wiki.paepcke.com

User Tools

Site Tools

Trace: paperless
public:paperless

MacOS/Docker installation is problematic

Debian/Docker Installation

Install Debian 14 (basic without GUI is sufficient)

Referencing docs.docker.com, install Docker using the apt repository

Extend Docker authority to a non-privileged user 

sudo usermod -aG docker jdoe

Log out and back in

Referencing docs.paperless-ngx.com, as a non-privileged user, provision Paperless using the installation script:

  • Database: sqlite
  • Accept all other defaults

Add to path 

export PATH=$PATH:/usr/libexec/docker/cli-plugins

List active containers 

docker-compose ls

Stop, start Paperless-NGX container as daemon 

cd /home/jdoe/paperless-ngx
docker-compose down
docker-compose up -d

Stop, start dockerd service 

sudo systemctl stop docker
sudo systemctl start docker

Place Paperless-NGX Behind Apache Reverse Proxy

In /home/jdoe/paperless-ngx/docker-compose.yml, upsert…

Under webserver > ports 

"127.0.0.1:8000:8000"
"[::1]:8000:8000"

Under webserver > environment 

PAPERLESS_URL: https://mysite.example.com

Install, start Apache and certbot 

sudo apt install apache2
sudo apt install certbot python3-certbot-apache
sudo systemctl start apache2

In /etc/apache2/apache2.conf, below the <Direcotry /var/www/html> block, add: 

Alias /.well-known/acme-challenge/ "/var/www/letsencrypt/.well-known/acme-challenge/"

Install Apache modules 

sudo a2enmod proxy proxy_http ssl
sudo systemctl restart apache2

Create vhost directories 

sudo mkdir -p /var/www/mysite/
sudo mkdir -p /var/www/letsencrypt/.well-known/acme-challenge/

Into /var/www/mysite/index.html, write 

<html>
<head>
  <meta http-equiv="Refresh" content="0; url='https://mysite.example.com/'" />
</head>
<body>
  HTTP disabled. Try <a href="https://mysite.example.com/">https://mysite.example.com/</a>
</body>
</html>

Discard or comment all lines in /etc/apache2/sites-enabled/000-default.conf

Into /etc/apache2/sites-enabled/mysite.conf, upsert 

<VirtualHost *:80 [::]:80>
  ServerAdmin root@example.de
  DocumentRoot /var/www/mysite
  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined
  ServerName mysite.example.com
</VirtualHost>

Restart Apache 

sudo /usr/sbin/apachectl restart

Fetch test, production certificate 

sudo certbot certonly --test-cert --webroot -w /var/www/letsencrypt/ --agree-tos -d mysite.example.com
sudo certbot certonly --webroot -w /var/www/letsencrypt/ --agree-tos -d mysite.example.com

To /etc/apache2/sites-enabled/mysite.conf, append 

<VirtualHost *:443 [::]:443>
  ServerAdmin root@example.com
  DocumentRoot /var/www/mysite 
  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined
  ServerName mysite.example.com
  SSLEngine On
  SSLProxyEngine On
  ProxyPreserveHost On
  ProxyRequests Off
  ProxyPass / http://localhost:8000/
  ProxyPassReverse / http://localhost:8000/
  SSLCertificateFile /etc/letsencrypt/live/mysite.example.com/cert.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/mysite.example.com/privkey.pem
  SSLCertificateChainFile /etc/letsencrypt/live/mysite.example.com/chain.pem
</VirtualHost>

Restart Apache 

sudo /usr/sbin/apachectl restart
public/paperless.txt · Last modified: 2025/09/02 02:49 by daniel
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki