---
- name: Partition install drive
  block:
    - name: Prepare partitions
      ignore_errors: true
      ansible.builtin.command: "{{ item.cmd }}"
      loop:
        - { cmd: umount -l /mnt }
        - { cmd: vgremove -f sys }
        - { cmd: 'find /dev -wholename "{{ install_drive }}*" -exec wipefs --force --all {} \;' }
      loop_control:
        label: "{{ item.cmd }}"

    - name: Define partitions
      community.general.parted:
        device: "{{ install_drive }}"
        label: gpt
        number: "{{ item.number }}"
        part_end: "{{ item.part_end | default(omit) }}"
        part_start: "{{ item.part_start | default(omit) }}"
        name: "{{ item.name }}"
        flags: "{{ item.flags | default(omit) }}"
        state: present
      loop:
        - { number: 1, part_end: 500MiB, name: boot, flags: [boot, esp] }
        - { number: 2, part_start: 500MiB, name: root }

- name: Create LVM logical volumes
  when: filesystem != 'btrfs'
  block:
    - name: Create LVM volume group
      community.general.lvg:
        vg: sys
        pvs: "{{ install_drive }}{{ main_partition_suffix }}"

    - name: Create LVM logical volumes
      when: cis or (not cis and item.lv != 'var_log' and item.lv != 'var_log_audit')
      community.general.lvol:
        vg: sys
        lv: "{{ item.lv }}"
        size: "{{ item.size }}"
        state: present
      loop:
        - { lv: root, size: 12G }
        - { lv: home, size: 2G }
        - { lv: var, size: 2G }
        - { lv: var_log, size: 2G }
        - { lv: var_log_audit, size: 1.5G }

- name: Create filesystems
  block:
    - name: Create FAT32 filesystem in boot partition
      community.general.filesystem:
        dev: "{{ install_drive }}{{ boot_partition_suffix }}"
        fstype: vfat
        opts: -F32
        force: true

    - name: Create filesystem
      ansible.builtin.include_tasks: "{{ filesystem }}.yml"

    - name: Get UUID for boot filesystem
      ansible.builtin.command: blkid -s UUID -o value '{{ install_drive }}{{ boot_partition_suffix }}'
      changed_when: false
      register: boot_uuid

    - name: Get UUID for main filesystem
      ansible.builtin.command: blkid -s UUID -o value '{{ install_drive }}{{ main_partition_suffix }}'
      changed_when: false
      register: main_uuid

    - name: Get UUIDs for LVM filesystems
      when: filesystem != 'btrfs' and (cis == true or item not in ['var_log', 'var_log_audit'])
      ansible.builtin.command: blkid -s UUID -o value /dev/sys/{{ item }}
      changed_when: false
      register: uuid_result
      loop:
        - root
        - home
        - var
        - var_log
        - var_log_audit

    - name: Assign UUIDs to Variables
      ansible.builtin.set_fact:
        uuid_root: "{{ uuid_result.results[0].stdout_lines }}"
        uuid_home: "{{ uuid_result.results[1].stdout_lines }}"
        uuid_var: "{{ uuid_result.results[2].stdout_lines }}"
        uuid_var_log: "{{ uuid_result.results[3].stdout_lines if cis == true else '' }}"
        uuid_var_log_audit: "{{ uuid_result.results[4].stdout_lines if cis == true else '' }}"
      when: filesystem != 'btrfs'

- name: Mount filesystems
  block:
    - name: Mount filesystems and subvolumes
      when: cis or (not cis and item.path != '/var/log' and item.path != '/var/log/audit')
      ansible.posix.mount:
        path: /mnt{{ item.path }}
        src: "{{ 'UUID=' + (main_uuid.stdout if filesystem == 'btrfs' else item.uuid) }}"
        fstype: "{{ filesystem }}"
        opts: "{{ item.opts }}"
        state: mounted
      loop:
        - path: ""
          uuid: "{{ uuid_root[0] | default(omit) }}"
          opts: "{{ 'defaults' if filesystem != 'btrfs' else 'rw,relatime,compress=zstd:15,ssd,space_cache=v2,discard=async,subvol=@' }}"
        - path: /home
          uuid: "{{ uuid_home[0] | default(omit) }}"
          opts: "{{ 'defaults,nosuid,nodev' if filesystem != 'btrfs' else 'rw,nosuid,nodev,relatime,compress=zstd:15,ssd,space_cache=v2,discard=async,subvol=@home'
            }}"
        - path: /var
          uuid: "{{ uuid_var[0] | default(omit) }}"
          opts: "{{ 'defaults,nosuid,nodev' if filesystem != 'btrfs' else 'rw,nosuid,nodev,relatime,compress=zstd:15,ssd,space_cache=v2,discard=async,subvol=@var'
            }}"
        - path: /var/log
          uuid: "{{ uuid_var_log[0] | default(omit) }}"
          opts: "{{ 'defaults,nosuid,nodev,noexec' if filesystem != 'btrfs' else 'rw,nosuid,nodev,noexec,relatime,compress=zstd:15,ssd,space_cache=v2,discard=async,subvol=@var_log'
            }}"
        - path: /var/log/audit
          uuid: "{{ uuid_var_log_audit[0] | default(omit) }}"
          opts: "{{ 'defaults,nosuid,nodev,noexec' if filesystem != 'btrfs' else 'rw,nosuid,nodev,noexec,relatime,compress=zstd:15,ssd,space_cache=v2,discard=async,subvol=@var_log_audit'
            }}"

    - name: Mount tmp and var_tmp filesystems
      ansible.posix.mount:
        path: /mnt{{ item.path }}
        src: tmpfs
        fstype: tmpfs
        opts: defaults,nosuid,nodev,noexec
        state: mounted
      loop:
        - { path: /tmp }
        - { path: /var/tmp }

    - name: Mount boot filesystem
      ansible.posix.mount:
        path: "{{ '/mnt/boot/efi' if os | lower in ['ubuntu', 'ubuntu-lts'] else '/mnt/boot' }}"
        src: UUID={{ boot_uuid.stdout }}
        fstype: vfat
        state: mounted