getting paperless-ng ready for the first release.

2025-07-28 18:24:38 -05:00 · 2020-11-14 12:10:38 +01:00
parent a0479d33b5
commit 12b70a13be
13 changed files with 150 additions and 23 deletions
--- a/scripts/docker-entrypoint.sh
+++ b/scripts/docker-entrypoint.sh
@@ -1,94 +0,0 @@
-#!/bin/bash
-
-set -e
-
-# Source: https://github.com/sameersbn/docker-gitlab/
-map_uidgid() {
-    USERMAP_ORIG_UID=$(id -u paperless)
-    USERMAP_ORIG_GID=$(id -g paperless)
-    USERMAP_NEW_UID=${USERMAP_UID:-$USERMAP_ORIG_UID}
-    USERMAP_NEW_GID=${USERMAP_GID:-${USERMAP_ORIG_GID:-$USERMAP_NEW_UID}}
-    if [[ ${USERMAP_NEW_UID} != "${USERMAP_ORIG_UID}" || ${USERMAP_NEW_GID} != "${USERMAP_ORIG_GID}" ]]; then
-        echo "Mapping UID and GID for paperless:paperless to $USERMAP_NEW_UID:$USERMAP_NEW_GID"
-        usermod -u "${USERMAP_NEW_UID}" paperless
-        groupmod -o -g "${USERMAP_NEW_GID}" paperless
-    fi
-}
-
-migrations() {
-
-	(
-		# flock is in place to prevent multiple containers from doing migrations
-		# simultaneously. This also ensures that the db is ready when the command
-		# of the current container starts.
-		flock 200
-		sudo -HEu paperless python3 manage.py migrate
-	)  200>/usr/src/paperless/data/migration_lock
-
-}
-
-initialize() {
-	map_uidgid
-
-	for dir in export data data/index media media/documents media/documents/originals media/documents/thumbnails; do
-		if [[ ! -d "../$dir" ]]
-		then
-			echo "creating directory ../$dir"
-			mkdir ../$dir
-		fi
-	done
-
-	chown -R paperless:paperless ../
-
-	migrations
-
-}
-
-install_languages() {
-	local langs="$1"
-	read -ra langs <<<"$langs"
-
-	# Check that it is not empty
-	if [ ${#langs[@]} -eq 0 ]; then
-		return
-	fi
-	apt-get update
-
-	for lang in "${langs[@]}"; do
-        pkg="tesseract-ocr-$lang"
-        # English is installed by default
-        #if [[ "$lang" ==  "eng" ]]; then
-        #    continue
-        #fi
-
-        if dpkg -s $pkg &> /dev/null; then
-        	echo "package $pkg already installed!"
-        	continue
-        fi
-
-        if ! apt-cache show $pkg &> /dev/null; then
-        	echo "package $pkg not found! :("
-        	continue
-        fi
-
-				echo "Installing package $pkg..."
-				if ! apt-get -y install "$pkg" &> /dev/null; then
-					echo "Could not install $pkg"
-					exit 1
-				fi
-    done
-}
-
-initialize
-
-# Install additional languages if specified
-if [[ ! -z "$PAPERLESS_OCR_LANGUAGES"  ]]; then
-		install_languages "$PAPERLESS_OCR_LANGUAGES"
-fi
-
-if [[ "$1" != "/"* ]]; then
-	exec sudo -HEu paperless python3 manage.py "$@"
-else
-	exec "$@"
-fi
-
--- a/scripts/gunicorn.conf.py
+++ b/scripts/gunicorn.conf.py
@@ -1,48 +0,0 @@
-bind = '127.0.0.1:8000'
-backlog = 2048
-workers = 3
-worker_class = 'sync'
-worker_connections = 1000
-timeout = 20
-keepalive = 2
-spew = False
-daemon = False
-pidfile = None
-umask = 0
-user = None
-group = None
-tmp_upload_dir = None
-loglevel = 'info'
-errorlog = '-'
-accesslog = '-'
-proc_name = None
-
-def pre_fork(server, worker):
-    pass
-
-def pre_exec(server):
-    server.log.info("Forked child, re-executing.")
-
-def when_ready(server):
-    server.log.info("Server is ready. Spawning workers")
-
-def worker_int(worker):
-    worker.log.info("worker received INT or QUIT signal")
-
-    ## get traceback info
-    import threading, sys, traceback
-    id2name = dict([(th.ident, th.name) for th in threading.enumerate()])
-    code = []
-    for threadId, stack in sys._current_frames().items():
-        code.append("\n# Thread: %s(%d)" % (id2name.get(threadId,""),
-            threadId))
-        for filename, lineno, name, line in traceback.extract_stack(stack):
-            code.append('File: "%s", line %d, in %s' % (filename,
-                lineno, name))
-            if line:
-                code.append("  %s" % (line.strip()))
-    worker.log.debug("\n".join(code))
-
-def worker_abort(worker):
-    worker.log.info("worker received SIGABRT signal")
-
--- a/scripts/imagemagick-policy.xml
+++ b/scripts/imagemagick-policy.xml
@@ -1,96 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE policymap [
-  <!ELEMENT policymap (policy)+>
-  <!ATTLIST policymap xmlns CDATA #FIXED ''>
-  <!ELEMENT policy EMPTY>
-  <!ATTLIST policy xmlns CDATA #FIXED '' domain NMTOKEN #REQUIRED
-    name NMTOKEN #IMPLIED pattern CDATA #IMPLIED rights NMTOKEN #IMPLIED
-    stealth NMTOKEN #IMPLIED value CDATA #IMPLIED>
-]>
-<!--
-  Configure ImageMagick policies.
