diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index 2881d843760..8c0f0c2624b 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -276,6 +276,7 @@
telegraf = 256;
gitlab-runner = 257;
postgrey = 258;
+ hound = 259;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@@ -522,6 +523,7 @@
#telegraf = 256; # unused
gitlab-runner = 257;
postgrey = 258;
+ hound = 259;
# When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 403f326df3d..bf7d6408df8 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -455,6 +455,7 @@
./services/scheduling/fcron.nix
./services/scheduling/marathon.nix
./services/search/elasticsearch.nix
+ ./services/search/hound.nix
./services/search/kibana.nix
./services/search/solr.nix
./services/security/clamav.nix
diff --git a/nixos/modules/services/search/hound.nix b/nixos/modules/services/search/hound.nix
new file mode 100644
index 00000000000..4389f17668b
--- /dev/null
+++ b/nixos/modules/services/search/hound.nix
@@ -0,0 +1,119 @@
+{ config, lib, pkgs, ... }:
+with lib;
+let
+ cfg = config.services.hound;
+in {
+ options = {
+ services.hound = {
+ enable = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Whether to enable the hound code search daemon.
+ '';
+ };
+
+ user = mkOption {
+ default = "hound";
+ type = types.str;
+ description = ''
+ User the hound daemon should execute under.
+ '';
+ };
+
+ group = mkOption {
+ default = "hound";
+ type = types.str;
+ description = ''
+ Group the hound daemon should execute under.
+ '';
+ };
+
+ extraGroups = mkOption {
+ type = types.listOf types.str;
+ default = [ ];
+ example = [ "dialout" ];
+ description = ''
+ List of extra groups that the "hound" user should be a part of.
+ '';
+ };
+
+ home = mkOption {
+ default = "/var/lib/hound";
+ type = types.path;
+ description = ''
+ The path to use as hound's $HOME. If the default user
+ "hound" is configured then this is the home of the "hound"
+ user.
+ '';
+ };
+
+ package = mkOption {
+ default = pkgs.hound;
+ description = ''
+ Package for running hound.
+ '';
+ };
+
+ config = mkOption {
+ type = types.str;
+ example = ''
+ {
+ "max-concurrent-indexers" : 2,
+ "dbpath" : "''${services.hound.home}/data",
+ "repos" : {
+ "nixpkgs": {
+ "url" : "https://www.github.com/NixOS/nixpkgs.git"
+ }
+ }
+ }
+ '';
+ };
+
+ listen = mkOption {
+ type = types.str;
+ default = "0.0.0.0:6080";
+ example = "127.0.0.1:6080 or just :6080";
+ description = ''
+ Listen on this IP:port / :port
+ '';
+ };
+ };
+ };
+
+ config = mkIf cfg.enable {
+ users.extraGroups = optional (cfg.group == "hound") {
+ name = "hound";
+ gid = config.ids.gids.hound;
+ };
+
+ users.extraUsers = optional (cfg.user == "hound") {
+ name = "hound";
+ description = "hound code search";
+ createHome = true;
+ home = cfg.home;
+ group = cfg.group;
+ extraGroups = cfg.extraGroups;
+ uid = config.ids.uids.hound;
+ };
+
+ systemd.services.hound = {
+ description = "Hound Code Search";
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" ];
+
+ serviceConfig = {
+ User = cfg.user;
+ Group = cfg.group;
+ WorkingDirectory = cfg.home;
+ ExecStartPre = "${pkgs.git}/bin/git config --global --replace-all http.sslCAinfo /etc/ssl/certs/ca-certificates.crt";
+ ExecStart = "${cfg.package}/bin/houndd" +
+ " -addr ${cfg.listen}" +
+ " -conf ${pkgs.writeText "hound.json" cfg.config}";
+
+ };
+ path = [ pkgs.git ];
+ };
+ };
+
+}
diff --git a/nixos/release.nix b/nixos/release.nix
index 10c624afebc..fbd3efd16ff 100644
--- a/nixos/release.nix
+++ b/nixos/release.nix
@@ -245,6 +245,7 @@ in rec {
tests.gnome3-gdm = callTest tests/gnome3-gdm.nix {};
tests.grsecurity = callTest tests/grsecurity.nix {};
tests.hibernate = callTest tests/hibernate.nix {};
+ tests.hound = callTest tests/hound.nix {};
tests.i3wm = callTest tests/i3wm.nix {};
tests.installer = callSubTests tests/installer.nix {};
tests.influxdb = callTest tests/influxdb.nix {};
diff --git a/nixos/tests/hound.nix b/nixos/tests/hound.nix
new file mode 100644
index 00000000000..82fd44e8e36
--- /dev/null
+++ b/nixos/tests/hound.nix
@@ -0,0 +1,58 @@
+# Test whether `houndd` indexes nixpkgs
+import ./make-test.nix ({ pkgs, ... } : {
+ name = "hound";
+ meta = with pkgs.stdenv.lib.maintainers; {
+ maintainers = [ grahamc ];
+ };
+ machine = { config, pkgs, ... }: {
+ services.hound = {
+ enable = true;
+ config = ''
+ {
+ "max-concurrent-indexers": 1,
+ "dbpath": "/var/lib/hound/data",
+ "repos": {
+ "nix": {
+ "url": "file:///var/lib/hound/my-git"
+ }
+ }
+ }
+ '';
+ };
+
+ systemd.services.houndseed = {
+ description = "seed hound with a git repo";
+ requiredBy = [ "hound.service" ];
+ before = [ "hound.service" ];
+
+ serviceConfig = {
+ User = "hound";
+ Group = "hound";
+ WorkingDirectory = "/var/lib/hound";
+ };
+ path = [ pkgs.git ];
+ script = ''
+ git config --global user.email "you@example.com"
+ git config --global user.name "Your Name"
+ git init my-git --bare
+ git init my-git-clone
+ cd my-git-clone
+ echo 'hi nix!' > hello
+ git add hello
+ git commit -m "hello there :)"
+ git remote add origin /var/lib/hound/my-git
+ git push origin master
+ '';
+ };
+ };
+
+ testScript =
+ '' startAll;
+
+ $machine->waitForUnit("network.target");
+ $machine->waitForUnit("hound.service");
+ $machine->waitForOpenPort(6080);
+ $machine->succeed('curl http://127.0.0.1:6080/api/v1/search\?stats\=fosho\&repos\=\*\&rng=%3A20\&q\=hi\&files\=\&i=nope | grep "Filename" | grep "hello"');
+
+ '';
+})