#!/bin/bash # Setup script for Nomad host volumes on Autobox # Run this on the Autobox server set -e PROJECT_NAME="${1:-myapp}" VOLUME_PATH="/opt/nomad-volumes/${PROJECT_NAME}-data" SECRETS_PATH="/opt/nomad-secrets/${PROJECT_NAME}" NOMAD_CONFIG="/etc/nomad.d/client.hcl" echo "==================================================" echo "Setting up Nomad volumes for: $PROJECT_NAME" echo "==================================================" # Check if running as root if [ "$EUID" -ne 0 ]; then echo "❌ Please run as root (use sudo)" exit 1 fi # 1. Create volume directory echo "" echo "📁 Creating volume directory..." mkdir -p "$VOLUME_PATH" chown 1000:1000 "$VOLUME_PATH" chmod 755 "$VOLUME_PATH" echo "✅ Created: $VOLUME_PATH" # 2. Create secrets directory echo "" echo "🔐 Creating secrets directory..." mkdir -p "$SECRETS_PATH" chown 1000:1000 "$SECRETS_PATH" chmod 700 "$SECRETS_PATH" echo "✅ Created: $SECRETS_PATH" # 3. Check if volume already configured in Nomad echo "" echo "📝 Checking Nomad client configuration..." if grep -q "host_volume \"${PROJECT_NAME}-data\"" "$NOMAD_CONFIG"; then echo "⚠️ Volume already configured in $NOMAD_CONFIG" else echo "Adding volume configuration to $NOMAD_CONFIG..." # Backup config cp "$NOMAD_CONFIG" "${NOMAD_CONFIG}.backup.$(date +%Y%m%d_%H%M%S)" # Add volume configuration cat >> "$NOMAD_CONFIG" << EOF # Volume for $PROJECT_NAME host_volume "${PROJECT_NAME}-data" { path = "$VOLUME_PATH" read_only = false } # Secrets for $PROJECT_NAME host_volume "${PROJECT_NAME}-secrets" { path = "$SECRETS_PATH" read_only = true } EOF echo "✅ Added volume configuration" fi # 4. Create example secrets file echo "" echo "🔑 Creating example secrets file..." cat > "${SECRETS_PATH}/secrets.env" << 'EOF' # Example secrets for your application # Edit this file with your actual secrets API_KEY=change-me-to-your-api-key DATABASE_URL=sqlite:////app/data/app.db SECRET_KEY=change-me-to-a-random-string # Add more secrets as needed EOF chown 1000:1000 "${SECRETS_PATH}/secrets.env" chmod 600 "${SECRETS_PATH}/secrets.env" echo "✅ Created: ${SECRETS_PATH}/secrets.env" echo " ⚠️ EDIT THIS FILE WITH YOUR ACTUAL SECRETS!" # 5. Restart Nomad to pick up new configuration echo "" echo "🔄 Restarting Nomad client..." systemctl restart nomad # Wait for Nomad to start sleep 3 # Check if Nomad is running if systemctl is-active --quiet nomad; then echo "✅ Nomad restarted successfully" else echo "❌ Nomad failed to start! Check logs:" echo " journalctl -u nomad -n 50 --no-pager" exit 1 fi # 6. Verify volume registration echo "" echo "✅ Verifying volume registration..." if nomad agent-info | grep -q "${PROJECT_NAME}-data"; then echo "✅ Volume registered successfully" else echo "⚠️ Volume not showing in agent-info (may need time to register)" fi # 7. Print summary echo "" echo "==================================================" echo "✅ Setup Complete!" echo "==================================================" echo "" echo "Volumes created:" echo " 📁 Data: $VOLUME_PATH" echo " 🔐 Secrets: $SECRETS_PATH" echo "" echo "Next steps:" echo " 1. Edit secrets: vim ${SECRETS_PATH}/secrets.env" echo " 2. Update your Nomad job to use volumes:" echo " - Volume source: '${PROJECT_NAME}-data'" echo " - Volume source: '${PROJECT_NAME}-secrets'" echo " 3. Deploy your application: nomad job run job.hcl" echo "" echo "Verify volumes:" echo " nomad agent-info | grep -A 5 host_volumes" echo ""