chore: bump version to 1.1.8 (#60)

- write_config(): Replace CHANGEME placeholder on upgrade instead of
  skipping entirely; preserve existing real passwords unchanged
- setup_database(): When DB user already exists, recover password from
  existing config and sync to PostgreSQL, or generate a fresh password;
  fixes crash-loop when config password diverges from PostgreSQL
- generate_jwt_keys(): Regenerate missing verify.pem from existing
  signing.pem instead of silently skipping
- Password extraction uses @localhost anchor to correctly handle
  passwords containing @ characters

Cargo.toml

@@ -12,7 +12,7 @@ members = [
 ]
 
 [workspace.package]
-version = "1.1.6"
+version = "1.1.8"
 edition = "2021"
 authors = ["Echo <echo@moon-dragon.us>"]
 license = "MIT"

debian/changelog

@@ -1,3 +1,15 @@
+linux-patch-manager (1.1.8-1) unstable; urgency=low
+
+  * Release v1.1.8
+
+ -- git-echo <git-echo@moon-dragon.us>  Tue, 09 Jun 2026 11:47:58 -0500
+
+linux-patch-manager (1.1.7-1) unstable; urgency=low
+
+  * Release v1.1.7
+
+ -- git-echo <git-echo@moon-dragon.us>  Tue, 09 Jun 2026 09:11:11 -0500
+
 linux-patch-manager (1.1.6-1) unstable; urgency=low
 
   * Release v1.1.6

debian/control

@@ -1,5 +1,5 @@
 Package: linux-patch-manager
-Version: 1.1.6-1
+Version: 1.1.8-1
 Architecture: amd64
 Maintainer: Moon Dragon <echo@moon-dragon.us>
 Installed-Size: 45000

debian/postinst

@@ -107,7 +107,27 @@ setup_database() {
         # Store password for config generation
         echo "${db_password}" > /tmp/.pm-db-password-new
     else
-        info "PostgreSQL user '${DB_USER}' already exists, skipping creation."
+        info "PostgreSQL user '${DB_USER}' already exists."
+        # Recover the DB password: try from existing config, or generate new.
+        local config_file="${CONFIG_DIR}/config.toml"
+        local existing_pw=""
+        if [[ -f "${config_file}" ]]; then
+            # Extract password from URL: postgres://user:PASSWORD@host/db
+            # Use @localhost anchor so passwords containing @ are extracted correctly.
+            existing_pw=$(sed -n 's|^url = "postgres://[^:]*:\(.*\)@localhost.*"|\1|p' "${config_file}" | head -1)
+        fi
+        if [[ -n "${existing_pw}" && "${existing_pw}" != "CHANGEME" ]]; then
+            # Config has a real password — sync it to PostgreSQL so the app can connect.
+            psql_run -c "ALTER ROLE ${DB_USER} WITH PASSWORD '${existing_pw}';" 2>/dev/null || true
+            echo "${existing_pw}" > /tmp/.pm-db-password-new
+            info "Synced DB password from existing config to PostgreSQL."
+        else
+            # No config or CHANGEME — generate a fresh password and update PostgreSQL.
+            db_password=$(openssl rand -base64 32 | tr -dc 'A-Za-z0-9' | head -c 32)
+            psql_run -c "ALTER ROLE ${DB_USER} WITH PASSWORD '${db_password}';" 2>/dev/null || true
+            echo "${db_password}" > /tmp/.pm-db-password-new
+            info "Generated new DB password for existing user."
+        fi
     fi
 
     # Create database if not exists
@@ -207,8 +227,11 @@ generate_admin_password() {
     admin_password=$(openssl rand -base64 32 | tr -dc 'A-Za-z0-9!@#%^&*' | head -c 24)
 
     # Hash with argon2 (PHC format, compatible with the application)
+    # Generate a random 16-character salt (argon2 requires minimum 8 characters)
+    local admin_salt
+    admin_salt=$(openssl rand -base64 24 | tr -dc 'A-Za-z0-9' | head -c 16)
     local password_hash
-    password_hash=$(echo -n "${admin_password}" | argon2 salt -id -t 3 -m 16 -p 1 -l 32 -e)
+    password_hash=$(echo -n "${admin_password}" | argon2 "${admin_salt}" -id -t 3 -m 16 -p 1 -l 32 -e)
 
     # Update admin user password in database
     # Only update if the placeholder hash is still present
@@ -246,42 +269,56 @@ generate_admin_password() {
 }
 
 # ---------------------------------------------------------------------------
-# 7. Write config.toml with DB URL (only if file doesn't exist)
+# 7. Write config.toml with DB URL
+# ---------------------------------------------------------------------------
+# Handles three scenarios:
+#   1. No config file → create from example with real DB password
+#   2. Config exists with CHANGEME → replace CHANGEME with real DB password
+#   3. Config exists with real password → leave it alone (upgrade)
 # ---------------------------------------------------------------------------
 write_config() {
     local config_file="${CONFIG_DIR}/config.toml"
 
