From 4e96bb664f9bf1ffc45e7bafc33b193dc32002e0 Mon Sep 17 00:00:00 2001 From: "CanbiZ (MickLesk)" <47820557+MickLesk@users.noreply.github.com> Date: Mon, 9 Feb 2026 10:52:33 +0100 Subject: [PATCH] Nginx-UI: better User Handling | ACME (#11715) * fix(nginx-ui): remove admin user hack, use setup wizard instead The previous install script started nginx-ui for 3 seconds, stopped it, and ran reset-password to create an admin user. This caused: - Race condition: the internal setup wizard could trigger during the brief start window, conflicting with the reset-password approach - Admin users unable to login after the setup wizard fired - Settings lockup due to overloaded app.ini with hardcoded nginx paths that conflict with UI-managed settings Changes: - Remove start/stop/reset-password hack from install script - Simplify app.ini to match upstream defaults (minimal config) - Let users complete the natural setup wizard on first visit - Update JSON: remove default credentials, add setup wizard note - Add setup wizard hint to CT script output The setup wizard properly handles admin account creation and ACME email configuration, which are both needed for full functionality. Ref: ProxmoxVED#1408 * Update nginx-ui.sh --- frontend/public/json/nginx-ui.json | 10 ++++---- install/nginx-ui-install.sh | 40 ++++++++---------------------- 2 files changed, 15 insertions(+), 35 deletions(-) diff --git a/frontend/public/json/nginx-ui.json b/frontend/public/json/nginx-ui.json index 8dac20d7e..bba6324d3 100644 --- a/frontend/public/json/nginx-ui.json +++ b/frontend/public/json/nginx-ui.json @@ -28,10 +28,14 @@ } ], "default_credentials": { - "username": "admin", + "username": null, "password": null }, "notes": [ + { + "text": "On first visit, the setup wizard will guide you to create an admin account and configure ACME email.", + "type": "warning" + }, { "text": "Nginx runs on ports 80/443, Nginx UI management interface on port 9000.", "type": "info" @@ -39,10 +43,6 @@ { "text": "SSL certificates can be managed automatically with Let's Encrypt integration.", "type": "info" - }, - { - "text": "Initial Login data: `cat ~/nginx-ui.creds`", - "type": "info" } ] } diff --git a/install/nginx-ui-install.sh b/install/nginx-ui-install.sh index 17285ca1d..84b3b7454 100644 --- a/install/nginx-ui-install.sh +++ b/install/nginx-ui-install.sh @@ -30,29 +30,20 @@ msg_ok "Installed Nginx UI" msg_info "Configuring Nginx UI" mkdir -p /usr/local/etc/nginx-ui cat </usr/local/etc/nginx-ui/app.ini -[server] -HttpHost = 0.0.0.0 -HttpPort = 9000 -RunMode = release -JwtSecret = $(openssl rand -hex 32) - -[nginx] -AccessLogPath = /var/log/nginx/access.log -ErrorLogPath = /var/log/nginx/error.log -ConfigDir = /etc/nginx -PIDPath = /run/nginx.pid -TestConfigCmd = nginx -t -ReloadCmd = nginx -s reload -RestartCmd = systemctl restart nginx - [app] PageSize = 10 +[server] +Host = 0.0.0.0 +Port = 9000 +RunMode = release +JwtSecret = $(openssl rand -hex 32) + [cert] -Email = -CADir = -RenewalInterval = 7 -RecursiveNameservers = +HTTPChallengePort = 9180 + +[terminal] +StartCmd = login EOF msg_ok "Configured Nginx UI" @@ -78,17 +69,6 @@ EOF systemctl daemon-reload msg_ok "Created Service" -msg_info "Creating Initial Admin User" -systemctl start nginx-ui -sleep 3 -systemctl stop nginx-ui -sleep 1 -/usr/local/bin/nginx-ui reset-password --config /usr/local/etc/nginx-ui/app.ini &>/tmp/nginx-ui-reset.log || true -ADMIN_PASS=$(grep -oP 'Password: \K\S+' /tmp/nginx-ui-reset.log || echo "admin") -echo -e "Nginx-UI Credentials\nUsername: admin\nPassword: $ADMIN_PASS" >~/nginx-ui.creds -rm -f /tmp/nginx-ui-reset.log -msg_ok "Created Initial Admin User" - msg_info "Starting Service" systemctl enable -q --now nginx-ui rm -rf /etc/nginx/sites-enabled/default