Wj
Developer Tools Azure

Wiki.js on Ubuntu 24.04 on Azure User Guide

| Product: Wiki.js on Ubuntu 24.04 LTS on Azure

Overview

Wiki.js is a modern, open-source wiki and documentation platform built on Node.js. The cloudimg image installs Wiki.js 2.5.314 (AGPL-3.0 licensed) to /opt/wikijs, backs it with a local PostgreSQL 16 database bound to loopback, runs it as a hardened systemd service behind an nginx reverse proxy on port 80, persists all content on a dedicated Azure data disk, and completes the first-run setup automatically with a unique administrator account generated on the first boot of every VM. There is no setup wizard to click through - the wiki is ready to sign in to. Backed by 24/7 cloudimg support.

What is included:

  • Wiki.js 2.5.314 in /opt/wikijs, running on Node.js 18
  • A local PostgreSQL 16 backing database bound to loopback (127.0.0.1:5432), never exposed publicly
  • nginx on :80 as a reverse proxy to the loopback Wiki.js backend on 127.0.0.1:3000
  • A per-VM administrator account and fresh JWT signing certificates generated on first boot
  • A dedicated Azure data disk at /var/lib/wikijs holding the PostgreSQL data directory (all pages, assets and history)
  • postgresql@16-main.service, wikijs.service and nginx.service as systemd units, enabled and active
  • 24/7 cloudimg support

Prerequisites

An active Azure subscription, an SSH key pair, and a VNet + subnet in the target region. Standard_B2ms (2 vCPU / 8 GiB RAM) is a good starting point. NSG inbound: allow 22/tcp from your management network and 80/tcp. Wiki.js serves plain HTTP on port 80; for production, terminate TLS in front of it with your own domain.

Step 1 - Deploy from the Azure Marketplace

Sign in to the Azure Portal, choose Create a resource, search the Marketplace for Wiki.js by cloudimg, and select Create. On Basics pick your subscription, resource group, region and size; under Administrator account choose SSH public key and paste your key; under Inbound port rules allow SSH (22) and HTTP (80). Review the dedicated data disk on the Disks tab, then Review + create -> Create.

Step 2 - Deploy from the Azure CLI

az vm create \
  --resource-group <your-rg> \
  --name wikijs \
  --image <marketplace-image-urn> \
  --size Standard_B2ms \
  --admin-username azureuser \
  --ssh-key-values ~/.ssh/id_ed25519.pub \
  --vnet-name <your-vnet> --subnet <your-subnet> \
  --public-ip-sku Standard

az vm open-port --resource-group <your-rg> --name wikijs --port 80 --priority 1010

Step 3 - Connect to your VM

ssh azureuser@<vm-public-ip>

Step 4 - Confirm the services and data disk

Wiki.js runs as wikijs.service (the Node.js app, bound to loopback), backed by postgresql@16-main.service (the local database, also loopback-only), with nginx.service as the public reverse proxy on port 80. The PostgreSQL data directory - which holds every page, asset and revision - lives on a dedicated Azure data disk mounted at /var/lib/wikijs.

systemctl is-active postgresql@16-main.service wikijs.service nginx.service
findmnt -no SOURCE,TARGET,FSTYPE /var/lib/wikijs
node --version

All three services report active, the data disk is mounted ext4, and Node.js reports v18.x. Note in the listeners that PostgreSQL (5432) and Wiki.js (3000) are bound to 127.0.0.1 only - the sole public listener is nginx on :80.

postgresql, wikijs and nginx active, the loopback listeners, and the dedicated data disk

Step 5 - Retrieve your admin password

The administrator password is generated uniquely on the first boot of your VM and written to a root-only file. Confirm the health endpoint is also answering through nginx on port 80:

sudo cat /root/wikijs-credentials.txt
curl -s -o /dev/null -w 'health HTTP %{http_code}\n' http://localhost/health

The file contains WIKIJS_ADMIN_EMAIL (admin@cloudimg.local), WIKIJS_ADMIN_PASSWORD (your unique password) and WIKIJS_URL. The unauthenticated health endpoint returns HTTP 200. Store the password somewhere safe.

