---

- name: Configure Docker Swarm Firewall Rules
  hosts: swarm
  become: true
  tasks:
    - name: Enable Local Swarm Communications
      loop: "{{ rfc1918_cgnat_networks }}"
      community.general.ufw:
        rule: allow
        port: "2377"
        from: "{{ item }}"
        state: enabled

    - name: Enable Local Swarm Communications
      loop: "{{ rfc1918_cgnat_networks }}"
      community.general.ufw:
        rule: allow
        port: "9001"
        from: "{{ item }}"
        state: enabled

- name: Setup swarm on init node
  hosts: swarm[0]
  become: true
  roles:
    - swarm-init

- name: Join non-init nodes
  hosts: swarm:!swarm[0]
  become: true
  roles:
    - swarm-join