6 files changed, 18 insertions, 21 deletions

diff --git a/site.yml b/common.yml
index fb1a772..6b3c6f3 100644
--- a/site.yml
+++ b/common.yml
@@ -2,7 +2,3 @@
   hosts: all
   roles:
     - common
-
-- hosts: dns
-  roles:
-    - dns
diff --git a/group_vars/all.yml b/group_vars/all.yml
index 2cf310d..82b1512 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -3,4 +3,4 @@ dns_servers:
   - 1.1.1.1
   - 1.0.0.1
 dns_dnssec: true
-dns_domains: []
+dns_domains: ["internal.simponic.xyz"]
diff --git a/inventory b/inventory
index 92f527e..0df2ee2 100644
--- a/inventory
+++ b/inventory
@@ -1,22 +1,24 @@
 [private]
-johan.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
-nijika.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
-ryo.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
-#ash.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+johan  ansible_user=root ansible_connection=ssh
+nijika  ansible_user=root ansible_connection=ssh
+ryo  ansible_user=root ansible_connection=ssh
+#ash ansible_user=root ansible_connection=ssh
 
 [webservers]
-levi.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+levi  ansible_user=root ansible_connection=ssh
 #ash.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
 
-[dns]
-nijika.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
-ryo.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+[dnsprimary]
+nijika  ansible_user=root ansible_connection=ssh ansible_host=107.173.19.33   # nijika
+
+[dnsreplica]
+ryo  ansible_user=root ansible_connection=ssh ansible_host=107.172.103.253 # ryo
 
 [internaldns]
-johan.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+johan ansible_user=root ansible_connection=ssh
 
 [mail]
-#ash.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+#ash  ansible_user=root ansible_connection=ssh
 
 [vpn]
-johan.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+johan ansible_user=root ansible_connection=ssh
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index d3bf8b9..1d2e987 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -16,7 +16,7 @@
     mode: u=rw,g=r,o=r
 
 - name: restart sshd
-  service: name=sshd state=restarted
+  service: name=sshd state=restarted enabled=yes
 
 # FIREWALL
 - name: install UFW
@@ -28,7 +28,7 @@
     name: OpenSSH
 
 - name: restart ufw
-  service: name=ufw state=restarted
+  service: name=ufw state=restarted enabled=yes
 
 # FAIL2BAN
 - name: install fail2ban
@@ -43,7 +43,7 @@
     mode: u=rw,g=r,o=r
 
 - name: restart fail2ban
-  service: name=fail2ban state=restarted
+  service: name=fail2ban state=restarted enabled=yes
 
 # DNS
 - name: install systemd-resolved
diff --git a/roles/common/tasks/systemd-resolved.yml b/roles/common/tasks/systemd-resolved.yml
index 43cb132..dc40275 100644
--- a/roles/common/tasks/systemd-resolved.yml
+++ b/roles/common/tasks/systemd-resolved.yml
@@ -41,7 +41,7 @@
     no_extra_spaces: true
   register: conf_domains
 
-- name: Check if network manager runs
+- name: Check if systemd-resolve runs
   ansible.builtin.shell: pgrep systemd-resolve
   failed_when: false
   changed_when: false
diff --git a/roles/private/tasks/main.yml b/roles/private/tasks/main.yml
deleted file mode 100644
index ed97d53..0000000
--- a/roles/private/tasks/main.yml
+++ /dev/null
@@ -1 +0,0 @@
----