feat(vaultwarden): deploy from quadlet
Related to #51 Signed-off-by: Matej Focko <me@mfocko.xyz>
This commit is contained in:
parent
cde2c78a0e
commit
e106973211
7 changed files with 120 additions and 15 deletions
|
@ -1,3 +1,14 @@
|
|||
certbot_domains:
|
||||
- mfocko.xyz
|
||||
- '*.mfocko.xyz'
|
||||
|
||||
vaultwarden_db_user: "{{ vault_vaultwarden_db_user }}"
|
||||
vaultwarden_db_pass: "{{ vault_vaultwarden_db_pass }}"
|
||||
vaultwarden_db_host: "{{ vault_vaultwarden_db_host }}"
|
||||
vaultwarden_db_name: "{{ vault_vaultwarden_db_name }}"
|
||||
|
||||
vaultwarden_push_installation_id: "{{ vault_vaultwarden_push_installation_id }}"
|
||||
vaultwarden_push_installation_key: "{{ vault_vaultwarden_push_installation_key }}"
|
||||
|
||||
vaultwarden_yubico_client_id: "{{ vault_vaultwarden_yubico_client_id }}"
|
||||
vaultwarden_yubico_secret_key: "{{ vault_vaultwarden_yubico_secret_key }}"
|
||||
|
|
|
@ -1,16 +1,44 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
32373735633265643033656563343839666566353330653231353538646537643363373438636664
|
||||
3535373337356161653838653734616431336539623338630a663766393436343964623737663064
|
||||
36323130313462306333663932386438613731336163343434333833313065366130313462633532
|
||||
6533663439313565310a623161333466376166656630323636366435336334316635623138353761
|
||||
36346539646632326166643935623137363964383036373632616466396239346533626239356565
|
||||
37613331613238336561326161343163303733393262303230663732386334323232353037396334
|
||||
34326633663031613837353464616436666663623733386463306164393562613061383031623137
|
||||
35616564396562653163653938353163306362666530373663373361383434323962656236326164
|
||||
61376434643365633863363833323665363662633638626663356164383864353064393163383532
|
||||
65613739373665396333326631323663316561383932666662376137316636363536376532336632
|
||||
65333562626530643835636561376166653732343731633737363237313263313464656162623138
|
||||
30623939373930316239366336316466393333656365326135393964396538656638663066393832
|
||||
65623438343562343332313438306235363839383136376333393933303730316265303133373939
|
||||
62303838313036333262616438303263663666393063393030646336343239383631396130346361
|
||||
313061323037333237623965396362373936
|
||||
38396632393034303131393039353862623439616432616131393366393236386637623764636336
|
||||
6331326239316563363964663962323034386362623033310a393766613836636634366536383336
|
||||
33623339626637346130383865643464343363363030323333333639373230326635316461386135
|
||||
6630326635626138320a353365393832663531663939663238303333646661653266396539326665
|
||||
31373035373361663939336433393234303730336562653763393063313765626462623364396237
|
||||
63396234303633663566343237313163313365623066356330346538643830363137636262306430
|
||||
36363730623363393561353166366262643862316331393631643734643866313135303561396635
|
||||
30303663373634333436383066323966626462343065613365656633646565333938636336626161
|
||||
30313864653539373864326363626137306534303930643463353232383163636335326361633164
|
||||
64623435616338363564653863343335666636653132623331653533666532333334323965303139
|
||||
30396664663037643362653631386638663532383436366139353537623735303964343361326539
|
||||
34303432376437376133396434326233636665656365363233613363653261353965333834343031
|
||||
35653536356239616462613936663335666366623637656662666661663637326261383137356536
|
||||
65343037363538333162626337396165373064376237646161356432613938616433616430336366
|
||||
36393561383037633439666430336162613063376339393736346631333664656564663533356164
|
||||
63363664643261633739646335353336656433303633613363373966353033643436373566323735
|
||||
62316266333038373334313561363466656563393361623463623262333262346263663136383235
|
||||
62373666353664303761333764343936306537323262393761373362616633326534303939353936
|
||||
31653837373935373766386333333937306365356166303538383664633834356438643338363365
|
||||
32313136636361633938393866306164646339393838346231623938613335613462323261343233
|
||||
64656564626163303132353934386531383531636461653264613233343836663131346533363365
|
||||
65333261633662313861636431363133646630663232623636366162386337393839626561613665
|
||||
33316461633536653361396438363864326562646463396163656362303338376435666365336563
|
||||
