From 654694f9276cd9c30a7f2690f9336cf63a0172ef Mon Sep 17 00:00:00 2001
From: Elizabeth Hunt <me@liz.coffee>
Date: Sun, 16 Mar 2025 21:23:16 -0700
Subject: a good starting point for traefik

---
 playbooks/deploy-swarm-cluster.yml | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 playbooks/deploy-swarm-cluster.yml

(limited to 'playbooks/deploy-swarm-cluster.yml')

diff --git a/playbooks/deploy-swarm-cluster.yml b/playbooks/deploy-swarm-cluster.yml
new file mode 100644
index 0000000..22dcdb7
--- /dev/null
+++ b/playbooks/deploy-swarm-cluster.yml
@@ -0,0 +1,34 @@
+---
+
+- name: Configure Docker Swarm Firewall Rules
+  hosts: swarm
+  become: true
+  tasks:
+    - name: Enable Local Swarm Communications
+      loop: "{{ rfc1918_cgnat_networks }}"
+      community.general.ufw:
+        rule: allow
+        port: "2377"
+        from: "{{ item }}"
+        state: enabled
+
+    - name: Enable Local Swarm Communications
+      loop: "{{ rfc1918_cgnat_networks }}"
+      community.general.ufw:
+        rule: allow
+        port: "9001"
+        from: "{{ item }}"
+        state: enabled
+
+- name: Setup swarm on init node
+  hosts: swarm[0]
+  become: true
+  roles:
+    - swarm-init
+
+- name: Join non-init nodes
+  hosts: swarm:!swarm[0]
+  become: true
+  roles:
+    - swarm-join
+
-- 
cgit v1.2.3-70-g09d2