pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / development / jupyter / default.nix
at 24.11-pre 5.7 kB view raw
1{ config, lib, pkgs, ... }: 2 3with lib; 4 5let 6 7 cfg = config.services.jupyter; 8 9 package = cfg.package; 10 11 kernels = (pkgs.jupyter-kernel.create { 12 definitions = if cfg.kernels != null 13 then cfg.kernels 14 else pkgs.jupyter-kernel.default; 15 }); 16 17 notebookConfig = pkgs.writeText "jupyter_config.py" '' 18 ${cfg.notebookConfig} 19 20 c.NotebookApp.password = ${cfg.password} 21 ''; 22 23in { 24 meta.maintainers = with maintainers; [ aborsu ]; 25 26 options.services.jupyter = { 27 enable = mkEnableOption "Jupyter development server"; 28 29 ip = mkOption { 30 type = types.str; 31 default = "localhost"; 32 description = '' 33 IP address Jupyter will be listening on. 34 ''; 35 }; 36 37 # NOTE: We don't use top-level jupyter because we don't 38 # want to pass in JUPYTER_PATH but use .environment instead, 39 # saving a rebuild. 40 package = mkPackageOption pkgs [ "python3" "pkgs" "notebook" ] { }; 41 42 command = mkOption { 43 type = types.str; 44 default = "jupyter-notebook"; 45 example = "jupyter-lab"; 46 description = '' 47 Which command the service runs. Note that not all jupyter packages 48 have all commands, e.g. jupyter-lab isn't present in the default package. 49 ''; 50 }; 51 52 port = mkOption { 53 type = types.port; 54 default = 8888; 55 description = '' 56 Port number Jupyter will be listening on. 57 ''; 58 }; 59 60 notebookDir = mkOption { 61 type = types.str; 62 default = "~/"; 63 description = '' 64 Root directory for notebooks. 65 ''; 66 }; 67 68 user = mkOption { 69 type = types.str; 70 default = "jupyter"; 71 description = '' 72 Name of the user used to run the jupyter service. 73 For security reason, jupyter should really not be run as root. 74 If not set (jupyter), the service will create a jupyter user with appropriate settings. 75 ''; 76 example = "aborsu"; 77 }; 78 79 group = mkOption { 80 type = types.str; 81 default = "jupyter"; 82 description = '' 83 Name of the group used to run the jupyter service. 84 Use this if you want to create a group of users that are able to view the notebook directory's content. 85 ''; 86 example = "users"; 87 }; 88 89 password = mkOption { 90 type = types.str; 91 description = '' 92 Password to use with notebook. 93 Can be generated using: 94 In [1]: from notebook.auth import passwd 95 In [2]: passwd('test') 96 Out[2]: 'sha1:1b961dc713fb:88483270a63e57d18d43cf337e629539de1436ba' 97 NOTE: you need to keep the single quote inside the nix string. 98 Or you can use a python oneliner: 99 "open('/path/secret_file', 'r', encoding='utf8').read().strip()" 100 It will be interpreted at the end of the notebookConfig. 101 ''; 102 example = "'sha1:1b961dc713fb:88483270a63e57d18d43cf337e629539de1436ba'"; 103 }; 104 105 notebookConfig = mkOption { 106 type = types.lines; 107 default = ""; 108 description = '' 109 Raw jupyter config. 110 ''; 111 }; 112 113 kernels = mkOption { 114 type = types.nullOr (types.attrsOf(types.submodule (import ./kernel-options.nix { 115 inherit lib pkgs; 116 }))); 117 118 default = null; 119 example = literalExpression '' 120 { 121 python3 = let 122 env = (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [ 123 ipykernel 124 pandas 125 scikit-learn 126 ])); 127 in { 128 displayName = "Python 3 for machine learning"; 129 argv = [ 130 "''${env.interpreter}" 131 "-m" 132 "ipykernel_launcher" 133 "-f" 134 "{connection_file}" 135 ]; 136 language = "python"; 137 logo32 = "''${env.sitePackages}/ipykernel/resources/logo-32x32.png"; 138 logo64 = "''${env.sitePackages}/ipykernel/resources/logo-64x64.png"; 139 extraPaths = { 140 "cool.txt" = pkgs.writeText "cool" "cool content"; 141 }; 142 }; 143 } 144 ''; 145 description = '' 146 Declarative kernel config. 147 148 Kernels can be declared in any language that supports and has the required 149 dependencies to communicate with a jupyter server. 150 In python's case, it means that ipykernel package must always be included in 151 the list of packages of the targeted environment. 152 ''; 153 }; 154 }; 155 156 config = mkMerge [ 157 (mkIf cfg.enable { 158 systemd.services.jupyter = { 159 description = "Jupyter development server"; 160 161 after = [ "network.target" ]; 162 wantedBy = [ "multi-user.target" ]; 163 164 # TODO: Patch notebook so we can explicitly pass in a shell 165 path = [ pkgs.bash ]; # needed for sh in cell magic to work 166 167 environment = { 168 JUPYTER_PATH = toString kernels; 169 }; 170 171 serviceConfig = { 172 Restart = "always"; 173 ExecStart = ''${package}/bin/${cfg.command} \ 174 --no-browser \ 175 --ip=${cfg.ip} \ 176 --port=${toString cfg.port} --port-retries 0 \ 177 --notebook-dir=${cfg.notebookDir} \ 178 --NotebookApp.config_file=${notebookConfig} 179 ''; 180 User = cfg.user; 181 Group = cfg.group; 182 WorkingDirectory = "~"; 183 }; 184 }; 185 }) 186 (mkIf (cfg.enable && (cfg.group == "jupyter")) { 187 users.groups.jupyter = {}; 188 }) 189 (mkIf (cfg.enable && (cfg.user == "jupyter")) { 190 users.extraUsers.jupyter = { 191 extraGroups = [ cfg.group ]; 192 home = "/var/lib/jupyter"; 193 createHome = true; 194 isSystemUser = true; 195 useDefaultShell = true; # needed so that the user can start a terminal. 196 }; 197 }) 198 ]; 199}