bind rpc to private interface
This commit is contained in:
parent
cea8898f1f
commit
357ecd1b3e
|
@ -14,6 +14,27 @@
|
||||||
with_items:
|
with_items:
|
||||||
- tcp
|
- tcp
|
||||||
- udp
|
- udp
|
||||||
|
- name: bind rpcbind to vpn ip
|
||||||
|
lineinfile:
|
||||||
|
create: yes
|
||||||
|
path: /etc/rpcbind.conf
|
||||||
|
line: "OPTIONS=-w -h {{wg_ip}}"
|
||||||
|
regexp: "^OPTIONS.*"
|
||||||
|
notify: restart rpcbind
|
||||||
|
- name: add vpn to hosts.allow
|
||||||
|
lineinfile:
|
||||||
|
path: /etc/hosts.allow
|
||||||
|
line: "rpcbind: 10.0.0.0/8"
|
||||||
|
regexp: "rpbcind.*"
|
||||||
|
notify: restart rpcbind
|
||||||
|
- name: block everyone
|
||||||
|
lineinfile:
|
||||||
|
path: /etc/hosts.deny
|
||||||
|
line: "rpcbind: ALL"
|
||||||
|
regexp: "rpcbind.*"
|
||||||
|
notify: restart rpcbind
|
||||||
|
- name: fire handlers
|
||||||
|
meta: flush_handlers
|
||||||
- name: install gluster package
|
- name: install gluster package
|
||||||
apt:
|
apt:
|
||||||
name: glusterfs-server
|
name: glusterfs-server
|
||||||
|
@ -39,16 +60,19 @@
|
||||||
- node01
|
- node01
|
||||||
- node02
|
- node02
|
||||||
- node03
|
- node03
|
||||||
|
when: ansible_nodename == "node01"
|
||||||
- name: gluster volume
|
- name: gluster volume
|
||||||
gluster_volume:
|
gluster_volume:
|
||||||
name: data
|
name: data
|
||||||
replicas: 3
|
replicas: 3
|
||||||
state: started
|
state: present
|
||||||
bricks: /mnt/gluster/data
|
bricks: /mnt/gluster/data
|
||||||
|
start_on_create: yes
|
||||||
cluster:
|
cluster:
|
||||||
- node01
|
- node01
|
||||||
- node02
|
- node02
|
||||||
- node03
|
- node03
|
||||||
|
when: ansible_nodename == "node01"
|
||||||
- name: gluster client package
|
- name: gluster client package
|
||||||
apt:
|
apt:
|
||||||
name: glusterfs-client
|
name: glusterfs-client
|
||||||
|
@ -56,6 +80,6 @@
|
||||||
mount:
|
mount:
|
||||||
path: /data
|
path: /data
|
||||||
src: "{{ansible_nodename}}:/data"
|
src: "{{ansible_nodename}}:/data"
|
||||||
options: noatime
|
opts: noatime
|
||||||
fstype: glusterfs
|
fstype: glusterfs
|
||||||
state: mounted
|
state: mounted
|
||||||
|
|
Loading…
Reference in New Issue