nomad
/
paperless-ngx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move internal settings out of variables.yml

This commit is contained in:
Daniel Berteaud 2024-03-02 22:34:56 +01:00
parent 6356fd0dbf
commit 2cca16c93f
3 changed files with 36 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
example/paperless-ngx.nomad.hcl
View File

@ -158,23 +158,23 @@ _EOT
env {
PAPERLESS_MODE = "webserver"
PAPERLESS_BIND_ADDR = "127.0.0.1"
TMPDIR = "/alloc/tmp"
PAPERLESS_MODE = "webserver"
PAPERLESS_BIND_ADDR = "127.0.0.1"
PAPERLESS_TRUSTED_PROXIES = "127.0.0.1"
PAPERLESS_PROXY_SSL_HEADER = "[\"HTTP_X_FORWARDED_PROTO\", \"https\"]"
PAPERLESS_CONVERT_TMPDIR = "/alloc/data"
PAPERLESS_USE_X_FORWARD_HOST = "true"
PAPERLESS_URL = "https://paperless.example.org"
PAPERLESS_ENABLE_COMPRESSION = false
TMPDIR = "/alloc/tmp"
}
# Use a template block instead of env {} so we can fetch values from vault
template {
data = <<_EOT
LANG=fr_FR.utf8
PAPERLESS_CONVERT_TMPDIR=/alloc/data
PAPERLESS_CORS_ALLOWED_HOSTS=https://paperless.example.org
PAPERLESS_ENABLE_COMPRESSION=false
PAPERLESS_PROXY_SSL_HEADER='["HTTP_X_FORWARDED_PROTO", "https"]'
PAPERLESS_SECRET_KEY={{ with secret "/kv/service/paperless" }}{{ .Data.data.secret_key }}{{ end }}
PAPERLESS_TRUSTED_PROXIES=127.0.0.1
PAPERLESS_URL=https://paperless.example.org
PAPERLESS_USE_X_FORWARD_HOST=true
TZ=Europe/Paris
_EOT
destination = "secrets/.env"
@ -238,22 +238,17 @@ _EOT
env {
PAPERLESS_MODE = "consumer"
TMPDIR = "/alloc/tmp"
PAPERLESS_MODE = "consumer"
PAPERLESS_CONVERT_TMPDIR = "/alloc/data"
TMPDIR = "/alloc/tmp"
}
# Use a template block instead of env {} so we can fetch values from vault
template {
data = <<_EOT
LANG=fr_FR.utf8
PAPERLESS_CONVERT_TMPDIR=/alloc/data
PAPERLESS_CORS_ALLOWED_HOSTS=https://paperless.example.org
PAPERLESS_ENABLE_COMPRESSION=false
PAPERLESS_PROXY_SSL_HEADER='["HTTP_X_FORWARDED_PROTO", "https"]'
PAPERLESS_SECRET_KEY={{ with secret "/kv/service/paperless" }}{{ .Data.data.secret_key }}{{ end }}
PAPERLESS_TRUSTED_PROXIES=127.0.0.1
PAPERLESS_URL=https://paperless.example.org
PAPERLESS_USE_X_FORWARD_HOST=true
TZ=Europe/Paris
_EOT
destination = "secrets/.env"
@ -319,22 +314,17 @@ _EOT
env {
PAPERLESS_MODE = "scheduler"
TMPDIR = "/alloc/tmp"
PAPERLESS_MODE = "scheduler"
PAPERLESS_CONVERT_TMPDIR = "/alloc/data"
TMPDIR = "/alloc/tmp"
}
# Use a template block instead of env {} so we can fetch values from vault
template {
data = <<_EOT
LANG=fr_FR.utf8
PAPERLESS_CONVERT_TMPDIR=/alloc/data
PAPERLESS_CORS_ALLOWED_HOSTS=https://paperless.example.org
PAPERLESS_ENABLE_COMPRESSION=false
PAPERLESS_PROXY_SSL_HEADER='["HTTP_X_FORWARDED_PROTO", "https"]'
PAPERLESS_SECRET_KEY={{ with secret "/kv/service/paperless" }}{{ .Data.data.secret_key }}{{ end }}
PAPERLESS_TRUSTED_PROXIES=127.0.0.1
PAPERLESS_URL=https://paperless.example.org
PAPERLESS_USE_X_FORWARD_HOST=true
TZ=Europe/Paris
_EOT
destination = "secrets/.env"
@ -400,22 +390,17 @@ _EOT
env {
PAPERLESS_MODE = "task-queue"
TMPDIR = "/alloc/tmp"
PAPERLESS_MODE = "task-queue"
PAPERLESS_CONVERT_TMPDIR = "/alloc/data"
TMPDIR = "/alloc/tmp"
}
# Use a template block instead of env {} so we can fetch values from vault
template {
data = <<_EOT
LANG=fr_FR.utf8
PAPERLESS_CONVERT_TMPDIR=/alloc/data
PAPERLESS_CORS_ALLOWED_HOSTS=https://paperless.example.org
PAPERLESS_ENABLE_COMPRESSION=false
PAPERLESS_PROXY_SSL_HEADER='["HTTP_X_FORWARDED_PROTO", "https"]'
PAPERLESS_SECRET_KEY={{ with secret "/kv/service/paperless" }}{{ .Data.data.secret_key }}{{ end }}
PAPERLESS_TRUSTED_PROXIES=127.0.0.1
PAPERLESS_URL=https://paperless.example.org
PAPERLESS_USE_X_FORWARD_HOST=true
TZ=Europe/Paris
_EOT
destination = "secrets/.env"

