Keysat
5f7b3b6b7a
Security: shipping admin@local / workout123 as a default that the
operator was supposed-to-rotate-but-might-not is the kind of footgun
that turns into "default-credential exposure" headlines. Eliminated.
prisma/seed.ts now ONLY seeds the InstanceSettings singleton — no
admin user, no UserPreferences, no exercises in the build-time
fallback DB. The image still ships with prisma/exercises.seed.json
(curated 164-exercise library) but those rows aren't inserted until
an admin is created via the StartOS Action.
The change-admin-credentials Action now does INSERT-or-UPDATE in one
shot. CREATE mode (no admin exists) inserts the User row, inserts
UserPreferences with sensible defaults, and runs
ensureExerciseLibrary.cjs for the new admin so they don't have to
wait for the next service start to see the curated library. UPDATE
mode (admin exists) keeps the v1.0.0:1-3 rotation behavior. The
mode is auto-detected by counting `WHERE isAdmin = 1`.
The login page is now a server component that reads the admin count
upfront. Zero admins -> renders a "needs setup" panel pointing at
the StartOS Action ("Services -> Proof of Work -> Actions -> Set
admin credentials"). Otherwise renders the existing LoginForm
(extracted to LoginForm.tsx). Eliminates the
"I tried admin@local/workout123 and it failed, what's wrong"
fresh-installer confusion.
Backward compatible for upgrades from v1.0.0:1-3:
- /data already has an admin user; the no-admin detection never
triggers; login behaves identically to before.
- The Action's UPDATE mode still works for rotation.
Version graph: v1.0.0:4 promoted to current; v1.0.0:1, :2, :3 all
listed as `other` for in-place upgrade paths.
README updated to call out the explicit no-default-account design
and how to bootstrap an admin in local dev (Prisma Studio, since
the StartOS action isn't available off-StartOS).
Proof of Work on StartOS 0.4 (migration package)
This directory packages Proof of Work (proof-of-work) for StartOS 0.4
beta. It is the cutover package that carries your 0.3.5 data across to a new
x86_64 StartOS 0.4 host.
Upstream app lives at
../../proof-of-work/in this repo. Legacy 0.3.5 package lives at../0.3.5/(kept intact; do not modify). Codex's WIP 0.4 scaffold lives at../0.4/(kept intact; superseded by this folder).
Goals
- Keep the package id
proof-of-workso StartOS recognizes it as the same service. - Keep the persistent data volume
mainmounted at/data. - Keep the SQLite database at
/data/app.db. - Preserve every existing workout, set, exercise, and preference.
- Ship x86_64 only for 0.4 beta (sideload target).
How data preservation works
seed/data/app.dbholds a one-time snapshot of/datafrom the live 0.3.5 host (currently 1 user, 348 workouts, 164 exercises, 5720 set logs).- The
Dockerfilebakes that snapshot into the image at/app/seed/data/. - On first boot only —
/data/app.dbmissing AND/data/.seededabsent —docker_entrypoint.shcopies the seed into/data/and writes a.seededmarker. - On every subsequent boot,
/data/is the sole source of truth; the seed in the image is ignored.
See seed/README.md for the snapshot provenance and row counts.
Image runtime
| Property | Value |
|---|---|
| Base image | node:20-alpine (multi-stage build) |
| App runtime | Next.js standalone + Prisma + SQLite |
| Entrypoint | /usr/local/bin/docker_entrypoint.sh (dumb-init wrapped) |
| Internal port | 3000 |
| Architectures | x86_64 (beta) |
Build and sideload
cd start9/0.4
npm ci
make clean
make x86 # outputs proof-of-work_x86_64.s9pk
Sideload via StartOS web UI or make install (requires ~/.startos/config.yaml).
Step-by-step instructions are in DEPLOY_040.md.
What is unchanged from 0.3.5
- Package id:
proof-of-work - Volume id:
main - Mount path:
/data - DB path:
/data/app.db - Health endpoint:
/api/health - Compat
ALTER TABLEblock (idempotent; no-op on a current DB)
What is new in 0.4
- TypeScript SDK manifest under
startos/ - ExVer version (
0.1.0:18) replaces the 0.3.5 4-part0.1.0.17 - Seed-on-first-boot with a
.seededmarker and stderr logging alertUpdatewarning users not to Uninstall to troubleshoot- Self-contained Dockerfile — no references to
../0.3.5/or../0.4/
Follow-up releases (planned, do not ship yet)
- v0.1.0:19 — remove the
COPY seed/data \u2026line and the seed block from the entrypoint once the cutover is confirmed. Leavesseed/on disk unreferenced. - v0.1.0:19 or v0.1.0:20 — add a StartOS Package Action
change-admin-credentialsthat updates the User row in/data/app.db(bcryptjs, salt rounds 10) so you can rename/rotate the admin from the StartOS UI.