fix(deploy): login 500s on fresh container
Two bugs kept a fresh docker-compose deploy from ever accepting admin:admin:
1. resolveSqliteUrl in packages/db/src/client.ts stripped leading slashes
wholesale — so file:/data/vector.db became a relative path and was
resolved against packages/db/prisma/. Prisma CLI (migrate deploy)
correctly wrote to /data/vector.db on the mounted volume; the app's
runtime client connected to an empty file at packages/db/prisma/data/
vector.db with no tables, so login threw. The helper now passes Unix
absolute paths through verbatim, still normalizes file:/// triple-
slash URLs, and only resolves truly relative paths against the schema
dir.
2. The Dockerfile CMD ran migrations but not a seed, so even when the
path bug is fixed the User table is empty — admin:admin 401s forever.
Added packages/db/ensure-admin.mjs (pure JS, no tsx needed) that
creates the default admin user iff User.count() === 0, and wired it
into the API CMD between migrate deploy and node. Credentials can be
overridden with SEED_ADMIN_{USERNAME,PASSWORD,EMAIL}.
This commit is contained in:
@@ -0,0 +1,30 @@
|
||||
// Bootstrap seed run at container start. Creates a default admin user
|
||||
// when the User table is empty so a fresh deployment has something to
|
||||
// log into. Subsequent boots see an existing user and skip silently.
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { prisma } from './dist/client.js';
|
||||
|
||||
try {
|
||||
const count = await prisma.user.count();
|
||||
if (count === 0) {
|
||||
const username = process.env.SEED_ADMIN_USERNAME ?? 'admin';
|
||||
const password = process.env.SEED_ADMIN_PASSWORD ?? 'admin';
|
||||
const email = process.env.SEED_ADMIN_EMAIL ?? 'admin@vector.local';
|
||||
await prisma.user.create({
|
||||
data: {
|
||||
username,
|
||||
email,
|
||||
passwordHash: await bcrypt.hash(password, 12),
|
||||
role: 'ADMIN',
|
||||
},
|
||||
});
|
||||
console.log(`[seed] Created default admin user "${username}". Change this password immediately.`);
|
||||
} else {
|
||||
console.log(`[seed] ${count} user(s) already exist — skipping default admin seed.`);
|
||||
}
|
||||
} catch (err) {
|
||||
console.error('[seed] Failed to ensure admin user:', err);
|
||||
process.exit(1);
|
||||
} finally {
|
||||
await prisma.$disconnect();
|
||||
}
|
||||
@@ -9,13 +9,22 @@ declare global {
|
||||
|
||||
function resolveSqliteUrl(raw: string | undefined): string | undefined {
|
||||
if (!raw || !raw.startsWith('file:')) return raw;
|
||||
const rest = raw.slice('file:'.length).replace(/^\/+/, '');
|
||||
if (path.isAbsolute(rest) || /^[A-Za-z]:[\\/]/.test(rest)) {
|
||||
return 'file:' + rest.replace(/\\/g, '/');
|
||||
}
|
||||
let body = raw.slice('file:'.length);
|
||||
|
||||
// file:///unix/path is equivalent to file:/unix/path; collapse the host part.
|
||||
if (body.startsWith('///')) body = body.slice(2);
|
||||
|
||||
// Windows: "/C:/..." → "C:/..." , then any backslashes to forward slashes.
|
||||
const win = body.match(/^\/?([A-Za-z]:[\\/].*)$/);
|
||||
if (win?.[1]) return 'file:' + win[1].replace(/\\/g, '/');
|
||||
|
||||
// Unix absolute (e.g. "/data/vector.db") — pass through verbatim.
|
||||
if (body.startsWith('/')) return 'file:' + body;
|
||||
|
||||
// Relative — resolve against the schema dir so dev's default (file:./dev.db) keeps working.
|
||||
const here = path.dirname(fileURLToPath(import.meta.url));
|
||||
const schemaDir = path.resolve(here, '..', 'prisma');
|
||||
const absolute = path.resolve(schemaDir, rest);
|
||||
const absolute = path.resolve(schemaDir, body);
|
||||
return 'file:' + absolute.replace(/\\/g, '/');
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user