palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

🚧 somehow not working anymore
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 6m41s
Details

Browse source
This commit is contained in:
Ingolf Wagner 2025-05-03 22:09:27 +02:00
parent 34cb236e42
commit 22a35d499c
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
1 changed files with 25 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

49
machines/chungus/service-paperless-tika.nix
View file

@ -21,32 +21,33 @@ in
# user setup
# ----------
# paperless becomes a dedicated user for as paperless user
users.groups.paperless = {
gid = config.ids.gids.paperless;
users.groups.paperless-ngx = {
#gid = config.ids.gids.paperless;
};
users.users.paperless = {
users.users.paperless-ngx = {
isSystemUser = true;
autoSubUidGidRange = true;
group = "paperless";
group = "paperless-ngx";
linger = true; # needed for using running rootless podman as systemd service with this user
home = "/var/lib/podman-paperless";
uid = config.ids.uids.paperless;
home = "/var/lib/podman-paperless-ngx";
#uid = config.ids.uids.paperless;
};
# service folders setup
# ---------------------
systemd.tmpfiles.rules = [
"d ${config.users.users.paperless.home} 0755 paperless paperless -"
"d ${config.users.users.paperless.home}/data 0755 paperless paperless -"
"d ${config.users.users.paperless.home}/media 0755 paperless paperless -"
"d ${config.users.users.paperless.home}/export 0755 paperless paperless -"
"d ${config.users.users.paperless.home}/consume 0755 paperless paperless -"
"d ${config.users.users.paperless-ngx.home} 0755 paperless-ngx paperless-ngx -"
"d ${config.users.users.paperless-ngx.home}/consume 0755 paperless-ngx paperless-ngx -"
"d ${config.users.users.paperless-ngx.home}/data 0755 paperless-ngx paperless-ngx -"
"d ${config.users.users.paperless-ngx.home}/export 0755 paperless-ngx paperless-ngx -"
"d ${config.users.users.paperless-ngx.home}/media 0755 paperless-ngx paperless-ngx -"
];
services.permown."/var/lib/podman-paperless/consume" = {
owner = "paperless";
group = "paperless";
services.permown."/var/lib/podman-paperless-ngx/consume" = {
owner = "paperless-ngx";
group = "paperless-ngx";
directory-mode = "755";
file-mode = "640";
};
@ -60,15 +61,15 @@ in
containers = {
paperless-webserver = {
podman.user = "paperless";
podman.user = "paperless-ngx";
image = "ghcr.io/paperless-ngx/paperless-ngx:latest"; # Warning: if the tag does not change, the image will not be updated
extraOptions = [ "--network=host" ]; # we only need access to this machine
volumes = [
# todo : do we need to mount all the folders?
"${config.users.users.paperless.home}/data:/usr/src/paperless/data"
"${config.users.users.paperless.home}/media:/usr/src/paperless/media"
"${config.users.users.paperless.home}/export:/usr/src/paperless/export"
"${config.users.users.paperless.home}/consume:/usr/src/paperless/consume"
"${config.users.users.paperless-ngx.home}/data:/usr/src/paperless/data"
"${config.users.users.paperless-ngx.home}/media:/usr/src/paperless/media"
"${config.users.users.paperless-ngx.home}/export:/usr/src/paperless/export"
"${config.users.users.paperless-ngx.home}/consume:/usr/src/paperless/consume"
];
dependsOn = [
"paperless-gotenberg"
@ -77,8 +78,8 @@ in
];
environment = {
USERMAP_UID = toString config.users.users.paperless.uid;
USERMAP_GID = toString config.users.groups.paperless.gid;
USERMAP_UID = toString config.users.users.paperless-ngx.uid;
USERMAP_GID = toString config.users.groups.paperless-ngx.gid;
PAPERLESS_TIME_ZONE = config.time.timeZone;
@ -109,20 +110,20 @@ in
};
paperless-redis = {
podman.user = "paperless";
podman.user = "paperless-ngx";
image = "docker.io/library/redis:7";
volumes = [ "redis:/data" ];
ports = [ "127.0.0.1:6379:6379" ];
};
paperless-tika = {
podman.user = "paperless";
podman.user = "paperless-ngx";
image = "apache/tika:latest"; # Warning: if the tag does not change, the image will not be updated
ports = [ "127.0.0.1:${toString config.services.tika.port}:9998" ];
};
paperless-gotenberg = {
podman.user = "paperless";
podman.user = "paperless-ngx";
image = "gotenberg/gotenberg:8.20";
ports = [ "127.0.0.1:${toString config.services.gotenberg.port}:3000" ];
cmd = [