Volumes are not enabled & Traefik watch


I try to migrate my home server from ansible + docker compose to Nomad & Consul.

I tried to understand and read doc and examples about volumes but something I missed.

My job:

job "traefik" {
  region      = "global"
  datacenters = ["dc1"]
  type        = "service"

  group "traefik" {
    count = 1

    task "traefik" {
      driver = "docker"

      config {
        image        = "traefik:latest"
        network_mode = "host"

        volumes = [

      resources {
        cpu    = 100
        memory = 1024

        network {
          mbits = 100

          port "http" {
            static = 80

          port "https" {
            static = 443

          port "metrics" {
            static = 8082

          port "api" {
            static = 8081

      service {
        name = "traefik"

        tags = [

        check {
          name     = "alive"
          type     = "tcp"
          port     = "http"
          interval = "10s"
          timeout  = "2s"

When I used docker-compose, I have volume with all configs for all dockers containers in /srv/live/{{ APP_NAME }}/and very important, I used directory watch for traefik, because I used lot of services (NAS, HomeAutomation etc.) in my LAN. And I create file for every externals services. And I would like to re-use these configs that work.

I have this error:

Oct 17, '20 16:58:43 +0200 	Driver Failure 	Failed to create container configuration for image "traefik:latest" ("sha256:1a3f0281f41e2971ef15020097b1121131936f33ffe2fe51c45f0dd41307d1ab"): volumes are not enabled; cannot mount host paths: "/srv/live/traefik/config/traefik.yaml:/etc/traefik/traefik.yaml"

It’s the same user for docker and nomad

What is your advice? I’m little bit lost in this transition.

Does I needed to create volume? But I would like to be able to write directly from terminal in directory of traefik.

Thanks a lot for the newbie!

bind mounts are disabled for security reasons. You need to explicitly enabled them; the relevant documentation is at https://www.nomadproject.io/docs/drivers/docker#enabled-1

1 Like

Thanks a lot, I didn’t read the last part, it’s my fault, sorry.

If there are security reasons OK, I will try to respect security advices.

So I tried this:

In client.hcl

    host_volume "data" {
        path = "/srv/live/"
        read_only = false

/srv/live/ is where I store all my docker config and volumes

I can’t see how to organize volume mount to use my /srv/live/traefik/config/traefik.yaml to my container traefik.

I tried this: (part of my job file)

    volume "data" {
      type      = "host"
      read_only = false
      source    = "data"

    task "traefik" {
      driver = "docker"

      volume_mount {
        volume      = "data"
        destination = "/etc/traefik/"
        read_only   = false

      config {
        image        = "traefik:latest"
        network_mode = "host"

        volumes = [

But I have this error:

2020/10/18 09:47:18 command traefik error: read /etc/traefik/traefik.yaml: is a directory

Simply I would like to create a volume use by all my containers.


data/config/traefik.yaml just refers to a normal bind mount, it will create the directories if they don’t exist (that is the reason for your error) – but that is normal docker behavior. Also you cannot choose subdirectories in volumes, you’d have to use them as is.

So you’d need to specify one host-volume per container/whatever. Or you can enable the “insecure” bind mounts. It is not worse than running docker-compose :wink: