diff --git a/roles/cardano-node.nix b/roles/cardano-node.nix new file mode 100644 index 0000000..196b7af --- /dev/null +++ b/roles/cardano-node.nix @@ -0,0 +1,58 @@ +# NixOps configuration for the hosts running a Cardano node + +{ config, pkgs, lib, ... }: + +let + sources = import ../nix/sources.nix; +in + +{ + + imports = [ + #../secrets/cardano-node.nix + (sources.cardano-node) + ]; + + services = { + cardano-node = { + enable = true; + environment = "ff"; + hostAddr = "0.0.0.0"; + topology = builtins.toFile "topology.json" (builtins.toJSON { + Producers = [ + { + addr = "172.105.184.221"; + port = 3001; + valency = 1; + } + ]; + }); + nodeConfig = config.services.cardano-node.environments.alpha1.nodeConfig // { + hasPrometheus = [ "127.0.0.1" 12798 ]; + setupScribes = [{ + scKind = "JournalSK"; + scName = "cardano"; + scFormat = "ScText"; + }]; + defaultScribes = [ + [ + "JournalSK" + "cardano" + ] + ]; + }; + kesKey = "/var/lib/keys/cardano-kes"; + vrfKey = "/var/lib/keys/cardano-vrf"; + operationalCertificate = "/var/lib/keys/cardano-opcert"; + }; + }; + + networking = { + firewall = { + allowedTCPPorts = [ + 3001 # cardano-node + ]; + }; + }; + +}