# Autogenerated by VyOS
# Do not edit this file, all your changes will be lost
# on next commit or reboot

# Global definitions configuration block
global_defs {
    dynamic_interfaces
    script_user root
{% if vrrp.global_parameters.startup_delay is vyos_defined %}
    vrrp_startup_delay {{ vrrp.global_parameters.startup_delay }}
{% endif %}
{% if vrrp.global_parameters.garp is vyos_defined %}
{%     if vrrp.global_parameters.garp.interval is vyos_defined %}
    vrrp_garp_interval {{ vrrp.global_parameters.garp.interval }}
{%     endif %}
{%     if vrrp.global_parameters.garp.master_delay is vyos_defined %}
    vrrp_garp_master_delay {{ vrrp.global_parameters.garp.master_delay }}
{%     endif %}
{%     if vrrp.global_parameters.garp.master_refresh is vyos_defined %}
    vrrp_garp_master_refresh {{ vrrp.global_parameters.garp.master_refresh }}
{%     endif %}
{%     if vrrp.global_parameters.garp.master_refresh_repeat is vyos_defined %}
    vrrp_garp_master_refresh_repeat {{ vrrp.global_parameters.garp.master_refresh_repeat }}
{%     endif %}
{%     if vrrp.global_parameters.garp.master_repeat is vyos_defined %}
    vrrp_garp_master_repeat {{ vrrp.global_parameters.garp.master_repeat }}
{%     endif %}
{% endif %}
{% if vrrp.global_parameters.version is vyos_defined %}
    vrrp_version {{ vrrp.global_parameters.version }}
{% endif %}
    notify_fifo /run/keepalived/keepalived_notify_fifo
    notify_fifo_script /usr/libexec/vyos/system/keepalived-fifo.py
}

{# Sync group has own health-check scripts T6020 #}
{% if vrrp.sync_group is vyos_defined %}
{%     for name, sync_group_config in vrrp.sync_group.items() if sync_group_config.disable is not vyos_defined %}
{%         if sync_group_config.health_check is vyos_defined %}
vrrp_script healthcheck_sg_{{ name }} {
{%             if sync_group_config.health_check.script is vyos_defined %}
    script "{{ sync_group_config.health_check.script }}"
{%             elif sync_group_config.health_check.ping is vyos_defined %}
    script "/usr/bin/ping -c1 {{ sync_group_config.health_check.ping }}"
{%             endif %}
    interval {{ sync_group_config.health_check.interval }}
    fall {{ sync_group_config.health_check.failure_count }}
    rise 1
}
{%         endif %}
{%     endfor %}
{% endif %}

{% if vrrp.group is vyos_defined %}
{%     for name, group_config in vrrp.group.items() if group_config.disable is not vyos_defined %}
{%         if group_config.health_check is vyos_defined %}
vrrp_script healthcheck_{{ name }} {
{%             if group_config.health_check.script is vyos_defined %}
    script "{{ group_config.health_check.script }}"
{%             elif group_config.health_check.ping is vyos_defined %}
    script "/usr/bin/ping -c1 {{ group_config.health_check.ping }}"
{%             endif %}
    interval {{ group_config.health_check.interval }}
    fall {{ group_config.health_check.failure_count }}
    rise 1
}
{%         endif %}
vrrp_instance {{ name }} {
{%         if group_config.description is vyos_defined %}
    # {{ group_config.description }}
{%         endif %}
    state BACKUP
    interface {{ group_config.interface }}
    virtual_router_id {{ group_config.vrid }}
    priority {{ group_config.priority }}
    advert_int {{ group_config.advertise_interval }}
{%         if group_config.garp is vyos_defined %}
{%             if group_config.garp.interval is vyos_defined %}
    garp_interval {{ group_config.garp.interval }}
{%             endif %}
{%             if group_config.garp.master_delay is vyos_defined %}
    garp_master_delay {{ group_config.garp.master_delay }}
{%             endif %}
{%             if group_config.garp.master_repeat is vyos_defined %}
    garp_master_repeat {{ group_config.garp.master_repeat }}
{%             endif %}
{%             if group_config.garp.master_refresh is vyos_defined %}
    garp_master_refresh {{ group_config.garp.master_refresh }}
{%             endif %}
{%             if group_config.garp.master_refresh_repeat is vyos_defined %}
    garp_master_refresh_repeat {{ group_config.garp.master_refresh_repeat }}
{%             endif %}
{%         endif %}
{%         if group_config.track.exclude_vrrp_interface is vyos_defined %}
    dont_track_primary
{%         endif %}
{%         if group_config.no_preempt is not vyos_defined and group_config.preempt_delay is vyos_defined %}
    preempt_delay {{ group_config.preempt_delay }}
{%         elif group_config.no_preempt is vyos_defined %}
    nopreempt
{%         endif %}
{%         if group_config.peer_address is vyos_defined %}
    unicast_peer {
{%             for peer_address in group_config.peer_address %}
        {{ peer_address }}
{%             endfor %}
    }
{%         endif %}
{%         if group_config.hello_source_address is vyos_defined %}
{%             if group_config.peer_address is vyos_defined %}
    unicast_src_ip {{ group_config.hello_source_address }}
{%             else %}
    mcast_src_ip {{ group_config.hello_source_address }}
{%             endif %}
{%         endif %}
{%         if group_config.rfc3768_compatibility is vyos_defined and group_config.peer_address is vyos_defined %}
    use_vmac {{ group_config.interface }}v{{ group_config.vrid }}v{{ '4' if group_config['address'] | first | is_ipv4 else '6' }}
    vmac_xmit_base
{%         elif group_config.rfc3768_compatibility is vyos_defined %}
    use_vmac {{ group_config.interface }}v{{ group_config.vrid }}v{{ '4' if group_config['address'] | first | is_ipv4 else '6' }}
{%         endif %}
{%         if group_config.authentication is vyos_defined %}
    authentication {
        auth_pass "{{ group_config.authentication.password }}"
{%             if group_config.authentication.type is vyos_defined('plaintext-password') %}
        auth_type PASS
{%             else %}
        auth_type {{ group_config.authentication.type | upper }}
{%             endif %}
    }
{%         endif %}
{%         if group_config.address is vyos_defined %}
    virtual_ipaddress {
{%             for addr, addr_config in group_config.address.items() %}
        {{ addr }}{{ ' dev ' + addr_config.interface if addr_config.interface is vyos_defined }}
{%             endfor %}
    }
{%         endif %}
{%         if group_config.excluded_address is vyos_defined %}
    virtual_ipaddress_excluded {
{%             for addr, addr_config in group_config.excluded_address.items() %}
        {{ addr }}{{ ' dev ' + addr_config.interface if addr_config.interface is vyos_defined }}
{%             endfor %}
    }
{%         endif %}
{%         if group_config.track.interface is vyos_defined %}
    track_interface {
{%             for interface in group_config.track.interface %}
        {{ interface }}
{%             endfor %}
    }
{%         endif %}
{# Sync group member can't use own health check script #}
{%         if group_config.health_check is vyos_defined and group_config._is_sync_group_member is not vyos_defined %}
    track_script {
        healthcheck_{{ name }}
    }
{%         endif %}
}
{%     endfor %}
{% endif %}

