forked from alxhlz/hcloud-failover-keepalived
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathtest-base.nix
68 lines (62 loc) · 1.52 KB
/
test-base.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
{ config, pkgs, ... }: {
imports = [
./module.nix
];
virtualisation.vlans = [ 1 ];
networking.vlans.hetzner = {
id = 1;
interface = "eth1";
};
services.robot-failover = {
enable = true;
common = {
interface = "hetzner";
keepaliveInterface = "hetzner";
floatingIPs = [
{ ip = "42.0.0.1"; router = 1; }
{ ip = "42:1::"; router = 1; } # will be 42:1::2
{ ip = "42.0.0.2"; router = 2; }
{ ip = "42:2::"; router = 2; } # will be 42:2::2
];
mainIPs = {
"1" = {
ipv4 = "10.42.0.1";
ipv6 = "fe42:1::"; # will be fe42:1::2
};
"2" = {
ipv4 = "10.42.0.2";
ipv6 = "fe42:2::"; # will be fe42:2::2
};
};
urlFloating = "http://10.42.0.254:9090/{0}";
robotAuths = {
"1" = "1:1234";
"2" = "2:1234";
};
};
};
systemd.services.keepalived.environment.FORCE_DEBUG_FAILOVER = "1";
systemd.timers.keepalived-boot-delay.enable = false;
networking = {
nftables.enable = true;
firewall.allowedTCPPorts = [ 80 ];
firewall.extraInputRules = ''
ip protocol vrrp accept
'';
};
networking.defaultGateway = {
interface = "hetzner";
address = "10.42.0.254";
};
networking.defaultGateway6 = {
interface = "hetzner";
address = "fe42::254";
};
services.nginx = {
enable = true;
virtualHosts.default = {
default = true;
locations."/".return = "200 server-${config.networking.hostName}";
};
};
}