Lithospherical/nix-config
1
0
Fork 0
forked from jan-leila/nix-config
Code Pull requests Activity

drafted out paperless config

Browse source
This commit is contained in:
Leyla Becker 2025-07-14 11:43:45 -05:00
parent 1e5eed80c1
commit 3a875e0c1f
5 changed files with 103 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
configurations/nixos/defiant/configuration.nix
View file

@ -288,6 +288,11 @@
}; };
}; };
paperless = {
enable = false;
subdomain = "documents";
};
qbittorrent = { qbittorrent = {
enable = true; enable = true;
mediaDir = "/srv/qbittorent"; mediaDir = "/srv/qbittorent";

1
modules/nixos-modules/server/default.nix
View file

@ -12,5 +12,6 @@
./wyoming.nix ./wyoming.nix
./immich.nix ./immich.nix
./qbittorent.nix ./qbittorent.nix
./paperless.nix
]; ];
} }

4
modules/nixos-modules/server/home-assistant.nix
View file

@ -102,8 +102,8 @@ in {
login_attempts_threshold = 10; login_attempts_threshold = 10;
}; };
homeassistant = { homeassistant = {
external_url = "https://home.jan-leila.com"; external_url = "https://${config.services.home-assistant.subdomain}.${config.host.reverse_proxy.hostname}";
internal_url = "http://192.168.1.2:8123"; # internal_url = "http://192.168.1.2:8123";
}; };
recorder.db_url = "postgresql://@/${dbUser}"; recorder.db_url = "postgresql://@/${dbUser}";
"automation manual" = []; "automation manual" = [];

80
modules/nixos-modules/server/paperless.nix Normal file
View file

@ -0,0 +1,80 @@
{
config,
lib,
...
}: let
dataDir = "/var/lib/paperless";
in {
options.services.paperless = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that paperless will be hosted at";
default = "paperless";
};
database = {
user = lib.mkOption {
type = lib.types.str;
description = "what is the user and database that we are going to use for paperless";
default = "paperless";
};
};
};
config = lib.mkIf config.services.paperless.enable (lib.mkMerge [
{
host = {
reverse_proxy.subdomains.${config.services.paperless.subdomain} = {
target = "http://${config.services.paperless.address}:${config.services.paperless.port}";
websockets.enable = true;
forwardHeaders.enable = true;
extraConfig = ''
# allow large file uploads
client_max_body_size 50000M;
'';
};
postgres = {
enable = true;
extraUsers = {
${config.services.paperless.database.user} = {
isClient = true;
};
};
};
};
services.paperless = {
# TODO: configure passwordFile with sops
configureTika = true;
settings = {
PAPERLESS_URL = "${config.services.paperless.subdomain}.${config.host.reverse_proxy.hostname}";
PAPERLESS_DBENGINE = "postgresql";
PAPERLESS_DBHOST = "/run/postgresql";
PAPERLESS_DBNAME = config.services.paperless.database.user;
PAPERLESS_DBUSER = config.services.paperless.database.user;
};
};
}
(lib.mkIf config.services.fail2ban.enable {
# TODO: fail2ban config
})
(lib.mkIf config.host.impermanence.enable {
assertions = [
{
assertion = config.services.paperless.dataDir == dataDir;
message = "paperless data location does not match persistence";
}
];
environment.persistence."/persist/system/root" = {
directories = [
{
directory = dataDir;
user = "paperless";
group = "paperless";
}
];
};
})
]);
}

15
modules/nixos-modules/users.nix
View file

@ -24,6 +24,7 @@
git = 2009; git = 2009;
immich = 2010; immich = 2010;
qbittorrent = 2011; qbittorrent = 2011;
paperless = 2012;
}; };
gids = { gids = {
@ -40,6 +41,7 @@
git = 2009; git = 2009;
immich = 2010; immich = 2010;
qbittorrent = 2011; qbittorrent = 2011;
paperless = 2012;
}; };
users = config.users.users; users = config.users.users;
@ -169,6 +171,12 @@ in {
isNormalUser = true; isNormalUser = true;
group = config.users.users.qbittorrent.name; group = config.users.users.qbittorrent.name;
}; };
paperless = {
uid = lib.mkForce uids.paperless;
isSystemUser = true;
group = config.users.users.paperless.name;
};
}; };
groups = { groups = {
@ -273,6 +281,13 @@ in {
leyla leyla
]; ];
}; };
paperless = {
gid = lib.mkForce gids.paperless;
members = [
users.paperless.name
];
};
}; };
}; };
} }