{% if vrrp.sync_group is vyos_defined %}
{%     for name, sync_group_config in vrrp.sync_group.items() if sync_group_config.disable is not vyos_defined %}
vrrp_sync_group {{ name }} {
    group {
{%         if sync_group_config.member is vyos_defined %}
{%             for member in sync_group_config.member %}
        {{ member }}
{%             endfor %}
{%         endif %}
    }

{%         if sync_group_config.health_check is vyos_defined %}
    track_script {
        healthcheck_sg_{{ name }}
    }
{%         endif %}

{%         if conntrack_sync_group is vyos_defined(name) %}
{%             set vyos_helper = "/usr/libexec/vyos/vyos-vrrp-conntracksync.sh" %}
    notify_master "{{ vyos_helper }} master {{ name }}"
    notify_backup "{{ vyos_helper }} backup {{ name }}"
    notify_fault "{{ vyos_helper }} fault {{ name }}"
{%         endif %}
}
{%     endfor %}
{% endif %}

{% if virtual_server is vyos_defined %}
# Virtual-server configuration
{%     for vserver, vserver_config in virtual_server.items() %}
# Vserver {{ vserver }}
{%         if vserver_config.port is vyos_defined %}
virtual_server {{ vserver_config.address }} {{ vserver_config.port }} {
{%         else %}
virtual_server fwmark {{ vserver_config.fwmark }} {
{%         endif %}
    delay_loop {{ vserver_config.delay_loop }}
{%         if vserver_config.algorithm is vyos_defined('round-robin') %}
    lb_algo rr
{%         elif vserver_config.algorithm is vyos_defined('weighted-round-robin') %}
    lb_algo wrr
{%         elif vserver_config.algorithm is vyos_defined('least-connection') %}
    lb_algo lc
{%         elif vserver_config.algorithm is vyos_defined('weighted-least-connection') %}
    lb_algo wlc
{%         elif vserver_config.algorithm is vyos_defined('source-hashing') %}
    lb_algo sh
{%         elif vserver_config.algorithm is vyos_defined('destination-hashing') %}
    lb_algo dh
{%         elif vserver_config.algorithm is vyos_defined('locality-based-least-connection') %}
    lb_algo lblc
{%         endif %}
{%         if vserver_config.forward_method is vyos_defined('nat') %}
    lb_kind NAT
{%         elif vserver_config.forward_method is vyos_defined('direct') %}
    lb_kind DR
{%         elif vserver_config.forward_method is vyos_defined('tunnel') %}
    lb_kind TUN
{%         endif %}
    persistence_timeout {{ vserver_config.persistence_timeout }}
    protocol {{ vserver_config.protocol | upper }}
{%         if vserver_config.real_server is vyos_defined %}
{%             for rserver, rserver_config in vserver_config.real_server.items() %}
    real_server {{ rserver }} {{ rserver_config.port }} {
        weight 1
{%                 if rserver_config.health_check.script is vyos_defined %}
        MISC_CHECK {
            misc_path {{ rserver_config.health_check.script }}
{%                 else %}
        {{ vserver_config.protocol | upper }}_CHECK {
{%                     if rserver_config.connection_timeout is vyos_defined %}
            connect_timeout {{ rserver_config.connection_timeout }}
{%                     endif %}
{%                 endif %}
        }
    }
{%             endfor %}
{%         endif %}
}
{%     endfor %}
{% endif %}