diff --git a/docker/stacks/paperless/docker-compose.yaml b/docker/stacks/paperless/docker-compose.yaml new file mode 100644 index 0000000..8e1dd55 --- /dev/null +++ b/docker/stacks/paperless/docker-compose.yaml @@ -0,0 +1,132 @@ +services: + broker: + image: docker.io/library/redis:8 + restart: unless-stopped + environment: + - TZ=${TZ} + volumes: + - ${SERVICE_DATA_ROOT_PATH}/redis:/data + networks: + - internal + + db: + image: docker.io/library/postgres:17-bookworm + restart: unless-stopped + environment: + - POSTGRES_DB=${PAPERLESS_DBNAME} + - POSTGRES_USER=${PAPERLESS_DBUSER} + - POSTGRES_PASSWORD=${PAPERLESS_DBPASS} + - TZ=${TZ} + volumes: + - ${SERVICE_DATA_ROOT_PATH}/database:/var/lib/postgresql/data + networks: + - internal + + webserver: + image: ghcr.io/paperless-ngx/paperless-ngx:latest + restart: unless-stopped + environment: + - PAPERLESS_REDIS=redis://broker:6379 + - PAPERLESS_DBHOST=db + - PAPERLESS_DBUSER=${PAPERLESS_DBUSER} + - PAPERLESS_DBPASS=${PAPERLESS_DBPASS} + - PAPERLESS_DBNAME=${PAPERLESS_DBNAME} + - PAPERLESS_TIKA_ENABLED=1 + - PAPERLESS_TIKA_GOTENBERG_ENDPOINT=http://gotenberg:3000 + - PAPERLESS_TIKA_ENDPOINT=http://tika:9998 + - PAPERLESS_OCR_LANGUAGE=${PAPERLESS_OCR_LANGUAGE} + - PAPERLESS_OCR_LANGUAGES=${PAPERLESS_OCR_LANGUAGES} + - PAPERLESS_SECRET_KEY=${PAPERLESS_SECRET_KEY} + - PAPERLESS_TIME_ZONE=${TZ} + - PAPERLESS_URL=https://${TRAEFIK_DOMAIN} + - PAPERLESS_CONSUMER_BARCODE_SCANNER=ZXING + - USERMAP_UID=${USERMAP_UID} + - USERMAP_GID=${USERMAP_GID} + volumes: + - ${SERVICE_DATA_ROOT_PATH}/data:/usr/src/paperless/data + - ${SERVICE_DATA_ROOT_PATH}/media:/usr/src/paperless/media + - ${SERVICE_DATA_ROOT_PATH}/export:/usr/src/paperless/export + - ${CONSUME_PATH}:/usr/src/paperless/consume + depends_on: + - db + - broker + - gotenberg + - tika + networks: + - internal + - traefik + labels: + - "traefik.enable=true" + - "traefik.http.routers.paperless.rule=Host(`${TRAEFIK_DOMAIN}`)" + - "traefik.http.routers.paperless.entrypoints=websecure" + - "traefik.http.routers.paperless.tls.certresolver=myresolver" + - "traefik.docker.network=traefik" + - "traefik.http.services.paperless.loadbalancer.server.port=8000" + + gotenberg: + image: docker.io/gotenberg/gotenberg:8.20 + restart: unless-stopped + environment: + - TZ=${TZ} + command: + - "gotenberg" + - "--chromium-disable-javascript=true" + - "--chromium-allow-list=file:///tmp/.*" + networks: + - internal + + tika: + image: docker.io/apache/tika:latest + restart: unless-stopped + environment: + - TZ=${TZ} + networks: + - internal + + backup-files: + image: creativeprojects/resticprofile:${RP_VERSION:-latest} + restart: always + environment: + - TZ=${TZ} + - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} + - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} + volumes: + - ${SERVICE_DATA_ROOT_PATH}/restic/resticprofile.yaml:/etc/resticprofile/profiles.yaml:ro + - ${SERVICE_DATA_ROOT_PATH}/restic/restic.key:/etc/resticprofile/key:ro + - ${SERVICE_DATA_ROOT_PATH}/media:/media:ro + - ${SERVICE_DATA_ROOT_PATH}/db_dumps:/db_dumps:ro + command: + - '-c' + - 'resticprofile schedule --all && crond -f' + entrypoint: "/bin/sh" + hostname: paperless-resticprofile + networks: + - internal + + backup-database: + image: prodrigestivill/postgres-backup-local:17 + restart: always + environment: + - POSTGRES_HOST=db + - POSTGRES_CLUSTER=TRUE + - POSTGRES_USER=${PAPERLESS_DBUSER} + - POSTGRES_PASSWORD=${PAPERLESS_DBPASS} + - POSTGRES_DB=${PAPERLESS_DBNAME} + - BACKUP_KEEP_MINS=120 + - SCHEDULE=50 * * * * + - POSTGRES_EXTRA_OPTS=--clean --if-exists + - BACKUP_DIR=/db_dumps + - BACKUP_ON_START=TRUE + - TZ=${TZ} + volumes: + - ${SERVICE_DATA_ROOT_PATH}/db_dumps:/db_dumps + depends_on: + - db + networks: + - internal + +networks: + internal: + name: paperless + traefik: + external: true diff --git a/docker/stacks/paperless/resticprofile.conf.example b/docker/stacks/paperless/resticprofile.conf.example new file mode 100644 index 0000000..25574c0 --- /dev/null +++ b/docker/stacks/paperless/resticprofile.conf.example @@ -0,0 +1,44 @@ +global: + scheduler: crond + +default: + password-file: key + repository: s3:s3.eu-central-003.backblazeb2.com/BUCKET-NAME + initialize: true + force-inactive-lock: true + backup: + source: /media + exclude-caches: true + one-file-system: true + schedule: "*:00,15,30,45" + schedule-permission: system + check-before: false + group-by: "paths" + forget: + schedule: "daily" + keep-hourly: 24 + keep-daily: 7 + keep-weekly: 4 + heep-monthly: 12 + prune: true + +database: + password-file: key + repository: s3:s3.eu-central-003.backblazeb2.com/BUCKET-NAME + initialize: true + force-inactive-lock: true + backup: + source: /db_dumps + exclude-caches: true + one-file-system: true + schedule: "hourly" + schedule-permission: system + check-before: false + group-by: "paths" + forget: + schedule: "daily" + keep-hourly: 24 + keep-daily: 7 + keep-weekly: 4 + heep-monthly: 12 + prune: true diff --git a/docker/stacks/paperless/stack.env b/docker/stacks/paperless/stack.env new file mode 100644 index 0000000..877e961 --- /dev/null +++ b/docker/stacks/paperless/stack.env @@ -0,0 +1,25 @@ +# Paths +SERVICE_DATA_ROOT_PATH= +CONSUME_PATH= + +# Basic Configuration +TZ=Europe/Kyiv + +# Traefik Domain +TRAEFIK_DOMAIN= + +# Database Configuration +PAPERLESS_DBUSER=paperless +PAPERLESS_DBNAME=paperless +PAPERLESS_DBPASS= + +# Paperless Configuration +PAPERLESS_OCR_LANGUAGE= +PAPERLESS_OCR_LANGUAGES= +PAPERLESS_SECRET_KEY= +USERMAP_UID=1027 +USERMAP_GID=100 + +# Backup Configuration +AWS_ACCESS_KEY_ID= +AWS_SECRET_ACCESS_KEY= \ No newline at end of file