Normalize LUKS boot layout and partitioning defaults

roles/configuration/tasks/bootloader.yml

@@ -6,9 +6,12 @@
         configuration_use_efibootmgr: "{{ is_rhel | default(false) }}"
         configuration_efi_dir: >-
           {{
-            "/boot/efi"
-            if (is_rhel | default(false)) or (os | lower in ["ubuntu", "ubuntu-lts"])
-            else "/boot"
+            partitioning_efi_mountpoint
+            | default(
+                "/boot/efi"
+                if (is_rhel | default(false)) or (os | lower in ["ubuntu", "ubuntu-lts"])
+                else "/boot"
+              )
           }}
         configuration_bootloader_id: >-
           {{ "ubuntu" if os | lower in ["ubuntu", "ubuntu-lts"] else os }}
@@ -57,13 +60,12 @@
         configuration_efi_vendor: >-
           {{ "redhat" if os | lower in ["rhel8", "rhel9", "rhel10"] else os | lower }}
         configuration_grub_cfg_cmd: >-
-          {{ '/usr/sbin/grub2-mkconfig -o /boot/efi/EFI/' + configuration_efi_vendor + '/grub.cfg'
-             if is_rhel | default(false)
-             else '/usr/sbin/grub-mkconfig -o ' + (
-               '/boot/efi/EFI/ubuntu/grub.cfg'
-               if os | lower in ["ubuntu", "ubuntu-lts"]
-               else '/boot/grub/grub.cfg'
-             )
+          {{
+            '/usr/sbin/grub2-mkconfig -o '
+            + (partitioning_efi_mountpoint | default('/boot/efi'))
+            + '/EFI/' + configuration_efi_vendor + '/grub.cfg'
+            if is_rhel | default(false)
+            else '/usr/sbin/grub-mkconfig -o /boot/grub/grub.cfg'
           }}
       ansible.builtin.command: "arch-chroot /mnt {{ configuration_grub_cfg_cmd }}"
       register: configuration_grub_result

roles/configuration/tasks/encryption.yml

@@ -17,7 +17,11 @@
             partitioning_luks_device
             | default(
                 install_drive
-                ~ (partitioning_main_partition_suffix | default(2) | string)
+                ~ (
+                  partitioning_root_partition_suffix
+                  | default(partitioning_main_partition_suffix | default(2))
+                  | string
+                )
               )
           }}
         configuration_luks_tpm2_pcrs_raw: >-

roles/configuration/tasks/grub.yml

@@ -106,8 +106,7 @@
         label: "{{ item.path }}"
 
 - name: Enable GRUB cryptodisk for encrypted /boot
-  when:
-    - partitioning_luks_enabled | default(luks_enabled | default(false)) | bool
+  when: partitioning_grub_enable_cryptodisk | default(false) | bool
   ansible.builtin.lineinfile:
     path: /mnt/etc/default/grub
     regexp: '^GRUB_ENABLE_CRYPTODISK='