{ config , lib , ... }: with lib; let cfg = config.eboskma.livebook; in { options.eboskma.livebook = { enable = mkEnableOption "Start a livebook container"; dataDir = mkOption { description = "Livebook data directory"; type = types.path; }; userMapping = mkOption { description = "User to run the container as"; type = types.str; }; }; config = mkIf cfg.enable { eboskma.docker.enable = true; virtualisation.oci-containers.containers = { livebook = { autoStart = true; image = "livebook/livebook"; environmentFiles = [ config.sops.secrets.livebook-password.path ]; ports = [ "8080:8080" ]; volumes = [ "${cfg.dataDir}:/data" "/run/secrets/livebook_cookie:/app/releases/COOKIE" ]; extraOptions = [ "--pull=always" "--user=${cfg.userMapping}" ]; }; }; }; }