-
-  Domains include system, delegate, coder, filter, path, or resource.
-
-  Rights include none, read, write, execute and all.  Use | to combine them,
-  for example: "read | write" to permit read from, or write to, a path.
-
-  Use a glob expression as a pattern.
-
-  Suppose we do not want users to process MPEG video images:
-
-    <policy domain="delegate" rights="none" pattern="mpeg:decode" />
-
-  Here we do not want users reading images from HTTP:
-
-    <policy domain="coder" rights="none" pattern="HTTP" />
-
-  The /repository file system is restricted to read only.  We use a glob
-  expression to match all paths that start with /repository:
-
-    <policy domain="path" rights="read" pattern="/repository/*" />
-
-  Lets prevent users from executing any image filters:
-
-    <policy domain="filter" rights="none" pattern="*" />
-
-  Any large image is cached to disk rather than memory:
-
-    <policy domain="resource" name="area" value="1GP"/>
-
-  Define arguments for the memory, map, area, width, height and disk resources
-  with SI prefixes (.e.g 100MB).  In addition, resource policies are maximums
-  for each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB
-  exceeds policy maximum so memory limit is 1GB).
-
-  Rules are processed in order.  Here we want to restrict ImageMagick to only
-  read or write a small subset of proven web-safe image types:
-
-    <policy domain="delegate" rights="none" pattern="*" />
-    <policy domain="filter" rights="none" pattern="*" />
-    <policy domain="coder" rights="none" pattern="*" />
-    <policy domain="coder" rights="read|write" pattern="{GIF,JPEG,PNG,WEBP}" />
-->
-<policymap>
-  <!-- <policy domain="system" name="shred" value="2"/> -->
-  <!-- <policy domain="system" name="precision" value="6"/> -->
-  <!-- <policy domain="system" name="memory-map" value="anonymous"/> -->
-  <!-- <policy domain="system" name="max-memory-request" value="256MiB"/> -->
-  <!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
-  <policy domain="resource" name="memory" value="256MiB"/>
-  <policy domain="resource" name="map" value="512MiB"/>
-  <policy domain="resource" name="width" value="16KP"/>
-  <policy domain="resource" name="height" value="16KP"/>
-  <!-- <policy domain="resource" name="list-length" value="128"/> -->
-  <policy domain="resource" name="area" value="128MB"/>
-  <policy domain="resource" name="disk" value="1GiB"/>
-  <!-- <policy domain="resource" name="file" value="768"/> -->
-  <!-- <policy domain="resource" name="thread" value="4"/> -->
-  <!-- <policy domain="resource" name="throttle" value="0"/> -->
-  <!-- <policy domain="resource" name="time" value="3600"/> -->
-  <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
-  <!-- <policy domain="module" rights="none" pattern="{PS,PDF,XPS}" /> -->
-  <!-- <policy domain="delegate" rights="none" pattern="HTTPS" /> -->
-  <!-- <policy domain="path" rights="none" pattern="@*" /> -->
-  <!-- <policy domain="cache" name="memory-map" value="anonymous"/> -->
-  <!-- <policy domain="cache" name="synchronize" value="True"/> -->
-  <!-- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> -->
-  <!-- <policy domain="system" name="pixel-cache-memory" value="anonymous"/> -->
-  <!-- <policy domain="system" name="shred" value="2"/> -->
-  <!-- <policy domain="system" name="precision" value="6"/> -->
-  <!-- not needed due to the need to use explicitly by mvg: -->
-  <!-- <policy domain="delegate" rights="none" pattern="MVG" /> -->
-  <!-- use curl -->
-  <policy domain="delegate" rights="none" pattern="URL" />
-  <policy domain="delegate" rights="none" pattern="HTTPS" />
-  <policy domain="delegate" rights="none" pattern="HTTP" />
-  <!-- in order to avoid to get image with password text -->
-  <policy domain="path" rights="none" pattern="@*"/>
-  <!-- disable ghostscript format types -->
-  <policy domain="coder" rights="none" pattern="PS" />
-  <policy domain="coder" rights="none" pattern="PS2" />
-  <policy domain="coder" rights="none" pattern="PS3" />
-  <policy domain="coder" rights="none" pattern="EPS" />
-  <policy domain="coder" rights="read|write" pattern="PDF" />
-  <policy domain="coder" rights="none" pattern="XPS" />
-</policymap>
--- a/scripts/supervisord.conf
+++ b/scripts/supervisord.conf
@@ -1,35 +0,0 @@
-[supervisord]
-nodaemon=true               ; start in foreground if true; default false
-logfile=/var/log/supervisord/supervisord.log ; main log file; default $CWD/supervisord.log
-pidfile=/var/run/supervisord/supervisord.pid ; supervisord pidfile; default supervisord.pid
-logfile_maxbytes=50MB        ; max main logfile bytes b4 rotation; default 50MB
-logfile_backups=10           ; # of main logfile backups; 0 means none, default 10
-loglevel=info                ; log level; default info; others: debug,warn,trace
-user=root
-
-[program:gunicorn]
-command=gunicorn -c /usr/src/paperless/gunicorn.conf.py -b 0.0.0.0:8000 paperless.wsgi
-user=paperless
-
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
-
-[program:consumer]
-command=python3 manage.py document_consumer
-user=paperless
-
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
-
-[program:scheduler]
-command=python3 manage.py qcluster
-user=paperless
-
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0