nixos-config/nixos/legacy/dms.nix

{ lib, pkgs, config, ... }:

# a very simple dms setup which.
# I have a brother ADS-1600W scanner, which is configured to send all
# PDFs to this machine in /home/ftp-upload/input
# from there the dms.py scans them and makes them searchable.

let
  dms = pkgs.fetchgit {
    url = "https://github.com/mrVanDalo/dms.git";
    rev = "2f5c44f017bdfd8abfe908d419ef26bac300f809";
    sha256 = "0dxhk1ah6wwbsxyk4hd32rz7886w7r5gfy16485gjbvky1qsi8gd";
  };
in
{

  # setup ftp
  services.vsftpd = {
    enable = true;
    userlist = [ "ftp-upload" ];
    userlistEnable = true;
    localUsers = true;
    writeEnable = true;
    extraConfig = ''
      # additional ports for directory list and stuff
      pasv_min_port=4242
      pasv_max_port=4243
    '';
  };
  networking.firewall.allowedTCPPortRanges = [
    {
      # ftp: additional ports for directory list and stuff
      from = 4242;
      to = 4243;
    }
    {
      # ftp
      from = 20;
      to = 21;
    }
  ];

  sops.secrets.ftp_password = { };

  # create user
  users.users.ftp-upload = {
    passwordFile = config.sops.secrets.ftp_password.path;
    isNormalUser = true;
  };

  # create dms service
  systemd.services.dms = {
    enable = true;
    wantedBy = [ "multi-user.target" ];
    path = [
      (pkgs.python3.withPackages (ps: with ps; [ flask ]))
      pkgs.imagemagickBig
      (pkgs.pdfsandwich.override { imagemagick = pkgs.imagemagickBig; })
      pkgs.poppler_utils
      pkgs.which
      pkgs.netpbm
      pkgs.gawk
      pkgs.bash
    ];
    serviceConfig = { User = "ftp-upload"; };
    preStart = ''
      if [[ ! -L /home/ftp-upload/db/SOURCE_DIR ]]
      then
      rm -rf /home/ftp-upload/db/SOURCE_DIR
      mkdir -p /home/ftp-upload/db
      mkdir -p /home/ftp-upload/input
      ln -s /home/ftp-upload/input /home/ftp-upload/db/SOURCE_DIR
      fi
    '';
    script = ''
      DMSDATA=/home/ftp-upload/db \
      FLASK_APP=${dms}/dms.py \
      flask run --host 0.0.0.0 \
      "$@"
    '';
  };

  # host nginx setup
  services.nginx = {
    enable = true;
    virtualHosts = {
      "dms.pepe.private" = {
        serverAliases =
          [ "pdf.pepe.private" "docs.pepe.private" "dms.pepe.lan" ];
        locations."/" = { proxyPass = "http://localhost:5000"; };
      };
    };
  };

  # add documents to backup
  backup.dirs = [ "/home/ftp-upload/db" ];

}
move stuff to legacy 2023-09-22 19:39:18 +02:00			`{ lib, pkgs, config, ... }:`

			`# a very simple dms setup which.`
			`# I have a brother ADS-1600W scanner, which is configured to send all`
			`# PDFs to this machine in /home/ftp-upload/input`
			`# from there the dms.py scans them and makes them searchable.`

			`let`
			`dms = pkgs.fetchgit {`
			`url = "https://github.com/mrVanDalo/dms.git";`
			`rev = "2f5c44f017bdfd8abfe908d419ef26bac300f809";`
			`sha256 = "0dxhk1ah6wwbsxyk4hd32rz7886w7r5gfy16485gjbvky1qsi8gd";`
			`};`
			`in`
			`{`

			`# setup ftp`
			`services.vsftpd = {`
			`enable = true;`
			`userlist = [ "ftp-upload" ];`
			`userlistEnable = true;`
			`localUsers = true;`
			`writeEnable = true;`
			`extraConfig = ''`
			`# additional ports for directory list and stuff`
			`pasv_min_port=4242`
			`pasv_max_port=4243`
			`'';`
			`};`
			`networking.firewall.allowedTCPPortRanges = [`
			`{`
			`# ftp: additional ports for directory list and stuff`
			`from = 4242;`
			`to = 4243;`
			`}`
			`{`
			`# ftp`
			`from = 20;`
			`to = 21;`
			`}`
			`];`

			`sops.secrets.ftp_password = { };`

			`# create user`
			`users.users.ftp-upload = {`
			`passwordFile = config.sops.secrets.ftp_password.path;`
			`isNormalUser = true;`
			`};`

			`# create dms service`
			`systemd.services.dms = {`
			`enable = true;`
			`wantedBy = [ "multi-user.target" ];`
			`path = [`
			`(pkgs.python3.withPackages (ps: with ps; [ flask ]))`
			`pkgs.imagemagickBig`
			`(pkgs.pdfsandwich.override { imagemagick = pkgs.imagemagickBig; })`
			`pkgs.poppler_utils`
			`pkgs.which`
			`pkgs.netpbm`
			`pkgs.gawk`
			`pkgs.bash`
			`];`
			`serviceConfig = { User = "ftp-upload"; };`
			`preStart = ''`
			`if [[ ! -L /home/ftp-upload/db/SOURCE_DIR ]]`
			`then`
			`rm -rf /home/ftp-upload/db/SOURCE_DIR`
			`mkdir -p /home/ftp-upload/db`
			`mkdir -p /home/ftp-upload/input`
			`ln -s /home/ftp-upload/input /home/ftp-upload/db/SOURCE_DIR`
			`fi`
			`'';`
			`script = ''`
			`DMSDATA=/home/ftp-upload/db \`
			`FLASK_APP=${dms}/dms.py \`
			`flask run --host 0.0.0.0 \`
			`"$@"`
			`'';`
			`};`

			`# host nginx setup`
			`services.nginx = {`
			`enable = true;`
			`virtualHosts = {`
			`"dms.pepe.private" = {`
			`serverAliases =`
			`[ "pdf.pepe.private" "docs.pepe.private" "dms.pepe.lan" ];`
			`locations."/" = { proxyPass = "http://localhost:5000"; };`
			`};`
			`};`
			`};`

			`# add documents to backup`
			`backup.dirs = [ "/home/ftp-upload/db" ];`

			`}`