Coturn was failing to start with the following error:
failed to create task for container: failed to create shim task: OCI
runtime create failed: runc create failed: unable to start container
process: exec: "/usr/local/bin/docker-entrypoint.sh": permission denied:
unknown
It seems to be caused by the recent NixOS update.
Either because Docker/runc is now more strict when checking if the
entrypoint is executable [1]
And/or because Nomad may mount the secrets directory with "noexec" [2].
In any case, the "local" directory [2] looks more appropriate, because
it's shared with the task while not being accessible to other tasks.
[1] https://github.com/opencontainers/runc/issues/3715
[2] https://developer.hashicorp.com/nomad/docs/concepts/filesystem
