README.md

@@ -5,8 +5,7 @@
 ```
 - bitwarden_version     Docker image version to use
 - bitwarden_domain      Fully qualified domain name, e.g. vault.example.tld
-- bitwarden_project     Project name for docker-compose
 - bitwarden_admin_token Token for admin panel
 - bitwarden_port_web    UI port to run on localhost
 - bitwarden_port_ws     Socket port to run on localhost
-```
+```

defaults/main.yml

@@ -1,7 +1,8 @@
-bitwarden_domain: vault.example.com
-bitwarden_project: example
+---
+
+bitwarden_prefix: pass
 bitwarden_image: vaultwarden/server
-bitwarden_version: 1.30.3-alpine
+bitwarden_version: 1.24.0-alpine
 bitwarden_port_web: 80
 bitwarden_port_ws: 3021
-bitwarden_service_name: bitwarden_{{ bitwarden_project }}
+domain: example.com

meta/main.yml

@@ -1,11 +1,14 @@
+---
 galaxy_info:
-  role_name: bitwarden
   author: thiuda
-  description: Role to deploy bitwarden behind a Nginx reverse proxy
+  description: role to deploy bitwarden behind nginx reverse proxy
   company: progressivwerk
   license: MIT
-  min_ansible_version: "2.1"
-  galaxy_tags: [password, vault, bitwarden, nginx, reverse proxy]
+  min_ansible_version: 2.1
+  galaxy_tags: []
   platforms:
     - name: Debian
+  versions:
+    - 10
 dependencies: []
+

tasks/main.yml

@@ -1,37 +1,43 @@
-- name: "Create {{ bitwarden_service_name }} directory if it does not exists"
+---
+- name: Create directory if it does not exists
   become: true
   file:
-    path: "{{ compose_dir }}/{{ bitwarden_service_name }}"
+    path: "{{ compose_dir }}/bitwarden"
     state: directory
     mode: 0755
-- name: "Place docker-compose file to {{ bitwarden_service_name }}/docker-compose.yml"
+
+- name: Place docker-compose file
   become: true
   template:
     src: templates/docker-compose.yml.j2
-    dest: "{{ compose_dir }}/{{ bitwarden_service_name }}/docker-compose.yml"
+    dest: "{{ compose_dir }}/bitwarden/docker-compose.yml"
     mode: 0700
-- name: "Place bitwarden env file {{ bitwarden_service_name }}/.env"
+
+- name: Place bitwarden env file
   become: true
   template:
     src: templates/.env.j2
-    dest: "{{ compose_dir }}/{{ bitwarden_service_name }}/.env"
+    dest: "{{ compose_dir }}/bitwarden/.env"
     mode: 0600
+
 - name: Update and start services
   become: true
   docker_compose:
-    project_src: "{{ compose_dir }}/{{ bitwarden_service_name }}"
+    project_src: "{{ compose_dir }}/bitwarden"
     pull: true
     state: present
     remove_orphans: true
   register: output
+
 - name: Check all containers are running
   assert:
     that:
-      - "output.ansible_facts.{{ bitwarden_service_name }}.{{ bitwarden_service_name }}.state.running": true
+      - "output.ansible_facts.bitwarden.bitwarden.state.running": true
+
 - name: Place reverse proxy conf
   become: true
   template:
     src: templates/reverse_proxy.conf.j2
-    dest: "/etc/nginx/conf.d/{{ bitwarden_service_name }}.conf"
+    dest: "/etc/nginx/conf.d/bitwarden.conf"
     mode: 0600
   notify: Check and Reload nginx

templates/docker-compose.yml.j2

@@ -1,21 +1,21 @@
-# vim: set ft=yaml
 # {{ ansible_managed }}
 # commit: {{ lookup('pipe', 'git rev-parse --short HEAD') }}
 
 version: "3.4"
+
 services:
-  "{{ bitwarden_service_name }}":
-    image: "{{ bitwarden_image }}:{{ bitwarden_version }}"
+  bitwarden:
+    image: {{ bitwarden_image }}:{{ bitwarden_version }}
     restart: unless-stopped
-    container_name: "{{ bitwarden_service_name }}"
-    hostname: "{{ bitwarden_service_name }}"
+    container_name: bitwarden
+    hostname: bitwarden
     ports:
-      - "127.0.0.1:{{ bitwarden_port_web }}:80"
-      - "127.0.0.1:{{ bitwarden_port_ws }}:3021"
+      - 127.0.0.1:{{ bitwarden_port_web }}:80
+      - 127.0.0.1:{{ bitwarden_port_ws }}:3021
     volumes:
       - data:/data
     env_file:
       - ./.env
+
 volumes:
-   data:
-    name: "{{ bitwarden_service_name }}_data"
+  data:

templates/reverse_proxy.conf.j2

@@ -1,4 +1,3 @@
-# vim: set ft=nginx
 # {{ ansible_managed }}
 # commit: {{ lookup('pipe', 'git rev-parse --short HEAD') }}
 
@@ -7,7 +6,7 @@ server {
     listen [::]:443 ssl http2;
     listen      3012 ssl http2;
     listen [::]:3012 ssl http2;
-    server_name {{ bitwarden_domain }};
+    server_name {{ bitwarden_prefix }}.{{ domain }};
 
     ##
     # SSL Settings
@@ -18,8 +17,10 @@ server {
     ssl_prefer_server_ciphers on;
     ssl_dhparam {{ ssl_dir }}/dhparams.pem;
     ssl_ecdh_curve secp384r1;
-    ssl_certificate {{ certs_dir }}/{{ bitwarden_domain | get_cert_domain }}/cert.pem;
-    ssl_certificate_key {{ certs_dir }}/{{ bitwarden_domain | get_cert_domain }}/key.pem;
+    ssl_certificate {{ certs_dir }}/{{ domain | get_cert_domain }}/cert.pem;
+    ssl_certificate_key {{ certs_dir }}/{{ domain | get_cert_domain }}/key.pem;
+    ssl_certificate {{ certs_dir }}/{{ domain | get_cert_domain }}/cert.pem;
+    ssl_certificate_key {{ certs_dir }}/{{ domain | get_cert_domain }}/key.pem;
 
     ##
     # OCSP Stapling
@@ -27,7 +28,7 @@ server {
     ssl_stapling on;
     ssl_stapling_verify on;
     resolver {{ dns_resolvers }} valid=300s;
-    ssl_trusted_certificate {{ certs_dir }}/{{ bitwarden_domain | get_cert_domain }}/cert.pem;
+    ssl_trusted_certificate {{ certs_dir }}/{{ domain | get_cert_domain }}/cert.pem;
 
     location / {
         proxy_set_header Host $http_host;
@@ -72,13 +73,13 @@ server {
 
 
 server {
-    if ($host = {{ bitwarden_domain }}) {
+    if ($host = {{ bitwarden_prefix }}.{{ domain }}) {
         return 301 https://$host$request_uri;
     }
 
     listen 80;
     listen [::]:80;
-    server_name {{ bitwarden_domain }};
+    server_name {{ bitwarden_prefix }}.{{ domain }};
     
     location / { 
         return 301 https://$host$request_uri;