From 2c1a7470d35cb840950e63008fb4014e5e341dd6 Mon Sep 17 00:00:00 2001
From: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
Date: Thu, 3 Oct 2024 18:18:00 +0900
Subject: feat: サーバー初期設定時に初期パスワードを要求できるように (#14626)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* feat: サーバー初期設定時専用の初期パスワードを設定できるように

* 無いのに入力された場合もエラーにする

* :art:

* :art:

* cypress-devcontainerにもpassを設定（テストが失敗するため）

* [ci skip] :art:

* :v:

* test: please revert this commit before merge

* Revert "test: please revert this commit before merge"

This reverts commit 66b2b48f66830d2450d8cda03955c143feba76c7.

* Update locales/ja-JP.yml

Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>

* build assets

* Update Changelog

* fix condition

* fix condition

* add comment

* change error code

* 他のエラーコードと合わせる

* Update CHANGELOG.md

---------

Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
---
 .config/cypress-devcontainer.yml | 13 +++++++++++++
 .config/example.yml              | 13 +++++++++++++
 2 files changed, 26 insertions(+)

(limited to '.config')

diff --git a/.config/cypress-devcontainer.yml b/.config/cypress-devcontainer.yml
index 91dce35155..64988aff66 100644
--- a/.config/cypress-devcontainer.yml
+++ b/.config/cypress-devcontainer.yml
@@ -2,6 +2,19 @@
 # Misskey configuration
 #━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 
+#   ┌────────────────────────┐
+#───┘ Initial Setup Password └─────────────────────────────────────────────────────
+
+# Password to initiate setting up admin account.
+# It will not be used after the initial setup is complete.
+#
+# Be sure to change this when you set up Misskey via the Internet.
+#
+# The provider of the service who sets up Misskey on behalf of the customer should
+# set this value to something unique when generating the Misskey config file,
+# and provide it to the customer.
+initialPassword: example_password_please_change_this_or_you_will_get_hacked
+
 #   ┌─────┐
 #───┘ URL └─────────────────────────────────────────────────────
 
diff --git a/.config/example.yml b/.config/example.yml
index 7080159117..fbc4cdff4b 100644
--- a/.config/example.yml
+++ b/.config/example.yml
@@ -59,6 +59,19 @@
 #
 # publishTarballInsteadOfProvideRepositoryUrl: true
 
+#   ┌────────────────────────┐
+#───┘ Initial Setup Password └─────────────────────────────────────────────────────
+
+# Password to initiate setting up admin account.
+# It will not be used after the initial setup is complete.
+#
+# Be sure to change this when you set up Misskey via the Internet.
+#
+# The provider of the service who sets up Misskey on behalf of the customer should
+# set this value to something unique when generating the Misskey config file,
+# and provide it to the customer.
+initialPassword: example_password_please_change_this_or_you_will_get_hacked
+
 #   ┌─────┐
 #───┘ URL └─────────────────────────────────────────────────────
 
-- 
cgit v1.2.3-freya


From d2175a9b9f6e38ca3ec0ca28b29d99f4b46f9dcd Mon Sep 17 00:00:00 2001
From: syuilo <4439005+syuilo@users.noreply.github.com>
Date: Thu, 3 Oct 2024 20:40:39 +0900
Subject: initialPassword -> setupPassword

---
 .config/cypress-devcontainer.yml                                  | 2 +-
 .config/example.yml                                               | 2 +-
 packages/backend/src/config.ts                                    | 6 +++---
 .../backend/src/server/api/endpoints/admin/accounts/create.ts     | 8 ++++----
 packages/frontend/src/pages/welcome.setup.vue                     | 8 ++++----
 packages/misskey-js/src/autogen/types.ts                          | 2 +-
 6 files changed, 14 insertions(+), 14 deletions(-)

(limited to '.config')

diff --git a/.config/cypress-devcontainer.yml b/.config/cypress-devcontainer.yml
index 64988aff66..3907615f73 100644
--- a/.config/cypress-devcontainer.yml
+++ b/.config/cypress-devcontainer.yml
@@ -13,7 +13,7 @@
 # The provider of the service who sets up Misskey on behalf of the customer should
 # set this value to something unique when generating the Misskey config file,
 # and provide it to the customer.
-initialPassword: example_password_please_change_this_or_you_will_get_hacked
+setupPassword: example_password_please_change_this_or_you_will_get_hacked
 
