Add Paperless container

README.md

 
     slappasswd -s your-password
 
+You can use the following script to add users if you have previously created `ldif` files:
+
+    ./add_users <your-stack-name>
+
+
 MariaDB
 -------
 
 
 Need to log in as admin for the first time and enable Apps manually.
 
+Let's Encrypt
+-------------
+Run the following script to enable Let's Encrypt for Nextcloud:
+
+    ./letsencrypt.sh <your-stack-name>
+
 Dynamic DNS
 -----------
 

docker-compose.yml

     build:
       context: ./images/rpi-openldap/
     image: bingen/rpi-openldap:latest
-    deploy:
-      replicas: 1
     secrets:
       - source: ldap_pwd
         target: admin_pwd
       #- "639:639"
       #- "8080:80"
     volumes:
-      - ${LDAP_DATA_PATH}:/var/lib/ldap
-      - ${LDAP_CONFIG_PATH}:/etc/ldap/slapd.d
-      - ${LDAP_CERTS_PATH}:/container/service/slapd/assets/certs/
+      - ${LDAP_DATA_VOLUME_PATH}:/var/lib/ldap
+      - ${LDAP_CONFIG_VOLUME_PATH}:/etc/ldap/slapd.d
+      - ${LDAP_CERTS_VOLUME_PATH}:/container/service/slapd/assets/certs/
     hostname: openldap.${LDAP_DOMAIN}
 
   db:
     build:
       context: ./images/rpi-mariadb/
     image: bingen/rpi-mariadb:latest
-    deploy:
-      replicas: 1
     secrets:
       - source: db_pwd
         target: admin_pwd
     #ports:
       #- "3306:3306"
     volumes:
-      #- ${DB_CONFIG_PATH}:/etc/mysql
-      - ${DB_DATA_PATH}:/var/lib/mysql
+      #- ${DB_CONFIG_VOLUME_PATH}:/etc/mysql
+      - ${DB_DATA_VOLUME_PATH}:/var/lib/mysql
 
   haproxy:
     build:
     depends_on:
       # For DNS resolution
       - nextcloud
-    deploy:
-      replicas: 1
     env_file:
       - haproxy.env
     networks:
     image: bingen/rpi-mailserver:latest
     depends_on:
       - openldap
-    deploy:
-      replicas: 1
     secrets:
       - source: ldap_mail_pwd
         target: ldap_pwd
       - ${NEXTCLOUD_DATA_VOLUME_PATH}:${NEXTCLOUD_DATA_PATH}
       - ${NEXTCLOUD_BACKUP_VOLUME_PATH}:${NEXTCLOUD_BACKUP_PATH}
 
-  #gogs:
+  paperless:
+    build:
+      context: ./images/rpi-paperless/
+    image: bingen/rpi-paperless
+    ports:
+      - "8081:8000"
+      - "21:21"
+    volumes:
+      - ${PAPERLESS_DATA_VOLUME_PATH}:/usr/src/paperless/data
+      - ${PAPERLESS_MEDIA_VOLUME_PATH}:/usr/src/paperless/media
+      - ${PAPERLESS_CONSUMPTION_VOLUME_PATH}:${PAPERLESS_CONSUMPTION_PATH}
+      - ${PAPERLESS_EXPORT_VOLUME_PATH}:${PAPERLESS_EXPORT_PATH}
+    secrets:
+      - source: paperless_webserver_pwd
+        target: webserver_pwd
+        uid: '999'
+        mode: 0440
+      - source: paperless_passphrase
+        target: passphrase
+        uid: '999'
+        mode: 0440
+    env_file:
+      - paperless.env
 
-  #turtl:
+  #gogs:
 
   #wordpress:
 
     external: true
   nextcloud_secret:
     external: true
+  paperless_webserver_pwd:
+    external: true
+  paperless_passphrase:
+    external: true
 networks:
   default:
     driver: overlay

env.template

 # modify and copy to .env
 
 # DB
-DB_DATA_PATH=${VOLUMES_PATH}/mariadb/data
-#DB_CONFIG_PATH=${VOLUMES_PATH}/mariadb/config
+DB_DATA_VOLUME_PATH=${VOLUMES_PATH}/mariadb/data
+#DB_CONFIG_VOLUME_PATH=${VOLUMES_PATH}/mariadb/config
 
