mio-ops/roles/cardano-node.nix

59 lines
1.2 KiB
Nix
Raw Normal View History

2020-05-13 04:59:08 +00:00
# NixOps configuration for the hosts running a Cardano node
{ config, pkgs, lib, ... }:
let
2020-05-14 09:50:34 +00:00
2020-05-13 04:59:08 +00:00
sources = import ../nix/sources.nix;
2020-05-14 09:50:34 +00:00
cardanoNodeProject = import sources.cardano-node {};
2020-05-13 04:59:08 +00:00
in
{
imports = [
2020-05-26 12:13:24 +00:00
../secrets/cardano/producers.nix
2020-05-14 09:50:34 +00:00
"${sources.cardano-node}/nix/nixos"
];
environment.systemPackages = [
cardanoNodeProject.cardano-cli
2020-05-13 04:59:08 +00:00
];
services = {
cardano-node = {
enable = true;
2020-07-30 03:01:37 +00:00
environment = "mainnet";
2020-05-13 04:59:08 +00:00
hostAddr = "0.0.0.0";
2020-07-30 03:01:37 +00:00
nodeConfig = config.services.cardano-node.environments.mainnet.nodeConfig // {
2020-05-13 04:59:08 +00:00
hasPrometheus = [ "127.0.0.1" 12798 ];
setupScribes = [{
scKind = "JournalSK";
scName = "cardano";
scFormat = "ScText";
}];
defaultScribes = [
[
"JournalSK"
"cardano"
]
];
};
2020-05-14 08:17:45 +00:00
kesKey = "/run/keys/cardano-kes";
vrfKey = "/run/keys/cardano-vrf";
operationalCertificate = "/run/keys/cardano-opcert";
2020-05-13 04:59:08 +00:00
};
};
networking = {
firewall = {
allowedTCPPorts = [
3001 # cardano-node
];
};
};
2020-05-14 09:50:34 +00:00
users.groups.keys.members = [ "cardano-node" ]; # Required due to NixOps issue #1204
2020-05-13 04:59:08 +00:00
}