Just save this

[ci skip]
2025-10-30 03:56:23 -05:00 · 2025-01-22 12:13:35 -08:00
471 changed files with 16125 additions and 23302 deletions
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -123,13 +123,13 @@ RUN set -eux \
 WORKDIR /usr/src/paperless/src/docker/

 COPY [ \
-  "docker/rootfs/etc/ImageMagick-6/paperless-policy.xml", \
+  "docker/imagemagick-policy.xml", \
  "./" \
 ]

 RUN set -eux \
  && echo "Configuring ImageMagick" \
-    && mv paperless-policy.xml /etc/ImageMagick-6/policy.xml
+    && mv imagemagick-policy.xml /etc/ImageMagick-6/policy.xml

 # Packages needed only for building a few quick Python
 # dependencies
--- a/.devcontainer/docker-compose.devcontainer.sqlite-tika.yml
+++ b/.devcontainer/docker-compose.devcontainer.sqlite-tika.yml
@@ -65,7 +65,7 @@ services:
    command: /bin/sh -c "chown -R paperless:paperless /usr/src/paperless/paperless-ngx/src/documents/static/frontend && chown -R paperless:paperless /usr/src/paperless/paperless-ngx/.ruff_cache && while sleep 1000; do :; done"

  gotenberg:
-    image: docker.io/gotenberg/gotenberg:8.17
+    image: docker.io/gotenberg/gotenberg:7.10
    restart: unless-stopped

    # The Gotenberg Chromium route is used to convert .eml files. We do not
--- a/.dockerignore
+++ b/.dockerignore
@@ -26,5 +26,3 @@
 ./dist
 ./scripts
 ./resources
-# Other stuff
-**/*.drawio.png
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -47,6 +47,8 @@ updates:
    # Add reviewers
    reviewers:
      - "paperless-ngx/backend"
+    ignore:
+      - dependency-name: "uvicorn"
    groups:
      development:
        patterns:
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -16,7 +16,7 @@ on:
 env:
  # This is the version of pipenv all the steps will use
  # If changing this, change Dockerfile
-  DEFAULT_PIP_ENV_VERSION: "2024.4.1"
+  DEFAULT_PIP_ENV_VERSION: "2024.4.0"
  # This is the default version of Python to use in most steps which aren't specific
  DEFAULT_PYTHON_VERSION: "3.11"

@@ -131,7 +131,7 @@ jobs:
      -
        name: Configure ImageMagick
        run: |
-          sudo cp docker/rootfs/etc/ImageMagick-6/paperless-policy.xml /etc/ImageMagick-6/policy.xml
+          sudo cp docker/imagemagick-policy.xml /etc/ImageMagick-6/policy.xml
      -
        name: Install Python dependencies
        run: |
@@ -534,7 +534,7 @@ jobs:
                          LICENSE \
                          README.md \
                          paperless.conf.example \
-                          webserver.py
+                          gunicorn.conf.py
          do
            cp --verbose ${file_name} dist/paperless-ngx/
          done
--- a/.github/workflows/cleanup-tags.yml
+++ b/.github/workflows/cleanup-tags.yml
@@ -33,7 +33,7 @@ jobs:
      -
        name: Clean temporary images
        if: "${{ env.TOKEN != '' }}"
-        uses: stumpylog/image-cleaner-action/ephemeral@v0.10.0
+        uses: stumpylog/image-cleaner-action/ephemeral@v0.9.0
        with:
          token: "${{ env.TOKEN }}"
          owner: "${{ github.repository_owner }}"
@@ -61,7 +61,7 @@ jobs:
      -
        name: Clean untagged images
        if: "${{ env.TOKEN != '' }}"
-        uses: stumpylog/image-cleaner-action/untagged@v0.10.0
+        uses: stumpylog/image-cleaner-action/untagged@v0.9.0
        with:
          token: "${{ env.TOKEN }}"
          owner: "${{ github.repository_owner }}"
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -29,7 +29,7 @@ repos:
      - id: check-case-conflict
      - id: detect-private-key
  - repo: https://github.com/codespell-project/codespell
-    rev: v2.4.0
+    rev: v2.3.0
    hooks:
      - id: codespell
        exclude: "(^src-ui/src/locale/)|(^src-ui/e2e/)|(^src/paperless_mail/tests/samples/)"
@@ -51,7 +51,7 @@ repos:
          - 'prettier-plugin-organize-imports@4.1.0'
  # Python hooks
  - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.9.9
+    rev: v0.9.2
    hooks:
      - id: ruff
      - id: ruff-format
--- a/.ruff.toml
+++ b/.ruff.toml
@@ -26,19 +26,19 @@ extend-select = [
  "T20",   # https://docs.astral.sh/ruff/rules/#flake8-print-t20
  "SIM",   # https://docs.astral.sh/ruff/rules/#flake8-simplify-sim
  "TID",   # https://docs.astral.sh/ruff/rules/#flake8-tidy-imports-tid
-  "TC",   # https://docs.astral.sh/ruff/rules/#flake8-type-checking-tc
+  "TCH",   # https://docs.astral.sh/ruff/rules/#flake8-type-checking-tch
  "PLC",   # https://docs.astral.sh/ruff/rules/#pylint-pl
  "PLE",   # https://docs.astral.sh/ruff/rules/#pylint-pl
  "RUF",   # https://docs.astral.sh/ruff/rules/#ruff-specific-rules-ruf
  "FLY",   # https://docs.astral.sh/ruff/rules/#flynt-fly
  "PTH",   # https://docs.astral.sh/ruff/rules/#flake8-use-pathlib-pth
-  "FBT",   # https://docs.astral.sh/ruff/rules/#flake8-boolean-trap-fbt
 ]
 ignore = ["DJ001", "SIM105", "RUF012"]

 [lint.per-file-ignores]
 ".github/scripts/*.py" = ["E501", "INP001", "SIM117"]
 "docker/wait-for-redis.py" = ["INP001", "T201"]
+"src/documents/consumer.py" = ["PTH"]  # TODO Enable & remove
 "src/documents/file_handling.py" = ["PTH"]  # TODO Enable & remove
 "src/documents/management/commands/document_consumer.py" = ["PTH"]  # TODO Enable & remove
 "src/documents/management/commands/document_exporter.py" = ["PTH"]  # TODO Enable & remove
@@ -51,6 +51,8 @@ ignore = ["DJ001", "SIM105", "RUF012"]
 "src/documents/signals/handlers.py" = ["PTH"]  # TODO Enable & remove
 "src/documents/tasks.py" = ["PTH"]  # TODO Enable & remove
 "src/documents/tests/test_api_app_config.py" = ["PTH"]  # TODO Enable & remove
+"src/documents/tests/test_api_bulk_download.py" = ["PTH"]  # TODO Enable & remove
+"src/documents/tests/test_api_documents.py" = ["PTH"]  # TODO Enable & remove
 "src/documents/tests/test_classifier.py" = ["PTH"]  # TODO Enable & remove
 "src/documents/tests/test_consumer.py" = ["PTH"]  # TODO Enable & remove
 "src/documents/tests/test_file_handling.py" = ["PTH"]  # TODO Enable & remove
@@ -76,12 +78,8 @@ ignore = ["DJ001", "SIM105", "RUF012"]
 "src/paperless_tesseract/tests/test_parser.py" = ["RUF001", "PTH"]  # TODO PTH Enable & remove
 "src/paperless_tika/tests/test_live_tika.py" = ["PTH"]  # TODO Enable & remove
 "src/paperless_tika/tests/test_tika_parser.py" = ["PTH"]  # TODO Enable & remove
-# Testing
 "*/tests/*.py" = ["E501", "SIM117"]
-# Migrations
 "*/migrations/*.py" = ["E501", "SIM", "T201"]
-# Docker specific
-"docker/rootfs/usr/local/bin/wait-for-redis.py" = ["INP001", "T201"]

