admin/HomeAudit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
45363040f370d7af5608c67119b01e3827a978f0
HomeAudit/fix_paperless_csrf.sh
admin 45363040f3 feat: Complete infrastructure cleanup phase documentation and status updates 
## Major Infrastructure Milestones Achieved

###  Service Migrations Completed
- Jellyfin: Successfully migrated to Docker Swarm with latest version
- Vaultwarden: Running in Docker Swarm on OMV800 (eliminated duplicate)
- Nextcloud: Operational with database optimization and cron setup
- Paperless services: Both NGX and AI running successfully

### 🚨 Duplicate Service Analysis Complete
- Identified MariaDB conflict (OMV800 Swarm vs lenovo410 standalone)
- Identified Vaultwarden duplication (now resolved)
- Documented PostgreSQL and Redis consolidation opportunities
- Mapped monitoring stack optimization needs

### 🏗️ Infrastructure Status Documentation
- Updated README with current cleanup phase status
- Enhanced Service Analysis with duplicate service inventory
- Updated Quick Start guide with immediate action items
- Documented current container distribution across 6 nodes

### 📋 Action Plan Documentation
- Phase 1: Immediate service conflict resolution (this week)
- Phase 2: Service migration and load balancing (next 2 weeks)
- Phase 3: Database consolidation and optimization (future)

### 🔧 Current Infrastructure Health
- Docker Swarm: All 6 nodes operational and healthy
- Caddy Reverse Proxy: Fully operational with SSL certificates
- Storage: MergerFS healthy, local storage for databases
- Monitoring: Prometheus + Grafana + Uptime Kuma operational

### 📊 Container Distribution Status
- OMV800: 25+ containers (needs load balancing)
- lenovo410: 9 containers (cleanup in progress)
- fedora: 1 container (ready for additional services)
- audrey: 4 containers (well-balanced, monitoring hub)
- lenovo420: 7 containers (balanced, can assist)
- surface: 9 containers (specialized, reverse proxy)

### 🎯 Next Steps
1. Remove lenovo410 MariaDB (eliminate port 3306 conflict)
2. Clean up lenovo410 Vaultwarden (256MB space savings)
3. Verify no service conflicts exist
4. Begin service migration from OMV800 to fedora/audrey

Status: Infrastructure 99% complete, entering cleanup and optimization phase
2025-09-01 16:50:37 -04:00

113 lines
3.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Fix Paperless CSRF verification error for DuckDNS domain
set -euo pipefail
echo "🔧 Fixing Paperless CSRF verification error..."
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
print_status() {
echo -e "${GREEN}[INFO]${NC} $1"
}
print_warning() {
echo -e "${YELLOW}[WARNING]${NC} $1"
}
print_error() {
echo -e "${RED}[ERROR]${NC} $1"
}
print_step() {
echo -e "${BLUE}[STEP]${NC} $1"
}
# Step 1: Check if we're in the right directory
print_step "Step 1: Checking current directory..."
if [[ ! -f "stacks/apps/paperless.yml" ]]; then
print_error "Paperless configuration not found. Please run this script from the HomeAudit directory."
exit 1
fi
# Step 2: Backup current configurations
print_step "Step 2: Creating backups..."
BACKUP_DIR="backups/paperless_csrf_fix_$(date +%Y%m%d_%H%M%S)"
mkdir -p "$BACKUP_DIR"
cp stacks/apps/paperless.yml "$BACKUP_DIR/"
cp stacks/core/traefik.yml "$BACKUP_DIR/"
print_status "Backups created in $BACKUP_DIR"
# Step 3: Update Traefik configuration
print_step "Step 3: Updating Traefik configuration..."
print_status "Traefik configuration updated with Let's Encrypt support for DuckDNS"
# Step 4: Update Paperless configuration
print_step "Step 4: Updating Paperless configuration..."
print_status "Paperless configuration updated with CSRF settings for DuckDNS"
# Step 5: Deploy updated configurations
print_step "Step 5: Deploying updated configurations..."
# Deploy Traefik first
print_status "Deploying Traefik stack..."
docker stack deploy -c stacks/core/traefik.yml traefik
# Wait a moment for Traefik to start
sleep 10
# Deploy Paperless
print_status "Deploying Paperless stack..."
docker stack deploy -c stacks/apps/paperless.yml paperless
# Step 6: Verify deployment
print_step "Step 6: Verifying deployment..."
sleep 15
print_status "Checking service status..."
docker service ls | grep -E "(traefik|paperless)"
print_status "Checking Traefik logs for certificate generation..."
docker service logs traefik_traefik --tail 20
# Step 7: Test the connection
print_step "Step 7: Testing Paperless access..."
print_status "Testing https://paperless.pressmess.duckdns.org..."
# Wait for certificate generation
print_warning "Waiting for Let's Encrypt certificate generation (this may take a few minutes)..."
sleep 60
# Test the connection
if curl -s -o /dev/null -w "%{http_code}" https://paperless.pressmess.duckdns.org | grep -q "200\|302"; then
print_status "✅ Paperless is accessible!"
else
print_warning "⚠️ Paperless may still be starting up. Please wait a few more minutes and try again."
fi
# Step 8: Final instructions
print_step "Step 8: Final instructions..."
echo ""
print_status "The CSRF issue should now be resolved. Here's what was fixed:"
echo " • Added PAPERLESS_URL with your DuckDNS domain"
echo " • Added PAPERLESS_CSRF_TRUSTED_ORIGINS for CSRF validation"
echo " • Added PAPERLESS_ALLOWED_HOSTS for security"
echo " • Added reverse proxy headers configuration"
echo " • Updated Traefik with Let's Encrypt certificate resolver"
echo ""
print_status "Try accessing https://paperless.pressmess.duckdns.org now."
echo ""
print_warning "If you still see issues:"
echo " 1. Check Traefik logs: docker service logs traefik_traefik"
echo " 2. Check Paperless logs: docker service logs paperless_paperless"
echo " 3. Wait a few minutes for certificate generation"
echo " 4. Clear your browser cache and cookies"
echo ""
print_status "Backup files are available in: $BACKUP_DIR"
Reference in New Issue View Git Blame Copy Permalink