Fixed some swarm-related bugs

main.yml

@@ -4,9 +4,9 @@
   become: yes
   roles:
     - install-base-packages
-    - docker
     - net-security
     - set-hostname
+    - docker
   tags: base
 
 - name: Initialize Docker swarm.

roles/docker/files/daemon.json

@@ -0,0 +1,4 @@
+{
+    "metrics-addr" : "0.0.0.0:9323",
+    "experimental" : true
+}

roles/docker/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: restart docker
+  service:
+    name: docker
+    state: restarted

roles/docker/tasks/main.yml

@@ -58,3 +58,12 @@
     name: debian
     groups: docker
     append: true
+
+- name: Enable metric endpoint for Prometheus
+  copy:
+    src: daemon.json
+    dest: /etc/docker/daemon.json
+    owner: root
+    group: root
+    mode: '644'
+  notify: restart docker

roles/net-security/tasks/main.yml

@@ -24,6 +24,15 @@
     rule: allow
     port: 2222
 
+- name: Open necessary ports for Docker swarm communication.
+  community.general.ufw:
+    rule: allow
+    port: "{{ item }}"
+  loop:
+    - 2377  # cluster management communications
+    - 7946  # communication among nodes
+    - 4789  # overlay network traffic
+
 - name: Block everything else by default & enable firewall.
   community.general.ufw:
     default: deny