1.2 KiB
-
In the Fedora Infra Ansible repo edit the file roles/batcave/files/allows. Under the correct section add require ip <server_ip>
-
When this change is pushed run the batcave ansible playbook on the batcave. You will need sysadmin-main access for this
-
Create openvpn certificates for the new server. This requires sysadmin main access
-
In the dns repo on batcave edit the file master/168.192.in-addr.arpa Add the new host to one of the unused adresses. Ensure the hostname ends in .vpn.fedoraproject.org. Don’t forget to update the serial before saving.
-
Also edit the master/vpn.fedoraproject.org file to add the server with the new 192.168.. address created in the previous step to the required section Don’t forget to update the serial before saving.
-
When the above edits are done follow the instructions in the DNS sysadmin sop about signing and pushing new dns chnages.
-
Finally in the Fedora Infra Ansible repo add a new file roles/openvpn/server/files/ccd/<server_name> with the new 192.168.. address. View one of the existing files in the repo for a sample of formatting. This change will be run when the server is provisioned.