Bruno BELANYI
7b56c342ad
All checks were successful
ci/woodpecker/push/check Pipeline was successful
This should parallelize the number of documents ingested at once (workers), as well as the speed of the ingestion per document (threads).
169 lines
3.9 KiB
Nix
169 lines
3.9 KiB
Nix
{ config, lib, ... }:
|
|
let
|
|
cfg = config.my.services.paperless;
|
|
in
|
|
{
|
|
options.my.services.paperless = with lib; {
|
|
enable = mkEnableOption "Paperless service";
|
|
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 4535;
|
|
example = 8080;
|
|
description = "Internal port for webui";
|
|
};
|
|
|
|
secretKeyFile = mkOption {
|
|
type = types.str;
|
|
example = "/var/lib/paperless/secret-key.env";
|
|
description = ''
|
|
Secret key as an 'EnvironmentFile' (see `systemd.exec(5)`)
|
|
'';
|
|
};
|
|
|
|
documentPath = mkOption {
|
|
type = with types; nullOr str;
|
|
default = null;
|
|
example = "/mnt/paperless";
|
|
description = ''
|
|
Path to the directory to store the documents. Use default if null
|
|
'';
|
|
};
|
|
|
|
username = mkOption {
|
|
type = types.str;
|
|
default = "ambroisie";
|
|
example = "username";
|
|
description = "Name of the administrator";
|
|
};
|
|
|
|
passwordFile = mkOption {
|
|
type = types.str;
|
|
example = "/var/lib/paperless/password.txt";
|
|
description = "Read the administrator's password from this path";
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
services.paperless = {
|
|
enable = true;
|
|
|
|
port = cfg.port;
|
|
|
|
mediaDir = lib.mkIf (cfg.documentPath != null) cfg.documentPath;
|
|
|
|
extraConfig =
|
|
let
|
|
paperlessDomain = "paperless.${config.networking.domain}";
|
|
in
|
|
{
|
|
# Use SSO
|
|
PAPERLESS_ENABLE_HTTP_REMOTE_USER = true;
|
|
PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME = "HTTP_X_USER";
|
|
|
|
# Use PostgreSQL
|
|
PAPERLESS_DBHOST = "/run/postgresql";
|
|
PAPERLESS_DBUSER = "paperless";
|
|
PAPERLESS_DBNAME = "paperless";
|
|
|
|
# Security settings
|
|
PAPERLESS_ALLOWED_HOSTS = paperlessDomain;
|
|
PAPERLESS_CORS_ALLOWED_HOSTS = "https://${paperlessDomain}";
|
|
|
|
# OCR settings
|
|
PAPERLESS_OCR_LANGUAGE = "fra+eng";
|
|
|
|
# Workers
|
|
PAPERLESS_TASK_WORKERS = 3;
|
|
PAPERLESS_THREADS_PER_WORKER = 4;
|
|
|
|
# Misc
|
|
PAPERLESS_TIME_ZONE = config.time.timeZone;
|
|
PAPERLESS_ADMIN_USER = cfg.username;
|
|
};
|
|
|
|
# Admin password
|
|
passwordFile = cfg.passwordFile;
|
|
};
|
|
|
|
systemd.services = {
|
|
paperless-scheduler = {
|
|
requires = [ "postgresql.service" ];
|
|
after = [ "postgresql.service" ];
|
|
|
|
serviceConfig = {
|
|
EnvironmentFile = cfg.secretKeyFile;
|
|
};
|
|
};
|
|
|
|
paperless-consumer = {
|
|
requires = [ "postgresql.service" ];
|
|
after = [ "postgresql.service" ];
|
|
|
|
serviceConfig = {
|
|
EnvironmentFile = cfg.secretKeyFile;
|
|
};
|
|
};
|
|
|
|
paperless-web = {
|
|
requires = [ "postgresql.service" ];
|
|
after = [ "postgresql.service" ];
|
|
|
|
serviceConfig = {
|
|
EnvironmentFile = cfg.secretKeyFile;
|
|
};
|
|
};
|
|
|
|
paperless-task-queue = {
|
|
requires = [ "postgresql.service" ];
|
|
after = [ "postgresql.service" ];
|
|
|
|
serviceConfig = {
|
|
EnvironmentFile = cfg.secretKeyFile;
|
|
};
|
|
};
|
|
};
|
|
|
|
# Set-up database
|
|
services.postgresql = {
|
|
enable = true;
|
|
ensureDatabases = [ "paperless" ];
|
|
ensureUsers = [
|
|
{
|
|
name = "paperless";
|
|
ensurePermissions."DATABASE paperless" = "ALL PRIVILEGES";
|
|
}
|
|
];
|
|
};
|
|
|
|
# Set-up media group
|
|
users.groups.media = { };
|
|
|
|
users.users.${config.services.paperless.user} = {
|
|
extraGroups = [ "media" ];
|
|
};
|
|
|
|
my.services.nginx.virtualHosts = [
|
|
{
|
|
subdomain = "paperless";
|
|
inherit (cfg) port;
|
|
sso = {
|
|
enable = true;
|
|
};
|
|
|
|
# Enable websockets on root
|
|
extraConfig = {
|
|
locations."/".proxyWebsockets = true;
|
|
};
|
|
}
|
|
];
|
|
|
|
my.services.backup = {
|
|
paths = [
|
|
config.services.paperless.dataDir
|
|
config.services.paperless.mediaDir
|
|
];
|
|
};
|
|
};
|
|
}
|