 #   ┌─────┐
 #───┘ URL └─────────────────────────────────────────────────────
diff --git a/.config/example.yml b/.config/example.yml
index fbc4cdff4b..600c1c632e 100644
--- a/.config/example.yml
+++ b/.config/example.yml
@@ -70,7 +70,7 @@
 # The provider of the service who sets up Misskey on behalf of the customer should
 # set this value to something unique when generating the Misskey config file,
 # and provide it to the customer.
-initialPassword: example_password_please_change_this_or_you_will_get_hacked
+setupPassword: example_password_please_change_this_or_you_will_get_hacked
 
 #   ┌─────┐
 #───┘ URL └─────────────────────────────────────────────────────
diff --git a/packages/backend/src/config.ts b/packages/backend/src/config.ts
index b320ce5403..42f1033b9d 100644
--- a/packages/backend/src/config.ts
+++ b/packages/backend/src/config.ts
@@ -63,7 +63,7 @@ type Source = {
 
 	publishTarballInsteadOfProvideRepositoryUrl?: boolean;
 
-	initialPassword?: string;
+	setupPassword?: string;
 
 	proxy?: string;
 	proxySmtp?: string;
@@ -154,7 +154,7 @@ export type Config = {
 
 	version: string;
 	publishTarballInsteadOfProvideRepositoryUrl: boolean;
-	initialPassword: string | undefined;
+	setupPassword: string | undefined;
 	host: string;
 	hostname: string;
 	scheme: string;
@@ -235,7 +235,7 @@ export function loadConfig(): Config {
 	return {
 		version,
 		publishTarballInsteadOfProvideRepositoryUrl: !!config.publishTarballInsteadOfProvideRepositoryUrl,
-		initialPassword: config.initialPassword,
+		setupPassword: config.setupPassword,
 		url: url.origin,
 		port: config.port ?? parseInt(process.env.PORT ?? '', 10),
 		socket: config.socket,
diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts
index bddf7f45d3..d30131a62f 100644
--- a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts
@@ -51,7 +51,7 @@ export const paramDef = {
 	properties: {
 		username: localUsernameSchema,
 		password: passwordSchema,
-		initialPassword: { type: 'string', nullable: true },
+		setupPassword: { type: 'string', nullable: true },
 	},
 	required: ['username', 'password'],
 } as const;
@@ -75,13 +75,13 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 
 			if (!realUsers && me == null && token == null) {
 				// 初回セットアップの場合
-				if (this.config.initialPassword != null) {
+				if (this.config.setupPassword != null) {
 					// 初期パスワードが設定されている場合
-					if (ps.initialPassword !== this.config.initialPassword) {
+					if (ps.setupPassword !== this.config.setupPassword) {
 						// 初期パスワードが違う場合
 						throw new ApiError(meta.errors.wrongInitialPassword);
 					}
-				} else if (ps.initialPassword != null && ps.initialPassword.trim() !== '') {
+				} else if (ps.setupPassword != null && ps.setupPassword.trim() !== '') {
 					// 初期パスワードが設定されていないのに初期パスワードが入力された場合
 					throw new ApiError(meta.errors.wrongInitialPassword);
 				}
diff --git a/packages/frontend/src/pages/welcome.setup.vue b/packages/frontend/src/pages/welcome.setup.vue
index cb20cfc5fc..dd258aad98 100644
--- a/packages/frontend/src/pages/welcome.setup.vue
+++ b/packages/frontend/src/pages/welcome.setup.vue
@@ -14,7 +14,7 @@ SPDX-License-Identifier: AGPL-3.0-only
 			</div>
 			<div class="_gaps_m" style="padding: 32px;">
 				<div>{{ i18n.ts.intro }}</div>
-				<MkInput v-model="initialPassword" type="password" data-cy-admin-initial-password>
+				<MkInput v-model="setupPassword" type="password" data-cy-admin-initial-password>
 					<template #label>{{ i18n.ts.initialPasswordForSetup }} <div v-tooltip:dialog="i18n.ts.initialPasswordForSetupDescription" class="_button _help"><i class="ti ti-help-circle"></i></div></template>
 					<template #prefix><i class="ti ti-lock"></i></template>
 				</MkInput>
@@ -40,9 +40,9 @@ SPDX-License-Identifier: AGPL-3.0-only
 