39666636343762656563343936373939363931623364346330666536626334356439393437326136
|
||||
36313962356435643466333537346461313337653965616562643262336539343265343266303531
|
||||
36386432373865363036383866366566356239396666323532633235623635326535363663643838
|
||||
39623632623233613835353139616466623437616461626232343061393461393430623135346238
|
||||
61316533333330323166303536316332663830373838326635306539323735353537393966356266
|
||||
39306237373134396164313332356332633064383064623334303236646531383162663835363431
|
||||
38316332386633356165333062666165613863303766633432613463653333343639333436323666
|
||||
38306362313434613833363461386236363265646661633237346663353264343538633736373638
|
||||
33336435316537616536383432646464396134373464316235656436323733333862623238386563
|
||||
30303034303931636563613133383364663330373733643535393161613530636436386232653461
|
||||
37383764613866303965306133653561333831323331643666346165646436666636366366356365
|
||||
39626438306434316534653838316564373664323537386630373830623335613035303632623064
|
||||
64343031646139616631633930386233303334383766333438323833303232383536636437663338
|
||||
65643132376434643666626361323765303638363062613463303931626266343236393463313065
|
||||
62363231363861363634373734326663323139346338663465616465666333323166376130366131
|
||||
63666237383739363162613139336331653666616633383532613331656464343238323961373633
|
||||
63383930346665396462633437363830316662633635316463646563393434636165656134343239
|
||||
39303763353566656365373630366636326333343338313464376133313066373234323038646166
|
||||
35393231303530303039396162633139366464383462393834613232646631313836396637623461
|
||||
613966633165366164313336393436663832
|
||||
|
|
27
roles/vaultwarden/tasks/main.yml
Normal file
27
roles/vaultwarden/tasks/main.yml
Normal file
|
@ -0,0 +1,27 @@
|
|||
---
|
||||
- name: Install the Vaultwarden quadlets
|
||||
ansible.builtin.template:
|
||||
src: "templates/{{ item }}"
|
||||
dest: "/etc/containers/systemd/{{ item }}"
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: root
|
||||
loop:
|
||||
- vaultwarden.container
|
||||
- vaultwarden.network
|
||||
- vaultwarden.volume
|
||||
|
||||
- name: Install environment file for Vaultwarden
|
||||
ansible.builtin.template:
|
||||
src: templates/vaultwarden.ini
|
||||
dest: /etc/vaultwarden.ini
|
||||
mode: 0600
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Enable the Vaultwarden quadlet
|
||||
ansible.builtin.systemd_service:
|
||||
daemon_reload: true
|
||||
enabled: true
|
||||
name: vaultwarden.service
|
||||
state: "started"
|
20
roles/vaultwarden/templates/vaultwarden.container
Normal file
20
roles/vaultwarden/templates/vaultwarden.container
Normal file
|
@ -0,0 +1,20 @@
|
|||
[Unit]
|
||||
Description=Vaultwarden
|
||||
|
||||
[Container]
|
||||
ContainerName=vaultwarden
|
||||
Image=ghcr.io/dani-garcia/vaultwarden:latest
|
||||
|
||||
EnvironmentFile=/etc/vaultwarden.ini
|
||||
|
||||
Network=vaultwarden.network
|
||||
PublishPort=8888:80
|
||||
PublishPort=3012:3012
|
||||
|
||||
Volume=vaultwarden-data:/data
|
||||
|
||||
[Service]
|
||||
Restart=always
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
15
roles/vaultwarden/templates/vaultwarden.ini
Normal file
15
roles/vaultwarden/templates/vaultwarden.ini
Normal file
|
@ -0,0 +1,15 @@
|
|||
DATABASE_URL=postgresql://{{ vaultwarden_db_user }}:{{ vaultwarden_db_pass | urlencode }}@{{ vaultwarden_db_host }}/{{ vaultwarden_db_name }}
|
||||
|
||||
DOMAIN=https://{{ vaultwarden_address }}
|
||||
|
||||
PUSH_ENABLED=true
|
||||
PUSH_INSTALLATION_ID={{ vaultwarden_push_installation_id }}
|
||||
PUSH_INSTALLATION_KEY={{ vaultwarden_push_installation_key }}
|
||||
|
||||
WEBSOCKET_ENABLED=true
|
||||
|
||||
YUBICO_CLIENT_ID={{ vaultwarden_yubico_client_id }}
|
||||
YUBICO_SECRET_KEY={{ vaultwarden_yubico_secret_key }}
|
||||
|
||||
# dunno why, but ok…
|
||||
ROCKET_WORKERS=1
|
2
roles/vaultwarden/templates/vaultwarden.network
Normal file
2
roles/vaultwarden/templates/vaultwarden.network
Normal file
|
@ -0,0 +1,2 @@
|
|||
[Network]
|
||||
NetworkName=vaultwarden
|
2
roles/vaultwarden/templates/vaultwarden.volume
Normal file
2
roles/vaultwarden/templates/vaultwarden.volume
Normal file
|
@ -0,0 +1,2 @@
|
|||
[Volume]
|
||||
VolumeName=vaultwarden-data
|
Loading…
Reference in a new issue