mirror of
				https://github.com/paperless-ngx/paperless-ngx.git
				synced 2025-10-24 03:26:11 -05:00 
			
		
		
		
	Compare commits
	
		
			8 Commits
		
	
	
		
			v2.16.1
			...
			feature-re
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|   | ec12e71487 | ||
|   | 62b470f691 | ||
|   | a2e4977201 | ||
|   | 0fcd69b739 | ||
|   | af1c64e969 | ||
|   | 85c661dff2 | ||
|   | 3a7eee2c2e | ||
|   | bc4d3925cc | 
							
								
								
									
										16
									
								
								.codecov.yml
									
									
									
									
									
								
							
							
						
						
									
										16
									
								
								.codecov.yml
									
									
									
									
									
								
							| @@ -1,18 +1,18 @@ | ||||
| codecov: | ||||
|   require_ci_to_pass: true | ||||
|   # https://docs.codecov.com/docs/components | ||||
| component_management: | ||||
|   individual_components: | ||||
|     - component_id: backend | ||||
| # https://docs.codecov.com/docs/flags#recommended-automatic-flag-management | ||||
| # Require each flag to have 1 upload before notification | ||||
| flag_management: | ||||
|   individual_flags: | ||||
|     - name: backend | ||||
|       paths: | ||||
|         - src/** | ||||
|     - component_id: frontend | ||||
|         - src/ | ||||
|     - name: frontend | ||||
|       paths: | ||||
|         - src-ui/** | ||||
|         - src-ui/ | ||||
| # https://docs.codecov.com/docs/pull-request-comments | ||||
| # codecov will only comment if coverage changes | ||||
| comment: | ||||
|   layout: "header, diff, components, flags, files" | ||||
|   require_changes: true | ||||
|   # https://docs.codecov.com/docs/javascript-bundle-analysis | ||||
|   require_bundle_changes: true | ||||
|   | ||||
| @@ -76,15 +76,18 @@ RUN set -eux \ | ||||
|     && apt-get update \ | ||||
|     && apt-get install --yes --quiet --no-install-recommends ${RUNTIME_PACKAGES} | ||||
|  | ||||
| ARG PYTHON_PACKAGES="ca-certificates" | ||||
| ARG PYTHON_PACKAGES="\ | ||||
|   python3 \ | ||||
|   python3-pip \ | ||||
|   python3-wheel \ | ||||
|   pipenv \ | ||||
|   ca-certificates" | ||||
|  | ||||
| RUN set -eux \ | ||||
|   echo "Installing python packages" \ | ||||
|     && apt-get update \ | ||||
|     && apt-get install --yes --quiet ${PYTHON_PACKAGES} | ||||
|  | ||||
| COPY --from=ghcr.io/astral-sh/uv:0.6 /uv /bin/uv | ||||
|  | ||||
| RUN set -eux \ | ||||
|   && echo "Installing pre-built updates" \ | ||||
|     && echo "Installing qpdf ${QPDF_VERSION}" \ | ||||
| @@ -120,15 +123,13 @@ RUN set -eux \ | ||||
| WORKDIR /usr/src/paperless/src/docker/ | ||||
|  | ||||
| COPY [ \ | ||||
|   "docker/rootfs/etc/ImageMagick-6/paperless-policy.xml", \ | ||||
|   "docker/imagemagick-policy.xml", \ | ||||
|   "./" \ | ||||
| ] | ||||
|  | ||||
| RUN set -eux \ | ||||
|   && echo "Configuring ImageMagick" \ | ||||
|     && mv paperless-policy.xml /etc/ImageMagick-6/policy.xml | ||||
|  | ||||
| COPY --from=ghcr.io/astral-sh/uv:0.6 /uv /bin/uv | ||||
|     && mv imagemagick-policy.xml /etc/ImageMagick-6/policy.xml | ||||
|  | ||||
| # Packages needed only for building a few quick Python | ||||
| # dependencies | ||||
| @@ -139,17 +140,18 @@ ARG BUILD_PACKAGES="\ | ||||
|   libpq-dev \ | ||||
|   # https://github.com/PyMySQL/mysqlclient#linux | ||||
|   default-libmysqlclient-dev \ | ||||
|   pkg-config" | ||||
|   pkg-config \ | ||||
|   pre-commit" | ||||
|  | ||||
| # hadolint ignore=DL3042 | ||||
| RUN --mount=type=cache,target=/root/.cache/uv,id=pip-cache \ | ||||
| RUN --mount=type=cache,target=/root/.cache/pip/,id=pip-cache \ | ||||
|   set -eux \ | ||||
|   && echo "Installing build system packages" \ | ||||
|     && apt-get update \ | ||||
|     && apt-get install --yes --quiet ${BUILD_PACKAGES} | ||||
|  | ||||
| RUN set -eux \ | ||||
|   && npm update -g pnpm | ||||
|   && npm update npm -g | ||||
|  | ||||
| # add users, setup scripts | ||||
| # Mount the compiled frontend to expected location | ||||
| @@ -167,6 +169,9 @@ RUN set -eux \ | ||||
|     && mkdir --parents --verbose /usr/src/paperless/paperless-ngx/.venv \ | ||||
|   && echo "Adjusting all permissions" \ | ||||
|     && chown --from root:root --changes --recursive paperless:paperless /usr/src/paperless | ||||
| #  && echo "Collecting static files" \ | ||||
| #    && gosu paperless python3 manage.py collectstatic --clear --no-input --link \ | ||||
| #    && gosu paperless python3 manage.py compilemessages | ||||
|  | ||||
| VOLUME ["/usr/src/paperless/paperless-ngx/data", \ | ||||
|         "/usr/src/paperless/paperless-ngx/media", \ | ||||
|   | ||||
| @@ -1,8 +1,8 @@ | ||||
| # Paperless-ngx Development Environment | ||||
| # Paperless NGX Development Environment | ||||
|  | ||||
| ## Overview | ||||
|  | ||||
| Welcome to the Paperless-ngx development environment! This setup uses VSCode DevContainers to provide a consistent and seamless development experience. | ||||
| Welcome to the Paperless NGX development environment! This setup uses VSCode DevContainers to provide a consistent and seamless development experience. | ||||
|  | ||||
| ### What are DevContainers? | ||||
|  | ||||
| @@ -17,7 +17,7 @@ DevContainers are a feature in VSCode that allows you to develop within a Docker | ||||
|  | ||||
| ## DevContainer Setup | ||||
|  | ||||
| The DevContainer configuration provides up all the necessary services for Paperless-ngx, including: | ||||
| The DevContainer configuration provides up all the necessary services for Paperless NGX, including: | ||||
|  | ||||
| - Redis | ||||
| - Gotenberg | ||||
| @@ -36,7 +36,7 @@ The setup includes debugging configurations (`launch.json`) and tasks (`tasks.js | ||||
| - **Maintenance Tasks:** | ||||
|   - Create superuser | ||||
|   - Run migrations | ||||
|   - Recreate virtual environment (`.venv` with `uv`) | ||||
|   - Recreate virtual environment (`.venv` with pipenv) | ||||
|   - Compile frontend assets | ||||
|  | ||||
| ## Getting Started | ||||
| @@ -85,7 +85,7 @@ Once the DevContainer is up and running, perform the following steps: | ||||
|  | ||||
| You can start and debug backend services either as debugging sessions via `launch.json` or as tasks. | ||||
|  | ||||
| #### Using `launch.json` | ||||
| #### Using `launch.json`: | ||||
|  | ||||
| 1. Press `F5` or go to the **Run and Debug** view in VSCode. | ||||
| 2. Select the desired configuration: | ||||
| @@ -93,7 +93,7 @@ You can start and debug backend services either as debugging sessions via `launc | ||||
|    - `Document Consumer` | ||||
|    - `Celery` | ||||
|  | ||||
| #### Using Tasks | ||||
| #### Using Tasks: | ||||
|  | ||||
| 1. Open the command palette: | ||||
|    - **Windows/Linux**: `Ctrl+Shift+P` | ||||
| @@ -108,7 +108,7 @@ You can start and debug backend services either as debugging sessions via `launc | ||||
|  | ||||
| Additional tasks are available for common maintenance operations: | ||||
|  | ||||
| - **Recreate .venv**: For setting up the virtual environment using `uv`. | ||||
| - **Recreate .venv**: For setting up the virtual environment using pipenv. | ||||
| - **Migrate Database**: To apply database migrations. | ||||
| - **Create Superuser**: To create an admin user for the application. | ||||
|  | ||||
|   | ||||
| @@ -3,26 +3,14 @@ | ||||
|     "dockerComposeFile": "docker-compose.devcontainer.sqlite-tika.yml", | ||||
|     "service": "paperless-development", | ||||
|     "workspaceFolder": "/usr/src/paperless/paperless-ngx", | ||||
|     "postCreateCommand": "/bin/bash -c 'uv sync --group dev && uv run pre-commit install'", | ||||
|     "postCreateCommand": "/bin/bash -c pre-commit install && pipenv install --dev", | ||||
|     "customizations": { | ||||
|         "vscode": { | ||||
|           "extensions": [ | ||||
|             "mhutchie.git-graph", | ||||
|             "ms-python.python", | ||||
|             "ms-vscode.js-debug-nightly", | ||||
|             "eamodio.gitlens", | ||||
|             "yzhang.markdown-all-in-one" | ||||
|           ], | ||||
|           "settings": { | ||||
|             "python.defaultInterpreterPath": "/usr/src/paperless/paperless-ngx/.venv/bin/python", | ||||
|             "python.pythonPath": "/usr/src/paperless/paperless-ngx/.venv/bin/python", | ||||
|             "python.terminal.activateEnvInCurrentTerminal": true, | ||||
|             "editor.formatOnPaste": false, | ||||
|             "editor.formatOnSave": true, | ||||
|             "editor.formatOnType": true, | ||||
|             "files.trimTrailingWhitespace": true | ||||
|           } | ||||
|             "extensions": [ | ||||
|               "mhutchie.git-graph", | ||||
|               "ms-python.python" | ||||
|             ] | ||||
|         } | ||||
|       }, | ||||
|       "remoteUser": "paperless" | ||||
|     } | ||||
|     }, | ||||
|     "remoteUser": "paperless" | ||||
|   } | ||||
|   | ||||
| @@ -21,17 +21,19 @@ | ||||
| # This file is intended only to be used through VSCOde devcontainers. See README.md | ||||
| # in the folder .devcontainer. | ||||
|  | ||||
|  | ||||
| services: | ||||
|   broker: | ||||
|     image: docker.io/library/redis:7 | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - ./redisdata:/data | ||||
|       - redisdata:/data | ||||
|  | ||||
|   # No ports need to be exposed; the VSCode DevContainer plugin manages them. | ||||
|   paperless-development: | ||||
|     image: paperless-ngx | ||||
|     build: | ||||
|       context: ../ # Dockerfile cannot access files from parent directories if context is not set. | ||||
|       context: ../    # Dockerfile cannot access files from parent directories if context is not set. | ||||
|       dockerfile: ./.devcontainer/Dockerfile | ||||
|     restart: unless-stopped | ||||
|     depends_on: | ||||
| @@ -41,16 +43,14 @@ services: | ||||
|     volumes: | ||||
|       - ..:/usr/src/paperless/paperless-ngx:delegated | ||||
|       - ../.devcontainer/vscode:/usr/src/paperless/paperless-ngx/.vscode:delegated # VSCode config files | ||||
|       - virtualenv:/usr/src/paperless/paperless-ngx/.venv # Virtual environment persisted in volume | ||||
|       - pipenv:/usr/src/paperless/paperless-ngx/.venv # Pipenv environment persisted in volume | ||||
|       - /usr/src/paperless/paperless-ngx/src/documents/static/frontend # Static frontend files exist only in container | ||||
|       - /usr/src/paperless/paperless-ngx/src/.pytest_cache | ||||
|       - /usr/src/paperless/paperless-ngx/.ruff_cache | ||||
|       - /usr/src/paperless/paperless-ngx/htmlcov | ||||
|       - /usr/src/paperless/paperless-ngx/.coverage | ||||
|       - ./data:/usr/src/paperless/paperless-ngx/data | ||||
|       - ./media:/usr/src/paperless/paperless-ngx/media | ||||
|       - ./consume:/usr/src/paperless/paperless-ngx/consume | ||||
|       - ~/.gitconfig:/usr/src/paperless/.gitconfig:ro | ||||
|       - data:/usr/src/paperless/paperless-ngx/data | ||||
|       - media:/usr/src/paperless/paperless-ngx/media | ||||
|     environment: | ||||
|       PAPERLESS_REDIS: redis://broker:6379 | ||||
|       PAPERLESS_TIKA_ENABLED: 1 | ||||
| @@ -58,22 +58,27 @@ services: | ||||
|       PAPERLESS_TIKA_ENDPOINT: http://tika:9998 | ||||
|       PAPERLESS_STATICDIR: ./src/documents/static | ||||
|       PAPERLESS_DEBUG: true | ||||
|  | ||||
|     # Overrides default command so things don't shut down after the process ends. | ||||
|     command: /bin/sh -c "chown -R paperless:paperless /usr/src/paperless/paperless-ngx/src/documents/static/frontend && chown -R paperless:paperless /usr/src/paperless/paperless-ngx/.ruff_cache && while sleep 1000; do :; done" | ||||
|  | ||||
|   gotenberg: | ||||
|     image: docker.io/gotenberg/gotenberg:8.17 | ||||
|     image: docker.io/gotenberg/gotenberg:7.10 | ||||
|     restart: unless-stopped | ||||
|  | ||||
|     # The Gotenberg Chromium route is used to convert .eml files. We do not | ||||
|     # want to allow external content like tracking pixels or even JavaScript. | ||||
|     command: | ||||
|       - "gotenberg" | ||||
|       - "--chromium-disable-javascript=true" | ||||
|       - "--chromium-allow-list=file:///tmp/.*" | ||||
|  | ||||
|   tika: | ||||
|     image: docker.io/apache/tika:latest | ||||
|     restart: unless-stopped | ||||
|  | ||||
| volumes: | ||||
|   data: | ||||
|   media: | ||||
|   redisdata: | ||||
|   virtualenv: | ||||
|   pipenv: | ||||
|   | ||||
| @@ -2,57 +2,42 @@ | ||||
|     "version": "0.2.0", | ||||
|     "configurations": [ | ||||
|         { | ||||
|             "name": "Chrome: Debug Angular Frontend", | ||||
| 						"description": "Debug the Angular Dev Frontend in Chrome", | ||||
|             "type": "chrome", | ||||
|             "request": "launch", | ||||
|             "url": "http://localhost:4200", | ||||
|             "webRoot": "${workspaceFolder}/src-ui", | ||||
|             "preLaunchTask": "Start: Frontend Angular" | ||||
|         }, | ||||
|         { | ||||
|             "name": "Debug: Backend Server (manage.py runserver)", | ||||
| 						"description": "Debug the Django Backend Server", | ||||
|             "name": "manage.py runserver", | ||||
|             "type": "python", | ||||
|             "request": "launch", | ||||
|             "program": "${workspaceFolder}/src/manage.py", | ||||
|             "args": [ | ||||
|                 "runserver" | ||||
|             ], | ||||
|             "django": true, | ||||
|             "console": "integratedTerminal", | ||||
|             "env": { | ||||
|                 "PYTHONPATH": "${workspaceFolder}/src" | ||||
|             }, | ||||
|             "python": "${workspaceFolder}/.venv/bin/python" | ||||
|             "justMyCode": true, | ||||
|             "args": ["runserver"], | ||||
|             "django": true | ||||
|         }, | ||||
|         { | ||||
|             "name": "Debug: Consumer Service (manage.py document_consumer)", | ||||
| 						"description": "Debug the Consumer Service which processes files from a directory", | ||||
|             "name": "manage.py document_consumer", | ||||
|             "type": "python", | ||||
|             "request": "launch", | ||||
|             "program": "${workspaceFolder}/src/manage.py", | ||||
|             "args": [ | ||||
|                 "document_consumer" | ||||
|             ], | ||||
|             "django": true, | ||||
|             "console": "integratedTerminal", | ||||
|             "justMyCode": true, | ||||
|             "args": ["document_consumer"], | ||||
|             "django": true | ||||
|         }, | ||||
|         { | ||||
|             "name": "celery", | ||||
|             "type": "python", | ||||
|             "cwd": "${workspaceFolder}/src", | ||||
|             "request": "launch", | ||||
|             "module": "celery", | ||||
|             "console": "integratedTerminal", | ||||
|             "env": { | ||||
|                 "PYTHONPATH": "${workspaceFolder}/src" | ||||
|             }, | ||||
|             "python": "${workspaceFolder}/.venv/bin/python" | ||||
|         } | ||||
|     ], | ||||
|     "compounds": [ | ||||
|         { | ||||
|             "name": "Debug: FullStack", | ||||
| 						"description": "Debug run the Angular dev frontend, Django backend, and consumer service", | ||||
|             "configurations": [ | ||||
|                 "Chrome: Debug Angular Frontend", | ||||
|                 "Debug: Backend Server (manage.py runserver)", | ||||
|                 "Debug: Consumer Service (manage.py document_consumer)" | ||||
|             ], | ||||
|             "preLaunchTask": "Start: Celery Worker" | ||||
|               }, | ||||
|             "args": [ | ||||
|                 "-A", | ||||
|                 "paperless", | ||||
|                 "worker", | ||||
|                 "-l", | ||||
|                 "DEBUG" | ||||
|             ] | ||||
|         } | ||||
|     ] | ||||
| } | ||||
|   | ||||
| @@ -1,223 +1,136 @@ | ||||
| { | ||||
| 	"version": "2.0.0", | ||||
| 	"tasks": [ | ||||
| 		{ | ||||
| 			"label": "Start: Celery Worker", | ||||
| 			"description": "Start the Celery Worker which processes background and consume tasks", | ||||
| 			"type": "shell", | ||||
| 			"command": "uv run celery --app paperless worker -l DEBUG", | ||||
| 			"isBackground": true, | ||||
| 			"options": { | ||||
| 				"cwd": "${workspaceFolder}/src" | ||||
| 			}, | ||||
| 			"problemMatcher": [ | ||||
| 				{ | ||||
| 					"owner": "custom", | ||||
| 					"pattern": [ | ||||
| 						{ | ||||
| 							"regexp": ".", | ||||
| 							"file": 1, | ||||
| 							"location": 2, | ||||
| 							"message": 3 | ||||
| 						} | ||||
| 					], | ||||
| 					"background": { | ||||
| 						"activeOnStart": true, | ||||
| 						"beginsPattern": "celery.*", | ||||
| 						"endsPattern": "ready" | ||||
| 					} | ||||
| 				} | ||||
| 			] | ||||
| 	{ | ||||
| 		"label": "manage.py document_consumer", | ||||
| 		"type": "shell", | ||||
| 		"command": "pipenv run python manage.py document_consumer", | ||||
| 		"group": "build", | ||||
| 		"presentation": { | ||||
| 			"echo": true, | ||||
| 			"reveal": "always", | ||||
| 			"focus": false, | ||||
| 			"panel": "shared", | ||||
| 			"showReuseMessage": false, | ||||
| 			"clear": true, | ||||
| 			"revealProblems": "onProblem" | ||||
| 		}, | ||||
| 		{ | ||||
| 			"label": "Start: Frontend Angular", | ||||
| 			"description": "Start the Frontend Angular Dev Server", | ||||
| 			"type": "shell", | ||||
| 			"command": "pnpm start", | ||||
| 			"isBackground": true, | ||||
| 			"options": { | ||||
| 				"cwd": "${workspaceFolder}/src-ui" | ||||
| 			}, | ||||
| 			"problemMatcher": [ | ||||
| 				{ | ||||
| 					"owner": "custom", | ||||
| 					"pattern": [ | ||||
| 						{ | ||||
| 							"regexp": ".", | ||||
| 							"file": 1, | ||||
| 							"location": 2, | ||||
| 							"message": 3 | ||||
| 						} | ||||
| 					], | ||||
| 					"background": { | ||||
| 						"activeOnStart": true, | ||||
| 						"beginsPattern": ".*", | ||||
| 						"endsPattern": "Compiled successfully" | ||||
| 					} | ||||
| 				} | ||||
| 			] | ||||
| 		}, | ||||
| 		{ | ||||
| 			"label": "Start: Consumer Service (manage.py document_consumer)", | ||||
| 			"description": "Start the Consumer Service which processes files from a directory", | ||||
| 			"type": "shell", | ||||
| 			"command": "uv run python manage.py document_consumer", | ||||
| 			"group": "build", | ||||
| 			"presentation": { | ||||
| 				"echo": true, | ||||
| 				"reveal": "always", | ||||
| 				"focus": false, | ||||
| 				"panel": "shared", | ||||
| 				"showReuseMessage": false, | ||||
| 				"clear": true, | ||||
| 				"revealProblems": "onProblem" | ||||
| 			}, | ||||
| 			"options": { | ||||
| 				"cwd": "${workspaceFolder}/src" | ||||
| 			} | ||||
| 		}, | ||||
| 		{ | ||||
| 			"label": "Start: Backend Server (manage.py runserver)", | ||||
| 			"description": "Start the Backend Server which serves the Django API and the compiled Angular frontend", | ||||
| 			"type": "shell", | ||||
| 			"command": "uv run python manage.py runserver", | ||||
| 			"group": "build", | ||||
| 			"presentation": { | ||||
| 				"echo": true, | ||||
| 				"reveal": "always", | ||||
| 				"focus": false, | ||||
| 				"panel": "shared", | ||||
| 				"showReuseMessage": false, | ||||
| 				"clear": true, | ||||
| 				"revealProblems": "onProblem" | ||||
| 			}, | ||||
| 			"options": { | ||||
| 				"cwd": "${workspaceFolder}/src" | ||||
| 			} | ||||
| 		}, | ||||
| 		{ | ||||
| 			"label": "Maintenance: manage.py migrate", | ||||
| 			"description": "Apply database migrations", | ||||
| 			"type": "shell", | ||||
| 			"command": "uv run python manage.py migrate", | ||||
| 			"group": "none", | ||||
| 			"presentation": { | ||||
| 				"echo": true, | ||||
| 				"reveal": "always", | ||||
| 				"focus": true, | ||||
| 				"panel": "shared", | ||||
| 				"showReuseMessage": false, | ||||
| 				"clear": true, | ||||
| 				"revealProblems": "onProblem" | ||||
| 			}, | ||||
| 			"options": { | ||||
| 				"cwd": "${workspaceFolder}/src" | ||||
| 			} | ||||
| 		}, | ||||
| 		{ | ||||
| 			"label": "Maintenance: Build Documentation", | ||||
| 			"description": "Build the documentation with MkDocs", | ||||
| 			"type": "shell", | ||||
| 			"command": "uv run mkdocs build --config-file mkdocs.yml && uv run mkdocs serve", | ||||
| 			"group": "none", | ||||
| 			"presentation": { | ||||
| 				"echo": true, | ||||
| 				"reveal": "always", | ||||
| 				"focus": true, | ||||
| 				"panel": "shared", | ||||
| 				"showReuseMessage": false, | ||||
| 				"clear": true, | ||||
| 				"revealProblems": "onProblem" | ||||
| 			}, | ||||
| 			"options": { | ||||
| 				"cwd": "${workspaceFolder}" | ||||
| 			} | ||||
| 		}, | ||||
| 		{ | ||||
| 			"label": "Maintenance: manage.py createsuperuser", | ||||
| 			"description": "Create a superuser", | ||||
| 			"type": "shell", | ||||
| 			"command": "uv run python manage.py createsuperuser", | ||||
| 			"group": "none", | ||||
| 			"presentation": { | ||||
| 				"echo": true, | ||||
| 				"reveal": "always", | ||||
| 				"focus": true, | ||||
| 				"panel": "shared", | ||||
| 				"showReuseMessage": false, | ||||
| 				"clear": true, | ||||
| 				"revealProblems": "onProblem" | ||||
| 			}, | ||||
| 			"options": { | ||||
| 				"cwd": "${workspaceFolder}/src" | ||||
| 			} | ||||
| 		}, | ||||
| 		{ | ||||
| 			"label": "Maintenance: recreate .venv", | ||||
| 			"description": "Recreate the python virtual environment and install python dependencies", | ||||
| 			"type": "shell", | ||||
| 			"command": "rm -R -v .venv/* || uv install --dev", | ||||
| 			"group": "none", | ||||
| 			"presentation": { | ||||
| 				"echo": true, | ||||
| 				"reveal": "always", | ||||
| 				"focus": true, | ||||
| 				"panel": "shared", | ||||
| 				"showReuseMessage": false, | ||||
| 				"clear": true, | ||||
| 				"revealProblems": "onProblem" | ||||
| 			}, | ||||
| 			"options": { | ||||
| 				"cwd": "${workspaceFolder}" | ||||
| 			} | ||||
| 		}, | ||||
| 		{ | ||||
| 			"label": "Maintenance: Install Frontend Dependencies", | ||||
| 			"description": "Install frontend (pnpm) dependencies", | ||||
| 			"type": "pnpm", | ||||
| 			"script": "install", | ||||
| 			"path": "src-ui", | ||||
| 			"group": "clean", | ||||
| 			"problemMatcher": [], | ||||
| 			"detail": "install dependencies from package" | ||||
| 		}, | ||||
| 		{ | ||||
| 			"description": "Clean install frontend dependencies and build the frontend for production", | ||||
| 			"label": "Maintenance: Compile frontend for production", | ||||
| 			"type": "shell", | ||||
| 			"command": "pnpm install && ./node_modules/.bin/ng build --configuration production", | ||||
| 			"group": "none", | ||||
| 			"presentation": { | ||||
| 				"echo": true, | ||||
| 				"reveal": "always", | ||||
| 				"focus": true, | ||||
| 				"panel": "shared", | ||||
| 				"showReuseMessage": false, | ||||
| 				"clear": true, | ||||
| 				"revealProblems": "onProblem" | ||||
| 			}, | ||||
| 			"options": { | ||||
| 				"cwd": "${workspaceFolder}/src-ui" | ||||
| 			} | ||||
| 		}, | ||||
| 		{ | ||||
| 			"label": "Project Setup: Run all Init Tasks", | ||||
| 			"description": "Runs all init tasks to setup the project including migrate the database, create a superuser and compile the frontend for production", | ||||
| 			"dependsOrder": "sequence", | ||||
| 			"dependsOn": [ | ||||
| 				"Maintenance: manage.py migrate", | ||||
| 				"Maintenance: manage.py createsuperuser", | ||||
| 				"Maintenance: Compile frontend for production" | ||||
| 			] | ||||
| 		}, | ||||
| 		{ | ||||
| 			"label": "Project Start: Run all Services", | ||||
| 			"description": "Runs all services required to start the project including the Celery Worker, the Consumer Service and the Backend Server", | ||||
| 			"dependsOn": [ | ||||
| 				"Start: Celery Worker", | ||||
| 				"Start: Consumer Service (manage.py document_consumer)", | ||||
| 				"Start: Backend Server (manage.py runserver)" | ||||
| 			] | ||||
| 		"options": { | ||||
| 			"cwd": "${workspaceFolder}/src" | ||||
| 		} | ||||
|  | ||||
| 		}, | ||||
| 		{ | ||||
| 			"label": "manage.py runserver", | ||||
| 			"type": "shell", | ||||
| 			"command": "pipenv run python manage.py runserver", | ||||
| 			"group": "build", | ||||
| 			"presentation": { | ||||
| 				"echo": true, | ||||
| 				"reveal": "always", | ||||
| 				"focus": false, | ||||
| 				"panel": "shared", | ||||
| 				"showReuseMessage": false, | ||||
| 				"clear": true, | ||||
| 				"revealProblems": "onProblem" | ||||
| 			}, | ||||
| 			"options": { | ||||
| 				"cwd": "${workspaceFolder}/src" | ||||
| 			} | ||||
|  | ||||
| 			}, | ||||
| 	  { | ||||
| 		"label": "Maintenance: manage.py migrate", | ||||
| 		"type": "shell", | ||||
| 		"command": "pipenv run python manage.py migrate", | ||||
| 		"group": "none", | ||||
| 		"presentation": { | ||||
| 			"echo": true, | ||||
| 			"reveal": "always", | ||||
| 			"focus": true, | ||||
| 			"panel": "shared", | ||||
| 			"showReuseMessage": false, | ||||
| 			"clear": true, | ||||
| 			"revealProblems": "onProblem" | ||||
| 		}, | ||||
| 		"options": { | ||||
| 			"cwd": "${workspaceFolder}/src" | ||||
| 		} | ||||
| 	  }, | ||||
| 	  { | ||||
| 		"label": "Maintenance: manage.py createsuperuser", | ||||
| 		"type": "shell", | ||||
| 		"command": "pipenv run python manage.py createsuperuser", | ||||
| 		"group": "none", | ||||
| 		"presentation": { | ||||
| 			"echo": true, | ||||
| 			"reveal": "always", | ||||
| 			"focus": true, | ||||
| 			"panel": "shared", | ||||
| 			"showReuseMessage": false, | ||||
| 			"clear": true, | ||||
| 			"revealProblems": "onProblem" | ||||
| 		}, | ||||
| 		"options": { | ||||
| 			"cwd": "${workspaceFolder}/src" | ||||
| 		} | ||||
| 	  }, | ||||
| 	  { | ||||
| 		"label": "compile frontend", | ||||
| 		"type": "shell", | ||||
| 		"command": "npm ci && ./node_modules/.bin/ng build --configuration production", | ||||
| 		"group": "none", | ||||
| 		"presentation": { | ||||
| 			"echo": true, | ||||
| 			"reveal": "always", | ||||
| 			"focus": true, | ||||
| 			"panel": "shared", | ||||
| 			"showReuseMessage": false, | ||||
| 			"clear": true, | ||||
| 			"revealProblems": "onProblem" | ||||
| 		}, | ||||
| 		"options": { | ||||
| 			"cwd": "${workspaceFolder}/src-ui" | ||||
| 		} | ||||
| 	  }, | ||||
| 	  { | ||||
| 		"label": "Maintenance: recreate .venv", | ||||
| 		"type": "shell", | ||||
| 		"command": "rm -R -v .venv/* || pipenv install --dev", | ||||
| 		"group": "none", | ||||
| 		"presentation": { | ||||
| 			"echo": true, | ||||
| 			"reveal": "always", | ||||
| 			"focus": true, | ||||
| 			"panel": "shared", | ||||
| 			"showReuseMessage": false, | ||||
| 			"clear": true, | ||||
| 			"revealProblems": "onProblem" | ||||
| 		}, | ||||
| 		"options": { | ||||
| 			"cwd": "${workspaceFolder}" | ||||
| 		} | ||||
| 	  }, | ||||
| 	  { | ||||
| 		"label": "Celery Worker", | ||||
| 		"type": "shell", | ||||
| 		"command": "pipenv run celery --app paperless worker -l DEBUG", | ||||
| 		"group": { | ||||
| 		  "kind": "build", | ||||
| 		  "isDefault": true | ||||
| 		}, | ||||
| 		"presentation": { | ||||
| 			"echo": true, | ||||
| 			"reveal": "always", | ||||
| 			"focus": true, | ||||
| 			"panel": "shared", | ||||
| 			"showReuseMessage": false, | ||||
| 			"clear": true, | ||||
| 			"revealProblems": "onProblem" | ||||
| 		}, | ||||
| 		"options": { | ||||
| 			"cwd": "${workspaceFolder}/src" | ||||
| 		} | ||||
| 	  } | ||||
| 	] | ||||
| } | ||||
|   } | ||||
|   | ||||
| @@ -26,5 +26,3 @@ | ||||
| ./dist | ||||
| ./scripts | ||||
| ./resources | ||||
| # Other stuff | ||||
| **/*.drawio.png | ||||
|   | ||||
| @@ -27,6 +27,9 @@ indent_style = space | ||||
| [*.md] | ||||
| indent_style = space | ||||
|  | ||||
| [Pipfile.lock] | ||||
| indent_style = space | ||||
|  | ||||
| # Tests don't get a line width restriction.  It's still a good idea to follow | ||||
| # the 79 character rule, but in the interests of clarity, tests often need to | ||||
| # violate it. | ||||
|   | ||||
							
