{ config, lib, pkgs, ... }: let sources = import ../nix/sources.nix; in { containers.pluto = { autoStart = true; bindMounts."/notebooks" = { hostPath = "/data/pluto"; isReadOnly = false; }; config = {pkgs, config, ...}: { systemd.services.pluto = let julia = (import ../pkgs/pluto) {pkgs = import sources.nixpkgs {};}; pluto = pkgs.stdenv.mkDerivation { name = "pluto-standalone"; buildPhase = "mkdir $out"; installPhase = '' cp *.toml $out cp *.jl $out ''; src = ../pkgs/pluto; }; in { enable = true; description = "Pluto.js notebook server"; wantedBy = [ "multi-user.target" ]; serviceConfig = { type = "simple"; User = "pluto"; Group = "pluto"; }; # julia needs some writable directory to keep state in # (especially precompiled artifacts). The wrapped version # of julia below will append this with a path from the # nix store that contains all needed packages, so this # should even work entirely without internet access. environment.JULIA_DEPOT_PATH = "/var/lib/julia"; script = '' cd ${pluto.outPath} ${julia}/bin/julia pluto-standalone.jl ''; }; users.users.pluto = { group = "pluto"; home = "/notebooks"; isSystemUser = true; }; users.groups.pluto = {}; systemd.tmpfiles.rules = [ "d /var/lib/julia 0750 pluto pluto" ]; }; }; systemd.services."container@pluto".serviceConfig = { MemoryHigh = "2G"; # will throttle, but not a hard limit MemoryMax = "2.5G"; # hard limit CPUQuota = "100%"; # give CPU time roughly equivalent to one core }; }