Fix: ReferenceError in setupDefaultUser when using INITIAL_ADMIN_EMAIL/PASSWORD env vars

[zuptalo]

Description

Fixes a critical bug in backend/setup.js where setting INITIAL_ADMIN_EMAIL and INITIAL_ADMIN_PASSWORD environment variables causes the application to crash with a ReferenceError during initial setup.

The Problem

When using environment variables to configure the initial admin account:

• The variables initialAdminEmail and initialAdminPassword are correctly read from environment variables
• However, the code incorrectly references undefined variables email and password when creating the user
• This causes: ReferenceError: email is not defined and the app enters an infinite restart loop

The Solution

Fixed variable references in setupDefaultUser() function:

• Line 39: email: email → email: initialAdminEmail
• Line 53: secret: password → secret: initialAdminPassword

Testing

Built and tested locally with the fix:

Build Process

./scripts/ci/frontend-build
docker build -f docker/Dockerfile -t nginx-proxy-manager:local .

Test Configuration

services:
  app:
    image: 'nginx-proxy-manager:local'
    restart: unless-stopped
    ports:
      - '80:80'
      - '443:443'
      - '81:81'
    environment:
      INITIAL_ADMIN_EMAIL: "admin @example.local"
      INITIAL_ADMIN_PASSWORD: "MySecurePassword123!"
    volumes:
      - /tmp/data:/data
      - /tmp/letsencrypt:/etc/letsencrypt

Test Results

Before Fix (infinite restart loop)

[11/4/2025] [8:09:35 PM] [Setup    ] › ℹ  info      Creating a new user: admin @example.local with password: MySecurePassword123!
[11/4/2025] [8:09:35 PM] [Global   ] › ✖  error     Startup Error: email is not defined ReferenceError: email is not defined
    at setupDefaultUser (file:///app/setup.js:40:11)
[11/4/2025] [8:09:36 PM] [Migrate  ] › ℹ  info      Current database version: none
[11/4/2025] [8:09:36 PM] [Setup    ] › ℹ  info      Creating a new user: admin @example.local with password: MySecurePassword123!
[11/4/2025] [8:09:36 PM] [Global   ] › ✖  error     Startup Error: email is not defined ReferenceError: email is not defined
    at setupDefaultUser (file:///app/setup.js:40:11)

After Fix (successful startup)

[11/4/2025] [8:07:44 PM] [Setup    ] › ℹ  info      Creating a new user: admin @example.local with password: MySecurePassword123!
[11/4/2025] [8:07:45 PM] [Setup    ] › ℹ  info      Initial admin setup completed
[11/4/2025] [8:07:45 PM] [Setup    ] › ℹ  info      Default settings added
[11/4/2025] [8:07:45 PM] [Setup    ] › ℹ  info      Logrotate Timer initialized
[11/4/2025] [8:07:45 PM] [Setup    ] › ℹ  info      Logrotate completed.
[11/4/2025] [8:07:45 PM] [Global   ] › ℹ  info      Backend PID 182 listening on port 3000 ...

✅ Application starts successfully
✅ Initial admin user created with specified credentials
✅ Successfully logged in to admin panel at :81 with configured credentials
✅ No restart loops or errors

Impact

This bug prevents automated deployments that rely on environment variables for initial setup, forcing users to:

• Either use default credentials (security risk)
• Or manually reset password via ui after logging in

Related Issues

• Complements PR Read initial admin email and password from env vars #3790 which initially introduced these environment variables
• Fixes deployment automation scenarios

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature
• Breaking change
• Documentation update

Checklist

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• I have built a local Docker image with the changes
• I have tested the fix with a real deployment
• My changes generate no new warnings
• This fix is backward compatible (defaults to original behavior when env vars are not set)
• I have verified the app no longer enters a restart loop with this configuration

Additional Changes: Docker Publish Workflow

This PR also includes a new GitHub Actions workflow located at .github/workflows/docker-publish.yml.

Purpose

This workflow automates the process of building and pushing multi-architecture Docker images to Docker Hub for the develop branch.

Key Features

• Multi-Architecture Support: Builds images for linux/amd64, linux/arm64, and linux/arm/v7.
• Automated Triggers: Runs on every push to the develop branch and can also be manually dispatched from the GitHub Actions UI.
• Optimized Caching:
  • Frontend Artifact Caching: Caches the frontend/dist directory based on changes in frontend/yarn.lock, frontend/package.json, frontend/vite.config.ts, frontend/tsconfig.json, and all files in frontend/src/**, ensuring rebuilds only occur when necessary.
  • Docker Layer Caching: Utilizes GitHub Actions cache for Docker layers to speed up subsequent image builds.
• Dynamic Repository: Uses the DOCKERHUB_USERNAME secret to dynamically determine the Docker Hub repository name.
• Secret Pre-check: The workflow gracefully skips execution if the required DOCKERHUB_USERNAME or DOCKERHUB_TOKEN secrets are not defined in the repository, preventing failed runs.

[nginxproxymanagerci]

Docker Image for build 7 is available on DockerHub:

nginxproxymanager/nginx-proxy-manager-dev:pr-4836

Note

Ensure you backup your NPM instance before testing this image! Especially if there are database changes.
This is a different docker image namespace than the official image.

Warning

Changes and additions to DNS Providers require verification by at least 2 members of the community!