variable "nextcloud_backup" {
  type = string
  description = "HCL config for Restic Scheduler jobs"
}

variable "consul_backup" {
  type = string
  description = "HCL config for Restic Scheduler jobs"
}

job "backup-oneoff-n2" {
  datacenters = ["dc1"]
  type = "batch"

  parameterized {
    meta_required = ["job_name"]
    meta_optional = ["task", "snapshot"]

  }

  meta {
    task = "backup"
    snapshot = "latest"
  }


  constraint {
    attribute = "${node.unique.name}"
    # Only node with a backup job so far
    # Remove when backing up all nodes
    value = "n2"
  }

  group "backup" {

    network {
      mode = "bridge"

      port "metrics" {
        to = 8080
      }
    }

    volume "all-volumes" {
      type = "host"
      read_only = true
      source = "all-volumes"
    }

    service {
      port = "metrics"

      # Add connect to mysql
      connect {
        sidecar_service {
          proxy {
            local_service_port = 8080

            upstreams {
              destination_name = "mysql-server"
              local_bind_port = 6060
            }

            config {
              protocol = "tcp"
            }
          }
        }

        sidecar_task {
          resources {
            cpu    = 50
            memory = 50
          }
        }
      }

      meta {
        metrics_addr = "${NOMAD_ADDR_metrics}"
      }
    }

    task "backup" {
      driver = "docker"

      volume_mount {
        volume = "all-volumes"
        destination = "/data"
        read_only = true
      }

      config {
        image = "iamthefij/resticscheduler"
        ports = ["metrics"]
        args = [
          "-once",
          "-${NOMAD_META_task}",
          "${NOMAD_META_job_name}",
          # TODO: add restore arg here
          "/jobs/node-jobs.hcl",
        ]

        mount {
          type = "bind"
          target = "/jobs"
          source = "jobs"
        }
      }

      vault {
        policies = [
          "access-tables",
          "nomad-task",
        ]
      }

      env = {
        "MYSQL_HOST" = "${NOMAD_UPSTREAM_IP_mysql_server}"
        "MYSQL_PORT" = "${NOMAD_UPSTREAM_PORT_mysql_server}"
      }

      template {
        # Probably want to use database credentials that have access to dump all tables
        data = <<EOF
{{ with secret "kv/data/nextcloud" }}
MYSQL_DATABASE={{ .Data.data.db_name }}
MYSQL_USER={{ .Data.data.db_user }}
MYSQL_PASSWORD={{ .Data.data.db_pass }}
{{ end }}
{{ with secret "kv/data/backups" }}
BACKUP_PASSPHRASE={{ .Data.data.backup_passphrase }}
{{ end }}
        EOF
        destination = "secrets/db.env"
        env = true
      }

      template {
        data = <<EOH
CONSUL_HTTP_ADDR={{ env "attr.unique.network.ip-address" }}:8500
        EOH
        destination = "local/consul.env"
        env = true
      }


      template {
        # Build jobs based on node
        data = <<EOF
# Current node is {{ env "node.unique.name" }}
# Consul backup below?
{{ if eq (env "node.unique.name") "n2" -}}
# Consul backup
${var.consul_backup}
{{ end -}}
{{ range service "nextcloud" }}
# Nextcloud .Node {{ .Node }}
{{ if eq .Node (env "node.unique.name") }}
${var.nextcloud_backup}
{{ end }}{{ end }}
        EOF
        destination = "jobs/node-jobs.hcl"
      }

      resources {
        cpu = 50
        memory = 256
      }
    }
  }
}