How to handle settings of app during install and upgrade

I maintain the invoiceninja5 app.
To login into the app, one has to currently provide:

  • username
  • password
  • API secret

Since using the API secret is optional and a hassle (there were already two issues on github because of this), I wanted to remove it from the default installation. (The API secret is set at installation time in a .env-file inside the application)

However when not defining an API secret, invoiceninja does not work if it is not set to public at installation time. I don’t know the exact reasons for this. It seems to has something to do with the fact that the login uses the API somehow.

So now I have two problems:

  1. For new installations if the user wants to make the app public: false, I must not define an API key. Remember that the API secret is set at installation time in a .env-file inside the application.

  2. If I want to set the default to public: false during an upgrade, is that possible at all? And from the users perspective it wouldn’t be a good idea to change the public-status at all.

For problem 1 I could think about an if-else-condition inside the install-script that checks how is_publicis set and depending on it, I could deploy a different .env-file. I’ll probably need to do this in the upgrade and restore-scripts as well. Which seems hacky. Is there a better way?

For problem 2 I don’t know a good way to deal with it except to not deal with it at all.