okk.moe / homelab
🏡 my personal home lab
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

paperless

Jen Stehlik 3e1fe10a 5da38b1e

+82
+1
hosts/rk1-node-1.nix
··· 3 3 imports = [ 4 4 ../modules/common.nix 5 5 ../modules/continuwuity.nix 6 + ../modules/paperless.nix 6 7 ]; 7 8 8 9 system.stateVersion = "25.11";
+3
modules/caddy.nix
··· 121 121 reverse_proxy cm4-node-2:8080 122 122 } 123 123 ''; 124 + "paperless.goo.garden".extraConfig = '' 125 + reverse_proxy rk1-node-1:28981 126 + ''; 124 127 "screen.goo.garden".extraConfig = '' 125 128 reverse_proxy cm4-node-2:5050 126 129 '';
+78
modules/paperless.nix
··· 1 + { config, ... }: 2 + { 3 + services.paperless = { 4 + enable = true; 5 + address = "0.0.0.0"; 6 + port = 28981; 7 + dataDir = "/mnt/nas/data/paperless"; 8 + passwordFile = config.sops.secrets.paperless-admin-password.path; 9 + environmentFile = config.sops.templates."paperless.env".path; 10 + database.createLocally = true; 11 + settings = { 12 + PAPERLESS_URL = "https://paperless.goo.garden"; 13 + PAPERLESS_OCR_LANGUAGE = "deu+eng"; 14 + PAPERLESS_APPS = "allauth.socialaccount.providers.openid_connect"; 15 + PAPERLESS_REDIRECT_LOGIN_TO_SSO = "true"; 16 + PAPERLESS_CONSUMER_IGNORE_PATTERN = [ 17 + ".DS_STORE/*" 18 + "desktop.ini" 19 + ]; 20 + }; 21 + }; 22 + 23 + services.postgresqlBackup = { 24 + enable = true; 25 + databases = [ "paperless" ]; 26 + startAt = "*-*-* 02:00:00"; 27 + }; 28 + 29 + systemd.tmpfiles.rules = [ 30 + "d /mnt/nas/data/paperless 0750 root root -" 31 + ]; 32 + 33 + systemd.services.paperless-scheduler = { 34 + after = [ "mnt-nas.mount" ]; 35 + requires = [ "mnt-nas.mount" ]; 36 + }; 37 + systemd.services.paperless-web = { 38 + after = [ "mnt-nas.mount" ]; 39 + requires = [ "mnt-nas.mount" ]; 40 + }; 41 + systemd.services.paperless-consumer = { 42 + after = [ "mnt-nas.mount" ]; 43 + requires = [ "mnt-nas.mount" ]; 44 + }; 45 + systemd.services.paperless-task-queue = { 46 + after = [ "mnt-nas.mount" ]; 47 + requires = [ "mnt-nas.mount" ]; 48 + }; 49 + 50 + sops.templates."paperless.env".content = 51 + let 52 + oidcConfig = builtins.toJSON { 53 + openid_connect = { 54 + OAUTH_PKCE_ENABLED = true; 55 + APPS = [ 56 + { 57 + provider_id = "pocket-id"; 58 + name = "Pocket ID"; 59 + client_id = config.sops.placeholder.paperless-oidc-client-id; 60 + secret = config.sops.placeholder.paperless-oidc-client-secret; 61 + settings = { 62 + server_url = "https://id.goo.garden/.well-known/openid-configuration"; 63 + }; 64 + } 65 + ]; 66 + }; 67 + }; 68 + in 69 + '' 70 + PAPERLESS_SOCIALACCOUNT_PROVIDERS=${oidcConfig} 71 + ''; 72 + 73 + sops.secrets.paperless-admin-password = { }; 74 + sops.secrets.paperless-oidc-client-id = { }; 75 + sops.secrets.paperless-oidc-client-secret = { }; 76 + 77 + networking.firewall.allowedTCPPorts = [ 28981 ]; 78 + }