 [lint.isort]
 force-single-line = true
--- a/164
+++ b/164
@@ -39,70 +39,15 @@ COPY Pipfile* ./

 RUN set -eux \
  && echo "Installing pipenv" \
-    && python3 -m pip install --no-cache-dir --upgrade pipenv==2024.4.1 \
+    && python3 -m pip install --no-cache-dir --upgrade pipenv==2024.4.0 \
  && echo "Generating requirement.txt" \
    && pipenv requirements > requirements.txt

-# Stage: s6-overlay-base
-# Purpose: Installs s6-overlay and rootfs
-# Comments:
-#  - Don't leave anything extra in here either
-FROM docker.io/python:3.12-slim-bookworm AS s6-overlay-base
-
-WORKDIR /usr/src/s6
-
-# https://github.com/just-containers/s6-overlay#customizing-s6-overlay-behaviour
-ENV \
-    S6_BEHAVIOUR_IF_STAGE2_FAILS=2 \
-    S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \
-    S6_VERBOSITY=1 \
-    PATH=/command:$PATH
-
-# Buildx provided, must be defined to use though
-ARG TARGETARCH
-ARG TARGETVARIANT
-# Lock this version
-ARG S6_OVERLAY_VERSION=3.2.0.2
-
-ARG S6_BUILD_TIME_PKGS="curl \
-                        xz-utils"
-
-RUN set -eux \
-    && echo "Installing build time packages" \
-      && apt-get update \
-      && apt-get install --yes --quiet --no-install-recommends ${S6_BUILD_TIME_PKGS} \
-    && echo "Determining arch" \
-      && S6_ARCH="" \
-      && if [ "${TARGETARCH}${TARGETVARIANT}" = "amd64" ]; then S6_ARCH="x86_64"; \
-      elif [ "${TARGETARCH}${TARGETVARIANT}" = "arm64" ]; then S6_ARCH="aarch64"; fi\
-      && if [ -z "${S6_ARCH}" ]; then { echo "Error: Not able to determine arch"; exit 1; }; fi \
-    && echo "Installing s6-overlay for ${S6_ARCH}" \
-      && curl --fail --silent --no-progress-meter --show-error --location --remote-name-all --parallel --parallel-max 4 \
-        "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz" \
-        "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz.sha256" \
-        "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.xz" \
-        "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.xz.sha256" \
-      && echo "Validating s6-archive checksums" \
-        && sha256sum --check ./*.sha256 \
-      && echo "Unpacking archives" \
-        && tar --directory / -Jxpf s6-overlay-noarch.tar.xz \
-        && tar --directory / -Jxpf s6-overlay-${S6_ARCH}.tar.xz \
-      && echo "Removing downloaded archives" \
-        && rm ./*.tar.xz \
-        && rm ./*.sha256 \
-    && echo "Cleaning up image" \
-      && apt-get --yes purge ${S6_BUILD_TIME_PKGS} \
-      && apt-get --yes autoremove --purge \
-      && rm -rf /var/lib/apt/lists/*
-
-# Copy our service defs and filesystem
-COPY ./docker/rootfs /
-
 # Stage: main-app
 # Purpose: The final image
 # Comments:
 #  - Don't leave anything extra in here
-FROM s6-overlay-base AS main-app
+FROM docker.io/python:3.12-slim-bookworm AS main-app

 LABEL org.opencontainers.image.authors="paperless-ngx team <hello@paperless-ngx.com>"
 LABEL org.opencontainers.image.documentation="https://docs.paperless-ngx.com/"
@@ -116,7 +61,7 @@ ARG DEBIAN_FRONTEND=noninteractive
 ARG TARGETARCH

 # Can be workflow provided, defaults set for manual building
-ARG JBIG2ENC_VERSION=0.30
+ARG JBIG2ENC_VERSION=0.29
 ARG QPDF_VERSION=11.9.0
 ARG GS_VERSION=10.03.1

@@ -182,38 +127,91 @@ RUN set -eux \
    && apt-get update \
    && apt-get install --yes --quiet --no-install-recommends ${RUNTIME_PACKAGES} \
    && echo "Installing pre-built updates" \
-      && curl --fail --silent --no-progress-meter --show-error --location --remote-name-all --parallel --parallel-max 4 \
-        https://github.com/paperless-ngx/builder/releases/download/qpdf-${QPDF_VERSION}/libqpdf29_${QPDF_VERSION}-1_${TARGETARCH}.deb \
-        https://github.com/paperless-ngx/builder/releases/download/qpdf-${QPDF_VERSION}/qpdf_${QPDF_VERSION}-1_${TARGETARCH}.deb \
-        https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/libgs10_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \
-        https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/ghostscript_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \
-        https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/libgs10-common_${GS_VERSION}.dfsg-1_all.deb \
-        https://github.com/paperless-ngx/builder/releases/download/jbig2enc-${JBIG2ENC_VERSION}/jbig2enc_${JBIG2ENC_VERSION}-1_${TARGETARCH}.deb \
      && echo "Installing qpdf ${QPDF_VERSION}" \
+        && curl --fail --silent --show-error --location \
+          --output libqpdf29_${QPDF_VERSION}-1_${TARGETARCH}.deb \
+          https://github.com/paperless-ngx/builder/releases/download/qpdf-${QPDF_VERSION}/libqpdf29_${QPDF_VERSION}-1_${TARGETARCH}.deb \
+        && curl --fail --silent --show-error --location \
+          --output qpdf_${QPDF_VERSION}-1_${TARGETARCH}.deb \
+          https://github.com/paperless-ngx/builder/releases/download/qpdf-${QPDF_VERSION}/qpdf_${QPDF_VERSION}-1_${TARGETARCH}.deb \
        && dpkg --install ./libqpdf29_${QPDF_VERSION}-1_${TARGETARCH}.deb \
        && dpkg --install ./qpdf_${QPDF_VERSION}-1_${TARGETARCH}.deb \
      && echo "Installing Ghostscript ${GS_VERSION}" \
+        && curl --fail --silent --show-error --location \
+          --output libgs10_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \
+          https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/libgs10_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \
+        && curl --fail --silent --show-error --location \
+          --output ghostscript_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \
+          https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/ghostscript_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \
+        && curl --fail --silent --show-error --location \
+          --output libgs10-common_${GS_VERSION}.dfsg-1_all.deb \
+          https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/libgs10-common_${GS_VERSION}.dfsg-1_all.deb \
        && dpkg --install ./libgs10-common_${GS_VERSION}.dfsg-1_all.deb \
        && dpkg --install ./libgs10_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \
        && dpkg --install ./ghostscript_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \
      && echo "Installing jbig2enc" \
+        && curl --fail --silent --show-error --location \
+          --output jbig2enc_${JBIG2ENC_VERSION}-1_${TARGETARCH}.deb \
+          https://github.com/paperless-ngx/builder/releases/download/jbig2enc-${JBIG2ENC_VERSION}/jbig2enc_${JBIG2ENC_VERSION}-1_${TARGETARCH}.deb \
        && dpkg --install ./jbig2enc_${JBIG2ENC_VERSION}-1_${TARGETARCH}.deb \
-      && echo "Configuring imagemagick" \
-        && cp /etc/ImageMagick-6/paperless-policy.xml /etc/ImageMagick-6/policy.xml \
      && echo "Cleaning up image layer" \
        && rm --force --verbose *.deb \
-    && rm --recursive --force --verbose /var/lib/apt/lists/*
+    && rm --recursive --force --verbose /var/lib/apt/lists/* \
+  && echo "Installing supervisor" \
+    && python3 -m pip install --default-timeout=1000 --upgrade --no-cache-dir supervisor==4.2.5

