infra-waku-connect/ansible/group_vars/nim-waku-connect.yml

---
nim_waku_cont_tag: 'deploy-waku-connect'
nim_waku_cont_name: 'nim-waku'
# Protocols
nim_waku_protocols_enabled: ['relay', 'filter', 'lightpush']
nim_waku_dns4_domain_name: '{{ dns_entry }}'

# Ports
nim_waku_p2p_tcp_port: 30303
nim_waku_p2p_udp_port: 30303
nim_waku_metrics_port: 8008
nim_waku_websock_port: 443
nim_waku_rpc_tcp_port: 8545
nim_waku_rpc_tcp_addr: 0.0.0.0

# Limits
nim_waku_p2p_max_connections: 150
nim_waku_store_capacity: 10000

# Enable websockets in Waku
nim_waku_websocket_enabled: true
nim_waku_websocket_secure_enabled: true
nim_waku_websocket_domain: '{{ dns_entry }}'
nim_waku_websocket_ssl_dir: '/etc/letsencrypt'
nim_waku_websocket_ssl_cert: '/etc/letsencrypt/live/{{ nim_waku_websocket_domain }}/fullchain.pem'
nim_waku_websocket_ssl_key: '/etc/letsencrypt/live/{{ nim_waku_websocket_domain }}/privkey.pem'

# Peer connecting
waku_peers_rpc_port: '{{ nim_waku_rpc_tcp_port }}'
waku_peers_rpc_timeout: 20
waku_peers_rpc_retries: 5
waku_peers_consul_services:
  - { name: '{{ nim_waku_cont_name }}', env: '{{ env }}', stage: '{{ stage }}' }
  - { name: 'go-waku',                  env: '{{ env }}', stage: '{{ stage }}' }

# LetsEncrypt via Certbot
certbot_admin_email: 'devops@status.im'
certbot_docker_enabled: true
certbot_containers_to_stop: ['nim-waku']
certbot_certs:
  - domains: [ '{{ nim_waku_websocket_domain }}' ]

# Open LibP2P Ports
open_ports_default_comment: '{{ nim_waku_cont_name }}'
open_ports_default_protocol: 'tcp'
open_ports_default_chain: 'SERVICES'
open_ports_list:
  - { port: '80', comment: 'Certbot' }
  - { port: '{{ nim_waku_p2p_tcp_port }}' }
  - { port: '{{ nim_waku_p2p_udp_port }}', protocol: 'udp' }
  - { port: '{{ nim_waku_websock_port }}' }
  - { port: '{{ nim_waku_metrics_port }}', chain: 'VPN', ipset: 'metrics.hq' }
  - { port: '{{ nim_waku_rpc_tcp_port }}', chain: 'VPN', ipset: '{{ env }}.{{ stage }}' }