a good starting point for traefik

author: Elizabeth Hunt <me@liz.coffee> 2025-03-16 21:23:16 -0700
committer: Elizabeth Hunt <me@liz.coffee> 2025-03-16 21:23:16 -0700
commit: 654694f9276cd9c30a7f2690f9336cf63a0172ef (patch)
tree: 12e4e8ec000478c982152e56d327afdef26a3b6a /playbooks/deploy-swarm-cluster.yml
parent: fb7e6890d8516618fa3baec0edf84048e2b6601d (diff)
download: infra-654694f9276cd9c30a7f2690f9336cf63a0172ef.tar.gz
infra-654694f9276cd9c30a7f2690f9336cf63a0172ef.zip
1 files changed, 34 insertions, 0 deletions
diff --git a/playbooks/deploy-swarm-cluster.yml b/playbooks/deploy-swarm-cluster.yml
new file mode 100644
index 0000000..22dcdb7
--- /dev/null
+++ b/playbooks/deploy-swarm-cluster.yml
@@ -0,0 +1,34 @@
+---
+
+- name: Configure Docker Swarm Firewall Rules
+  hosts: swarm
+  become: true
+  tasks:
+    - name: Enable Local Swarm Communications
+      loop: "{{ rfc1918_cgnat_networks }}"
+      community.general.ufw:
+        rule: allow
+        port: "2377"
+        from: "{{ item }}"
+        state: enabled
+
+    - name: Enable Local Swarm Communications
+      loop: "{{ rfc1918_cgnat_networks }}"
+      community.general.ufw:
+        rule: allow
+        port: "9001"
+        from: "{{ item }}"
+        state: enabled
+
+- name: Setup swarm on init node
+  hosts: swarm[0]
+  become: true
+  roles:
+    - swarm-init
+
+- name: Join non-init nodes
+  hosts: swarm:!swarm[0]
+  become: true
+  roles:
+    - swarm-join
+
author	Elizabeth Hunt <me@liz.coffee>	2025-03-16 21:23:16 -0700
committer	Elizabeth Hunt <me@liz.coffee>	2025-03-16 21:23:16 -0700
commit	654694f9276cd9c30a7f2690f9336cf63a0172ef (patch)
tree	12e4e8ec000478c982152e56d327afdef26a3b6a /playbooks/deploy-swarm-cluster.yml
parent	fb7e6890d8516618fa3baec0edf84048e2b6601d (diff)
download	infra-654694f9276cd9c30a7f2690f9336cf63a0172ef.tar.gz infra-654694f9276cd9c30a7f2690f9336cf63a0172ef.zip