nixos/modules/services/development/jupyter/default.nix at 18.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / development / jupyter / default.nix
at 18.09-beta 5.3 kB view raw
  1{ config, lib, pkgs, ... }:
  2
  3with lib;
  4
  5let
  6
  7  cfg = config.services.jupyter;
  8
  9  # NOTE: We don't use top-level jupyter because we don't
 10  # want to pass in JUPYTER_PATH but use .environment instead,
 11  # saving a rebuild.
 12  package = pkgs.python3.pkgs.notebook;
 13
 14  kernels = (pkgs.jupyter-kernel.create  {
 15    definitions = if cfg.kernels != null
 16      then cfg.kernels
 17      else  pkgs.jupyter-kernel.default;
 18  });
 19
 20  notebookConfig = pkgs.writeText "jupyter_config.py" ''
 21    ${cfg.notebookConfig}
 22
 23    c.NotebookApp.password = ${cfg.password}
 24  '';
 25
 26in {
 27  meta.maintainers = with maintainers; [ aborsu ];
 28
 29  options.services.jupyter = {
 30    enable = mkEnableOption "Jupyter development server";
 31
 32    ip = mkOption {
 33      type = types.str;
 34      default = "localhost";
 35      description = ''
 36        IP address Jupyter will be listening on.
 37      '';
 38    };
 39
 40    port = mkOption {
 41      type = types.int;
 42      default = 8888;
 43      description = ''
 44        Port number Jupyter will be listening on.
 45      '';
 46    };
 47
 48    notebookDir = mkOption {
 49      type = types.str;
 50      default = "~/";
 51      description = ''
 52        Root directory for notebooks.
 53      '';
 54    };
 55
 56    user = mkOption {
 57      type = types.str;
 58      default = "jupyter";
 59      description = ''
 60        Name of the user used to run the jupyter service.
 61        For security reason, jupyter should really not be run as root.
 62        If not set (jupyter), the service will create a jupyter user with appropriate settings.
 63      '';
 64      example = "aborsu";
 65    };
 66
 67    group = mkOption {
 68      type = types.str;
 69      default = "jupyter";
 70      description = ''
 71        Name of the group used to run the jupyter service.
 72        Use this if you want to create a group of users that are able to view the notebook directory's content.
 73      '';
 74      example = "users";
 75    };
 76
 77    password = mkOption {
 78      type = types.str;
 79      description = ''
 80        Password to use with notebook.
 81        Can be generated using:
 82          In [1]: from notebook.auth import passwd
 83          In [2]: passwd('test')
 84          Out[2]: 'sha1:1b961dc713fb:88483270a63e57d18d43cf337e629539de1436ba'
 85          NOTE: you need to keep the single quote inside the nix string.
 86        Or you can use a python oneliner:
 87          "open('/path/secret_file', 'r', encoding='utf8').read().strip()"
 88        It will be interpreted at the end of the notebookConfig.
 89      '';
 90      example = [
 91        "'sha1:1b961dc713fb:88483270a63e57d18d43cf337e629539de1436ba'"
 92        "open('/path/secret_file', 'r', encoding='utf8').read().strip()"
 93      ];
 94    };
 95
 96    notebookConfig = mkOption {
 97      type = types.lines;
 98      default = "";
 99      description = ''
100        Raw jupyter config.
101      '';
102    };
103
104    kernels = mkOption {
105      type = types.nullOr (types.attrsOf(types.submodule (import ./kernel-options.nix {
106        inherit lib;
107      })));
108
109      default = null;
110      example = literalExample ''
111        {
112          python3 = let
113            env = (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
114                    ipykernel
115                    pandas
116                    scikitlearn
117                  ]));
118          in {
119            displayName = "Python 3 for machine learning";
120            argv = [
121              "$ {env.interpreter}"
122              "-m"
123              "ipykernel_launcher"
124              "-f"
125              "{connection_file}"
126            ];
127            language = "python";
128            logo32 = "$ {env.sitePackages}/ipykernel/resources/logo-32x32.png";
129            logo64 = "$ {env.sitePackages}/ipykernel/resources/logo-64x64.png";
130          };
131        }
132      '';
133      description = "Declarative kernel config
134
135      Kernels can be declared in any language that supports and has the required
136      dependencies to communicate with a jupyter server.
137      In python's case, it means that ipykernel package must always be included in
138      the list of packages of the targeted environment.
139      ";
140    };
141  };
142
143  config = mkMerge [
144    (mkIf cfg.enable  {
145      systemd.services.jupyter = {
146        description = "Jupyter development server";
147
148        wantedBy = [ "multi-user.target" ];
149
150        # TODO: Patch notebook so we can explicitly pass in a shell
151        path = [ pkgs.bash ]; # needed for sh in cell magic to work
152
153        environment = {
154          JUPYTER_PATH = toString kernels;
155        };
156
157        serviceConfig = {
158          Restart = "always";
159          ExecStart = ''${package}/bin/jupyter-notebook \
160            --no-browser \
161            --ip=${cfg.ip} \
162            --port=${toString cfg.port} --port-retries 0 \
163            --notebook-dir=${cfg.notebookDir} \
164            --NotebookApp.config_file=${notebookConfig}
165          '';
166          User = cfg.user;
167          Group = cfg.group;
168          WorkingDirectory = "~";
169        };
170      };
171    })
172    (mkIf (cfg.enable && (cfg.group == "jupyter")) {
173      users.groups.jupyter = {};
174    })
175    (mkIf (cfg.enable && (cfg.user == "jupyter")) {
176      users.extraUsers.jupyter = {
177        extraGroups = [ cfg.group ];
178        home = "/var/lib/jupyter";
179        createHome = true;
180        useDefaultShell = true; # needed so that the user can start a terminal.
181      };
182    })
183  ];
184}