diff --git a/ops/nixos/bvm-paperless/default.nix b/ops/nixos/bvm-paperless/default.nix
index 5e1b896785..c0e77e1907 100644
--- a/ops/nixos/bvm-paperless/default.nix
+++ b/ops/nixos/bvm-paperless/default.nix
@@ -2,7 +2,7 @@
#
# SPDX-License-Identifier: Apache-2.0
-{ depot, pkgs, ... }:
+{ depot, pkgs, config, ... }:
let
inherit (depot.ops) secrets;
in {
@@ -21,5 +21,16 @@ in {
};
my.ip.tailscale = "100.85.236.121";
+ services.paperless-ng = {
+ enable = true;
+ package = pkgs.paperless-ngx;
+ address = config.my.ip.tailscale;
+ extraConfig = {
+ PAPERLESS_ALLOWED_HOSTS = "paperless.int.lukegb.com";
+ PAPERLESS_CORS_ALLOWED_HOSTS = "https://paperless.int.lukegb.com";
+ PAPERLESS_ENABLE_HTTP_REMOTE_USER = "true";
+ };
+ };
+
system.stateVersion = "22.05";
}
diff --git a/ops/nixos/etheroute-lon01/default.nix b/ops/nixos/etheroute-lon01/default.nix
index 17a7ac47af..dcbe9944d9 100644
--- a/ops/nixos/etheroute-lon01/default.nix
+++ b/ops/nixos/etheroute-lon01/default.nix
@@ -342,6 +342,11 @@ in {
(service "bvm-ipfs.int.as205479.net:8080" "ipfs-gw.int.lukegb.com" {})
(service "bvm-netbox.int.as205479.net:80" "netbox.int.lukegb.com" {})
(service "localhost:9901" "envoy-debug.int.lukegb.com" {})
+ (service "bvm-paperless.int.as205479.net:28981" "paperless.int.lukegb.com" {
+ jwt_claims_headers = {
+ Remote-User = "email";
+ };
+ })
];
};
};
diff --git a/web/int/index.html b/web/int/index.html
index cd58a2c2a7..77ef3393da 100644
--- a/web/int/index.html
+++ b/web/int/index.html
@@ -24,6 +24,7 @@ SPDX-License-Identifier: Apache-2.0
hg (heptapod)
rundeck
netbox
+ paperless
Log out