From 6c7a605714b8971f889887e68f44e0ec1461012a Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Wed, 12 Oct 2016 18:58:56 -0400 Subject: [PATCH] hound: init module --- nixos/modules/misc/ids.nix | 2 + nixos/modules/module-list.nix | 1 + nixos/modules/services/search/hound.nix | 119 ++++++++++++++++++++++++ nixos/release.nix | 1 + nixos/tests/hound.nix | 58 ++++++++++++ 5 files changed, 181 insertions(+) create mode 100644 nixos/modules/services/search/hound.nix create mode 100644 nixos/tests/hound.nix diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 2881d843760..8c0f0c2624b 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -276,6 +276,7 @@ telegraf = 256; gitlab-runner = 257; postgrey = 258; + hound = 259; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -522,6 +523,7 @@ #telegraf = 256; # unused gitlab-runner = 257; postgrey = 258; + hound = 259; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 403f326df3d..bf7d6408df8 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -455,6 +455,7 @@ ./services/scheduling/fcron.nix ./services/scheduling/marathon.nix ./services/search/elasticsearch.nix + ./services/search/hound.nix ./services/search/kibana.nix ./services/search/solr.nix ./services/security/clamav.nix diff --git a/nixos/modules/services/search/hound.nix b/nixos/modules/services/search/hound.nix new file mode 100644 index 00000000000..4389f17668b --- /dev/null +++ b/nixos/modules/services/search/hound.nix @@ -0,0 +1,119 @@ +{ config, lib, pkgs, ... }: +with lib; +let + cfg = config.services.hound; +in { + options = { + services.hound = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable the hound code search daemon. + ''; + }; + + user = mkOption { + default = "hound"; + type = types.str; + description = '' + User the hound daemon should execute under. + ''; + }; + + group = mkOption { + default = "hound"; + type = types.str; + description = '' + Group the hound daemon should execute under. + ''; + }; + + extraGroups = mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "dialout" ]; + description = '' + List of extra groups that the "hound" user should be a part of. + ''; + }; + + home = mkOption { + default = "/var/lib/hound"; + type = types.path; + description = '' + The path to use as hound's $HOME. If the default user + "hound" is configured then this is the home of the "hound" + user. + ''; + }; + + package = mkOption { + default = pkgs.hound; + description = '' + Package for running hound. + ''; + }; + + config = mkOption { + type = types.str; + example = '' + { + "max-concurrent-indexers" : 2, + "dbpath" : "''${services.hound.home}/data", + "repos" : { + "nixpkgs": { + "url" : "https://www.github.com/NixOS/nixpkgs.git" + } + } + } + ''; + }; + + listen = mkOption { + type = types.str; + default = "0.0.0.0:6080"; + example = "127.0.0.1:6080 or just :6080"; + description = '' + Listen on this IP:port / :port + ''; + }; + }; + }; + + config = mkIf cfg.enable { + users.extraGroups = optional (cfg.group == "hound") { + name = "hound"; + gid = config.ids.gids.hound; + }; + + users.extraUsers = optional (cfg.user == "hound") { + name = "hound"; + description = "hound code search"; + createHome = true; + home = cfg.home; + group = cfg.group; + extraGroups = cfg.extraGroups; + uid = config.ids.uids.hound; + }; + + systemd.services.hound = { + description = "Hound Code Search"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + serviceConfig = { + User = cfg.user; + Group = cfg.group; + WorkingDirectory = cfg.home; + ExecStartPre = "${pkgs.git}/bin/git config --global --replace-all http.sslCAinfo /etc/ssl/certs/ca-certificates.crt"; + ExecStart = "${cfg.package}/bin/houndd" + + " -addr ${cfg.listen}" + + " -conf ${pkgs.writeText "hound.json" cfg.config}"; + + }; + path = [ pkgs.git ]; + }; + }; + +} diff --git a/nixos/release.nix b/nixos/release.nix index 10c624afebc..fbd3efd16ff 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -245,6 +245,7 @@ in rec { tests.gnome3-gdm = callTest tests/gnome3-gdm.nix {}; tests.grsecurity = callTest tests/grsecurity.nix {}; tests.hibernate = callTest tests/hibernate.nix {}; + tests.hound = callTest tests/hound.nix {}; tests.i3wm = callTest tests/i3wm.nix {}; tests.installer = callSubTests tests/installer.nix {}; tests.influxdb = callTest tests/influxdb.nix {}; diff --git a/nixos/tests/hound.nix b/nixos/tests/hound.nix new file mode 100644 index 00000000000..82fd44e8e36 --- /dev/null +++ b/nixos/tests/hound.nix @@ -0,0 +1,58 @@ +# Test whether `houndd` indexes nixpkgs +import ./make-test.nix ({ pkgs, ... } : { + name = "hound"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ grahamc ]; + }; + machine = { config, pkgs, ... }: { + services.hound = { + enable = true; + config = '' + { + "max-concurrent-indexers": 1, + "dbpath": "/var/lib/hound/data", + "repos": { + "nix": { + "url": "file:///var/lib/hound/my-git" + } + } + } + ''; + }; + + systemd.services.houndseed = { + description = "seed hound with a git repo"; + requiredBy = [ "hound.service" ]; + before = [ "hound.service" ]; + + serviceConfig = { + User = "hound"; + Group = "hound"; + WorkingDirectory = "/var/lib/hound"; + }; + path = [ pkgs.git ]; + script = '' + git config --global user.email "you@example.com" + git config --global user.name "Your Name" + git init my-git --bare + git init my-git-clone + cd my-git-clone + echo 'hi nix!' > hello + git add hello + git commit -m "hello there :)" + git remote add origin /var/lib/hound/my-git + git push origin master + ''; + }; + }; + + testScript = + '' startAll; + + $machine->waitForUnit("network.target"); + $machine->waitForUnit("hound.service"); + $machine->waitForOpenPort(6080); + $machine->succeed('curl http://127.0.0.1:6080/api/v1/search\?stats\=fosho\&repos\=\*\&rng=%3A20\&q\=hi\&files\=\&i=nope | grep "Filename" | grep "hello"'); + + ''; +})