								
								
									
										1
									
								
								.github/FUNDING.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										1
									
								
								.github/FUNDING.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1 +0,0 @@ | ||||
| github: [shamoon, stumpylog] | ||||
							
								
								
									
										2
									
								
								.github/ISSUE_TEMPLATE/bug-report.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										2
									
								
								.github/ISSUE_TEMPLATE/bug-report.yml
									
									
									
									
										vendored
									
									
								
							| @@ -98,7 +98,7 @@ body: | ||||
|       label: Browser | ||||
|       description: Which browser you are using, if relevant. | ||||
|       placeholder: e.g. Chrome, Safari | ||||
|   - type: textarea | ||||
|   - type: input | ||||
|     id: config-changes | ||||
|     attributes: | ||||
|       label: Configuration changes | ||||
|   | ||||
							
								
								
									
										4
									
								
								.github/ISSUE_TEMPLATE/config.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										4
									
								
								.github/ISSUE_TEMPLATE/config.yml
									
									
									
									
										vendored
									
									
								
							| @@ -2,10 +2,10 @@ blank_issues_enabled: false | ||||
| contact_links: | ||||
|   - name: 🤔 Questions and Help | ||||
|     url: https://github.com/paperless-ngx/paperless-ngx/discussions | ||||
|     about: General questions or support for using Paperless-ngx. | ||||
|     about: This issue tracker is not for support questions. Please refer to our Discussions. | ||||
|   - name: 💬 Chat | ||||
|     url: https://matrix.to/#/#paperlessngx:matrix.org | ||||
|     about: Want to discuss Paperless-ngx with others? Check out our chat. | ||||
|   - name: 🚀 Feature Request | ||||
|     url: https://github.com/paperless-ngx/paperless-ngx/discussions/new?category=feature-requests | ||||
|     about: Remember to search for existing feature requests and "up-vote" those that you like. | ||||
|     about: Remember to search for existing feature requests and "up-vote" any you like | ||||
|   | ||||
							
								
								
									
										66
									
								
								.github/dependabot.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										66
									
								
								.github/dependabot.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1,14 +1,12 @@ | ||||
| # Please see the documentation for all configuration options: | ||||
| # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates | ||||
| # https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#package-ecosystem | ||||
|  | ||||
| version: 2 | ||||
| # Required for uv support for now | ||||
| enable-beta-ecosystems: true | ||||
| updates: | ||||
|   # Enable version updates for pnpm | ||||
|  | ||||
|   # Enable version updates for npm | ||||
|   - package-ecosystem: "npm" | ||||
|     target-branch: "dev" | ||||
|     # Look for `pnpm-lock.yaml` file in the `/src-ui` directory | ||||
|     # Look for `package.json` and `lock` files in the `/src-ui` directory | ||||
|     directory: "/src-ui" | ||||
|     open-pull-requests-limit: 10 | ||||
|     schedule: | ||||
| @@ -34,9 +32,11 @@ updates: | ||||
|         patterns: | ||||
|           - "@typescript-eslint*" | ||||
|           - "eslint" | ||||
|  | ||||
|   # Enable version updates for Python | ||||
|   - package-ecosystem: "uv" | ||||
|   - package-ecosystem: "pip" | ||||
|     target-branch: "dev" | ||||
|     # Look for a `Pipfile` in the `root` directory | ||||
|     directory: "/" | ||||
|     # Check for updates once a week | ||||
|     schedule: | ||||
| @@ -47,17 +47,17 @@ updates: | ||||
|     # Add reviewers | ||||
|     reviewers: | ||||
|       - "paperless-ngx/backend" | ||||
|     ignore: | ||||
|       - dependency-name: "uvicorn" | ||||
|     groups: | ||||
|       development: | ||||
|         patterns: | ||||
|           - "*pytest*" | ||||
|           - "ruff" | ||||
|           - "mkdocs-material" | ||||
|           - "pre-commit*" | ||||
|       django: | ||||
|         patterns: | ||||
|           - "*django*" | ||||
|           - "drf-*" | ||||
|       major-versions: | ||||
|         update-types: | ||||
|           - "major" | ||||
| @@ -65,10 +65,7 @@ updates: | ||||
|         update-types: | ||||
|           - "minor" | ||||
|           - "patch" | ||||
|       pre-built: | ||||
|         patterns: | ||||
|           - psycopg* | ||||
|           - zxing-cpp | ||||
|  | ||||
|   # Enable updates for GitHub Actions | ||||
|   - package-ecosystem: "github-actions" | ||||
|     target-branch: "dev" | ||||
| @@ -88,46 +85,3 @@ updates: | ||||
|           - "major" | ||||
|           - "minor" | ||||
|           - "patch" | ||||
|   # Update Dockerfile in root directory | ||||
|   - package-ecosystem: "docker" | ||||
|     directory: "/" | ||||
|     schedule: | ||||
|       interval: "weekly" | ||||
|     open-pull-requests-limit: 5 | ||||
|     reviewers: | ||||
|       - "paperless-ngx/ci-cd" | ||||
|     labels: | ||||
|       - "dependencies" | ||||
|     commit-message: | ||||
|       prefix: "docker" | ||||
|       include: "scope" | ||||
|   # Update Docker Compose files in docker/compose directory | ||||
|   - package-ecosystem: "docker-compose" | ||||
|     directory: "/docker/compose/" | ||||
|     schedule: | ||||
|       interval: "weekly" | ||||
|     open-pull-requests-limit: 5 | ||||
|     reviewers: | ||||
|       - "paperless-ngx/ci-cd" | ||||
|     labels: | ||||
|       - "dependencies" | ||||
|     commit-message: | ||||
|       prefix: "docker-compose" | ||||
|       include: "scope" | ||||
|     groups: | ||||
|       # Individual groups for each image | ||||
|       gotenberg: | ||||
|         patterns: | ||||
|           - "docker.io/gotenberg/gotenberg*" | ||||
|       tika: | ||||
|         patterns: | ||||
|           - "docker.io/apache/tika*" | ||||
|       redis: | ||||
|         patterns: | ||||
|           - "docker.io/library/redis*" | ||||
|       mariadb: | ||||
|         patterns: | ||||
|           - "docker.io/library/mariadb*" | ||||
|       postgres: | ||||
|         patterns: | ||||
|           - "docker.io/library/postgres*" | ||||
|   | ||||
							
								
								
									
										26
									
								
								.github/labeler.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										26
									
								
								.github/labeler.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1,26 +0,0 @@ | ||||
| backend: | ||||
|   - changed-files: | ||||
|       - any-glob-to-any-file: | ||||
|           - 'src/**' | ||||
|           - 'pyproject.toml' | ||||
|           - 'uv.lock' | ||||
|           - 'requirements.txt' | ||||
| frontend: | ||||
|   - changed-files: | ||||
|       - any-glob-to-any-file: | ||||
|           - 'src-ui/**' | ||||
| documentation: | ||||
|   - changed-files: | ||||
|       - any-glob-to-any-file: | ||||
|           - 'docs/**' | ||||
| ci-cd: | ||||
|   - changed-files: | ||||
|       - any-glob-to-any-file: | ||||
|           - '.github/**' | ||||
| # pr types | ||||
| bug: | ||||
|   - head-branch: | ||||
|       - ['^fix'] | ||||
| enhancement: | ||||
|   - head-branch: | ||||
|       - ['^feature'] | ||||
							
								
								
									
										14
									
								
								.github/release-drafter.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										14
									
								
								.github/release-drafter.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1,3 +1,15 @@ | ||||
| autolabeler: | ||||
|   - label: "bug" | ||||
|     branch: | ||||
|       - '/^fix/' | ||||
|     title: | ||||
|       - "/^fix/i" | ||||
|       - "/^Bugfix/i" | ||||
|   - label: "enhancement" | ||||
|     branch: | ||||
|       - '/^feature/' | ||||
|     title: | ||||
|       - "/^feature/i" | ||||
| categories: | ||||
|   - title: 'Breaking Changes' | ||||
|     labels: | ||||
| @@ -5,7 +17,7 @@ categories: | ||||
|   - title: 'Notable Changes' | ||||
|     labels: | ||||
|       - 'notable' | ||||
|   - title: 'Features / Enhancements' | ||||
|   - title: 'Features' | ||||
|     labels: | ||||
|       - 'enhancement' | ||||
|   - title: 'Bug Fixes' | ||||
|   | ||||
							
								
								
									
										564
									
								
								.github/workflows/ci.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										564
									
