Initial CommitHEAD master

author: Sam Chudnick <sam@chudnick.com> 2023-06-25 09:52:36 -0400
committer: Sam Chudnick <sam@chudnick.com> 2023-06-25 09:52:36 -0400
commit: 95b73daa36b23565a8566f71f9b202d3459b685f (patch)
tree: cb17b021be70e7868d0ec235a761f0ecdc80f3f2 /roles/services/containers/vaultwarden
2 files changed, 83 insertions, 0 deletions
diff --git a/roles/services/containers/vaultwarden/handlers/main.yml b/roles/services/containers/vaultwarden/handlers/main.yml
new file mode 100644
index 0000000..5463835
--- /dev/null
+++ b/roles/services/containers/vaultwarden/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: restart nginx
+  service:
+    name: nginx
+    state: restarted
diff --git a/roles/services/containers/vaultwarden/tasks/main.yml b/roles/services/containers/vaultwarden/tasks/main.yml
new file mode 100644
index 0000000..fa63b58
--- /dev/null
+++ b/roles/services/containers/vaultwarden/tasks/main.yml
@@ -0,0 +1,79 @@
+- name: set image fact
+  set_fact:
+    image: vaultwarden/server:1.28.1
+- name: set other facts
+  vars:
+    array: "{{ image.split('/', 1) }}"
+  set_fact:
+    repo_tag: "{{ array.1 }}"
+    custom_registry: "{{ docker_registry_url + '/' + docker_registry_username }}"
+- name: create vaultwarden directory
+  file:
+    path: "{{ docker_home }}/vaultwarden"
+    state: directory
+    owner: "{{ docker_username }}"
+    group: "{{ docker_username }}"
+    mode: '0755'
+- name: create data directory
+  file:
+    path: "{{ docker_home }}/vaultwarden/data"
+    state: directory
+    owner: "{{ docker_username }}"
+    group: "{{ docker_username }}"
+    mode: '0755'
+- name: create vaultwarden docker network
+  become: yes
+  become_user: "{{ docker_username }}"
+  docker_network:
+    name: "{{ vaultwarden_network_name }}"
+    docker_host: "unix://run/user/{{ docker_uid }}/docker.sock"
+    driver: bridge
+    ipam_config:
+      - subnet: "{{ vaultwarden_subnet }}"
+        gateway: "{{ vaultwarden_gateway }}"
+- name: create and deploy vaultwarden container
+  become: yes
+  become_user: "{{ docker_username }}"
+  environment:
+    XDG_RUNTIME_DIR: "/run/user/{{ docker_uid }}"
+  docker_container:
+    name: "vaultwarden"
+    hostname: "vaultwarden"
+    image: "{{ image }}"
+    docker_host: "unix://run/user/{{ docker_uid }}/docker.sock"
+    purge_networks: yes
+    networks:
+      - name: "{{ vaultwarden_network_name }}"
+        ipv4_address: "{{ vaultwarden_ipv4 }}"
+    ports:
+      - "127.0.0.1:{{ vaultwarden_external_port }}:80"
+    volumes:
+      - "{{ docker_home }}/vaultwarden/data:/data"
+    env:
+      "DOMAIN": "https://{{ vaultwarden_server_name }}"
+      "DISABLE_ADMIN_TOKEN": "true"
+    state: 'started'
+    recreate: yes
+    restart_policy: unless-stopped
+- name: deploy nginx configuration
+  notify: restart nginx
+  template:
+    src: "{{ vaultwarden_nginx_config }}"
+    dest: /etc/nginx/sites-available/vaultwarden.conf
+    owner: root
+    group: root
+    mode: '0644'
+- name: symlink site
+  file:
+    src: /etc/nginx/sites-available/vaultwarden.conf
+    dest: /etc/nginx/sites-enabled/vaultwarden.conf
+    owner: root
+    group: root
+    state: link
author	Sam Chudnick <sam@chudnick.com>	2023-06-25 09:52:36 -0400
committer	Sam Chudnick <sam@chudnick.com>	2023-06-25 09:52:36 -0400
commit	95b73daa36b23565a8566f71f9b202d3459b685f (patch)
tree	cb17b021be70e7868d0ec235a761f0ecdc80f3f2 /roles/services/containers/vaultwarden

