From 748a0e86324f98f21b4c4f6f2d51f6eb28e52257 Mon Sep 17 00:00:00 2001
From: Ben Vincent <ben@unkin.net>
Date: Thu, 28 Mar 2024 20:08:00 +1100
Subject: [PATCH] feat: enable sydney subnets

---
 hieradata/roles/infra/dns/master.yaml    | 14 ++++++++++++++
 hieradata/roles/infra/ntp/server.yaml    |  2 ++
 hieradata/roles/infra/puppet/master.yaml |  2 ++
 3 files changed, 18 insertions(+)

diff --git a/hieradata/roles/infra/dns/master.yaml b/hieradata/roles/infra/dns/master.yaml
index 4f0dcbc..ef7d4c4 100644
--- a/hieradata/roles/infra/dns/master.yaml
+++ b/hieradata/roles/infra/dns/master.yaml
@@ -21,6 +21,18 @@ profiles::dns::master::zones:
     dynamic: false
     ns_notify: true
     source: '/var/named/sources/17.18.198.in-addr.arpa.conf'
+  16.18.198.in-addr.arpa:
+    domain: '16.18.198.in-addr.arpa'
+    zone_type: 'master'
+    dynamic: false
+    ns_notify: true
+    source: '/var/named/sources/16.18.198.in-addr.arpa.conf'
+  15.18.198.in-addr.arpa:
+    domain: '15.18.198.in-addr.arpa'
+    zone_type: 'master'
+    dynamic: false
+    ns_notify: true
+    source: '/var/named/sources/15.18.198.in-addr.arpa.conf'
 
 profiles::dns::master::views:
   master-zones:
@@ -28,6 +40,8 @@ profiles::dns::master::views:
     zones:
       - main.unkin.net
       - 17.18.198.in-addr.arpa
+      - 16.18.198.in-addr.arpa
+      - 15.18.198.in-addr.arpa
     match_clients:
       - acl-main.unkin.net
 
diff --git a/hieradata/roles/infra/ntp/server.yaml b/hieradata/roles/infra/ntp/server.yaml
index e618573..fddfc78 100644
--- a/hieradata/roles/infra/ntp/server.yaml
+++ b/hieradata/roles/infra/ntp/server.yaml
@@ -1,6 +1,8 @@
 ---
 profiles::ntp::client::client_only: false
 profiles::ntp::server::allowquery:
+  - '198.18.15.0/24'
+  - '198.18.16.0/24'
   - '198.18.17.0/24'
 
 profiles::ntp::server::peers:
diff --git a/hieradata/roles/infra/puppet/master.yaml b/hieradata/roles/infra/puppet/master.yaml
index 86dcbec..f475770 100644
--- a/hieradata/roles/infra/puppet/master.yaml
+++ b/hieradata/roles/infra/puppet/master.yaml
@@ -1,5 +1,7 @@
 ---
 profiles::puppet::autosign::subnet_ranges:
+  - '198.18.15.0/24'
+  - '198.18.16.0/24'
   - '198.18.17.0/24'
 
 profiles::puppet::autosign::domains: