Skip to content

Instantly share code, notes, and snippets.

@cclloyd

cclloyd/manifest.yml

Last active April 30, 2024 13:39
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save cclloyd/e569eb16d7eddd6adc9aa49b56b7147b to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save cclloyd/e569eb16d7eddd6adc9aa49b56b7147b to your computer and use it in GitHub Desktop.
Download ZIP
Paperless deployment on kubernetes
Raw
manifest.yml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: paperless
labels:
app: paperless
spec:
replicas: 1
selector:
matchLabels:
app: paperless
template:
metadata:
labels:
app: paperless
spec:
containers:
- name: webserver
image: pitkley/paperless
imagePullPolicy: IfNotPresent
command: ["/sbin/docker-entrypoint.sh"]
args: ["gunicorn", "-b", "0.0.0.0:8000"]
env:
- name: USERMAP_UID
value: "1746400001"
- name: USERMAP_GID
value: "1746400004"
- name: PAPERLESS_CONSUMPTION_DIR
value: "/consume"
- name: PAPERLESS_PASSPHRASE
value: "CHANGEME"
- name: PAPERLESS_SECRET_KEY
value: "CHANGEME"
- name: PAPERLESS_TIME_ZONE
value: "EST"
- name: PAPERLESS_OCR_LANGUAGES
value: ""
volumeMounts:
- name: paperless-data
mountPath: /usr/src/paperless/data
- name: paperless-media
mountPath: /usr/src/paperless/media
- name: paperless-io
mountPath: /consume
- name: paperless-io
mountPath: /export
subPath: export
- name: consumer
image: pitkley/paperless
imagePullPolicy: IfNotPresent
command: ["/sbin/docker-entrypoint.sh"]
args: ["document_consumer"]
env:
- name: USERMAP_UID
value: "1000"
- name: USERMAP_GID
value: "1000"
- name: PAPERLESS_CONSUMPTION_DIR
value: "/consume"
- name: PAPERLESS_PASSPHRASE
value: "CHANGEME"
- name: PAPERLESS_SECRET_KEY
value: "CHANGEME"
- name: PAPERLESS_TIME_ZONE
value: "EST"
volumeMounts:
- name: paperless-data
mountPath: /usr/src/paperless/data
- name: paperless-media
mountPath: /usr/src/paperless/media
- name: paperless-io
mountPath: /consume
subPath: consume
- name: paperless-io
mountPath: /export
subPath: export
volumes:
- name: paperless-data
persistentVolumeClaim:
claimName: paperless-data
- name: paperless-media
persistentVolumeClaim:
claimName: paperless-media
- name: paperless-io
nfs:
server: nas
path: /path/to/paperless/export
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: paperless-data
labels:
app: paperless
spec:
storageClassName: cephfs
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: paperless-media
labels:
app: paperless
spec:
storageClassName: cephfs
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
kind: Service
apiVersion: v1
metadata:
name: paperless
spec:
selector:
app: paperless
ports:
- protocol: TCP
port: 8000
targetPort: 8000
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: paperless
labels:
app: paperless
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/connection-proxy-header: "keep-alive"
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
tls:
- hosts:
- paperless.example.com
secretName: paperless-tls
rules:
- host: paperless.example.com
http:
paths:
- path: /
backend:
serviceName: paperless
servicePort: 8000
Raw
paperless-alternative-nfs-only-volumes.yml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: paperless
labels:
app: paperless
spec:
replicas: 1
selector:
matchLabels:
app: paperless
template:
metadata:
labels:
app: paperless
spec:
containers:
- name: webserver
image: pitkley/paperless
imagePullPolicy: IfNotPresent
command: ["/sbin/docker-entrypoint.sh"]
args: ["gunicorn", "-b", "0.0.0.0:8000"]
env:
- name: USERMAP_UID
value: "1746400001"
- name: USERMAP_GID
value: "1746400004"
- name: PAPERLESS_CONSUMPTION_DIR
value: "/consume"
- name: PAPERLESS_PASSPHRASE
value: "CHANGEME"
- name: PAPERLESS_SECRET_KEY
value: "CHANGEME"
- name: PAPERLESS_TIME_ZONE
value: "EST"
- name: PAPERLESS_OCR_LANGUAGES
value: ""
volumeMounts:
- name: paperless
mountPath: /usr/src/paperless/data
subPath: media
- name: paperless
mountPath: /usr/src/paperless/media
subPath: media
- name: paperless
mountPath: /consume
- name: paperless
mountPath: /export
subPath: export
- name: consumer
image: pitkley/paperless
imagePullPolicy: IfNotPresent
command: ["/sbin/docker-entrypoint.sh"]
args: ["document_consumer"]
env:
- name: USERMAP_UID
value: "1000"
- name: USERMAP_GID
value: "1000"
- name: PAPERLESS_CONSUMPTION_DIR
value: "/consume"
- name: PAPERLESS_PASSPHRASE
value: "CHANGEME"
- name: PAPERLESS_SECRET_KEY
value: "CHANGEME"
- name: PAPERLESS_TIME_ZONE
value: "EST"
volumeMounts:
- name: paperless
mountPath: /usr/src/paperless/data
subPath: data
- name: paperless
mountPath: /usr/src/paperless/media
subPath: media
- name: paperless
mountPath: /consume
subPath: consume
- name: paperless
mountPath: /export
subPath: export
volumes:
- name: paperless
nfs:
server: nas
path: /path/to/paperless/export
---
kind: Service
apiVersion: v1
metadata:
name: paperless
spec:
selector:
app: paperless
ports:
- protocol: TCP
port: 8000
targetPort: 8000
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: paperless
labels:
app: paperless
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/connection-proxy-header: "keep-alive"
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
tls:
- hosts:
- paperless.example.com
secretName: paperless-tls
rules:
- host: paperless.example.com
http:
paths:
- path: /
backend:
serviceName: paperless
servicePort: 8000
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment