##### Managed by Ansible #####

datacenter = "dc"
data_dir = "/opt/nomad"

server {
  enabled = true
  bootstrap_expect = 1
}
client {
  enabled = true
  options {
    docker.privileged.enabled = true
    docker.volumes.enabled = true
  }
}

plugin "docker" {
  config {
    allow_caps = ["CHOWN","DAC_OVERRIDE","FSETID","FOWNER","MKNOD","NET_RAW","SETGID","SETUID","SETFCAP","SETPCAP"," NET_BIND_SERVICE","SYS_CHROOT","KILL","AUDIT_WRITE","NET_ADMIN","NET_BROADCAST"]
    # extra Docker labels to be set by Nomad on each Docker container with the appropriate value
    extra_labels = ["job_name", "task_group_name", "task_name", "namespace", "node_name"]
    allow_privileged = true
    pull_activity_timeout = "5m"
    volumes {
      enabled      = true
      selinuxlabel = "z"
    }
  }
}