image: repository: requarks/wiki tag: 2.5.300 service: type: ClusterIP port: 3000 ingress: enabled: true className: traefik annotations: traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" hosts: - host: wiki.dvirlabs.com paths: - path: / pathType: Prefix tls: - secretName: wikijs-tls hosts: - wiki.dvirlabs.com postgresql: enabled: true postgresqlUsername: wikijs postgresqlPassword: wikijs123 postgresqlDatabase: wiki persistence: enabled: true size: 30Gi storageClass: nfs-client accessMode: ReadWriteOnce env: DB_TYPE: postgres DB_HOST: localhost DB_PORT: 5432 DB_USER: wikijs DB_PASS: wikijs123 DB_NAME: wiki nodeSelector: node-role.kubernetes.io/worker: "true" # 🚀 Initial admin registration + groups initialSetup: enabled: true defaultEmail: dvirlabs@gmail.com defaultPassword: changeThisNow # 👥 Auto-create groups with permissions initialGroups: - name: wikijs-admins system: false permissions: - pages.view - pages.create - pages.update - pages.delete - administration.access - users.manage - groups.manage - name: wikijs-users system: false permissions: - pages.view - pages.create - pages.update - name: Guests system: true permissions: - pages.view # 🔐 Authentication provider (OIDC / Keycloak) authentication: oauth2: enabled: true allowSelfRegistration: true autoAssignGroups: - Guests clientId: wikijs clientSecret: ccBWA0WqVjWJSRglp7f2EFRcFHIYYkTX authorizationEndpoint: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/auth tokenEndpoint: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/token userInfoEndpoint: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/userinfo logoutEndpoint: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/logout scope: openid profile email prompt: auto domainWhitelist: - dvirlabs.com mapGroups: enabled: true claim: groups mappings: - source: wikijs-admins target: wikijs-admins - source: wikijs-users target: wikijs-users