variable "nextcloud_db" {
  type = string
  default = "nextcloud"
}

variable "nextcloud_user" {
  type = string
  default = "nextcloud"
}

variable "nextcloud_pass" {
  type = string
  default = "nextcloud"
}

variable "backup_config" {
  type = string
  description = "HCL config for Restic Scheduler jobs"
}

job "nextcloud" {
  datacenters = ["dc1"]
  type = "service"

  group "nextcloud" {
    count = 1

    network {
      mode = "bridge"

      port "web" {
        host_network = "loopback"
        to = 80
      }

      port "backup" {
        to = 8080
      }
    }

    volume "nextcloud-data" {
      type = "host"
      read_only = false
      source = "nextcloud-data"
    }

    service {
      name = "nextcloud"
      port = "web"

      connect {
        sidecar_service {
          proxy {
            local_service_port = 80

            upstreams {
              destination_name = "mysql-server"
              local_bind_port = 6060
            }

            config {
              protocol = "tcp"
            }
          }
        }

        sidecar_task {
          resources {
            cpu    = 50
            memory = 50
          }
        }
      }

      tags = [
        "traefik.enable=true",
        "traefik.http.routers.nextcloud.entryPoints=websecure",
      ]
    }

    task "nextcloud-bootstrap" {
      driver = "docker"

      lifecycle {
        hook = "prestart"
        sidecar = false
      }

      config {
        image = "mysql:8"
        args = [
          "/bin/bash",
          "-c",
          "/usr/bin/mysql -h${NOMAD_UPSTREAM_IP_mysql_server} -P${NOMAD_UPSTREAM_PORT_mysql_server} -uroot -psupersecretpassword < /bootstrap.sql",
        ]

        mount {
          type = "bind"
          source = "local/bootstrap.sql"
          target = "/bootstrap.sql"
        }
      }

      template {
        data = <<EOF
        CREATE DATABASE IF NOT EXISTS `${var.nextcloud_db}`;
        CREATE USER IF NOT EXISTS '${var.nextcloud_user}'@'%' IDENTIFIED BY '${var.nextcloud_pass}';
        GRANT ALL ON `${var.nextcloud_db}`.* to '${var.nextcloud_user}'@'%';
        EOF
        destination = "local/bootstrap.sql"
      }

      resources {
        cpu = 50
        memory = 50
      }
    }

    task "main" {
      driver = "docker"

      volume_mount {
        volume = "nextcloud-data"
        destination = "/var/www/html"
        read_only = false
      }

      config {
        image = "nextcloud"
        ports = ["web"]
      }

      env = {
        "MYSQL_HOST" = "${NOMAD_UPSTREAM_ADDR_mysql_server}"
        "MYSQL_DATABASE" = "${var.nextcloud_db}"
        "MYSQL_USER" = "${var.nextcloud_user}"
        "MYSQL_PASSWORD" = "${var.nextcloud_pass}"
      }

      resources {
        cpu = 50
        memory = 250
      }
    }

    service {
      name = "nextcloud-backups"
      port = "backup"

      meta {
        metrics_addr = "${NOMAD_ADDR_backup}"
      }
    }

    # TODO: Add service and expose /metrics for prometheus to grab
    task "backup" {
      driver = "docker"

      volume_mount {
        volume = "nextcloud-data"
        destination = "/data"
        read_only = true
      }

      config {
        image = "iamthefij/resticscheduler"
        args = ["/jobs/nextcloud.hcl"]
        ports = ["backup"]

        mount {
          type = "bind"
          target = "/jobs"
          source = "jobs"
        }
      }

      env = {
        "MYSQL_HOST" = "${NOMAD_UPSTREAM_IP_mysql_server}"
        "MYSQL_PORT" = "${NOMAD_UPSTREAM_PORT_mysql_server}"
        "MYSQL_DATABASE" = "${var.nextcloud_db}"
        "MYSQL_USER" = "${var.nextcloud_user}"
        "MYSQL_PASSWORD" = "${var.nextcloud_pass}"
      }

      template {
        data = var.backup_config
        destination = "jobs/nextcloud.hcl"
      }

      resources {
        cpu = 50
        memory = 256
      }
    }
  }
}