								
								.github/workflows/ci.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1,4 +1,5 @@ | ||||
| name: ci | ||||
|  | ||||
| on: | ||||
|   push: | ||||
|     tags: | ||||
| @@ -11,76 +12,90 @@ on: | ||||
|   pull_request: | ||||
|     branches-ignore: | ||||
|       - 'translations**' | ||||
|  | ||||
| env: | ||||
|   DEFAULT_UV_VERSION: "0.6.x" | ||||
|   # This is the version of pipenv all the steps will use | ||||
|   # If changing this, change Dockerfile | ||||
|   DEFAULT_PIP_ENV_VERSION: "2024.0.3" | ||||
|   # This is the default version of Python to use in most steps which aren't specific | ||||
|   DEFAULT_PYTHON_VERSION: "3.11" | ||||
|  | ||||
| jobs: | ||||
|   pre-commit: | ||||
|     # We want to run on external PRs, but not on our own internal PRs as they'll be run | ||||
|     # by the push to the branch. Without this if check, checks are duplicated since | ||||
|     # internal PRs match both the push and pull_request events. | ||||
|     if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository | ||||
|     if: | ||||
|       github.event_name == 'push' || github.event.pull_request.head.repo.full_name != | ||||
|       github.repository | ||||
|  | ||||
|     name: Linting Checks | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     steps: | ||||
|       - name: Checkout repository | ||||
|       - | ||||
|         name: Checkout repository | ||||
|         uses: actions/checkout@v4 | ||||
|       - name: Install python | ||||
|       - | ||||
|         name: Install python | ||||
|         uses: actions/setup-python@v5 | ||||
|         with: | ||||
|           python-version: ${{ env.DEFAULT_PYTHON_VERSION }} | ||||
|       - name: Check files | ||||
|       - | ||||
|         name: Check files | ||||
|         uses: pre-commit/action@v3.0.1 | ||||
|  | ||||
|   documentation: | ||||
|     name: "Build & Deploy Documentation" | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     needs: | ||||
|       - pre-commit | ||||
|     steps: | ||||
|       - name: Checkout | ||||
|       - | ||||
|         name: Checkout | ||||
|         uses: actions/checkout@v4 | ||||
|       - name: Set up Python | ||||
|       - | ||||
|         name: Set up Python | ||||
|         id: setup-python | ||||
|         uses: actions/setup-python@v5 | ||||
|         with: | ||||
|           python-version: ${{ env.DEFAULT_PYTHON_VERSION }} | ||||
|       - name: Install uv | ||||
|         uses: astral-sh/setup-uv@v6 | ||||
|         with: | ||||
|           version: ${{ env.DEFAULT_UV_VERSION }} | ||||
|           enable-cache: true | ||||
|           python-version: ${{ env.DEFAULT_PYTHON_VERSION }} | ||||
|       - name: Install Python dependencies | ||||
|           cache: "pipenv" | ||||
|           cache-dependency-path: 'Pipfile.lock' | ||||
|       - | ||||
|         name: Install pipenv | ||||
|         run: | | ||||
|           uv sync --python ${{ steps.setup-python.outputs.python-version }} --dev --frozen | ||||
|       - name: Make documentation | ||||
|           pip install --user pipenv==${{ env.DEFAULT_PIP_ENV_VERSION }} | ||||
|       - | ||||
|         name: Install dependencies | ||||
|         run: | | ||||
|           uv run \ | ||||
|             --python ${{ steps.setup-python.outputs.python-version }} \ | ||||
|             --dev \ | ||||
|             --frozen \ | ||||
|             mkdocs build --config-file ./mkdocs.yml | ||||
|       - name: Deploy documentation | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} sync --dev | ||||
|       - | ||||
|         name: List installed Python dependencies | ||||
|         run: | | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} run pip list | ||||
|       - | ||||
|         name: Make documentation | ||||
|         run: | | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} run mkdocs build --config-file ./mkdocs.yml | ||||
|       - | ||||
|         name: Deploy documentation | ||||
|         if: github.event_name == 'push' && github.ref == 'refs/heads/main' | ||||
|         run: | | ||||
|           echo "docs.paperless-ngx.com" > "${{ github.workspace }}/docs/CNAME" | ||||
|           git config --global user.name "${{ github.actor }}" | ||||
|           git config --global user.email "${{ github.actor }}@users.noreply.github.com" | ||||
|           uv run \ | ||||
|             --python ${{ steps.setup-python.outputs.python-version }} \ | ||||
|             --dev \ | ||||
|             --frozen \ | ||||
|             mkdocs gh-deploy --force --no-history | ||||
|       - name: Upload artifact | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} run mkdocs gh-deploy --force --no-history | ||||
|       - | ||||
|         name: Upload artifact | ||||
|         uses: actions/upload-artifact@v4 | ||||
|         with: | ||||
|           name: documentation | ||||
|           path: site/ | ||||
|           retention-days: 7 | ||||
|  | ||||
|   tests-backend: | ||||
|     name: "Backend Tests (Python ${{ matrix.python-version }})" | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     needs: | ||||
|       - pre-commit | ||||
|     strategy: | ||||
| @@ -88,40 +103,46 @@ jobs: | ||||
|         python-version: ['3.10', '3.11', '3.12'] | ||||
|       fail-fast: false | ||||
|     steps: | ||||
|       - name: Checkout | ||||
|       - | ||||
|         name: Checkout | ||||
|         uses: actions/checkout@v4 | ||||
|       - name: Start containers | ||||
|       - | ||||
|         name: Start containers | ||||
|         run: | | ||||
|           docker compose --file ${{ github.workspace }}/docker/compose/docker-compose.ci-test.yml pull --quiet | ||||
|           docker compose --file ${{ github.workspace }}/docker/compose/docker-compose.ci-test.yml up --detach | ||||
|       - name: Set up Python | ||||
|       - | ||||
|         name: Set up Python | ||||
|         id: setup-python | ||||
|         uses: actions/setup-python@v5 | ||||
|         with: | ||||
|           python-version: "${{ matrix.python-version }}" | ||||
|       - name: Install uv | ||||
|         uses: astral-sh/setup-uv@v6 | ||||
|         with: | ||||
|           version: ${{ env.DEFAULT_UV_VERSION }} | ||||
|           enable-cache: true | ||||
|           python-version: ${{ steps.setup-python.outputs.python-version }} | ||||
|       - name: Install system dependencies | ||||
|           cache: "pipenv" | ||||
|           cache-dependency-path: 'Pipfile.lock' | ||||
|       - | ||||
|         name: Install pipenv | ||||
|         run: | | ||||
|           pip install --user pipenv==${{ env.DEFAULT_PIP_ENV_VERSION }} | ||||
|       - | ||||
|         name: Install system dependencies | ||||
|         run: | | ||||
|           sudo apt-get update -qq | ||||
|           sudo apt-get install -qq --no-install-recommends unpaper tesseract-ocr imagemagick ghostscript libzbar0 poppler-utils | ||||
|       - name: Configure ImageMagick | ||||
|       - | ||||
|         name: Configure ImageMagick | ||||
|         run: | | ||||
|           sudo cp docker/rootfs/etc/ImageMagick-6/paperless-policy.xml /etc/ImageMagick-6/policy.xml | ||||
|       - name: Install Python dependencies | ||||
|           sudo cp docker/imagemagick-policy.xml /etc/ImageMagick-6/policy.xml | ||||
|       - | ||||
|         name: Install Python dependencies | ||||
|         run: | | ||||
|           uv sync \ | ||||
|             --python ${{ steps.setup-python.outputs.python-version }} \ | ||||
|             --group testing \ | ||||
|             --frozen | ||||
|       - name: List installed Python dependencies | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} run python --version | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} sync --dev | ||||
|       - | ||||
|         name: List installed Python dependencies | ||||
|         run: | | ||||
|           uv pip list | ||||
|       - name: Tests | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} run pip list | ||||
|       - | ||||
|         name: Tests | ||||
|         env: | ||||
|           PAPERLESS_CI_TEST: 1 | ||||
|           # Enable paperless_mail testing against real server | ||||
| @@ -129,61 +150,60 @@ jobs: | ||||
|           PAPERLESS_MAIL_TEST_USER: ${{ secrets.TEST_MAIL_USER }} | ||||
|           PAPERLESS_MAIL_TEST_PASSWD: ${{ secrets.TEST_MAIL_PASSWD }} | ||||
|         run: | | ||||
|           uv run \ | ||||
|             --python ${{ steps.setup-python.outputs.python-version }} \ | ||||
|             --dev \ | ||||
|             --frozen \ | ||||
|             pytest | ||||
|       - name: Upload backend test results to Codecov | ||||
|         if: always() | ||||
|         uses: codecov/test-results-action@v1 | ||||
|           cd src/ | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} run pytest -ra | ||||
|       - | ||||
|         name: Upload coverage | ||||
|         if: ${{ matrix.python-version == env.DEFAULT_PYTHON_VERSION }} | ||||
|         uses: actions/upload-artifact@v4 | ||||
|         with: | ||||
|           token: ${{ secrets.CODECOV_TOKEN }} | ||||
|           flags: backend-python-${{ matrix.python-version }} | ||||
|           files: junit.xml | ||||
|       - name: Upload backend coverage to Codecov | ||||
|         uses: codecov/codecov-action@v5 | ||||
|         with: | ||||
|           token: ${{ secrets.CODECOV_TOKEN }} | ||||
|           flags: backend-python-${{ matrix.python-version }} | ||||
|           files: coverage.xml | ||||
|       - name: Stop containers | ||||
|           name: backend-coverage-report | ||||
|           path: src/coverage.xml | ||||
|           retention-days: 7 | ||||
|           if-no-files-found: warn | ||||
|       - | ||||
|         name: Stop containers | ||||
|         if: always() | ||||
|         run: | | ||||
|           docker compose --file ${{ github.workspace }}/docker/compose/docker-compose.ci-test.yml logs | ||||
|           docker compose --file ${{ github.workspace }}/docker/compose/docker-compose.ci-test.yml down | ||||
|   install-frontend-dependencies: | ||||
|  | ||||
|   install-frontend-depedendencies: | ||||
|     name: "Install Frontend Dependencies" | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     needs: | ||||
|       - pre-commit | ||||
|     steps: | ||||
|       - uses: actions/checkout@v4 | ||||
|       - name: Install pnpm | ||||
|         uses: pnpm/action-setup@v4 | ||||
|         with: | ||||
|           version: 10 | ||||
|       - name: Use Node.js 20 | ||||
|       - | ||||
|         name: Use Node.js 20 | ||||
|         uses: actions/setup-node@v4 | ||||
|         with: | ||||
|           node-version: 20.x | ||||
|           cache: 'pnpm' | ||||
|           cache-dependency-path: 'src-ui/pnpm-lock.yaml' | ||||
|           cache: 'npm' | ||||
|           cache-dependency-path: 'src-ui/package-lock.json' | ||||
|       - name: Cache frontend dependencies | ||||
|         id: cache-frontend-deps | ||||
|         uses: actions/cache@v4 | ||||
|         with: | ||||
|           path: | | ||||
|             ~/.pnpm-store | ||||
|             ~/.npm | ||||
|             ~/.cache | ||||
|           key: ${{ runner.os }}-frontenddeps-${{ hashFiles('src-ui/pnpm-lock.yaml') }} | ||||
|       - name: Install dependencies | ||||
|         run: cd src-ui && pnpm install | ||||
|           key: ${{ runner.os }}-frontenddeps-${{ hashFiles('src-ui/package-lock.json') }} | ||||
|       - | ||||
|         name: Install dependencies | ||||
|         if: steps.cache-frontend-deps.outputs.cache-hit != 'true' | ||||
|         run: cd src-ui && npm ci | ||||
|       - | ||||
|         name: Install Playwright | ||||
|         if: steps.cache-frontend-deps.outputs.cache-hit != 'true' | ||||
|         run: cd src-ui && npx playwright install --with-deps | ||||
|  | ||||
|   tests-frontend: | ||||
|     name: "Frontend Unit Tests (Node ${{ matrix.node-version }} - ${{ matrix.shard-index }}/${{ matrix.shard-count }})" | ||||
|     runs-on: ubuntu-24.04 | ||||
|     name: "Frontend Tests (Node ${{ matrix.node-version }} - ${{ matrix.shard-index }}/${{ matrix.shard-count }})" | ||||
|     runs-on: ubuntu-22.04 | ||||
|     needs: | ||||
|       - install-frontend-dependencies | ||||
|       - install-frontend-depedendencies | ||||
|     strategy: | ||||
|       fail-fast: false | ||||
|       matrix: | ||||
| @@ -192,126 +212,128 @@ jobs: | ||||
|         shard-count: [4] | ||||
|     steps: | ||||
|       - uses: actions/checkout@v4 | ||||
|       - name: Install pnpm | ||||
|         uses: pnpm/action-setup@v4 | ||||
|         with: | ||||
|           version: 10 | ||||
|       - name: Use Node.js 20 | ||||
|       - | ||||
|         name: Use Node.js 20 | ||||
|         uses: actions/setup-node@v4 | ||||
|         with: | ||||
|           node-version: 20.x | ||||
|           cache: 'pnpm' | ||||
|           cache-dependency-path: 'src-ui/pnpm-lock.yaml' | ||||
|           cache: 'npm' | ||||
|           cache-dependency-path: 'src-ui/package-lock.json' | ||||
|       - name: Cache frontend dependencies | ||||
|         id: cache-frontend-deps | ||||
|         uses: actions/cache@v4 | ||||
|         with: | ||||
|           path: | | ||||
|             ~/.pnpm-store | ||||
|             ~/.cache | ||||
|           key: ${{ runner.os }}-frontenddeps-${{ hashFiles('src-ui/pnpm-lock.yaml') }} | ||||
|       - name: Re-link Angular cli | ||||
|         run: cd src-ui && pnpm link @angular/cli | ||||
|       - name: Linting checks | ||||
|         run: cd src-ui && pnpm run lint | ||||
|       - name: Run Jest unit tests | ||||
|         run: cd src-ui && pnpm run test --max-workers=2 --shard=${{ matrix.shard-index }}/${{ matrix.shard-count }} | ||||
|       - name: Upload frontend test results to Codecov | ||||
|         uses: codecov/test-results-action@v1 | ||||
|         if: always() | ||||
|         with: | ||||
|           token: ${{ secrets.CODECOV_TOKEN }} | ||||
|           flags: frontend-node-${{ matrix.node-version }} | ||||
|           directory: src-ui/ | ||||
|       - name: Upload frontend coverage to Codecov | ||||
|         uses: codecov/codecov-action@v5 | ||||
|         with: | ||||
|           token: ${{ secrets.CODECOV_TOKEN }} | ||||
|           flags: frontend-node-${{ matrix.node-version }} | ||||
|           directory: src-ui/coverage/ | ||||
|   tests-frontend-e2e: | ||||
|     name: "Frontend E2E Tests (Node ${{ matrix.node-version }} - ${{ matrix.shard-index }}/${{ matrix.shard-count }})" | ||||
|     runs-on: ubuntu-24.04 | ||||
|     needs: | ||||
|       - install-frontend-dependencies | ||||
|     strategy: | ||||
|       fail-fast: false | ||||
|       matrix: | ||||
|         node-version: [20.x] | ||||
|         shard-index: [1, 2] | ||||
|         shard-count: [2] | ||||
|     steps: | ||||
|       - uses: actions/checkout@v4 | ||||
|       - name: Install pnpm | ||||
|         uses: pnpm/action-setup@v4 | ||||
|         with: | ||||
|           version: 10 | ||||
|       - name: Use Node.js 20 | ||||
|         uses: actions/setup-node@v4 | ||||
|         with: | ||||
|           node-version: 20.x | ||||
|           cache: 'pnpm' | ||||
|           cache-dependency-path: 'src-ui/pnpm-lock.yaml' | ||||
|       - name: Cache frontend dependencies | ||||
|         id: cache-frontend-deps | ||||
|         uses: actions/cache@v4 | ||||
|         with: | ||||
|           path: | | ||||
|             ~/.pnpm-store | ||||
|             ~/.cache | ||||
|           key: ${{ runner.os }}-frontenddeps-${{ hashFiles('src-ui/pnpm-lock.yaml') }} | ||||
|       - name: Re-link Angular cli | ||||
|         run: cd src-ui && pnpm link @angular/cli | ||||
|       - name: Cache Playwright browsers | ||||
|         uses: actions/cache@v4 | ||||
|         with: | ||||
|           path: ~/.cache/ms-playwright | ||||
|           key: ${{ runner.os }}-playwright-${{ hashFiles('src-ui/pnpm-lock.yaml') }} | ||||
|           restore-keys: | | ||||
|             ${{ runner.os }}-playwright- | ||||
|       - name: Install Playwright system dependencies | ||||
|         run: npx playwright install-deps | ||||
|       - name: Install dependencies | ||||
|         run: cd src-ui && pnpm install --no-frozen-lockfile | ||||
|       - name: Install Playwright | ||||
|         run: cd src-ui && pnpm exec playwright install | ||||
|       - name: Run Playwright e2e tests | ||||
|         run: cd src-ui && pnpm exec playwright test --shard ${{ matrix.shard-index }}/${{ matrix.shard-count }} | ||||
|   frontend-bundle-analysis: | ||||
|     name: "Frontend Bundle Analysis" | ||||
|     runs-on: ubuntu-24.04 | ||||
|     needs: | ||||
|       - tests-frontend | ||||
|       - tests-frontend-e2e | ||||
|     steps: | ||||
|       - uses: actions/checkout@v4 | ||||
|       - name: Install pnpm | ||||
|         uses: pnpm/action-setup@v4 | ||||
|         with: | ||||
|           version: 10 | ||||
|       - name: Use Node.js 20 | ||||
|         uses: actions/setup-node@v4 | ||||
|         with: | ||||
|           node-version: 20.x | ||||
|           cache: 'pnpm' | ||||
|           cache-dependency-path: 'src-ui/pnpm-lock.yaml' | ||||
|       - name: Cache frontend dependencies | ||||
|         id: cache-frontend-deps | ||||
|         uses: actions/cache@v4 | ||||
|         with: | ||||
|           path: | | ||||
|             ~/.pnpm-store | ||||
|             ~/.npm | ||||
|             ~/.cache | ||||
|           key: ${{ runner.os }}-frontenddeps-${{ hashFiles('src-ui/package-lock.json') }} | ||||
|       - name: Re-link Angular cli | ||||
|         run: cd src-ui && pnpm link @angular/cli | ||||
|       - name: Build frontend and upload analysis | ||||
|         run: cd src-ui && npm link @angular/cli | ||||
|       - | ||||
|         name: Linting checks | ||||
|         run: cd src-ui && npm run lint | ||||
|       - | ||||
|         name: Run Jest unit tests | ||||
|         run: cd src-ui && npm run test -- --max-workers=2 --shard=${{ matrix.shard-index }}/${{ matrix.shard-count }} | ||||
|       - | ||||
|         name: Upload Jest coverage | ||||
|         if: always() | ||||
|         uses: actions/upload-artifact@v4 | ||||
|         with: | ||||
|           name: jest-coverage-report-${{ matrix.shard-index }} | ||||
|           path: | | ||||
|             src-ui/coverage/coverage-final.json | ||||
|             src-ui/coverage/lcov.info | ||||
|             src-ui/coverage/clover.xml | ||||
|           retention-days: 7 | ||||
|           if-no-files-found: warn | ||||
|       - | ||||
|         name: Run Playwright e2e tests | ||||
|         run: cd src-ui && npx playwright test --shard ${{ matrix.shard-index }}/${{ matrix.shard-count }} | ||||
|       - | ||||
|         name: Upload Playwright test results | ||||
|         if: always() | ||||
|         uses: actions/upload-artifact@v4 | ||||
|         with: | ||||
|           name: playwright-report-${{ matrix.shard-index }} | ||||
|           path: src-ui/playwright-report | ||||
|           retention-days: 7 | ||||
|  | ||||
|   tests-coverage-upload: | ||||
|     name: "Upload to Codecov" | ||||
|     runs-on: ubuntu-22.04 | ||||
|     needs: | ||||
|       - tests-backend | ||||
|       - tests-frontend | ||||
|     steps: | ||||
|       - | ||||
|         uses: actions/checkout@v4 | ||||
|       - | ||||
|         name: Download frontend jest coverage | ||||
|         uses: actions/download-artifact@v4 | ||||
|         with: | ||||
|           path: src-ui/coverage/ | ||||
|           pattern: jest-coverage-report-* | ||||
|       - | ||||
|         name: Download frontend playwright coverage | ||||
|         uses: actions/download-artifact@v4 | ||||
|         with: | ||||
|           path: src-ui/coverage/ | ||||
|           pattern: playwright-report-* | ||||
|           merge-multiple: true | ||||
|       - | ||||
|         name: Upload frontend coverage to Codecov | ||||
|         uses: codecov/codecov-action@v4 | ||||
|         with: | ||||
|           # not required for public repos, but intermittently fails otherwise | ||||
|           token: ${{ secrets.CODECOV_TOKEN }} | ||||
|           flags: frontend | ||||
|           directory: src-ui/coverage/ | ||||
|           # dont include backend coverage files here | ||||
|           files: '!coverage.xml' | ||||
|       - | ||||
|         name: Download backend coverage | ||||
|         uses: actions/download-artifact@v4 | ||||
|         with: | ||||
|           name: backend-coverage-report | ||||
|           path: src/ | ||||
|       - | ||||
|         name: Upload coverage to Codecov | ||||
|         uses: codecov/codecov-action@v4 | ||||
|         with: | ||||
|           # not required for public repos, but intermittently fails otherwise | ||||
|           token: ${{ secrets.CODECOV_TOKEN }} | ||||
|           # future expansion | ||||
|           flags: backend | ||||
|           directory: src/ | ||||
|       - | ||||
|         name: Use Node.js 20 | ||||
|         uses: actions/setup-node@v4 | ||||
|         with: | ||||
|           node-version: 20.x | ||||
|           cache: 'npm' | ||||
|           cache-dependency-path: 'src-ui/package-lock.json' | ||||
|       - | ||||
|         name: Cache frontend dependencies | ||||
|         id: cache-frontend-deps | ||||
|         uses: actions/cache@v4 | ||||
|         with: | ||||
|           path: | | ||||
|             ~/.npm | ||||
|             ~/.cache | ||||
|           key: ${{ runner.os }}-frontenddeps-${{ hashFiles('src-ui/package-lock.json') }} | ||||
|       - | ||||
|         name: Re-link Angular cli | ||||
|         run: cd src-ui && npm link @angular/cli | ||||
|       - | ||||
|         name: Build frontend and upload analysis | ||||
|         env: | ||||
|           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | ||||
|         run: cd src-ui && pnpm run build --configuration=production | ||||
|         run: cd src-ui && ng build --configuration=production | ||||
|  | ||||
|   build-docker-image: | ||||
|     name: Build Docker image for ${{ github.ref_name }} | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     if: github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/feature-') || startsWith(github.ref, 'refs/heads/fix-') || github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/beta' || contains(github.ref, 'beta.rc') || startsWith(github.ref, 'refs/tags/v')) | ||||
|     concurrency: | ||||
|       group: ${{ github.workflow }}-build-docker-image-${{ github.ref_name }} | ||||
| @@ -319,9 +341,9 @@ jobs: | ||||
|     needs: | ||||
|       - tests-backend | ||||
|       - tests-frontend | ||||
|       - tests-frontend-e2e | ||||
|     steps: | ||||
|       - name: Check pushing to Docker Hub | ||||
|       - | ||||
|         name: Check pushing to Docker Hub | ||||
|         id: push-other-places | ||||
|         # Only push to Dockerhub from the main repo AND the ref is either: | ||||
|         #  main | ||||
| @@ -337,13 +359,15 @@ jobs: | ||||
|             echo "Not pushing to DockerHub" | ||||
|             echo "enable=false" >> $GITHUB_OUTPUT | ||||
|           fi | ||||
|       - name: Set ghcr repository name | ||||
|       - | ||||
|         name: Set ghcr repository name | ||||
|         id: set-ghcr-repository | ||||
|         run: | | ||||
|           ghcr_name=$(echo "${{ github.repository }}" | awk '{ print tolower($0) }') | ||||
|           echo "Name is ${ghcr_name}" | ||||
|           echo "ghcr-repository=${ghcr_name}" >> $GITHUB_OUTPUT | ||||
|       - name: Gather Docker metadata | ||||
|       - | ||||
|         name: Gather Docker metadata | ||||
|         id: docker-meta | ||||
|         uses: docker/metadata-action@v5 | ||||
|         with: | ||||
| @@ -358,39 +382,46 @@ jobs: | ||||
|             # For a tag x.y.z or vX.Y.Z, output an x.y.z and x.y image tag | ||||
|             type=semver,pattern={{version}} | ||||
|             type=semver,pattern={{major}}.{{minor}} | ||||
|       - name: Checkout | ||||
|       - | ||||
|         name: Checkout | ||||
|         uses: actions/checkout@v4 | ||||
|       # If https://github.com/docker/buildx/issues/1044 is resolved, | ||||
|       # the append input with a native arm64 arch could be used to | ||||
|       # significantly speed up building | ||||
|       - name: Set up Docker Buildx | ||||
|       - | ||||
|         name: Set up Docker Buildx | ||||
|         uses: docker/setup-buildx-action@v3 | ||||
|       - name: Set up QEMU | ||||
|       - | ||||
|         name: Set up QEMU | ||||
|         uses: docker/setup-qemu-action@v3 | ||||
|         with: | ||||
|           platforms: arm64 | ||||
|       - name: Login to GitHub Container Registry | ||||
|       - | ||||
|         name: Login to GitHub Container Registry | ||||
|         uses: docker/login-action@v3 | ||||
|         with: | ||||
|           registry: ghcr.io | ||||
|           username: ${{ github.actor }} | ||||
|           password: ${{ secrets.GITHUB_TOKEN }} | ||||
|       - name: Login to Docker Hub | ||||
|       - | ||||
|         name: Login to Docker Hub | ||||
|         uses: docker/login-action@v3 | ||||
|         # Don't attempt to login if not pushing to Docker Hub | ||||
|         # Don't attempt to login is not pushing to Docker Hub | ||||
|         if: steps.push-other-places.outputs.enable == 'true' | ||||
|         with: | ||||
|           username: ${{ secrets.DOCKERHUB_USERNAME }} | ||||
|           password: ${{ secrets.DOCKERHUB_TOKEN }} | ||||
|       - name: Login to Quay.io | ||||
|       - | ||||
|         name: Login to Quay.io | ||||
|         uses: docker/login-action@v3 | ||||
|         # Don't attempt to login if not pushing to Quay.io | ||||
|         # Don't attempt to login is not pushing to Quay.io | ||||
|         if: steps.push-other-places.outputs.enable == 'true' | ||||
|         with: | ||||
|           registry: quay.io | ||||
|           username: ${{ secrets.QUAY_USERNAME }} | ||||
|           password: ${{ secrets.QUAY_ROBOT_TOKEN }} | ||||
|       - name: Build and push | ||||
|       - | ||||
|         name: Build and push | ||||
|         uses: docker/build-push-action@v6 | ||||
|         with: | ||||
|           context: . | ||||
| @@ -408,72 +439,82 @@ jobs: | ||||
|             type=registry,ref=ghcr.io/${{ steps.set-ghcr-repository.outputs.ghcr-repository }}/builder/cache/app:dev | ||||
|           cache-to: | | ||||
|             type=registry,mode=max,ref=ghcr.io/${{ steps.set-ghcr-repository.outputs.ghcr-repository }}/builder/cache/app:${{ github.ref_name }} | ||||
|       - name: Inspect image | ||||
|       - | ||||
|         name: Inspect image | ||||
|         run: | | ||||
|           docker buildx imagetools inspect ${{ fromJSON(steps.docker-meta.outputs.json).tags[0] }} | ||||
|       - name: Export frontend artifact from docker | ||||
|       - | ||||
|         name: Export frontend artifact from docker | ||||
|         run: | | ||||
|           docker create --name frontend-extract ${{ fromJSON(steps.docker-meta.outputs.json).tags[0] }} | ||||
|           docker cp frontend-extract:/usr/src/paperless/src/documents/static/frontend src/documents/static/frontend/ | ||||
|       - name: Upload frontend artifact | ||||
|       - | ||||
|         name: Upload frontend artifact | ||||
|         uses: actions/upload-artifact@v4 | ||||
|         with: | ||||
|           name: frontend-compiled | ||||
|           path: src/documents/static/frontend/ | ||||
|           retention-days: 7 | ||||
|  | ||||
|   build-release: | ||||
|     name: "Build Release" | ||||
|     needs: | ||||
|       - build-docker-image | ||||
|       - documentation | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     steps: | ||||
|       - name: Checkout | ||||
|       - | ||||
|         name: Checkout | ||||
|         uses: actions/checkout@v4 | ||||
|       - name: Set up Python | ||||
|       - | ||||
|         name: Set up Python | ||||
|         id: setup-python | ||||
|         uses: actions/setup-python@v5 | ||||
|         with: | ||||
|           python-version: ${{ env.DEFAULT_PYTHON_VERSION }} | ||||
|       - name: Install uv | ||||
|         uses: astral-sh/setup-uv@v6 | ||||
|         with: | ||||
|           version: ${{ env.DEFAULT_UV_VERSION }} | ||||
|           enable-cache: true | ||||
|           python-version: ${{ steps.setup-python.outputs.python-version }} | ||||
|       - name: Install Python dependencies | ||||
|           cache: "pipenv" | ||||
|           cache-dependency-path: 'Pipfile.lock' | ||||
|       - | ||||
|         name: Install pipenv + tools | ||||
|         run: | | ||||
|           uv sync --python ${{ steps.setup-python.outputs.python-version }} --dev --frozen | ||||
|       - name: Install system dependencies | ||||
|           pip install --upgrade --user pipenv==${{ env.DEFAULT_PIP_ENV_VERSION }} setuptools wheel | ||||
|       - | ||||
|         name: Install Python dependencies | ||||
|         run: | | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} sync --dev | ||||
|       - | ||||
|         name: Install system dependencies | ||||
|         run: | | ||||
|           sudo apt-get update -qq | ||||
|           sudo apt-get install -qq --no-install-recommends gettext liblept5 | ||||
|       - name: Download frontend artifact | ||||
|       - | ||||
|         name: Download frontend artifact | ||||
|         uses: actions/download-artifact@v4 | ||||
|         with: | ||||
|           name: frontend-compiled | ||||
|           path: src/documents/static/frontend/ | ||||
|       - name: Download documentation artifact | ||||
|       - | ||||
|         name: Download documentation artifact | ||||
|         uses: actions/download-artifact@v4 | ||||
|         with: | ||||
|           name: documentation | ||||
|           path: docs/_build/html/ | ||||
|       - name: Generate requirements file | ||||
|       - | ||||
|         name: Generate requirements file | ||||
|         run: | | ||||
|           uv export --quiet --no-dev --all-extras --format requirements-txt --output-file requirements.txt | ||||
|       - name: Compile messages | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} requirements > requirements.txt | ||||
|       - | ||||
|         name: Compile messages | ||||
|         run: | | ||||
|           cd src/ | ||||
|           uv run \ | ||||
|             --python ${{ steps.setup-python.outputs.python-version }} \ | ||||
|             manage.py compilemessages | ||||
|       - name: Collect static files | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} run python3 manage.py compilemessages | ||||
|       - | ||||
|         name: Collect static files | ||||
|         run: | | ||||
|           cd src/ | ||||
|           uv run \ | ||||
|             --python ${{ steps.setup-python.outputs.python-version }} \ | ||||
|             manage.py collectstatic --no-input | ||||
|       - name: Move files | ||||
|           pipenv --python ${{ steps.setup-python.outputs.python-version }} run python3 manage.py collectstatic --no-input | ||||
|       - | ||||
|         name: Move files | ||||
|         run: | | ||||
|           echo "Making dist folders" | ||||
|           for directory in dist \ | ||||
| @@ -487,12 +528,13 @@ jobs: | ||||
|           for file_name in .dockerignore \ | ||||
|                           .env \ | ||||
|                           Dockerfile \ | ||||
|                           pyproject.toml \ | ||||
|                           uv.lock \ | ||||
|                           Pipfile \ | ||||
|                           Pipfile.lock \ | ||||
|                           requirements.txt \ | ||||
|                           LICENSE \ | ||||
|                           README.md \ | ||||
|                           paperless.conf.example | ||||
|                           paperless.conf.example \ | ||||
|                           gunicorn.conf.py | ||||
|           do | ||||
|             cp --verbose ${file_name} dist/paperless-ngx/ | ||||
|           done | ||||
| @@ -510,21 +552,24 @@ jobs: | ||||
|           cp --recursive docs/_build/html/ dist/paperless-ngx/docs | ||||
|  | ||||
|           mv --verbose static dist/paperless-ngx | ||||
|       - name: Make release package | ||||
|       - | ||||
|         name: Make release package | ||||
|         run: | | ||||
|           echo "Creating release archive" | ||||
|           cd dist | ||||
|           sudo chown -R 1000:1000 paperless-ngx/ | ||||
|           tar -cJf paperless-ngx.tar.xz paperless-ngx/ | ||||
|       - name: Upload release artifact | ||||
|       - | ||||
|         name: Upload release artifact | ||||
|         uses: actions/upload-artifact@v4 | ||||
|         with: | ||||
|           name: release | ||||
|           path: dist/paperless-ngx.tar.xz | ||||
|           retention-days: 7 | ||||
|  | ||||
|   publish-release: | ||||
|     name: "Publish Release" | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     outputs: | ||||
|       prerelease: ${{ steps.get_version.outputs.prerelease }} | ||||
|       changelog: ${{ steps.create-release.outputs.body }} | ||||
| @@ -533,12 +578,14 @@ jobs: | ||||
|       - build-release | ||||
|     if: github.ref_type == 'tag' && (startsWith(github.ref_name, 'v') || contains(github.ref_name, '-beta.rc')) | ||||
|     steps: | ||||
|       - name: Download release artifact | ||||
|       - | ||||
|         name: Download release artifact | ||||
|         uses: actions/download-artifact@v4 | ||||
|         with: | ||||
|           name: release | ||||
|           path: ./ | ||||
|       - name: Get version | ||||
|       - | ||||
|         name: Get version | ||||
|         id: get_version | ||||
|         run: | | ||||
|           echo "version=${{ github.ref_name }}" >> $GITHUB_OUTPUT | ||||
| @@ -547,7 +594,8 @@ jobs: | ||||
|           else | ||||
|             echo "prerelease=false" >> $GITHUB_OUTPUT | ||||
|           fi | ||||
|       - name: Create Release and Changelog | ||||
|       - | ||||
|         name: Create Release and Changelog | ||||
|         id: create-release | ||||
|         uses: release-drafter/release-drafter@v6 | ||||
|         with: | ||||
| @@ -558,7 +606,8 @@ jobs: | ||||
|           publish: true # ensures release is not marked as draft | ||||
|         env: | ||||
|           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||||
|       - name: Upload release archive | ||||
|       - | ||||
|         name: Upload release archive | ||||
|         id: upload-release-asset | ||||
|         uses: shogo82148/actions-upload-release-asset@v1 | ||||
|         with: | ||||
| @@ -567,29 +616,32 @@ jobs: | ||||
|           asset_path: ./paperless-ngx.tar.xz | ||||
|           asset_name: paperless-ngx-${{ steps.get_version.outputs.version }}.tar.xz | ||||
|           asset_content_type: application/x-xz | ||||
|  | ||||
|   append-changelog: | ||||
|     name: "Append Changelog" | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     needs: | ||||
|       - publish-release | ||||
|     if: needs.publish-release.outputs.prerelease == 'false' | ||||
|     steps: | ||||
|       - name: Checkout | ||||
|       - | ||||
|         name: Checkout | ||||
|         uses: actions/checkout@v4 | ||||
|         with: | ||||
|           ref: main | ||||
|       - name: Set up Python | ||||
|         id: setup-python | ||||
|       - | ||||
|         name: Set up Python | ||||
|         uses: actions/setup-python@v5 | ||||
|         with: | ||||
|           python-version: ${{ env.DEFAULT_PYTHON_VERSION }} | ||||
|       - name: Install uv | ||||
|         uses: astral-sh/setup-uv@v6 | ||||
|         with: | ||||
|           version: ${{ env.DEFAULT_UV_VERSION }} | ||||
|           enable-cache: true | ||||
|           python-version: ${{ env.DEFAULT_PYTHON_VERSION }} | ||||
|       - name: Append Changelog to docs | ||||
|           cache: "pipenv" | ||||
|           cache-dependency-path: 'Pipfile.lock' | ||||
|       - | ||||
|         name: Install pipenv + tools | ||||
|         run: | | ||||
|           pip install --upgrade --user pipenv==${{ env.DEFAULT_PIP_ENV_VERSION }} setuptools wheel | ||||
|       - | ||||
|         name: Append Changelog to docs | ||||
|         id: append-Changelog | ||||
|         working-directory: docs | ||||
|         run: | | ||||
| @@ -603,15 +655,13 @@ jobs: | ||||
|           CURRENT_CHANGELOG=`tail --lines +2 changelog.md` | ||||
|           echo -e "$CURRENT_CHANGELOG" >> changelog-new.md | ||||
|           mv changelog-new.md changelog.md | ||||
|           uv run \ | ||||
|             --python ${{ steps.setup-python.outputs.python-version }} \ | ||||
|             --dev \ | ||||
|             pre-commit run --files changelog.md || true | ||||
|           pipenv run pre-commit run --files changelog.md || true | ||||
|           git config --global user.name "github-actions" | ||||
|           git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" | ||||
|           git commit -am "Changelog ${{ needs.publish-release.outputs.version }} - GHA" | ||||
|           git push origin ${{ needs.publish-release.outputs.version }}-changelog | ||||
|       - name: Create Pull Request | ||||
|       - | ||||
|         name: Create Pull Request | ||||
|         uses: actions/github-script@v7 | ||||
|         with: | ||||
|           script: | | ||||
|   | ||||
							
