# Autogenerated by VyOS
# Do not edit this file, all your changes will be lost
# on next commit or reboot

global_defs {
    dynamic_interfaces
    script_user root
    notify_fifo /run/keepalived/keepalived_notify_fifo
    notify_fifo_script /usr/libexec/vyos/system/keepalived-fifo.py
}

{% if vrrp is defined and vrrp.group is defined and vrrp.group is not none %}
{%   for name, group_config in vrrp.group.items() if group_config.disable is not defined %}
{%     if group_config.health_check is defined and group_config.health_check.script is defined and group_config.health_check.script is not none %}
vrrp_script healthcheck_{{ name }} {
    script "{{ group_config.health_check.script }}"
    interval {{ group_config.health_check.interval }}
    fall {{ group_config.health_check.failure_count }}
    rise 1
}
{%     endif %}
vrrp_instance {{ name }} {
{%     if group_config.description is defined and group_config.description is not none %}
    # {{ group_config.description }}
{%     endif %}
    state BACKUP
    interface {{ group_config.interface }}
    virtual_router_id {{ group_config.vrid }}
    priority {{ group_config.priority }}
    advert_int {{ group_config.advertise_interval }}
{%     if group_config.track is defined and group_config.track.exclude_vrrp_interface is defined %}
    dont_track_primary
{%     endif %}
{%     if group_config.no_preempt is not defined and group_config.preempt_delay is defined and group_config.preempt_delay is not none %}
    preempt_delay {{ group_config.preempt_delay }}
{%     elif group_config.no_preempt is defined %}
    nopreempt
{%     endif %}
{%     if group_config.peer_address is defined and group_config.peer_address is not none %}
    unicast_peer { {{ group_config.peer_address }} }
{%     endif %}
{%     if group_config.hello_source_address is defined and group_config.hello_source_address is not none %}
{%       if group_config.peer_address is defined and group_config.peer_address is not none %}
    unicast_src_ip {{ group_config.hello_source_address }}
{%       else %}
    mcast_src_ip {{ group_config.hello_source_address }}
{%       endif %}
{%     endif %}
{%     if group_config.rfc3768_compatibility is defined and group_config.peer_address is defined %}
    use_vmac {{ group_config.interface }}v{{ group_config.vrid }}
    vmac_xmit_base
{%     elif group_config.rfc3768_compatibility is defined %}
    use_vmac {{ group_config.interface }}v{{ group_config.vrid }}
{%     endif %}
{%     if group_config.authentication is defined and group_config.authentication is not none %}
    authentication {
        auth_pass "{{ group_config.authentication.password }}"
{%       if group_config.authentication.type == 'plaintext-password' %}
        auth_type PASS
{%       else %}
        auth_type {{ group_config.authentication.type | upper }}
{%       endif %}
    }
{%     endif %}
{%     if group_config.address is defined and group_config.address is not none %}
    virtual_ipaddress {
{%       for addr, addr_config in group_config.address.items() %}
        {{ addr }}{{ ' dev ' + addr_config.interface if addr_config.interface is defined }}
{%       endfor %}
    }
{%     endif %}
{%     if group_config.excluded_address is defined and group_config.excluded_address is not none %}
    virtual_ipaddress_excluded {
{%       for addr in group_config.excluded_address %}
        {{ addr }}
{%       endfor %}
    }
{%     endif %}
{%     if group_config.track is defined and group_config.track.interface is defined and group_config.track.interface is not none %}
    track_interface {
{%       for interface in group_config.track.interface %}
        {{ interface }}
{%       endfor %}
    }
{%     endif %}
{%     if group_config.health_check is defined and group_config.health_check.script is defined and group_config.health_check.script is not none %}
    track_script {
        healthcheck_{{ name }}
    }
{%     endif %}
}
{%   endfor %}
{% endif %}

{% if vrrp is defined and vrrp.sync_group is defined and vrrp.sync_group is not none %}
{%   for name, sync_group_config in vrrp.sync_group.items() if sync_group_config.disable is not defined %}
vrrp_sync_group {{ name }} {
    group {
{%     if sync_group_config.member is defined and sync_group_config.member is not none %}
{%       for member in sync_group_config.member %}
        {{ member }}
{%       endfor %}
{%     endif %}
    }

{# Health-check scripts should be in section sync-group if member is part of the sync-group T4081 #}
{%     if vrrp is defined and vrrp.group is defined and vrrp.group is not none %}
{%       for name, group_config in vrrp.group.items() if group_config.disable is not defined %}
{%         if group_config.health_check is defined and group_config.health_check.script is defined and group_config.health_check.script is not none and name in sync_group_config.member %}
    track_script {
        healthcheck_{{ name }}
    }
{%         endif %}
{%       endfor %}
{%     endif %}
{%     if conntrack_sync_group is defined and conntrack_sync_group == name %}
{%     set vyos_helper = "/usr/libexec/vyos/vyos-vrrp-conntracksync.sh" %}
    notify_master "{{ vyos_helper }} master {{ name }}"
    notify_backup "{{ vyos_helper }} backup {{ name }}"
    notify_fault "{{ vyos_helper }} fault {{ name }}"
{%     endif %}
}
{%   endfor %}
{% endif %}

{% if virtual_server is defined and virtual_server is not none %}
# Virtual-server configuration
{%   for vserver, vserver_config in virtual_server.items() %}
virtual_server {{ vserver }} {{ vserver_config.port }} {
    delay_loop {{ vserver_config.delay_loop }}
{%     if vserver_config.algorithm == 'round-robin' %}
    lb_algo rr
{%     elif vserver_config.algorithm == 'weighted-round-robin' %}
    lb_algo wrr
{%     elif vserver_config.algorithm == 'least-connection' %}
    lb_algo lc
{%     elif vserver_config.algorithm == 'weighted-least-connection' %}
    lb_algo wlc
{%     elif vserver_config.algorithm == 'source-hashing' %}
    lb_algo sh
{%     elif vserver_config.algorithm == 'destination-hashing' %}
    lb_algo dh
{%     elif vserver_config.algorithm == 'locality-based-least-connection' %}
    lb_algo lblc
{%     endif %}
{%     if vserver_config.forward_method == "nat" %}
    lb_kind NAT
{%     elif vserver_config.forward_method == "direct" %}
    lb_kind DR
{%     elif vserver_config.forward_method == "tunnel" %}
    lb_kind TUN
{%     endif %}
    persistence_timeout {{ vserver_config.persistence_timeout }}
    protocol {{ vserver_config.protocol | upper }}
{%     if vserver_config.real_server is defined and vserver_config.real_server is not none %}
{%       for rserver, rserver_config in vserver_config.real_server.items() %}
    real_server {{ rserver }} {{ rserver_config.port }} {
        weight 1
        {{ vserver_config.protocol | upper }}_CHECK {
{%         if rserver_config.connection_timeout is defined and rserver_config.connection_timeout is not none %}
            connect_timeout {{ rserver_config.connection_timeout }}
{%         endif %}
        }
    }
{%        endfor %}
{%      endif %}
}
{%   endfor %}
{% endif %}