Add Vaultwarden

2 files changed, 41 insertions, 0 deletions

diff --git a/infrastructure/roles/vaultwarden/handlers/main.yaml b/infrastructure/roles/vaultwarden/handlers/main.yaml
new file mode 100644
index 0000000..00c03ee
--- /dev/null
+++ b/infrastructure/roles/vaultwarden/handlers/main.yaml
@@ -0,0 +1,4 @@
+- name: restart quadlet
+  ansible.builtin.systemd_service:
+    name: vaultwarden.service
+    state: restarted
diff --git a/infrastructure/roles/vaultwarden/tasks/main.yaml b/infrastructure/roles/vaultwarden/tasks/main.yaml
new file mode 100644
index 0000000..746696e
--- /dev/null
+++ b/infrastructure/roles/vaultwarden/tasks/main.yaml
@@ -0,0 +1,37 @@
+- name: create quadlet
+  ansible.builtin.copy:
+    dest: /etc/containers/systemd/vaultwarden.container
+    content: |
+      [Unit]
+      After=network-online.target
+
+      [Container]
+      AutoUpdate=registry
+      Image=ghcr.io/dani-garcia/vaultwarden:latest
+      Exec=/start.sh
+      EnvironmentFile=vaultwarden.environment
+      Volume=/var/lib/vaultwarden/:/data/
+      PublishPort=127.0.0.1:8080:80
+
+      [Install]
+      WantedBy=default.target
+  notify:
+    - systemd daemon reload
+    - restart quadlet
+- name: create environment
+  ansible.builtin.copy:
+    dest: /etc/containers/systemd/vaultwarden.environment
+    content: |
+      DOMAIN=https://{{ public_hostname }}/vaultwarden
+  notify:
+    - restart quadlet
+- name: create storage
+  ansible.builtin.file:
+    name: /var/lib/vaultwarden
+    state: directory
+- meta: flush_handlers
+- name: enable quadlet
+  ansible.builtin.systemd_service:
+    name: vaultwarden.service
+    enabled: true
+    state: started