103 lines
2.3 KiB
YAML
103 lines
2.3 KiB
YAML
image:
|
|
repository: requarks/wiki
|
|
tag: 2.5.300
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 3000
|
|
|
|
ingress:
|
|
enabled: true
|
|
className: traefik
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
hosts:
|
|
- host: wiki.dvirlabs.com
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- secretName: wikijs-tls
|
|
hosts:
|
|
- wiki.dvirlabs.com
|
|
|
|
postgresql:
|
|
enabled: true
|
|
postgresqlUsername: wikijs
|
|
postgresqlPassword: wikijs123
|
|
postgresqlDatabase: wiki
|
|
persistence:
|
|
enabled: true
|
|
size: 30Gi
|
|
storageClass: nfs-client
|
|
accessMode: ReadWriteOnce
|
|
|
|
env:
|
|
DB_TYPE: postgres
|
|
DB_HOST: localhost
|
|
DB_PORT: 5432
|
|
DB_USER: wikijs
|
|
DB_PASS: wikijs123
|
|
DB_NAME: wiki
|
|
|
|
nodeSelector:
|
|
node-role.kubernetes.io/worker: "true"
|
|
|
|
# 🚀 Initial admin registration + groups
|
|
initialSetup:
|
|
enabled: true
|
|
defaultEmail: dvirlabs@gmail.com
|
|
defaultPassword: changeThisNow
|
|
|
|
# 👥 Auto-create groups with permissions
|
|
initialGroups:
|
|
- name: wikijs-admins
|
|
system: false
|
|
permissions:
|
|
- pages.view
|
|
- pages.create
|
|
- pages.update
|
|
- pages.delete
|
|
- administration.access
|
|
- users.manage
|
|
- groups.manage
|
|
|
|
- name: wikijs-users
|
|
system: false
|
|
permissions:
|
|
- pages.view
|
|
- pages.create
|
|
- pages.update
|
|
|
|
- name: Guests
|
|
system: true
|
|
permissions:
|
|
- pages.view
|
|
|
|
# 🔐 Authentication provider (OIDC / Keycloak)
|
|
authentication:
|
|
oauth2:
|
|
enabled: true
|
|
allowSelfRegistration: true
|
|
autoAssignGroups:
|
|
- Guests
|
|
clientId: wikijs
|
|
clientSecret: ccBWA0WqVjWJSRglp7f2EFRcFHIYYkTX
|
|
authorizationEndpoint: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/auth
|
|
tokenEndpoint: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/token
|
|
userInfoEndpoint: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/userinfo
|
|
logoutEndpoint: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/logout
|
|
scope: openid profile email
|
|
prompt: auto
|
|
domainWhitelist:
|
|
- dvirlabs.com
|
|
mapGroups:
|
|
enabled: true
|
|
claim: groups
|
|
mappings:
|
|
- source: wikijs-admins
|
|
target: wikijs-admins
|
|
- source: wikijs-users
|
|
target: wikijs-users
|