From b1eedd30dc1888e63c7066f5e6cbd226dc40ff07 Mon Sep 17 00:00:00 2001
From: Sandwich <sandwich@archworks.co>
Date: Fri, 2 Jan 2026 11:23:31 +0100
Subject: [PATCH] Move partitioning LUKS defaults into role

---
 roles/configuration/tasks/encryption.yml |  9 +--------
 roles/partitioning/defaults/main.yml     |  7 +++----
 roles/partitioning/tasks/main.yml        | 13 +++----------
 3 files changed, 7 insertions(+), 22 deletions(-)

diff --git a/roles/configuration/tasks/encryption.yml b/roles/configuration/tasks/encryption.yml
index 3d05e77..614eeb6 100644
--- a/roles/configuration/tasks/encryption.yml
+++ b/roles/configuration/tasks/encryption.yml
@@ -3,14 +3,7 @@
   when: partitioning_luks_enabled | bool
   vars:
     configuration_luks_passphrase_effective: >-
-      {{
-        (
-          partitioning_luks_passphrase
-          if partitioning_luks_passphrase is defined
-          else (luks_passphrase if luks_passphrase is defined else '')
-        )
-        | string
-      }}
+      {{ partitioning_luks_passphrase | string }}
   block:
     - name: Set LUKS configuration facts
       vars:
diff --git a/roles/partitioning/defaults/main.yml b/roles/partitioning/defaults/main.yml
index 8ef8629..bbed680 100644
--- a/roles/partitioning/defaults/main.yml
+++ b/roles/partitioning/defaults/main.yml
@@ -1,5 +1,6 @@
 ---
 partitioning_luks_enabled: "{{ luks_enabled | bool }}"
+partitioning_luks_passphrase: "{{ luks_passphrase }}"
 partitioning_luks_mapper_name: "{{ luks_mapper_name }}"
 partitioning_luks_type: "{{ luks_type }}"
 partitioning_luks_cipher: "{{ luks_cipher }}"
@@ -15,8 +16,6 @@ partitioning_luks_tpm2_device: "{{ luks_tpm2_device }}"
 partitioning_luks_tpm2_pcrs: "{{ luks_tpm2_pcrs }}"
 partitioning_luks_keyfile_size: "{{ luks_keyfile_size }}"
 partitioning_luks_options: "{{ luks_options }}"
-partitioning_vm_size: 0
-partitioning_vm_memory: 0
 partitioning_boot_partition_suffix: 1
 partitioning_main_partition_suffix: 2
 partitioning_efi_size_mib: 50
@@ -113,7 +112,7 @@ partitioning_vm_size_effective: >-
   {{
     (
       partitioning_vm_size
-      if (partitioning_vm_size | float) > 0
+      if (partitioning_vm_size is defined and (partitioning_vm_size | float) > 0)
       else (vm_size if vm_size is defined else 0)
     )
     | float
@@ -122,7 +121,7 @@ partitioning_vm_memory_effective: >-
   {{
     (
       partitioning_vm_memory
-      if (partitioning_vm_memory | float) > 0
+      if (partitioning_vm_memory is defined and (partitioning_vm_memory | float) > 0)
       else (vm_memory if vm_memory is defined else 0)
     )
     | float
diff --git a/roles/partitioning/tasks/main.yml b/roles/partitioning/tasks/main.yml
index 819b9b1..cdd6eb1 100644
--- a/roles/partitioning/tasks/main.yml
+++ b/roles/partitioning/tasks/main.yml
@@ -1,7 +1,7 @@
 ---
 - name: Detect system memory for swap sizing
   when:
-    - (partitioning_vm_memory | float) <= 0
+    - partitioning_vm_memory is not defined or (partitioning_vm_memory | float) <= 0
     - vm_memory is not defined or (vm_memory | float) <= 0
   block:
     - name: Read system memory
@@ -17,7 +17,7 @@
 - name: Set partitioning vm_size for physical installs
   when:
     - install_type == "physical"
-    - (partitioning_vm_size | float) <= 0
+    - partitioning_vm_size is not defined or (partitioning_vm_size | float) <= 0
     - vm_size is not defined or (vm_size | float) <= 0
     - install_drive | length > 0
   block:
@@ -157,14 +157,7 @@
   when: partitioning_luks_enabled | bool
   vars:
     partitioning_luks_passphrase_effective: >-
-      {{
-        (
-          partitioning_luks_passphrase
-          if partitioning_luks_passphrase is defined
-          else (luks_passphrase if luks_passphrase is defined else '')
-        )
-        | string
-      }}
+      {{ partitioning_luks_passphrase | string }}
   block:
     - name: Validate LUKS passphrase
       ansible.builtin.assert: