nix/container/Paper.nix

54 lines
1.6 KiB
Nix

{ container, pkgs, util, lib, ... } @args: let
cfg = container.config.paper;
in {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.paper = container.mkContainer cfg {
bindMounts = {
"/var/lib/paperless" = {
hostPath = "${cfg.storage}/data";
isReadOnly = false;
};
"/var/lib/paperless/media" = {
hostPath = "${lib.elemAt cfg.paper 0}";
isReadOnly = false;
};
};
config = { lib, pkgs, ... }: container.mkContainerConfig cfg {
environment.systemPackages = with pkgs; [ postgresql inetutils ];
services.paperless = {
enable = true;
dataDir = "/var/lib/paperless";
# address = cfg.domain;
address = "0.0.0.0";
port = cfg.port;
passwordFile = pkgs.writeText "PaperlessPassword" "root";
settings = {
PAPERLESS_URL = "https://${cfg.domain}";
PAPERLESS_ADMIN_USER = "root";
PAPERLESS_DBHOST = container.config.postgres.address;
PAPERLESS_DBENGINE = "postgresql";
PAPERLESS_DBNAME = "paperless";
PAPERLESS_DBPASS = "paperless";
PAPERLESS_DBPORT = container.config.postgres.port;
PAPERLESS_DBUSER = "paperless";
PAPERLESS_OCR_LANGUAGE = "rus";
PAPERLESS_REDIS = "redis://${container.config.redis.address}:${toString container.config.redis.port}";
};
};
# HACK: This is required for TCP postgres connection.
systemd.services.paperless-scheduler.serviceConfig = {
PrivateNetwork = lib.mkForce false;
};
systemd.services.paperless-consumer.serviceConfig = {
PrivateNetwork = lib.mkForce false;
};
};
};
}