From 32c531247d7549f6e78605e49837900ee9df4f3c Mon Sep 17 00:00:00 2001
From: ameer <ameer@ahkhan.me>
Date: Sat, 2 May 2026 20:29:51 +0800
Subject: [PATCH] fix(deploy): only reattach /dev/tty when actually prompting
 for password

Unconditional 'exec < /dev/tty' broke non-interactive SSH invocations
where /dev/tty isn't openable. Move the reattach into the env-prompt
branch and skip it cleanly if /root/.quiz.env was pre-populated, with
a clear error if both stdin and /root/.quiz.env are missing.
---
 deploy/bootstrap.sh | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/deploy/bootstrap.sh b/deploy/bootstrap.sh
index 8ca1aac..5fdfc2b 100755
--- a/deploy/bootstrap.sh
+++ b/deploy/bootstrap.sh
@@ -12,10 +12,6 @@
 
 set -euo pipefail
 
-# When invoked through curl|bash, stdin is the pipe, not the TTY.
-# Reattach TTY so `read -s` works for the password prompt.
-[ -t 0 ] || exec < /dev/tty
-
 REPO_URL="${REPO_URL:-https://gitea.ahkhan.me/apps/quiz.git}"
 APP_DIR="${APP_DIR:-/opt/quiz}"
 APP_USER="${APP_USER:-quiz}"
@@ -73,6 +69,16 @@ if [ ! -f "$ENV_FILE" ]; then
         echo "Using /root/.quiz.env"
         cp /root/.quiz.env "$ENV_FILE"
     else
+        # Need to prompt for the admin password; reattach TTY if curl|bash
+        # left stdin pointed at the pipe.
+        if [ ! -t 0 ] && [ -r /dev/tty ]; then
+            exec < /dev/tty
+        fi
+        if [ ! -t 0 ]; then
+            echo "ERROR: stdin is not a TTY and /root/.quiz.env is missing." >&2
+            echo "Either pre-populate /root/.quiz.env or run this script interactively." >&2
+            exit 1
+        fi
         QUIZ_SECRET_KEY=$(python3 -c 'import secrets; print(secrets.token_urlsafe(48))')
         printf 'Admin password (input hidden): '
         read -rs QUIZ_ADMIN_PASSWORD