Add Vaultwarden password manager role with PostgreSQL and SSO support

- Implement complete Vaultwarden deployment using Podman Quadlet
- PostgreSQL backend via Unix socket with 777 permissions
- Caddy reverse proxy with WebSocket support for live sync
- Control-node admin token hashing using argon2 (OWASP preset)
- Idempotent token hashing with deterministic salt generation
- Full Authentik SSO integration following official guide
- SMTP email configuration support (optional)
- Invitation-only user registration by default
- Comprehensive documentation with setup and troubleshooting guides

Technical Details:
- Container: vaultwarden/server:latest from Docker Hub
- Database: PostgreSQL via /var/run/postgresql socket
- Port: 8080 (localhost only, proxied by Caddy)
- Domain: vault.jnss.me
- Admin token: Hashed on control node with argon2id
- SSO: OpenID Connect with offline_access scope support

Role includes automatic argon2 installation on control node if needed.

roles/vaultwarden/meta/main.yml

@@ -0,0 +1,25 @@
+---
+# Vaultwarden Password Manager - Role Metadata
+
+dependencies:
+  - role: postgresql
+  - role: caddy
+
+galaxy_info:
+  author: Rick Infrastructure Team
+  description: Vaultwarden password manager deployment with PostgreSQL and Caddy
+  license: MIT
+  min_ansible_version: "2.14"
+  
+  platforms:
+    - name: ArchLinux
+      versions:
+        - all
+  
+  galaxy_tags:
+    - vaultwarden
+    - bitwarden
+    - password-manager
+    - security
+    - postgresql
+    - podman