diff --git a/_docs/index.md b/_docs/index.md
new file mode 100644
index 0000000..43aeaf1
--- /dev/null
+++ b/_docs/index.md
@@ -0,0 +1,318 @@
+---
+title: vault
+type: docs
+---
+
+[![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.vault)
+[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.vault?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.vault)
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.vault/src/branch/main/LICENSE)
+
+Setup HashiCorp Vaul secrets manager.
+
+<!--more-->
+
+- [Requirements](#requirements)
+- [Default Variables](#default-variables)
+  - [vault_auto_unseal](#vault_auto_unseal)
+  - [vault_cap_add](#vault_cap_add)
+  - [vault_cap_drop](#vault_cap_drop)
+  - [vault_config_volume](#vault_config_volume)
+  - [vault_data_volume](#vault_data_volume)
+  - [vault_default_lease_ttl](#vault_default_lease_ttl)
+  - [vault_default_password](#vault_default_password)
+  - [vault_default_user](#vault_default_user)
+  - [vault_disable_clustering](#vault_disable_clustering)
+  - [vault_exposed_ports](#vault_exposed_ports)
+  - [vault_image](#vault_image)
+  - [vault_log_level](#vault_log_level)
+  - [vault_max_lease_ttl](#vault_max_lease_ttl)
+  - [vault_network](#vault_network)
+  - [vault_network_ipv4_gateway](#vault_network_ipv4_gateway)
+  - [vault_network_ipv4_subnet](#vault_network_ipv4_subnet)
+  - [vault_network_ipv6_enabled](#vault_network_ipv6_enabled)
+  - [vault_network_ipv6_gateway](#vault_network_ipv6_gateway)
+  - [vault_network_ipv6_subnet](#vault_network_ipv6_subnet)
+  - [vault_podman_args](#vault_podman_args)
+  - [vault_restart_policy](#vault_restart_policy)
+  - [vault_service_stopped](#vault_service_stopped)
+  - [vault_ui](#vault_ui)
+  - [vault_unseal_keys](#vault_unseal_keys)
+  - [vault_url](#vault_url)
+  - [vault_version](#vault_version)
+  - [vault_volumes](#vault_volumes)
+- [Dependencies](#dependencies)
+
+---
+
+## Requirements
+
+- Minimum Ansible version: `2.10`
+
+
+## Default Variables
+
+### vault_auto_unseal
+
+#### Default value
+
+```YAML
+vault_auto_unseal: false
+```
+
+### vault_cap_add
+
+#### Default value
+
+```YAML
+vault_cap_add:
+  - ipc_lock
+```
+
+### vault_cap_drop
+
+#### Default value
+
+```YAML
+vault_cap_drop: []
+```
+
+### vault_config_volume
+
+#### Default value
+
+```YAML
+vault_config_volume: vault-config
+```
+
+### vault_data_volume
+
+#### Default value
+
+```YAML
+vault_data_volume: vault-data
+```
+
+### vault_default_lease_ttl
+
+#### Default value
+
+```YAML
+vault_default_lease_ttl: 24h
+```
+
+### vault_default_password
+
+#### Default value
+
+```YAML
+vault_default_password: vault
+```
+
+### vault_default_user
+
+#### Default value
+
+```YAML
+vault_default_user: admin
+```
+
+### vault_disable_clustering
+
+#### Default value
+
+```YAML
+vault_disable_clustering: true
+```
+
+### vault_exposed_ports
+
+Ports you want to publish outside of Docker. Vault is running on `8200` inside of the container.
+
+#### Default value
+
+```YAML
+vault_exposed_ports: []
+```
+
+### vault_image
+
+#### Default value
+
+```YAML
+vault_image: docker.io/hashicorp/vault:{{ vault_version }}
+```
+
+### vault_log_level
+
+#### Default value
+
+```YAML
+vault_log_level: warn
+```
+
+### vault_max_lease_ttl
+
+#### Default value
+
+```YAML
+vault_max_lease_ttl: 240h
+```
+
+### vault_network
+
+Name of the container network. If the name ends with `.network`, the network will be created with the specified configuration.
+Otherwise, the network must already exist and the container will be attached to the network.
+
+#### Default value
+
+```YAML
+vault_network: vault.network
+```
+
+### vault_network_ipv4_gateway
+
+#### Default value
+
+```YAML
+vault_network_ipv4_gateway: _unset_
+```
+
+### vault_network_ipv4_subnet
+
+#### Default value
+
+```YAML
+vault_network_ipv4_subnet: _unset_
+```
+
+### vault_network_ipv6_enabled
+
+#### Default value
+
+```YAML
+vault_network_ipv6_enabled: false
+```
+
+### vault_network_ipv6_gateway
+
+#### Default value
+
+```YAML
+vault_network_ipv6_gateway: _unset_
+```
+
+#### Example usage
+
+```YAML
+vault_network_ipv6_gateway: fd00:0:0:2::1
+```
+
+### vault_network_ipv6_subnet
+
+#### Default value
+
+```YAML
+vault_network_ipv6_subnet: _unset_
+```
+
+#### Example usage
+
+```YAML
+vault_network_ipv6_subnet: fd00:0:0:2::/64
+```
+
+### vault_podman_args
+
+#### Default value
+
+```YAML
+vault_podman_args:
+  - --pids-limit=-1
+  - --userns=host
+  - --health-cmd='["wget", "--spider", "--proxy", "off", "http://localhost:8200/{{
+    __vault_health_path }}"]'
+  - --health-interval=5s
+  - --health-timeout=5s
+  - --health-retries=6
+  - --health-on-failure=kill
+```
+
+### vault_restart_policy
+
+#### Default value
+
+```YAML
+vault_restart_policy: always
+```
+
+### vault_service_stopped
+
+#### Default value
+
+```YAML
+vault_service_stopped: false
+```
+
+### vault_ui
+
+#### Default value
+
+```YAML
+vault_ui: true
+```
+
+### vault_unseal_keys
+
+#### Default value
+
+```YAML
+vault_unseal_keys: []
+```
+
+### vault_url
+
+Specify address of the vault instance, used when building absolute urls, e.g. for websub.
+
+#### Default value
+
+```YAML
+vault_url: http://localhost:8200
+```
+
+### vault_version
+
+#### Default value
+
+```YAML
+vault_version: latest
+```
+
+### vault_volumes
+
+> Define required docker volumes.
+
+#### Default value
+
+```YAML
+vault_volumes:
+  - name: '{{ vault_config_volume }}'
+    dest: /vault/config
+  - name: '{{ vault_data_volume }}'
+    dest: /vault/file
+```
+
+#### Example usage
+
+```YAML
+vault_volumes:
+  - name: data
+    # target location inside the container
+    dest: /var/www/app/data
+    type: volume
+```
+
+
+
+## Dependencies
+
+None.