Config: Allow specifying initial username/password

[bladecoates]

Allow specifying default/initial username in configuration with a password or forced password creation on the first login with that user. This will avoid people from having to start the app with disable-signup: false, create the user then stop the container to set disable-signup: true.

Being security conscious when I read a config and they have the option available to disable registration, I'm going to disable it until I'm done evaluating the software and that's what I did... until I realized I myself need to sign up for it 😂

It's not a big deal, but I could see someone going through the above, and then forgetting to set disable-signup: true because they forget or are excited to try out the software, and in turn opens an attack vector because registrations are open.

[thomiceli]

I was thinking to move this option to the admin panel since it can cause confusion.. So you can always create your first user with your own credentials, then disable the sign up in the admin panel. What do you think ?

[bladecoates]

I was thinking to move this option to the admin panel since it can cause confusion.. So you can always create your first user with your own credentials, then disable the sign up in the admin panel. What do you think ?

That'll work; anything to cut down confusion early on is less headache for you and the users and leads to a more manageable project.