1 { config, lib, pkgs, ... }:
4 cfg = config.services.jupyter;
8 kernels = (pkgs.jupyter-kernel.create {
9 definitions = if cfg.kernels != null
11 else pkgs.jupyter-kernel.default;
14 notebookConfig = pkgs.writeText "jupyter_config.py" ''
17 c.NotebookApp.password = ${cfg.password}
21 meta.maintainers = with lib.maintainers; [ aborsu ];
23 options.services.jupyter = {
24 enable = lib.mkEnableOption "Jupyter development server";
28 default = "localhost";
30 IP address Jupyter will be listening on.
34 # NOTE: We don't use top-level jupyter because we don't
35 # want to pass in JUPYTER_PATH but use .environment instead,
37 package = lib.mkPackageOption pkgs [ "python3" "pkgs" "notebook" ] { };
39 command = lib.mkOption {
41 default = "jupyter-notebook";
42 example = "jupyter-lab";
44 Which command the service runs. Note that not all jupyter packages
45 have all commands, e.g. jupyter-lab isn't present in the default package.
50 type = lib.types.port;
53 Port number Jupyter will be listening on.
57 notebookDir = lib.mkOption {
61 Root directory for notebooks.
69 Name of the user used to run the jupyter service.
70 For security reason, jupyter should really not be run as root.
71 If not set (jupyter), the service will create a jupyter user with appropriate settings.
76 group = lib.mkOption {
80 Name of the group used to run the jupyter service.
81 Use this if you want to create a group of users that are able to view the notebook directory's content.
86 password = lib.mkOption {
89 Password to use with notebook.
90 Can be generated using:
91 In [1]: from notebook.auth import passwd
92 In [2]: passwd('test')
93 Out[2]: 'sha1:1b961dc713fb:88483270a63e57d18d43cf337e629539de1436ba'
94 NOTE: you need to keep the single quote inside the nix string.
95 Or you can use a python oneliner:
96 "open('/path/secret_file', 'r', encoding='utf8').read().strip()"
97 It will be interpreted at the end of the notebookConfig.
99 example = "'sha1:1b961dc713fb:88483270a63e57d18d43cf337e629539de1436ba'";
102 notebookConfig = lib.mkOption {
103 type = lib.types.lines;
110 kernels = lib.mkOption {
111 type = lib.types.nullOr (lib.types.attrsOf(lib.types.submodule (import ./kernel-options.nix {
116 example = lib.literalExpression ''
119 env = (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
125 displayName = "Python 3 for machine learning";
127 "''${env.interpreter}"
134 logo32 = "''${env.sitePackages}/ipykernel/resources/logo-32x32.png";
135 logo64 = "''${env.sitePackages}/ipykernel/resources/logo-64x64.png";
137 "cool.txt" = pkgs.writeText "cool" "cool content";
143 Declarative kernel config.
145 Kernels can be declared in any language that supports and has the required
146 dependencies to communicate with a jupyter server.
147 In python's case, it means that ipykernel package must always be included in
148 the list of packages of the targeted environment.
153 config = lib.mkMerge [
154 (lib.mkIf cfg.enable {
155 systemd.services.jupyter = {
156 description = "Jupyter development server";
158 after = [ "network.target" ];
159 wantedBy = [ "multi-user.target" ];
161 # TODO: Patch notebook so we can explicitly pass in a shell
162 path = [ pkgs.bash ]; # needed for sh in cell magic to work
165 JUPYTER_PATH = toString kernels;
170 ExecStart = ''${package}/bin/${cfg.command} \
173 --port=${toString cfg.port} --port-retries 0 \
174 --notebook-dir=${cfg.notebookDir} \
175 --NotebookApp.config_file=${notebookConfig}
179 WorkingDirectory = "~";
183 (lib.mkIf (cfg.enable && (cfg.group == "jupyter")) {
184 users.groups.jupyter = {};
186 (lib.mkIf (cfg.enable && (cfg.user == "jupyter")) {
187 users.extraUsers.jupyter = {
188 extraGroups = [ cfg.group ];
189 home = "/var/lib/jupyter";
192 useDefaultShell = true; # needed so that the user can start a terminal.