								
								
									
										18
									
								
								.github/workflows/cleanup-tags.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										18
									
								
								.github/workflows/cleanup-tags.yml
									
									
									
									
										vendored
									
									
								
							| @@ -6,19 +6,22 @@ | ||||
| # This workflow will not trigger runs on forked repos. | ||||
|  | ||||
| name: Cleanup Image Tags | ||||
|  | ||||
| on: | ||||
|   delete: | ||||
|   push: | ||||
|     paths: | ||||
|       - ".github/workflows/cleanup-tags.yml" | ||||
|  | ||||
| concurrency: | ||||
|   group: registry-tags-cleanup | ||||
|   cancel-in-progress: false | ||||
|  | ||||
| jobs: | ||||
|   cleanup-images: | ||||
|     name: Cleanup Image Tags for ${{ matrix.primary-name }} | ||||
|     if: github.repository_owner == 'paperless-ngx' | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     strategy: | ||||
|       fail-fast: false | ||||
|       matrix: | ||||
| @@ -27,9 +30,10 @@ jobs: | ||||
|       # Requires a personal access token with the OAuth scope delete:packages | ||||
|       TOKEN: ${{ secrets.GHA_CONTAINER_DELETE_TOKEN }} | ||||
|     steps: | ||||
|       - name: Clean temporary images | ||||
|       - | ||||
|         name: Clean temporary images | ||||
|         if: "${{ env.TOKEN != '' }}" | ||||
|         uses: stumpylog/image-cleaner-action/ephemeral@v0.10.0 | ||||
|         uses: stumpylog/image-cleaner-action/ephemeral@v0.8.0 | ||||
|         with: | ||||
|           token: "${{ env.TOKEN }}" | ||||
|           owner: "${{ github.repository_owner }}" | ||||
| @@ -39,10 +43,11 @@ jobs: | ||||
|           repo_name: "paperless-ngx" | ||||
|           match_regex: "(feature|fix)" | ||||
|           do_delete: "true" | ||||
|  | ||||
|   cleanup-untagged-images: | ||||
|     name: Cleanup Untagged Images Tags for ${{ matrix.primary-name }} | ||||
|     if: github.repository_owner == 'paperless-ngx' | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     needs: | ||||
|       - cleanup-images | ||||
|     strategy: | ||||
| @@ -53,9 +58,10 @@ jobs: | ||||
|       # Requires a personal access token with the OAuth scope delete:packages | ||||
|       TOKEN: ${{ secrets.GHA_CONTAINER_DELETE_TOKEN }} | ||||
|     steps: | ||||
|       - name: Clean untagged images | ||||
|       - | ||||
|         name: Clean untagged images | ||||
|         if: "${{ env.TOKEN != '' }}" | ||||
|         uses: stumpylog/image-cleaner-action/untagged@v0.10.0 | ||||
|         uses: stumpylog/image-cleaner-action/untagged@v0.8.0 | ||||
|         with: | ||||
|           token: "${{ env.TOKEN }}" | ||||
|           owner: "${{ github.repository_owner }}" | ||||
|   | ||||
							
								
								
									
										40
									
								
								.github/workflows/codeql-analysis.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										40
									
								
								.github/workflows/codeql-analysis.yml
									
									
									
									
										vendored
									
									
								
							| @@ -10,39 +10,45 @@ | ||||
| # supported CodeQL languages. | ||||
| # | ||||
| name: "CodeQL" | ||||
|  | ||||
| on: | ||||
|   push: | ||||
|     branches: [main, dev] | ||||
|     branches: [ main, dev ] | ||||
|   pull_request: | ||||
|     # The branches below must be a subset of the branches above | ||||
|     branches: [dev] | ||||
|     branches: [ dev ] | ||||
|   schedule: | ||||
|     - cron: '28 13 * * 5' | ||||
|  | ||||
| jobs: | ||||
|   analyze: | ||||
|     name: Analyze | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     permissions: | ||||
|       actions: read | ||||
|       contents: read | ||||
|       security-events: write | ||||
|  | ||||
|     strategy: | ||||
|       fail-fast: false | ||||
|       matrix: | ||||
|         language: ['javascript', 'python'] | ||||
|         language: [ 'javascript', 'python' ] | ||||
|         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] | ||||
|         # Learn more about CodeQL language support at https://git.io/codeql-language-support | ||||
|  | ||||
|     steps: | ||||
|       - name: Checkout repository | ||||
|         uses: actions/checkout@v4 | ||||
|       # Initializes the CodeQL tools for scanning. | ||||
|       - name: Initialize CodeQL | ||||
|         uses: github/codeql-action/init@v3 | ||||
|         with: | ||||
|           languages: ${{ matrix.language }} | ||||
|           # If you wish to specify custom queries, you can do so here or in a config file. | ||||
|           # By default, queries listed here will override any specified in a config file. | ||||
|           # Prefix the list here with "+" to use these queries and those in the config file. | ||||
|           # queries: ./path/to/local/query, your-org/your-repo/queries@main | ||||
|       - name: Perform CodeQL Analysis | ||||
|         uses: github/codeql-action/analyze@v3 | ||||
|     - name: Checkout repository | ||||
|       uses: actions/checkout@v4 | ||||
|  | ||||
|     # Initializes the CodeQL tools for scanning. | ||||
|     - name: Initialize CodeQL | ||||
|       uses: github/codeql-action/init@v3 | ||||
|       with: | ||||
|         languages: ${{ matrix.language }} | ||||
|         # If you wish to specify custom queries, you can do so here or in a config file. | ||||
|         # By default, queries listed here will override any specified in a config file. | ||||
|         # Prefix the list here with "+" to use these queries and those in the config file. | ||||
|         # queries: ./path/to/local/query, your-org/your-repo/queries@main | ||||
|  | ||||
|     - name: Perform CodeQL Analysis | ||||
|       uses: github/codeql-action/analyze@v3 | ||||
|   | ||||
							
								
								
									
										41
									
								
								.github/workflows/crowdin.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										41
									
								
								.github/workflows/crowdin.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1,28 +1,35 @@ | ||||
| name: Crowdin Action | ||||
|  | ||||
| on: | ||||
|   workflow_dispatch: | ||||
|   schedule: | ||||
|     - cron: '2 */12 * * *' | ||||
|   push: | ||||
|     paths: ['src/locale/**', 'src-ui/messages.xlf', 'src-ui/src/locale/**'] | ||||
|     branches: [dev] | ||||
|     paths: [ | ||||
|       'src/locale/**', | ||||
|       'src-ui/messages.xlf', | ||||
|       'src-ui/src/locale/**' | ||||
|     ] | ||||
|     branches: [ dev ] | ||||
|  | ||||
| jobs: | ||||
|   synchronize-with-crowdin: | ||||
|     name: Crowdin Sync | ||||
|     if: github.repository_owner == 'paperless-ngx' | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-latest | ||||
|  | ||||
|     steps: | ||||
|       - name: Checkout | ||||
|         uses: actions/checkout@v4 | ||||
|       - name: crowdin action | ||||
|         uses: crowdin/github-action@v2 | ||||
|         with: | ||||
|           upload_translations: false | ||||
|           download_translations: true | ||||
|           crowdin_branch_name: 'dev' | ||||
|           localization_branch_name: l10n_dev | ||||
|           pull_request_labels: 'skip-changelog, translation' | ||||
|         env: | ||||
|           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||||
|           CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }} | ||||
|           CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }} | ||||
|     - name: Checkout | ||||
|       uses: actions/checkout@v4 | ||||
|     - name: crowdin action | ||||
|       uses: crowdin/github-action@v2 | ||||
|       with: | ||||
|         upload_translations: false | ||||
|         download_translations: true | ||||
|         crowdin_branch_name: 'dev' | ||||
|         localization_branch_name: l10n_dev | ||||
|         pull_request_labels: 'skip-changelog, translation' | ||||
|       env: | ||||
|         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||||
|         CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }} | ||||
|         CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }} | ||||
|   | ||||
							
								
								
									
										112
									
								
								.github/workflows/pr-bot.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										112
									
								
								.github/workflows/pr-bot.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1,112 +0,0 @@ | ||||
| name: PR Bot | ||||
| on: | ||||
|   pull_request_target: | ||||
|     types: [opened] | ||||
| permissions: | ||||
|   contents: read | ||||
|   pull-requests: write | ||||
| jobs: | ||||
|   pr-bot: | ||||
|     name: Automated PR Bot | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Label PR by file path or branch name | ||||
|         # see .github/labeler.yml for the labeler config | ||||
|         uses: actions/labeler@v5 | ||||
|         with: | ||||
|           repo-token: ${{ secrets.GITHUB_TOKEN }} | ||||
|       - name: Label by size | ||||
|         uses: Gascon1/pr-size-labeler@v1.3.0 | ||||
|         with: | ||||
|           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||||
|           xs_label: 'small-change' | ||||
|           xs_diff: '9' | ||||
|           s_label: 'non-trivial' | ||||
|           s_diff: '99999' | ||||
|           fail_if_xl: 'false' | ||||
|           excluded_files: /\.lock$/ /\.txt$/ ^src-ui/pnpm-lock\.yaml$ ^src-ui/messages\.xlf$ ^src/locale/en_US/LC_MESSAGES/django\.po$ | ||||
|       - name: Label by PR title | ||||
|         uses: actions/github-script@v7 | ||||
|         with: | ||||
|           script: | | ||||
|             const pr = context.payload.pull_request; | ||||
|             const title = pr.title.toLowerCase(); | ||||
|             const labels = []; | ||||
|  | ||||
|             if (/^(fix|bugfix)/i.test(title)) { | ||||
|               labels.push('bug'); | ||||
|             } else if (/^feature/i.test(title)) { | ||||
|               labels.push('enhancement'); | ||||
|             } else { | ||||
|               labels.push('enhancement'); // Default fallback | ||||
|             } | ||||
|  | ||||
|             if (labels.length) { | ||||
|               await github.rest.issues.addLabels({ | ||||
|                 owner: context.repo.owner, | ||||
|                 repo: context.repo.repo, | ||||
|                 issue_number: pr.number, | ||||
|                 labels, | ||||
|               }); | ||||
|               core.info(`Added labels based on title: ${labels.join(', ')}`); | ||||
|             } | ||||
|       - name: Label bot-generated PRs | ||||
|         if: ${{ contains(github.actor, 'dependabot') || contains(github.actor, 'crowdin-bot') }} | ||||
|         uses: actions/github-script@v7 | ||||
|         with: | ||||
|           script: | | ||||
|             const pr = context.payload.pull_request; | ||||
|             const user = pr.user.login.toLowerCase(); | ||||
|             const labels = []; | ||||
|  | ||||
|             if (user.includes('dependabot')) { | ||||
|               labels.push('dependencies'); | ||||
|             } | ||||
|  | ||||
|             if (user.includes('crowdin-bot')) { | ||||
|               labels.push('translation', 'skip-changelog'); | ||||
|             } | ||||
|  | ||||
|             if (labels.length) { | ||||
|               await github.rest.issues.addLabels({ | ||||
|                 owner: context.repo.owner, | ||||
|                 repo: context.repo.repo, | ||||
|                 issue_number: pr.number, | ||||
|                 labels, | ||||
|               }); | ||||
|             } | ||||
|       - name: Welcome comment | ||||
|         if: ${{ !contains(github.actor, 'bot') }} | ||||
|         uses: actions/github-script@v7 | ||||
|         with: | ||||
|           script: | | ||||
|             const pr = context.payload.pull_request; | ||||
|             const user = pr.user.login; | ||||
|  | ||||
|             const { data: members } = await github.rest.orgs.listMembers({ | ||||
|               org: 'paperless-ngx', | ||||
|             }); | ||||
|  | ||||
|             const memberLogins = members.map(m => m.login.toLowerCase()); | ||||
|             if (memberLogins.includes(user.toLowerCase())) { | ||||
|               core.info('Skipping comment: user is org member'); | ||||
|               return; | ||||
|             } | ||||
|  | ||||
|             const body = | ||||
|                 "Hello @" + user + ",\n\n" + | ||||
|                 "Thank you very much for submitting this PR to us!\n\n" + | ||||
|                 "This is what will happen next:\n\n" + | ||||
|                 "1. CI tests will run against your PR to ensure quality and consistency.\n" + | ||||
|                 "2. Next, human contributors from paperless-ngx review your changes.\n" + | ||||
|                 "3. Please address any issues that come up during the review as soon as you are able to.\n" + | ||||
|                 "4. If accepted, your pull request will be merged into the `dev` branch and changes there will be tested further.\n" + | ||||
|                 "5. Eventually, changes from you and other contributors will be merged into `main` and a new release will be made.\n\n" + | ||||
|                 "You'll be hearing from us soon, and thank you again for contributing to our project."; | ||||
|  | ||||
|             await github.rest.issues.createComment({ | ||||
|               issue_number: pr.number, | ||||
|               owner: context.repo.owner, | ||||
|               repo: context.repo.repo, | ||||
|               body, | ||||
|             }); | ||||
							
								
								
									
										5
									
								
								.github/workflows/project-actions.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										5
									
								
								.github/workflows/project-actions.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1,4 +1,5 @@ | ||||
| name: Project Automations | ||||
|  | ||||
| on: | ||||
|   pull_request_target: #_target allows access to secrets | ||||
|     types: | ||||
| @@ -7,12 +8,14 @@ on: | ||||
|     branches: | ||||
|       - main | ||||
|       - dev | ||||
|  | ||||
| permissions: | ||||
|   contents: read | ||||
|  | ||||
| jobs: | ||||
|   pr_opened_or_reopened: | ||||
|     name: pr_opened_or_reopened | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-22.04 | ||||
|     permissions: | ||||
|       # write permission is required for autolabeler | ||||
|       pull-requests: write | ||||
|   | ||||
							
								
								
									
										37
									
								
								.github/workflows/repo-maintenance.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										37
									
