services: app: image: ghcr.io/paperless-ngx/paperless-ngx:latest restart: unless-stopped networks: - caddy - backend security_opt: - no-new-privileges:true depends_on: - redis - postgres volumes: - "{{ stack_paperless_env_dir }}/data/paperless:/usr/src/paperless/data" # container data - "{{ stack_paperless_env_dir }}/data/paperless_export:/usr/src/paperless/export" # backup location - "{{ stack_paperless_serve_dir }}/documents:/usr/src/paperless/media" # document location - "{{ stack_paperless_serve_dir }}/consume:/usr/src/paperless/consume" # watch folder environment: - "PAPERLESS_TIME_ZONE={{ stack_paperless_tz }}" - "USERMAP_UID={{ stack_paperless_puid }}" - "USERMAP_GID={{ stack_paperless_pgid }}" - "PAPERLESS_OCR_LANGUAGE={{ stack_paperless_ocr_language }}" - "PAPERLESS_OCR_LANGUAGES={{ stack_paperless_ocr_languages }}" - "PAPERLESS_OCR_SKIP_ARCHIVE_FILE={{ stack_paperless_ocr_skip_archive_file }}" - "PAPERLESS_ENABLE_UPDATE_CHECK={{ stack_paperless_enable_update_check }}" - "PAPERLESS_REDIS=redis://redis:6379" - "PAPERLESS_DBHOST=postgres - "PAPERLESS_DBNAME={{ stack_paperless_dbname }}" - "PAPERLESS_DBUSER={{ stack_paperless_dbuser }}" - "PAPERLESS_DBPASS={{ stack_paperless_dbpass }}" - "PAPERLESS_SECRET_KEY={{ stack_paperless_secret_key }}" - "PAPERLESS_FILENAME_FORMAT={{ stack_paperless_filename_format }}" - "PAPERLESS_ADMIN_USER={{ stack_paperless_admin_user }}" - "PAPERLESS_ADMIN_PASSWORD={{ stack_paperless_admin_password }}" labels: caddy: "{{ stack_paperless_subdomain }}" caddy.reverse_proxy: "{{ '{{' }}upstreams 8000{{ '}}'}}" postgres: image: postgres:16.0-alpine #fixedVersion restart: unless-stopped networks: - backend security_opt: - no-new-privileges:true volumes: - "{{ stack_paperless_env_dir }}/data/postgres:/var/lib/postgresql/data" environment: POSTGRES_DB: "{{ stack_paperless_dbname }}" POSTGRES_USER: "{{ stack_paperless_dbuser }}" POSTGRES_PASSWORD: "{{ stack_paperless_dbpass }}" redis: image: redis:7.2-alpine #fixedVersion restart: unless-stopped networks: - backend security_opt: - no-new-privileges:true volumes: - "{{ stack_paperless_env_dir }}/data/redis:/data" environment: REDIS_ARGS: "--save 60 10" {% if restic_enable|d(False) == True and stack_paperless_restic_enable|d(False) == True %} backup: image: mazzolino/restic hostname: "{{ ansible_hostname | default() }}" environment: TZ: "{{ restic_tz }}" BACKUP_CRON: "{{ stack_paperless_restic_cron }}" SKIP_INIT: true RESTIC_REPOSITORY: "{{ restic_repo }}" RESTIC_PASSWORD: "{{ restic_pass }}" AWS_ACCESS_KEY_ID: "{{ restic_s3_key }}" AWS_SECRET_ACCESS_KEY: "{{ restic_s3_secret }}" RESTIC_BACKUP_ARGS: >- --tag paperless RESTIC_BACKUP_SOURCES: "/backup" volumes: {% if restic_repo is regex('^/.+') %} - "{{ restic_repo }}:{{ restic_repo }}" {% endif %} - "{{ stack_paperless_env_dir }}:/backup/{{ stack_paperless_env_dir }}" - "{{ stack_paperless_serve_dir }}/documents:/backup/{{ stack_paperless_serve_dir }}/documents" {% endif %} networks: caddy: external: true backend: name: backend driver: bridge # secrets: # paperless_db_paperless_passwd: # file: ./secrets/paperless_db_paperless_passwd # paperless_secret_key: # file: ./secrets/paperless_secret_key #