Vector/packages/db/ensure-admin.mjs

// Bootstrap seed run at container start. Creates a default admin user
// when the User table is empty so a fresh deployment has something to
// log into. Subsequent boots see an existing user and skip silently.
import bcrypt from 'bcryptjs';
import { prisma } from './dist/client.js';

try {
  const count = await prisma.user.count();
  if (count === 0) {
    const username = process.env.SEED_ADMIN_USERNAME ?? 'admin';
    const password = process.env.SEED_ADMIN_PASSWORD ?? 'admin';
    const email = process.env.SEED_ADMIN_EMAIL ?? 'admin@vector.local';
    await prisma.user.create({
      data: {
        username,
        email,
        passwordHash: await bcrypt.hash(password, 12),
        role: 'ADMIN',
      },
    });
    console.log(`[seed] Created default admin user "${username}". Change this password immediately.`);
  } else {
    console.log(`[seed] ${count} user(s) already exist — skipping default admin seed.`);
  }
} catch (err) {
  console.error('[seed] Failed to ensure admin user:', err);
  process.exit(1);
} finally {
  await prisma.$disconnect();
}