9 files changed, 34 insertions, 26 deletions

diff --git a/group_vars/swarm.yml b/group_vars/swarm_cluster.yml
index bf0744d..bf0744d 100644
--- a/group_vars/swarm.yml
+++ b/group_vars/swarm_cluster.yml
diff --git a/inventory b/inventory
index 69d14d8..2b2ebe9 100644
--- a/inventory
+++ b/inventory
@@ -19,7 +19,7 @@ swarm-one ansible_host=10.128.0.201  ansible_user=serve ansible_connection=ssh a
 swarm-two ansible_host=10.128.0.202  ansible_user=serve ansible_connection=ssh ansible_become_password='{{ swarm_become_password }}'
 swarm-three ansible_host=10.128.0.203  ansible_user=serve ansible_connection=ssh ansible_become_password='{{ swarm_become_password }}'
 
-[swarm]
+[swarm_cluster]
 swarm-one ansible_host=10.128.0.201  ansible_user=serve ansible_connection=ssh ansible_become_password='{{ swarm_become_password }}'
 swarm-two ansible_host=10.128.0.202  ansible_user=serve ansible_connection=ssh ansible_become_password='{{ swarm_become_password }}'
 swarm-three ansible_host=10.128.0.203  ansible_user=serve ansible_connection=ssh ansible_become_password='{{ swarm_become_password }}'
diff --git a/playbooks/roles/labdns/templates/stacks/docker-compose.yml b/playbooks/roles/labdns/templates/stacks/docker-compose.yml
index 3327c18..c2a2ab5 100644
--- a/playbooks/roles/labdns/templates/stacks/docker-compose.yml
+++ b/playbooks/roles/labdns/templates/stacks/docker-compose.yml
@@ -17,6 +17,7 @@ services:
       test: ["CMD-SHELL", "drill loadbalancer.{{ domain }} @127.0.0.1 | grep -q {{ loadbalancer_ip }}"]
       retries: 3
       timeout: 5s
+      interval: 10s
       start_period: 8s
 {% endif %}
     deploy:
diff --git a/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf
index 6248b0c..5eefeb5 100644
--- a/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf
+++ b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf
@@ -2,3 +2,7 @@
 {% for service in internal_services %}
 local-data: "{{ service }}. A {{ loadbalancer_ip }}" 
 {% endfor %}
+
+# lucina.cloud
+local-zone: "lucina.cloud." redirect
+local-data: "lucina.cloud. A 10.128.0.44"
diff --git a/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf
index ae977e7..19af327 100644
--- a/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf
+++ b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf
@@ -1,6 +1,5 @@
 forward-zone:
   name: "."
-  forward-addr: 10.128.0.44@53
-# forward-addr: 1.1.1.1@853#cloudflare-dns.com
-# forward-addr: 1.0.0.1@853#cloudflare-dns.com
-# forward-tls-upstream: yes
+  forward-addr: 1.1.1.1@853#cloudflare-dns.com
+  forward-addr: 1.0.0.1@853#cloudflare-dns.com
+  forward-tls-upstream: yes
diff --git a/playbooks/roles/swarm_init/tasks/main.yml b/playbooks/roles/swarm_cluster/swarm_init/tasks/main.yml
index 19967e9..19967e9 100644
--- a/playbooks/roles/swarm_init/tasks/main.yml
+++ b/playbooks/roles/swarm_cluster/swarm_init/tasks/main.yml
diff --git a/playbooks/roles/swarm_join/tasks/main.yml b/playbooks/roles/swarm_cluster/swarm_join/tasks/main.yml
index f6fe454..b73030e 100644
--- a/playbooks/roles/swarm_join/tasks/main.yml
+++ b/playbooks/roles/swarm_cluster/swarm_join/tasks/main.yml
@@ -7,9 +7,9 @@
 
 - name: Join Swarm as Manager
   ansible.builtin.command:
-    cmd: docker swarm join --token {{ hostvars[groups['swarm'][0]]['manager_token'].stdout }} {{ hostvars[groups['swarm'][0]]['ansible_default_ipv4']['address'] }}:2377
+    cmd: docker swarm join --token {{ hostvars[swarm_initializer_host]['manager_token'].stdout }} {{ hostvars[swarm_initializer_host]['ansible_default_ipv4']['address'] }}:2377
   when:
-    - hostvars[groups['swarm'][0]]['manager_token'].stdout is defined
+    - hostvars[swarm_initializer_host]['manager_token'].stdout is defined
     - docker_swarm_status.stdout != "active"
   register: swarm_join
   changed_when: '"This node joined a swarm as a manager" in swarm_join.stdout'
diff --git a/playbooks/roles/swarm_cluster/tasks/main.yml b/playbooks/roles/swarm_cluster/tasks/main.yml
new file mode 100644
index 0000000..d2507af
--- /dev/null
+++ b/playbooks/roles/swarm_cluster/tasks/main.yml
@@ -0,0 +1,20 @@
+---
+
+- name: Enable Local Swarm Communications
+  community.general.ufw:
+    rule: allow
+    from: "{{ homelab_network }}"
+    state: enabled
+
+- name: Set swarm initializer variable
+  ansible.builtin.set_fact:
+    swarm_initializer_host: "{{ groups['swarm_cluster'][0] }}"
+
+- name: Initialize the swarm cluster on the first node
+  when: ansible_hostname == swarm_initializer_host
+  ansible.builtin.import_tasks: swarm_init/tasks/main.yml
+
+- name: Join the swarm cluster on all other nodes
+  when: ansible_hostname != swarm_initializer_host
+  ansible.builtin.import_tasks: swarm_join/tasks/main.yml
+
diff --git a/playbooks/swarm_cluster.yml b/playbooks/swarm_cluster.yml
index 6a13f8c..8dadae4 100644
--- a/playbooks/swarm_cluster.yml
+++ b/playbooks/swarm_cluster.yml
@@ -1,24 +1,8 @@
 ---
 
-- name: Configure Docker Swarm Firewall Rules
-  hosts: swarm
-  become: true
-  tasks:
-    - name: Enable Local Swarm Communications
-      community.general.ufw:
-        rule: allow
-        from: "{{ homelab_network }}"
-        state: enabled
-
-- name: Setup swarm on init node
-  hosts: swarm[0]
-  become: true
-  roles:
-    - swarm_init
-
-- name: Join non-init nodes
-  hosts: swarm:!swarm[0]
+- name: Deploy swarm cluster
+  hosts: swarm_cluster
   become: true
   roles:
-    - swarm_join
+    - swarm_cluster