								
								.github/workflows/repo-maintenance.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1,19 +1,23 @@ | ||||
| name: 'Repository Maintenance' | ||||
|  | ||||
| on: | ||||
|   schedule: | ||||
|     - cron: '0 3 * * *' | ||||
|   workflow_dispatch: | ||||
|  | ||||
| permissions: | ||||
|   issues: write | ||||
|   pull-requests: write | ||||
|   discussions: write | ||||
|  | ||||
| concurrency: | ||||
|   group: lock | ||||
|  | ||||
| jobs: | ||||
|   stale: | ||||
|     name: 'Stale' | ||||
|     if: github.repository_owner == 'paperless-ngx' | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - uses: actions/stale@v9 | ||||
|         with: | ||||
| @@ -23,12 +27,13 @@ jobs: | ||||
|           stale-issue-label: stale | ||||
|           stale-pr-label: stale | ||||
|           stale-issue-message: > | ||||
|             This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. See our [contributing guidelines](https://github.com/paperless-ngx/paperless-ngx/blob/dev/CONTRIBUTING.md#automatic-repository-maintenance) for more details. | ||||
|  | ||||
|             This issue has been automatically marked as stale because it has not had | ||||
|             recent activity. It will be closed if no further activity occurs. Thank you | ||||
|             for your contributions. See our [contributing guidelines](https://github.com/paperless-ngx/paperless-ngx/blob/dev/CONTRIBUTING.md#automatic-repository-maintenance) for more details. | ||||
|   lock-threads: | ||||
|     name: 'Lock Old Threads' | ||||
|     if: github.repository_owner == 'paperless-ngx' | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - uses: dessant/lock-threads@v5 | ||||
|         with: | ||||
| @@ -37,18 +42,24 @@ jobs: | ||||
|           discussion-inactive-days: '30' | ||||
|           log-output: true | ||||
|           issue-comment: > | ||||
|             This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new discussion or issue for related concerns. See our [contributing guidelines](https://github.com/paperless-ngx/paperless-ngx/blob/dev/CONTRIBUTING.md#automatic-repository-maintenance) for more details. | ||||
|  | ||||
|             This issue has been automatically locked since there | ||||
|             has not been any recent activity after it was closed. | ||||
|             Please open a new discussion or issue for related concerns. | ||||
|             See our [contributing guidelines](https://github.com/paperless-ngx/paperless-ngx/blob/dev/CONTRIBUTING.md#automatic-repository-maintenance) for more details. | ||||
|           pr-comment: > | ||||
|             This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new discussion or issue for related concerns. See our [contributing guidelines](https://github.com/paperless-ngx/paperless-ngx/blob/dev/CONTRIBUTING.md#automatic-repository-maintenance) for more details. | ||||
|  | ||||
|             This pull request has been automatically locked since there | ||||
|             has not been any recent activity after it was closed. | ||||
|             Please open a new discussion or issue for related concerns. | ||||
|             See our [contributing guidelines](https://github.com/paperless-ngx/paperless-ngx/blob/dev/CONTRIBUTING.md#automatic-repository-maintenance) for more details. | ||||
|           discussion-comment: > | ||||
|             This discussion has been automatically locked since there has not been any recent activity after it was closed. Please open a new discussion for related concerns. See our [contributing guidelines](https://github.com/paperless-ngx/paperless-ngx/blob/dev/CONTRIBUTING.md#automatic-repository-maintenance) for more details. | ||||
|  | ||||
|             This discussion has been automatically locked since there | ||||
|             has not been any recent activity after it was closed. | ||||
|             Please open a new discussion for related concerns. | ||||
|             See our [contributing guidelines](https://github.com/paperless-ngx/paperless-ngx/blob/dev/CONTRIBUTING.md#automatic-repository-maintenance) for more details. | ||||
|   close-answered-discussions: | ||||
|     name: 'Close Answered Discussions' | ||||
|     if: github.repository_owner == 'paperless-ngx' | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - uses: actions/github-script@v7 | ||||
|         with: | ||||
| @@ -105,7 +116,7 @@ jobs: | ||||
|   close-outdated-discussions: | ||||
|     name: 'Close Outdated Discussions' | ||||
|     if: github.repository_owner == 'paperless-ngx' | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - uses: actions/github-script@v7 | ||||
|         with: | ||||
| @@ -197,7 +208,7 @@ jobs: | ||||
|   close-unsupported-feature-requests: | ||||
|     name: 'Close Unsupported Feature Requests' | ||||
|     if: github.repository_owner == 'paperless-ngx' | ||||
|     runs-on: ubuntu-24.04 | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - uses: actions/github-script@v7 | ||||
|         with: | ||||
|   | ||||
							
								
								
									
										69
									
								
								.github/workflows/translate-strings.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										69
									
								
								.github/workflows/translate-strings.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1,69 +0,0 @@ | ||||
| name: Generate Translation Strings | ||||
| on: | ||||
|   push: | ||||
|     branches: | ||||
|       - dev | ||||
| jobs: | ||||
|   generate-translate-strings: | ||||
|     name: Generate Translation Strings | ||||
|     runs-on: ubuntu-latest | ||||
|     permissions: | ||||
|       contents: write | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
|         with: | ||||
|           token: ${{ secrets.PNGX_BOT_PAT }} | ||||
|           ref: ${{ github.head_ref }} | ||||
|       - name: Set up Python | ||||
|         id: setup-python | ||||
|         uses: actions/setup-python@v5 | ||||
|       - name: Install system dependencies | ||||
|         run: | | ||||
|           sudo apt-get update -qq | ||||
|           sudo apt-get install -qq --no-install-recommends gettext | ||||
|       - name: Install uv | ||||
|         uses: astral-sh/setup-uv@v6 | ||||
|         with: | ||||
|           enable-cache: true | ||||
|       - name: Install backend python dependencies | ||||
|         run: | | ||||
|           uv sync \ | ||||
|             --group dev \ | ||||
|             --frozen | ||||
|       - name: Generate backend translation strings | ||||
|         run: cd src/ && uv run manage.py makemessages -l en_US -i "samples*" | ||||
|       - name: Install pnpm | ||||
|         uses: pnpm/action-setup@v4 | ||||
|         with: | ||||
|           version: 10 | ||||
|       - name: Use Node.js 20 | ||||
|         uses: actions/setup-node@v4 | ||||
|         with: | ||||
|           node-version: 20.x | ||||
|           cache: 'pnpm' | ||||
|           cache-dependency-path: 'src-ui/pnpm-lock.yaml' | ||||
|       - name: Cache frontend dependencies | ||||
|         id: cache-frontend-deps | ||||
|         uses: actions/cache@v4 | ||||
|         with: | ||||
|           path: | | ||||
|             ~/.pnpm-store | ||||
|             ~/.cache | ||||
|           key: ${{ runner.os }}-frontenddeps-${{ hashFiles('src-ui/pnpm-lock.yaml') }} | ||||
|       - name: Install frontend dependencies | ||||
|         if: steps.cache-frontend-deps.outputs.cache-hit != 'true' | ||||
|         run: cd src-ui && pnpm install | ||||
|       - name: Re-link Angular cli | ||||
|         run: cd src-ui && pnpm link @angular/cli | ||||
|       - name: Generate frontend translation strings | ||||
|         run: | | ||||
|           cd src-ui | ||||
|           pnpm run ng extract-i18n | ||||
|       - name: Commit changes | ||||
|         uses: stefanzweifel/git-auto-commit-action@v5 | ||||
|         with: | ||||
|           file_pattern: 'src-ui/messages.xlf src/locale/en_US/LC_MESSAGES/django.po' | ||||
|           commit_message: "Auto translate strings" | ||||
|           commit_user_name: "GitHub Actions" | ||||
|           commit_author: "GitHub Actions <41898282+github-actions[bot]@users.noreply.github.com>" | ||||
							
								
								
									
										7
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										7
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -44,7 +44,6 @@ nosetests.xml | ||||
| coverage.xml | ||||
| *,cover | ||||
| .pytest_cache | ||||
| junit.xml | ||||
|  | ||||
| # Translations | ||||
| *.mo | ||||
| @@ -101,9 +100,3 @@ scripts/nuke | ||||
|  | ||||
| # celery schedule file | ||||
| celerybeat-schedule* | ||||
|  | ||||
| # ignore .devcontainer sub folders | ||||
| /.devcontainer/consume/ | ||||
| /.devcontainer/data/ | ||||
| /.devcontainer/media/ | ||||
| /.devcontainer/redisdata/ | ||||
|   | ||||
| @@ -5,7 +5,7 @@ | ||||
| repos: | ||||
|   # General hooks | ||||
|   - repo: https://github.com/pre-commit/pre-commit-hooks | ||||
|     rev: v5.0.0 | ||||
|     rev: v4.6.0 | ||||
|     hooks: | ||||
|       - id: check-docstring-first | ||||
|       - id: check-json | ||||
| @@ -29,10 +29,10 @@ repos: | ||||
|       - id: check-case-conflict | ||||
|       - id: detect-private-key | ||||
|   - repo: https://github.com/codespell-project/codespell | ||||
|     rev: v2.4.0 | ||||
|     rev: v2.3.0 | ||||
|     hooks: | ||||
|       - id: codespell | ||||
|         exclude: "(^src-ui/src/locale/)|(^src-ui/pnpm-lock.yaml)|(^src-ui/e2e/)|(^src/paperless_mail/tests/samples/)" | ||||
|         exclude: "(^src-ui/src/locale/)|(^src-ui/e2e/)|(^src/paperless_mail/tests/samples/)" | ||||
|         exclude_types: | ||||
|           - pofile | ||||
|           - json | ||||
| @@ -45,19 +45,13 @@ repos: | ||||
|           - javascript | ||||
|           - ts | ||||
|           - markdown | ||||
|         additional_dependencies: | ||||
|           - prettier@3.3.3 | ||||
|           - 'prettier-plugin-organize-imports@4.1.0' | ||||
|         exclude: "(^Pipfile\\.lock$)" | ||||
|   # Python hooks | ||||
|   - repo: https://github.com/astral-sh/ruff-pre-commit | ||||
|     rev: v0.9.9 | ||||
|     rev: 'v0.6.8' | ||||
|     hooks: | ||||
|       - id: ruff | ||||
|       - id: ruff-format | ||||
|   - repo: https://github.com/tox-dev/pyproject-fmt | ||||
|     rev: "v2.5.1" | ||||
|     hooks: | ||||
|       - id: pyproject-fmt | ||||
|   # Dockerfile hooks | ||||
|   - repo: https://github.com/AleksaC/hadolint-py | ||||
|     rev: v2.12.0.3 | ||||
| @@ -76,8 +70,3 @@ repos: | ||||
|     rev: "v0.10.0.1" | ||||
|     hooks: | ||||
|       - id: shellcheck | ||||
|   - repo: https://github.com/google/yamlfmt | ||||
|     rev: v0.14.0 | ||||
|     hooks: | ||||
|       - id: yamlfmt | ||||
|         exclude: "^src-ui/pnpm-lock.yaml" | ||||
|   | ||||
							
								
								
									
										16
									
								
								.prettierrc
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										16
									
								
								.prettierrc
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,16 @@ | ||||
| { | ||||
|     # https://prettier.io/docs/en/options.html#semicolons | ||||
|     "semi": false, | ||||
|     # https://prettier.io/docs/en/options.html#quotes | ||||
|     "singleQuote": true, | ||||
|     # https://prettier.io/docs/en/options.html#trailing-commas | ||||
|     "trailingComma": "es5", | ||||
|     "overrides": [ | ||||
|         { | ||||
|             "files": ["docs/*.md"], | ||||
|             "options": { | ||||
|                 "tabWidth": 4, | ||||
|             } | ||||
|         } | ||||
|     ] | ||||
| } | ||||
| @@ -1,19 +0,0 @@ | ||||
| const config = { | ||||
| 	// https://prettier.io/docs/en/options.html#semicolons | ||||
| 	semi: false, | ||||
| 	// https://prettier.io/docs/en/options.html#quotes | ||||
| 	singleQuote: true, | ||||
| 	// https://prettier.io/docs/en/options.html#trailing-commas | ||||
| 	trailingComma: 'es5', | ||||
| 	overrides: [ | ||||
| 		{ | ||||
| 			files: ['docs/*.md'], | ||||
| 			options: { | ||||
| 				tabWidth: 4, | ||||
| 			}, | ||||
| 		}, | ||||
| 	], | ||||
| 	plugins: [require('prettier-plugin-organize-imports')], | ||||
| } | ||||
|  | ||||
| module.exports = config | ||||
							
								
								
									
										1
									
								
								.python-version
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										1
									
								
								.python-version
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1 @@ | ||||
| 3.10.15 | ||||
							
								
								
									
										47
									
								
								.ruff.toml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										47
									
								
								.ruff.toml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,47 @@ | ||||
| fix = true | ||||
| line-length = 88 | ||||
| respect-gitignore = true | ||||
| src = ["src"] | ||||
| target-version = "py310" | ||||
| output-format = "grouped" | ||||
| show-fixes = true | ||||
|  | ||||
| # https://docs.astral.sh/ruff/settings/ | ||||
| # https://docs.astral.sh/ruff/rules/ | ||||
| [lint] | ||||
| extend-select = [ | ||||
|   "W",     # https://docs.astral.sh/ruff/rules/#pycodestyle-e-w | ||||
|   "I",     # https://docs.astral.sh/ruff/rules/#isort-i | ||||
|   "UP",    # https://docs.astral.sh/ruff/rules/#pyupgrade-up | ||||
|   "COM",   # https://docs.astral.sh/ruff/rules/#flake8-commas-com | ||||
|   "DJ",    # https://docs.astral.sh/ruff/rules/#flake8-django-dj | ||||
|   "EXE",   # https://docs.astral.sh/ruff/rules/#flake8-executable-exe | ||||
|   "ISC",   # https://docs.astral.sh/ruff/rules/#flake8-implicit-str-concat-isc | ||||
|   "ICN",   # https://docs.astral.sh/ruff/rules/#flake8-import-conventions-icn | ||||
|   "G201",  # https://docs.astral.sh/ruff/rules/#flake8-logging-format-g | ||||
|   "INP",   # https://docs.astral.sh/ruff/rules/#flake8-no-pep420-inp | ||||
|   "PIE",   # https://docs.astral.sh/ruff/rules/#flake8-pie-pie | ||||
|   "Q",     # https://docs.astral.sh/ruff/rules/#flake8-quotes-q | ||||
|   "RSE",   # https://docs.astral.sh/ruff/rules/#flake8-raise-rse | ||||
|   "T20",   # https://docs.astral.sh/ruff/rules/#flake8-print-t20 | ||||
|   "SIM",   # https://docs.astral.sh/ruff/rules/#flake8-simplify-sim | ||||
|   "TID",   # https://docs.astral.sh/ruff/rules/#flake8-tidy-imports-tid | ||||
|   "TCH",   # https://docs.astral.sh/ruff/rules/#flake8-type-checking-tch | ||||
|   "PLC",   # https://docs.astral.sh/ruff/rules/#pylint-pl | ||||
|   "PLE",   # https://docs.astral.sh/ruff/rules/#pylint-pl | ||||
|   "RUF",   # https://docs.astral.sh/ruff/rules/#ruff-specific-rules-ruf | ||||
|   "FLY",   # https://docs.astral.sh/ruff/rules/#flynt-fly | ||||
| ] | ||||
| # TODO PTH https://docs.astral.sh/ruff/rules/#flake8-use-pathlib-pth | ||||
| ignore = ["DJ001", "SIM105", "RUF012"] | ||||
|  | ||||
| [lint.per-file-ignores] | ||||
| ".github/scripts/*.py" = ["E501", "INP001", "SIM117"] | ||||
| "docker/wait-for-redis.py" = ["INP001", "T201"] | ||||
| "*/tests/*.py" = ["E501", "SIM117"] | ||||
| "*/migrations/*.py" = ["E501", "SIM", "T201"] | ||||
| "src/paperless_tesseract/tests/test_parser.py" = ["RUF001"] | ||||
| "src/documents/models.py" = ["SIM115"] | ||||
|  | ||||
| [lint.isort] | ||||
| force-single-line = true | ||||
| @@ -5,6 +5,5 @@ | ||||
| /src-ui/ @paperless-ngx/frontend | ||||
|  | ||||
| /src/ @paperless-ngx/backend | ||||
| pyproject.toml @paperless-ngx/backend | ||||
| uv.lock @paperless-ngx/backend | ||||
| Pipfile* @paperless-ngx/backend | ||||
| *.py @paperless-ngx/backend | ||||
|   | ||||
| @@ -81,7 +81,7 @@ Some notes about translation: | ||||
|  | ||||
| If a language has already been added, and you would like to contribute new translations or change existing translations, please read the "Translation" section in the README.md file for further details on that. | ||||
|  | ||||
| If you would like the project to be translated to another language, first head over to https://crowdin.com/project/paperless-ngx to check if that language has already been enabled for translation. | ||||
| If you would like the project to be translated to another language, first head over to https://crwd.in/paperless-ngx to check if that language has already been enabled for translation. | ||||
| If not, please request the language to be added by creating an issue on GitHub. The issue should contain: | ||||
|  | ||||
| - English name of the language (the localized name can be added on Crowdin). | ||||
|   | ||||
							
								
								
									
										183
									
								
								Dockerfile
									
									
									
									
									
								
							
							
						
						
									
										183
									
								
								Dockerfile
									
									
									
									
									
