From 95b73daa36b23565a8566f71f9b202d3459b685f Mon Sep 17 00:00:00 2001
From: Sam Chudnick <sam@chudnick.com>
Date: Sun, 25 Jun 2023 09:52:36 -0400
Subject: Initial Commit

---
 .../services/containers/vaultwarden/tasks/main.yml | 79 ++++++++++++++++++++++
 1 file changed, 79 insertions(+)
 create mode 100644 roles/services/containers/vaultwarden/tasks/main.yml

(limited to 'roles/services/containers/vaultwarden/tasks')

diff --git a/roles/services/containers/vaultwarden/tasks/main.yml b/roles/services/containers/vaultwarden/tasks/main.yml
new file mode 100644
index 0000000..fa63b58
--- /dev/null
+++ b/roles/services/containers/vaultwarden/tasks/main.yml
@@ -0,0 +1,79 @@
+- name: set image fact
+  set_fact:
+    image: vaultwarden/server:1.28.1
+
+- name: set other facts
+  vars:
+    array: "{{ image.split('/', 1) }}"
+  set_fact:
+    repo_tag: "{{ array.1 }}"
+    custom_registry: "{{ docker_registry_url + '/' + docker_registry_username }}"
+
+- name: create vaultwarden directory
+  file:
+    path: "{{ docker_home }}/vaultwarden"
+    state: directory
+    owner: "{{ docker_username }}"
+    group: "{{ docker_username }}"
+    mode: '0755'
+
+- name: create data directory
+  file:
+    path: "{{ docker_home }}/vaultwarden/data"
+    state: directory
+    owner: "{{ docker_username }}"
+    group: "{{ docker_username }}"
+    mode: '0755'
+
+- name: create vaultwarden docker network
+  become: yes
+  become_user: "{{ docker_username }}"
+  docker_network:
+    name: "{{ vaultwarden_network_name }}"
+    docker_host: "unix://run/user/{{ docker_uid }}/docker.sock"
+    driver: bridge
+    ipam_config:
+      - subnet: "{{ vaultwarden_subnet }}"
+        gateway: "{{ vaultwarden_gateway }}"
+
+- name: create and deploy vaultwarden container
+  become: yes
+  become_user: "{{ docker_username }}"
+  environment:
+    XDG_RUNTIME_DIR: "/run/user/{{ docker_uid }}"
+  docker_container:
+    name: "vaultwarden"
+    hostname: "vaultwarden"
+    image: "{{ image }}"
+    docker_host: "unix://run/user/{{ docker_uid }}/docker.sock"
+    purge_networks: yes
+    networks:
+      - name: "{{ vaultwarden_network_name }}"
+        ipv4_address: "{{ vaultwarden_ipv4 }}"
+    ports:
+      - "127.0.0.1:{{ vaultwarden_external_port }}:80"
+    volumes:
+      - "{{ docker_home }}/vaultwarden/data:/data"
+    env:
+      "DOMAIN": "https://{{ vaultwarden_server_name }}"
+      "DISABLE_ADMIN_TOKEN": "true"
+    state: 'started'
+    recreate: yes
+    restart_policy: unless-stopped
+
+- name: deploy nginx configuration
+  notify: restart nginx
+  template:
+    src: "{{ vaultwarden_nginx_config }}"
+    dest: /etc/nginx/sites-available/vaultwarden.conf
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: symlink site
+  file:
+    src: /etc/nginx/sites-available/vaultwarden.conf
+    dest: /etc/nginx/sites-enabled/vaultwarden.conf
+    owner: root
+    group: root
+    state: link
-- 
cgit v1.2.3