diff options
Diffstat (limited to 'scripts/set_password.rb')
| -rw-r--r-- | scripts/set_password.rb | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/scripts/set_password.rb b/scripts/set_password.rb new file mode 100644 index 0000000..71bdc41 --- /dev/null +++ b/scripts/set_password.rb @@ -0,0 +1,26 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true +# Usage: ruby scripts/set_password.rb +# Sets (or resets) the admin password in config.yml. + +require 'bcrypt' +require 'yaml' +require 'securerandom' + +CONFIG_PATH = ENV['CONFIG_PATH'] || '/opt/albumen/config.yml' + +print 'New admin password: ' +STDOUT.flush +password = $stdin.gets&.chomp +abort 'No password given.' if password.nil? || password.strip.empty? + +config = File.exist?(CONFIG_PATH) ? (YAML.load_file(CONFIG_PATH) || {}) : {} +config['admin_password_hash'] = BCrypt::Password.create(password).to_s +config['session_secret'] ||= SecureRandom.hex(32) + +tmp = "#{CONFIG_PATH}.tmp.#{Process.pid}" +File.write(tmp, config.to_yaml) +File.rename(tmp, CONFIG_PATH) +File.chmod(0o600, CONFIG_PATH) + +puts "Password set. Config written to #{CONFIG_PATH}" |