docs: expand

This commit is contained in:
Julian-Samuel Gebühr 2024-04-30 08:13:48 +02:00 committed by GitHub
parent 93b78b09c2
commit 4b8ba241ba
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -19,22 +19,19 @@ To enable this service, add the following configuration to your `vars.yml` file
```yaml ```yaml
######################################################################## ########################################################################
# # # #
# authentik # # paperless #
# # # #
######################################################################## ########################################################################
authentik_enabled: true paperless_enabled: true
authentik_hostname: authentik.example.com paperless_hostname: paperless.example.org
# Put a strong secret below, generated with `pwgen -s 64 1` or in another way
authentik_secret_key: ''
# KeyDB configuration, as described below # KeyDB configuration, as described below
######################################################################## ########################################################################
# # # #
# /authentik # # /paperless #
# # # #
######################################################################## ########################################################################
``` ```
@ -43,11 +40,11 @@ authentik_secret_key: ''
As described on the [KeyDB](keydb.md) documentation page, if you're hosting additional services which require KeyDB on the same server, you'd better go for installing a separate KeyDB instance for each service. See [Creating a KeyDB instance dedicated to paperless-ngx](#creating-a-keydb-instance-dedicated-to-paperless-ngx). As described on the [KeyDB](keydb.md) documentation page, if you're hosting additional services which require KeyDB on the same server, you'd better go for installing a separate KeyDB instance for each service. See [Creating a KeyDB instance dedicated to paperless-ngx](#creating-a-keydb-instance-dedicated-to-paperless-ngx).
If you're only running authentik on this server and don't need to use KeyDB for anything else, you can [use a single KeyDB instance](#using-the-shared-keydb-instance-for-authentik). If you're only running paperless-ngx on this server and don't need to use KeyDB for anything else, you can [use a single KeyDB instance](#using-the-shared-keydb-instance-for-authentik).
#### Using the shared KeyDB instance for authentik #### Using the shared KeyDB instance for authentik
To install a single (non-dedicated) KeyDB instance (`mash-keydb`) and hook authentik to it, add the following **additional** configuration: To install a single (non-dedicated) KeyDB instance (`mash-keydb`) and hook paperless to it, add the following **additional** configuration:
```yaml ```yaml
######################################################################## ########################################################################
@ -67,44 +64,44 @@ keydb_enabled: true
######################################################################## ########################################################################
# # # #
# authentik # # paperless #
# # # #
######################################################################## ########################################################################
# Base configuration as shown above # Base configuration as shown above
# Point authentik to the shared KeyDB instance # Point paperless to the shared KeyDB instance
authentik_config_redis_hostname: "{{ keydb_identifier }}" paperless_redis_hostname: "{{ keydb_identifier }}"
# Make sure the authentik service (mash-authentik.service) starts after the shared KeyDB service (mash-keydb.service) # Make sure the authentik service (mash-authentik.service) starts after the shared KeyDB service (mash-keydb.service)
authentik_systemd_required_services_list_custom: paperless_systemd_required_services_list_custom:
- "{{ keydb_identifier }}.service" - "{{ keydb_identifier }}.service"
# Make sure the authentik container is connected to the container network of the shared KeyDB service (mash-keydb) # Make sure the authentik container is connected to the container network of the shared KeyDB service (mash-keydb)
authentik_container_additional_networks_custom: paperless_container_additional_networks_custom:
- "{{ keydb_identifier }}" - "{{ keydb_identifier }}"
######################################################################## ########################################################################
# # # #
# /authentik # # /paperless #
# # # #
######################################################################## ########################################################################
``` ```
This will create a `mash-keydb` KeyDB instance on this host. This will create a `mash-keydb` KeyDB instance on this host.
This is only recommended if you won't be installing other services which require KeyDB. Alternatively, go for [Creating a KeyDB instance dedicated to authentik](#creating-a-keydb-instance-dedicated-to-authentik). This is only recommended if you won't be installing other services which require KeyDB. Alternatively, go for [Creating a KeyDB instance dedicated to paperless-ngx](#creating-a-keydb-instance-dedicated-to-paperless-ngx).
#### Creating a KeyDB instance dedicated to authentik #### Creating a KeyDB instance dedicated to paperless
The following instructions are based on the [Running multiple instances of the same service on the same host](../running-multiple-instances.md) documentation. The following instructions are based on the [Running multiple instances of the same service on the same host](../running-multiple-instances.md) documentation.
