diff --git a/docker-compose.yml b/docker-compose.yml
index e67a8263..173935c2 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -879,7 +879,7 @@ services:
     networks:
       - changemaker-lite
 
-  # Gancio Init — Seeds default theme settings after Gancio creates its tables
+  # Gancio Init — Creates admin user + seeds default theme settings after Gancio creates its tables
   # Runs once after Gancio is healthy, then exits. Idempotent (ON CONFLICT DO NOTHING).
   gancio-init:
     image: postgres:16-alpine
@@ -892,9 +892,24 @@ services:
       - PGUSER=${V2_POSTGRES_USER:-changemaker}
       - PGPASSWORD=${V2_POSTGRES_PASSWORD:-changemaker}
       - PGDATABASE=gancio
+      - GANCIO_ADMIN_USER=${GANCIO_ADMIN_USER:-admin}
+      - GANCIO_ADMIN_PASSWORD=${GANCIO_ADMIN_PASSWORD}
     entrypoint: ["sh", "-c"]
     command:
       - |
+        echo "Ensuring pgcrypto extension exists..."
+        psql -c "CREATE EXTENSION IF NOT EXISTS pgcrypto;"
+
+        echo "Creating Gancio admin user (if not exists)..."
+        if [ -n "$$GANCIO_ADMIN_PASSWORD" ]; then
+          psql -c "INSERT INTO users (email, password, display_name, role, is_admin, is_active, \"createdAt\", \"updatedAt\")
+            VALUES ('$$GANCIO_ADMIN_USER', crypt('$$GANCIO_ADMIN_PASSWORD', gen_salt('bf', 10)), 'Admin', 'admin', true, true, NOW(), NOW())
+            ON CONFLICT (email) DO NOTHING;"
+          echo "Gancio admin user ensured."
+        else
+          echo "WARNING: GANCIO_ADMIN_PASSWORD not set, skipping admin user creation."
+        fi
+
         echo "Seeding Gancio default theme settings..."
         psql -c "INSERT INTO settings (key, value, is_secret, \"createdAt\", \"updatedAt\") VALUES
           ('dark_colors', '{\"primary\": \"#FF6E40\", \"error\": \"#FF5252\", \"info\": \"#2196F3\", \"success\": \"#4CAF50\", \"warning\": \"#FB8C00\"}', false, NOW(), NOW()),