Erich Blume
041c47acfb
Add paperless-ngx (v2.20.13) as a new ArgoCD-managed service on indri with Authentik OIDC SSO, PostgreSQL on blumeops-pg, Redis sidecar, and NFS document storage on sifaka. Includes Dockerfile built from forge mirror, full k8s manifests, Caddy route, 1Password secrets, and reference documentation. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
31 lines
781 B
YAML
31 lines
781 B
YAML
---
|
|
apiVersion: external-secrets.io/v1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: paperless-secrets
|
|
namespace: paperless
|
|
spec:
|
|
refreshInterval: 1h
|
|
secretStoreRef:
|
|
kind: ClusterSecretStore
|
|
name: onepassword-blumeops
|
|
target:
|
|
name: paperless-secrets
|
|
creationPolicy: Owner
|
|
data:
|
|
- secretKey: db-password
|
|
remoteRef:
|
|
key: "Paperless (blumeops)"
|
|
property: postgresql-password
|
|
- secretKey: secret-key
|
|
remoteRef:
|
|
key: "Paperless (blumeops)"
|
|
property: secret-key
|
|
- secretKey: admin-password
|
|
remoteRef:
|
|
key: "Paperless (blumeops)"
|
|
property: admin-password
|
|
- secretKey: socialaccount-providers
|
|
remoteRef:
|
|
key: "Paperless (blumeops)"
|
|
property: socialaccount-providers
|