ops/nixos: enable paperless

This commit is contained in:
Luke Granger-Brown 2022-04-06 00:57:22 +01:00
parent a0802e697f
commit da71f20036
3 changed files with 18 additions and 1 deletions

View file

@ -2,7 +2,7 @@
#
# SPDX-License-Identifier: Apache-2.0
{ depot, pkgs, ... }:
{ depot, pkgs, config, ... }:
let
inherit (depot.ops) secrets;
in {
@ -21,5 +21,16 @@ in {
};
my.ip.tailscale = "100.85.236.121";
services.paperless-ng = {
enable = true;
package = pkgs.paperless-ngx;
address = config.my.ip.tailscale;
extraConfig = {
PAPERLESS_ALLOWED_HOSTS = "paperless.int.lukegb.com";
PAPERLESS_CORS_ALLOWED_HOSTS = "https://paperless.int.lukegb.com";
PAPERLESS_ENABLE_HTTP_REMOTE_USER = "true";
};
};
system.stateVersion = "22.05";
}

View file

@ -342,6 +342,11 @@ in {
(service "bvm-ipfs.int.as205479.net:8080" "ipfs-gw.int.lukegb.com" {})
(service "bvm-netbox.int.as205479.net:80" "netbox.int.lukegb.com" {})
(service "localhost:9901" "envoy-debug.int.lukegb.com" {})
(service "bvm-paperless.int.as205479.net:28981" "paperless.int.lukegb.com" {
jwt_claims_headers = {
Remote-User = "email";
};
})
];
};
};

View file

@ -24,6 +24,7 @@ SPDX-License-Identifier: Apache-2.0
<li><a href="https://hg.lukegb.com">hg (heptapod)</a></li>
<li><a href="https://rundeck.int.lukegb.com">rundeck</a></li>
<li><a href="https://netbox.int.lukegb.com">netbox</a></li>
<li><a href="https://paperless.int.lukegb.com">paperless</a></li>
</ul>
<p><a href="/.pomerium/sign_out?pomerium_redirect_uri=https%3A%2F%2Flogged-out.int.lukegb.com">Log out</a></p>
</body>