blob: bebb3c3f13f018f5ea3bd9be1e1b1c523d2cdecf (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
|
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.jupyter;
package = cfg.package;
kernels = (pkgs.jupyter-kernel.create {
definitions = if cfg.kernels != null
then cfg.kernels
else pkgs.jupyter-kernel.default;
});
notebookConfig = pkgs.writeText "jupyter_config.py" ''
${cfg.notebookConfig}
c.NotebookApp.password = ${cfg.password}
'';
in {
meta.maintainers = with maintainers; [ aborsu ];
options.services.jupyter = {
enable = mkEnableOption "Jupyter development server";
ip = mkOption {
type = types.str;
default = "localhost";
description = ''
IP address Jupyter will be listening on.
'';
};
package = mkOption {
type = types.package;
# NOTE: We don't use top-level jupyter because we don't
# want to pass in JUPYTER_PATH but use .environment instead,
# saving a rebuild.
default = pkgs.python3.pkgs.notebook;
defaultText = literalExpression "pkgs.python3.pkgs.notebook";
description = ''
Jupyter package to use.
'';
};
command = mkOption {
type = types.str;
default = "jupyter-notebook";
example = "jupyter-lab";
description = ''
Which command the service runs. Note that not all jupyter packages
have all commands, e.g. jupyter-lab isn't present in the default package.
'';
};
port = mkOption {
type = types.int;
default = 8888;
description = ''
Port number Jupyter will be listening on.
'';
};
notebookDir = mkOption {
type = types.str;
default = "~/";
description = ''
Root directory for notebooks.
'';
};
user = mkOption {
type = types.str;
default = "jupyter";
description = ''
Name of the user used to run the jupyter service.
For security reason, jupyter should really not be run as root.
If not set (jupyter), the service will create a jupyter user with appropriate settings.
'';
example = "aborsu";
};
group = mkOption {
type = types.str;
default = "jupyter";
description = ''
Name of the group used to run the jupyter service.
Use this if you want to create a group of users that are able to view the notebook directory's content.
'';
example = "users";
};
password = mkOption {
type = types.str;
description = ''
Password to use with notebook.
Can be generated using:
In [1]: from notebook.auth import passwd
In [2]: passwd('test')
Out[2]: 'sha1:1b961dc713fb:88483270a63e57d18d43cf337e629539de1436ba'
NOTE: you need to keep the single quote inside the nix string.
Or you can use a python oneliner:
"open('/path/secret_file', 'r', encoding='utf8').read().strip()"
It will be interpreted at the end of the notebookConfig.
'';
example = "'sha1:1b961dc713fb:88483270a63e57d18d43cf337e629539de1436ba'";
};
notebookConfig = mkOption {
type = types.lines;
default = "";
description = ''
Raw jupyter config.
'';
};
kernels = mkOption {
type = types.nullOr (types.attrsOf(types.submodule (import ./kernel-options.nix {
inherit lib;
})));
default = null;
example = literalExpression ''
{
python3 = let
env = (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
ipykernel
pandas
scikit-learn
]));
in {
displayName = "Python 3 for machine learning";
argv = [
"''${env.interpreter}"
"-m"
"ipykernel_launcher"
"-f"
"{connection_file}"
];
language = "python";
logo32 = "''${env.sitePackages}/ipykernel/resources/logo-32x32.png";
logo64 = "''${env.sitePackages}/ipykernel/resources/logo-64x64.png";
};
}
'';
description = "Declarative kernel config
Kernels can be declared in any language that supports and has the required
dependencies to communicate with a jupyter server.
In python's case, it means that ipykernel package must always be included in
the list of packages of the targeted environment.
";
};
};
config = mkMerge [
(mkIf cfg.enable {
systemd.services.jupyter = {
description = "Jupyter development server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
# TODO: Patch notebook so we can explicitly pass in a shell
path = [ pkgs.bash ]; # needed for sh in cell magic to work
environment = {
JUPYTER_PATH = toString kernels;
};
serviceConfig = {
Restart = "always";
ExecStart = ''${package}/bin/${cfg.command} \
--no-browser \
--ip=${cfg.ip} \
--port=${toString cfg.port} --port-retries 0 \
--notebook-dir=${cfg.notebookDir} \
--NotebookApp.config_file=${notebookConfig}
'';
User = cfg.user;
Group = cfg.group;
WorkingDirectory = "~";
};
};
})
(mkIf (cfg.enable && (cfg.group == "jupyter")) {
users.groups.jupyter = {};
})
(mkIf (cfg.enable && (cfg.user == "jupyter")) {
users.extraUsers.jupyter = {
extraGroups = [ cfg.group ];
home = "/var/lib/jupyter";
createHome = true;
useDefaultShell = true; # needed so that the user can start a terminal.
};
})
];
}
|