bind rpc to private interface
This commit is contained in:
parent
cea8898f1f
commit
357ecd1b3e
1 changed files with 26 additions and 2 deletions
|
|
@ -14,6 +14,27 @@
|
|||
with_items:
|
||||
- tcp
|
||||
- udp
|
||||
- name: bind rpcbind to vpn ip
|
||||
lineinfile:
|
||||
create: yes
|
||||
path: /etc/rpcbind.conf
|
||||
line: "OPTIONS=-w -h {{wg_ip}}"
|
||||
regexp: "^OPTIONS.*"
|
||||
notify: restart rpcbind
|
||||
- name: add vpn to hosts.allow
|
||||
lineinfile:
|
||||
path: /etc/hosts.allow
|
||||
line: "rpcbind: 10.0.0.0/8"
|
||||
regexp: "rpbcind.*"
|
||||
notify: restart rpcbind
|
||||
- name: block everyone
|
||||
lineinfile:
|
||||
path: /etc/hosts.deny
|
||||
line: "rpcbind: ALL"
|
||||
regexp: "rpcbind.*"
|
||||
notify: restart rpcbind
|
||||
- name: fire handlers
|
||||
meta: flush_handlers
|
||||
- name: install gluster package
|
||||
apt:
|
||||
name: glusterfs-server
|
||||
|
|
@ -39,16 +60,19 @@
|
|||
- node01
|
||||
- node02
|
||||
- node03
|
||||
when: ansible_nodename == "node01"
|
||||
- name: gluster volume
|
||||
gluster_volume:
|
||||
name: data
|
||||
replicas: 3
|
||||
state: started
|
||||
state: present
|
||||
bricks: /mnt/gluster/data
|
||||
start_on_create: yes
|
||||
cluster:
|
||||
- node01
|
||||
- node02
|
||||
- node03
|
||||
when: ansible_nodename == "node01"
|
||||
- name: gluster client package
|
||||
apt:
|
||||
name: glusterfs-client
|
||||
|
|
@ -56,6 +80,6 @@
|
|||
mount:
|
||||
path: /data
|
||||
src: "{{ansible_nodename}}:/data"
|
||||
options: noatime
|
||||
opts: noatime
|
||||
fstype: glusterfs
|
||||
state: mounted
|
||||
|
|
|
|||
Loading…
Reference in a new issue