mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-22 18:05:37 +00:00
enable paperless-ngx document management
This commit is contained in:
parent
a5615da7dc
commit
09563de935
@ -206,6 +206,7 @@
|
|||||||
git = "git.${baseName}";
|
git = "git.${baseName}";
|
||||||
metrics = "metrics.${baseName}";
|
metrics = "metrics.${baseName}";
|
||||||
prometheus = "prom.${baseName}";
|
prometheus = "prom.${baseName}";
|
||||||
|
paperless = "paper.${baseName}";
|
||||||
secrets = "vault.${baseName}";
|
secrets = "vault.${baseName}";
|
||||||
stream = "stream.${baseName}";
|
stream = "stream.${baseName}";
|
||||||
content = "cloud.${baseName}";
|
content = "cloud.${baseName}";
|
||||||
|
@ -79,6 +79,7 @@ inputs.nixpkgs.lib.nixosSystem {
|
|||||||
services.prometheus.enable = false;
|
services.prometheus.enable = false;
|
||||||
services.vmagent.enable = true;
|
services.vmagent.enable = true;
|
||||||
services.samba.enable = true;
|
services.samba.enable = true;
|
||||||
|
services.paperless.enable = true;
|
||||||
|
|
||||||
# Allows private remote access over the internet
|
# Allows private remote access over the internet
|
||||||
cloudflareTunnel = {
|
cloudflareTunnel = {
|
||||||
|
@ -75,6 +75,10 @@
|
|||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
description = "Hostname for metrics server.";
|
description = "Hostname for metrics server.";
|
||||||
};
|
};
|
||||||
|
paperless = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
description = "Hostname for document server (paperless-ngx).";
|
||||||
|
};
|
||||||
prometheus = lib.mkOption {
|
prometheus = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
description = "Hostname for Prometheus server.";
|
description = "Hostname for Prometheus server.";
|
||||||
|
@ -19,6 +19,7 @@
|
|||||||
./n8n.nix
|
./n8n.nix
|
||||||
./netdata.nix
|
./netdata.nix
|
||||||
./nextcloud.nix
|
./nextcloud.nix
|
||||||
|
./paperless.nix
|
||||||
./prometheus.nix
|
./prometheus.nix
|
||||||
./samba.nix
|
./samba.nix
|
||||||
./secrets.nix
|
./secrets.nix
|
||||||
|
48
modules/nixos/services/paperless.nix
Normal file
48
modules/nixos/services/paperless.nix
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
{ config, lib, ... }: {
|
||||||
|
|
||||||
|
config = lib.mkIf config.services.paperless.enable {
|
||||||
|
|
||||||
|
services.paperless = {
|
||||||
|
mediaDir = "/data/generic/paperless";
|
||||||
|
passwordFile = config.secrets.paperless.dest;
|
||||||
|
extraConfig = {
|
||||||
|
PAPERLESS_OCR_USER_ARGS =
|
||||||
|
builtins.toJSON { invalidate_digital_signatures = true; };
|
||||||
|
|
||||||
|
# Enable if changing the path name in Caddy
|
||||||
|
# PAPERLESS_FORCE_SCRIPT_NAME = "/paperless";
|
||||||
|
# PAPERLESS_STATIC_URL = "/paperless/static/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users.paperless.extraGroups = [ "generic" ];
|
||||||
|
|
||||||
|
caddy.routes = [{
|
||||||
|
match = [{
|
||||||
|
host = [ config.hostnames.paperless ];
|
||||||
|
# path = [ "/paperless*" ]; # Change path name in Caddy
|
||||||
|
}];
|
||||||
|
handle = [{
|
||||||
|
handler = "reverse_proxy";
|
||||||
|
upstreams = [{
|
||||||
|
dial =
|
||||||
|
"localhost:${builtins.toString config.services.paperless.port}";
|
||||||
|
}];
|
||||||
|
}];
|
||||||
|
}];
|
||||||
|
|
||||||
|
secrets.paperless = {
|
||||||
|
source = ../../../private/prometheus.age;
|
||||||
|
dest = "${config.secretsDirectory}/paperless";
|
||||||
|
owner = "paperless";
|
||||||
|
group = "paperless";
|
||||||
|
permissions = "0440";
|
||||||
|
};
|
||||||
|
systemd.services.paperless-secret = {
|
||||||
|
requiredBy = [ "paperless.service" ];
|
||||||
|
before = [ "paperless.service" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
15
private/paperless.age
Normal file
15
private/paperless.age
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBWY3N0
|
||||||
|
VkY0Y2tLQnNhZWdRVzFxU0plWThveUthK2NjZWNhZDd5ZGtXVVZ3CjVPc3YxbnBM
|
||||||
|
MmozZFlORVppQmJrQ2ovWEFVVm81ZlBpRCtQQmRiNnBCaVUKLT4gc3NoLWVkMjU1
|
||||||
|
MTkgWXlTVU1RIEtvRFJEQXJLNjlyRldpM2pMdXNxWVZmVFl2NVJjRUtuQzNtbmJq
|
||||||
|
UTBDR2cKQ1J4cHVkWHJZU1M4dnFIekx2ejlua0NjUUtET0EwN24rY2NPcGQ5eEp1
|
||||||
|
TQotPiBzc2gtZWQyNTUxOSBuanZYNUEgVnBQOHV5VUk0N2lyU2NkdXovQmJYVGhL
|
||||||
|
dnUwTG9oZkZKOUxFWTNiZkhBbwo2WjgyNHBhaGtFREJGVDk5TzJhZjRzKytaLzZR
|
||||||
|
TDQxeU9pY24zQnJBYmN3Ci0+IHNzaC1lZDI1NTE5IENxSU9VQSBQQ3I2YnNNZVlX
|
||||||
|
TEhNbWhRSjJRbk9DYnJIRUFieDBMRUtBRVhxZ1RQcVNNClNzU0VPMnh5bUFGVTZm
|
||||||
|
ekJLSzFjT3dHVVdoQ3A5ZStCUk83Qk5rcWZmN3MKLS0tIFdvRG1mYzdUenhndkY2
|
||||||
|
amo0ZGpjQkdabUdNRUJwV29CRXByVk8ySEZzTzAKsDY+DVJqZb/jCn6Xa/OqNheR
|
||||||
|
uNlV5vVKUaZu5F+MTZqZaRYdn66TJVXgz5GydbgwQGs3l0K67ikPiTOoln0FapnB
|
||||||
|
TQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
Loading…
Reference in New Issue
Block a user