eafcece0cf
We hadn't done this in the past because virt-install couldn't do https urls, but thats long since no longer the case. So, move all the ks_url and ks_repo calls to use https and since they are using https, they need to use the valid infrastructure.fedoraproject.org name so they can verify the cert. Set batcave to redirect http to https now since that was the thing holding this back. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
1.7 KiB
— csi_relationship: |2 ns02 is a master dns server. It serves about every domain under fedoraproject, fedo*, as well as others, both forward and reverse.
- This host relies on:
- The virthost it's hosted on (ibiblio05.fedoraproject.org)
- batcave for dns git and keys
- connectivity to maxmind to create geoIP dns acl
- Things that rely on this host:
- The Internet/Community to resolve everything related to fedora and reverse-IP for allocated subnets
- If this host is down, dns queries will slow down by the portion of this host to the total name servers responsible for the same domain set.
- secodary/slave dns servers
datacenter: ibiblio dns1: 152.2.21.1 dns2: 152.2.253.100 dns_search1: vpn.fedoraproject.org dns_search2: fedoraproject.org eth0_ipv4_ip: 152.19.134.139 eth0_ipv4_gw: 152.19.134.129 eth0_ipv4_nm: 25 eth0_ipv6_ip: "2600:2701:4000:5211:dead:beef:00fe:fed7" eth0_ipv6_gw: "2600:2701:4000:5211::1" eth0_ipv6_nm: 104 has_ipv6: yes ks_repo: https://infrastructure.fedoraproject.org/repo/rhel/RHEL9-x86_64/ ks_url: https://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel network_connections:
-
autoconnect: yes ip: address:
- "{{ eth0_ipv4_ip }}/{{ eth0_ipv4_nm }}"
- "{{ eth0_ipv6_ip }}/{{ eth0_ipv6_nm }}"
dhcp4: no dns:
- "{{ dns1 }}"
- "{{ dns2 }}"
- 2001:4860:4860::8888
dns_search:
- "{{ dns_search1 }}"
- "{{ dns_search2 }}"
gateway4: "{{ eth0_ipv4_gw }}" gateway6: "{{ eth0_ipv6_gw }}" mac: "{{ ansible_default_ipv4.macaddress }}" name: eth0 type: ethernet
postfix_group: vpn vmhost: ibiblio05.fedoraproject.org volgroup: /dev/vg_guests vpn: true