mio-ops/roles/cardano-node.nix

# NixOps configuration for the hosts running a Cardano node

{ config, pkgs, lib, ... }:

let

  sources = import ../nix/sources.nix;
  cardanoNodeProject = import sources.cardano-node {};

in

{

  imports = [
    ../secrets/cardano.nix
    "${sources.cardano-node}/nix/nixos"
  ];

  environment.systemPackages = [
    cardanoNodeProject.cardano-cli
  ];

  services = {
    cardano-node = {
      enable = true;
      environment = "ff";
      hostAddr = "0.0.0.0";
      topology =  builtins.toFile "topology.json" (builtins.toJSON {
        Producers = [
          {
            addr = "172.105.184.221";
            port = 3001;
            valency = 1;
          }
        ];
      });
      nodeConfig = config.services.cardano-node.environments.alpha1.nodeConfig // {
        hasPrometheus = [ "127.0.0.1" 12798 ];
        setupScribes = [{
          scKind = "JournalSK";
          scName = "cardano";
          scFormat = "ScText";
        }];
        defaultScribes = [
          [
            "JournalSK"
            "cardano"
          ]
        ];
      };
      kesKey = "/run/keys/cardano-kes";
      vrfKey = "/run/keys/cardano-vrf";
      operationalCertificate = "/run/keys/cardano-opcert";
    };
  };

  networking = {
    firewall = {
      allowedTCPPorts = [
        3001   # cardano-node
      ];
    };
  };

  users.groups.keys.members = [ "cardano-node" ];   # Required due to NixOps issue #1204

}
Initial commit 2020-05-13 04:59:08 +00:00			`# NixOps configuration for the hosts running a Cardano node`

			`{ config, pkgs, lib, ... }:`

			`let`
Added group membership 2020-05-14 09:50:34 +00:00
Initial commit 2020-05-13 04:59:08 +00:00			`sources = import ../nix/sources.nix;`
Added group membership 2020-05-14 09:50:34 +00:00			`cardanoNodeProject = import sources.cardano-node {};`

Initial commit 2020-05-13 04:59:08 +00:00			`in`

			`{`

			`imports = [`
Corrected key path and added secrets 2020-05-14 08:17:45 +00:00			`../secrets/cardano.nix`
Added group membership 2020-05-14 09:50:34 +00:00			`"${sources.cardano-node}/nix/nixos"`
			`];`

			`environment.systemPackages = [`
			`cardanoNodeProject.cardano-cli`
Initial commit 2020-05-13 04:59:08 +00:00			`];`

			`services = {`
			`cardano-node = {`
			`enable = true;`
			`environment = "ff";`
			`hostAddr = "0.0.0.0";`
			`topology = builtins.toFile "topology.json" (builtins.toJSON {`
			`Producers = [`
			`{`
			`addr = "172.105.184.221";`
			`port = 3001;`
			`valency = 1;`
			`}`
			`];`
			`});`
			`nodeConfig = config.services.cardano-node.environments.alpha1.nodeConfig // {`
			`hasPrometheus = [ "127.0.0.1" 12798 ];`
			`setupScribes = [{`
			`scKind = "JournalSK";`
			`scName = "cardano";`
			`scFormat = "ScText";`
			`}];`
			`defaultScribes = [`
			`[`
			`"JournalSK"`
			`"cardano"`
			`]`
			`];`
			`};`
Corrected key path and added secrets 2020-05-14 08:17:45 +00:00			`kesKey = "/run/keys/cardano-kes";`
			`vrfKey = "/run/keys/cardano-vrf";`
			`operationalCertificate = "/run/keys/cardano-opcert";`
Initial commit 2020-05-13 04:59:08 +00:00			`};`
			`};`

			`networking = {`
			`firewall = {`
			`allowedTCPPorts = [`
			`3001 # cardano-node`
			`];`
			`};`
			`};`

Added group membership 2020-05-14 09:50:34 +00:00			`users.groups.keys.members = [ "cardano-node" ]; # Required due to NixOps issue #1204`

Initial commit 2020-05-13 04:59:08 +00:00			`}`