infrastructure/roles/vaultwarden/tasks/main.yaml

   1 - name: create quadlet
   2   ansible.builtin.copy:
   3     dest: /etc/containers/systemd/vaultwarden.container
   4     content: |
   5       [Unit]
   6       After=network-online.target
   7
   8       [Container]
   9       AutoUpdate=registry
  10       Image=ghcr.io/dani-garcia/vaultwarden:latest
  11       Exec=/start.sh
  12       EnvironmentFile=vaultwarden.environment
  13       Volume=/var/lib/vaultwarden/:/data/:idmap
  14       Network=host
  15       UserNS=auto
  16
  17       [Install]
  18       WantedBy=default.target
  19   notify:
  20     - systemd daemon reload
  21     - restart quadlet
  22 - name: create environment
  23   ansible.builtin.copy:
  24     dest: /etc/containers/systemd/vaultwarden.environment
  25     content: |
  26       DOMAIN=https://{{ public_hostname }}/vaultwarden
  27       SIGNUPS_DOMAINS_WHITELIST=localhost
  28       SIGNUPS_VERIFY=true
  29       SMTP_HOST=localhost
  30       SMTP_FROM=vaultwarden@localhost
  31       SMTP_SECURITY=off
  32       ROCKET_ADDRESS=127.0.0.1
  33       ROCKET_PORT=8080
  34   notify:
  35     - restart quadlet
  36 - name: create storage
  37   ansible.builtin.file:
  38     name: /var/lib/vaultwarden
  39     state: directory
  40   notify:
  41     - restart quadlet
  42 - meta: flush_handlers
  43 - name: enable quadlet
  44   ansible.builtin.systemd_service:
  45     name: vaultwarden.service
  46     enabled: true
  47     state: started