAULT_ADMIN_PASSWORD`. You can also create the first admin by loading initial data. This setting has no effect if an admin account is already found within the data provider. Default `false`.
  - `is_shared`, integer. If the data provider is shared across multiple SFTPGo instances, set this parameter to `1`. `MySQL`, `PostgreSQL` and `CockroachDB` can be shared, this setting is ignored for other data providers. For shared data providers, SFTPGo periodically reloads the latest updated users, based on the `updated_at` field, and updates its internal caches if users are updated from a different instance. This check, if enabled, is executed every 10 minutes. Default: `0`.
 - **"httpd"**, the configuration for the HTTP server used to serve REST API and to expose the built-in web interface
  - `bindings`, list of structs. Each struct has the following fields:
--- a/ftpd/ftpd_test.go
+++ b/ftpd/ftpd_test.go
@ -254,6 +254,8 @@ func TestMain(m *testing.M) {
 	// work in non atomic mode too
 	os.Setenv("SFTPGO_COMMON__UPLOAD_MODE", "2")
 	os.Setenv("SFTPGO_DATA_PROVIDER__CREATE_DEFAULT_ADMIN", "1")
+	os.Setenv("SFTPGO_DEFAULT_ADMIN_USERNAME", "admin")
+	os.Setenv("SFTPGO_DEFAULT_ADMIN_PASSWORD", "password")
 	err = config.LoadConfig(configDir, "")
 	if err != nil {
 		logger.ErrorToConsole("error loading configuration: %v", err)
--- a/httpd/httpd_test.go
+++ b/httpd/httpd_test.go
@ -196,6 +196,8 @@ func TestMain(m *testing.M) {
 	logger.InitLogger(logfilePath, 5, 1, 28, false, zerolog.DebugLevel)
 	os.Setenv("SFTPGO_COMMON__UPLOAD_MODE", "2")
 	os.Setenv("SFTPGO_DATA_PROVIDER__CREATE_DEFAULT_ADMIN", "1")
+	os.Setenv("SFTPGO_DEFAULT_ADMIN_USERNAME", "admin")
+	os.Setenv("SFTPGO_DEFAULT_ADMIN_PASSWORD", "password")
 	err := config.LoadConfig(configDir, "")
 	if err != nil {
 		logger.WarnToConsole("error loading configuration: %v", err)
--- a/sftpd/sftpd_test.go
+++ b/sftpd/sftpd_test.go
@ -151,6 +151,8 @@ func TestMain(m *testing.M) {
 	}
 	os.Setenv("SFTPGO_COMMON__UPLOAD_MODE", "2")
 	os.Setenv("SFTPGO_DATA_PROVIDER__CREATE_DEFAULT_ADMIN", "1")
+	os.Setenv("SFTPGO_DEFAULT_ADMIN_USERNAME", "admin")
+	os.Setenv("SFTPGO_DEFAULT_ADMIN_PASSWORD", "password")
 	err = config.LoadConfig(configDir, "")
 	if err != nil {
 		logger.ErrorToConsole("error loading configuration: %v", err)
--- a/webdavd/webdavd_test.go
+++ b/webdavd/webdavd_test.go
@ -250,6 +250,8 @@ func TestMain(m *testing.M) {
 	logFilePath = filepath.Join(configDir, "sftpgo_webdavd_test.log")
 	logger.InitLogger(logFilePath, 5, 1, 28, false, zerolog.DebugLevel)
 	os.Setenv("SFTPGO_DATA_PROVIDER__CREATE_DEFAULT_ADMIN", "1")
+	os.Setenv("SFTPGO_DEFAULT_ADMIN_USERNAME", "admin")
+	os.Setenv("SFTPGO_DEFAULT_ADMIN_PASSWORD", "password")
 	err := config.LoadConfig(configDir, "")
 	if err != nil {
 		logger.ErrorToConsole("error loading configuration: %v", err)