{ lib, pkgs, config, ... }: # a very simple dms setup which. # I have a brother ADS-1600W scanner, which is configured to send all # PDFs to this machine in /home/ftp-upload/input # from there the dms.py scans them and makes them searchable. let dms = pkgs.fetchgit { url = "https://github.com/mrVanDalo/dms.git"; rev = "2f5c44f017bdfd8abfe908d419ef26bac300f809"; sha256 = "0dxhk1ah6wwbsxyk4hd32rz7886w7r5gfy16485gjbvky1qsi8gd"; }; in { # setup ftp services.vsftpd = { enable = true; userlist = [ "ftp-upload" ]; userlistEnable = true; localUsers = true; writeEnable = true; extraConfig = '' # additional ports for directory list and stuff pasv_min_port=4242 pasv_max_port=4243 ''; }; networking.firewall.allowedTCPPortRanges = [ { # ftp: additional ports for directory list and stuff from = 4242; to = 4243; } { # ftp from = 20; to = 21; } ]; sops.secrets.ftp_password = { }; # create user users.users.ftp-upload = { passwordFile = config.sops.secrets.ftp_password.path; isNormalUser = true; }; # create dms service systemd.services.dms = { enable = true; wantedBy = [ "multi-user.target" ]; path = [ (pkgs.python3.withPackages (ps: with ps; [ flask ])) pkgs.imagemagickBig (pkgs.pdfsandwich.override { imagemagick = pkgs.imagemagickBig; }) pkgs.poppler_utils pkgs.which pkgs.netpbm pkgs.gawk pkgs.bash ]; serviceConfig = { User = "ftp-upload"; }; preStart = '' if [[ ! -L /home/ftp-upload/db/SOURCE_DIR ]] then rm -rf /home/ftp-upload/db/SOURCE_DIR mkdir -p /home/ftp-upload/db mkdir -p /home/ftp-upload/input ln -s /home/ftp-upload/input /home/ftp-upload/db/SOURCE_DIR fi ''; script = '' DMSDATA=/home/ftp-upload/db \ FLASK_APP=${dms}/dms.py \ flask run --host 0.0.0.0 \ "$@" ''; }; # host nginx setup services.nginx = { enable = true; virtualHosts = { "dms.pepe.private" = { serverAliases = [ "pdf.pepe.private" "docs.pepe.private" "dms.pepe.lan" ]; locations."/" = { proxyPass = "http://localhost:5000"; }; }; }; }; # add documents to backup backup.dirs = [ "/home/ftp-upload/db" ]; }