Initial commit — Albumen photo album

Ruby/Sinatra self-hosted photo album with directory hierarchy,
per-photo captions and visibility, lightbox, slideshow, admin UI,
and Let's Encrypt HTTPS via Apache reverse proxy on prouter.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

1 files changed, 26 insertions, 0 deletions

diff --git a/scripts/set_password.rb b/scripts/set_password.rb
new file mode 100644
index 0000000..71bdc41
--- /dev/null
+++ b/scripts/set_password.rb
@@ -0,0 +1,26 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+# Usage: ruby scripts/set_password.rb
+# Sets (or resets) the admin password in config.yml.
+
+require 'bcrypt'
+require 'yaml'
+require 'securerandom'
+
+CONFIG_PATH = ENV['CONFIG_PATH'] || '/opt/albumen/config.yml'
+
+print 'New admin password: '
+STDOUT.flush
+password = $stdin.gets&.chomp
+abort 'No password given.' if password.nil? || password.strip.empty?
+
+config = File.exist?(CONFIG_PATH) ? (YAML.load_file(CONFIG_PATH) || {}) : {}
+config['admin_password_hash'] = BCrypt::Password.create(password).to_s
+config['session_secret']    ||= SecureRandom.hex(32)
+
+tmp = "#{CONFIG_PATH}.tmp.#{Process.pid}"
+File.write(tmp, config.to_yaml)
+File.rename(tmp, CONFIG_PATH)
+File.chmod(0o600, CONFIG_PATH)
+
+puts "Password set. Config written to #{CONFIG_PATH}"