-# Copy webserver config
+# Copy gunicorn config
 # Changes very infrequently
 WORKDIR /usr/src/paperless/
-COPY --chown=1000:1000 webserver.py /usr/src/paperless/webserver.py
+
+COPY gunicorn.conf.py .
+
+# setup docker-specific things
+# These change sometimes, but rarely
+WORKDIR /usr/src/paperless/src/docker/
+
+COPY [ \
+  "docker/imagemagick-policy.xml", \
+  "docker/supervisord.conf", \
+  "docker/docker-entrypoint.sh", \
+  "docker/docker-prepare.sh", \
+  "docker/paperless_cmd.sh", \
+  "docker/wait-for-redis.py", \
+  "docker/env-from-file.sh", \
+  "docker/management_script.sh", \
+  "docker/flower-conditional.sh", \
+  "docker/install_management_commands.sh", \
+  "/usr/src/paperless/src/docker/" \
+]
+
+RUN set -eux \
+  && echo "Configuring ImageMagick" \
+    && mv imagemagick-policy.xml /etc/ImageMagick-6/policy.xml \
+  && echo "Configuring supervisord" \
+    && mkdir /var/log/supervisord /var/run/supervisord \
+    && mv supervisord.conf /etc/supervisord.conf \
+  && echo "Setting up Docker scripts" \
+    && mv docker-entrypoint.sh /sbin/docker-entrypoint.sh \
+    && chmod 755 /sbin/docker-entrypoint.sh \
+    && mv docker-prepare.sh /sbin/docker-prepare.sh \
+    && chmod 755 /sbin/docker-prepare.sh \
+    && mv wait-for-redis.py /sbin/wait-for-redis.py \
+    && chmod 755 /sbin/wait-for-redis.py \
+    && mv env-from-file.sh /sbin/env-from-file.sh \
+    && chmod 755 /sbin/env-from-file.sh \
+    && mv paperless_cmd.sh /usr/local/bin/paperless_cmd.sh \
+    && chmod 755 /usr/local/bin/paperless_cmd.sh \
+    && mv flower-conditional.sh /usr/local/bin/flower-conditional.sh \
+    && chmod 755 /usr/local/bin/flower-conditional.sh \
+  && echo "Installing management commands" \
+    && chmod +x install_management_commands.sh \
+    && ./install_management_commands.sh

 WORKDIR /usr/src/paperless/src/

 # Python dependencies
 # Change pretty frequently
-COPY --chown=1000:1000 --from=pipenv-base /usr/src/pipenv/requirements.txt ./
+COPY --from=pipenv-base /usr/src/pipenv/requirements.txt ./

 # Packages needed only for building a few quick Python
 # dependencies
@@ -226,22 +224,20 @@ ARG BUILD_PACKAGES="\
  default-libmysqlclient-dev \
  pkg-config"

-ARG ZXING_VERSION=2.3.0
-ARG PSYCOPG_VERSION=3.2.4
-
 # hadolint ignore=DL3042
 RUN --mount=type=cache,target=/root/.cache/pip/,id=pip-cache \
  set -eux \
  && echo "Installing build system packages" \
    && apt-get update \
    && apt-get install --yes --quiet --no-install-recommends ${BUILD_PACKAGES} \
-    && python3 -m pip install --upgrade wheel \
+    && python3 -m pip install --no-cache-dir --upgrade wheel \
  && echo "Installing Python requirements" \
-    && curl --fail --silent --no-progress-meter --show-error --location --remote-name-all --parallel --parallel-max 4 \
-      https://github.com/paperless-ngx/builder/releases/download/psycopg-${PSYCOPG_VERSION}/psycopg_c-${PSYCOPG_VERSION}-cp312-cp312-linux_x86_64.whl \
-      https://github.com/paperless-ngx/builder/releases/download/psycopg-${PSYCOPG_VERSION}/psycopg_c-${PSYCOPG_VERSION}-cp312-cp312-linux_aarch64.whl \
-      https://github.com/paperless-ngx/builder/releases/download/zxing-${ZXING_VERSION}/zxing_cpp-${ZXING_VERSION}-cp312-cp312-linux_aarch64.whl \
-      https://github.com/paperless-ngx/builder/releases/download/zxing-${ZXING_VERSION}/zxing_cpp-${ZXING_VERSION}-cp312-cp312-linux_x86_64.whl \
+    && curl --fail --silent --show-error --location \
+    --output psycopg_c-3.2.3-cp312-cp312-linux_x86_64.whl \
+    https://github.com/paperless-ngx/builder/releases/download/psycopg-3.2.3/psycopg_c-3.2.3-cp312-cp312-linux_x86_64.whl \
+    && curl --fail --silent --show-error --location \
+    --output psycopg_c-3.2.3-cp312-cp312-linux_aarch64.whl  \
+    https://github.com/paperless-ngx/builder/releases/download/psycopg-3.2.3/psycopg_c-3.2.3-cp312-cp312-linux_aarch64.whl \
    && python3 -m pip install --default-timeout=1000 --find-links . --requirement requirements.txt \
  && echo "Installing NLTK data" \
    && python3 -W ignore::RuntimeWarning -m nltk.downloader -d "/usr/share/nltk_data" snowball_data \
@@ -280,16 +276,18 @@ RUN set -eux \
  && echo "Adjusting all permissions" \
    && chown --from root:root --changes --recursive paperless:paperless /usr/src/paperless \
  && echo "Collecting static files" \
-    && s6-setuidgid paperless python3 manage.py collectstatic --clear --no-input --link \
-    && s6-setuidgid paperless python3 manage.py compilemessages
+    && gosu paperless python3 manage.py collectstatic --clear --no-input --link \
+    && gosu paperless python3 manage.py compilemessages

