diff --git a/inventory/host_vars/noc01.rdu3.fedoraproject.org b/inventory/host_vars/noc01.rdu3.fedoraproject.org
new file mode 100644
index 0000000000..4ec5ee8fa3
--- /dev/null
+++ b/inventory/host_vars/noc01.rdu3.fedoraproject.org
@@ -0,0 +1,27 @@
+---
+custom_rules: [
+  '-A INPUT -p tcp -m tcp -s 192.168.1.20 --dport 5666 -j ACCEPT',
+  # needed to allow rsync from log01
+  '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT',
+  '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT'
+  ]
+nft_custom_rules:
+  - 'add rule ip filter INPUT ip saddr 192.168.1.20 tcp dport 5666 counter accept'
+  # needed to allow rsync from log01
+  - 'add rule ip filter INPUT ip saddr 10.3.163.39  tcp dport 873 counter accept'
+  - 'add rule ip filter INPUT ip saddr 192.168.1.59 tcp dport 873 counter accept'
+datacenter: rdu3
+eth0_ipv4_gw: 10.16.163.254
+eth0_ipv4_ip: 10.16.163.10
+ks_repo: https://infrastructure.fedoraproject.org/repo/rhel/RHEL9-x86_64/
+ks_url: https://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel
+# Define resources for this group of hosts here.
+lvm_size: 20000
+mem_size: 8192
+nagios_location: 'rdu3_internal'
+nagios_srcdir: 'nagios'
+num_cpus: 4
+tcp_ports: ['22', '80', '443', '67', '68']
+udp_ports: ['67', '68', '69']
+vmhost: vmhost-x86-01.rdu3.fedoraproject.org
+volgroup: /dev/vg_guests
diff --git a/inventory/inventory b/inventory/inventory
index e923abb448..db39bdb5b8 100644
--- a/inventory/inventory
+++ b/inventory/inventory
@@ -240,10 +240,14 @@ ipsilon02.iad2.fedoraproject.org
 [nagios]
 noc01.iad2.fedoraproject.org
 noc02.fedoraproject.org
+noc01.rdu3.fedoraproject.org
 
 [nagios_iad2]
 noc01.iad2.fedoraproject.org
 
+[nagios_rdu3]
+noc01.rdu3.fedoraproject.org
+
 [noc_rdu_cc]
 noc-cc01.rdu-cc.fedoraproject.org
 
diff --git a/playbooks/groups/noc.yml b/playbooks/groups/noc.yml
index 4ea036f0db..b4135ae924 100644
--- a/playbooks/groups/noc.yml
+++ b/playbooks/groups/noc.yml
@@ -22,10 +22,10 @@
   - rkhunter
   - nagios_client
   - hosts
-  - { role: openvpn/client, when: env != "staging" }
+  - { role: openvpn/client, when: env != "staging" or datacenter == 'rdu3' }
   - ipa/client
   - collectd/base
-  - { role: rsyncd, when: datacenter == 'iad2' }
+  - { role: rsyncd, when: datacenter == 'iad2' or datacenter == 'rdu3' }
   - sudo
   - apache
   # - mod_wsgi
@@ -40,7 +40,7 @@
     owner_group: apache
     service: HTTP
     host: "nagios-external{{env_suffix}}.fedoraproject.org"
-    when: datacenter != 'iad2'
+    when: datacenter == 'ibiblio'
   - { role: letsencrypt, site_name: 'nagios-external.fedoraproject.org', when: inventory_hostname.startswith('noc02') }
 
   handlers:
@@ -60,9 +60,9 @@
   - import_tasks: "{{ handlers_path }}/restart_services.yml"
 
   roles:
-  - { role: dhcp_server, when: datacenter == 'iad2' }
-  - { role: tftp_server, when: datacenter == 'iad2' }
-  - { role: nagios_server }
+  - { role: dhcp_server, when: datacenter == 'iad2' or datacenter == 'rdu3' }
+  - { role: tftp_server, when: datacenter == 'iad2' or datacenter == 'rdu3' }
+  - { role: nagios_server, when: datacenter == 'iad2' or datacenter == 'ibiblio' }
 
   tasks:
   - name: Install some packages which arent in playbooks