								
							| @@ -4,17 +4,15 @@ | ||||
| # Stage: compile-frontend | ||||
| # Purpose: Compiles the frontend | ||||
| # Notes: | ||||
| #  - Does PNPM stuff with Typescript and such | ||||
| #  - Does NPM stuff with Typescript and such | ||||
| FROM --platform=$BUILDPLATFORM docker.io/node:20-bookworm-slim AS compile-frontend | ||||
|  | ||||
| COPY ./src-ui /src/src-ui | ||||
|  | ||||
| WORKDIR /src/src-ui | ||||
| RUN set -eux \ | ||||
|   && npm update -g pnpm \ | ||||
|   && npm install -g corepack@latest \ | ||||
|   && corepack enable \ | ||||
|   && pnpm install | ||||
|   && npm update npm -g \ | ||||
|   && npm ci | ||||
|  | ||||
| ARG PNGX_TAG_VERSION= | ||||
| # Add the tag to the environment file if its a tagged dev build | ||||
| @@ -28,66 +26,28 @@ esac | ||||
| RUN set -eux \ | ||||
|   && ./node_modules/.bin/ng build --configuration production | ||||
|  | ||||
| # Stage: s6-overlay-base | ||||
| # Purpose: Installs s6-overlay and rootfs | ||||
| # Stage: pipenv-base | ||||
| # Purpose: Generates a requirements.txt file for building | ||||
| # Comments: | ||||
| #  - Don't leave anything extra in here either | ||||
| FROM ghcr.io/astral-sh/uv:0.6.16-python3.12-bookworm-slim AS s6-overlay-base | ||||
| #  - pipenv dependencies are not left in the final image | ||||
| #  - pipenv can't touch the final image somehow | ||||
| FROM --platform=$BUILDPLATFORM docker.io/python:3.12-alpine AS pipenv-base | ||||
|  | ||||
| WORKDIR /usr/src/s6 | ||||
| WORKDIR /usr/src/pipenv | ||||
|  | ||||
| # https://github.com/just-containers/s6-overlay#customizing-s6-overlay-behaviour | ||||
| ENV \ | ||||
|     S6_BEHAVIOUR_IF_STAGE2_FAILS=2 \ | ||||
|     S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \ | ||||
|     S6_VERBOSITY=1 \ | ||||
|     PATH=/command:$PATH | ||||
|  | ||||
| # Buildx provided, must be defined to use though | ||||
| ARG TARGETARCH | ||||
| ARG TARGETVARIANT | ||||
| # Lock this version | ||||
| ARG S6_OVERLAY_VERSION=3.2.1.0 | ||||
|  | ||||
| ARG S6_BUILD_TIME_PKGS="curl \ | ||||
|                         xz-utils" | ||||
| COPY Pipfile* ./ | ||||
|  | ||||
| RUN set -eux \ | ||||
|     && echo "Installing build time packages" \ | ||||
|       && apt-get update \ | ||||
|       && apt-get install --yes --quiet --no-install-recommends ${S6_BUILD_TIME_PKGS} \ | ||||
|     && echo "Determining arch" \ | ||||
|       && S6_ARCH="" \ | ||||
|       && if [ "${TARGETARCH}${TARGETVARIANT}" = "amd64" ]; then S6_ARCH="x86_64"; \ | ||||
|       elif [ "${TARGETARCH}${TARGETVARIANT}" = "arm64" ]; then S6_ARCH="aarch64"; fi\ | ||||
|       && if [ -z "${S6_ARCH}" ]; then { echo "Error: Not able to determine arch"; exit 1; }; fi \ | ||||
|     && echo "Installing s6-overlay for ${S6_ARCH}" \ | ||||
|       && curl --fail --silent --no-progress-meter --show-error --location --remote-name-all --parallel --parallel-max 4 \ | ||||
|         "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz" \ | ||||
|         "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz.sha256" \ | ||||
|         "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.xz" \ | ||||
|         "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.xz.sha256" \ | ||||
|       && echo "Validating s6-archive checksums" \ | ||||
|         && sha256sum --check ./*.sha256 \ | ||||
|       && echo "Unpacking archives" \ | ||||
|         && tar --directory / -Jxpf s6-overlay-noarch.tar.xz \ | ||||
|         && tar --directory / -Jxpf s6-overlay-${S6_ARCH}.tar.xz \ | ||||
|       && echo "Removing downloaded archives" \ | ||||
|         && rm ./*.tar.xz \ | ||||
|         && rm ./*.sha256 \ | ||||
|     && echo "Cleaning up image" \ | ||||
|       && apt-get --yes purge ${S6_BUILD_TIME_PKGS} \ | ||||
|       && apt-get --yes autoremove --purge \ | ||||
|       && rm -rf /var/lib/apt/lists/* | ||||
|  | ||||
| # Copy our service defs and filesystem | ||||
| COPY ./docker/rootfs / | ||||
|   && echo "Installing pipenv" \ | ||||
|     && python3 -m pip install --no-cache-dir --upgrade pipenv==2024.0.3 \ | ||||
|   && echo "Generating requirement.txt" \ | ||||
|     && pipenv requirements > requirements.txt | ||||
|  | ||||
| # Stage: main-app | ||||
| # Purpose: The final image | ||||
| # Comments: | ||||
| #  - Don't leave anything extra in here | ||||
| FROM s6-overlay-base AS main-app | ||||
| FROM docker.io/python:3.12-slim-bookworm AS main-app | ||||
|  | ||||
| LABEL org.opencontainers.image.authors="paperless-ngx team <hello@paperless-ngx.com>" | ||||
| LABEL org.opencontainers.image.documentation="https://docs.paperless-ngx.com/" | ||||
| @@ -101,19 +61,16 @@ ARG DEBIAN_FRONTEND=noninteractive | ||||
| ARG TARGETARCH | ||||
|  | ||||
| # Can be workflow provided, defaults set for manual building | ||||
| ARG JBIG2ENC_VERSION=0.30 | ||||
| ARG JBIG2ENC_VERSION=0.29 | ||||
| ARG QPDF_VERSION=11.9.0 | ||||
| ARG GS_VERSION=10.03.1 | ||||
|  | ||||
| # Set Python environment variables | ||||
| ENV PYTHONDONTWRITEBYTECODE=1 \ | ||||
|     PYTHONUNBUFFERED=1 \ | ||||
|     # Ignore warning from Whitenoise about async iterators | ||||
|     # Ignore warning from Whitenoise | ||||
|     PYTHONWARNINGS="ignore:::django.http.response:517" \ | ||||
|     PNGX_CONTAINERIZED=1 \ | ||||
|     # https://docs.astral.sh/uv/reference/settings/#link-mode | ||||
|     UV_LINK_MODE=copy \ | ||||
|     UV_CACHE_DIR=/cache/uv/ | ||||
|     PNGX_CONTAINERIZED=1 | ||||
|  | ||||
| # | ||||
| # Begin installation and configuration | ||||
| @@ -170,51 +127,118 @@ RUN set -eux \ | ||||
|     && apt-get update \ | ||||
|     && apt-get install --yes --quiet --no-install-recommends ${RUNTIME_PACKAGES} \ | ||||
|     && echo "Installing pre-built updates" \ | ||||
|       && curl --fail --silent --no-progress-meter --show-error --location --remote-name-all --parallel --parallel-max 4 \ | ||||
|         https://github.com/paperless-ngx/builder/releases/download/qpdf-${QPDF_VERSION}/libqpdf29_${QPDF_VERSION}-1_${TARGETARCH}.deb \ | ||||
|         https://github.com/paperless-ngx/builder/releases/download/qpdf-${QPDF_VERSION}/qpdf_${QPDF_VERSION}-1_${TARGETARCH}.deb \ | ||||
|         https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/libgs10_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \ | ||||
|         https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/ghostscript_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \ | ||||
|         https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/libgs10-common_${GS_VERSION}.dfsg-1_all.deb \ | ||||
|         https://github.com/paperless-ngx/builder/releases/download/jbig2enc-${JBIG2ENC_VERSION}/jbig2enc_${JBIG2ENC_VERSION}-1_${TARGETARCH}.deb \ | ||||
|       && echo "Installing qpdf ${QPDF_VERSION}" \ | ||||
|         && curl --fail --silent --show-error --location \ | ||||
|           --output libqpdf29_${QPDF_VERSION}-1_${TARGETARCH}.deb \ | ||||
|           https://github.com/paperless-ngx/builder/releases/download/qpdf-${QPDF_VERSION}/libqpdf29_${QPDF_VERSION}-1_${TARGETARCH}.deb \ | ||||
|         && curl --fail --silent --show-error --location \ | ||||
|           --output qpdf_${QPDF_VERSION}-1_${TARGETARCH}.deb \ | ||||
|           https://github.com/paperless-ngx/builder/releases/download/qpdf-${QPDF_VERSION}/qpdf_${QPDF_VERSION}-1_${TARGETARCH}.deb \ | ||||
|         && dpkg --install ./libqpdf29_${QPDF_VERSION}-1_${TARGETARCH}.deb \ | ||||
|         && dpkg --install ./qpdf_${QPDF_VERSION}-1_${TARGETARCH}.deb \ | ||||
|       && echo "Installing Ghostscript ${GS_VERSION}" \ | ||||
|         && curl --fail --silent --show-error --location \ | ||||
|           --output libgs10_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \ | ||||
|           https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/libgs10_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \ | ||||
|         && curl --fail --silent --show-error --location \ | ||||
|           --output ghostscript_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \ | ||||
|           https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/ghostscript_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \ | ||||
|         && curl --fail --silent --show-error --location \ | ||||
|           --output libgs10-common_${GS_VERSION}.dfsg-1_all.deb \ | ||||
|           https://github.com/paperless-ngx/builder/releases/download/ghostscript-${GS_VERSION}/libgs10-common_${GS_VERSION}.dfsg-1_all.deb \ | ||||
|         && dpkg --install ./libgs10-common_${GS_VERSION}.dfsg-1_all.deb \ | ||||
|         && dpkg --install ./libgs10_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \ | ||||
|         && dpkg --install ./ghostscript_${GS_VERSION}.dfsg-1_${TARGETARCH}.deb \ | ||||
|       && echo "Installing jbig2enc" \ | ||||
|         && curl --fail --silent --show-error --location \ | ||||
|           --output jbig2enc_${JBIG2ENC_VERSION}-1_${TARGETARCH}.deb \ | ||||
|           https://github.com/paperless-ngx/builder/releases/download/jbig2enc-${JBIG2ENC_VERSION}/jbig2enc_${JBIG2ENC_VERSION}-1_${TARGETARCH}.deb \ | ||||
|         && dpkg --install ./jbig2enc_${JBIG2ENC_VERSION}-1_${TARGETARCH}.deb \ | ||||
|       && echo "Configuring imagemagick" \ | ||||
|         && cp /etc/ImageMagick-6/paperless-policy.xml /etc/ImageMagick-6/policy.xml \ | ||||
|       && echo "Cleaning up image layer" \ | ||||
|         && rm --force --verbose *.deb \ | ||||
|     && rm --recursive --force --verbose /var/lib/apt/lists/* | ||||
|     && rm --recursive --force --verbose /var/lib/apt/lists/* \ | ||||
|   && echo "Installing supervisor" \ | ||||
|     && python3 -m pip install --default-timeout=1000 --upgrade --no-cache-dir supervisor==4.2.5 | ||||
|  | ||||
| # Copy gunicorn config | ||||
| # Changes very infrequently | ||||
| WORKDIR /usr/src/paperless/ | ||||
|  | ||||
| COPY gunicorn.conf.py . | ||||
|  | ||||
| # setup docker-specific things | ||||
| # These change sometimes, but rarely | ||||
| WORKDIR /usr/src/paperless/src/docker/ | ||||
|  | ||||
| COPY [ \ | ||||
|   "docker/imagemagick-policy.xml", \ | ||||
|   "docker/supervisord.conf", \ | ||||
|   "docker/docker-entrypoint.sh", \ | ||||
|   "docker/docker-prepare.sh", \ | ||||
|   "docker/paperless_cmd.sh", \ | ||||
|   "docker/wait-for-redis.py", \ | ||||
|   "docker/env-from-file.sh", \ | ||||
|   "docker/management_script.sh", \ | ||||
|   "docker/flower-conditional.sh", \ | ||||
|   "docker/install_management_commands.sh", \ | ||||
|   "/usr/src/paperless/src/docker/" \ | ||||
| ] | ||||
|  | ||||
| RUN set -eux \ | ||||
|   && echo "Configuring ImageMagick" \ | ||||
|     && mv imagemagick-policy.xml /etc/ImageMagick-6/policy.xml \ | ||||
|   && echo "Configuring supervisord" \ | ||||
|     && mkdir /var/log/supervisord /var/run/supervisord \ | ||||
|     && mv supervisord.conf /etc/supervisord.conf \ | ||||
|   && echo "Setting up Docker scripts" \ | ||||
|     && mv docker-entrypoint.sh /sbin/docker-entrypoint.sh \ | ||||
|     && chmod 755 /sbin/docker-entrypoint.sh \ | ||||
|     && mv docker-prepare.sh /sbin/docker-prepare.sh \ | ||||
|     && chmod 755 /sbin/docker-prepare.sh \ | ||||
|     && mv wait-for-redis.py /sbin/wait-for-redis.py \ | ||||
|     && chmod 755 /sbin/wait-for-redis.py \ | ||||
|     && mv env-from-file.sh /sbin/env-from-file.sh \ | ||||
|     && chmod 755 /sbin/env-from-file.sh \ | ||||
|     && mv paperless_cmd.sh /usr/local/bin/paperless_cmd.sh \ | ||||
|     && chmod 755 /usr/local/bin/paperless_cmd.sh \ | ||||
|     && mv flower-conditional.sh /usr/local/bin/flower-conditional.sh \ | ||||
|     && chmod 755 /usr/local/bin/flower-conditional.sh \ | ||||
|   && echo "Installing management commands" \ | ||||
|     && chmod +x install_management_commands.sh \ | ||||
|     && ./install_management_commands.sh | ||||
|  | ||||
| WORKDIR /usr/src/paperless/src/ | ||||
|  | ||||
| # Python dependencies | ||||
| # Change pretty frequently | ||||
| COPY --chown=1000:1000 ["pyproject.toml", "uv.lock", "/usr/src/paperless/src/"] | ||||
| COPY --from=pipenv-base /usr/src/pipenv/requirements.txt ./ | ||||
|  | ||||
| # Packages needed only for building a few quick Python | ||||
| # dependencies | ||||
| ARG BUILD_PACKAGES="\ | ||||
|   build-essential \ | ||||
|   git \ | ||||
|   # https://www.psycopg.org/docs/install.html#prerequisites | ||||
|   libpq-dev \ | ||||
|   # https://github.com/PyMySQL/mysqlclient#linux | ||||
|   default-libmysqlclient-dev \ | ||||
|   pkg-config" | ||||
|  | ||||
| # hadolint ignore=DL3042 | ||||
| RUN --mount=type=cache,target=${UV_CACHE_DIR},id=python-cache \ | ||||
| RUN --mount=type=cache,target=/root/.cache/pip/,id=pip-cache \ | ||||
|   set -eux \ | ||||
|   && echo "Installing build system packages" \ | ||||
|     && apt-get update \ | ||||
|     && apt-get install --yes --quiet --no-install-recommends ${BUILD_PACKAGES} \ | ||||
|     && python3 -m pip install --no-cache-dir --upgrade wheel \ | ||||
|   && echo "Installing Python requirements" \ | ||||
|     && uv export --quiet --no-dev --all-extras --format requirements-txt --output-file requirements.txt \ | ||||
|     && uv pip install --system --no-python-downloads --python-preference system --requirements requirements.txt \ | ||||
|     && curl --fail --silent --show-error --location \ | ||||
|     --output psycopg_c-3.2.2-cp312-cp312-linux_x86_64.whl \ | ||||
|     https://github.com/paperless-ngx/builder/releases/download/psycopg-3.2.2/psycopg_c-3.2.2-cp312-cp312-linux_x86_64.whl \ | ||||
|     && curl --fail --silent --show-error --location \ | ||||
|     --output psycopg_c-3.2.2-cp312-cp312-linux_aarch64.whl  \ | ||||
|     https://github.com/paperless-ngx/builder/releases/download/psycopg-3.2.2/psycopg_c-3.2.2-cp312-cp312-linux_aarch64.whl \ | ||||
|     && python3 -m pip install --default-timeout=1000 --find-links . --requirement requirements.txt \ | ||||
|   && echo "Installing NLTK data" \ | ||||
|     && python3 -W ignore::RuntimeWarning -m nltk.downloader -d "/usr/share/nltk_data" snowball_data \ | ||||
|     && python3 -W ignore::RuntimeWarning -m nltk.downloader -d "/usr/share/nltk_data" stopwords \ | ||||
| @@ -239,7 +263,6 @@ COPY --from=compile-frontend --chown=1000:1000 /src/src/documents/static/fronten | ||||
| # add users, setup scripts | ||||
| # Mount the compiled frontend to expected location | ||||
| RUN set -eux \ | ||||
|   && sed -i '1s|^#!/usr/bin/env python3|#!/command/with-contenv python3|' manage.py \ | ||||
|   && echo "Setting up user/group" \ | ||||
|     && addgroup --gid 1000 paperless \ | ||||
|     && useradd --uid 1000 --gid paperless --home-dir /usr/src/paperless paperless \ | ||||
| @@ -253,16 +276,18 @@ RUN set -eux \ | ||||
|   && echo "Adjusting all permissions" \ | ||||
|     && chown --from root:root --changes --recursive paperless:paperless /usr/src/paperless \ | ||||
|   && echo "Collecting static files" \ | ||||
|     && s6-setuidgid paperless python3 manage.py collectstatic --clear --no-input --link \ | ||||
|     && s6-setuidgid paperless python3 manage.py compilemessages | ||||
|     && gosu paperless python3 manage.py collectstatic --clear --no-input --link \ | ||||
|     && gosu paperless python3 manage.py compilemessages | ||||
|  | ||||
| VOLUME ["/usr/src/paperless/data", \ | ||||
|         "/usr/src/paperless/media", \ | ||||
|         "/usr/src/paperless/consume", \ | ||||
|         "/usr/src/paperless/export"] | ||||
|  | ||||
| ENTRYPOINT ["/init"] | ||||
| ENTRYPOINT ["/sbin/docker-entrypoint.sh"] | ||||
|  | ||||
| EXPOSE 8000 | ||||
|  | ||||
| CMD ["/usr/local/bin/paperless_cmd.sh"] | ||||
|  | ||||
| HEALTHCHECK --interval=30s --timeout=10s --retries=5 CMD [ "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000" ] | ||||
|   | ||||
							
								
								
									
										100
									
								
								Pipfile
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										100
									
								
								Pipfile
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,100 @@ | ||||
| [[source]] | ||||
| url = "https://pypi.python.org/simple" | ||||
| verify_ssl = true | ||||
| name = "pypi" | ||||
|  | ||||
| [packages] | ||||
| dateparser = "~=1.2" | ||||
| # WARNING: django does not use semver. | ||||
| #          Only patch versions are guaranteed to not introduce breaking changes. | ||||
| django = "~=5.1.1" | ||||
| django-allauth = {extras = ["socialaccount"], version = "*"} | ||||
| django-auditlog = "*" | ||||
| django-celery-results = "*" | ||||
| django-compression-middleware = "*" | ||||
| django-cors-headers = "*" | ||||
| django-extensions = "*" | ||||
| django-filter = "~=24.3" | ||||
| django-guardian = "*" | ||||
| django-multiselectfield = "*" | ||||
| django-soft-delete = "*" | ||||
| djangorestframework = "==3.15.2" | ||||
| djangorestframework-guardian = "*" | ||||
| drf-writable-nested = "*" | ||||
| bleach = "*" | ||||
| celery = {extras = ["redis"], version = "*"} | ||||
| channels = "~=4.1" | ||||
| channels-redis = "*" | ||||
| concurrent-log-handler = "*" | ||||
| filelock = "*" | ||||
| flower = "*" | ||||
| gotenberg-client = "*" | ||||
| gunicorn = "*" | ||||
| httpx-oauth = "*" | ||||
| imap-tools = "*" | ||||
| inotifyrecursive = "~=0.3" | ||||
| jinja2 = "~=3.1" | ||||
| langdetect = "*" | ||||
| mysqlclient = "*" | ||||
| nltk = "*" | ||||
| ocrmypdf = "~=16.5" | ||||
| pathvalidate = "*" | ||||
| pdf2image = "*" | ||||
| psycopg = {version = "*", extras = ["c"]} | ||||
| python-dateutil = "*" | ||||
| python-dotenv = "*" | ||||
| python-gnupg = "*" | ||||
| python-ipware = "*" | ||||
| python-magic = "*" | ||||
| pyzbar = "*" | ||||
| rapidfuzz = "*" | ||||
| redis = {extras = ["hiredis"], version = "*"} | ||||
| scikit-learn = "~=1.5" | ||||
| setproctitle = "*" | ||||
| tika-client = "*" | ||||
| tqdm = "*" | ||||
| # See https://github.com/paperless-ngx/paperless-ngx/issues/5494 | ||||
| uvicorn = {extras = ["standard"], version = "==0.25.0"} | ||||
| watchdog = "~=4.0" | ||||
| whitenoise = "~=6.8" | ||||
| whoosh = "~=2.7" | ||||
| zxing-cpp = {version = "*", platform_machine = "== 'x86_64'"} | ||||
|  | ||||
|  | ||||
| [dev-packages] | ||||
| # Linting | ||||
| pre-commit = "*" | ||||
| ruff = "*" | ||||
| factory-boy = "*" | ||||
| # Testing | ||||
| pytest = "*" | ||||
| pytest-cov = "*" | ||||
| pytest-django = "*" | ||||
| pytest-httpx = "*" | ||||
| pytest-env = "*" | ||||
| pytest-sugar = "*" | ||||
| pytest-xdist = "*" | ||||
| pytest-mock = "*" | ||||
| pytest-rerunfailures = "*" | ||||
| imagehash = "*" | ||||
| daphne = "*" | ||||
| # Documentation | ||||
| mkdocs-material = "*" | ||||
| mkdocs-glightbox = "*" | ||||
|  | ||||
| [typing-dev] | ||||
| mypy = "*" | ||||
| types-Pillow = "*" | ||||
| django-filter-stubs = "*" | ||||
| types-python-dateutil = "*" | ||||
| djangorestframework-stubs = {extras= ["compatible-mypy"], version="*"} | ||||
| celery-types = "*" | ||||
| django-stubs = {extras= ["compatible-mypy"], version="*"} | ||||
| types-dateparser = "*" | ||||
| types-bleach = "*" | ||||
| types-redis = "*" | ||||
| types-tqdm = "*" | ||||
| types-Markdown = "*" | ||||
| types-Pygments = "*" | ||||
| types-colorama = "*" | ||||
| types-setuptools = "*" | ||||
							
								
								
									
										4489
									
								
								Pipfile.lock
									
									
									
										generated
									
									
									
										Normal file
									
								
							
							
						
						
									
										4489
									
								
								Pipfile.lock
									
									
									