 VOLUME ["/usr/src/paperless/data", \
        "/usr/src/paperless/media", \
        "/usr/src/paperless/consume", \
        "/usr/src/paperless/export"]

-ENTRYPOINT ["/init"]
+ENTRYPOINT ["/sbin/docker-entrypoint.sh"]

 EXPOSE 8000

+CMD ["/usr/local/bin/paperless_cmd.sh"]
+
 HEALTHCHECK --interval=30s --timeout=10s --retries=5 CMD [ "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000" ]
--- a/17
+++ b/17
@@ -14,14 +14,12 @@ django-celery-results = "*"
 django-compression-middleware = "*"
 django-cors-headers = "*"
 django-extensions = "*"
-django-filter = "~=25.1"
+django-filter = "~=24.3"
 django-guardian = "*"
 django-multiselectfield = "*"
 django-soft-delete = "*"
 djangorestframework = "~=3.15.2"
 djangorestframework-guardian = "*"
-drf-spectacular = "*"
-drf-spectacular-sidecar = "*"
 drf-writable-nested = "*"
 bleach = "*"
 celery = {extras = ["redis"], version = "*"}
@@ -31,7 +29,7 @@ concurrent-log-handler = "*"
 filelock = "*"
 flower = "*"
 gotenberg-client = "*"
-granian = "*"
+gunicorn = "*"
 httpx-oauth = "*"
 imap-tools = "*"
 inotifyrecursive = "~=0.3"
@@ -39,7 +37,7 @@ jinja2 = "~=3.1"
 langdetect = "*"
 mysqlclient = "*"
 nltk = "*"
-ocrmypdf = "~=16.9"
+ocrmypdf = "~=16.8"
 pathvalidate = "*"
 pdf2image = "*"
 psycopg = {version = "*", extras = ["c"]}
@@ -55,17 +53,20 @@ scikit-learn = "~=1.6"
 setproctitle = "*"
 tika-client = "*"
 tqdm = "*"
+# See https://github.com/paperless-ngx/paperless-ngx/issues/5494
+uvicorn = {extras = ["standard"], version = "==0.25.0"}
 watchdog = "~=6.0"
-whitenoise = "~=6.9"
+whitenoise = "~=6.8"
 whoosh = "~=2.7"
-zxing-cpp = "*"
+zxing-cpp = {version = "*", platform_machine = "== 'x86_64'"}
+

 [dev-packages]
 # Linting
 pre-commit = "*"
 ruff = "*"
-# Testing
 factory-boy = "*"
+# Testing
 pytest = "*"
 pytest-cov = "*"
 pytest-django = "*"
--- a/Pipfile.lock
+++ b/Pipfile.lock
--- a/docker/compose/docker-compose.ci-test.yml
+++ b/docker/compose/docker-compose.ci-test.yml
@@ -5,7 +5,7 @@

 services:
  gotenberg:
-    image: docker.io/gotenberg/gotenberg:8.17
+    image: docker.io/gotenberg/gotenberg:8.7
    hostname: gotenberg
    container_name: gotenberg
    network_mode: host
--- a/docker/compose/docker-compose.mariadb-tika.yml
+++ b/docker/compose/docker-compose.mariadb-tika.yml
@@ -77,7 +77,7 @@ services:
      PAPERLESS_TIKA_ENDPOINT: http://tika:9998

  gotenberg:
-    image: docker.io/gotenberg/gotenberg:8.17
+    image: docker.io/gotenberg/gotenberg:8.7
    restart: unless-stopped
    # The gotenberg chromium route is used to convert .eml files. We do not
    # want to allow external content like tracking pixels or even javascript.
--- a/docker/compose/docker-compose.postgres-tika.yml
+++ b/docker/compose/docker-compose.postgres-tika.yml
@@ -71,7 +71,7 @@ services:
      PAPERLESS_TIKA_ENDPOINT: http://tika:9998

  gotenberg:
-    image: docker.io/gotenberg/gotenberg:8.17
+    image: docker.io/gotenberg/gotenberg:8.7
    restart: unless-stopped

    # The gotenberg chromium route is used to convert .eml files. We do not
--- a/docker/compose/docker-compose.sqlite-tika.yml
+++ b/docker/compose/docker-compose.sqlite-tika.yml
@@ -59,7 +59,7 @@ services:
      PAPERLESS_TIKA_ENDPOINT: http://tika:9998

  gotenberg:
-    image: docker.io/gotenberg/gotenberg:8.17
+    image: docker.io/gotenberg/gotenberg:8.7
    restart: unless-stopped

