services: paperless: move reverse proxy definition to service file
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
This commit is contained in:
parent
ad5fa64abb
commit
0f678e07a2
Binary file not shown.
|
@ -3,6 +3,7 @@
|
|||
let
|
||||
paperlessEnv = config.services.paperless.settings;
|
||||
redisSocketPath = config.services.redis.servers.paperless.unixSocket;
|
||||
vhost = "paperless.${my.domain}";
|
||||
in {
|
||||
services.paperless = {
|
||||
enable = true;
|
||||
|
@ -17,7 +18,7 @@ in {
|
|||
PAPERLESS_DBNAME = "paperless";
|
||||
PAPERLESS_DBUSER = "paperless";
|
||||
PAPERLESS_SSLMODE = "disable";
|
||||
PAPERLESS_URL = "https://paperless.${my.domain}";
|
||||
PAPERLESS_URL = "https://${vhost}";
|
||||
PAPERLESS_USE_X_FORWARD_HOST = true;
|
||||
PAPERLESS_USE_X_FORWARD_PORT = true;
|
||||
};
|
||||
|
@ -69,6 +70,19 @@ in {
|
|||
}
|
||||
];
|
||||
|
||||
services.nginx.virtualHosts.${vhost} = {
|
||||
forceSSL = true;
|
||||
useACMEHost = my.domain;
|
||||
kTLS = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://[::1]:${toString config.services.paperless.port}";
|
||||
proxyWebsockets = true;
|
||||
extraConfig = ''
|
||||
client_max_body_size 512M;
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
users.users.paperless.extraGroups = [ "restic-backup" ];
|
||||
|
||||
services.restic.backups.paperless-media = {
|
||||
|
|
Loading…
Reference in a new issue