mirror of
https://github.com/TheWanderingCrow/CrOS.git
synced 2026-01-11 17:54:08 -05:00
42 lines
1.4 KiB
Nix
42 lines
1.4 KiB
Nix
{ inputs, config, ... }:
|
|
let
|
|
cfg = config.services.paperless;
|
|
sopsFolder = inputs.nix-secrets + "/sops";
|
|
in
|
|
{
|
|
services.caddy.virtualHosts."paperless.wanderingcrow.net".extraConfig = ''
|
|
reverse_proxy http://${cfg.address}:${builtins.toString cfg.port}
|
|
'';
|
|
|
|
sops = {
|
|
secrets."paperless/oidc/client" = {
|
|
sopsFile = "${sopsFolder}/services.yaml";
|
|
};
|
|
secrets."paperless/oidc/secret" = {
|
|
sopsFile = "${sopsFolder}/services.yaml";
|
|
};
|
|
|
|
templates."paperless-env".content = ''
|
|
PAPERLESS_SOCIALACCOUNT_PROVIDERS={"openid_connect":{"SCOPE":["openid","profile","email"],"OAUTH_PKCE_ENABLED":true,"APPS":[{"provider_id":"pocket-id","name":"Pocket-ID","client_id":"${
|
|
config.sops.placeholder."paperless/oidc/client"
|
|
}","secret":"${
|
|
config.sops.placeholder."paperless/oidc/secret"
|
|
}","settings":{"server_url":"https://auth.wanderingcrow.net"}}]}}
|
|
'';
|
|
};
|
|
|
|
services.paperless = {
|
|
enable = true;
|
|
domain = "paperless.wanderingcrow.net";
|
|
database.createLocally = true;
|
|
address = "127.0.0.1";
|
|
port = 28981;
|
|
exporter.enable = true;
|
|
settings = {
|
|
PAPERLESS_APPS = "allauth.socialaccount.providers.openid_connect";
|
|
PAPERLESS_DISABLE_REGULAR_LOGIN = true;
|
|
PAPERLESS_REDIRECT_LOGIN_TO_SSO = true;
|
|
};
|
|
environmentFile = config.sops.templates."paperless-env".path;
|
|
};
|
|
}
|