    # The gotenberg chromium route is used to convert .eml files. We do not
--- a/docker/docker-prepare.sh
+++ b/docker/docker-prepare.sh
@@ -0,0 +1,120 @@
+#!/usr/bin/env bash
+
+set -e
+
+wait_for_postgres() {
+	local attempt_num=1
+	local -r max_attempts=5
+
+	echo "Waiting for PostgreSQL to start..."
+
+	local -r host="${PAPERLESS_DBHOST:-localhost}"
+	local -r port="${PAPERLESS_DBPORT:-5432}"
+
+	# Disable warning, host and port can't have spaces
+	# shellcheck disable=SC2086
+	while [ ! "$(pg_isready --host ${host} --port ${port})" ]; do
+
+		if [ $attempt_num -eq $max_attempts ]; then
+			echo "Unable to connect to database."
+			exit 1
+		else
+			echo "Attempt $attempt_num failed! Trying again in 5 seconds..."
+		fi
+
+		attempt_num=$(("$attempt_num" + 1))
+		sleep 5
+	done
+	echo "Connected to PostgreSQL"
+}
+
+wait_for_mariadb() {
+	echo "Waiting for MariaDB to start..."
+
+	local -r host="${PAPERLESS_DBHOST:=localhost}"
+	local -r port="${PAPERLESS_DBPORT:=3306}"
+
+	local attempt_num=1
+	local -r max_attempts=5
+
+	# Disable warning, host and port can't have spaces
+	# shellcheck disable=SC2086
+	while ! true > /dev/tcp/$host/$port; do
+
+		if [ $attempt_num -eq $max_attempts ]; then
+			echo "Unable to connect to database."
+			exit 1
+		else
+			echo "Attempt $attempt_num failed! Trying again in 5 seconds..."
+
+		fi
+
+		attempt_num=$(("$attempt_num" + 1))
+		sleep 5
+	done
+	echo "Connected to MariaDB"
+}
+
+wait_for_redis() {
+	# We use a Python script to send the Redis ping
+	# instead of installing redis-tools just for 1 thing
+	if ! python3 /sbin/wait-for-redis.py; then
+		exit 1
+	fi
+}
+
+migrations() {
+	(
+		# flock is in place to prevent multiple containers from doing migrations
+		# simultaneously. This also ensures that the db is ready when the command
+		# of the current container starts.
+		flock 200
+		echo "Apply database migrations..."
+		python3 manage.py migrate --skip-checks --no-input
+	) 200>"${DATA_DIR}/migration_lock"
+}
+
+django_checks() {
+	# Explicitly run the Django system checks
+	echo "Running Django checks"
+	python3 manage.py check
+}
+
+search_index() {
+
+	local -r index_version=9
+	local -r index_version_file=${DATA_DIR}/.index_version
+
+	if [[ (! -f "${index_version_file}") || $(<"${index_version_file}") != "$index_version" ]]; then
+		echo "Search index out of date. Updating..."
+		python3 manage.py document_index reindex --no-progress-bar
+		echo ${index_version} | tee "${index_version_file}" >/dev/null
+	fi
+}
+
+superuser() {
+	if [[ -n "${PAPERLESS_ADMIN_USER}" ]]; then
+		python3 manage.py manage_superuser
+	fi
+}
+
+do_work() {
+	if [[ "${PAPERLESS_DBENGINE}" == "mariadb" ]]; then
+		wait_for_mariadb
+	elif [[ -n "${PAPERLESS_DBHOST}" ]]; then
+		wait_for_postgres
+	fi
+
+	wait_for_redis
+
+	migrations
+
+	django_checks
+
+	search_index
+
+	superuser
+
+}
+
+do_work
--- a/docker/env-from-file.sh
+++ b/docker/env-from-file.sh
@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+
+# Scans the environment variables for those with the suffix _FILE
+# When located, checks the file exists, and exports the contents
+# of the file as the same name, minus the suffix
+# This allows the use of Docker secrets or mounted files
+# to fill in any of the settings configurable via environment
+# variables
+
+set -eu
+
+for line in $(printenv)
+do
+	# Extract the name of the environment variable
+	env_name=${line%%=*}
+	# Check if it starts with "PAPERLESS_" and ends in "_FILE"
+	if [[ ${env_name} == PAPERLESS_*_FILE ]]; then
+		# This should have been named different..
+		if [[ ${env_name} == "PAPERLESS_OCR_SKIP_ARCHIVE_FILE" || ${env_name} == "PAPERLESS_MODEL_FILE" ]]; then
+			continue
+		fi
+		# Extract the value of the environment
+		env_value=${line#*=}
+
+		# Check the file exists
+		if [[ -f ${env_value} ]]; then
+
+			# Trim off the _FILE suffix
+			non_file_env_name=${env_name%"_FILE"}
+			echo "Setting ${non_file_env_name} from file"
+
+			# Reads the value from th file
+			val="$(< "${!env_name}")"
+
+			# Sets the normal name to the read file contents
+			export "${non_file_env_name}"="${val}"
+
+		else
+			echo "File ${env_value} referenced by ${env_name} doesn't exist"
+		fi
+	fi
+done
--- a/docker/flower-conditional.sh
+++ b/docker/flower-conditional.sh
@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+echo "Checking if we should start flower..."
+
+if [[ -n  "${PAPERLESS_ENABLE_FLOWER}" ]]; then
+	# Small delay to allow celery to be up first
+	echo "Starting flower in 5s"
+	sleep 5
+	celery --app paperless flower --conf=/usr/src/paperless/src/paperless/flowerconfig.py
+else
+	echo "Not starting flower"
+fi
--- a/docker/rootfs/etc/ImageMagick-6/paperless-policy.xml
+++ b/docker/rootfs/etc/ImageMagick-6/paperless-policy.xml
--- a/docker/init-flow.drawio.png
+++ b/docker/init-flow.drawio.png
--- a/docker/install_management_commands.sh
+++ b/docker/install_management_commands.sh
@@ -1,7 +1,5 @@
 #!/usr/bin/env bash

-# Run this script to generate the management commands again (for example if a new command is create or the template is updated)
-
 set -eu

 for command in decrypt_documents \
@@ -21,6 +19,6 @@ for command in decrypt_documents \
 	prune_audit_logs;
 do
 	echo "installing $command..."
-	sed "s/management_command/$command/g" management_script.sh >"$PWD/rootfs/usr/local/bin/$command"
-	chmod +x "$PWD/rootfs/usr/local/bin/$command"
+	sed "s/management_command/$command/g" management_script.sh > /usr/local/bin/$command
+	chmod +x /usr/local/bin/$command
 done
--- a/docker/management_script.sh
+++ b/docker/management_script.sh
@@ -1,13 +1,17 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
+#!/usr/bin/env bash

 set -e

-cd "${PAPERLESS_SRC_DIR}"
+cd /usr/src/paperless/src/
+# This ensures environment is setup
+# shellcheck disable=SC1091
+source /sbin/env-from-file.sh

