dumb question...

[ghost]

does... this initialize / copy the certs?

[thojkooi]

It doesn't do anything fancy with certificates.

[ghost]

so... how would one set docker to connect to the swarm? does it listen on :2376 by default?

[ghost]

I've seen terraform-swarm generate certs, but don't know how to apply that same logic here.

[thojkooi]

You would have to have your Docker installation handle exposing the Docker deamon / API on port 2376, using user data, or through some configuration management tool such as puppet.

I've messed around a bit with trying to get Terraform itself to handle it today and will push some examples for it soon.

[thojkooi]

@toxik-io , I've pushed some work in progress changes on the overhaul branch, including an example:

https://github.com/thojkooi/terraform-digitalocean-docker-swarm-mode/tree/77d75b908567508e0579f49766ddcef93b945434/examples/usage

Details on how to generate the certificates using cfssl can be found in the certs/ directory in that example. It has a couple of shell scripts you can run that will generate a set of certificates and keys.