Update bitwarden_rs to vaultwarden

I'll do the full rename of everything another time

ansible/roles/vaultwarden/files/docker-compose.yml

@@ -0,0 +1,48 @@
+version: "2.3"
+
+services:
+  vaultwarden:
+    image: vaultwarden/server:1.21.0-alpine
+    restart: unless-stopped
+    user: "{{ docker_user.id }}:{{ docker_user.id }}"
+    volumes:
+      - "{{ app_data_dir }}/vaultwarden/:/data"
+    depends_on:
+      - db
+    dns: 1.1.1.1
+    labels:
+      - traefik.enable=true
+
+      - traefik.http.routers.vaultwarden-ui.rule=Host(`bw.jakehoward.tech`)
+      - traefik.http.routers.vaultwarden-ui.service=vaultwarden-ui
+      - traefik.http.services.vaultwarden-ui.loadbalancer.server.port=80
+      - traefik.http.routers.vaultwarden-ui.tls.certresolver=le
+
+      - traefik.http.routers.vaultwarden-websocket.rule=Host(`bw.jakehoward.tech`) && Path(`/notifications/hub`)
+      - traefik.http.routers.vaultwarden-websocket.service=vaultwarden-websocket
+      - traefik.http.services.vaultwarden-websocket.loadbalancer.server.port=3012
+      - traefik.http.routers.vaultwarden-websocket.tls.certresolver=le
+
+      - traefik.http.middlewares.vaultwarden-ratelimit.ratelimit.average=5
+      - traefik.http.middlewares.vaultwarden-ratelimit.ratelimit.burst=1000
+      - traefik.http.middlewares.vaultwarden-compress.compress=true
+
+      - traefik.http.routers.vaultwarden-ui.middlewares=vaultwarden-ratelimit,vaultwarden-compress
+      - traefik.http.routers.vaultwarden-websocket.middlewares=vaultwarden-ratelimit,vaultwarden-compress
+    environment:
+      - SIGNUPS_ALLOWED=false
+      - DOMAIN=https://bw.jakehoward.tech
+      - SHOW_PASSWORD_HINT=false
+      - DATABASE_URL=postgres://bitwarden:{{ bitwarden_database_password }}@db/bitwarden
+      - INVITATIONS_ALLOWED=false
+      - ROCKET_WORKERS={{ ansible_processor_nproc }}
+      - WEBSOCKET_ENABLED=true
+
+  db:
+    image: postgres:12-alpine
+    restart: unless-stopped
+    volumes:
+      - /mnt/tank/dbs/postgres/vaultwarden/:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_PASSWORD={{ bitwarden_database_password }}
+      - POSTGRES_USER=bitwarden

ansible/roles/vaultwarden/handlers/main.yml

@@ -0,0 +1,4 @@
+- name: restart vaultwarden
+  shell:
+    chdir: /opt/vaultwarden
+    cmd: "{{ docker_update_command }}"

ansible/roles/vaultwarden/tasks/main.yml

@@ -0,0 +1,17 @@
+- name: Create install directory
+  file:
+    path: /opt/vaultwarden
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Install compose file
+  template:
+    src: files/docker-compose.yml
+    dest: /opt/vaultwarden/docker-compose.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+    validate: docker-compose -f %s config
+  notify: restart vaultwarden
+  become: true

ansible/roles/vaultwarden/vars/main.yml

@@ -0,0 +1,8 @@
+bitwarden_database_password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  37666163343038663763633038323938383665386463666239313431626334613432346462656366
+  3937363766396236326333353332393564623736336535630a333930613864396536366330633438
+  37376637646561636238646636356533343837376336636637646434383731316264353462383039
+  3138666164623437360a306538323263313966633631653739313435646435363236303066663938
+  34336366313439356434353333373963633666306463323662353033393832356462666163613161
+  3031623933363563343163376564373066613634356237643663