The per-VM admin credentials file and the health endpoint returning HTTP 200

Step 6 - Sign in to the web UI

Browse to http://<vm-public-ip>/ and select Login, or go straight to http://<vm-public-ip>/login. Sign in with admin@cloudimg.local and the password from Step 5, using the Local authentication provider.

The Wiki.js local login page served by your VM

After signing in you land on your wiki's home view. On a brand-new wiki this invites you to create your home page or open the administration area.

The authenticated Wiki.js home view

Step 7 - Create your first page

Select Create Home Page (or navigate to any new path and choose to create it). Pick the Markdown editor, give the page a title and path, and start writing. Wiki.js shows a live rendered preview beside the editor; when you are happy, select Create to save and publish the page.

The Wiki.js Markdown editor with a live rendered preview

Step 8 - The administration area

The administration area is at http://<vm-public-ip>/a. Its dashboard shows page, user and group counts and confirms you are running the latest Wiki.js version. Use the left-hand sections to configure your wiki - General (site name and host), Locale, Navigation, Theme, Users, Groups, Authentication (add Azure AD, Google, SAML, LDAP and more), Storage (Git sync, backups) and Search.

The Wiki.js administration dashboard showing version 2.5.314 and site counts

Step 9 - The GraphQL login API

Wiki.js exposes a GraphQL API at /graphql. The authentication.login mutation (with strategy: "local") returns a signed JWT you can use as a bearer token for scripting and integration. Because the request carries your admin password, run it from a trusted shell and read the password from the root-only credentials file rather than typing it inline.

For example, read the password into a shell variable with PW=$(sudo grep '^WIKIJS_ADMIN_PASSWORD=' /root/wikijs-credentials.txt | cut -d= -f2-), then POST the login mutation to http://localhost:3000/graphql with the JSON body {"query":"mutation($u:String!,$p:String!){authentication{login(username:$u,password:$p,strategy:\"local\"){jwt responseResult{succeeded}}}}","variables":{"u":"admin@cloudimg.local","p":"<your-password>"}}. On success the response contains a jwt and "succeeded":true; a wrong password returns no jwt. The screenshot below shows the health check followed by a successful login returning a JWT.

The Wiki.js health check returning HTTP 200 and the admin GraphQL login returning a JWT

Step 10 - Where data lives

All wiki content - pages, assets, uploads, history and search index - is stored in the local PostgreSQL database, whose data directory sits on the dedicated Azure data disk at /var/lib/wikijs. That keeps your content independent of the OS disk and lets you resize or snapshot it on its own:

findmnt -no SOURCE,TARGET,FSTYPE /var/lib/wikijs
sudo du -sh /var/lib/wikijs/postgresql

The PostgreSQL cluster lives under /var/lib/wikijs/postgresql/16/main. The database listens on 127.0.0.1:5432 only; to connect a local psql or a GUI, open an SSH tunnel from your workstation with ssh -L 5432:127.0.0.1:5432 azureuser@<vm-public-ip> - never expose 5432 to the internet without TLS.

Step 11 - Enable HTTPS for production

Wiki.js is served as plain HTTP on port 80. For production, put your own domain in front and terminate TLS - for example by installing certbot and an nginx TLS server block, or by placing the VM behind an Azure Application Gateway or Front Door with a managed certificate. After enabling HTTPS, set your site host to the https:// address in Administration -> General so generated links use it.

Maintenance

  • Restart the app: sudo systemctl restart wikijs.service
  • View logs: sudo journalctl -u wikijs.service -e
  • Database: the backing cluster is postgresql@16-main.service; connect locally with sudo -u postgres psql wikijs.
  • OS updates: unattended-upgrades is enabled; apply the latest security updates with sudo apt-get update && sudo apt-get -y upgrade and reboot if a new kernel is installed.
  • Back up: snapshot the /var/lib/wikijs data disk, or run a pg_dump of the wikijs database while the service is quiescent.

Support

This image is maintained by cloudimg with 24/7 support. Wiki.js is licensed under AGPL-3.0. "Wiki.js" is a trademark of its respective owners; this image is provided by cloudimg and is not endorsed by or affiliated with the Wiki.js project.