From e9c02c29a50678544bee78301127689727388647 Mon Sep 17 00:00:00 2001
From: Andrew Kingston <andrew@kingston.dev>
Date: Thu, 30 Jun 2022 11:28:52 +0100
Subject: [PATCH 1/4] Add env vars to automatically create initial admin user
 on first run

---
 hosting/.env                                  |  6 ++++-
 hosting/docker-compose.yaml                   |  2 ++
 packages/server/scripts/dev/manage.js         |  2 ++
 packages/server/src/app.ts                    | 25 ++++++++++++++++++-
 packages/server/src/environment.js            |  2 ++
 .../server/src/utilities/workerRequests.js    | 16 ++++++++++++
 6 files changed, 51 insertions(+), 2 deletions(-)

diff --git a/hosting/.env b/hosting/.env
index 39df76d01e..11dd661bf1 100644
--- a/hosting/.env
+++ b/hosting/.env
@@ -18,4 +18,8 @@ MINIO_PORT=4004
 COUCH_DB_PORT=4005
 REDIS_PORT=6379
 WATCHTOWER_PORT=6161
-BUDIBASE_ENVIRONMENT=PRODUCTION
\ No newline at end of file
+BUDIBASE_ENVIRONMENT=PRODUCTION
+
+# An admin user can be automatically created initially if these are set
+BB_ADMIN_USER_EMAIL=
+BB_ADMIN_USER_PASSWORD=
\ No newline at end of file
diff --git a/hosting/docker-compose.yaml b/hosting/docker-compose.yaml
index f9d9eaf1c5..57cbf33709 100644
--- a/hosting/docker-compose.yaml
+++ b/hosting/docker-compose.yaml
@@ -23,6 +23,8 @@ services:
       ENABLE_ANALYTICS: "true"
       REDIS_URL: redis-service:6379
       REDIS_PASSWORD: ${REDIS_PASSWORD}
+      BB_ADMIN_USER_EMAIL: ${BB_ADMIN_USER_EMAIL}
+      BB_ADMIN_USER_PASSWORD: ${BB_ADMIN_USER_PASSWORD}
     depends_on:
       - worker-service
       - redis-service
diff --git a/packages/server/scripts/dev/manage.js b/packages/server/scripts/dev/manage.js
index b5cce1c58b..fc9fde0a02 100644
--- a/packages/server/scripts/dev/manage.js
+++ b/packages/server/scripts/dev/manage.js
@@ -56,6 +56,8 @@ async function init() {
       DISABLE_THREADING: 1,
       SERVICE: "app-service",
       DEPLOYMENT_ENVIRONMENT: "development",
+      BB_ADMIN_USER_EMAIL: "",
+      BB_ADMIN_USER_PASSWORD: "",
     }
     let envFile = ""
     Object.keys(envFileJson).forEach(key => {
diff --git a/packages/server/src/app.ts b/packages/server/src/app.ts
index d19ad1625a..733fa5afdf 100644
--- a/packages/server/src/app.ts
+++ b/packages/server/src/app.ts
@@ -18,7 +18,9 @@ const { logAlert } = require("@budibase/backend-core/logging")
 const { Thread } = require("./threads")
 import redis from "./utilities/redis"
 import * as migrations from "./migrations"
-import { events, installation } from "@budibase/backend-core"
+import { events, installation, tenancy } from "@budibase/backend-core"
+import { createAdminUser, getChecklist } from "./utilities/workerRequests"
+import { DEFAULT_TENANT_ID } from "@budibase/backend-core/dist/src/constants"
 
 const app = new Koa()
 
@@ -110,6 +112,27 @@ module.exports = server.listen(env.PORT || 0, async () => {
     }
   }
 
+  // check and create admin user if required
+  if (
+    env.SELF_HOSTED &&
+    !env.MULTI_TENANCY &&
+    env.BB_ADMIN_USER_EMAIL &&
+    env.BB_ADMIN_USER_PASSWORD
+  ) {
+    const checklist = await getChecklist()
+    if (!checklist?.adminUser?.checked) {
+      await createAdminUser(
+        env.BB_ADMIN_USER_EMAIL,
+        env.BB_ADMIN_USER_PASSWORD,
+        "default"
+      )
+      console.log(
+        "Admin account automatically created for",
+        env.BB_ADMIN_USER_EMAIL
+      )
+    }
+  }
+
   // check for version updates
   await installation.checkInstallVersion()
 
diff --git a/packages/server/src/environment.js b/packages/server/src/environment.js
index bf7e7f4709..cba81d913e 100644
--- a/packages/server/src/environment.js
+++ b/packages/server/src/environment.js
@@ -74,6 +74,8 @@ module.exports = {
   DYNAMO_ENDPOINT: process.env.DYNAMO_ENDPOINT,
   QUERY_THREAD_TIMEOUT: parseIntSafe(process.env.QUERY_THREAD_TIMEOUT),
   SQL_MAX_ROWS: process.env.SQL_MAX_ROWS,
+  BB_ADMIN_USER_EMAIL: process.env.BB_ADMIN_USER_EMAIL,
+  BB_ADMIN_USER_PASSWORD: process.env.BB_ADMIN_USER_PASSWORD,
   // flags
   ALLOW_DEV_AUTOMATIONS: process.env.ALLOW_DEV_AUTOMATIONS,
   DISABLE_THREADING: process.env.DISABLE_THREADING,
diff --git a/packages/server/src/utilities/workerRequests.js b/packages/server/src/utilities/workerRequests.js
index 1ee975f13e..cbecb2c4b5 100644
--- a/packages/server/src/utilities/workerRequests.js
+++ b/packages/server/src/utilities/workerRequests.js
@@ -137,3 +137,19 @@ exports.readGlobalUser = async ctx => {
   )
   return checkResponse(response, "get user", { ctx })
 }
+
+exports.createAdminUser = async (email, password, tenantId) => {
+  const response = await fetch(
+    checkSlashesInUrl(env.WORKER_URL + "/api/global/users/init"),
+    request(null, { method: "POST", body: { email, password, tenantId } })
+  )
+  return checkResponse(response, "create admin user")
+}
+
+exports.getChecklist = async () => {
+  const response = await fetch(
+    checkSlashesInUrl(env.WORKER_URL + "/api/global/configs/checklist"),
+    request(null, { method: "GET" })
+  )
+  return checkResponse(response, "get checklist")
+}

