2022-03-09 12:49:00 +00:00
|
|
|
---
|
2022-07-11 13:51:15 +00:00
|
|
|
swap_file_size_mb: 2048
|
|
|
|
|
|
|
|
# Nim-Waku
|
2022-03-09 12:49:00 +00:00
|
|
|
nim_waku_cont_tag: 'deploy-status-{{ stage }}'
|
|
|
|
nim_waku_cont_name: 'nim-waku'
|
2022-10-18 10:47:09 +00:00
|
|
|
nim_waku_log_level: 'debug'
|
2022-03-09 12:49:00 +00:00
|
|
|
nim_waku_dns4_domain_name: '{{ dns_entry }}'
|
|
|
|
# Protocols
|
|
|
|
nim_waku_protocols_enabled: ['relay', 'filter', 'lightpush', 'store']
|
2022-03-11 17:32:35 +00:00
|
|
|
# Node Key
|
|
|
|
nim_waku_node_key: '{{lookup("bitwarden", "fleets/status/"+stage+"/nodekeys", field=hostname)}}'
|
2022-03-09 12:49:00 +00:00
|
|
|
# Ports
|
|
|
|
nim_waku_p2p_tcp_port: 30303
|
|
|
|
nim_waku_p2p_udp_port: 30303
|
2022-08-22 14:11:52 +00:00
|
|
|
nim_waku_websock_port: 443
|
2022-03-09 12:49:00 +00:00
|
|
|
nim_waku_metrics_port: 8008
|
|
|
|
nim_waku_rpc_tcp_port: 8545
|
|
|
|
nim_waku_rpc_tcp_addr: 0.0.0.0
|
|
|
|
# Limits
|
|
|
|
nim_waku_p2p_max_connections: 150
|
2022-06-20 09:55:39 +00:00
|
|
|
# SQLite store
|
|
|
|
nim_waku_sqlite_store: true
|
2022-09-21 09:39:20 +00:00
|
|
|
nim_waku_sqlite_retention_time: '{{ (stage == "test") | ternary(1209600, 2592000) }}' # 14 or 30 days
|
2022-09-15 12:43:31 +00:00
|
|
|
# DNS Discovery
|
|
|
|
nim_waku_dns_disc_enabled: true
|
|
|
|
nim_waku_dns_disc_url: 'enrtree://AOGECG2SPND25EEFMAJ5WF3KSGJNSGV356DSTL2YVLLZWIV6SAYBM@{{ stage }}.nodes.status.im'
|
2022-03-18 11:15:34 +00:00
|
|
|
# Discovery V5
|
|
|
|
nim_waku_disc_v5_enabled: true
|
|
|
|
nim_waku_disc_v5_enr_auto_update: true
|
|
|
|
nim_waku_disc_v5_port: 9000
|
2022-08-22 14:11:52 +00:00
|
|
|
# Websockets
|
|
|
|
nim_waku_websocket_enabled: true
|
|
|
|
nim_waku_websocket_secure_enabled: true
|
|
|
|
nim_waku_websocket_domain: '{{ dns_entry }}'
|
|
|
|
nim_waku_websocket_ssl_dir: '/etc/letsencrypt'
|
|
|
|
nim_waku_websocket_ssl_cert: '/etc/letsencrypt/live/{{ nim_waku_websocket_domain }}/fullchain.pem'
|
|
|
|
nim_waku_websocket_ssl_key: '/etc/letsencrypt/live/{{ nim_waku_websocket_domain }}/privkey.pem'
|
2022-05-24 19:20:17 +00:00
|
|
|
# Consul Service
|
|
|
|
nim_waku_consul_success_before_passing: '{{ (stage == "prod") | ternary(2, 4) }}'
|
2022-10-18 10:47:09 +00:00
|
|
|
nim_waku_consul_failures_before_warning: '{{ (stage == "prod") | ternary(2, 4) }}'
|
|
|
|
nim_waku_consul_failures_before_critical: '{{ (stage == "prod") | ternary(4, 8) }}'
|
2022-03-10 16:26:44 +00:00
|
|
|
|
2022-06-22 11:22:10 +00:00
|
|
|
# Peer connecting
|
|
|
|
waku_peers_rpc_port: '{{ nim_waku_rpc_tcp_port }}'
|
2022-06-23 12:31:12 +00:00
|
|
|
waku_peers_rpc_timeout: 20
|
|
|
|
waku_peers_rpc_retries: 5
|
2022-07-26 19:21:28 +00:00
|
|
|
waku_peers_consul_services:
|
|
|
|
- { name: '{{ nim_waku_cont_name }}', env: '{{ env }}', stage: '{{ stage }}' }
|
2022-08-30 18:28:38 +00:00
|
|
|
# Temporarily disabled bridge. https://github.com/status-im/infra-status/issues/14
|
|
|
|
#- { name: 'nim-waku-bridge', env: '{{ env }}', stage: '{{ stage }}' }
|
2022-06-22 11:22:10 +00:00
|
|
|
|
2022-08-22 14:11:52 +00:00
|
|
|
# LetsEncrypt via Certbot
|
|
|
|
certbot_docker_enabled: true
|
|
|
|
certbot_admin_email: 'devops@status.im'
|
2022-08-29 15:37:19 +00:00
|
|
|
certbot_containers_to_stop: ['{{ nim_waku_cont_name }}']
|
2022-08-22 14:11:52 +00:00
|
|
|
certbot_certs:
|
|
|
|
- domains: [ '{{ nim_waku_websocket_domain }}' ]
|
|
|
|
|
2022-03-09 12:49:00 +00:00
|
|
|
# Open LibP2P Ports
|
|
|
|
open_ports_default_comment: '{{ nim_waku_cont_name }}'
|
|
|
|
open_ports_default_protocol: 'tcp'
|
|
|
|
open_ports_default_chain: 'SERVICES'
|
|
|
|
open_ports_list:
|
2022-08-22 14:11:52 +00:00
|
|
|
- { port: '80', comment: 'Certbot verification' }
|
2022-03-09 12:49:00 +00:00
|
|
|
- { port: '{{ nim_waku_p2p_tcp_port }}' }
|
|
|
|
- { port: '{{ nim_waku_p2p_udp_port }}', protocol: 'udp' }
|
2022-03-18 11:15:34 +00:00
|
|
|
- { port: '{{ nim_waku_disc_v5_port }}', protocol: 'udp' }
|
2022-08-22 14:11:52 +00:00
|
|
|
- { port: '{{ nim_waku_websock_port }}' }
|
2022-03-09 12:49:00 +00:00
|
|
|
- { port: '{{ nim_waku_metrics_port }}', chain: 'VPN', ipset: 'metrics.hq' }
|
|
|
|
- { port: '{{ nim_waku_rpc_tcp_port }}', chain: 'VPN', ipset: '{{ env }}.{{ stage }}' }
|