diff options
Diffstat (limited to 'tw/system/lud.scm')
-rw-r--r-- | tw/system/lud.scm | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/tw/system/lud.scm b/tw/system/lud.scm index dd0d39a9..d6d60be6 100644 --- a/tw/system/lud.scm +++ b/tw/system/lud.scm @@ -9,6 +9,7 @@ #:use-module (tw services nextcloud) #:use-module (tw services matrix) #:use-module (tw services media) + #:use-module (tw services paperless) #:use-module (tw services restic) #:use-module (tw services secrets) #:use-module (tw services web) @@ -17,8 +18,9 @@ (use-package-modules acl admin bash certs databases guile-xyz linux man php python python-xyz rsync shells tls tor version-control video) -(use-service-modules certbot cgit databases file-sharing mcron monitoring - networking pm ssh syncthing version-control vpn web) +(use-service-modules certbot cgit databases dbus desktop docker file-sharing + mcron monitoring networking pm ssh syncthing + version-control vpn web) (define efi-system-partition ; /dev/sda1 (uuid "51F3-FB71" 'fat32)) @@ -82,6 +84,16 @@ (host-name host-name) (ipv6? #f))) ; currently broken + (service dbus-root-service-type) ; for Docker + (service elogind-service-type) ; for Docker + (service docker-service-type) ; for Paperless + (service redis-service-type) ; for Paperless + (service paperless-service-type + (paperless-configuration + (domain "paper.wilkenfamily.de") + (data-path "/var/data/paperless") + (secret-key-file "/etc/paperless/secret-key"))) + ;; Allow anonymous git access via Wireguard, e.g. to this channel's git repo. ;; Repos are only published if they contain a `git-daemon-export-ok' file. (service git-daemon-service-type @@ -278,6 +290,12 @@ innodb_io_capacity = 4000 (secrets (list (secret + (encrypted-file (local-file "files/paperless-secret-key.enc")) + (destination "/etc/paperless/secret-key")) + (secret + (encrypted-file (local-file "files/restic/lud-paperless.enc")) + (destination "/etc/restic/lud-paperless")) + (secret (encrypted-file (local-file "files/mythic-dns.scm.enc")) (destination "/etc/mythic-dns.scm")) (secret |