-    if [[ -f "${config_file}" ]]; then
+    # Resolve the DB password to use: from setup_database() or generate fresh.
-        info "Config file ${config_file} already exists, not overwriting."
-        return 0
-    fi
-
-    info "Writing configuration file..."
-
-    # Get the DB password — use the one we just generated if we created the user
     local db_password=""
     if [[ -f /tmp/.pm-db-password-new ]]; then
         db_password=$(cat /tmp/.pm-db-password-new)
     fi
 
-    # If we don't have a password (user already existed), generate a new one
+    if [[ -f "${config_file}" ]]; then
-    # and update the PostgreSQL user so we can connect
+        # Check if the config still has the CHANGEME placeholder
-    if [[ -z "${db_password}" ]]; then
+        if grep -q 'CHANGEME' "${config_file}"; then
-        db_password=$(openssl rand -base64 32 | tr -dc 'A-Za-z0-9' | head -c 32)
+            if [[ -z "${db_password}" ]]; then
-        psql_run -c "ALTER ROLE ${DB_USER} WITH PASSWORD '${db_password}';" 2>/dev/null || true
+                # No password from setup_database() — generate a fresh one
+                db_password=$(openssl rand -base64 32 | tr -dc 'A-Za-z0-9' | head -c 32)
+                psql_run -c "ALTER ROLE ${DB_USER} WITH PASSWORD '${db_password}';" 2>/dev/null || true
+            fi
+            info "Replacing CHANGEME placeholder in existing config with real DB password."
+            sed -i "s|postgres://patch_manager:CHANGEME@localhost/patch_manager|postgres://${DB_USER}:${db_password}@localhost/${DB_NAME}|" "${config_file}"
+        else
+            info "Config file ${config_file} already exists with a real password, leaving it unchanged."
+            return 0
+        fi
+    else
+        # No config file — create from example
+        if [[ -z "${db_password}" ]]; then
+            db_password=$(openssl rand -base64 32 | tr -dc 'A-Za-z0-9' | head -c 32)
+            psql_run -c "ALTER ROLE ${DB_USER} WITH PASSWORD '${db_password}';" 2>/dev/null || true
+        fi
+
+        info "Writing configuration file..."
+        cp /usr/share/patch-manager/config.example.toml "${config_file}"
+        sed -i "s|postgres://patch_manager:CHANGEME@localhost/patch_manager|postgres://${DB_USER}:${db_password}@localhost/${DB_NAME}|" "${config_file}"
     fi
 
-    # Copy example config and set the DB URL
-    cp /usr/share/patch-manager/config.example.toml "${config_file}"
-    sed -i "s|postgres://patch_manager:CHANGEME@localhost/patch_manager|postgres://${DB_USER}:${db_password}@localhost/${DB_NAME}|" "${config_file}"
     chown patch-manager:patch-manager "${config_file}"
     chmod 640 "${config_file}"
-
     info "Configuration written to ${config_file}"
 }
 
 # ---------------------------------------------------------------------------
 # 8. Generate JWT keys (idempotent)
+# Only generates if missing; regenerates verify.pem from signing.pem if lost.
 # ---------------------------------------------------------------------------
 generate_jwt_keys() {
     if [[ ! -f "${CONFIG_DIR}/jwt/signing.pem" ]]; then
@@ -292,8 +329,14 @@ generate_jwt_keys() {
         chmod 600 "${CONFIG_DIR}/jwt/signing.pem"
         chmod 644 "${CONFIG_DIR}/jwt/verify.pem"
         info "JWT keys generated."
+    elif [[ ! -f "${CONFIG_DIR}/jwt/verify.pem" ]]; then
+        info "Regenerating missing JWT verification key from existing signing key..."
+        openssl pkey -in "${CONFIG_DIR}/jwt/signing.pem" -pubout -out "${CONFIG_DIR}/jwt/verify.pem" 2>/dev/null
+        chown patch-manager:patch-manager "${CONFIG_DIR}/jwt/verify.pem"
+        chmod 644 "${CONFIG_DIR}/jwt/verify.pem"
+        info "JWT verification key regenerated."
     else
-        info "JWT signing key already exists, skipping."
+        info "JWT keys already exist, skipping."
     fi
 }
 

frontend/package.json

@@ -1,7 +1,7 @@
 {
   "name": "patch-manager-ui",
   "private": true,
-  "version": "1.1.6",
+  "version": "1.1.8",
   "type": "module",
   "scripts": {
     "dev": "vite",

scripts/build-package.sh

@@ -22,7 +22,7 @@ warn()  { echo -e "${YELLOW}[WARN]${NC}  $*"; }
 error() { echo -e "${RED}[ERROR]${NC} $*" >&2; exit 1; }
 
 PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
-VERSION="1.1.6"
+VERSION="1.1.8"
 RELEASE="1"
 PKG_NAME="linux-patch-manager"
 DEB_NAME="${PKG_NAME}_${VERSION}-${RELEASE}_amd64.deb"