rippled.cfg

############################## README ############################## 
# This sample rippled configuration file is provided as is, without any
# warranties or guarantees.
#
# The purpose of the file is to document the configuration settings that I most commonly use to tune
# my rippled servers.

# The default file location for this configuration file is: /etc/opt/ripple/rippled.cfg (note, this location
# is symlinked to /opt/ripple/etc/rippled.cfg).

# Additional (official) documentation available at xrpl.org
# A fully documented version of this file is available here: https://github.com/xrplf/rippled/blob/develop/cfg/rippled-example.cfg

# My guide for installing & configuring rippled nodes: https://rabbitkick.club
# Get in touch with me via Twitter: @xrpl_rabbit

# Ensure the permissions on this file are set: 'chown rippled:rippled /etc/opt/ripple/rippled.cfg && chmod 400 /etc/opt/ripple/rippled'
# 	This is particularly important if you are operating a validator, as you don't want other users to be able to see/access the validation key,
# 	which could be used to impersonate you.

# Comments about a specific line (e.g., 'port = 443') are placed above the line to which they refer.
# Comments referring to an entire configuration section (e.g., '[ips_fixed]') are placed at the end of the section.


############################## CONFIGURATION ############################## 

# The [server] section controls what listening ports and protocols rippled uses
[server]
port_rpc_admin_local

# Comment the 'port_wss_admin' section if you don't want to allow websocket connections
port_wss_admin 
port_peer

# Path to key for encrypted connections
ssl_key = /etc/ssl/rippled/rippled.key 

# Path to cert
ssl_cert = /etc/ssl/rippled/rippled.crt 

# You can use this command to generate a self-signed key/cert pair:
# openssl req -x509 -sha256 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/ssl/rippled/rippled.key -out /etc/ssl/rippled/rippled.crt
# Keep your key private: 'chown -R rippled:rippled /etc/ssl/rippled && chmod -R 500 /etc/ssl/ripple'
# On RHEL/CentOS you might have to run 'restorecon -FvR /etc/ssl/rippled' to change the selinux user to 'system_u'


[port_rpc_admin_local]
port = 5005
ip = 127.0.0.1
admin = 127.0.0.1
protocol = http

[port_wss_admin]
# rippled listens for websocket connections on this port.
port = 443 

# Local IP address rippled listens on. Use '0.0.0.0' or '::' to listen on all IPv4 or IPv6 addresses
ip = 0.0.0.0 

# Remote IPv4/6 address that are allowed to run administrative commands
admin = 10.00.00.00, 10.00.00.01 

# Change to "ws" if not using SSL
protocol = wss 

[port_peer] 
ip = 0.0.0.0
port = 51235
protocol = peer
# Comment/disable this section (and 'port_peer' under [server]) on validating nodes, as they do not need to serve peers
# Disabling this section will not interfere with your node's ability to connect out
# to other nodes - it only disables listening for incoming peer connections

# Add additional listeners by adding a variable
# name under "[server]" and then defining a new [variable_name] section

#----------------------------------
# Tell rippled where it can find the rest of the network
[ips]
zaphod.alloy.ee 51235
r.ripple.com 51235
# Validators/nodes with peer_private enabled should have the IP addresses of nodes they are clustered
# with under "[ips]", as their connections should be restricted to cluster mates.
# In other words, do not use r.ripple.com or zaphod.alloy.ee for sensitive (validator) connections.


# The following three sections are only used when clustering w/ other rippled nodes
[ips_fixed] 
10.00.0.1 51235
10.00.0.2 51235
# Put the IP addresses of other nodes in the cluster here

[node_seed] 
sxxxxxxxxxxxxxxxxxxxxxx
# Used to identify this node to others in the cluster
# Paste private key from '/opt/ripple/bin/rippled validation_create' here
# Do not put seeds generated by other nodes in this section.

[cluster_nodes]
n9xxxxxxxxxxxxxxxxxxxxxxx0
n9xxxxxxxxxxxxxxxxxxxxxxx1
# These keys also come from the "validation_create" command run on other nodes
# Do not put keys generated by this node in this section.

[peer_private]
0
# Set to '1' to prevent other nodes from forwarding this node's IP address to the rest of the network
# Validating nodes should always have this set to '1'. Most other nodes will use '0'.
# If you change this to '1', you must have at least one address under "[ips_fixed]".

[peers_max]
15
# Max peers (not counting cluster or ips_fixed peers)
# Too many peers can be problematic, and validators should only connect to known peers
# Too few peers (<4-5) can also cause problems

[sntp_servers]
time.nist.gov
pool.ntp.org
time.windows.com
time.apple.com

[relay_proposals]
trusted
# Relay proposals from servers that are not in this servers' dUNL
# Can be set to 'trusted' or 'all'

[relay_validations]
trusted
# Relay validations from servers that are not in this servers' dUNL
# Can be set to 'trusted' or 'all'

[node_size]
medium
# Change to "medium", "large", or "huge" if you have extra memory

[ledger_history]
33000 
# How many past ledgers will be stored. This must be <= to online_delete
# Lower values are ideal for validating nodes
# Full history nodes can use 'full'
  
[fetch_depth] 
1000 		  
# Number of past ledgers the node will serve to others
# This should be at least 256. Lower is probably better for validators

[validators_file]
/etc/opt/ripple/validators.txt 
# Edit this file to change your node's UNL
#
[path_search]
4
# The default path_search aggressiveness
# rippled defaults to 7. Exponential resources could be used if this is increased
# To avoid running out of resources on critical nodes, this should be low (~2)

[path_search_fast]
1
# Minimum path_search aggressiveness
# rippled defaults to 2

[path_search_max]
10
# Maximum path_search aggressiveness
# rippled defaults to 10. Set to 0 to disable and save resources

[path_search_old]
5
# Search aggressiveness for clients using legacy path finding interfaces
# rippled defaults to 7

[network_id]
main
# Edit this if you want to use a test or alternate network. Acceptable values are
# integers, 'main', 'testnet', or 'devnet'

[node_db]
type=nudb
path=/var/lib/rippled/db/nudb

# Auto delete ledgers older than this, to avoid running out of disk space
# Set to 'full' for full history nodes
online_delete=33000

# "0" = automatic delete; "1" = only delete with permission
# If "advisory_delete" is set to "1", run "can_delete" to purge old ledgers
advisory_delete=0 

# Faster startup times at the expense of high IOPS during startup
# This setting should be disabled on nodes using pathfinding, per:
# https://github.com/XRPLF/rippled/issues/4224
fast_load=0

[database_path]
/var/lib/rippled/db

[shard_db]
type=nudb

# Shard database location
path=/var/lib/rippled/db/shard 

# Max disk space to allocate to shards
max_size_gb=10 

# If you have extra storage space, use this section to enable history sharding.
# Info on sharding here: https://xrpl.org/history-sharding.html
# To conserve resources, comment/disable sharding on validators.
# Set 'ledger_history' and 'online_delete' to 32768 or higher to maximize
# efficiency if ledgers stored via ledger history are chosen for a shard.

[debug_logfile]
/var/log/rippled/debug.log

[rpc_startup]
{ "command": "log_level", "severity": "error" }

#Uncomment the following section to enable voting (on validators). Adjust values (in drops) as desired.
#[voting]
#reference_fee = 10
#account_reserve = 10000000
#owner_reserve = 2500000