From f1a42dfd07613616fe550cbacbc74e6510c79cb7 Mon Sep 17 00:00:00 2001
From: Andrew Kingston <andrew@kingston.dev>
Date: Thu, 30 Jun 2022 11:34:41 +0100
Subject: [PATCH 2/4] Add env vars to hosting.properties and helm chart

---
 charts/budibase/templates/app-service-deployment.yaml | 4 ++++
 hosting/hosting.properties                            | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/charts/budibase/templates/app-service-deployment.yaml b/charts/budibase/templates/app-service-deployment.yaml
index ddc725d302..27a4dea654 100644
--- a/charts/budibase/templates/app-service-deployment.yaml
+++ b/charts/budibase/templates/app-service-deployment.yaml
@@ -122,6 +122,10 @@ spec:
           value: {{ .Values.globals.automationMaxIterations | quote }}
         - name: TENANT_FEATURE_FLAGS
           value: {{ .Values.globals.tenantFeatureFlags | quote }}
+        - name: BB_ADMIN_USER_EMAIL
+          value: { { .Values.globals.bbAdminUserEmail | quote } }
+        - name: BB_ADMIN_USER_PASSWORD
+          value: { { .Values.globals.bbAdminUserPassword | quote } }
 
         image: budibase/apps:{{ .Values.globals.appVersion }}
         imagePullPolicy: Always
diff --git a/hosting/hosting.properties b/hosting/hosting.properties
index c8e2f5c606..11dd661bf1 100644
--- a/hosting/hosting.properties
+++ b/hosting/hosting.properties
@@ -19,3 +19,7 @@ COUCH_DB_PORT=4005
 REDIS_PORT=6379
 WATCHTOWER_PORT=6161
 BUDIBASE_ENVIRONMENT=PRODUCTION
+
+# An admin user can be automatically created initially if these are set
+BB_ADMIN_USER_EMAIL=
+BB_ADMIN_USER_PASSWORD=
\ No newline at end of file

From a98192ba5705f7b79fa56098239a463b0f661f01 Mon Sep 17 00:00:00 2001
From: Andrew Kingston <andrew@kingston.dev>
Date: Thu, 30 Jun 2022 11:40:52 +0100
Subject: [PATCH 3/4] Wrap admin user creation in a try/catch to provider
 better info in case of an error

---
 packages/server/src/app.ts | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/packages/server/src/app.ts b/packages/server/src/app.ts
index 733fa5afdf..a59b4fb77a 100644
--- a/packages/server/src/app.ts
+++ b/packages/server/src/app.ts
@@ -121,15 +121,20 @@ module.exports = server.listen(env.PORT || 0, async () => {
   ) {
     const checklist = await getChecklist()
     if (!checklist?.adminUser?.checked) {
-      await createAdminUser(
-        env.BB_ADMIN_USER_EMAIL,
-        env.BB_ADMIN_USER_PASSWORD,
-        "default"
-      )
-      console.log(
-        "Admin account automatically created for",
-        env.BB_ADMIN_USER_EMAIL
-      )
+      try {
+        await createAdminUser(
+          env.BB_ADMIN_USER_EMAIL,
+          env.BB_ADMIN_USER_PASSWORD,
+          "default"
+        )
+        console.log(
+          "Admin account automatically created for",
+          env.BB_ADMIN_USER_EMAIL
+        )
+      } catch (e) {
+        logAlert("Error creating initial admin user. Exiting.", e)
+        shutdown()
+      }
     }
   }
 

From ea7d3c4b99adc98a0eaaebfc3185c3caa34a7d25 Mon Sep 17 00:00:00 2001
From: Martin McKeaveney <martinmckeaveney@gmail.com>
Date: Mon, 4 Jul 2022 18:11:40 +0100
Subject: [PATCH 4/4] PR comments

---
 packages/server/src/app.ts | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/packages/server/src/app.ts b/packages/server/src/app.ts
index a59b4fb77a..66a8e6e048 100644
--- a/packages/server/src/app.ts
+++ b/packages/server/src/app.ts
@@ -20,7 +20,7 @@ import redis from "./utilities/redis"
 import * as migrations from "./migrations"
 import { events, installation, tenancy } from "@budibase/backend-core"
 import { createAdminUser, getChecklist } from "./utilities/workerRequests"
-import { DEFAULT_TENANT_ID } from "@budibase/backend-core/dist/src/constants"
+import { tenantSucceeded } from "@budibase/backend-core/dist/src/events/publishers/backfill"
 
 const app = new Koa()
 
@@ -122,10 +122,11 @@ module.exports = server.listen(env.PORT || 0, async () => {
     const checklist = await getChecklist()
     if (!checklist?.adminUser?.checked) {
       try {
+        const tenantId = tenancy.getTenantId()
         await createAdminUser(
           env.BB_ADMIN_USER_EMAIL,
           env.BB_ADMIN_USER_PASSWORD,
-          "default"
+          tenantId
         )
         console.log(
           "Admin account automatically created for",