job "drone-runner" {
  datacenters = [
    "nummer5",
  ]
  type = "service"
  node_pool = "apps"

  group "apps" {
    count = 1

    network {
      mode = "host"
      port "http" {
        to = 3000
      }
    }
    volume "drone-runner" {
      type      = "csi"
      source    = "drone-runner"
      read_only = false
      access_mode = "single-node-writer"
      attachment_mode = "file-system"
    }
    
    service {
        name = "drone-runner"
        port = "http"
        
        tags = [
          "traefik.enable=true",
          "traefik.http.routers.drone-runner.rule=Host(`drone-runner.service.nr5`)",
        ]
    }

    restart {
      attempts = 5
      delay    = "30s"
    }

    task "drone-runner" {
      driver = "podman"

      config {
        image = "docker.io/drone/drone-runner-docker:latest"
        force_pull = true 
        ports = ["http"]
        privileged = true
        volumes = [
          "/var/run/podman/podman.sock:/var/run/docker.sock",
          "/etc/containers:/etc/containers"
        ]
 
      }
      volume_mount {
        volume      = "drone-runner"
        destination = "/drone"
        read_only   = false
      }

      env {
        TZ                        = "Europe/Berlin"
        DRONE_RUNNER_NAME         = "drone-runner01"
        DRONE_RPC_SECRET          = "7eb685ed81d0c34bafc5efa7783c20b2"
        DRONE_RPC_HOST            = "drone.service.nr5"
        DRONE_RPC_PROTO           = "http"
        DRONE_RUNNER_CAPACITY     = 1
        DRONE_LOGS_DEBUG          = true 
        DRONE_LOGS_TRACE          = true
        DRONE_TRACE               = true
        DOCKER_BUILDKIT           = 1
        DRONE_GIT_ALWAYS_AUTH     = true
        DRONE_UI_DISABLE          = false
        DRONE_UI_USERNAME         = "root"
        DRONE_UI_PASSWORD         = "root"
        DRONE_RUNNER_CLONE_IMAGE  = "drone/git"
        DRONE_RUNNER_VOLUMES      = "/etc/resolv.conf:/etc/resolv.conf"
      }

      resources {
        cpu    = 300
        memory = 500 
      }

    }
  }
}