#cloud-config
package_update: true
package_upgrade: true

packages:
  - wget
  - unzip
  - docker.io

users:
  - name: nomad
    system: true
    shell: /bin/false
    home: /opt/nomad
    groups: docker

write_files:
  - path: /etc/nomad.d/nomad.hcl
    content: |
      datacenter = "dc1"
      data_dir = "/opt/nomad/data"
      log_level = "INFO"
      
      server {
        enabled = true
        bootstrap_expect = 1
      }
      
      client {
        enabled = true
        servers = ["127.0.0.1"]
      }
      
      ui_config {
        enabled = true
      }
      
      plugin "docker" {
        config {
          allow_privileged = false
        }
      }
    permissions: '0640'
    owner: nomad:nomad

  - path: /etc/systemd/system/nomad.service
    content: |
      [Unit]
      Description=Nomad
      Documentation=https://www.nomadproject.io/docs/
      Wants=network-online.target
      After=network-online.target
      
      [Service]
      Type=notify
      User=nomad
      Group=nomad
      ExecReload=/bin/kill -HUP $MAINPID
      ExecStart=/usr/local/bin/nomad agent -config /etc/nomad.d
      KillMode=process
      Restart=on-failure
      LimitNOFILE=65536

      [Install]
      WantedBy=multi-user.target

runcmd:
  # Download and install Nomad
  - cd /tmp
  - wget https://releases.hashicorp.com/nomad/1.6.0/nomad_1.6.0_linux_amd64.zip
  - unzip nomad_1.6.0_linux_amd64.zip
  - mv nomad /usr/local/bin/
  - chmod +x /usr/local/bin/nomad
  # Create directories
  - mkdir -p /opt/nomad/data
  - mkdir -p /etc/nomad.d
  - chown -R nomad:nomad /opt/nomad /etc/nomad.d
  # Start Docker
  - systemctl enable docker
  - systemctl start docker
  - usermod -aG docker nomad
  # Enable and start Nomad
  - systemctl enable nomad
  - systemctl start nomad
  # Configure firewall
  - ufw allow 4646/tcp
  - ufw allow 4647/tcp
  - ufw allow 4648/tcp