Adjust your `inventory/hosts` file as described in [Re-do your inventory to add supplementary hosts](../running-multiple-instances.md#re-do-your-inventory-to-add-supplementary-hosts), adding a new supplementary host (e.g. if `authentik.example.com` is your main one, create `authentik.example.com-deps`). Adjust your `inventory/hosts` file as described in [Re-do your inventory to add supplementary hosts](../running-multiple-instances.md#re-do-your-inventory-to-add-supplementary-hosts), adding a new supplementary host (e.g. if `paperless.example.org` is your main one, create `paperless.example.org-deps`).
Then, create a new `vars.yml` file for the Then, create a new `vars.yml` file for the
`inventory/host_vars/authentik.example.com-deps/vars.yml`: `inventory/host_vars/paperless.example.org-deps/vars.yml`:
```yaml ```yaml
--- ---
@ -120,8 +117,8 @@ Then, create a new `vars.yml` file for the
mash_playbook_generic_secret_key: '' mash_playbook_generic_secret_key: ''
# Override service names and directory path prefixes # Override service names and directory path prefixes
mash_playbook_service_identifier_prefix: 'mash-authentik-' mash_playbook_service_identifier_prefix: 'mash-paperless-'
mash_playbook_service_base_directory_name_prefix: 'authentik-' mash_playbook_service_base_directory_name_prefix: 'paperless-'
######################################################################## ########################################################################
# # # #
@ -145,33 +142,33 @@ keydb_enabled: true
######################################################################## ########################################################################
``` ```
This will create a `mash-authentik-keydb` instance on this host with its data in `/mash/authentik-keydb`. This will create a `mash-paperless-keydb` instance on this host with its data in `/mash/paperless-keydb`.
Then, adjust your main inventory host's variables file (`inventory/host_vars/authentik.example.com/vars.yml`) like this: Then, adjust your main inventory host's variables file (`inventory/host_vars/paperless.example.org/vars.yml`) like this:
```yaml ```yaml
######################################################################## ########################################################################
# # # #
# authentik # # paperless #
# # # #
######################################################################## ########################################################################
# Base configuration as shown above # Base configuration as shown above
# Point authentik to its dedicated KeyDB instance # Point authentik to its dedicated KeyDB instance
authentik_config_redis_hostname: mash-authentik-keydb paperless_redis_hostname: mash-authentik-keydb
# Make sure the authentik service (mash-authentik.service) starts after its dedicated KeyDB service (mash-authentik-keydb.service) # Make sure the authentik service (mash-paperless.service) starts after its dedicated KeyDB service (mash-paperless-keydb.service)
authentik_systemd_required_services_list_custom: paperless_systemd_required_services_list_custom:
- "mash-authentik-keydb.service" - "mash-paperless-keydb.service"
# Make sure the authentik container is connected to the container network of its dedicated KeyDB service (mash-authentik-keydb) # Make sure the authentik container is connected to the container network of its dedicated KeyDB service (mash-paperless-keydb)
authentik_container_additional_networks_custom: authentik_container_additional_networks_custom:
- "mash-authentik-keydb" - "mash-paperless-keydb"
######################################################################## ########################################################################
# # # #
# /authentik # # /paperless #
# # # #
######################################################################## ########################################################################
``` ```
@ -179,11 +176,11 @@ authentik_container_additional_networks_custom:
## Installation ## Installation
If you've decided to install a dedicated KeyDB instance for paperless, make sure to first do [installation](../installing.md) for the supplementary inventory host (e.g. `paperless.example.com-deps`), before running installation for the main one (e.g. `paperless.example.com`). If you've decided to install a dedicated KeyDB instance for paperless, make sure to first do [installation](../installing.md) for the supplementary inventory host (e.g. `paperless.example.org-deps`), before running installation for the main one (e.g. `paperless.example.org`).
## Usage ## Usage
Access your instance in your browser at `https://paperless.example.org` Access your instance in your browser at `https://paperless.example.org`
Refer to the [official documentation](https://docs.paperless-ngx.com/) to learn how to use paperless. Refer to the [official documentation](https://docs.paperless-ngx.com/) to learn how to use paperless.