added default admin password
This commit is contained in:
parent
a4edecec13
commit
b5acfd67ce
10
README.md
10
README.md
|
|
@ -84,6 +84,8 @@ Use the pre-built image directly from GHCR - no building required!
|
||||||
> # Now you have everything - run docker-compose below
|
> # Now you have everything - run docker-compose below
|
||||||
> ```
|
> ```
|
||||||
|
|
||||||
|
> **🔐 Security Note**: Authentication is **enabled by default** with password `admin`. For testing/local use, this is fine. If exposing to a network, **change the password immediately** - see [AUTHENTICATION.md](data/notes/AUTHENTICATION.md) for instructions.
|
||||||
|
|
||||||
**Option 1: Docker Compose (Recommended)**
|
**Option 1: Docker Compose (Recommended)**
|
||||||
|
|
||||||
> 💡 **Multi-Architecture Support**: Docker images are available for both `x86_64` and `ARM64` (Raspberry Pi, Apple Silicon, etc.)
|
> 💡 **Multi-Architecture Support**: Docker images are available for both `x86_64` and `ARM64` (Raspberry Pi, Apple Silicon, etc.)
|
||||||
|
|
@ -224,9 +226,11 @@ NoteDiscovery is designed for **self-hosted, private use**. Please keep these se
|
||||||
- By default, the app listens on `0.0.0.0:8000` (all network interfaces)
|
- By default, the app listens on `0.0.0.0:8000` (all network interfaces)
|
||||||
|
|
||||||
### Authentication
|
### Authentication
|
||||||
- **Optional password protection** is available (disabled by default)
|
- **Password protection is ENABLED by default** with password: `admin`
|
||||||
- See **AUTHENTICATION.md** for setup instructions
|
- ⚠️ **CHANGE THE DEFAULT PASSWORD IMMEDIATELY** if exposing to a network!
|
||||||
- Simple to enable with Docker: `docker-compose exec notediscovery /app/generate_password_hash.sh`
|
- See **[AUTHENTICATION.md](data/notes/AUTHENTICATION.md)** for complete setup instructions
|
||||||
|
- To disable auth, set `security.enabled: false` in `config.yaml`
|
||||||
|
- Change password with Docker: `docker-compose exec notediscovery /app/generate_password_hash.sh`
|
||||||
- Perfect for single-user or small team deployments
|
- Perfect for single-user or small team deployments
|
||||||
- For multi-user setups, consider a reverse proxy with OAuth/SSO
|
- For multi-user setups, consider a reverse proxy with OAuth/SSO
|
||||||
|
|
||||||
|
|
|
||||||
10
config.yaml
10
config.yaml
|
|
@ -29,14 +29,20 @@ security:
|
||||||
secret_key: "change_this_to_a_random_secret_key_in_production"
|
secret_key: "change_this_to_a_random_secret_key_in_production"
|
||||||
|
|
||||||
# Password hash - Generate with: python generate_password.py
|
# Password hash - Generate with: python generate_password.py
|
||||||
|
# ⚠️ WARNING: The default hash below corresponds to password "admin"
|
||||||
|
# ⚠️ CHANGE THIS IMMEDIATELY in production!
|
||||||
|
#
|
||||||
# INSTRUCTIONS:
|
# INSTRUCTIONS:
|
||||||
# 1. Run: pip install bcrypt
|
# 1. Run: pip install bcrypt
|
||||||
# 2. Run: python generate_password.py
|
# 2. Run: python generate_password.py
|
||||||
# 3. Enter your desired password
|
# 3. Enter your desired password
|
||||||
# 4. Copy the generated hash below
|
# 4. Copy the generated hash below
|
||||||
# 5. Set enabled: true above
|
# 5. ALSO change secret_key above
|
||||||
# 6. Restart the application
|
# 6. Restart the application
|
||||||
password_hash: "$2b$12$t/6PGExFzdpU2PUta0iVY.eDQwvu63kH.c/d4bEnnHaQ5CspH1yrG"
|
#
|
||||||
|
# Docker users can generate a hash with:
|
||||||
|
# docker-compose exec notediscovery /app/generate_password_hash.sh
|
||||||
|
password_hash: "$2b$12$t/6PGExFzdpU2PUta0iVY.eDQwvu63kH.c/d4bEnnHaQ5CspH1yrG" # Default: "admin"
|
||||||
|
|
||||||
# Session expiry in seconds (default: 7 days)
|
# Session expiry in seconds (default: 7 days)
|
||||||
session_max_age: 604800
|
session_max_age: 604800
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,15 @@
|
||||||
# 🔒 NoteDiscovery Authentication Guide
|
# 🔒 NoteDiscovery Authentication Guide
|
||||||
|
|
||||||
|
## ⚠️ **IMPORTANT: Default Password Warning**
|
||||||
|
|
||||||
|
> **The default `config.yaml` includes authentication enabled with password: `admin`**
|
||||||
|
>
|
||||||
|
> 🔴 **CHANGE THIS IMMEDIATELY if you're exposing NoteDiscovery to a network!**
|
||||||
|
>
|
||||||
|
> The default configuration is provided for **quick testing only**. Follow the setup guide below to set your own secure password and secret key.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Overview
|
## Overview
|
||||||
|
|
||||||
NoteDiscovery includes a simple, secure authentication system for single-user deployments. When enabled, users must log in with a password before accessing the application.
|
NoteDiscovery includes a simple, secure authentication system for single-user deployments. When enabled, users must log in with a password before accessing the application.
|
||||||
|
|
@ -16,7 +26,30 @@ NoteDiscovery includes a simple, secure authentication system for single-user de
|
||||||
|
|
||||||
## 🚀 Quick Setup
|
## 🚀 Quick Setup
|
||||||
|
|
||||||
**⚠️ IMPORTANT:** Authentication is **disabled by default**. Follow these steps to enable it:
|
**Default Configuration:**
|
||||||
|
- Authentication is **enabled by default**
|
||||||
|
- Default password is `admin`
|
||||||
|
- Default secret key is insecure
|
||||||
|
|
||||||
|
**⚠️ IMPORTANT:** For production or network-exposed deployments, **change both the password and secret key immediately**. Follow these steps:
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
### 🧪 **Quick Test (Use Default Password)**
|
||||||
|
|
||||||
|
For **local testing only**, you can use the default configuration:
|
||||||
|
|
||||||
|
1. Start NoteDiscovery (Docker or locally)
|
||||||
|
2. Navigate to `http://localhost:8000`
|
||||||
|
3. Log in with password: `admin`
|
||||||
|
|
||||||
|
**⚠️ Only use this for local testing on your own machine!**
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
### 🔒 **Production Setup (Change Password & Secret Key)**
|
||||||
|
|
||||||
|
For any deployment exposed to a network, follow these steps:
|
||||||
|
|
||||||
### Step 1: Generate a Password Hash
|
### Step 1: Generate a Password Hash
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue