From 6ccd1030dc8ea23b5dd5d3e1029352093432b491 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <dbd@ehtrace.com>
Date: Thu, 18 Aug 2022 19:00:16 +0200
Subject: [PATCH] Update to 2022-08-18 19:00

---
 roles/nomad/defaults/main.yml      |  2 ++
 roles/nomad/tasks/archive_pre.yml  |  1 +
 roles/nomad/templates/nomad.hcl.j2 | 13 +++++++------
 3 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/roles/nomad/defaults/main.yml b/roles/nomad/defaults/main.yml
index 69665ca..ac50902 100644
--- a/roles/nomad/defaults/main.yml
+++ b/roles/nomad/defaults/main.yml
@@ -94,6 +94,8 @@ nomad_base_conf:
       docker:
         enabled: True
         allow_privileged: True
+        volumes:
+          enabled: False
         # You can set a list of caps allowed for containers. The default is the same set of caps than Docker, minus net_raw
         # allow_caps: ["audit_write", "chown", "dac_override", "fowner", "fsetid", "kill", "mknod", "net_bind_service", "setfcap", "setgid", "setpcap", "setuid", "sys_chroot"]
       raw_exec:
diff --git a/roles/nomad/tasks/archive_pre.yml b/roles/nomad/tasks/archive_pre.yml
index d68573f..3e88fee 100644
--- a/roles/nomad/tasks/archive_pre.yml
+++ b/roles/nomad/tasks/archive_pre.yml
@@ -8,6 +8,7 @@
   command: "{{ nomad_root_dir }}/bin/nomad operator snapshot save {{ nomad_root_dir }}/archives/{{ nomad_current_version }}/nomad.snap"
   args:
     creates: "{{ nomad_root_dir }}/archives/{{ nomad_current_version }}/nomad.snap"
+  when: nomad_conf.server.enabled
   environment:
     NOMAD_TOKEN: "{{ nomad_mgm_token | default(omit) }}"
   tags: nomad
diff --git a/roles/nomad/templates/nomad.hcl.j2 b/roles/nomad/templates/nomad.hcl.j2
index b4c9c03..585a2c5 100644
--- a/roles/nomad/templates/nomad.hcl.j2
+++ b/roles/nomad/templates/nomad.hcl.j2
@@ -109,6 +109,11 @@ client {
 plugin "docker" {
   config {
     allow_privileged = {{ nomad_conf.client.task_drivers.docker.allow_privileged | ternary('true', 'false') }}
+{% if nomad_conf.client.task_drivers.docker.volumes.enabled %}
+    volumes {
+      enabled = true
+    }
+{% endif %}
 {% if nomad_conf.client.task_drivers.docker.allow_caps is defined %}
     allow_caps = [
 {% for cap in nomad_conf.client.task_drivers.docker.allow_caps %}
@@ -120,23 +125,19 @@ plugin "docker" {
 }
 {% endif %}
 
-{% if 'raw_exec' in nomad_enabled_task_drivers %}
 plugin "raw_exec" {
   config {
-    enabled = true
+    enabled = {{ ('raw_exec' in nomad_enabled_task_drivers) | ternary('true', 'false') }}
   }
 }
-{% endif %}
 
-{% if 'containerd-driver' in nomad_enabled_task_drivers %}
 plugin "containerd-driver" {
   config {
-    enabled = true
+    enabled = {{ ('containerd-driver' in nomad_enabled_task_drivers) | ternary('true', 'false') }}
     containerd_runtime = "{{ nomad_conf.client.task_drivers['containerd-driver'].containerd_runtime }}"
     allow_privileged = {{ nomad_conf.client.task_drivers['containerd-driver'].allow_privileged | ternary('true', 'false') }}
   }
 }
-{% endif %}
 
 {% endif %}
 {% else %}