mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

move arrs into nix container

Browse Source
This commit is contained in:
mjallen18
2024-11-30 14:35:53 -06:00
parent b7c85a7a56
commit f33d690145
32 changed files with 901 additions and 1087 deletions
Download Patch File Download Diff File Expand all files Collapse all files

116
modules/apps/paperless/default.nix
View File

@@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
paperlessPort = 28981;
@@ -14,59 +19,68 @@ in
localAddress = "10.0.1.20";
hostAddress6 = "fc00::1";
localAddress6 = "fc00::20";
config = { config, pkgs, lib, ... }: {
# Enable paperless service
services.paperless = {
enable = true;
port = paperlessPort;
user = "paperless";
address = "0.0.0.0";
passwordFile = "/var/lib/paperless/paperless-password";
# settings = {
# PAPERLESS_APPS="allauth.socialaccount.providers.openid_connect";
# PAPERLESS_SOCIALACCOUNT_PROVIDERS = {
# "openid_connect" = {
# "OAUTH_PKCE_ENABLED":true,
# "APPS":[
# {"provider_id":"authentik","name":"Authentik","client_id":"<Client ID>","secret":<Client Secret>","settings":{"server_url":"https://authentik.mjallen.dev/application/o/paperless/.well-known/openid-configuration"}}]}}
# }
};
# Create required users and groups
users.groups = {
documents = { gid = lib.mkForce paperlessGroupId; };
};
users.users.paperless = {
isSystemUser = true;
uid = lib.mkForce paperlessUserId;
group = lib.mkForce "documents";
};
# Create and set permissions for required directories
system.activationScripts.paperless-dirs = ''
mkdir -p /var/lib/paperless
chown -R paperless:documents /var/lib/paperless
chmod -R 775 /var/lib/paperless
'';
networking = {
firewall = {
config =
{
config,
pkgs,
lib,
...
}:
{
# Enable paperless service
services.paperless = {
enable = true;
allowedTCPPorts = [ paperlessPort ];
port = paperlessPort;
user = "paperless";
address = "0.0.0.0";
passwordFile = "/var/lib/paperless/paperless-password";
# settings = {
# PAPERLESS_APPS="allauth.socialaccount.providers.openid_connect";
# PAPERLESS_SOCIALACCOUNT_PROVIDERS = {
# "openid_connect" = {
# "OAUTH_PKCE_ENABLED":true,
# "APPS":[
# {"provider_id":"authentik","name":"Authentik","client_id":"<Client ID>","secret":<Client Secret>","settings":{"server_url":"https://authentik.mjallen.dev/application/o/paperless/.well-known/openid-configuration"}}]}}
# }
};
# Use systemd-resolved inside the container
# Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
useHostResolvConf = lib.mkForce false;
# Create required users and groups
users.groups = {
documents = {
gid = lib.mkForce paperlessGroupId;
};
};
users.users.paperless = {
isSystemUser = true;
uid = lib.mkForce paperlessUserId;
group = lib.mkForce "documents";
};
# Create and set permissions for required directories
system.activationScripts.paperless-dirs = ''
mkdir -p /var/lib/paperless
chown -R paperless:documents /var/lib/paperless
chmod -R 775 /var/lib/paperless
'';
networking = {
firewall = {
enable = true;
allowedTCPPorts = [ paperlessPort ];
};
# Use systemd-resolved inside the container
# Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
useHostResolvConf = lib.mkForce false;
};
services.resolved.enable = true;
system.stateVersion = "23.11";
};
services.resolved.enable = true;
system.stateVersion = "23.11";
};
# Bind mount directories from host
bindMounts = {
@@ -89,4 +103,4 @@ in
}
];
};
}
}