Commit Graph

6 Commits

Author SHA1 Message Date
bvandeusen 5207fae653 fix(deploy): writable data_dir in container + fatal-on-mkdir
The Dockerfile created the minstrel user but never set a WORKDIR or
pre-created a writable data dir. With the default DataDir of "./data"
and CWD of "/", every MkdirAll attempt failed with "permission denied"
under the non-root user, and the boot code only logged a Warn before
continuing. Result: every artist-art enrichment failed at
"mkdir artist-art: mkdir data: permission denied"; the operator saw
"0 successes" with no signal as to why.

Three changes:
- Dockerfile: WORKDIR /app, pre-create /app/data with minstrel
  ownership, and ENV MINSTREL_STORAGE_DATA_DIR=/app/data so the
  binary doesn't fall back to the broken "./data" default even if
  the operator forgets to set it.
- docker-compose.yml: explicit MINSTREL_STORAGE_DATA_DIR + a named
  volume mounted at /app/data so cached art persists across
  container recreates.
- cmd/minstrel/main.go: MkdirAll failure is now fatal. Silent breakage
  here cascades into every cache (playlist covers, artist art,
  album-cover fallbacks); refusing to start surfaces the misconfig
  immediately. Also wires Enricher.DataDir from cfg in preparation
  for the album-cover sidecar fallback (next commit).
2026-05-06 23:28:54 -04:00
bvandeusen ca82862346 chore(config): rename SMARTMUSIC_ env prefix to MINSTREL_; default admin user
The legacy SMARTMUSIC_ prefix dates from when the project was specced
as "smart-music" before being renamed to Minstrel. Hard cutover to
MINSTREL_* across config.go, tests, config.example.yaml, README, and
docker-compose. Also renames SMARTMUSIC_CONFIG in cmd/minstrel/main.go
which was missed in the original audit.

Also seeds Auth.AdminBootstrap.Username = "admin" in Default() so
MINSTREL_DATABASE_URL is the only env var required for a fresh prod
deployment — the bootstrap auto-generates a password and prints it
to stderr. Drops the now-redundant MINSTREL_AUTH_ADMIN_USERNAME=admin
line from the README quickstart and docker-compose.

M1 follow-up from the #363 final review: guards
MINSTREL_BRANDING_APP_NAME and _DESCRIPTION against empty-string
overrides — empty would have shipped <title></title> to share-preview
crawlers.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-03 18:40:59 -04:00
bvandeusen 64582b21e3 fix(auth): set subsonic_password on admin bootstrap
Bootstrap was creating password_hash + api_token but leaving
subsonic_password nil, which meant Subsonic clients (Feishin, Symfonium)
got ErrTokenNotSupported on t+s auth — the server had no plaintext to
hash against. Mirror the bootstrap password into subsonic_password so
the admin can sign in to Subsonic clients with the same credential
printed on first boot. Plaintext at rest is the cost of Subsonic's
legacy auth; matches Navidrome's posture.

Also folds in the local dev compose tweaks: dedicated bridge network
with postgres unpublished from the host, and a bind-mount aimed at the
operator's real library path.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-19 18:30:54 -04:00
bvandeusen e6b84190e7 chore(compose): bake in dev mount + scan defaults
Dev stack can now `docker compose up --build` with no extra env: mounts
./music read-only, enables startup scan, and bootstraps admin with a
generated password printed to stderr on first boot.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-19 18:12:13 -04:00
bvandeusen c252608558 M1/#291: add minstrel service to compose stack 2026-04-19 01:12:31 +00:00
bvandeusen b40e379b84 feat(skel): docker-compose for local Postgres (integration-test stack) 2026-04-18 21:21:01 +00:00