unless this works, I guess I need to attach the patch.
--- inventory/group_vars/dns | 4 ++++ inventory/host_vars/ns02.fedoraproject.org | 16 ++++++++++++++++ inventory/host_vars/ns03.phx2.fedoraproject.org | 15 +++++++++++++++ inventory/host_vars/ns04.phx2.fedoraproject.org | 15 +++++++++++++++ inventory/host_vars/ns05.fedoraproject.org | 15 +++++++++++++++ 5 files changed, 65 insertions(+)
diff --git a/inventory/group_vars/dns b/inventory/group_vars/dns index 17da9d0..db01b32 100644 --- a/inventory/group_vars/dns +++ b/inventory/group_vars/dns @@ -16,3 +16,7 @@ nrpe_procs_warn: 300 nrpe_procs_crit: 500
sudoers: "{{ private }}/files/sudo/sysadmin-dns" + +csi_security_category: High +csi_primary_contact: Fedora Admins - admin@fedoraproject.org +csi_purpose: Domain Name Service diff --git a/inventory/host_vars/ns02.fedoraproject.org b/inventory/host_vars/ns02.fedoraproject.org index ec29b7e..ffc9479 100644 --- a/inventory/host_vars/ns02.fedoraproject.org +++ b/inventory/host_vars/ns02.fedoraproject.org @@ -15,3 +15,19 @@ datacenter: ibiblio
ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/ + + +csi_relationship: | + + ns02 is a master dns server. + It serves about every domain under fedoraproject, fedo*, as well as others, both forward and reverse. + + * This host relies on: + - The virthost it's hosted on (ibiblio03.fedoraproject.org) + - batcave for dns git and keys + - connectivity to maxmind to create geoIP dns acl + + * Things that rely on this host: + - The Internet/Community to resolve everything related to fedora and reverse-IP for allocated subnets + - If this host is down, dns queries will slow down by the portion of this host to the total name servers responsible for the same domain set. + - secodary/slave dns servers diff --git a/inventory/host_vars/ns03.phx2.fedoraproject.org b/inventory/host_vars/ns03.phx2.fedoraproject.org index 4515d5e..669b5ff 100644 --- a/inventory/host_vars/ns03.phx2.fedoraproject.org +++ b/inventory/host_vars/ns03.phx2.fedoraproject.org @@ -10,3 +10,18 @@ ansible_ssh_host: ns03.phx2.fedoraproject.org
vmhost: virthost21.phx2.fedoraproject.org datacenter: phx2 + +csi_relationship: | + + ns03 is a master dns server. + It serves about every domain under fedoraproject, fedo*, as well as others, both forward and reverse. + + * This host relies on: + - The virthost it's hosted on (virthost21.phx2.fedoraproject.org) + - batcave for dns git and keys + - connectivity to maxmind to create geoIP dns acl + + * Things that rely on this host: + - The Internet/Community to resolve everything related to fedora and reverse-IP for allocated subnets + - If this host is down, dns queries will slow down by the portion of this host to the total name servers responsible for the same domain set. + - secodary/slave dns servers diff --git a/inventory/host_vars/ns04.phx2.fedoraproject.org b/inventory/host_vars/ns04.phx2.fedoraproject.org index 9c72ca9..1a4089f 100644 --- a/inventory/host_vars/ns04.phx2.fedoraproject.org +++ b/inventory/host_vars/ns04.phx2.fedoraproject.org @@ -10,3 +10,18 @@ ansible_ssh_host: ns04.phx2.fedoraproject.org
vmhost: virthost15.phx2.fedoraproject.org datacenter: phx2 + +csi_relationship: | + + ns04 is a master dns server. + It serves about every domain under fedoraproject, fedo*, as well as others, both forward and reverse. + + * This host relies on: + - The virthost it's hosted on (virthost15.phx2.fedoraproject.org) + - batcave for dns git and keys + - connectivity to maxmind to create geoIP dns acl + + * Things that rely on this host: + - The Internet/Community to resolve everything related to fedora and reverse-IP for allocated subnets + - If this host is down, dns queries will slow down by the portion of this host to the total name servers responsible for the same domain set. + - secodary/slave dns servers diff --git a/inventory/host_vars/ns05.fedoraproject.org b/inventory/host_vars/ns05.fedoraproject.org index 3955f44..e02f9a9 100644 --- a/inventory/host_vars/ns05.fedoraproject.org +++ b/inventory/host_vars/ns05.fedoraproject.org @@ -12,3 +12,18 @@ postfix_group: vpn
vmhost: internetx01.fedoraproject.org datacenter: internetx + +csi_relationship: | + + ns05 is a master dns server. + It serves about every domain under fedoraproject, fedo*, as well as others, both forward and reverse. + + * This host relies on: + - The virthost it's hosted on (internetx01.fedoraproject.org) + - batcave for dns git and keys + - connectivity to maxmind to create geoIP dns acl + + * Things that rely on this host: + - The Internet/Community to resolve everything related to fedora and reverse-IP for allocated subnets + - If this host is down, dns queries will slow down by the portion of this host to the total name servers responsible for the same domain set. + - secodary/slave dns servers