Installer seeds bootstrap admin password; Postgres parameter-type bug fixed
Two commits. The installer now asks for a `BOOTSTRAP_ADMIN_PASSWORD` so the operator can sign in immediately after deploy without going through the signup form. The follow-up fixes a silent Postgres transaction abort that prevented the admin account from ever being created.
Installer change (fcc68098, +121/-4 across 4 files). The wizard gains a step asking whether to auto-generate or manually type a password for the bootstrap admin email. The value lands in .env.compose as BOOTSTRAP_ADMIN_PASSWORD and in the secrets backup. The post-install report surfaces it so the operator can sign in at /login directly.
ensureBootstrapAdmin() in backend/src/lib/users.ts is extended: if the bootstrap email doesn't yet exist in the database AND BOOTSTRAP_ADMIN_PASSWORD is set to at least 12 characters, it creates the user with that password (bcrypt, cost 12), role = admin, status = active. onboarded_at is left NULL - first sign-in still triggers the onboarding wizard even though the account exists. Passwords shorter than 12 characters are refused with a warning log, not a crash. The legacy path (sign up via the form, get auto-promoted) still works when the password env var is absent.
The bug (35e409f6, +6/-2 in 1 file). The audit_events insert inside ensureBootstrapAdmin reused $1 for both user_id (uuid) and target_id (text):
VALUES ($1, 'user.bootstrap', 'user', $1, $2::jsonb)
Postgres infers the type of $1 from the first use - uuid - and then rejects the second use where text is expected. The whole transaction rolled back silently. The fix separates the parameters with explicit casts:
VALUES ($1::uuid, 'user.bootstrap', 'user', $2::text, $3::jsonb)
passing the same id value twice with different positions. Without this fix, the bootstrap admin was never created on fresh installs, and the operator's first sign-in returned "Invalid email or password" with no diagnostic.
Spotted something wrong? Or know the PR text has fresher detail than the writeup above?