From 3a56b30a9112e8ef5ce16cc6fc313ab763d46efd Mon Sep 17 00:00:00 2001 From: Swarsel Date: Fri, 4 Oct 2024 18:05:04 +0200 Subject: [PATCH] feat: init paperless for winters --- SwarselSystems.org | 65 +++++++++++++++++++++++++--- profiles/server/common/default.nix | 1 + profiles/server/common/immich.nix | 9 ++-- profiles/server/common/nextcloud.nix | 2 +- profiles/server/common/nfs.nix | 2 +- profiles/server/common/paperless.nix | 48 ++++++++++++++++++++ 6 files changed, 114 insertions(+), 13 deletions(-) create mode 100644 profiles/server/common/paperless.nix diff --git a/SwarselSystems.org b/SwarselSystems.org index c80b206c..d9229db8 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -6639,6 +6639,7 @@ Also, the system state version is set here. No need to touch it. ./matrix.nix ./nextcloud.nix ./immich.nix + ./paperless.nix ]; nix = @@ -6730,7 +6731,7 @@ Also, the system state version is set here. No need to touch it. enable = true; openFirewall = true; - settingssys.Eternor = { + settings.Eternor = { browseable = "yes"; "read only" = "no"; "guest ok" = "no"; @@ -7424,7 +7425,7 @@ Also, the system state version is set here. No need to touch it. services.nextcloud = { enable = true; - packages = pkgs.nextcloud30; + package = pkgs.nextcloud30; hostName = "stash.swarsel.win"; home = "/Vault/apps/nextcloud"; datadir = "/Vault/data/nextcloud"; @@ -7472,10 +7473,9 @@ Also, the system state version is set here. No need to touch it. services.immich = { enable = true; - port = 3001 + port = 3001; openFirewall = true; - mediaLocation = "/Vault/Eternor/Bilder"; - home = "/Vault/apps/nextcloud"; + mediaLocation = "/Vault/Eternor/Immich"; }; @@ -7487,7 +7487,7 @@ Also, the system state version is set here. No need to touch it. acmeRoot = null; locations = { "/" = { - proxyPass = "http://192.168.1.2:3001"; + proxyPass = "http://[::1]:3001"; extraConfig = '' client_max_body_size 0; ''; @@ -7501,6 +7501,59 @@ Also, the system state version is set here. No need to touch it. } #+end_src +**** paperless + +#+begin_src nix :tangle profiles/server/common/paperless.nix +{ pkgs, lib, config, ... }: +{ + config = lib.mkIf config.swarselsystems.server.immich { + + users.users.paperless = { + extraGroups = [ "users" ]; + }; + + + sops.secrets.paperless_admin = { owner = "paperless"; }; + + services.paperless = { + enable = true; + mediaDir = "/Vault/Eternor/Dokumente"; + user = "paperless"; + port = 28981; + passwordFile = config.sops.secrets.paperless_admin.path; + address = "0.0.0.0"; + extraConfig = { + PAPERLESS_OCR_LANGUAGE = "deu+eng"; + PAPERLESS_URL = "scan.swarsel.win"; + PAPERLESS_OCR_USER_ARGS = builtins.toJSON { + optimize = 1; + pdfa_image_compression = "lossless"; + }; + }; + }; + + services.nginx = { + virtualHosts = { + "scan.swarsel.win" = { + enableACME = true; + forceSSL = true; + acmeRoot = null; + locations = { + "/" = { + proxyPass = "http://192.168.1.2:28981"; + extraConfig = '' + client_max_body_size 0; + ''; + }; + }; + }; + }; + }; + }; + +} +#+end_src + *** Optional :PROPERTIES: diff --git a/profiles/server/common/default.nix b/profiles/server/common/default.nix index 06dc6848..11497f97 100644 --- a/profiles/server/common/default.nix +++ b/profiles/server/common/default.nix @@ -21,6 +21,7 @@ ./matrix.nix ./nextcloud.nix ./immich.nix + ./paperless.nix ]; nix = diff --git a/profiles/server/common/immich.nix b/profiles/server/common/immich.nix index 7b79a679..809d24c0 100644 --- a/profiles/server/common/immich.nix +++ b/profiles/server/common/immich.nix @@ -10,10 +10,9 @@ services.immich = { enable = true; - port = 3001 - openFirewall = true; - mediaLocation = "/Vault/Eternor/Bilder"; - home = "/Vault/apps/nextcloud"; + port = 3001; + openFirewall = true; + mediaLocation = "/Vault/Eternor/Immich"; }; @@ -25,7 +24,7 @@ acmeRoot = null; locations = { "/" = { - proxyPass = "http://192.168.1.2:3001"; + proxyPass = "http://[::1]:3001"; extraConfig = '' client_max_body_size 0; ''; diff --git a/profiles/server/common/nextcloud.nix b/profiles/server/common/nextcloud.nix index b3bfe4fc..fb1176e8 100644 --- a/profiles/server/common/nextcloud.nix +++ b/profiles/server/common/nextcloud.nix @@ -6,7 +6,7 @@ services.nextcloud = { enable = true; - packages = pkgs.nextcloud30; + package = pkgs.nextcloud30; hostName = "stash.swarsel.win"; home = "/Vault/apps/nextcloud"; datadir = "/Vault/data/nextcloud"; diff --git a/profiles/server/common/nfs.nix b/profiles/server/common/nfs.nix index a4e732ca..c7a8e1af 100644 --- a/profiles/server/common/nfs.nix +++ b/profiles/server/common/nfs.nix @@ -20,7 +20,7 @@ enable = true; openFirewall = true; - settingssys.Eternor = { + settings.Eternor = { browseable = "yes"; "read only" = "no"; "guest ok" = "no"; diff --git a/profiles/server/common/paperless.nix b/profiles/server/common/paperless.nix new file mode 100644 index 00000000..dc271c31 --- /dev/null +++ b/profiles/server/common/paperless.nix @@ -0,0 +1,48 @@ +{ pkgs, lib, config, ... }: +{ + config = lib.mkIf config.swarselsystems.server.immich { + + users.users.paperless = { + extraGroups = [ "users" ]; + }; + + + sops.secrets.paperless_admin = { owner = "paperless"; }; + + services.paperless = { + enable = true; + mediaDir = "/Vault/Eternor/Dokumente"; + user = "paperless"; + port = 28981; + passwordFile = config.sops.secrets.paperless_admin.path; + address = "0.0.0.0"; + extraConfig = { + PAPERLESS_OCR_LANGUAGE = "deu+eng"; + PAPERLESS_URL = "scan.swarsel.win"; + PAPERLESS_OCR_USER_ARGS = builtins.toJSON { + optimize = 1; + pdfa_image_compression = "lossless"; + }; + }; + }; + + services.nginx = { + virtualHosts = { + "scan.swarsel.win" = { + enableACME = true; + forceSSL = true; + acmeRoot = null; + locations = { + "/" = { + proxyPass = "http://192.168.1.2:28981"; + extraConfig = '' + client_max_body_size 0; + ''; + }; + }; + }; + }; + }; + }; + +}