From ab49cf6758e55c4b9b7fecdfad2f947345a7c231 Mon Sep 17 00:00:00 2001
From: alex <alex@pdp7.net>
Date: Sun, 12 Oct 2025 16:23:17 +0200
Subject: Use rootful container with automatic namespace

---
 infrastructure/roles/vaultwarden/tasks/main.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'infrastructure/roles/vaultwarden/tasks')

diff --git a/infrastructure/roles/vaultwarden/tasks/main.yaml b/infrastructure/roles/vaultwarden/tasks/main.yaml
index 96eb64f..313b48b 100644
--- a/infrastructure/roles/vaultwarden/tasks/main.yaml
+++ b/infrastructure/roles/vaultwarden/tasks/main.yaml
@@ -10,8 +10,9 @@
       Image=ghcr.io/dani-garcia/vaultwarden:latest
       Exec=/start.sh
       EnvironmentFile=vaultwarden.environment
-      Volume=/var/lib/vaultwarden/:/data/
+      Volume=/var/lib/vaultwarden/:/data/:idmap
       Network=host
+      UserNS=auto
 
       [Install]
       WantedBy=default.target
@@ -36,6 +37,8 @@
   ansible.builtin.file:
     name: /var/lib/vaultwarden
     state: directory
+  notify:
+    - restart quadlet
 - meta: flush_handlers
 - name: enable quadlet
   ansible.builtin.systemd_service:
-- 
cgit v1.2.3