disinto/nomad/jobs/staging.hcl

# =============================================================================
# nomad/jobs/staging.hcl — Staging file server (Nomad service job)
#
# Part of the Nomad+Vault migration (S5.2, issue #989). Lightweight service job
# for the staging file server using Caddy as a static file server.
#
# Mount contract:
#   This job mounts the `docker/` directory as `/srv/site` (read-only).
#   The docker/ directory contains static content (images, HTML, etc.)
#   served to staging environment users.
#
# Network:
#   No external port exposed — edge proxy routes to it internally.
#   Service discovery via Nomad native provider for internal routing.
#
# Not the runtime yet: docker-compose.yml is still the factory's live stack
# until cutover. This file exists so CI can validate it and S5.2 can wire
# `disinto init --backend=nomad --with staging` to `nomad job run` it.
# =============================================================================

job "staging" {
  type        = "service"
  datacenters = ["dc1"]

  group "staging" {
    count = 1

    # ── Host volumes ─────────────────────────────────────────────────────────
    # site-content volume: declared in nomad/client.hcl, path
    # /srv/disinto/docker on the factory box.
    volume "site-content" {
      type      = "host"
      source    = "site-content"
      read_only = true
    }

    # No Vault integration needed — no secrets required (static file server)

    # Internal service — no external port. Edge proxy routes internally.
    network {
      port "http" {
        static = 80
        to     = 80
      }
    }

    restart {
      attempts = 3
      interval = "5m"
      delay    = "15s"
      mode     = "delay"
    }

    service {
      name     = "staging"
      port     = "http"
      provider = "nomad"

      check {
        type     = "http"
        path     = "/"
        interval = "10s"
        timeout  = "3s"
      }
    }

    task "staging" {
      driver = "docker"

      config {
        image = "caddy:alpine"
        ports = ["http"]
      }

      # Mount docker/ directory as /srv/site:ro (static content)
      volume_mount {
        volume      = "site-content"
        destination = "/srv/site"
        read_only   = true
      }

      resources {
        cpu    = 100
        memory = 256
      }
    }
  }
}
fix: [nomad-step-5] S5.2 — nomad/jobs/staging.hcl + chat.hcl (#989) 2026-04-18 07:49:07 +00:00			`# =============================================================================`
			`# nomad/jobs/staging.hcl — Staging file server (Nomad service job)`
			`#`
			`# Part of the Nomad+Vault migration (S5.2, issue #989). Lightweight service job`
			`# for the staging file server using Caddy as a static file server.`
			`#`
			`# Mount contract:`
			# This job mounts the `docker/` directory as `/srv/site` (read-only).
			`# The docker/ directory contains static content (images, HTML, etc.)`
			`# served to staging environment users.`
			`#`
			`# Network:`
			`# No external port exposed — edge proxy routes to it internally.`
			`# Service discovery via Nomad native provider for internal routing.`
			`#`
			`# Not the runtime yet: docker-compose.yml is still the factory's live stack`
			`# until cutover. This file exists so CI can validate it and S5.2 can wire`
			# `disinto init --backend=nomad --with staging` to `nomad job run` it.
			`# =============================================================================`

			`job "staging" {`
			`type = "service"`
			`datacenters = ["dc1"]`

			`group "staging" {`
			`count = 1`

			`# ── Host volumes ─────────────────────────────────────────────────────────`
			`# site-content volume: declared in nomad/client.hcl, path`
			`# /srv/disinto/docker on the factory box.`
			`volume "site-content" {`
			`type = "host"`
			`source = "site-content"`
			`read_only = true`
			`}`

			`# No Vault integration needed — no secrets required (static file server)`

			`# Internal service — no external port. Edge proxy routes internally.`
			`network {`
			`port "http" {`
			`static = 80`
			`to = 80`
			`}`
			`}`

			`restart {`
			`attempts = 3`
			`interval = "5m"`
			`delay = "15s"`
			`mode = "delay"`
			`}`

			`service {`
			`name = "staging"`
			`port = "http"`
			`provider = "nomad"`

			`check {`
			`type = "http"`
			`path = "/"`
			`interval = "10s"`
			`timeout = "3s"`
			`}`
			`}`

			`task "staging" {`
			`driver = "docker"`

			`config {`
			`image = "caddy:alpine"`
			`ports = ["http"]`
			`}`

			`# Mount docker/ directory as /srv/site:ro (static content)`
			`volume_mount {`
			`volume = "site-content"`
			`destination = "/srv/site"`
			`read_only = true`
			`}`

			`resources {`
			`cpu = 100`
			`memory = 256`
			`}`
			`}`
			`}`
			`}`