 # LDAP
 LDAP_DOMAIN=${DOMAIN}
 LDAP_ORGANIZATION=${ORGANIZATION}
 LDAP_EXTENSION=${EXTENSION}
 LDAP_ADMIN_PWD_FILE=/run/secrets/admin_pwd
-LDAP_DATA_PATH=${VOLUMES_PATH}/openldap/data
-LDAP_CONFIG_PATH=${VOLUMES_PATH}/openldap/config
-LDAP_CERTS_PATH=${VOLUMES_PATH}/openldap/certs
+LDAP_DATA_VOLUME_PATH=${VOLUMES_PATH}/openldap/data
+LDAP_CONFIG_VOLUME_PATH=${VOLUMES_PATH}/openldap/config
+LDAP_CERTS_VOLUME_PATH=${VOLUMES_PATH}/openldap/certs
 
 # MAIL
 
 NEXTCLOUD_BACKUP_PATH=/srv/nextcloud/backup
 # external Volume path
 NEXTCLOUD_BACKUP_VOLUME_PATH=${VOLUMES_PATH}/nextcloud/backup
+
+# PAPERLESS
+
+PAPERLESS_DATA_VOLUME_PATH=${VOLUMES_PATH}/paperless/data
+PAPERLESS_MEDIA_VOLUME_PATH=${VOLUMES_PATH}/paperless/media
+PAPERLESS_CONSUMPTION_VOLUME_PATH=${VOLUMES_PATH}/paperless/consume
+PAPERLESS_CONSUMPTION_PATH=/consume
+PAPERLESS_EXPORT_VOLUME_PATH=${VOLUMES_PATH}/paperless/export
+PAPERLESS_EXPORT_PATH=/export

paperless.env.template

+# Webserver
+PAPERLESS_WEBSERVER_USER=${PAPERLESS_WEBSERVER_USER}
+PAPERLESS_WEBSERVER_PWD_FILE=/run/secrets/webserver_pwd
+# paperless variables
+PAPERLESS_PASSPHRASE_FILE=/run/secrets/passphrase
+#PAPERLESS_OCR_THREADS=
+PAPERLESS_OCR_LANGUAGES=cat spa
+#USERMAP_UID=
+#USERMAP_GID=

setup.sh

 read -p "Nextcloud Pwd Salt (a random one will be generated by NC if empty): " nextcloud_salt
 read -p "Nextcloud Secret (a random one will be generated by NC if empty): " nextcloud_secret
 
+read -p "Paperless Web Server User (paperless): " paperless_webserver_user
+if [[ ${#paperless_webserver_user} -eq 0 ]]; then
+    paperless_webserver_user=paperless
+fi
+
+read -p "Paperless Web Server Pwd (a random one will be generated if empty): " paperless_webserver_pwd
+if [[ ${#paperless_webserver_pwd} -eq 0 ]]; then
+    paperless_webserver_pwd=`eval "$PWD_GEN"`
+fi
+
+read -p "Paperless Encryption Passphrase (a random one will be generated if empty): " paperless_passphrase
+if [[ ${#paperless_passphrase} -eq 0 ]]; then
+    paperless_=`eval "$PWD_GEN"`
+fi
+
 echo $'\E[33m'
 echo "//////////////////////////////////////////////////"
 echo "///////////////// PLEASE CONFIRM /////////////////"
 echo Your LDAP Mail Bind DN Uid is:        $ldap_mail_uid
 echo Your LDAP Nextcloud Bind DN Uid is:   $ldap_nextcloud_uid
 echo Your Let\'s Encrypt account e-mail:   $letsencrypt_email
+echo Your PAperless Web Server User:       $paperless_webserver_user
 
 echo $'\E[1;37m'
 read -p "Are These Settings Correct? Yes (y), No (n): " confirm
 echo $nextcloud_admin_pwd | docker secret create nextcloud_admin_pwd -
 echo $nextcloud_salt | docker secret create nextcloud_salt -
 echo $nextcloud_secret | docker secret create nextcloud_secret -
+echo $paperless_webserver_pwd | docker secret create paperless_webserver_pwd -
+echo $paperless_passphrase | docker secret create paperless_passphrase -
 
