xyno/nix-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

paperless

Browse source
This commit is contained in:
Lucy Hochkamp 2025-03-30 16:56:57 +02:00
parent bde01c887c
commit a38e5fd3a9
No known key found for this signature in database
3 changed files with 83 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
hosts/ds9/authentik.nix
View file

@ -8,7 +8,7 @@
virtualisation.quadlet =
{
containers = {
authentik-server.containerConfig.image = "ghcr.io/goauthentik/server:2024.12.3";
authentik-server.containerConfig.image = "ghcr.io/goauthentik/server:2025.2.3";
authentik-server.containerConfig.exec = "server";
authentik-server.containerConfig.networks = [
@ -31,7 +31,7 @@
authentik-server.containerConfig.environmentFiles = [
config.age.secrets.ds9AuthentikEnv.path
];
authentik-worker.containerConfig.image = "ghcr.io/goauthentik/server:2024.12.3";
authentik-worker.containerConfig.image = "ghcr.io/goauthentik/server:2025.2.3";
authentik-worker.containerConfig.exec = "worker";
authentik-worker.containerConfig.networks = [
@ -54,7 +54,7 @@
config.age.secrets.ds9AuthentikEnv.path
];
authentik-worker.serviceConfig.TimeoutStartSec = "60";
authentik-ldap.containerConfig.image = "ghcr.io/goauthentik/ldap:2024.12.3";
authentik-ldap.containerConfig.image = "ghcr.io/goauthentik/ldap:2025.2.3";
authentik-ldap.containerConfig.networks = [
"podman"

5
hosts/ds9/default.nix
View file

@ -12,6 +12,7 @@ in
./backup.nix
# ./plex.nix
./samba.nix
./paperless.nix
../../nixos-modules/networking/tailscale.nix
../../nixos-modules/services/docker.nix
@ -232,6 +233,10 @@ in
handle @labello {
import podmanRedirWithAuth http://labello:4242
}
@paperless host paperless.hailsatan.eu
handle @paperless {
import podmanRedirWithAuth http://paperless-server:8000
}
@archivebox host archivebox.hailsatan.eu
handle @archivebox {
handle /api/* {

75
hosts/ds9/paperless.nix Normal file
View file

@ -0,0 +1,75 @@
{
pkgs,
config,
lib,
inputs,
...
}:
{
virtualisation.quadlet = {
containers = {
paperless-server.containerConfig.image = "ghcr.io/paperless-ngx/paperless-ngx:latest";
paperless-server.containerConfig.networks = [
"podman"
"db-net"
"paperless-net"
];
paperless-server.containerConfig.volumes = [
"paperless-media:/usr/src/paperless/media"
"paperless-data:/usr/src/paperless/data"
"/data/paperless-export:/usr/src/paperless/export"
"/data/paperless-consume:/usr/src/paperless/consume"
];
paperless-server.containerConfig.environments = {
PAPERLESS_REDIS = "redis://paperless-redis:6379";
PAPERLESS_DBHOST = "postgres";
PAPERLESS_TIKA_ENABLED = "1";
PAPERLESS_TIKA_GOTENBERG_ENDPOINT = "http://paperless-gotenberg:3000";
PAPERLESS_TIKA_ENDPOINT = "http://paperless-tika:9998";
USERMAP_UID = "1000";
USERMAP_GID = "100";
PAPERLESS_URL = "https://paperless.hailsatan.eu";
PAPERLESS_TIME_ZONE = "Europe/Berlin";
PAPERLESS_OCR_LANGUAGE = "deu";
PAPERLESS_TRUSTED_PROXIES = "10.89.0.1";
PAPERLESS_ENABLE_HTTP_REMOTE_USER = "true";
PAPERLESS_ENABLE_HTTP_REMOTE_API = "true";
PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME = "HTTP_X_AUTHENTIK_USERNAME";
PAPERLESS_DISABLE_REGULAR_LOGIN = "true";
};
paperless-server.serviceConfig.TimeoutStartSec = "60";
paperless-redis.containerConfig.image = "docker.io/library/redis:alpine";
paperless-redis.containerConfig.networks = [
"paperless-net"
];
paperless-redis.containerConfig.volumes = [ "paperless-redis:/data" ];
paperless-redis.serviceConfig.TimeoutStartSec = "60";
paperless-gotenberg = {
containerConfig = {
image = "docker.io/gotenberg/gotenberg:8.7";
exec = "gotenberg --chromium-disable-javascript=true --chromium-allow-list=file:///tmp/.*";
networks = [
"paperless-net"
];
};
serviceConfig.TimeoutStartSec = "60";
};
paperless-tika = {
containerConfig = {
image = "docker.io/apache/tika:latest";
networks = [
"paperless-net"
];
};
serviceConfig.TimeoutStartSec = "60";
};
};
networks = {
paperless.networkConfig.ipv6 = true;
paperless.networkConfig.name = "paperless-net";
paperless.networkConfig.internal = true;
};
};
}