[[ $c := merge .mail.relay . -]]

job [[ .instance | toJSON ]] {

[[ template "common/job_start.tpl" $c ]]

  group "smtp-relay" {

    count = [[ .mail.relay.count ]]

    network {
      mode = "bridge"
    }

    volume "smtp-relay" {
      type            = [[ .mail.relay.volume.type | toJSON ]]
      source          = [[ .mail.relay.volume.source | toJSON ]]
      attachment_mode = "file-system"
      access_mode     = "single-node-writer"
      per_alloc       = true
    }

    service {
      name = "[[ .instance ]][[ .consul.suffix ]]"
      port = 8025

[[ template "common/connect.tpl" $c ]]
    }

    task "exim" {
      driver = [[ $c.nomad.driver | toJSON ]]

      config {
        image = [[ .mail.relay.image | toJSON ]]
      }

      vault {
        policies = ["[[ .instance ]][[ .consul.suffix ]]"]
        env = false
        disable_file = true
      }

      env {
        HOSTNAME = "[[ .instance ]].service.[[ .consul.domain ]]"
        LOCAL_DOMAINS = ""
        RELAY_FROM_HOSTS = "127.0.0.1"
        DISABLE_SENDER_VERIFICATION = "true"
        SMARTHOST = "[[ .mail.relay.host ]]::[[ .mail.relay.port ]]"
        [[ template "common/env.tpl" .mail.relay.env ]]
      }

[[- if has .mail.relay "user" ]]
      template {
        data =<<_EOF
# SMTP Auth
SMTP_USERNAME=[[ .mail.relay.user ]]
SMTP_PASSWORD=[[ .mail.relay.password ]]
_EOF
        destination = "secrets/env"
        uid         = 100000
        gid         = 100000
        perms       = 0400
        env         = true
      }
[[- end ]]

      volume_mount {
        volume      = "smtp-relay"
        destination = "/var/spool/exim"
      }

[[ template "common/resources.tpl" .mail.relay.resources ]]

    }
  }
}