job "builder" {
  namespace = "ci"
  type = "batch"

  datacenters = ["neptune"]
  priority = 100

  parameterized {
    payload = "optional"
    meta_required = [ "REPO_URL", "COMMIT", "BRANCH", "TAG", "FLAVOR" ]
  }

  reschedule {
    attempts = 0
    unlimited = false
  }

  constraint {
    distinct_hosts = true
  }

  group "runner" {
  task "warmup-cache" {
    driver = "docker"
    config {
      image = "nixpkgs/nix@sha256:fca3bf99804141e369bb52f35030f7c6c69e72b7d1ae3a9edf8ebeae2398f789"
      args = [ "/tmp/warmup.sh" ]
      volumes = [ 
        "local/warmup.sh:/tmp/warmup.sh",
        "/var/cache/albatros/nix:/mnt/nix"
      ]
    }

    lifecycle {
      hook = "prestart"
      sidecar = false
    }

    template {
      data = file("./warmup.sh")
      destination = "local/warmup.sh"
      perms = "555"
    }
  }

  task "executor" {
    driver = "docker"
    leader = true
    config {
      image = "nixpkgs/nix@sha256:fca3bf99804141e369bb52f35030f7c6c69e72b7d1ae3a9edf8ebeae2398f789"
      args = [ "/tmp/builder.sh" ]
      volumes = [ 
        "local/builder.sh:/tmp/builder.sh",
        "local/nix.conf:/etc/nix/nix.conf",
        "local/secrets:/var/run/secrets/albatros",
        "/var/cache/albatros/nix:/nix:ro",
        "/var/cache/albatros/cacheroot:/mnt/cacheroot"
      ]
    }

    dispatch_payload {
      file = "secrets/secret.txt"
    }

    env {
      COMMIT = "${NOMAD_META_COMMIT}"
      BRANCH = "${NOMAD_META_BRANCH}"
      TAG = "${NOMAD_META_TAG}"
      REPO_URL = "${NOMAD_META_REPO_URL}"
      FLAVOR = "${NOMAD_META_FLAVOR}"
      GCROOT = "/mnt/cacheroot/${NOMAD_META_COMMIT}"
      NIX_REMOTE = "daemon"     
    }

    template {
      data = file("./user.sh")
      destination = "local/builder.sh"
      perms = "555"
    }

    template {
      data = file("./nix.conf")
      destination = "local/nix.conf"
    }

    restart {
      attempts = 0
    }

    resources {
        # actual work should be done in the nix daemon
        cpu    = 100
        memory = 500
    }
  }

  task "daemon" {
    driver = "docker"
    config {
      image = "nixpkgs/nix@sha256:fca3bf99804141e369bb52f35030f7c6c69e72b7d1ae3a9edf8ebeae2398f789"
      command = "nix-daemon"
      volumes = [ 
        "/var/cache/albatros/nix:/nix",
        "local/nix.conf:/etc/nix/nix.conf",
        "local/pin.sh:/usr/local/bin/pin.sh"
      ]
    }

    template {
      data = file("./nix.conf")
      destination = "local/nix.conf"
    }

    template {
      data = file("./pin.sh")
      destination = "local/pin.sh"
      perms = "555"
    }

    restart {
      attempts = 0
    }

    resources {
        cpu    = 1000
        memory = 4000
    }
  }
  task "garbage-collect-cache" {
    driver = "docker"
    config {
      image = "nixpkgs/nix@sha256:fca3bf99804141e369bb52f35030f7c6c69e72b7d1ae3a9edf8ebeae2398f789"
      args = [ "/tmp/gc.sh" ]
      volumes = [ 
        "local/gc.sh:/tmp/gc.sh",
        "local/nix.conf:/etc/nix/nix.conf",
        "/var/cache/albatros/nix:/nix",
      ]
    }

    lifecycle {
      hook = "poststop"
      sidecar = false
    }

    template {
      data = file("./nix.conf")
      destination = "local/nix.conf"
    }

    template {
      data = file("./gc.sh")
      destination = "local/gc.sh"
      perms = "555"
    }

    restart {
      attempts = 0
    }
  }
  }
}