Joakim
bfd6f22f0e
- Implement complete Vaultwarden deployment using Podman Quadlet - PostgreSQL backend via Unix socket with 777 permissions - Caddy reverse proxy with WebSocket support for live sync - Control-node admin token hashing using argon2 (OWASP preset) - Idempotent token hashing with deterministic salt generation - Full Authentik SSO integration following official guide - SMTP email configuration support (optional) - Invitation-only user registration by default - Comprehensive documentation with setup and troubleshooting guides Technical Details: - Container: vaultwarden/server:latest from Docker Hub - Database: PostgreSQL via /var/run/postgresql socket - Port: 8080 (localhost only, proxied by Caddy) - Domain: vault.jnss.me - Admin token: Hashed on control node with argon2id - SSO: OpenID Connect with offline_access scope support Role includes automatic argon2 installation on control node if needed.
17 lines
265 B
YAML
17 lines
265 B
YAML
---
|
|
# Vaultwarden Password Manager - Service Handlers
|
|
|
|
- name: reload systemd
|
|
systemd:
|
|
daemon_reload: true
|
|
|
|
- name: restart vaultwarden
|
|
systemd:
|
|
name: vaultwarden
|
|
state: restarted
|
|
|
|
- name: reload caddy
|
|
systemd:
|
|
name: caddy
|
|
state: reloaded
|