-if [[ $(id -u) == 0 ]]; then
-	s6-setuidgid paperless python3 manage.py management_command "$@"
-elif [[ $(id -un) == "paperless" ]]; then
+if [[ $(id -u) == 0 ]] ;
+then
+	gosu paperless python3 manage.py management_command "$@"
+elif [[ $(id -un) == "paperless" ]] ;
+then
 	python3 manage.py management_command "$@"
 else
 	echo "Unknown user."
--- a/docker/paperless_cmd.sh
+++ b/docker/paperless_cmd.sh
@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+SUPERVISORD_WORKING_DIR="${PAPERLESS_SUPERVISORD_WORKING_DIR:-$PWD}"
+rootless_args=()
+if [ "$(id -u)" == "$(id -u paperless)" ]; then
+	rootless_args=(
+		--user
+		paperless
+		--logfile
+		"${SUPERVISORD_WORKING_DIR}/supervisord.log"
+		--pidfile
+		"${SUPERVISORD_WORKING_DIR}/supervisord.pid"
+	)
+fi
+
+exec /usr/local/bin/supervisord -c /etc/supervisord.conf "${rootless_args[@]}"
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-env-file
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-env-file
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-folders
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-folders
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-migrations
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-migrations
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-modify-user
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-modify-user
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-search-index
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-search-index
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-start
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-start
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-superuser
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-superuser
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-system-checks
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-system-checks
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-tesseract-langs
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-tesseract-langs
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-wait-for-db
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-wait-for-db
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-wait-for-redis
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/dependencies.d/init-wait-for-redis
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/run
@@ -1,8 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-declare -r log_prefix="[init-complete]"
-declare -r end_time=$(date +%s)
-declare -r start_time=${PAPERLESS_START_TIME_S}
-
-echo "${log_prefix} paperless-ngx docker container init completed in $(($end_time-$start_time)) seconds"
-echo "${log_prefix} Starting services"
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-complete/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-complete/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/dependencies.d/init-search-index
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/dependencies.d/init-search-index
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/dependencies.d/init-system-checks
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/dependencies.d/init-system-checks
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/dependencies.d/init-tesseract-langs
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/dependencies.d/init-tesseract-langs
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/dependencies.d/init-wait-for-db
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/dependencies.d/init-wait-for-db
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/dependencies.d/init-wait-for-redis
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/dependencies.d/init-wait-for-redis
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/run
@@ -1,44 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-declare -r log_prefix="[custom-init]"
-
-# Mostly borrowed from the LinuxServer.io base image
-# https://github.com/linuxserver/docker-baseimage-ubuntu/tree/bionic/root/etc/cont-init.d
-declare -r custom_script_dir="/custom-cont-init.d"
-
-# Tamper checking.
-# Don't run files which are owned by anyone except root
-# Don't run files which are writeable by others
-if [ -d "${custom_script_dir}" ]; then
-	if [ -n "$(/usr/bin/find "${custom_script_dir}" -maxdepth 1 ! -user root)" ]; then
-		echo "${log_prefix} **** Potential tampering with custom scripts detected ****"
-		echo "${log_prefix} **** The folder '${custom_script_dir}' must be owned by root ****"
-		exit 0
-	fi
-	if [ -n "$(/usr/bin/find "${custom_script_dir}" -maxdepth 1 -perm -o+w)" ]; then
-		echo "${log_prefix} **** The folder '${custom_script_dir}' or some of contents have write permissions for others, which is a security risk. ****"
-		echo "${log_prefix} **** Please review the permissions and their contents to make sure they are owned by root, and can only be modified by root. ****"
-		exit 0
-	fi
-
-	# Make sure custom init directory has files in it
-	if [ -n "$(/bin/ls --almost-all "${custom_script_dir}" 2>/dev/null)" ]; then
-		echo "${log_prefix} files found in ${custom_script_dir} executing"
-		# Loop over files in the directory
-		for SCRIPT in "${custom_script_dir}"/*; do
-			NAME="$(basename "${SCRIPT}")"
-			if [ -f "${SCRIPT}" ]; then
-				echo "${log_prefix} ${NAME}: executing..."
-				/command/with-contenv /bin/bash "${SCRIPT}"
-				echo "${log_prefix} ${NAME}: exited $?"
-			elif [ ! -f "${SCRIPT}" ]; then
-				echo "${log_prefix} ${NAME}: is not a file"
-			fi
-		done
-	else
-		echo "${log_prefix} no custom files found exiting..."
-	fi
-else
-	echo "${log_prefix} ${custom_script_dir} doesn't exist, nothing to do"
-fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-custom-init/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-custom-init/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-env-file/dependencies.d/init-start
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-env-file/dependencies.d/init-start
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-env-file/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-env-file/run
@@ -1,30 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-declare -r log_prefix="[env-init]"
-
-echo "${log_prefix} Checking for environment from files"
-
-if find /run/s6/container_environment/*"_FILE" -maxdepth 1 > /dev/null 2>&1; then
-	for FILENAME in /run/s6/container_environment/*; do
-		if [[ "${FILENAME##*/}" == PAPERLESS_*_FILE ]]; then
-			# This should have been named different..
-			if [[ ${FILENAME} == "PAPERLESS_OCR_SKIP_ARCHIVE_FILE" || ${FILENAME} == "PAPERLESS_MODEL_FILE" ]]; then
-				continue
-			fi
-			SECRETFILE=$(cat "${FILENAME}")
-			# Check the file exists
-			if [[ -f ${SECRETFILE} ]]; then
-				# Trim off trailing _FILE
-				FILESTRIP=${FILENAME//_FILE/}
-				# Set environment variable
-				cat "${SECRETFILE}" > "${FILESTRIP}"
-				echo "${log_prefix} ${FILESTRIP##*/} set from ${FILENAME##*/}"
-			else
-				echo "${log_prefix} cannot find secret in ${FILENAME##*/}"
-			fi
-		fi
-	done
-else
-		echo "${log_prefix} No *_FILE environment found"
-fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-env-file/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-env-file/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-env-file/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-env-file/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-env-file/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-folders/dependencies.d/init-modify-user
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-folders/dependencies.d/init-modify-user
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-folders/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-folders/run
@@ -1,33 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-declare -r log_prefix="[init-folders]"
-
-declare -r export_dir="/usr/src/paperless/export"
-declare -r data_dir="${PAPERLESS_DATA_DIR:-/usr/src/paperless/data}"
-declare -r media_root_dir="${PAPERLESS_MEDIA_ROOT:-/usr/src/paperless/media}"
-declare -r consume_dir="${PAPERLESS_CONSUMPTION_DIR:-/usr/src/paperless/consume}"
-declare -r tmp_dir="${PAPERLESS_SCRATCH_DIR:=/tmp/paperless}"
-
-echo "${log_prefix} Checking for folder existence"
-
-for dir in \
-	"${export_dir}" \
-	"${data_dir}" "${data_dir}/index" \
-	"${media_root_dir}" "${media_root_dir}/documents" "${media_root_dir}/documents/originals" "${media_root_dir}/documents/thumbnails" \
-	"${consume_dir}" \
-	"${tmp_dir}"; do
-	if [[ ! -d "${dir}" ]]; then
-		mkdir --parents --verbose "${dir}"
-	fi
-done
-
-echo "${log_prefix} Adjusting file and folder permissions"
-for dir in \
-	"${export_dir}" \
-	"${data_dir}" \
-	"${media_root_dir}" \
-	"${consume_dir}" \
-	"${tmp_dir}"; do
-	find "${dir}" -not \( -user paperless -and -group paperless \) -exec chown --changes paperless:paperless {} +
-done
