Add PTR record for azwikimedia (mail.wikimedia.az)
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Nemoralis
	Mar 24 2026, 12:29 AM

Description

Please configure a PTR record for the floating IP assigned to my instance, pointing to the mail.wikimedia.az

This is required by mailcow for mail deliverability.

Details

Related Changes in Gerrit:

	Subject	Repo	Branch	Lines +/-
	wmcs-dnsleaks: allow for user-created records under .az as well as .org	operations/puppet	production	+6 -0

Customize query in gerrit

Related Changes in GitLab:

	Title	Reference	Author	Source Branch	Dest Branch
	mail.wikimedia.az. -- corrected to be in parent ptr zone	repos/cloud/cloud-vps/tofu-infra!305	andrew	azwiki	main
	Add ptr record for mail.wikimedia.az	repos/cloud/cloud-vps/tofu-infra!303	andrew	azwiki	main

Customize query in GitLab

Related Objects
Search...

Status	Assigned	Task
Resolved	dcaro	T417736 Request creation of azwikimedia VPS project
Resolved	dcaro	T419582 Add floating IP and vanity domain for azwikimedia project
Resolved	Andrew	T421025 Add PTR record for azwikimedia (mail.wikimedia.az)
Resolved	Andrew	T421739 Improvements to auto-generated floating ip ptr records

Event Timeline

Nemoralis created this task.Mar 24 2026, 12:29 AM

users had not actually allocated a floating IP, but I have now done so. It is: 185.15.56.85

andrew@bookworm:~/tofu-infra/resources/eqiad1-r/cloudinfra$ dig -x 185.15.56.85

; <<>> DiG 9.18.33-1~deb12u2-Debian <<>> -x 185.15.56.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13624
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1400
; COOKIE: 5b37dda41fa8a02d0100000069c1f82ae37578607af6badf (good)
;; QUESTION SECTION:
;85.56.15.185.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
85.56.15.185.in-addr.arpa. 3600	IN	CNAME	85.0-25.56.15.185.in-addr.arpa.
85.0-25.56.15.185.in-addr.arpa.	3600 IN	PTR	mail.wikimedia.az.

;; Query time: 99 msec
;; SERVER: 206.225.75.225#53(206.225.75.225) (UDP)
;; WHEN: Mon Mar 23 21:34:18 CDT 2026
;; MSG SIZE  rcvd: 157

Hopefully that will do what you need!

@Andrew are we sure that PTR record is updated:

root@mail:/opt/mailcow-dockerized# dig -x 185.15.56.85

; <<>> DiG 9.18.44-1~deb12u1-Debian <<>> -x 185.15.56.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47470
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;85.56.15.185.in-addr.arpa.     IN      PTR

;; ANSWER SECTION:
85.56.15.185.in-addr.arpa. 3600 IN      CNAME   85.0-25.56.15.185.in-addr.arpa.
85.0-25.56.15.185.in-addr.arpa. 120 IN  PTR     instance-mail.f6ec9c0903d44b86bfbc7072bb77c7d6.wmcloud.org.

;; Query time: 4 msec
;; SERVER: 172.20.255.1#53(172.20.255.1) (UDP)
;; WHEN: Fri Mar 27 20:18:20 UTC 2026
;; MSG SIZE  rcvd: 148

Hm, we have a bot that maintains those instance- addresses, it must've clobbered the one I made by hand. I will need to think about this a bit.

Andrew reopened this task as Open.Mar 27 2026, 9:56 PM

Andrew created subtask T421739: Improvements to auto-generated floating ip ptr records.Mar 30 2026, 3:10 PM

Andrew mentioned this in T421739: Improvements to auto-generated floating ip ptr records.

andrew opened https://gitlab.wikimedia.org/repos/cloud/cloud-vps/tofu-infra/-/merge_requests/303

Add ptr record for mail.wikimedia.az

taavi triaged this task as Medium priority.Apr 1 2026, 1:56 PM

andrew merged https://gitlab.wikimedia.org/repos/cloud/cloud-vps/tofu-infra/-/merge_requests/303

Add ptr record for mail.wikimedia.az

andrew opened https://gitlab.wikimedia.org/repos/cloud/cloud-vps/tofu-infra/-/merge_requests/305

mail.wikimedia.az. -- corrected to be in parent ptr zone

andrew merged https://gitlab.wikimedia.org/repos/cloud/cloud-vps/tofu-infra/-/merge_requests/305

mail.wikimedia.az. -- corrected to be in parent ptr zone

I'm pretty sure the issue was that tofu was removing the by-hand record and then the ip-updater adding the instance- record. I've added this to tofu, let's see if it persists now.

