services: broker: image: redis:7-alpine restart: always networks: - default db: image: postgres:13 restart: always volumes: - "{{ basedir }}/db:/var/lib/postgresql/data" environment: POSTGRES_DB: paperless POSTGRES_USER: paperless POSTGRES_PASSWORD: {{ postgres_user_pass }} networks: - default app: image: ghcr.io/paperless-ngx/paperless-ngx:latest restart: always depends_on: - db - broker volumes: - "{{ basedir }}/data:/usr/src/paperless/data" - "{{ basedir }}/media:/usr/src/paperless/media:z" - "{{ basedir }}/consume:/usr/src/paperless/consume" - "{{ basedir }}/export:/usr/src/paperless/export" environment: USERMAP_UID: 1000 USERMAP_GID: 1000 PAPERLESS_DEBUG: 0 PAPERLESS_REDIS: redis://broker:6379 PAPERLESS_DBENGINE: postgress PAPERLESS_DBHOST: db PAPERLESS_DBNAME: paperless PAPERLESS_DBUSER: paperless PAPERLESS_DBPASS: {{ postgres_user_pass }} PAPERLESS_URL: "https://{{ domain }}" PAPERLESS_OCR_MODE: skip PAPERLESS_OCR_OUTPUT_TYPE: pdfa PAPERLESS_OCR_LANGUAGES: deu eng PAPERLESS_OCR_LANGUAGE: deu PAPERLESS_OCR_SKIP_ARCHIVE_FILE: with_text PAPERLESS_TIME_ZONE: Europe/Berlin PAPERLESS_SECRET_KEY: {{ paperless_secret_key }} PAPERLESS_TASK_WORKERS: 2 PAPERLESS_OPTIMIZE_THUMBNAILS: 1 PAPERLESS_FILENAME_FORMAT: "{correspondent}/{created_year}/{created_year}-{created_month}-{created_day}_{correspondent}_{document_type}_{title}" PAPERLESS_ADMIN_USER: paperlessadmin PAPERLESS_ADMIN_PASSWORD: {{ paperless_admin_pass }} PAPERLESS_APPS: "allauth.socialaccount.providers.openid_connect" PAPERLESS_SOCIALACCOUNT_PROVIDERS: '{"openid_connect": {"APPS": [{"provider_id": "uffd","name": "uffd","client_id": "{{ servicename }}","secret": "{{ openid_client_secret }}","settings": { "server_url": "{{ oidc_global.provider_url }}/.well-known/openid-configuration"}}]}}' PAPERLESS_SOCIAL_AUTO_SIGNUP: True PAPERLESS_SOCIAL_AUTO_SIGNUPS: True PAPERLESS_ACCOUNT_ALLOW_SIGNUPS: False PAPERLESS_ACCOUNT_DEFAULT_HTTP_PROTOCOL: https PAPERLESS_ACCOUNT_EMAIL_VERIFICATION: optional PAPERLESS_DISABLE_REGULAR_LOGIN: True PAPERLESS_REDIRECT_LOGIN_TO_SSO: True #PAPERLESS_EMAIL_HOST: "mail.test-warpzone.de" #PAPERLESS_EMAIL_PORT: 587 #PAPERLESS_EMAIL_HOST_USER: "noreply-paperless@test-warpzone.de" #PAPERLESS_EMAIL_HOST_PASSWORD: "{{ paperless_mail_pass }}" #PAPERLESS_EMAIL_FROM: "noreply-paperless@test-warpzone.de" #PAPERLESS_EMAIL_USE_TLS: True healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8000"] interval: 30s timeout: 10s retries: 5 labels: - traefik.enable=true - traefik.http.routers.{{ servicename }}.rule=Host(`{{ domain }}`) - traefik.http.routers.{{ servicename }}.entrypoints=websecure - traefik.http.services.{{ servicename }}.loadbalancer.server.port=8000 - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=5368709120 networks: - default - web networks: web: external: true