---
- name: Ensure dracut config directory exists
  ansible.builtin.file:
    path: /mnt/etc/dracut.conf.d
    state: directory
    mode: "0755"

- name: Configure dracut for LUKS
  ansible.builtin.copy:
    dest: /mnt/etc/dracut.conf.d/crypt.conf
    content: |
      add_dracutmodules+=" crypt "
      {% if configuration_luks_keyfile_in_use %}
      install_items+=" {{ configuration_luks_keyfile_path }} "
      {% endif %}
    mode: "0644"

- name: Read kernel cmdline defaults
  ansible.builtin.slurp:
    src: /mnt/etc/kernel/cmdline
  register: configuration_kernel_cmdline_slurp

- name: Build kernel cmdline with LUKS args
  vars:
    kernel_cmdline_current: >-
      {{ configuration_kernel_cmdline_slurp.content | b64decode | trim }}
    kernel_cmdline_list: >-
      {{
        kernel_cmdline_current.split()
        if kernel_cmdline_current | length > 0 else []
      }}
    kernel_cmdline_filtered: >-
      {{
        kernel_cmdline_list
        | reject('match', '^rd\\.luks\\.(name|options|key)=' ~ configuration_luks_uuid ~ '=')
        | list
      }}
    kernel_cmdline_new: >-
      {{
        (kernel_cmdline_filtered + configuration_luks_kernel_args.split())
        | unique
        | join(' ')
      }}
  ansible.builtin.set_fact:
    configuration_kernel_cmdline_new: "{{ kernel_cmdline_new }}"

- name: Write kernel cmdline with LUKS args
  ansible.builtin.copy:
    dest: /mnt/etc/kernel/cmdline
    mode: "0644"
    content: "{{ configuration_kernel_cmdline_new }}\n"

- name: Update BLS entries with LUKS kernel cmdline
  vars:
    _bls_cmdline: "{{ configuration_kernel_cmdline_new }}"
  ansible.builtin.include_tasks: ../_bls_update.yml