Add configurable admin password via environment variable

backend/app/auth.py

@@ -360,21 +360,36 @@ def create_default_admin(db: Session) -> Optional[User]:
     """Create the default admin user if no users exist.
 
     Returns the created user, or None if users already exist.
+
+    The admin password can be set via ORCHARD_ADMIN_PASSWORD environment variable.
+    If not set, defaults to 'changeme123' and requires password change on first login.
     """
     # Check if any users exist
     user_count = db.query(User).count()
     if user_count > 0:
         return None
 
+    settings = get_settings()
+
+    # Use configured password or default
+    password = settings.admin_password if settings.admin_password else "changeme123"
+    # Only require password change if using the default password
+    must_change = not settings.admin_password
+
     # Create default admin
     auth_service = AuthService(db)
     admin = auth_service.create_user(
         username="admin",
-        password="changeme123",
+        password=password,
         is_admin=True,
-        must_change_password=True,
+        must_change_password=must_change,
     )
 
+    if settings.admin_password:
+        logger.info("Created default admin user with configured password")
+    else:
+        logger.info("Created default admin user with default password (changeme123)")
+
     return admin