---
- name: Partition install drive
  block:
    - name: Prepare partitions
      ignore_errors: true
      command: "{{ item.cmd }}"
      loop:
        - { cmd: "umount -l /mnt" }
        - { cmd: "vgremove -f sys" }
        - { cmd: "find /dev -wholename \"{{ install_drive }}*\" -exec wipefs --force --all {} \\;" }
      loop_control:
        label: "{{ item.cmd }}"

    - name: Define partitions
      parted:
        device: "{{ install_drive }}"
        label: gpt
        number: "{{ item.number }}"
        part_end: "{{ item.part_end | default(omit) }}"
        part_start: "{{ item.part_start | default(omit) }}"
        name: "{{ item.name }}"
        flags: "{{ item.flags | default(omit) }}"
        state: present
      loop:
        - { number: 1, part_end: '500MiB', name: 'boot', flags: ['boot', 'esp'] }
        - { number: 2, part_start: '500MiB', name: 'root' }

- name: Create LVM logical volumes
  when: filesystem != 'btrfs'
  block:
    - name: Create LVM volume group
      lvg:
        vg: sys
        pvs: '{{ install_drive }}{{ main_partition_suffix }}'

    - name: Create LVM logical volumes
      when: cis or (not cis and item.lv != 'var_log' and item.lv != 'var_log_audit')
      lvol:
        vg: sys
        lv: "{{ item.lv }}"
        size: "{{ item.size }}"
        state: present
      loop:
        - { lv: 'root', size: '12G' }
        - { lv: 'home', size: '2G' }
        - { lv: 'var', size: '2G' }
        - { lv: 'var_log', size: '2G' }
        - { lv: 'var_log_audit', size: '1.5G' }

- name: Create filesystems
  block:
    - name: Create FAT32 filesystem in boot partition
      filesystem:
        dev: '{{ install_drive }}{{ boot_partition_suffix }}'
        fstype: vfat
        opts: -F32
        force: true

    - name: Create filesystem
      include_tasks: "{{ filesystem }}.yml"

    - name: Get UUID for boot filesystem
      command: blkid -s UUID -o value '{{ install_drive }}{{ boot_partition_suffix }}'
      changed_when: false
      register: boot_uuid

    - name: Get UUID for main filesystem
      command: blkid -s UUID -o value '{{ install_drive }}{{ main_partition_suffix }}'
      changed_when: false
      register: main_uuid

    - name: Get UUIDs for LVM filesystems
      when: filesystem != 'btrfs' and (cis == true or item not in ['var_log', 'var_log_audit'])
      command: blkid -s UUID -o value /dev/sys/{{ item }}
      changed_when: false
      register: uuid_result
      loop:
        - root
        - home
        - var
        - var_log
        - var_log_audit

    - set_fact:
        uuid_root: "{{ uuid_result.results[0].stdout_lines }}"
        uuid_home: "{{ uuid_result.results[1].stdout_lines }}"
        uuid_var: "{{ uuid_result.results[2].stdout_lines }}"
        uuid_var_log: "{{ uuid_result.results[3].stdout_lines if cis == true else '' }}"
        uuid_var_log_audit: "{{ uuid_result.results[4].stdout_lines if cis == true else '' }}"
      when: filesystem != 'btrfs'

- name: Mount filesystems
  block:
    - name: Mount filesystems and subvolumes
      when: "cis or (not cis and item.path != '/var/log' and item.path != '/var/log/audit')"
      mount:
        path: "/mnt{{ item.path }}"
        src: "{{ 'UUID=' + (main_uuid.stdout if filesystem == 'btrfs' else item.uuid) }}"
        fstype: "{{ filesystem }}"
        opts: "{{ item.opts }}"
        state: mounted
      loop:
        - { path: '', uuid: "{{ uuid_root[0] | default(omit) }}", opts: "{{ 'defaults' if filesystem != 'btrfs' else 'rw,relatime,compress=zstd:15,ssd,space_cache=v2,discard=async,subvol=@' }}" }
        - { path: '/home', uuid: "{{ uuid_home[0] | default(omit) }}", opts: "{{ 'defaults,nosuid,nodev' if filesystem != 'btrfs' else 'rw,nosuid,nodev,relatime,compress=zstd:15,ssd,space_cache=v2,discard=async,subvol=@home' }}" }
        - { path: '/var', uuid: "{{ uuid_var[0] | default(omit) }}", opts: "{{ 'defaults,nosuid,nodev' if filesystem != 'btrfs' else 'rw,nosuid,nodev,relatime,compress=zstd:15,ssd,space_cache=v2,discard=async,subvol=@var' }}" }
        - { path: '/var/log', uuid: "{{ uuid_var_log[0] | default(omit) }}", opts: "{{ 'defaults,nosuid,nodev,noexec' if filesystem != 'btrfs' else 'rw,nosuid,nodev,noexec,relatime,compress=zstd:15,ssd,space_cache=v2,discard=async,subvol=@var_log' }}" }
        - { path: '/var/log/audit', uuid: "{{ uuid_var_log_audit[0] | default(omit) }}", opts: "{{ 'defaults,nosuid,nodev,noexec' if filesystem != 'btrfs' else 'rw,nosuid,nodev,noexec,relatime,compress=zstd:15,ssd,space_cache=v2,discard=async,subvol=@var_log_audit' }}" }

    - name: Mount tmp and var_tmp filesystems
      mount:
        path: "/mnt{{ item.path }}"
        src: tmpfs
        fstype: tmpfs
        opts: defaults,nosuid,nodev,noexec
        state: mounted
      loop:
        - { path: '/tmp' }
        - { path: '/var/tmp' }

    - name: Mount boot filesystem
      mount:
        path: "{{ '/mnt/boot/efi' if os | lower in ['ubuntu', 'ubuntu-lts'] else '/mnt/boot' }}"
        src: UUID={{ boot_uuid.stdout }}
        fstype: vfat
        state: mounted