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-folders/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-folders/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-folders/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-folders/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-folders/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-migrations/dependencies.d/init-folders
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-migrations/dependencies.d/init-folders
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-migrations/dependencies.d/init-wait-for-db
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-migrations/dependencies.d/init-wait-for-db
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-migrations/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-migrations/run
@@ -1,20 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-declare -r log_prefix="[init-migrations]"
-declare -r data_dir="${PAPERLESS_DATA_DIR:-/usr/src/paperless/data}"
-
-(
-	# flock is in place to prevent multiple containers from doing migrations
-	# simultaneously. This also ensures that the db is ready when the command
-	# of the current container starts.
-	flock 200
-	echo "${log_prefix} Apply database migrations..."
-	cd "${PAPERLESS_SRC_DIR}"
-
-	if [[ -n "${USER_IS_NON_ROOT}" ]]; then
-		exec python3 manage.py migrate --skip-checks --no-input
-	else
-		exec s6-setuidgid paperless python3 manage.py migrate --skip-checks --no-input
-	fi
-
-) 200>"${data_dir}/migration_lock"
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-migrations/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-migrations/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-migrations/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-migrations/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-migrations/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-modify-user/dependencies.d/init-env-file
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-modify-user/dependencies.d/init-env-file
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-modify-user/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-modify-user/run
@@ -1,22 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-declare -r log_prefix="[init-user]"
-
-declare -r usermap_original_uid=$(id -u paperless)
-declare -r usermap_original_gid=$(id -g paperless)
-declare -r usermap_new_uid=${USERMAP_UID:-$usermap_original_uid}
-declare -r usermap_new_gid=${USERMAP_GID:-${usermap_original_gid:-$usermap_new_uid}}
-
-if [[ ${usermap_new_uid} != "${usermap_original_uid}" ]]; then
-	echo "${log_prefix} Mapping UID for paperless to $usermap_new_uid"
-	usermod --non-unique --uid "${usermap_new_uid}" paperless
-else
-	echo "${log_prefix} No UID changes for paperless"
-fi
-
-if [[ ${usermap_new_gid} != "${usermap_original_gid}" ]]; then
-	echo "${log_prefix} Mapping GID for paperless to $usermap_new_gid"
-	groupmod --non-unique --gid "${usermap_new_gid}" paperless
-else
-	echo "${log_prefix} No GID changes for paperless"
-fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-modify-user/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-modify-user/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-modify-user/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-modify-user/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-modify-user/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-search-index/dependencies.d/init-migrations
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-search-index/dependencies.d/init-migrations
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-search-index/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-search-index/run
@@ -1,28 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-declare -r log_prefix="[init-index]"
-
-declare -r index_version=9
-declare -r data_dir="${PAPERLESS_DATA_DIR:-/usr/src/paperless/data}"
-declare -r index_version_file="${data_dir}/.index_version"
-
-update_index () {
-	echo "${log_prefix} Search index out of date. Updating..."
-	cd "${PAPERLESS_SRC_DIR}"
-	if [[ -n "${USER_IS_NON_ROOT}" ]]; then
-		python3 manage.py document_index reindex --no-progress-bar
-		echo ${index_version} | tee "${index_version_file}" > /dev/null
-	else
-		s6-setuidgid paperless python3 manage.py document_index reindex --no-progress-bar
-		echo ${index_version} | s6-setuidgid paperless tee "${index_version_file}" > /dev/null
-	fi
-}
-
-if [[ (! -f "${index_version_file}") ]]; then
-	echo "${log_prefix} No index version file found"
-	update_index
-elif [[ $(<"${index_version_file}") != "$index_version" ]]; then
-	echo "${log_prefix} index version updated"
-	update_index
-fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-search-index/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-search-index/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-search-index/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-search-index/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-search-index/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-start/dependencies.d/base
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-start/dependencies.d/base
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-start/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-start/run
@@ -1,19 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-declare -r log_prefix="[init-start]"
-
-echo "${log_prefix} paperless-ngx docker container starting..."
-
-# Set some directories into environment for other steps to access via environment
-# Sort of like variables for later
-printf "/usr/src/paperless/src" > /var/run/s6/container_environment/PAPERLESS_SRC_DIR
-echo $(date +%s) > /var/run/s6/container_environment/PAPERLESS_START_TIME_S
-
-# Check if we're starting as a non-root user
-if [ $(id -u) == $(id -u paperless) ]; then
-	printf "true" > /var/run/s6/container_environment/USER_IS_NON_ROOT
-	echo "${log_prefix}  paperless-ngx docker container running under a user"
-else
-	echo "${log_prefix}  paperless-ngx docker container starting init as root"
-fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-start/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-start/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-start/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-start/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-start/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-superuser/dependencies.d/init-migrations
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-superuser/dependencies.d/init-migrations
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-superuser/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-superuser/run
@@ -1,20 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-declare -r log_prefix="[init-superuser]"
-
-if [[ -n "${PAPERLESS_ADMIN_USER}" ]]; then
-	echo "${log_prefix} Creating superuser..."
-	cd "${PAPERLESS_SRC_DIR}"
-
-	if [[ -n "${USER_IS_NON_ROOT}" ]]; then
-		python3 manage.py manage_superuser
-	else
-		s6-setuidgid paperless python3 manage.py manage_superuser
-	fi
-
-	echo "${log_prefix} Superuser creation done"
-
-else
-	echo "${log_prefix} Not creating superuser"
-fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-superuser/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-superuser/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-superuser/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-superuser/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-superuser/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-system-checks/dependencies.d/init-superuser
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-system-checks/dependencies.d/init-superuser
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-system-checks/dependencies.d/init-tesseract-langs
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-system-checks/dependencies.d/init-tesseract-langs
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-system-checks/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-system-checks/run
@@ -1,15 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-declare -r log_prefix="[init-checks]"
-
-# Explicitly run the Django system checks
-echo "${log_prefix} Running Django checks"
-
-cd "${PAPERLESS_SRC_DIR}"
-
-if [[ -n "${USER_IS_NON_ROOT}" ]]; then
-	python3 manage.py check
-else
-	s6-setuidgid paperless python3 manage.py check
-fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-system-checks/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-system-checks/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-system-checks/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-system-checks/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-system-checks/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-tesseract-langs/dependencies.d/init-env-file
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-tesseract-langs/dependencies.d/init-env-file