27
paperless-ngx.nomad.hcl
View File

@ -58,9 +58,15 @@ job "[[ .instance ]]" {
[[ template "common/vault.policies" $c ]]
env {
PAPERLESS_MODE = "webserver"
PAPERLESS_BIND_ADDR = "127.0.0.1"
TMPDIR = "/alloc/tmp"
PAPERLESS_MODE = "webserver"
PAPERLESS_BIND_ADDR = "127.0.0.1"
PAPERLESS_TRUSTED_PROXIES = "127.0.0.1"
PAPERLESS_PROXY_SSL_HEADER = "[\"HTTP_X_FORWARDED_PROTO\", \"https\"]"
PAPERLESS_CONVERT_TMPDIR = "/alloc/data"
PAPERLESS_USE_X_FORWARD_HOST = "true"
PAPERLESS_URL = "[[ .paperless.webserver.public_url ]]"
PAPERLESS_ENABLE_COMPRESSION = false
TMPDIR = "/alloc/tmp"
}
[[ template "common/file_env" $c ]]
@ -101,8 +107,9 @@ job "[[ .instance ]]" {
[[ template "common/vault.policies" $c ]]
env {
PAPERLESS_MODE = "consumer"
TMPDIR = "/alloc/tmp"
PAPERLESS_MODE = "consumer"
PAPERLESS_CONVERT_TMPDIR = "/alloc/data"
TMPDIR = "/alloc/tmp"
}
[[ template "common/file_env" $c ]]
@ -141,8 +148,9 @@ job "[[ .instance ]]" {
[[ template "common/vault.policies" $c ]]
env {
PAPERLESS_MODE = "scheduler"
TMPDIR = "/alloc/tmp"
PAPERLESS_MODE = "scheduler"
PAPERLESS_CONVERT_TMPDIR = "/alloc/data"
TMPDIR = "/alloc/tmp"
}
[[ template "common/file_env" $c ]]
@ -180,8 +188,9 @@ job "[[ .instance ]]" {
[[ template "common/vault.policies" $c ]]
env {
PAPERLESS_MODE = "task-queue"
TMPDIR = "/alloc/tmp"
PAPERLESS_MODE = "task-queue"
PAPERLESS_CONVERT_TMPDIR = "/alloc/data"
TMPDIR = "/alloc/tmp"
}
[[ template "common/file_env" $c ]]

6
variables.yml
View File

@ -29,12 +29,6 @@ paperless:
env:
PAPERLESS_SECRET_KEY: '{{ with secret "[[ .vault.root ]]kv/service/[[ .instance ]]" }}{{ .Data.data.secret_key }}{{ end }}'
PAPERLESS_CORS_ALLOWED_HOSTS: '[[ .paperless.webserver.public_url ]]'
PAPERLESS_URL: '[[ .paperless.webserver.public_url ]]'
PAPERLESS_CONVERT_TMPDIR: /alloc/data
PAPERLESS_USE_X_FORWARD_HOST: true
PAPERLESS_PROXY_SSL_HEADER: "'[\"HTTP_X_FORWARDED_PROTO\", \"https\"]'"
PAPERLESS_ENABLE_COMPRESSION: false
PAPERLESS_TRUSTED_PROXIES: 127.0.0.1
wait_for:
- service: master.postgres[[ .consul.suffix ]]