infra-swarm/ansible/roles/swarm/tasks/swarm.yml

---
- name: Run Swarm container
  docker_container:
    name: '{{ cont_name }}'
    image: '{{ cont_image }}'
    user: root
    pull: true
    restart_policy: always
    state: '{{ cont_state }}'
    recreate: '{{ cont_recreate }}'
    restart: '{{ cont_restart }}'
    entrypoint: '/swarm'
    ports:
      - '{{ cont_port }}:{{ cont_port }}'
      - '127.0.0.1:{{ swarm_port }}:8500'
    links:
      - '{{ geth_name }}:geth'
    command: |
      --debug
      --port={{ cont_port }}
      --httpaddr={{ swarm_addr }}
      --bzzaccount={{ geth_account }}
      --datadir=/data
      --keystore=/keys
      --password=/keys/password
      --store.path=/store
      --store.size={{ swarm_store_size }}
      --store.cache.size={{ swarm_store_cache_size }}
      --corsdomain='*'
      --ens-api='http://geth:{{ geth_rpc_port }}'      
    volumes:
      - '{{ geth_vol }}/keys:/keys:rw'
      - '{{ cont_vol }}/data:/data:rw'
      - '{{ cont_vol }}/store:/store:rw'

- name: Enable swarm ports
  iptables:
    comment: '{{ item.name }}'
    chain: INPUT
    jump: ACCEPT
    source: '0.0.0.0/0'
    protocol: '{{ item.proto }}'
    destination_port: '{{ item.port }}'
  with_items:
    - { 'name': 'Swarm',       'port': '{{ cont_port }}',  'proto': 'udp' }
    - { 'name': 'Swarm HTTP',  'port': '{{ swarm_http }}', 'proto': 'tcp' }
    - { 'name': 'Swarm HTTPS', 'port': '{{ swarm_ssl }}',  'proto': 'tcp' }
  notify:
    - Save iptables rules