diff --git a/roles/services/containers/vaultwarden/handlers/main.yml b/roles/services/containers/vaultwarden/handlers/main.yml new file mode 100644 index 0000000..5463835 --- /dev/null +++ b/roles/services/containers/vaultwarden/handlers/main.yml
@@ -0,0 +1,4 @@
	1	- name: restart nginx
	2	service:
	3	name: nginx
	4	state: restarted


diff --git a/roles/services/containers/vaultwarden/tasks/main.yml b/roles/services/containers/vaultwarden/tasks/main.yml new file mode 100644 index 0000000..fa63b58 --- /dev/null +++ b/roles/services/containers/vaultwarden/tasks/main.yml
@@ -0,0 +1,79 @@
	1	- name: set image fact
	2	set_fact:
	3	image: vaultwarden/server:1.28.1
	4
	5	- name: set other facts
	6	vars:
	7	array: "{{ image.split('/', 1) }}"
	8	set_fact:
	9	repo_tag: "{{ array.1 }}"
	10	custom_registry: "{{ docker_registry_url + '/' + docker_registry_username }}"
	11
	12	- name: create vaultwarden directory
	13	file:
	14	path: "{{ docker_home }}/vaultwarden"
	15	state: directory
	16	owner: "{{ docker_username }}"
	17	group: "{{ docker_username }}"
	18	mode: '0755'
	19
	20	- name: create data directory
	21	file:
	22	path: "{{ docker_home }}/vaultwarden/data"
	23	state: directory
	24	owner: "{{ docker_username }}"
	25	group: "{{ docker_username }}"
	26	mode: '0755'
	27
	28	- name: create vaultwarden docker network
	29	become: yes
	30	become_user: "{{ docker_username }}"
	31	docker_network:
	32	name: "{{ vaultwarden_network_name }}"
	33	docker_host: "unix://run/user/{{ docker_uid }}/docker.sock"
	34	driver: bridge
	35	ipam_config:
	36	- subnet: "{{ vaultwarden_subnet }}"
	37	gateway: "{{ vaultwarden_gateway }}"
	38
	39	- name: create and deploy vaultwarden container
	40	become: yes
	41	become_user: "{{ docker_username }}"
	42	environment:
	43	XDG_RUNTIME_DIR: "/run/user/{{ docker_uid }}"
	44	docker_container:
	45	name: "vaultwarden"
	46	hostname: "vaultwarden"
	47	image: "{{ image }}"
	48	docker_host: "unix://run/user/{{ docker_uid }}/docker.sock"
	49	purge_networks: yes
	50	networks:
	51	- name: "{{ vaultwarden_network_name }}"
	52	ipv4_address: "{{ vaultwarden_ipv4 }}"
	53	ports:
	54	- "127.0.0.1:{{ vaultwarden_external_port }}:80"
	55	volumes:
	56	- "{{ docker_home }}/vaultwarden/data:/data"
	57	env:
	58	"DOMAIN": "https://{{ vaultwarden_server_name }}"
	59	"DISABLE_ADMIN_TOKEN": "true"
	60	state: 'started'
	61	recreate: yes
	62	restart_policy: unless-stopped
	63
	64	- name: deploy nginx configuration
	65	notify: restart nginx
	66	template:
	67	src: "{{ vaultwarden_nginx_config }}"
	68	dest: /etc/nginx/sites-available/vaultwarden.conf
	69	owner: root
	70	group: root
	71	mode: '0644'
	72
	73	- name: symlink site
	74	file:
	75	src: /etc/nginx/sites-available/vaultwarden.conf
	76	dest: /etc/nginx/sites-enabled/vaultwarden.conf
	77	owner: root
	78	group: root
	79	state: link