										generated
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							| @@ -55,7 +55,7 @@ A full list of [features](https://docs.paperless-ngx.com/#features) and [screens | ||||
|  | ||||
| # Getting started | ||||
|  | ||||
| The easiest way to deploy paperless is `docker compose`. The files in the [`/docker/compose` directory](https://github.com/paperless-ngx/paperless-ngx/tree/main/docker/compose) are configured to pull the image from the GitHub container registry. | ||||
| The easiest way to deploy paperless is `docker compose`. The files in the [`/docker/compose` directory](https://github.com/paperless-ngx/paperless-ngx/tree/main/docker/compose) are configured to pull the image from GitHub Packages. | ||||
|  | ||||
| If you'd like to jump right in, you can configure a `docker compose` environment with our install script: | ||||
|  | ||||
| @@ -83,7 +83,7 @@ People interested in continuing the work on paperless-ngx are encouraged to reac | ||||
|  | ||||
| ## Translation | ||||
|  | ||||
| Paperless-ngx is available in many languages that are coordinated on Crowdin. If you want to help out by translating paperless-ngx into your language, please head over to https://crowdin.com/project/paperless-ngx, and thank you! More details can be found in [CONTRIBUTING.md](https://github.com/paperless-ngx/paperless-ngx/blob/main/CONTRIBUTING.md#translating-paperless-ngx). | ||||
| Paperless-ngx is available in many languages that are coordinated on Crowdin. If you want to help out by translating paperless-ngx into your language, please head over to https://crwd.in/paperless-ngx, and thank you! More details can be found in [CONTRIBUTING.md](https://github.com/paperless-ngx/paperless-ngx/blob/main/CONTRIBUTING.md#translating-paperless-ngx). | ||||
|  | ||||
| ## Feature Requests | ||||
|  | ||||
|   | ||||
| @@ -5,7 +5,7 @@ | ||||
|  | ||||
| services: | ||||
|   gotenberg: | ||||
|     image: docker.io/gotenberg/gotenberg:8.20 | ||||
|     image: docker.io/gotenberg/gotenberg:8.7 | ||||
|     hostname: gotenberg | ||||
|     container_name: gotenberg | ||||
|     network_mode: host | ||||
|   | ||||
| @@ -1,17 +1,26 @@ | ||||
| ############################################################################### | ||||
| # Paperless-ngx settings                                                      # | ||||
| ############################################################################### | ||||
|  | ||||
| # See http://docs.paperless-ngx.com/configuration/ for all available options. | ||||
|  | ||||
| # The UID and GID of the user used to run paperless in the container. Set this | ||||
| # to your UID and GID on the host so that you have write access to the | ||||
| # consumption directory. | ||||
| #USERMAP_UID=1000 | ||||
| #USERMAP_GID=1000 | ||||
|  | ||||
| # See the documentation linked above for all options. A few commonly adjusted settings | ||||
| # are provided below. | ||||
| # Additional languages to install for text recognition, separated by a | ||||
| # whitespace. Note that this is | ||||
| # different from PAPERLESS_OCR_LANGUAGE (default=eng), which defines the | ||||
| # language used for OCR. | ||||
| # The container installs English, German, Italian, Spanish and French by | ||||
| # default. | ||||
| # See https://packages.debian.org/search?keywords=tesseract-ocr-&searchon=names&suite=buster | ||||
| # for available languages. | ||||
| #PAPERLESS_OCR_LANGUAGES=tur ces | ||||
|  | ||||
| ############################################################################### | ||||
| # Paperless-specific settings                                                 # | ||||
| ############################################################################### | ||||
|  | ||||
| # All settings defined in the paperless.conf.example can be used here. The | ||||
| # Docker setup does not use the configuration file. | ||||
| # A few commonly adjusted settings are provided below. | ||||
|  | ||||
| # This is required if you will be exposing Paperless-ngx on a public domain | ||||
| # (if doing so please consider security measures such as reverse proxy) | ||||
| @@ -21,17 +30,13 @@ | ||||
| # be a very long sequence of random characters. You don't need to remember it. | ||||
| #PAPERLESS_SECRET_KEY=change-me | ||||
|  | ||||
| # Use this variable to set a timezone for the Paperless Docker containers. Defaults to UTC. | ||||
| # Use this variable to set a timezone for the Paperless Docker containers. If not specified, defaults to UTC. | ||||
| #PAPERLESS_TIME_ZONE=America/Los_Angeles | ||||
|  | ||||
| # The default language to use for OCR. Set this to the language most of your | ||||
| # documents are written in. | ||||
| #PAPERLESS_OCR_LANGUAGE=eng | ||||
|  | ||||
| # Additional languages to install for text recognition, separated by a whitespace. | ||||
| # Note that this is different from PAPERLESS_OCR_LANGUAGE (default=eng), which defines | ||||
| # the language used for OCR. | ||||
| # The container installs English, German, Italian, Spanish and French by default. | ||||
| # See https://packages.debian.org/search?keywords=tesseract-ocr-&searchon=names&suite=buster | ||||
| # for available languages. | ||||
| #PAPERLESS_OCR_LANGUAGES=tur ces | ||||
| # Set if accessing paperless via a domain subpath e.g. https://domain.com/PATHPREFIX and using a reverse-proxy like traefik or nginx | ||||
| #PAPERLESS_FORCE_SCRIPT_NAME=/PATHPREFIX | ||||
| #PAPERLESS_STATIC_URL=/PATHPREFIX/static/ # trailing slash required | ||||
|   | ||||
| @@ -24,18 +24,19 @@ | ||||
| # - Copy this file as 'docker-compose.yml' and the files 'docker-compose.env' | ||||
| #   and '.env' into a folder. | ||||
| # - Run 'docker compose pull'. | ||||
| # - Run 'docker compose run --rm webserver createsuperuser' to create a user. | ||||
| # - Run 'docker compose up -d'. | ||||
|  | ||||
| # | ||||
| # For more extensive installation and update instructions, refer to the | ||||
| # documentation. | ||||
|  | ||||
| services: | ||||
|   broker: | ||||
|     image: docker.io/library/redis:8 | ||||
|     image: docker.io/library/redis:7 | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - redisdata:/data | ||||
|  | ||||
|   db: | ||||
|     image: docker.io/library/mariadb:11 | ||||
|     restart: unless-stopped | ||||
| @@ -47,6 +48,7 @@ services: | ||||
|       MARIADB_USER: paperless | ||||
|       MARIADB_PASSWORD: paperless | ||||
|       MARIADB_ROOT_PASSWORD: paperless | ||||
|  | ||||
|   webserver: | ||||
|     image: ghcr.io/paperless-ngx/paperless-ngx:latest | ||||
|     restart: unless-stopped | ||||
| @@ -73,8 +75,9 @@ services: | ||||
|       PAPERLESS_TIKA_ENABLED: 1 | ||||
|       PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000 | ||||
|       PAPERLESS_TIKA_ENDPOINT: http://tika:9998 | ||||
|  | ||||
|   gotenberg: | ||||
|     image: docker.io/gotenberg/gotenberg:8.20 | ||||
|     image: docker.io/gotenberg/gotenberg:8.7 | ||||
|     restart: unless-stopped | ||||
|     # The gotenberg chromium route is used to convert .eml files. We do not | ||||
|     # want to allow external content like tracking pixels or even javascript. | ||||
| @@ -82,9 +85,11 @@ services: | ||||
|       - "gotenberg" | ||||
|       - "--chromium-disable-javascript=true" | ||||
|       - "--chromium-allow-list=file:///tmp/.*" | ||||
|  | ||||
|   tika: | ||||
|     image: docker.io/apache/tika:latest | ||||
|     restart: unless-stopped | ||||
|  | ||||
| volumes: | ||||
|   data: | ||||
|   media: | ||||
|   | ||||
| @@ -20,6 +20,7 @@ | ||||
| # - Copy this file as 'docker-compose.yml' and the files 'docker-compose.env' | ||||
| #   and '.env' into a folder. | ||||
| # - Run 'docker compose pull'. | ||||
| # - Run 'docker compose run --rm webserver createsuperuser' to create a user. | ||||
| # - Run 'docker compose up -d'. | ||||
| # | ||||
| # For more extensive installation and update instructions, refer to the | ||||
| @@ -27,10 +28,11 @@ | ||||
|  | ||||
| services: | ||||
|   broker: | ||||
|     image: docker.io/library/redis:8 | ||||
|     image: docker.io/library/redis:7 | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - redisdata:/data | ||||
|  | ||||
|   db: | ||||
|     image: docker.io/library/mariadb:11 | ||||
|     restart: unless-stopped | ||||
| @@ -42,6 +44,7 @@ services: | ||||
|       MARIADB_USER: paperless | ||||
|       MARIADB_PASSWORD: paperless | ||||
|       MARIADB_ROOT_PASSWORD: paperless | ||||
|  | ||||
|   webserver: | ||||
|     image: ghcr.io/paperless-ngx/paperless-ngx:latest | ||||
|     restart: unless-stopped | ||||
| @@ -63,6 +66,7 @@ services: | ||||
|       PAPERLESS_DBUSER: paperless # only needed if non-default username | ||||
|       PAPERLESS_DBPASS: paperless # only needed if non-default password | ||||
|       PAPERLESS_DBPORT: 3306 | ||||
|  | ||||
| volumes: | ||||
|   data: | ||||
|   media: | ||||
|   | ||||
| @@ -19,21 +19,24 @@ | ||||
| # | ||||
| # - Open portainer Stacks list and click 'Add stack' | ||||
| # - Paste the contents of this file and assign a name, e.g. 'paperless' | ||||
| # - Upload 'docker-compose.env' by clicking on 'Load variables from .env file' | ||||
| # - Modify the environment variables as needed | ||||
| # - Click 'Deploy the stack' and wait for it to be deployed | ||||
| # - Open the list of containers, select paperless_webserver_1 | ||||
| # - Click 'Console' and then 'Connect' to open the command line inside the container | ||||
| # - Run 'python3 manage.py createsuperuser' to create a user | ||||
| # - Exit the console | ||||
| # | ||||
| # For more extensive installation and update instructions, refer to the | ||||
| # documentation. | ||||
|  | ||||
| services: | ||||
|   broker: | ||||
|     image: docker.io/library/redis:8 | ||||
|     image: docker.io/library/redis:7 | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - redisdata:/data | ||||
|  | ||||
|   db: | ||||
|     image: docker.io/library/postgres:17 | ||||
|     image: docker.io/library/postgres:16 | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - pgdata:/var/lib/postgresql/data | ||||
| @@ -41,6 +44,7 @@ services: | ||||
|       POSTGRES_DB: paperless | ||||
|       POSTGRES_USER: paperless | ||||
|       POSTGRES_PASSWORD: paperless | ||||
|  | ||||
|   webserver: | ||||
|     image: ghcr.io/paperless-ngx/paperless-ngx:latest | ||||
|     restart: unless-stopped | ||||
| @@ -57,8 +61,29 @@ services: | ||||
|     environment: | ||||
|       PAPERLESS_REDIS: redis://broker:6379 | ||||
|       PAPERLESS_DBHOST: db | ||||
|     env_file: | ||||
|       - stack.env | ||||
| # The UID and GID of the user used to run paperless in the container. Set this | ||||
| # to your UID and GID on the host so that you have write access to the | ||||
| # consumption directory. | ||||
|       USERMAP_UID: 1000 | ||||
|       USERMAP_GID: 100 | ||||
| # Additional languages to install for text recognition, separated by a | ||||
| # whitespace. Note that this is | ||||
| # different from PAPERLESS_OCR_LANGUAGE (default=eng), which defines the | ||||
| # language used for OCR. | ||||
| # The container installs English, German, Italian, Spanish and French by | ||||
| # default. | ||||
| # See https://packages.debian.org/search?keywords=tesseract-ocr-&searchon=names&suite=buster | ||||
| # for available languages. | ||||
|       #PAPERLESS_OCR_LANGUAGES: tur ces | ||||
| # Adjust this key if you plan to make paperless available publicly. It should | ||||
| # be a very long sequence of random characters. You don't need to remember it. | ||||
|       #PAPERLESS_SECRET_KEY: change-me | ||||
| # Use this variable to set a timezone for the Paperless Docker containers. If not specified, defaults to UTC. | ||||
|       #PAPERLESS_TIME_ZONE: America/Los_Angeles | ||||
| # The default language to use for OCR. Set this to the language most of your | ||||
| # documents are written in. | ||||
|       #PAPERLESS_OCR_LANGUAGE: eng | ||||
|  | ||||
| volumes: | ||||
|   data: | ||||
|   media: | ||||
|   | ||||
| @@ -24,6 +24,7 @@ | ||||
| # - Copy this file as 'docker-compose.yml' and the files 'docker-compose.env' | ||||
| #   and '.env' into a folder. | ||||
| # - Run 'docker compose pull'. | ||||
| # - Run 'docker compose run --rm webserver createsuperuser' to create a user. | ||||
| # - Run 'docker compose up -d'. | ||||
| # | ||||
| # For more extensive installation and update instructions, refer to the | ||||
| @@ -31,12 +32,13 @@ | ||||
|  | ||||
| services: | ||||
|   broker: | ||||
|     image: docker.io/library/redis:8 | ||||
|     image: docker.io/library/redis:7 | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - redisdata:/data | ||||
|  | ||||
|   db: | ||||
|     image: docker.io/library/postgres:17 | ||||
|     image: docker.io/library/postgres:16 | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - pgdata:/var/lib/postgresql/data | ||||
| @@ -44,6 +46,7 @@ services: | ||||
|       POSTGRES_DB: paperless | ||||
|       POSTGRES_USER: paperless | ||||
|       POSTGRES_PASSWORD: paperless | ||||
|  | ||||
|   webserver: | ||||
|     image: ghcr.io/paperless-ngx/paperless-ngx:latest | ||||
|     restart: unless-stopped | ||||
| @@ -66,18 +69,22 @@ services: | ||||
|       PAPERLESS_TIKA_ENABLED: 1 | ||||
|       PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000 | ||||
|       PAPERLESS_TIKA_ENDPOINT: http://tika:9998 | ||||
|  | ||||
|   gotenberg: | ||||
|     image: docker.io/gotenberg/gotenberg:8.20 | ||||
|     image: docker.io/gotenberg/gotenberg:8.7 | ||||
|     restart: unless-stopped | ||||
|  | ||||
|     # The gotenberg chromium route is used to convert .eml files. We do not | ||||
|     # want to allow external content like tracking pixels or even javascript. | ||||
|     command: | ||||
|       - "gotenberg" | ||||
|       - "--chromium-disable-javascript=true" | ||||
|       - "--chromium-allow-list=file:///tmp/.*" | ||||
|  | ||||
|   tika: | ||||
|     image: docker.io/apache/tika:latest | ||||
|     restart: unless-stopped | ||||
|  | ||||
| volumes: | ||||
|   data: | ||||
|   media: | ||||
|   | ||||
| @@ -20,6 +20,7 @@ | ||||
| # - Copy this file as 'docker-compose.yml' and the files 'docker-compose.env' | ||||
| #   and '.env' into a folder. | ||||
| # - Run 'docker compose pull'. | ||||
| # - Run 'docker compose run --rm webserver createsuperuser' to create a user. | ||||
| # - Run 'docker compose up -d'. | ||||
| # | ||||
| # For more extensive installation and update instructions, refer to the | ||||
| @@ -27,12 +28,13 @@ | ||||
|  | ||||
| services: | ||||
|   broker: | ||||
|     image: docker.io/library/redis:8 | ||||
|     image: docker.io/library/redis:7 | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - redisdata:/data | ||||
|  | ||||
|   db: | ||||
|     image: docker.io/library/postgres:17 | ||||
|     image: docker.io/library/postgres:16 | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - pgdata:/var/lib/postgresql/data | ||||
| @@ -40,6 +42,7 @@ services: | ||||
|       POSTGRES_DB: paperless | ||||
|       POSTGRES_USER: paperless | ||||
|       POSTGRES_PASSWORD: paperless | ||||
|  | ||||
|   webserver: | ||||
|     image: ghcr.io/paperless-ngx/paperless-ngx:latest | ||||
|     restart: unless-stopped | ||||
| @@ -57,6 +60,7 @@ services: | ||||
|     environment: | ||||
|       PAPERLESS_REDIS: redis://broker:6379 | ||||
|       PAPERLESS_DBHOST: db | ||||
|  | ||||
| volumes: | ||||
|   data: | ||||
|   media: | ||||
|   | ||||
| @@ -24,6 +24,7 @@ | ||||
| # - Copy this file as 'docker-compose.yml' and the files 'docker-compose.env' | ||||
| #   and '.env' into a folder. | ||||
| # - Run 'docker compose pull'. | ||||
| # - Run 'docker compose run --rm webserver createsuperuser' to create a user. | ||||
| # - Run 'docker compose up -d'. | ||||
| # | ||||
| # For more extensive installation and update instructions, refer to the | ||||
| @@ -31,10 +32,11 @@ | ||||
|  | ||||
| services: | ||||
|   broker: | ||||
|     image: docker.io/library/redis:8 | ||||
|     image: docker.io/library/redis:7 | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - redisdata:/data | ||||
|  | ||||
|   webserver: | ||||
|     image: ghcr.io/paperless-ngx/paperless-ngx:latest | ||||
|     restart: unless-stopped | ||||
| @@ -55,18 +57,22 @@ services: | ||||
|       PAPERLESS_TIKA_ENABLED: 1 | ||||
|       PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000 | ||||
|       PAPERLESS_TIKA_ENDPOINT: http://tika:9998 | ||||
|  | ||||
|   gotenberg: | ||||
|     image: docker.io/gotenberg/gotenberg:8.20 | ||||
|     image: docker.io/gotenberg/gotenberg:8.7 | ||||
|     restart: unless-stopped | ||||
|  | ||||
|     # The gotenberg chromium route is used to convert .eml files. We do not | ||||
|     # want to allow external content like tracking pixels or even javascript. | ||||
|     command: | ||||
|       - "gotenberg" | ||||
|       - "--chromium-disable-javascript=true" | ||||
|       - "--chromium-allow-list=file:///tmp/.*" | ||||
|  | ||||
|   tika: | ||||
|     image: docker.io/apache/tika:latest | ||||
|     restart: unless-stopped | ||||
|  | ||||
| volumes: | ||||
|   data: | ||||
|   media: | ||||
|   | ||||
| @@ -17,6 +17,7 @@ | ||||
| # - Copy this file as 'docker-compose.yml' and the files 'docker-compose.env' | ||||
| #   and '.env' into a folder. | ||||
| # - Run 'docker compose pull'. | ||||
| # - Run 'docker compose run --rm webserver createsuperuser' to create a user. | ||||
| # - Run 'docker compose up -d'. | ||||
| # | ||||
| # For more extensive installation and update instructions, refer to the | ||||
| @@ -24,10 +25,11 @@ | ||||
|  | ||||
| services: | ||||
|   broker: | ||||
|     image: docker.io/library/redis:8 | ||||
|     image: docker.io/library/redis:7 | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - redisdata:/data | ||||
|  | ||||
|   webserver: | ||||
|     image: ghcr.io/paperless-ngx/paperless-ngx:latest | ||||
|     restart: unless-stopped | ||||
| @@ -43,6 +45,7 @@ services: | ||||
|     env_file: docker-compose.env | ||||
|     environment: | ||||
|       PAPERLESS_REDIS: redis://broker:6379 | ||||
|  | ||||
| volumes: | ||||
|   data: | ||||
|   media: | ||||
|   | ||||
							
								
								
									
										179
									
								
								docker/docker-entrypoint.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										179
									
								
								docker/docker-entrypoint.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,179 @@ | ||||
| #!/usr/bin/env bash | ||||
|  | ||||
| set -e | ||||
|  | ||||
| # Source: https://github.com/sameersbn/docker-gitlab/ | ||||
| map_uidgid() { | ||||
| 	local -r usermap_original_uid=$(id -u paperless) | ||||
| 	local -r usermap_original_gid=$(id -g paperless) | ||||
| 	local -r usermap_new_uid=${USERMAP_UID:-$usermap_original_uid} | ||||
| 	local -r usermap_new_gid=${USERMAP_GID:-${usermap_original_gid:-$usermap_new_uid}} | ||||
| 	if [[ ${usermap_new_uid} != "${usermap_original_uid}" || ${usermap_new_gid} != "${usermap_original_gid}" ]]; then | ||||
| 		echo "Mapping UID and GID for paperless:paperless to $usermap_new_uid:$usermap_new_gid" | ||||
| 		usermod --non-unique --uid "${usermap_new_uid}" paperless | ||||
| 		groupmod --non-unique --gid "${usermap_new_gid}" paperless | ||||
| 	fi | ||||
| } | ||||
|  | ||||
| map_folders() { | ||||
| 	# Export these so they can be used in docker-prepare.sh | ||||
| 	export DATA_DIR="${PAPERLESS_DATA_DIR:-/usr/src/paperless/data}" | ||||
| 	export MEDIA_ROOT_DIR="${PAPERLESS_MEDIA_ROOT:-/usr/src/paperless/media}" | ||||
| 	export CONSUME_DIR="${PAPERLESS_CONSUMPTION_DIR:-/usr/src/paperless/consume}" | ||||
| } | ||||
|  | ||||
| custom_container_init() { | ||||
| 	# Mostly borrowed from the LinuxServer.io base image | ||||
| 	# https://github.com/linuxserver/docker-baseimage-ubuntu/tree/bionic/root/etc/cont-init.d | ||||
| 	local -r custom_script_dir="/custom-cont-init.d" | ||||
| 	# Tamper checking. | ||||
| 	# Don't run files which are owned by anyone except root | ||||
| 	# Don't run files which are writeable by others | ||||
| 	if [ -d "${custom_script_dir}" ]; then | ||||
| 		if [ -n "$(/usr/bin/find "${custom_script_dir}" -maxdepth 1 ! -user root)" ]; then | ||||
| 			echo "**** Potential tampering with custom scripts detected ****" | ||||
| 			echo "**** The folder '${custom_script_dir}' must be owned by root ****" | ||||
| 			return 0 | ||||
| 		fi | ||||
| 		if [ -n "$(/usr/bin/find "${custom_script_dir}" -maxdepth 1 -perm -o+w)" ]; then | ||||
| 			echo "**** The folder '${custom_script_dir}' or some of contents have write permissions for others, which is a security risk. ****" | ||||
| 			echo "**** Please review the permissions and their contents to make sure they are owned by root, and can only be modified by root. ****" | ||||
| 			return 0 | ||||
| 		fi | ||||
|  | ||||
| 		# Make sure custom init directory has files in it | ||||
| 		if [ -n "$(/bin/ls --almost-all "${custom_script_dir}" 2>/dev/null)" ]; then | ||||
| 			echo "[custom-init] files found in ${custom_script_dir} executing" | ||||
| 			# Loop over files in the directory | ||||
| 			for SCRIPT in "${custom_script_dir}"/*; do | ||||
| 				NAME="$(basename "${SCRIPT}")" | ||||
| 				if [ -f "${SCRIPT}" ]; then | ||||
| 					echo "[custom-init] ${NAME}: executing..." | ||||
| 					/bin/bash "${SCRIPT}" | ||||
| 					echo "[custom-init] ${NAME}: exited $?" | ||||
| 				elif [ ! -f "${SCRIPT}" ]; then | ||||
| 					echo "[custom-init] ${NAME}: is not a file" | ||||
| 				fi | ||||
| 			done | ||||
| 		else | ||||
| 			echo "[custom-init] no custom files found exiting..." | ||||
| 		fi | ||||
|  | ||||
| 	fi | ||||
| } | ||||
|  | ||||
| initialize() { | ||||
|  | ||||
| 	# Setup environment from secrets before anything else | ||||
| 	# Check for a version of this var with _FILE appended | ||||
| 	# and convert the contents to the env var value | ||||
| 	# Source it so export is persistent | ||||
| 	# shellcheck disable=SC1091 | ||||
| 	source /sbin/env-from-file.sh | ||||
|  | ||||
| 	# Change the user and group IDs if needed | ||||
| 	map_uidgid | ||||
|  | ||||
| 	# Check for overrides of certain folders | ||||
| 	map_folders | ||||
|  | ||||
| 	local -r export_dir="/usr/src/paperless/export" | ||||
|  | ||||
| 	for dir in \ | ||||
| 		"${export_dir}" \ | ||||
| 		"${DATA_DIR}" "${DATA_DIR}/index" \ | ||||
| 		"${MEDIA_ROOT_DIR}" "${MEDIA_ROOT_DIR}/documents" "${MEDIA_ROOT_DIR}/documents/originals" "${MEDIA_ROOT_DIR}/documents/thumbnails" \ | ||||
| 		"${CONSUME_DIR}"; do | ||||
| 		if [[ ! -d "${dir}" ]]; then | ||||
| 			echo "Creating directory ${dir}" | ||||
| 			mkdir --parents --verbose "${dir}" | ||||
| 		fi | ||||
| 	done | ||||
|  | ||||
| 	local -r tmp_dir="${PAPERLESS_SCRATCH_DIR:=/tmp/paperless}" | ||||
| 	echo "Creating directory scratch directory ${tmp_dir}" | ||||
| 	mkdir --parents --verbose "${tmp_dir}" | ||||
|  | ||||
| 	set +e | ||||
| 	echo "Adjusting permissions of paperless files. This may take a while." | ||||
| 	chown -R paperless:paperless "${tmp_dir}" | ||||
| 	for dir in \ | ||||
| 		"${export_dir}" \ | ||||
| 		"${DATA_DIR}" \ | ||||
| 		"${MEDIA_ROOT_DIR}" \ | ||||
| 		"${CONSUME_DIR}"; do | ||||
| 		find "${dir}" -not \( -user paperless -and -group paperless \) -exec chown --changes paperless:paperless {} + | ||||
| 	done | ||||
| 	set -e | ||||
|  | ||||
| 	"${gosu_cmd[@]}" /sbin/docker-prepare.sh | ||||
|  | ||||
| 	# Leave this last thing | ||||
| 	custom_container_init | ||||
|  | ||||
| } | ||||
|  | ||||
| install_languages() { | ||||
| 	echo "Installing languages..." | ||||
|  | ||||
| 	read -ra langs <<<"$1" | ||||
|  | ||||
| 	# Check that it is not empty | ||||
| 	if [ ${#langs[@]} -eq 0 ]; then | ||||
| 		return | ||||
| 	fi | ||||
|  | ||||
| 	# Build list of packages to install | ||||
| 	to_install=() | ||||
| 	for lang in "${langs[@]}"; do | ||||
| 		pkg="tesseract-ocr-$lang" | ||||
|  | ||||
| 		if dpkg --status "$pkg" &>/dev/null; then | ||||
| 			echo "Package $pkg already installed!" | ||||
| 			continue | ||||
| 		else | ||||
| 			to_install+=("$pkg") | ||||
| 		fi | ||||
| 	done | ||||
|  | ||||
| 	# Use apt only when we install packages | ||||
| 	if [ ${#to_install[@]} -gt 0 ]; then | ||||
| 		apt-get update | ||||
|  | ||||
| 		for pkg in "${to_install[@]}"; do | ||||
|  | ||||
| 			if ! apt-cache show "$pkg" &>/dev/null; then | ||||
| 				echo "Skipped $pkg: Package not found! :(" | ||||
| 				continue | ||||
| 			fi | ||||
|  | ||||
| 			echo "Installing package $pkg..." | ||||
| 			if ! apt-get --assume-yes install "$pkg" &>/dev/null; then | ||||
| 				echo "Could not install $pkg" | ||||
| 				exit 1 | ||||
| 			fi | ||||
| 		done | ||||
| 	fi | ||||
| } | ||||
|  | ||||
| echo "Paperless-ngx docker container starting..." | ||||
|  | ||||
| gosu_cmd=(gosu paperless) | ||||
| if [ "$(id --user)" == "$(id --user paperless)" ]; then | ||||
| 	gosu_cmd=() | ||||
| fi | ||||
|  | ||||
| # Install additional languages if specified | ||||
| if [[ -n "$PAPERLESS_OCR_LANGUAGES" ]]; then | ||||
| 	install_languages "$PAPERLESS_OCR_LANGUAGES" | ||||
| fi | ||||
|  | ||||
| initialize | ||||
|  | ||||
| if [[ "$1" != "/"* ]]; then | ||||
| 	echo Executing management command "$@" | ||||
| 	exec "${gosu_cmd[@]}" python3 manage.py "$@" | ||||
| else | ||||
| 	echo Executing "$@" | ||||
| 	exec "$@" | ||||
| fi | ||||
							
								
								
									
										120
									
								
								docker/docker-prepare.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										120
									
								
								docker/docker-prepare.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,120 @@ | ||||
| #!/usr/bin/env bash | ||||
|  | ||||
| set -e | ||||
|  | ||||
| wait_for_postgres() { | ||||
| 	local attempt_num=1 | ||||
| 	local -r max_attempts=5 | ||||
|  | ||||
| 	echo "Waiting for PostgreSQL to start..." | ||||
|  | ||||
| 	local -r host="${PAPERLESS_DBHOST:-localhost}" | ||||
| 	local -r port="${PAPERLESS_DBPORT:-5432}" | ||||
|  | ||||
| 	# Disable warning, host and port can't have spaces | ||||
| 	# shellcheck disable=SC2086 | ||||
| 	while [ ! "$(pg_isready --host ${host} --port ${port})" ]; do | ||||
|  | ||||
| 		if [ $attempt_num -eq $max_attempts ]; then | ||||
| 			echo "Unable to connect to database." | ||||
| 			exit 1 | ||||
| 		else | ||||
| 			echo "Attempt $attempt_num failed! Trying again in 5 seconds..." | ||||
| 		fi | ||||
|  | ||||
| 		attempt_num=$(("$attempt_num" + 1)) | ||||
| 		sleep 5 | ||||
| 	done | ||||
| 	echo "Connected to PostgreSQL" | ||||
| } | ||||
|  | ||||
| wait_for_mariadb() { | ||||
| 	echo "Waiting for MariaDB to start..." | ||||
|  | ||||
| 	local -r host="${PAPERLESS_DBHOST:=localhost}" | ||||
| 	local -r port="${PAPERLESS_DBPORT:=3306}" | ||||
|  | ||||
| 	local attempt_num=1 | ||||
| 	local -r max_attempts=5 | ||||
|  | ||||
| 	# Disable warning, host and port can't have spaces | ||||
| 	# shellcheck disable=SC2086 | ||||
| 	while ! true > /dev/tcp/$host/$port; do | ||||
|  | ||||
| 		if [ $attempt_num -eq $max_attempts ]; then | ||||
| 			echo "Unable to connect to database." | ||||
| 			exit 1 | ||||
| 		else | ||||
| 			echo "Attempt $attempt_num failed! Trying again in 5 seconds..." | ||||
|  | ||||
| 		fi | ||||
|  | ||||
| 		attempt_num=$(("$attempt_num" + 1)) | ||||
| 		sleep 5 | ||||
| 	done | ||||
| 	echo "Connected to MariaDB" | ||||
| } | ||||
|  | ||||
| wait_for_redis() { | ||||
| 	# We use a Python script to send the Redis ping | ||||
| 	# instead of installing redis-tools just for 1 thing | ||||
| 	if ! python3 /sbin/wait-for-redis.py; then | ||||
| 		exit 1 | ||||
| 	fi | ||||
| } | ||||
|  | ||||
| migrations() { | ||||
| 	( | ||||
| 		# flock is in place to prevent multiple containers from doing migrations | ||||
| 		# simultaneously. This also ensures that the db is ready when the command | ||||
| 		# of the current container starts. | ||||
| 		flock 200 | ||||
| 		echo "Apply database migrations..." | ||||
| 		python3 manage.py migrate --skip-checks --no-input | ||||
| 	) 200>"${DATA_DIR}/migration_lock" | ||||
| } | ||||
|  | ||||
| django_checks() { | ||||
| 	# Explicitly run the Django system checks | ||||
| 	echo "Running Django checks" | ||||
| 	python3 manage.py check | ||||
| } | ||||
|  | ||||
| search_index() { | ||||
|  | ||||
| 	local -r index_version=9 | ||||
| 	local -r index_version_file=${DATA_DIR}/.index_version | ||||
|  | ||||
| 	if [[ (! -f "${index_version_file}") || $(<"${index_version_file}") != "$index_version" ]]; then | ||||
| 		echo "Search index out of date. Updating..." | ||||
| 		python3 manage.py document_index reindex --no-progress-bar | ||||
| 		echo ${index_version} | tee "${index_version_file}" >/dev/null | ||||
| 	fi | ||||
| } | ||||
|  | ||||
| superuser() { | ||||
| 	if [[ -n "${PAPERLESS_ADMIN_USER}" ]]; then | ||||
| 		python3 manage.py manage_superuser | ||||
| 	fi | ||||
| } | ||||
|  | ||||
| do_work() { | ||||
| 	if [[ "${PAPERLESS_DBENGINE}" == "mariadb" ]]; then | ||||
| 		wait_for_mariadb | ||||
| 	elif [[ -n "${PAPERLESS_DBHOST}" ]]; then | ||||
| 		wait_for_postgres | ||||
| 	fi | ||||
|  | ||||
| 	wait_for_redis | ||||
|  | ||||
| 	migrations | ||||
|  | ||||
| 	django_checks | ||||
|  | ||||
| 	search_index | ||||
|  | ||||
| 	superuser | ||||
|  | ||||
| } | ||||
|  | ||||
| do_work | ||||
							
