bind rpc to private interface

roles/gluster/tasks/main.yaml

@@ -14,6 +14,27 @@
   with_items:
     - tcp
     - udp
+- name: bind rpcbind to vpn ip
+  lineinfile:
+     create: yes
+     path: /etc/rpcbind.conf
+     line: "OPTIONS=-w -h {{wg_ip}}"
+     regexp: "^OPTIONS.*"
+  notify: restart rpcbind
+- name: add vpn to hosts.allow
+  lineinfile:
+     path: /etc/hosts.allow
+     line: "rpcbind: 10.0.0.0/8"
+     regexp: "rpbcind.*"
+  notify: restart rpcbind
+- name: block everyone
+  lineinfile:
+     path: /etc/hosts.deny
+     line: "rpcbind: ALL"
+     regexp: "rpcbind.*"
+  notify: restart rpcbind
+- name: fire handlers
+  meta: flush_handlers
 - name: install gluster package
   apt:
     name: glusterfs-server
@@ -39,16 +60,19 @@
       - node01
       - node02
       - node03
+  when: ansible_nodename == "node01"
 - name: gluster volume
   gluster_volume:
     name: data
     replicas: 3
-    state: started
+    state: present
     bricks: /mnt/gluster/data
+    start_on_create: yes
     cluster:
       - node01
       - node02
       - node03
+  when: ansible_nodename == "node01"
 - name: gluster client package
   apt:
      name: glusterfs-client
@@ -56,6 +80,6 @@
   mount:
     path: /data
     src: "{{ansible_nodename}}:/data"
-    options: noatime
+    opts: noatime
     fstype: glusterfs
     state: mounted