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-tesseract-langs/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-tesseract-langs/run
@@ -1,65 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-declare -r log_prefix="[init-tesseract-langs]"
-
-install_languages() {
-	echo "Installing languages..."
-
-	read -ra langs <<<"$1"
-
-	# Check that it is not empty
-	if [ ${#langs[@]} -eq 0 ]; then
-		return
-	fi
-
-	# Build list of packages to install
-	to_install=()
-	for lang in "${langs[@]}"; do
-		pkg="tesseract-ocr-$lang"
-
-		if dpkg --status "$pkg" &>/dev/null; then
-			echo "${log_prefix} Package $pkg already installed!"
-			continue
-		else
-			to_install+=("$pkg")
-		fi
-	done
-
-	# Use apt only when we install packages
-	if [ ${#to_install[@]} -gt 0 ]; then
-
-		# Warn the user if they're not root, but try anyway
-		if [[ -n "${USER_IS_NON_ROOT}" ]]; then
-			echo "${log_prefix} ERROR: Unable to install language ${pkg} as non-root, startup may fail"
-		fi
-
-		apt-get --quiet update &>/dev/null
-
-		for pkg in "${to_install[@]}"; do
-			if ! apt-cache --quiet show "$pkg" &>/dev/null; then
-				echo "${log_prefix} Skipped $pkg: Package not found! :("
-				continue
-			fi
-			echo "${log_prefix} Installing package $pkg..."
-			if ! apt-get --quiet --assume-yes install "$pkg" &>/dev/null; then
-				echo "${log_prefix} Could not install $pkg"
-				exit 1
-			else
-				echo "${log_prefix} Installed $pkg"
-			fi
-		done
-
-	fi
-}
-
-echo "${log_prefix} Checking if additional teseract languages needed"
-
-# Install additional languages if specified
-if [[ -n "$PAPERLESS_OCR_LANGUAGES" ]]; then
-
-	install_languages "$PAPERLESS_OCR_LANGUAGES"
-	echo "${log_prefix} Additional packages installed"
-else
-	echo "${log_prefix} No additional installs requested"
-fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-tesseract-langs/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-tesseract-langs/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-tesseract-langs/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-tesseract-langs/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-tesseract-langs/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-db/dependencies.d/init-env-file
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-db/dependencies.d/init-env-file
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-db/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-db/run
@@ -1,70 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-declare -r log_prefix="[init-db-wait]"
-
-wait_for_postgres() {
-	local attempt_num=1
-	local -r max_attempts=5
-
-	echo "${log_prefix} Waiting for PostgreSQL to start..."
-
-	local -r host="${PAPERLESS_DBHOST:-localhost}"
-	local -r port="${PAPERLESS_DBPORT:-5432}"
-	local -r user="${PAPERLESS_DBUSER:-paperless}"
-
-	# Disable warning, host and port can't have spaces
-	# shellcheck disable=SC2086
-	while [ ! "$(pg_isready -h ${host} -p ${port} --username ${user})" ]; do
-
-		if [ $attempt_num -eq $max_attempts ]; then
-			echo "${log_prefix} Unable to connect to database."
-			exit 1
-		else
-			echo "${log_prefix} Attempt $attempt_num failed! Trying again in 5 seconds..."
-		fi
-
-		attempt_num=$(("$attempt_num" + 1))
-		sleep 5
-	done
-	# Extra in case this is a first start
-	sleep 5
-	echo "Connected to PostgreSQL"
-}
-
-wait_for_mariadb() {
-	echo "${log_prefix} Waiting for MariaDB to start..."
-
-	local -r host="${PAPERLESS_DBHOST:=localhost}"
-	local -r port="${PAPERLESS_DBPORT:=3306}"
-
-	local attempt_num=1
-	local -r max_attempts=5
-
-	# Disable warning, host and port can't have spaces
-	# shellcheck disable=SC2086
-	while ! true > /dev/tcp/$host/$port; do
-
-		if [ $attempt_num -eq $max_attempts ]; then
-			echo "${log_prefix} Unable to connect to database."
-			exit 1
-		else
-			echo "${log_prefix} Attempt $attempt_num failed! Trying again in 5 seconds..."
-
-		fi
-
-		attempt_num=$(("$attempt_num" + 1))
-		sleep 5
-	done
-	echo "Connected to MariaDB"
-}
-
-if [[ "${PAPERLESS_DBENGINE}" == "mariadb" ]]; then
-	echo "${log_prefix} Waiting for MariaDB to report ready"
-	wait_for_mariadb
-elif [[ -n "${PAPERLESS_DBHOST}" ]]; then
-	echo "${log_prefix} Waiting for postgresql to report ready"
-	wait_for_postgres
-fi
-
-	echo "${log_prefix} Database is ready"
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-db/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-db/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-db/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-db/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-wait-for-db/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-redis/dependencies.d/init-env-file
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-redis/dependencies.d/init-env-file
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-redis/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-redis/run
@@ -1,14 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-declare -r log_prefix="[init-redis-wait]"
-
-echo "${log_prefix} Waiting for Redis to report ready"
-
-# We use a Python script to send the Redis ping
-# instead of installing redis-tools just for 1 thing
-if ! python3 /usr/local/bin/wait-for-redis.py; then
-	exit 1
-else
-	echo "${log_prefix} Redis ready"
-fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-redis/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-redis/type
@@ -1 +0,0 @@
-oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-redis/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/init-wait-for-redis/up
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-wait-for-redis/run
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-consumer/dependencies.d/init-complete
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-consumer/dependencies.d/init-complete
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-consumer/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-consumer/run
@@ -1,18 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-
-if [[ -n "${PAPERLESS_CONSUMER_DISABLE}" ]]; then
-	echo "[svc-consumer] Consumer is disabled, exiting"
-	# https://skarnet.org/software/s6/s6-svc.html
-	s6-svc -Od .
-
-else
-	cd ${PAPERLESS_SRC_DIR}
-
-	if [[ -n "${USER_IS_NON_ROOT}" ]]; then
-		exec python3 manage.py document_consumer
-	else
-		exec s6-setuidgid paperless python3 manage.py document_consumer
-	fi
-fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-consumer/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-consumer/type
@@ -1 +0,0 @@
-longrun
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-flower/dependencies.d/init-complete
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-flower/dependencies.d/init-complete
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-flower/dependencies.d/svc-scheduler
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-flower/dependencies.d/svc-scheduler
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-flower/dependencies.d/svc-worker
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-flower/dependencies.d/svc-worker
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-flower/run
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-flower/run
@@ -1,24 +0,0 @@
-#!/command/with-contenv /usr/bin/bash
-# shellcheck shell=bash
-
-declare -r log_prefix="[svc-flower]"
-
-echo "${log_prefix} Checking if we should start flower..."
-
-if [[ -n "${PAPERLESS_ENABLE_FLOWER}" ]]; then
-	# Small delay to allow celery to be up first
-	echo "${log_prefix} Starting flower in 5s"
-	sleep 5
-	cd ${PAPERLESS_SRC_DIR}
-
-	if [[ -n "${USER_IS_NON_ROOT}" ]]; then
-		exec /usr/local/bin/celery --app paperless flower --conf=${PAPERLESS_SRC_DIR}/paperless/flowerconfig.py
-	else
-		exec s6-setuidgid paperless /usr/local/bin/celery --app paperless flower --conf=${PAPERLESS_SRC_DIR}/paperless/flowerconfig.py
-	fi
-
-else
-	echo "${log_prefix} Not starting flower"
-	# https://skarnet.org/software/s6/s6-svc.html
-	s6-svc -Od .
-fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-flower/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-flower/type
@@ -1 +0,0 @@
-longrun
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-scheduler/dependencies.d/init-complete
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/svc-scheduler/dependencies.d/init-complete
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				`/etc/s6-overlay/s6-rc.d/init-custom-init/run`
				`@@ -1 +0,0 @@`
				`/etc/s6-overlay/s6-rc.d/init-migrations/run`
				`@@ -1 +0,0 @@`
				`/etc/s6-overlay/s6-rc.d/init-modify-user/run`
				`@@ -1 +0,0 @@`
				`/etc/s6-overlay/s6-rc.d/init-search-index/run`
				`@@ -1 +0,0 @@`
				`/etc/s6-overlay/s6-rc.d/init-system-checks/run`
				`@@ -1 +0,0 @@`
				`/etc/s6-overlay/s6-rc.d/init-tesseract-langs/run`
				`@@ -1 +0,0 @@`
				`/etc/s6-overlay/s6-rc.d/init-wait-for-db/run`
				`@@ -1 +0,0 @@`
				`/etc/s6-overlay/s6-rc.d/init-wait-for-redis/run`