								
								
									
										42
									
								
								docker/env-from-file.sh
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										42
									
								
								docker/env-from-file.sh
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,42 @@ | ||||
| #!/usr/bin/env bash | ||||
|  | ||||
| # Scans the environment variables for those with the suffix _FILE | ||||
| # When located, checks the file exists, and exports the contents | ||||
| # of the file as the same name, minus the suffix | ||||
| # This allows the use of Docker secrets or mounted files | ||||
| # to fill in any of the settings configurable via environment | ||||
| # variables | ||||
|  | ||||
| set -eu | ||||
|  | ||||
| for line in $(printenv) | ||||
| do | ||||
| 	# Extract the name of the environment variable | ||||
| 	env_name=${line%%=*} | ||||
| 	# Check if it starts with "PAPERLESS_" and ends in "_FILE" | ||||
| 	if [[ ${env_name} == PAPERLESS_*_FILE ]]; then | ||||
| 		# This should have been named different.. | ||||
| 		if [[ ${env_name} == "PAPERLESS_OCR_SKIP_ARCHIVE_FILE" || ${env_name} == "PAPERLESS_MODEL_FILE" ]]; then | ||||
| 			continue | ||||
| 		fi | ||||
| 		# Extract the value of the environment | ||||
| 		env_value=${line#*=} | ||||
|  | ||||
| 		# Check the file exists | ||||
| 		if [[ -f ${env_value} ]]; then | ||||
|  | ||||
| 			# Trim off the _FILE suffix | ||||
| 			non_file_env_name=${env_name%"_FILE"} | ||||
| 			echo "Setting ${non_file_env_name} from file" | ||||
|  | ||||
| 			# Reads the value from th file | ||||
| 			val="$(< "${!env_name}")" | ||||
|  | ||||
| 			# Sets the normal name to the read file contents | ||||
| 			export "${non_file_env_name}"="${val}" | ||||
|  | ||||
| 		else | ||||
| 			echo "File ${env_value} referenced by ${env_name} doesn't exist" | ||||
| 		fi | ||||
| 	fi | ||||
| done | ||||
							
								
								
									
										12
									
								
								docker/flower-conditional.sh
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								docker/flower-conditional.sh
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,12 @@ | ||||
| #!/usr/bin/env bash | ||||
|  | ||||
| echo "Checking if we should start flower..." | ||||
|  | ||||
| if [[ -n  "${PAPERLESS_ENABLE_FLOWER}" ]]; then | ||||
| 	# Small delay to allow celery to be up first | ||||
| 	echo "Starting flower in 5s" | ||||
| 	sleep 5 | ||||
| 	celery --app paperless flower --conf=/usr/src/paperless/src/paperless/flowerconfig.py | ||||
| else | ||||
| 	echo "Not starting flower" | ||||
| fi | ||||
										
											Binary file not shown.
										
									
								
							| Before Width: | Height: | Size: 30 KiB | 
| @@ -1,7 +1,5 @@ | ||||
| #!/usr/bin/env bash | ||||
|  | ||||
| # Run this script to generate the management commands again (for example if a new command is create or the template is updated) | ||||
|  | ||||
| set -eu | ||||
|  | ||||
| for command in decrypt_documents \ | ||||
| @@ -17,11 +15,9 @@ for command in decrypt_documents \ | ||||
| 	document_sanity_checker \ | ||||
| 	document_fuzzy_match \ | ||||
| 	manage_superuser \ | ||||
| 	convert_mariadb_uuid \ | ||||
| 	prune_audit_logs \ | ||||
| 	createsuperuser; | ||||
| 	convert_mariadb_uuid; | ||||
| do | ||||
| 	echo "installing $command..." | ||||
| 	sed "s/management_command/$command/g" management_script.sh >"$PWD/rootfs/usr/local/bin/$command" | ||||
| 	chmod u=rwx,g=rwx,o=rx "$PWD/rootfs/usr/local/bin/$command" | ||||
| 	sed "s/management_command/$command/g" management_script.sh > /usr/local/bin/$command | ||||
| 	chmod +x /usr/local/bin/$command | ||||
| done | ||||
|   | ||||
| @@ -1,13 +1,17 @@ | ||||
| #!/command/with-contenv /usr/bin/bash | ||||
| # shellcheck shell=bash | ||||
| #!/usr/bin/env bash | ||||
|  | ||||
| set -e | ||||
|  | ||||
| cd "${PAPERLESS_SRC_DIR}" | ||||
| cd /usr/src/paperless/src/ | ||||
| # This ensures environment is setup | ||||
| # shellcheck disable=SC1091 | ||||
| source /sbin/env-from-file.sh | ||||
|  | ||||
| if [[ $(id -u) == 0 ]]; then | ||||
| 	s6-setuidgid paperless python3 manage.py management_command "$@" | ||||
| elif [[ $(id -un) == "paperless" ]]; then | ||||
| if [[ $(id -u) == 0 ]] ; | ||||
| then | ||||
| 	gosu paperless python3 manage.py management_command "$@" | ||||
| elif [[ $(id -un) == "paperless" ]] ; | ||||
| then | ||||
| 	python3 manage.py management_command "$@" | ||||
| else | ||||
| 	echo "Unknown user." | ||||
|   | ||||
							
								
								
									
										16
									
								
								docker/paperless_cmd.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										16
									
								
								docker/paperless_cmd.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,16 @@ | ||||
| #!/usr/bin/env bash | ||||
|  | ||||
| SUPERVISORD_WORKING_DIR="${PAPERLESS_SUPERVISORD_WORKING_DIR:-$PWD}" | ||||
| rootless_args=() | ||||
| if [ "$(id -u)" == "$(id -u paperless)" ]; then | ||||
| 	rootless_args=( | ||||
| 		--user | ||||
| 		paperless | ||||
| 		--logfile | ||||
| 		"${SUPERVISORD_WORKING_DIR}/supervisord.log" | ||||
| 		--pidfile | ||||
| 		"${SUPERVISORD_WORKING_DIR}/supervisord.pid" | ||||
| 	) | ||||
| fi | ||||
|  | ||||
| exec /usr/local/bin/supervisord -c /etc/supervisord.conf "${rootless_args[@]}" | ||||
| @@ -1,8 +0,0 @@ | ||||
| #!/command/with-contenv /usr/bin/bash | ||||
| # shellcheck shell=bash | ||||
| declare -r log_prefix="[init-complete]" | ||||
| declare -r end_time=$(date +%s) | ||||
| declare -r start_time=${PAPERLESS_START_TIME_S} | ||||
|  | ||||
| echo "${log_prefix} paperless-ngx docker container init completed in $(($end_time-$start_time)) seconds" | ||||
| echo "${log_prefix} Starting services" | ||||
| @@ -1 +0,0 @@ | ||||
| oneshot | ||||
| @@ -1 +0,0 @@ | ||||
| /etc/s6-overlay/s6-rc.d/init-complete/run | ||||
| @@ -1,44 +0,0 @@ | ||||
| #!/command/with-contenv /usr/bin/bash | ||||
| # shellcheck shell=bash | ||||
|  | ||||
| declare -r log_prefix="[custom-init]" | ||||
|  | ||||
| # Mostly borrowed from the LinuxServer.io base image | ||||
| # https://github.com/linuxserver/docker-baseimage-ubuntu/tree/bionic/root/etc/cont-init.d | ||||
| declare -r custom_script_dir="/custom-cont-init.d" | ||||
|  | ||||
| # Tamper checking. | ||||
| # Don't run files which are owned by anyone except root | ||||
| # Don't run files which are writeable by others | ||||
| if [ -d "${custom_script_dir}" ]; then | ||||
| 	if [ -n "$(/usr/bin/find "${custom_script_dir}" -maxdepth 1 ! -user root)" ]; then | ||||
| 		echo "${log_prefix} **** Potential tampering with custom scripts detected ****" | ||||
| 		echo "${log_prefix} **** The folder '${custom_script_dir}' must be owned by root ****" | ||||
| 		exit 0 | ||||
| 	fi | ||||
| 	if [ -n "$(/usr/bin/find "${custom_script_dir}" -maxdepth 1 -perm -o+w)" ]; then | ||||
| 		echo "${log_prefix} **** The folder '${custom_script_dir}' or some of contents have write permissions for others, which is a security risk. ****" | ||||
| 		echo "${log_prefix} **** Please review the permissions and their contents to make sure they are owned by root, and can only be modified by root. ****" | ||||
| 		exit 0 | ||||
| 	fi | ||||
|  | ||||
| 	# Make sure custom init directory has files in it | ||||
| 	if [ -n "$(/bin/ls --almost-all "${custom_script_dir}" 2>/dev/null)" ]; then | ||||
| 		echo "${log_prefix} files found in ${custom_script_dir} executing" | ||||
| 		# Loop over files in the directory | ||||
| 		for SCRIPT in "${custom_script_dir}"/*; do | ||||
| 			NAME="$(basename "${SCRIPT}")" | ||||
| 			if [ -f "${SCRIPT}" ]; then | ||||
| 				echo "${log_prefix} ${NAME}: executing..." | ||||
| 				/command/with-contenv /bin/bash "${SCRIPT}" | ||||
| 				echo "${log_prefix} ${NAME}: exited $?" | ||||
| 			elif [ ! -f "${SCRIPT}" ]; then | ||||
| 				echo "${log_prefix} ${NAME}: is not a file" | ||||
| 			fi | ||||
| 		done | ||||
| 	else | ||||
| 		echo "${log_prefix} no custom files found exiting..." | ||||
| 	fi | ||||
| else | ||||
| 	echo "${log_prefix} ${custom_script_dir} doesn't exist, nothing to do" | ||||
| fi | ||||
| @@ -1 +0,0 @@ | ||||
| oneshot | ||||
| @@ -1 +0,0 @@ | ||||
| /etc/s6-overlay/s6-rc.d/init-custom-init/run | ||||
| @@ -1,33 +0,0 @@ | ||||
| #!/command/with-contenv /usr/bin/bash | ||||
| # shellcheck shell=bash | ||||
|  | ||||
| declare -r log_prefix="[env-init]" | ||||
|  | ||||
| echo "${log_prefix} Checking for environment from files" | ||||
|  | ||||
| if find /run/s6/container_environment/*"_FILE" -maxdepth 1 > /dev/null 2>&1; then | ||||
| 	for FILENAME in /run/s6/container_environment/*; do | ||||
| 		if [[ "${FILENAME##*/}" == PAPERLESS_*_FILE ]]; then | ||||
| 			# This should have been named different.. | ||||
| 			if [[ "${FILENAME##*/}" == "PAPERLESS_OCR_SKIP_ARCHIVE_FILE" || "${FILENAME##*/}" == "PAPERLESS_MODEL_FILE" ]]; then | ||||
| 				continue | ||||
| 			fi | ||||
| 			SECRETFILE=$(cat "${FILENAME}") | ||||
| 			# Check the file exists | ||||
| 			if [[ -f ${SECRETFILE} ]]; then | ||||
| 				# Trim off trailing _FILE | ||||
| 				FILESTRIP=${FILENAME//_FILE/} | ||||
| 				if [[ $(tail -n1 "${SECRETFILE}" | wc -l) != 0 ]]; then | ||||
| 					echo "${log_prefix} Your secret: ${FILENAME##*/} contains a trailing newline and may not work as expected" | ||||
| 				fi | ||||
| 				# Set environment variable | ||||
| 				cat "${SECRETFILE}" > "${FILESTRIP}" | ||||
| 				echo "${log_prefix} ${FILESTRIP##*/} set from ${FILENAME##*/}" | ||||
| 			else | ||||
| 				echo "${log_prefix} cannot find secret in ${FILENAME##*/}" | ||||
| 			fi | ||||
| 		fi | ||||
| 	done | ||||
| else | ||||
| 		echo "${log_prefix} No *_FILE environment found" | ||||
| fi | ||||
| @@ -1 +0,0 @@ | ||||
| oneshot | ||||
| @@ -1 +0,0 @@ | ||||
| /etc/s6-overlay/s6-rc.d/init-env-file/run | ||||
| @@ -1,65 +0,0 @@ | ||||
| #!/command/with-contenv /usr/bin/bash | ||||
| # shellcheck shell=bash | ||||
|  | ||||
| declare -r log_prefix="[init-folders]" | ||||
|  | ||||
| declare -r export_dir="/usr/src/paperless/export" | ||||
| declare -r data_dir="${PAPERLESS_DATA_DIR:-/usr/src/paperless/data}" | ||||
| declare -r media_root_dir="${PAPERLESS_MEDIA_ROOT:-/usr/src/paperless/media}" | ||||
| declare -r consume_dir="${PAPERLESS_CONSUMPTION_DIR:-/usr/src/paperless/consume}" | ||||
| declare -r tmp_dir="${PAPERLESS_SCRATCH_DIR:=/tmp/paperless}" | ||||
|  | ||||
| declare -r main_dirs=( | ||||
| 	"${export_dir}" | ||||
| 	"${data_dir}" | ||||
| 	"${media_root_dir}" | ||||
| 	"${consume_dir}" | ||||
| 	"${tmp_dir}" | ||||
| ) | ||||
|  | ||||
| declare -r extra_dirs=( | ||||
| 	"${main_dirs[@]}" | ||||
| 	"${data_dir}/index" | ||||
| 	"${media_root_dir}/documents" | ||||
| 	"${media_root_dir}/documents/originals" | ||||
| 	"${media_root_dir}/documents/thumbnails" | ||||
| ) | ||||
|  | ||||
| if [[ -n "${USER_IS_NON_ROOT}" ]]; then | ||||
| 	# Non-root mode: Create directories as current user, warn about permission issues | ||||
| 	echo "${log_prefix} Running in non-root mode, checking directories" | ||||
| 	current_uid=$(id --user) | ||||
| 	current_gid=$(id --group) | ||||
|  | ||||
| 	for dir in "${extra_dirs[@]}"; do | ||||
| 		if [[ ! -d "${dir}" ]]; then | ||||
| 			mkdir --parents --verbose "${dir}" || echo "${log_prefix} WARNING: Could not create ${dir} - permission denied" | ||||
| 		fi | ||||
| 		# Check permissions on existing directories too | ||||
| 		if [[ -d "${dir}" && ! -w "${dir}" ]]; then | ||||
| 			echo "${log_prefix} WARNING: No write permission to ${dir}" | ||||
| 		fi | ||||
| 	done | ||||
|  | ||||
| 	# Warn about ownership issues | ||||
| 	for dir in "${main_dirs[@]}"; do | ||||
| 		if [[ -d "${dir}" ]]; then | ||||
| 			find "${dir}" -not \( -user ${current_uid} -and -group ${current_gid} \) -exec echo "${log_prefix} WARNING: Permission issue on {}: not owned by current user (${current_uid}:${current_gid})" \; 2>/dev/null || echo "${log_prefix} WARNING: Cannot check permissions on ${dir}" | ||||
| 		fi | ||||
| 	done | ||||
| else | ||||
| 	# Root mode: Create and fix permissions as needed | ||||
| 	echo "${log_prefix} Running with root privileges, adjusting directories and permissions" | ||||
|  | ||||
| 	# First create directories | ||||
| 	for dir in "${extra_dirs[@]}"; do | ||||
| 		if [[ ! -d "${dir}" ]]; then | ||||
| 			mkdir --parents --verbose "${dir}" | ||||
| 		fi | ||||
| 	done | ||||
|  | ||||
| 	# Then fix permissions on all directories | ||||
| 	for dir in "${main_dirs[@]}"; do | ||||
| 		find "${dir}" -not \( -user paperless -and -group paperless \) -exec chown --changes paperless:paperless {} + | ||||
| 	done | ||||
| fi | ||||
| @@ -1 +0,0 @@ | ||||
| oneshot | ||||
| @@ -1 +0,0 @@ | ||||
| /etc/s6-overlay/s6-rc.d/init-folders/run | ||||
| @@ -1,18 +0,0 @@ | ||||
| #!/command/with-contenv /usr/bin/bash | ||||
| # shellcheck shell=bash | ||||
| declare -r log_prefix="[init-migrations]" | ||||
|  | ||||
| declare -r data_dir="${PAPERLESS_DATA_DIR:-/usr/src/paperless/data}" | ||||
|  | ||||
| echo "${log_prefix} Apply database migrations..." | ||||
|  | ||||
| cd "${PAPERLESS_SRC_DIR}" | ||||
|  | ||||
| # The whole migrate, with flock, needs to run as the right user | ||||
| if [[ -n "${USER_IS_NON_ROOT}" ]]; then | ||||
| 	exec s6-setlock -n "${data_dir}/migration_lock" python3 manage.py migrate --skip-checks --no-input | ||||
| else | ||||
| 	exec s6-setuidgid paperless \ | ||||
| 		s6-setlock -n "${data_dir}/migration_lock" \ | ||||
| 		python3 manage.py migrate --skip-checks --no-input | ||||
| fi | ||||
| @@ -1 +0,0 @@ | ||||
| oneshot | ||||
| @@ -1 +0,0 @@ | ||||
| /etc/s6-overlay/s6-rc.d/init-migrations/run | ||||
| @@ -1,22 +0,0 @@ | ||||
| #!/command/with-contenv /usr/bin/bash | ||||
| # shellcheck shell=bash | ||||
| declare -r log_prefix="[init-user]" | ||||
|  | ||||
| declare -r usermap_original_uid=$(id -u paperless) | ||||
| declare -r usermap_original_gid=$(id -g paperless) | ||||
| declare -r usermap_new_uid=${USERMAP_UID:-$usermap_original_uid} | ||||
| declare -r usermap_new_gid=${USERMAP_GID:-${usermap_original_gid:-$usermap_new_uid}} | ||||
|  | ||||
| if [[ ${usermap_new_uid} != "${usermap_original_uid}" ]]; then | ||||
| 	echo "${log_prefix} Mapping UID for paperless to $usermap_new_uid" | ||||
| 	usermod --non-unique --uid "${usermap_new_uid}" paperless | ||||
| else | ||||
| 	echo "${log_prefix} No UID changes for paperless" | ||||
| fi | ||||
|  | ||||
| if [[ ${usermap_new_gid} != "${usermap_original_gid}" ]]; then | ||||
| 	echo "${log_prefix} Mapping GID for paperless to $usermap_new_gid" | ||||
| 	groupmod --non-unique --gid "${usermap_new_gid}" paperless | ||||
| else | ||||
| 	echo "${log_prefix} No GID changes for paperless" | ||||
| fi | ||||
| @@ -1 +0,0 @@ | ||||
| oneshot | ||||
| @@ -1 +0,0 @@ | ||||
| /etc/s6-overlay/s6-rc.d/init-modify-user/run | ||||
| @@ -1,28 +0,0 @@ | ||||
| #!/command/with-contenv /usr/bin/bash | ||||
| # shellcheck shell=bash | ||||
|  | ||||
| declare -r log_prefix="[init-index]" | ||||
|  | ||||
| declare -r index_version=9 | ||||
| declare -r data_dir="${PAPERLESS_DATA_DIR:-/usr/src/paperless/data}" | ||||
| declare -r index_version_file="${data_dir}/.index_version" | ||||
|  | ||||
| update_index () { | ||||
| 	echo "${log_prefix} Search index out of date. Updating..." | ||||
| 	cd "${PAPERLESS_SRC_DIR}" | ||||
| 	if [[ -n "${USER_IS_NON_ROOT}" ]]; then | ||||
| 		python3 manage.py document_index reindex --no-progress-bar | ||||
| 		echo ${index_version} | tee "${index_version_file}" > /dev/null | ||||
| 	else | ||||
| 		s6-setuidgid paperless python3 manage.py document_index reindex --no-progress-bar | ||||
| 		echo ${index_version} | s6-setuidgid paperless tee "${index_version_file}" > /dev/null | ||||
| 	fi | ||||
| } | ||||
|  | ||||
| if [[ (! -f "${index_version_file}") ]]; then | ||||
| 	echo "${log_prefix} No index version file found" | ||||
| 	update_index | ||||
| elif [[ $(<"${index_version_file}") != "$index_version" ]]; then | ||||
| 	echo "${log_prefix} index version updated" | ||||
| 	update_index | ||||
| fi | ||||
| @@ -1 +0,0 @@ | ||||
| oneshot | ||||
| @@ -1 +0,0 @@ | ||||
| /etc/s6-overlay/s6-rc.d/init-search-index/run | ||||
| @@ -1,20 +0,0 @@ | ||||
| #!/command/with-contenv /usr/bin/bash | ||||
| # shellcheck shell=bash | ||||
|  | ||||
| declare -r log_prefix="[init-start]" | ||||
|  | ||||
| echo "${log_prefix} paperless-ngx docker container starting..." | ||||
|  | ||||
| # Set some directories into environment for other steps to access via environment | ||||
| # Sort of like variables for later | ||||
| printf "/usr/src/paperless/src" > /var/run/s6/container_environment/PAPERLESS_SRC_DIR | ||||
| echo $(date +%s) > /var/run/s6/container_environment/PAPERLESS_START_TIME_S | ||||
|  | ||||
| # Check if we're starting as a non-root user | ||||
| if [ "$(id --user)" != "0" ]; then | ||||
| 	printf "true" > /var/run/s6/container_environment/USER_IS_NON_ROOT | ||||
| 	echo "${log_prefix}  paperless-ngx docker container running under a user ($(id --user):$(id --group))" | ||||
| else | ||||
| 	printf "/usr/src/paperless" > /var/run/s6/container_environment/HOME | ||||
| 	echo "${log_prefix}  paperless-ngx docker container starting init as root" | ||||
| fi | ||||
| @@ -1 +0,0 @@ | ||||
| oneshot | ||||
| @@ -1 +0,0 @@ | ||||
| /etc/s6-overlay/s6-rc.d/init-start/run | ||||
Some files were not shown because too many files have changed in this diff Show More
		Reference in New Issue
	
	Block a user