Maintenance_bot removed a project: Patch-For-Review.Apr 2 2026, 1:31 PM

opentofu-infra-diff.service is failing on cloudcontrol1007 wrt this:

Apr 03 03:10:14 cloudcontrol1007 tofu[222452]: OpenTofu used the selected providers to generate the following execution
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]: plan. Resource actions are indicated with the following symbols:
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:   + create
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]: OpenTofu will perform the following actions:
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:   # module.project["cloudinfra"].openstack_dns_recordset_v2.record["85.0-25.56.15.185.in-addr.arpa._mailwikimediaaz"] will be created
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:   + resource "openstack_dns_recordset_v2" "record" {
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:       + description          = "managed by tofu-infra"
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:       + disable_status_check = true
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:       + id                   = (known after apply)
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:       + name                 = "85.0-25.56.15.185.in-addr.arpa."
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:       + project_id           = "cloudinfra"
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:       + records              = [
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:           + "mail.wikimedia.az.",
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:         ]
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:       + region               = (known after apply)
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:       + ttl                  = 3600
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:       + type                 = "PTR"
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:       + zone_id              = "4d5aba7a-fa31-4bcf-b863-41bb4c0362c6"
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]:     }
Apr 03 03:10:14 cloudcontrol1007 tofu[222452]: Plan: 1 to add, 0 to change, 0 to destroy.

fgiunchedi renamed this task from Add PTR record for azwikimedia to Add PTR record for azwikimedia (mail.wikimedia.az).Apr 3 2026, 10:05 AM

The PTR record is still the same:

nmw03@mail:/opt/mailcow-dockerized$ dig -x 185.15.56.85

; <<>> DiG 9.18.47-1~deb12u1-Debian <<>> -x 185.15.56.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42543
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;85.56.15.185.in-addr.arpa.     IN      PTR

;; ANSWER SECTION:
85.56.15.185.in-addr.arpa. 3600 IN      CNAME   85.0-25.56.15.185.in-addr.arpa.
85.0-25.56.15.185.in-addr.arpa. 120 IN  PTR     instance-mail.f6ec9c0903d44b86bfbc7072bb77c7d6.wmcloud.org.

;; Query time: 32 msec
;; SERVER: 172.20.255.1#53(172.20.255.1) (UDP)
;; WHEN: Fri Apr 03 22:40:11 UTC 2026
;; MSG SIZE  rcvd: 148

Change #1268260 had a related patch set uploaded (by Andrew Bogott; author: Andrew Bogott):

[operations/puppet@production] wmcs-dnsleaks: allow for user-created records under .az as well as .org

https://gerrit.wikimedia.org/r/1268260

Change #1268260 merged by Andrew Bogott:

[operations/puppet@production] wmcs-dnsleaks: allow for user-created records under .az as well as .org

https://gerrit.wikimedia.org/r/1268260

Maintenance_bot removed a project: Patch-For-Review.Apr 6 2026, 6:31 PM

I think I've fixed both (!) things that were wiping out your ptr record. Please re-open if it vanishes again!

Andrew closed subtask T421739: Improvements to auto-generated floating ip ptr records as Resolved.Tue, Apr 14, 1:58 PM

Add PTR record for azwikimedia (mail.wikimedia.az)Closed, ResolvedPublicActions

Description

Details

Related ObjectsSearch...

Event Timeline

Add PTR record for azwikimedia (mail.wikimedia.az)
Closed, ResolvedPublic
Actions

Related Objects
Search...