diff --git a/build.gradle b/build.gradle
index 4bcfa75ee9..9335940710 100644
--- a/build.gradle
+++ b/build.gradle
@@ -164,6 +164,10 @@ project.ext {
   VersionNumber v = VersionNumber.parse(project.version)
   nextSnapshotVersion = "${v.major}.${v.minor}.${v.micro + 1}-SNAPSHOT"
 
+  // base url for generating links such as
+  // https://scm-manager.org/docs/3.4.x/en/installation/k8s/
+  documentationUrl = "https://scm-manager.org/docs/${v.major}.${v.minor}.x"
+
   isCI = isRunningOnCiServer()
   os = os()
   arch = arch()
diff --git a/docs/en/administration/scm-server.md b/docs/en/administration/scm-server.md
index df6281cda4..10a717116c 100644
--- a/docs/en/administration/scm-server.md
+++ b/docs/en/administration/scm-server.md
@@ -8,7 +8,6 @@ SCM-Manager v3 can be configured in several ways. We recommend using `config.yml
 one place. However, if required, each option in this configuration can also be set via environment variables.
 See the relevant topics below for more information.
 
-
 ## Webserver Configuration
 
 The listener host and port of your SCM-Server can directly be edited in the top level of your `config.yml`.
@@ -19,7 +18,7 @@ If you want your server without a context path (use `root path`), you can change
 ```yaml
 # This is the host adresse, `0.0.0.0` means it listens on every interface
 addressBinding: 0.0.0.0
-# This is the exposed port for your application 
+# This is the exposed port for your application
 port: 8080
 contextPath: /
 httpHeaderSize: 16384
@@ -28,7 +27,7 @@ httpHeaderSize: 16384
 **Environment variables**
 
 | Environment Variable | Corresponding config.yml property | Example                            |
-|----------------------|-----------------------------------|------------------------------------|
+| -------------------- | --------------------------------- | ---------------------------------- |
 | SCM_ADDRESS_BINDING  | addressBinding                    | export SCM_ADDRESS_BINDING=0.0.0.0 |
 | SCM_PORT             | port                              | export SCM_PORT=8080               |
 | SCM_CONTEXT_PATH     | contextPath                       | export SCM_CONTEXT_PATH=/          |
@@ -106,7 +105,7 @@ https:
   keyStorePassword: secret
   # The type of your keystore. Use pkcs12 or jks for java keystore.
   keyStoreType: PKCS12
-  # The port of your https connector 
+  # The port of your https connector
   sslPort: 443
   # Automatically redirects incoming http requests to this https connector
   redirectHttpToHttps: true
@@ -115,7 +114,7 @@ https:
 **Environment variables**
 
 | Environment Variable             | Corresponding config.yml property | Example                                               |
-|----------------------------------|-----------------------------------|-------------------------------------------------------|
+| -------------------------------- | --------------------------------- | ----------------------------------------------------- |
 | SCM_HTTPS_KEY_STORE_PATH         | https.keyStorePath                | export SCM_HTTPS_KEY_STORE_PATH=/conf/keystore.pkcs12 |
 | SCM_HTTPS_KEY_STORE_PASSWORD     | https.keyStorePassword            | export SCM_HTTPS_KEY_STORE_PASSWORD=secret            |
 | SCM_HTTPS_KEY_STORE_TYPE         | https.keyStoreType                | export SCM_HTTPS_KEY_STORE_TYPE=PKCS12                |
@@ -146,7 +145,7 @@ webapp:
 **Environment variables**
 
 | Environment Variable | Corresponding config.yml property | Example                                 |
-|----------------------|-----------------------------------|-----------------------------------------|
+| -------------------- | --------------------------------- | --------------------------------------- |
 | SCM_TEMP_DIR         | tempDir                           | export SCM_TEMP_DIR=/tmp                |
 | SCM_WEBAPP_HOMEDIR   | webapp.homeDir                    | export SCM_WEBAPP_HOMEDIR=./scm-home    |
 | SCM_WEBAPP_WORKDIR   | webapp.workDir                    | export SCM_WEBAPP_WORKDIR=/etc/scm/work |
@@ -173,7 +172,7 @@ idleTimeout: 300000
 **Environment variables**
 
 | Environment Variable        | Corresponding config.yml property | Example                                 |
-|-----------------------------|-----------------------------------|-----------------------------------------|
+| --------------------------- | --------------------------------- | --------------------------------------- |
 | SCM_FORWARD_HEADERS_ENABLED | forwardHeadersEnabled             | export SCM_FORWARD_HEADERS_ENABLED=true |
 | SCM_IDLE_TIMEOUT            | idleTimeout                       | export SCM_IDLE_TIMEOUT=300000          |
 
@@ -196,6 +195,12 @@ webapp:
       enabled: true
     store:
       enabled: true
+  # name of initial admin user (this is normally set over the ui on the first start)
+  initialUser: scmadmin
+  # password of initial admin user (this is normally set over the ui on the first start)
+  initialPassword: scmadmin
+  # if true skip the creation of initial admin user completely
+  skipAdminCreation: false
