It requires a bit of refactoring to have the Groovy look to the /run/secrets/secret-name paths, and running docker swarm init and then you need to pre-populate the secrets with docker secret create secret-name file-with-secret or cat ~/.aws/credentials | docker secret create aws-credentials - or echo $(gopass show -o root/my/secret/account) | docker secret create my-secret-account -.

I've been playing with this a bit myself and other than requiring docker stack deploy my-stack-name --compose-file=docker-compose.yml and docker service logs -f my-stack-name_projectname (projectname aka foldername), it works pretty similarly to a regular Docker Compose setup.

I ended up also using a local registry so I could docker-compose build && docker compose push to the local registry, and then have the docker stack deploy pull from it with localhost:5000/my-jenkins-docker:latest. This is mostly so that I could just re-deploy if I had to change the Dockerfile instead of docker stack rm my-stack-name and then spinning the whole thing up again.

Overall the biggest pain comes if you start trying to do docker-in-docker as you have to create a mirror of the container's working directories for any volumes you want to pass into inner containers.