global_defs {
  notification_email {
    monitoring.aurore@lists.crans.org
  }
  notification_email_from routeur-{{ apartment_block }}{% if 'backup' in inventory_hostname %}-backup{% endif %}@auro.re
  smtp_server smtp.crans.org
}


vrrp_instance VI_ROUT_{{ apartment_block }} {
  {% if 'backup' in inventory_hostname %}
  state BACKUP
  priority 100
  {% else %}
  state MASTER
  priority 150
  {% endif %}


  # Interface used for VRRP communication.
  interface ens18

  # Shared by MASTER and BACKUP
  virtual_router_id {{ apartment_block_id }}

  # Timeout in seconds before failover kicks in.
  advert_int 2

  # Used to authenticate VRRP communication between master and backup.
  authentication {
    auth_type PASS
    auth_pass {{ keepalived_password }}
  }

  smtp_alert

  virtual_ipaddress {
        # Routing subnet
        10.129.{{ apartment_block_id }}.254/16 brd 10.129.255.255 dev ens19 scope global
        {{ ipv6_base_prefix }}:129:0::{{ apartment_block_id }}:254/64 dev ens19 scope global


        # NATed subnet: wired
        45.66.108.25{{ apartment_block_id }}/24 brd 45.66.108.255 dev ens19 scope global

        # NATed subnet: wifi
        45.66.109.25{{ apartment_block_id }}/24 brd 45.66.109.255 dev ens19 scope global

        # Wired
        10.{{ subnet_ids.users_wired }}.0.254/16 brd 10.{{ subnet_ids.users_wired }}.255.255 dev ens20 scope global
        {{ ipv6_base_prefix }}:{{ subnet_ids.users_wired }}::0:254/64 dev ens20 scope global

        # Wifi
        10.{{ subnet_ids.users_wifi }}.0.254/16 brd 10.{{ subnet_ids.users_wifi }}.255.255 dev ens21 scope global
        {{ ipv6_base_prefix }}:{{ subnet_ids.users_wifi }}::0:254/64 dev ens21 scope global
   }


  # FIXME: update for IPv6
  virtual_routes {
        # 10.129.0.1 is Yggdrasil
        src 10.129.{{ apartment_block_id }}.254 to 0.0.0.0/0 via 10.129.0.1 dev ens19
  }
}