 echo $'\E[33m'
 echo "//////////////////////////////////////////////////"
 cp mail.env.template mail.env
 cp nextcloud.env.template nextcloud.env
 cp haproxy.env.template haproxy.env
+cp paperless.env.template paperless.env
 
 for i in `ls *.env .env`; do
     sed -i "s/\${DOMAIN}/${domain}/g" $i
     sed -i "s/\${MAIL_LDAP_UID}/${ldap_mail_uid}/g" $i
     sed -i "s/\${NEXTCLOUD_LDAP_UID}/${ldap_nextcloud_uid}/g" $i
     sed -i "s/\${LETSENCRYPT_EMAIL}/${letsencrypt_email}/g" $i
+    sed -i "s/\${PAPERLESS_WEBSERVER_USER}/${paperless_webserver_user}/g" $i
     #sed -i "s/\${}/${}/g" $i
 done;
 
 # read variables
 . .env
 # repeated env variables
-echo "\nNEXTCLOUD_DB_BACKUP=${NEXTCLOUD_DATA_PATH}/nextcloud_db_backup.sql" >> nextcloud.env
 echo "\nMAIL_DATA_PATH=${MAIL_DATA_PATH}" >> mail.env
+echo "\nNEXTCLOUD_DB_BACKUP=${NEXTCLOUD_DATA_PATH}/nextcloud_db_backup.sql" >> nextcloud.env
 echo "\nNEXTCLOUD_DATA_PATH=${NEXTCLOUD_DATA_PATH}" >> nextcloud.env
 echo "\nNEXTCLOUD_BACKUP_PATH=${NEXTCLOUD_BACKUP_PATH}" >> nextcloud.env
+echo "\nPAPERLESS_CONSUMPTION_DIR=${PAPERLESS_CONSUPTION_PATH}" >> paperless.env
+echo "\nPAPERLESS_EXPORT_DIR=${PAPERLESS_EXPORT_PATH}" >> paperless.env
 
 echo $'\E[33m'
 echo "//////////////////////////////////////////////////"
 echo $'\E[1;30m'
 
 # openldap
-sudo mkdir -p ${LDAP_DATA_PATH}
-sudo mkdir -p ${LDAP_CONFIG_PATH}
-sudo mkdir -p ${LDAP_CERTS_PATH}
+sudo mkdir -p ${LDAP_DATA_VOLUME_PATH}
+sudo mkdir -p ${LDAP_CONFIG_VOLUME_PATH}
+sudo mkdir -p ${LDAP_CERTS_VOLUME_PATH}
 # db
-sudo mkdir -p ${DB_DATA_PATH}
-#sudo mkdir -p ${DB_CONFIG_PATH}
+sudo mkdir -p ${DB_DATA_VOLUME_PATH}
+#sudo mkdir -p ${DB_CONFIG_VOLUME_PATH}
 # mail
-sudo mkdir -p ${MAIL_DATA_PATH}
-sudo mkdir -p ${MAIL_DATA_PATH}/getmail
-#sudo mkdir -p ${MAIL_STATE_PATH}
+sudo mkdir -p ${MAIL_DATA_VOLUME_PATH}
+sudo mkdir -p ${MAIL_DATA_VOLUME_PATH}/getmail
+#sudo mkdir -p ${MAIL_STATE_VOLUME_PATH}
 # nextcloud
-sudo mkdir -p ${NEXTCLOUD_DATA_PATH}
-sudo mkdir -p ${NEXTCLOUD_BACKUP_PATH}
+sudo mkdir -p ${NEXTCLOUD_DATA_VOLUME_PATH}
+sudo mkdir -p ${NEXTCLOUD_BACKUP_VOLUME_PATH}
+# paperless
+sudo mkdir -p ${PAPERLESS_DATA_VOLUME_PATH}
+sudo mkdir -p ${PAPERLESS_MEDIA_VOLUME_PATH}
+sudo mkdir -p ${PAPERLESS_CONSUMPTION_VOLUME_PATH}
+sudo mkdir -p ${PAPERLESS_EXPORT_VOLUME_PATH}
 
 echo "Copying gemail confs"
-cp images/rpi-email/getmail/getmailrc-* ${MAIL_DATA_PATH}/getmail/
+cp images/rpi-email/getmail/getmailrc-* ${MAIL_DATA_VOLUME_PATH}/getmail/