rick-infra/roles/vaultwarden/tasks/user.yml

---
# Vaultwarden User Management - Service-Specific User Setup

- name: Create vaultwarden group
  group:
    name: "{{ vaultwarden_group }}"
    system: true

- name: Create vaultwarden user
  user:
    name: "{{ vaultwarden_user }}"
    group: "{{ vaultwarden_group }}"
    system: true
    shell: /bin/bash
    home: "{{ vaultwarden_home }}"
    create_home: true
    comment: "Vaultwarden password manager service"

- name: Create vaultwarden directories
  file:
    path: "{{ item }}"
    state: directory
    owner: "{{ vaultwarden_user }}"
    group: "{{ vaultwarden_group }}"
    mode: '0755'
  loop:
    - "{{ vaultwarden_home }}"
    - "{{ vaultwarden_data_dir }}"