From cea518b33c62448a1fb7b380e86acec64bd7653f Mon Sep 17 00:00:00 2001
From: kitos <kitos@aegis.local>
Date: Thu, 11 Jun 2026 12:03:33 +0200
Subject: [PATCH] fix(install): reset postgres volume on reconfigure to avoid
 auth failures

When the wizard reconfigures and generates a new DB_PASSWORD, the existing
Postgres volume retains the old password (Docker only initializes credentials
on a fresh empty volume). The backend then fails to connect because .env
has the new password but Postgres still uses the old one.

Fix: run 'docker compose down -v' before 'up --build' whenever the wizard
reconfigures (SKIP_CONFIG=false), so Postgres always initializes with the
current .env credentials. Also add a pre-confirmation warning when existing
volumes are detected.
---
 scripts/install.sh | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/scripts/install.sh b/scripts/install.sh
index 9c18279..7b5dd28 100644
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -270,6 +270,14 @@ if [ "$SKIP_CONFIG" = false ]; then
     echo -e "    │  MITRE sync:    ${CYAN}$([ "$RUN_MITRE_SYNC" = true ] && echo "yes" || echo "no")${NC}"
     echo -e "${BOLD}    └──────────────────────────────────────────────────────┘${NC}"
     echo ""
+    # Warn about data loss if containers/volumes already exist
+    if $COMPOSE_CMD -f docker-compose.prod.yml ps -q 2>/dev/null | grep -q . || \
+       docker volume ls --format '{{.Name}}' 2>/dev/null | grep -qi 'postgres'; then
+        echo ""
+        print_warn "Existing database volumes detected."
+        print_warn "Proceeding will RESET the database — all existing data will be lost."
+    fi
+
     print_prompt "Proceed with these settings? (Y/n): "
     read -r CONFIRM
     if [[ $CONFIRM =~ ^[Nn]$ ]]; then
@@ -325,6 +333,14 @@ print_header "Step 3/5 - Building and starting containers"
 
 print_info "This may take several minutes on first run..."
 
+# When reconfiguring, remove old volumes so Postgres re-initializes with the new password.
+# Without this, Postgres ignores the new DB_PASSWORD because it only sets credentials
+# on first initialization (empty volume) — leaving the backend unable to authenticate.
+if [ "$SKIP_CONFIG" = false ]; then
+    print_info "Removing existing volumes to apply new credentials..."
+    $COMPOSE_CMD -f docker-compose.prod.yml down -v > /dev/null 2>&1 || true
+fi
+
 if ! $COMPOSE_CMD -f docker-compose.prod.yml up -d --build 2>&1; then
     print_error "Failed to build/start containers. Check the output above."
     exit 1