pub-solar/os
5
0
Fork 2
Code Issues 4 Pull requests Packages Projects 1 Releases Wiki Activity

Add paperless module

Browse source
This commit is contained in:
Hendrik Sokolowski 2023-06-12 17:07:55 +02:00
parent 668fa94359
commit 4f99f73981
2 changed files with 180 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

96
modules/paperless/container.nix Normal file
View file

@ -0,0 +1,96 @@
{
config,
lib,
...
}:
with lib; let
psCfg = config.pub-solar;
cfg = config.pub-solar.paperless;
in {
config.containers."paperless" = mkIf cfg.enable {
autoStart = true;
ephemeral = true;
tmpfs = ["/tmp:size=2G"];
timeoutStartSec = "5min";
bindMounts."/data" = {
hostPath = cfg.hostStateDir;
isReadOnly = false;
};
config = {
config,
pkgs,
...
}: {
networking.firewall.enable = false;
# paperless
services.paperless = {
enable = true;
dataDir = "/data";
consumptionDir = "/data/ftp/consume";
consumptionDirIsPublic = true;
port = 8899;
extraConfig = {
PAPERLESS_OCR_LANGUAGE = "deu+eng";
PAPERLESS_ALLOWED_HOSTS = "${cfg.domain}";
PAPERLESS_CSRF_TRUSTED_ORIGINS = "http://${cfg.domain}";
PAPERLESS_CORS_ALLOWED_HOSTS = "http://${cfg.domain}";
PAPERLESS_FILENAME_FORMAT = "{correspondent}/{created_year}/{asn}_{title}";
};
};
# increase timeout for systemd service
systemd.services."paperless-scheduler".serviceConfig."TimeoutStartSec" = "300";
# ftp
users.users."paperless".extraGroups = mkIf cfg.ftp.enable ["ftp"];
services.vsftpd = mkIf cfg.ftp.enable {
enable = true;
anonymousUser = true;
anonymousUserNoPassword = true;
anonymousUserHome = "/data/ftp";
anonymousUploadEnable = true;
anonymousUmask = "007";
writeEnable = true;
extraConfig = ''
listen=YES
listen_ipv6=NO
listen_port=${toString cfg.ftp.listenPort}
chown_uploads=YES
chown_username=paperless
download_enable=NO
pasv_min_port=${toString cfg.ftp.pasvMinPort}
pasv_max_port=${toString cfg.ftp.pasvMaxPort}
'';
};
# nextcloud
systemd.services.nextcloud-autosync = mkIf cfg.nextcloud.enable {
unitConfig = {
Description = "Auto sync Nextcloud";
After = "network-online.target";
};
serviceConfig = {
User = "paperless";
Type = "simple";
ExecStart = "${pkgs.nextcloud-client}/bin/nextcloudcmd -h -n --path Documents/_paperless /data/media/documents https://data.gssws.de";
TimeoutStopSec = "180";
KillMode = "process";
KillSignal = "SIGINT";
};
wantedBy = ["multi-user.target"];
};
systemd.timers.nextcloud-autosync = mkIf cfg.nextcloud.enable {
unitConfig.Description = "Automatic sync files with Nextcloud and rerun every 60 minutes";
timerConfig.OnUnitActiveSec = "60min";
wantedBy = ["multi-user.target" "timers.target"];
};
};
};
}

84
modules/paperless/default.nix Normal file
View file

@ -0,0 +1,84 @@
{
config,
lib,
...
}:
with lib; let
psCfg = config.pub-solar;
cfg = config.pub-solar.paperless;
in {
imports = [./container.nix];
options.pub-solar.paperless = {
enable = mkEnableOption {default = false;};
openFirewall = mkEnableOption (lib.mdDoc "opening of the relay port(s) in the firewall");
domain = mkOption {
type = types.str;
default = "paperless.local";
};
hostStateDir = mkOption {
type = types.str;
default = "/var/lib/paperless-container";
};
listenPort = mkOption {
type = types.int;
default = 80;
};
# ftp
ftp = {
enable = mkEnableOption (lib.mdDoc ''enable vsftpd ftp service'');
listenPort = mkOption {
type = types.int;
default = 21;
};
pasvMinPort = mkOption {
type = types.int;
default = 20021;
};
pasvMaxPort = mkOption {
type = types.int;
default = 22021;
};
};
# nextcloud
nextcloud = {
enable = mkEnableOption (lib.mdDoc ''enable backup to nextcloud'');
};
};
config = mkIf cfg.enable {
networking.firewall = {
allowedTCPPorts = [
cfg.listenPort
cfg.ftp.listenPort
];
allowedTCPPortRanges = [
{
from = cfg.ftp.pasvMinPort;
to = cfg.ftp.pasvMaxPort;
}
];
};
services.nginx = {
enable = true;
virtualHosts."${cfg.domain}" = {
locations."/" = {
proxyPass = "http://127.0.0.1:8899";
proxyWebsockets = true;
extraConfig = ''
proxy_read_timeout 300s;
proxy_set_header Host ''$host;
proxy_set_header X-Forwarded-For ''$remote_addr;
'';
};
};
};
};
}