add keepalived conf?

galanin/configuration.nix

@@ -8,11 +8,11 @@
     ...
 }: {
   imports = [
-    # Include the results of the hardware scan.
+# Include the results of the hardware scan.
-    # ./hardware-configuration.nix
+# ./hardware-configuration.nix
   ];
 
-  # Use the systemd-boot EFI boot loader.
+# Use the systemd-boot EFI boot loader.
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
 
@@ -25,12 +25,12 @@
     defaultGateway.address = "192.168.1.1";
   };
 
-  # List packages installed in system profile. To search, run:
+# List packages installed in system profile. To search, run:
-  # $ nix search wget
+# $ nix search wget
-  # environment.systemPackages = with pkgs; [
+# environment.systemPackages = with pkgs; [
-  #   vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+#   vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
-  #   wget
+#   wget
-  # ];
+# ];
 
   users = {
     users = {
@@ -53,10 +53,10 @@
       };
     };
   };
-  # Some programs need SUID wrappers, can be configured further or are
+# Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
+# started in user sessions.
-  # programs.mtr.enable = true;
+# programs.mtr.enable = true;
-  # programs.
+# programs.
   programs = {
     gnupg.agent = {
       enable = true;
@@ -90,20 +90,49 @@
     extraOptions = "--userns-remap=default";
     liveRestore = false; # NOTE: Incompatible with swarm
   };
-  # List services that you want to enable:
+# List services that you want to enable:
+  services.keepalived = {
+    enable = true;
+    openFirewall = true;
+    extraConfig = ''
+      vrrp_track_process track_traefik {
+        process traefik
+          weight 20
+          delay 1
+      }
+    '';
+      vrrpInstances = {
+        VI_1 = {
+          state = "BACKUP";
+          interface = "enp0s31f6";
+          virtualRouterId = 51;
+          priority=100;
+          virtualIps = [ {addr = "192.168.1.64";}];
+          extraConfig = ''
+            authentication {
+              auth_type PASS
+                auth_pass 3141
+            }
+          track_process {
+            track_traefik
+          }
+          advert_int 1
+            '';
+        };
+      };
+  };
+# Enable the OpenSSH daemon.
+# services.openssh.enable = true;
 
-  # Enable the OpenSSH daemon.
+# Open ports in the firewall.
-  # services.openssh.enable = true;
+# networking.firewall.allowedTCPPorts = [ ... ];
+# networking.firewall.allowedUDPPorts = [ ... ];
+# Or disable the firewall altogether.
 
-  # Open ports in the firewall.
+# Copy the NixOS configuration file and link it from the resulting system
-  # networking.firewall.allowedTCPPorts = [ ... ];
+# (/run/current-system/configuration.nix). This is useful in case you
-  # networking.firewall.allowedUDPPorts = [ ... ];
+# accidentally delete configuration.nix.
-  # Or disable the firewall altogether.
+# system.copySystemConfiguration = true;
-
-  # Copy the NixOS configuration file and link it from the resulting system
-  # (/run/current-system/configuration.nix). This is useful in case you
-  # accidentally delete configuration.nix.
-  # system.copySystemConfiguration = true;
     services.logind.lidSwitch = "ignore";
     systemd.targets.sleep.enable = false;
     systemd.targets.suspend.enable = false;
@@ -111,4 +140,4 @@
     systemd.targets.hybrid-sleep.enable = false;
 
     system.stateVersion = "24.05"; # Did you read the comment?
-}
+  }