Last active
April 30, 2024 13:39
-
-
Save cclloyd/e569eb16d7eddd6adc9aa49b56b7147b to your computer and use it in GitHub Desktop.
Paperless deployment on kubernetes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: paperless | |
| labels: | |
| app: paperless | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: paperless | |
| template: | |
| metadata: | |
| labels: | |
| app: paperless | |
| spec: | |
| containers: | |
| - name: webserver | |
| image: pitkley/paperless | |
| imagePullPolicy: IfNotPresent | |
| command: ["/sbin/docker-entrypoint.sh"] | |
| args: ["gunicorn", "-b", "0.0.0.0:8000"] | |
| env: | |
| - name: USERMAP_UID | |
| value: "1746400001" | |
| - name: USERMAP_GID | |
| value: "1746400004" | |
| - name: PAPERLESS_CONSUMPTION_DIR | |
| value: "/consume" | |
| - name: PAPERLESS_PASSPHRASE | |
| value: "CHANGEME" | |
| - name: PAPERLESS_SECRET_KEY | |
| value: "CHANGEME" | |
| - name: PAPERLESS_TIME_ZONE | |
| value: "EST" | |
| - name: PAPERLESS_OCR_LANGUAGES | |
| value: "" | |
| volumeMounts: | |
| - name: paperless-data | |
| mountPath: /usr/src/paperless/data | |
| - name: paperless-media | |
| mountPath: /usr/src/paperless/media | |
| - name: paperless-io | |
| mountPath: /consume | |
| - name: paperless-io | |
| mountPath: /export | |
| subPath: export | |
| - name: consumer | |
| image: pitkley/paperless | |
| imagePullPolicy: IfNotPresent | |
| command: ["/sbin/docker-entrypoint.sh"] | |
| args: ["document_consumer"] | |
| env: | |
| - name: USERMAP_UID | |
| value: "1000" | |
| - name: USERMAP_GID | |
| value: "1000" | |
| - name: PAPERLESS_CONSUMPTION_DIR | |
| value: "/consume" | |
| - name: PAPERLESS_PASSPHRASE | |
| value: "CHANGEME" | |
| - name: PAPERLESS_SECRET_KEY | |
| value: "CHANGEME" | |
| - name: PAPERLESS_TIME_ZONE | |
| value: "EST" | |
| volumeMounts: | |
| - name: paperless-data | |
| mountPath: /usr/src/paperless/data | |
| - name: paperless-media | |
| mountPath: /usr/src/paperless/media | |
| - name: paperless-io | |
| mountPath: /consume | |
| subPath: consume | |
| - name: paperless-io | |
| mountPath: /export | |
| subPath: export | |
| volumes: | |
| - name: paperless-data | |
| persistentVolumeClaim: | |
| claimName: paperless-data | |
| - name: paperless-media | |
| persistentVolumeClaim: | |
| claimName: paperless-media | |
| - name: paperless-io | |
| nfs: | |
| server: nas | |
| path: /path/to/paperless/export | |
| --- | |
| apiVersion: v1 | |
| kind: PersistentVolumeClaim | |
| metadata: | |
| name: paperless-data | |
| labels: | |
| app: paperless | |
| spec: | |
| storageClassName: cephfs | |
| accessModes: | |
| - ReadWriteMany | |
| resources: | |
| requests: | |
| storage: 1Gi | |
| --- | |
| apiVersion: v1 | |
| kind: PersistentVolumeClaim | |
| metadata: | |
| name: paperless-media | |
| labels: | |
| app: paperless | |
| spec: | |
| storageClassName: cephfs | |
| accessModes: | |
| - ReadWriteMany | |
| resources: | |
| requests: | |
| storage: 1Gi | |
| --- | |
| kind: Service | |
| apiVersion: v1 | |
| metadata: | |
| name: paperless | |
| spec: | |
| selector: | |
| app: paperless | |
| ports: | |
| - protocol: TCP | |
| port: 8000 | |
| targetPort: 8000 | |
| --- | |
| apiVersion: extensions/v1beta1 | |
| kind: Ingress | |
| metadata: | |
| name: paperless | |
| labels: | |
| app: paperless | |
| annotations: | |
| kubernetes.io/ingress.class: nginx | |
| cert-manager.io/cluster-issuer: "letsencrypt-prod" | |
| nginx.ingress.kubernetes.io/connection-proxy-header: "keep-alive" | |
