Fix set_password.rb to chown config.yml to albumen user when run as root

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
author: Ken D'Ambrosio <ken@jots.org> 2026-05-11 05:16:23 +0000
committer: Ken D'Ambrosio <ken@jots.org> 2026-05-11 05:16:23 +0000
commit: 9f586a8db100c586b33f425f7699355bca43f8b4 (patch)
tree: 7e9f0a53cb8047a3fd429cdafc7a231488b34494 /scripts/set_password.rb
parent: 28264e07b32e23b9f812f3946f3358355ff54632 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/scripts/set_password.rb b/scripts/set_password.rb
index 71bdc41..0b83861 100644
--- a/scripts/set_password.rb
+++ b/scripts/set_password.rb
@@ -23,4 +23,13 @@ File.write(tmp, config.to_yaml)
 File.rename(tmp, CONFIG_PATH)
 File.chmod(0o600, CONFIG_PATH)
 
+# Ensure the service user can read the file even when this script is run as root.
+begin
+  require 'etc'
+  pw = Etc.getpwnam('albumen')
+  File.chown(pw.uid, pw.gid, CONFIG_PATH)
+rescue ArgumentError
+  # 'albumen' user doesn't exist (dev environment); leave ownership as-is
+end
+
 puts "Password set. Config written to #{CONFIG_PATH}"
author	Ken D'Ambrosio <ken@jots.org>	2026-05-11 05:16:23 +0000
committer	Ken D'Ambrosio <ken@jots.org>	2026-05-11 05:16:23 +0000
commit	9f586a8db100c586b33f425f7699355bca43f8b4 (patch)
tree	7e9f0a53cb8047a3fd429cdafc7a231488b34494 /scripts/set_password.rb
parent	28264e07b32e23b9f812f3946f3358355ff54632 (diff)