Full mariadb-dump (schema + data) from the live develop instance,
post-NFP-18 migration. Includes test data new devs can immediately
poke at instead of staring at an empty dashboard.
Contents:
- 36 tables (full schema)
- 2 users (admin@finetune.ai/admin123, testuser@example.com/test123)
- 5 datasets, 1 job (Support Bot v1, completed), 1 model
- 1 user_billing row, 5 user_settings rows
- 8 email_templates, 3 ACL roles, all migrations table state
Sanitization applied at the end of the dump (POST-LOAD block):
- user.user_pass set to NULL (legacy AES-encrypted passwords;
post-NFP-18 auth uses user_password_hash only)
- user_settings values for keys matching token/key/secret/password/api
set to empty string (devs add their own HF token, etc.)
- user_password_hash for both default users reset to freshly-generated
argon2id hashes that verify against the documented plaintexts
bootstrap-db.sh adds NFP_USE_SNAPSHOT=1 to load this instead of the
clean 3-file path. Both routes arrive at the same credentials.
Verified end-to-end:
- dump loads on a fresh DB (exit 0)
- both default credentials authenticate via password_verify
- all data rows preserved
- no credential-shaped strings in non-comment lines
bootstrap-db.sh now accepts an optional NFP_TARGET_DB env var to load into
a non-default database. Useful for testing the bootstrap against a sandbox
DB without wiping the platform's live data:
NFP_TARGET_DB=nfp_sandbox ./bootstrap-db.sh
Verified the full round trip:
1. Create fresh nfp_roundtrip_test DB as root, grant access to neuronetz
2. Run bootstrap-db.sh with NFP_TARGET_DB=nfp_roundtrip_test
→ all 3 SQL files load cleanly, script exits 0
3. Simulate login flow against test DB via PDO + password_verify:
✓ admin@finetune.ai/admin123 → authenticated, role=superuser
✓ testuser@example.com/test123 → authenticated, role=user
✗ admin@finetune.ai/wrongpass → password verify rejects (correct)
✗ nobody@example.com/whatever → user not found (correct)
4. Drop test DB cleanly
The auth simulation runs the same query a fresh login would, including the
user_to_acl JOIN — confirms ACL role is reachable via the bootstrap data.
Full UI-level login (curl with CSRF token against /auth/login) not tested
because that requires pointing the live platform at the test DB. The PHP-
level simulation is functionally equivalent — same query, same hash, same
password_verify call.
Generated from finetuning-plattform develop @ 70b203c on 2026-05-14.
Contents:
- MANUAL.md — full developer manual, setup at front (28 sections)
- bootstrap-db.sh — one-command DB initialization
- db/01-schema.sql — MariaDB schema, no data
- db/02-seed.sql — reference data (ACL, email templates, API registry)
- db/03-default-users.sql — admin + test user, argon2id hashes
Drop-in package for new developers joining the platform.