| nginx.ingress.kubernetes.io/enable-cors: "true" | |
| nginx.ingress.kubernetes.io/force-ssl-redirect: "true" | |
| nginx.ingress.kubernetes.io/ssl-redirect: "true" | |
| spec: | |
| tls: | |
| - hosts: | |
| - paperless.example.com | |
| secretName: paperless-tls | |
| rules: | |
| - host: paperless.example.com | |
| http: | |
| paths: | |
| - path: / | |
| backend: | |
| serviceName: paperless | |
| servicePort: 8000 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: paperless | |
| labels: | |
| app: paperless | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: paperless | |
| template: | |
| metadata: | |
| labels: | |
| app: paperless | |
| spec: | |
| containers: | |
| - name: webserver | |
| image: pitkley/paperless | |
| imagePullPolicy: IfNotPresent | |
| command: ["/sbin/docker-entrypoint.sh"] | |
| args: ["gunicorn", "-b", "0.0.0.0:8000"] | |
| env: | |
| - name: USERMAP_UID | |
| value: "1746400001" | |
| - name: USERMAP_GID | |
| value: "1746400004" | |
| - name: PAPERLESS_CONSUMPTION_DIR | |
| value: "/consume" | |
| - name: PAPERLESS_PASSPHRASE | |
| value: "CHANGEME" | |
| - name: PAPERLESS_SECRET_KEY | |
| value: "CHANGEME" | |
| - name: PAPERLESS_TIME_ZONE | |
| value: "EST" | |
| - name: PAPERLESS_OCR_LANGUAGES | |
| value: "" | |
| volumeMounts: | |
| - name: paperless | |
| mountPath: /usr/src/paperless/data | |
| subPath: media | |
| - name: paperless | |
| mountPath: /usr/src/paperless/media | |
| subPath: media | |
| - name: paperless | |
| mountPath: /consume | |
| - name: paperless | |
| mountPath: /export | |
| subPath: export | |
| - name: consumer | |
| image: pitkley/paperless | |
| imagePullPolicy: IfNotPresent | |
| command: ["/sbin/docker-entrypoint.sh"] | |
| args: ["document_consumer"] | |
| env: | |
| - name: USERMAP_UID | |
| value: "1000" | |
| - name: USERMAP_GID | |
| value: "1000" | |
| - name: PAPERLESS_CONSUMPTION_DIR | |
| value: "/consume" | |
| - name: PAPERLESS_PASSPHRASE | |
| value: "CHANGEME" | |
| - name: PAPERLESS_SECRET_KEY | |
| value: "CHANGEME" | |
| - name: PAPERLESS_TIME_ZONE | |
| value: "EST" | |
| volumeMounts: | |
| - name: paperless | |
| mountPath: /usr/src/paperless/data | |
| subPath: data | |
| - name: paperless | |
| mountPath: /usr/src/paperless/media | |
| subPath: media | |
| - name: paperless | |
| mountPath: /consume | |
| subPath: consume | |
| - name: paperless | |
| mountPath: /export | |
| subPath: export | |
| volumes: | |
| - name: paperless | |
| nfs: | |
| server: nas | |
| path: /path/to/paperless/export | |
| --- | |
| kind: Service | |
| apiVersion: v1 | |
| metadata: | |
| name: paperless | |
| spec: | |
| selector: | |
| app: paperless | |
| ports: | |
| - protocol: TCP | |
| port: 8000 | |
| targetPort: 8000 | |
| --- | |
| apiVersion: extensions/v1beta1 | |
| kind: Ingress | |
| metadata: | |
| name: paperless | |
| labels: | |
| app: paperless | |
| annotations: | |
| kubernetes.io/ingress.class: nginx | |
| cert-manager.io/cluster-issuer: "letsencrypt-prod" | |
| nginx.ingress.kubernetes.io/connection-proxy-header: "keep-alive" | |
| nginx.ingress.kubernetes.io/enable-cors: "true" | |
| nginx.ingress.kubernetes.io/force-ssl-redirect: "true" | |
| nginx.ingress.kubernetes.io/ssl-redirect: "true" | |
| spec: | |
| tls: | |
| - hosts: | |
| - paperless.example.com | |
| secretName: paperless-tls | |
| rules: | |
| - host: paperless.example.com | |
| http: | |
| paths: | |
| - path: / | |
| backend: | |
| serviceName: paperless | |
| servicePort: 8000 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment