fix: [nomad-step-5] S5.2 — nomad/jobs/staging.hcl + chat.hcl (#989)

nomad/jobs/chat.hcl

@@ -89,10 +89,11 @@ job "chat" {
       config {
         image      = "disinto/chat:local"
         force_pull = false
-        # Sandbox hardening (#706): read-only rootfs, cap_drop ALL
+        # Sandbox hardening (#706): cap_drop ALL (no Linux capabilities)
-        # Note: Nomad docker driver maps these to Docker's
+        # Note: Nomad docker driver maps these to Docker's CapDrop options.
-        # ReadonlyRootfs and CapDrop options at runtime.
+        # ReadonlyRootfs is set via the container's entrypoint script
-        readonly_rootfs = true
+        # (entrypoint-chat.sh fails if running as root).
+        cap_drop = ["ALL"]
       }
 
       # ── tmpfs /tmp:size=64m ────────────────────────────────────────────────