diff --git a/modules/misc/ids.nix b/modules/misc/ids.nix
index be979444d56e..ccfba68c4d72 100644
--- a/modules/misc/ids.nix
+++ b/modules/misc/ids.nix
@@ -61,6 +61,8 @@ in
     ghostOne = 40;
     git = 41;
     fourStore = 42;
+    fourStoreEndpoint = 43;
+
     # When adding a uid, make sure it doesn't match an existing gid.
 
     nixbld = 30000; # start of range of uids
@@ -104,6 +106,8 @@ in
     ghostOne = 40;
     git = 41;
     fourStore = 42;
+    fourStoreEndpoint = 43;
+
     # When adding a gid, make sure it doesn't match an existing uid.
 
     users = 100;
diff --git a/modules/module-list.nix b/modules/module-list.nix
index 7fe508554b82..69f6133a7ed5 100644
--- a/modules/module-list.nix
+++ b/modules/module-list.nix
@@ -52,6 +52,7 @@
   ./services/backup/postgresql-backup.nix
   ./services/backup/sitecopy-backup.nix
   ./services/databases/4store.nix
+  ./services/databases/4store-endpoint.nix
   ./services/databases/mysql.nix
   ./services/databases/postgresql.nix
   ./services/databases/openldap.nix
diff --git a/modules/services/databases/4store-endpoint.nix b/modules/services/databases/4store-endpoint.nix
new file mode 100644
index 000000000000..ac38a9b7d549
--- /dev/null
+++ b/modules/services/databases/4store-endpoint.nix
@@ -0,0 +1,72 @@
+{ config, pkgs, ... }:
+let
+  cfg = config.services.fourStoreEndpoint;
+  endpointUser = "fourstorehttp";
+  run = "${pkgs.su}/bin/su -s ${pkgs.stdenv.shell} ${endpointUser} -c";
+in
+with pkgs.lib;
+{
+
+  ###### interface
+
+  options = {
+  
+    services.fourStoreEndpoint = {
+    
+      enable = mkOption {
+        default = false;
+        description = "Whether to enable 4Store SPARQL endpoint.";
+      };
+
+      database = mkOption {
+        default = config.services.fourStore.database;
+        description = "RDF database name to expose via the endpoint. Defaults to local 4Store database name.";
+      };
+
+      listenAddress = mkOption {
+	default = null;
+        description = "IP address to listen on.";
+      };
+
+      port = mkOption {
+	default = 8080;
+        description = "port to listen on.";
+      };
+
+      options = mkOption {
+        default = "";
+        description = "Extra CLI options to pass to 4Store's 4s-httpd process.";
+      };
+
+    };
+
+  };
+
+
+  ###### implementation
+
+  config = mkIf cfg.enable (
+    mkAssert (cfg.enable -> cfg.database != "")
+      "Must specify database name" {
+
+    users.extraUsers = singleton
+      { name = endpointUser;
+        uid = config.ids.uids.fourStoreEndpoint;
+        description = "4Store SPARQL endpoint user";
+#        home = stateDir;
+      };
+
+    services.avahi.enable = true;
+
+    jobs.fourStoreEndpoint = {
+      name = "4store-endpoint";
+      startOn = "filesystem";
+
+      exec = ''
+	${run} '${pkgs.rdf4store}/bin/4s-httpd -D ${cfg.options} ${if cfg.listenAddress!=null then "-H ${cfg.listenAddress}" else "" } -p ${toString cfg.port} ${cfg.database}'
+      '';
+    };
+
+  });
+  
+}