nixos/home/routing-common: Add initial VRRP

2023-11-25 17:18:34 +00:00 · 2023-11-25 17:18:34 +00:00 · 7404779c6d
commit 7404779c6d
parent 63f36fabbb
2 changed files with 42 additions and 0 deletions
--- a/nixos/boxes/home/routing-common/default.nix
+++ b/nixos/boxes/home/routing-common/default.nix
@ -64,6 +64,7 @@ in
      {
        imports = map (m: import m index) [
          ./mstpd.nix
+          ./keepalived.nix
          ./dns.nix
        ];

--- a/nixos/boxes/home/routing-common/keepalived.nix
+++ b/nixos/boxes/home/routing-common/keepalived.nix
@ -0,0 +1,41 @@
+index: { lib, pkgs, ... }:
+let
+  inherit (builtins) attrNames;
+  inherit (lib.my) net;
+  inherit (lib.my.c.home) prefixes vips;
+
+  vrrpIPs = family: map (vlan: {
+    addr = "${vips.${vlan}.${family}}/${toString (net.cidr.length prefixes.${vlan}.${family})}";
+    dev = "lan-${vlan}";
+  }) (attrNames vips);
+  mkVRRP = family: routerId: {
+    state = if index == 0 then "MASTER" else "BACKUP";
+    interface = "lan-core";
+    priority = 255 - index;
+    virtualRouterId = routerId;
+    virtualIps = vrrpIPs family;
+  };
+in
+{
+  services = {
+    keepalived = {
+      enable = true;
+      extraGlobalDefs = ''
+        vrrp_version 3
+        nftables keepalived
+      '';
+      vrrpInstances = {
+        v4 = mkVRRP "v4" 51;
+        v6 = mkVRRP "v6" 52;
+      };
+      extraConfig = ''
+        vrrp_sync_group main {
+          group {
+            v4
+            v6
+          }
+        }
+      '';
+    };
+  };
+}