noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-11-04 11:43:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ebbc9c5a5d46cbed0564edb23216ddda8608327c
dotfiles/platforms/nixos/modules/nmasur/presets/services/paperless/paperless.nix
Noah Masur 54948353dd enable paperless email processing to pdf
2025-09-16 11:44:56 +00:00

78 lines
2.4 KiB
Nix
Raw Blame History

# Paperless-ngx is a document scanning and management solution.
{ config, lib, ... }:
let
inherit (config.nmasur.settings) hostnames username;
cfg = config.nmasur.presets.services.paperless;
in
{
options.nmasur.presets.services.paperless.enable =
lib.mkEnableOption "Paperless-ngx document manager";
config = lib.mkIf cfg.enable {
services.paperless = {
enable = true;
mediaDir = "/data/generic/paperless";
passwordFile = config.secrets.paperless.dest;
configureTika = true; # Enable processing of emails
settings = {
PAPERLESS_OCR_USER_ARGS = builtins.toJSON { invalidate_digital_signatures = true; };
PAPERLESS_URL = "https://${hostnames.paperless}";
PAPERLESS_DATE_ORDER = "MDY"; # Check document for US-formatted dates
# Enable if changing the path name in Caddy
# PAPERLESS_FORCE_SCRIPT_NAME = "/paperless";
# PAPERLESS_STATIC_URL = "/paperless/static/";
};
};
# Allow Nextcloud and user to see files
users.users.nextcloud.extraGroups = lib.mkIf config.services.nextcloud.enable [ "paperless" ];
users.users.${username}.extraGroups = [ "paperless" ];
nmasur.presets.services.caddy.routes = [
{
match = [
{
host = [ hostnames.paperless ];
# path = [ "/paperless*" ]; # Change path name in Caddy
}
];
handle = [
{
handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${builtins.toString config.services.paperless.port}"; } ];
}
];
}
];
# Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.paperless ];
secrets.paperless = {
source = ./paperless.age;
dest = "${config.secretsDirectory}/paperless";
owner = "paperless";
group = "paperless";
permissions = "0440";
};
systemd.services.paperless-secret = {
requiredBy = [ "paperless.service" ];
before = [ "paperless.service" ];
};
# Fix paperless shared permissions
systemd.services.paperless-web.serviceConfig.UMask = lib.mkForce "0026";
systemd.services.paperless-scheduler.serviceConfig.UMask = lib.mkForce "0026";
systemd.services.paperless-task-queue.serviceConfig.UMask = lib.mkForce "0026";
# Backups
services.restic.backups.default.paths = [ "/data/generic/paperless/documents" ];
};
}
Reference in New Issue View Git Blame Copy Permalink