Add option to enable HA/CARP failover support to the os-netbird plugin

security/netbird/src/etc/inc/plugins.inc.d/netbird.inc

@@ -34,6 +34,13 @@ function netbird_enabled()
     return !(new \OPNsense\Netbird\Settings())->general->enable->isEmpty();
 }
 
+function netbird_carp_enabled()
+{
+    $settings = new \OPNsense\Netbird\Settings();
+    return (string)$settings->general->enable == '1' &&
+           (string)$settings->general->enablecarp == '1';
+}
+
 function netbird_services()
 {
     $services = [];

security/netbird/src/etc/rc.syshook.d/carp/50-netbird

@@ -0,0 +1,59 @@
+#!/usr/local/bin/php
+<?php
+
+/*
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+require_once("config.inc");
+require_once("util.inc");
+require_once("plugins.inc.d/netbird.inc");
+
+if (netbird_carp_enabled()) {
+    $subsystem = !empty($argv[1]) ? $argv[1] : '';
+    $type = !empty($argv[2]) ? $argv[2] : '';
+
+    if ($type != 'MASTER' && $type != 'BACKUP') {
+        log_msg("Carp '$type' event unknown from source '{$subsystem}'");
+        exit(1);
+    }
+
+    if (!strstr($subsystem, '@')) {
+        log_msg("Carp '$type' event triggered from wrong source '{$subsystem}'");
+        exit(1);
+    }
+
+    $backend = new \OPNsense\Core\Backend();
+
+    switch ($type) {
+        case 'MASTER':
+            log_msg("NetBird CARP: Transitioning to MASTER state, starting NetBird interfaces");
+            $backend->configdRun("netbird up");
+            break;
+        case 'BACKUP':
+            log_msg("NetBird CARP: Transitioning to BACKUP state, stopping NetBird interfaces");
+            $backend->configdRun("netbird down");
+            break;
+    }
+}

security/netbird/src/opnsense/mvc/app/controllers/OPNsense/Netbird/forms/settings.xml

@@ -9,6 +9,12 @@
         <type>checkbox</type>
         <help>Enable NetBird</help>
     </field>
+    <field>
+        <id>settings.general.enablecarp</id>
+        <label>Enable CARP Failover Support</label>
+        <type>checkbox</type>
+        <help>When enabled, NetBird interfaces will start on MASTER state and stop on BACKUP state.</help>
+    </field>
     <field>
         <id>settings.general.wireguardPort</id>
         <label>WireGuard Port</label>

security/netbird/src/opnsense/mvc/app/models/OPNsense/Netbird/Settings.xml

@@ -8,6 +8,10 @@
                 <Default>0</Default>
                 <Required>Y</Required>
             </enable>
+            <enablecarp type="BooleanField">
+                <Default>0</Default>
+                <Required>Y</Required>
+            </enablecarp>
             <wireguardPort type="IntegerField">
                 <Default>51820</Default>
                 <Required>Y</Required>