Create admin account(s) in app.yml without email confirmation


(Jay Pfaffman) #1

On a new site, if mail configuration is broken (e.g., not activated in Mailgun), the admin can’t get an email to log in and cannot see the mail logs to diagnose the problem.

For as long as I’ve known about WordPress, it’s start-up flow just lets the first person who creates an account be the admin. Apparently this hasn’t been a significant security problem for that platform. Since Discourse further protects sites from hijacking via the DISCOURSE_DEVELOPER_EMAILS variable, I see no security downside to bypassing email verification for addresses in DISCOURSE_DEVELOPER_EMAILS.

If those addresses bypassed email verification admins could immediately log in to be able to check email logs to diagnose email problems.


Did not get admin registration screens after finstall
(Jeff Atwood) #2

They can already log in via SSH to check the rails logs, as covered in our email troubleshooting #howto guide.


(Jay Pfaffman) #3

I would argue that if that were the case, they wouldn’t be paying me to do the install. (But I’ll add a link to that document to my instructions! Thanks.) For people

Let’s pretend that sshing in and using less or more to peruse the logs is easy. When I look at the logs, I don’t see the [Sender] 554 Please activate your Mailgun account. Check your inbox or log in to your control panel to resend the activation email. message that I see if I visit /admin/email/skipped.

So this user still would not have been able to tell (from Discourse, anyway) what the problem was. I’ve added stronger “If you don’t make Mailgun happy you won’t be able to use Discourse” to my notes, but I’m inclined to just rake admin:create an account for them so that they can at least log in.

Normal People are terrified of a command line. A guy I helped recently (who’d purchased an install) I’m pretty sure had never logged in to his droplet and never even done an upgrade for well over a year.


(Jeff Atwood) #4

I think it might be worse to let them get the impression their site is working, when nobody can sign up for it except them.