   ## Warning: Enabling this option can lead to security issue.
   endlessJwt: false
   ## Number of async threads
@@ -214,7 +219,7 @@ webapp:
 **Environment variables**
 
 | Environment Variable                | Corresponding config.yml property | Example                                                                                          |
-|-------------------------------------|-----------------------------------|--------------------------------------------------------------------------------------------------|
+| ----------------------------------- | --------------------------------- | ------------------------------------------------------------------------------------------------ |
 | SCM_WEBAPP_WORKDIR                  | webapp.workDir                    | export SCM_WEBAPP_WORKDIR=/tmp/scm-work                                                          |
 | SCM_WEBAPP_HOMEDIR                  | webapp.homeDir                    | export SCM_WEBAPP_HOMEDIR=/var/lib/scm                                                           |
 | SCM_WEBAPP_CACHE_DATAFILE_ENABLED   | webapp.cache.datafile.enabled     | export SCM_WEBAPP_CACHE_DATAFILE_ENABLED=true                                                    |
@@ -225,3 +230,6 @@ webapp:
 | SCM_WEBAPP_CENTRALWORKQUEUE_WORKERS | webapp.centralWorkQueue.workers   | export SCM_WEBAPP_CENTRALWORKQUEUE_WORKERS=4                                                     |
 | SCM_WEBAPP_WORKINGCOPYPOOLSTRATEGY  | webapp.workingCopyPoolStrategy    | export SCM_WEBAPP_WORKINGCOPYPOOLSTRATEGY=sonia.scm.repository.work.SimpleCachingWorkingCopyPool |
 | SCM_WEBAPP_WORKINGCOPYPOOLSIZE      | webapp.workingCopyPoolSize        | export SCM_WEBAPP_WORKINGCOPYPOOLSIZE=5                                                          |
+| SCM_WEBAPP_INITIALUSER              | webapp.initialUser                | export SCM_WEBAPP_INITIALUSER=scmadmin                                                           |
+| SCM_WEBAPP_INITIALPASSWORD          | webapp.initialPassword            | export SCM_WEBAPP_INITIALPASSWORD=scmadmin                                                       |
+| SCM_WEBAPP_SKIPADMINCREATION        | webapp.skipAdminCreation          | export SCM_WEBAPP_SKIPADMINCREATION=true                                                         |
diff --git a/docs/en/first-startup/index.md b/docs/en/first-startup/index.md
index b5efcce48d..65e54e44a4 100644
--- a/docs/en/first-startup/index.md
+++ b/docs/en/first-startup/index.md
@@ -31,9 +31,8 @@ The password of the administration user cannot be recovered.
 # Bypass User Creation Form
 
 For automated processes, you might want to bypass the initial user creation. To do so, you can set the initial password
-in a system property `scm.initialPassword`. If this is present, a user `scmadmin` with this password will be created,
-if it does not already exist. To change the name of this user, you can set this with the property `scm.initialUser`
-in addition. 
+in an environment variable `SCM_WEBAPP_INITIALPASSWORD`. If this is present, a user `scmadmin` with this password will be created,
+if it does not already exist. To change the name of this user, you can set this with the environment variable `SCM_WEBAPP_INITIALUSER` in addition.
 
 When set, this also causes the initialization to skip the Plugin Wizard.
 
diff --git a/scm-packaging/helm/build.gradle b/scm-packaging/helm/build.gradle
index 25452dd3a4..bc6ba80a3b 100644
--- a/scm-packaging/helm/build.gradle
+++ b/scm-packaging/helm/build.gradle
@@ -43,7 +43,8 @@ helm {
         enabled = true
         values = [
           dockerRepository: dockerRepository,
-          dockerTag: dockerTag
+          dockerTag: dockerTag,
+          documentationUrl: documentationUrl
         ]
       }
     }
diff --git a/scm-packaging/helm/src/main/chart/values.yaml b/scm-packaging/helm/src/main/chart/values.yaml
index 2de7483a75..3b61aa6216 100644
--- a/scm-packaging/helm/src/main/chart/values.yaml
+++ b/scm-packaging/helm/src/main/chart/values.yaml
@@ -147,14 +147,19 @@ lifecycleHooks: |
 
 # extraEnv -- Additional environment variables, parsed through tpl function
 extraEnv: |
-#  - name: TZ
-#    value: "{{.Values.timezone}}"
+#  - name: SCM_WEBAPP_INITIALUSER
+#    value: "admin"
+#  - name: SCM_WEBAPP_INITIALPASSWORD
+#    value: "supersecretadminpassword"
 
 # extraEnvFrom -- Additional environment variables mapped from Secret or ConfigMap, parsed through tpl function
 extraEnvFrom: |
 #  - secretRef:
 #      name: "{{.Values.mail.credentials}}"
 
+# for a list of available environment variables have a look at:
+# ${documentationUrl}/en/administration/scm-server/
+
 # extraVolumes -- Add additional volumes, parsed through tpl function
 extraVolumes: |
 #  - name: bucket-service-account
@@ -172,8 +177,6 @@ extraVolumeMounts: |
 
 # extraArgs -- Add additional arguments on startup
 extraArgs: []
-#  - "-Dscm.initialPassword=admin"
-#  - "-Dscm.initialUser=admin"
 
 # forceRedeploy - Forces a redeployment in the cluster on every change even if the chart has not changed significantly
 forceRedeploy: false