 <script lang="ts" setup>
 import { ref } from 'vue';
+import { host, version } from '@@/js/config.js';
 import MkButton from '@/components/MkButton.vue';
 import MkInput from '@/components/MkInput.vue';
-import { host, version } from '@@/js/config.js';
 import * as os from '@/os.js';
 import { misskeyApi } from '@/scripts/misskey-api.js';
 import { login } from '@/account.js';
@@ -51,7 +51,7 @@ import MkAnimBg from '@/components/MkAnimBg.vue';
 
 const username = ref('');
 const password = ref('');
-const initialPassword = ref('');
+const setupPassword = ref('');
 const submitting = ref(false);
 
 function submit() {
@@ -61,7 +61,7 @@ function submit() {
 	misskeyApi('admin/accounts/create', {
 		username: username.value,
 		password: password.value,
-		initialPassword: initialPassword.value === '' ? null : initialPassword.value,
+		setupPassword: setupPassword.value === '' ? null : setupPassword.value,
 	}).then(res => {
 		return login(res.token);
 	}).catch((err) => {
diff --git a/packages/misskey-js/src/autogen/types.ts b/packages/misskey-js/src/autogen/types.ts
index ee5cd477f1..32646d28ed 100644
--- a/packages/misskey-js/src/autogen/types.ts
+++ b/packages/misskey-js/src/autogen/types.ts
@@ -5611,7 +5611,7 @@ export type operations = {
         'application/json': {
           username: string;
           password: string;
-          initialPassword?: string | null;
+          setupPassword?: string | null;
         };
       };
     };
-- 
cgit v1.2.3-freya


From 7bdc4e8509de914b0d11e94d5b6da88f54430a51 Mon Sep 17 00:00:00 2001
From: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
Date: Thu, 3 Oct 2024 21:01:09 +0900
Subject: fix: 初期パスワードをコメントアウト (#14682)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* fix: 初期パスワードをコメントアウト

* :art:

* fix indent
---
 .config/example.yml | 3 ++-
 CHANGELOG.md        | 5 +++--
 2 files changed, 5 insertions(+), 3 deletions(-)

(limited to '.config')

diff --git a/.config/example.yml b/.config/example.yml
index 600c1c632e..60a6a0aa71 100644
--- a/.config/example.yml
+++ b/.config/example.yml
@@ -70,7 +70,8 @@
 # The provider of the service who sets up Misskey on behalf of the customer should
 # set this value to something unique when generating the Misskey config file,
 # and provide it to the customer.
-setupPassword: example_password_please_change_this_or_you_will_get_hacked
+#
+# setupPassword: example_password_please_change_this_or_you_will_get_hacked
 
 #   ┌─────┐
 #───┘ URL └─────────────────────────────────────────────────────
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2e48931267..9e4ddabd55 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,8 +1,9 @@
 ## 2024.10.0
 
 ### Note
-- サーバー初期設定時に使用する初期パスワードを設定できるようになりました。今後Misskeyサーバーを新たに設置する際には、初回の起動前にコンフィグファイルの`initialPassword`を必ず変更してください。（すでに初期設定を完了しているサーバーについては、この変更に伴い対応する必要はありません）  
-  ホスティングサービスを運営している場合は、コンフィグファイルを構築する際に`initialPassword`をランダムな値に設定し、ユーザーに通知するようにしてください。
+- サーバー初期設定時に使用する初期パスワードを設定できるようになりました。今後Misskeyサーバーを新たに設置する際には、初回の起動前にコンフィグファイルの`setupPassword`をコメントアウトし、初期パスワードを設定することをおすすめします。（すでに初期設定を完了しているサーバーについては、この変更に伴い対応する必要はありません）  
+  - ホスティングサービスを運営している場合は、コンフィグファイルを構築する際に`setupPassword`をランダムな値に設定し、ユーザーに通知するようにシステムを更新することをおすすめします。
+  - なお、初期パスワードが設定されていない場合でも初期設定を行うことが可能です（UI上で初期パスワードの入力欄を空欄にすると続行できます）。
 
 ### General
 - Feat: サーバー初期設定時に初期パスワードを設定できるように
-- 
cgit v1.2.3-freya