nydragon/nix-da
1
Fork 0
Code Issues Pull requests Activity Actions 1

feat(paperless): add module

Browse source
This commit is contained in:
Nydragon 2024-10-01 23:49:26 +02:00
parent 5e2d03da6c
commit 3e3e5de268
Signed by: nydragon
SSH key fingerprint: SHA256:iQnIC12spf4QjWSbarmkD2No1cLMlu6TWoV7K6cYF5g
2 changed files with 11 additions and 152 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

159
options/container/paperless-ngx/default.nix
View file

@ -1,6 +1,6 @@
# vim:fileencoding=utf-8:foldmethod=marker
{ {
config, config,
options,
lib, lib,
pkgs, pkgs,
... ...
@ -8,11 +8,11 @@
let let
inherit (lib) mkIf mkOption mkEnableOption; inherit (lib) mkIf mkOption mkEnableOption;
inherit (lib.types) port bool; inherit (lib.types) port bool;
cfg = config.modules.container.paperless-ngx; cfg = config.modules.container.paperless;
in in
{ {
options.modules.container.paperless-ngx = { options.modules.container.paperless = {
enable = mkEnableOption "paperless-ngx container"; enable = mkEnableOption "paperless";
port = mkOption { port = mkOption {
default = 8000; default = 8000;
description = "The port on which the paperless service will be reachable."; description = "The port on which the paperless service will be reachable.";
@ -20,159 +20,18 @@ in
}; };
openPort = mkOption { openPort = mkOption {
default = false; default = false;
description = "Wether the port should be publicly accessible."; description = "Whether the port should be publicly accessible.";
type = bool; type = bool;
}; };
settings = options.services.paperless.settings;
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
modules.container.enable = true;
networking.firewall.allowedTCPPorts = mkIf cfg.openPort [ cfg.port ]; networking.firewall.allowedTCPPorts = mkIf cfg.openPort [ cfg.port ];
#: {{{ Webserver services.paperless = {
virtualisation.oci-containers.containers."paperless-webserver" = { inherit (cfg) port enable settings;
image = "ghcr.io/paperless-ngx/paperless-ngx:latest"; address = if cfg.openPort then "0.0.0.0" else "127.0.0.1";
environment = {
"PAPERLESS_REDIS" = "redis://broker:6379";
"PAPERLESS_ADMIN_USER" = "admin";
"PAPERLESS_ADMIN_PASSWORD" = "password";
};
volumes = [
"paperless_data:/usr/src/paperless/data:rw"
"paperless_media:/usr/src/paperless/media:rw"
];
ports = [
"8000:8000/tcp"
];
dependsOn = [
"paperless-broker"
];
log-driver = "journald";
extraOptions = [
"--network-alias=webserver"
"--network=paperless_default"
];
};
systemd.services."podman-paperless-webserver" = {
serviceConfig = {
Restart = lib.mkOverride 500 "always";
};
after = [
"podman-network-paperless_default.service"
"podman-volume-paperless_data.service"
"podman-volume-paperless_media.service"
];
requires = [
"podman-network-paperless_default.service"
"podman-volume-paperless_data.service"
"podman-volume-paperless_media.service"
];
partOf = [
"podman-compose-paperless-root.target"
];
wantedBy = [
"podman-compose-paperless-root.target"
];
};
#: }}}
#: {{{ Redis Broker
virtualisation.oci-containers.containers."paperless-broker" = {
image = "docker.io/library/redis:7";
volumes = [
"paperless_redisdata:/data:rw"
];
log-driver = "journald";
extraOptions = [
"--network-alias=broker"
"--network=paperless_default"
];
};
systemd.services."podman-paperless-broker" = {
serviceConfig = {
Restart = lib.mkOverride 500 "always";
};
after = [
"podman-network-paperless_default.service"
"podman-volume-paperless_redisdata.service"
];
requires = [
"podman-network-paperless_default.service"
"podman-volume-paperless_redisdata.service"
];
partOf = [
"podman-compose-paperless-root.target"
];
wantedBy = [
"podman-compose-paperless-root.target"
];
};
#: }}}
#: {{{ Network
systemd.services."podman-network-paperless_default" = {
path = [ pkgs.podman ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStop = "podman network rm -f paperless_default";
};
script = ''
podman network inspect paperless_default || podman network create paperless_default
'';
partOf = [ "podman-compose-paperless-root.target" ];
wantedBy = [ "podman-compose-paperless-root.target" ];
};
#: }}}
#: {{{ Volumes
systemd.services."podman-volume-paperless_data" = {
path = [ pkgs.podman ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
podman volume inspect paperless_data || podman volume create paperless_data
'';
partOf = [ "podman-compose-paperless-root.target" ];
wantedBy = [ "podman-compose-paperless-root.target" ];
};
systemd.services."podman-volume-paperless_media" = {
path = [ pkgs.podman ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
podman volume inspect paperless_media || podman volume create paperless_media
'';
partOf = [ "podman-compose-paperless-root.target" ];
wantedBy = [ "podman-compose-paperless-root.target" ];
};
systemd.services."podman-volume-paperless_redisdata" = {
path = [ pkgs.podman ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
podman volume inspect paperless_redisdata || podman volume create paperless_redisdata
'';
partOf = [ "podman-compose-paperless-root.target" ];
wantedBy = [ "podman-compose-paperless-root.target" ];
};
#: }}}
# Root service
# When started, this will automatically create all resources and start
# the containers. When stopped, this will teardown all resources.
systemd.targets."podman-compose-paperless-root" = {
unitConfig = {
Description = "Root target generated by compose2nix.";
};
wantedBy = [ "multi-user.target" ];
}; };
}; };
} }

4
options/system.nix
View file

@ -22,12 +22,12 @@ in
}; };
workstation.enable = lib.mkEnableOption { workstation.enable = lib.mkEnableOption {
type = lib.types.bool; type = bool;
default = false; default = false;
}; };
server.enable = lib.mkEnableOption { server.enable = lib.mkEnableOption {
type = lib.types.bool; type = bool;
default = false; default = false;
}; };