Ansible-Bootstrap/roles/partitioning/tasks/_mount.yml

---
- name: Mount filesystems
  block:
    # CIS mode: mount all paths (separate partitions for /home, /var, etc.)
    # Non-CIS btrfs: only mount subvolume paths (/home, /var/log, /var/cache/pacman/pkg)
    # Non-CIS LVM: skip CIS-only paths (/home, /var, /var/log, /var/log/audit, /var/cache/pacman/pkg)
    - name: Mount filesystems and subvolumes
      when:
        - >-
          system_cfg.features.cis.enabled | bool or (
            not (system_cfg.features.cis.enabled | bool) and (
              (system_cfg.filesystem == 'btrfs' and item.path in ['/home', '/var/log', '/var/cache/pacman/pkg'])
              or (item.path not in ['/home', '/var', '/var/log', '/var/log/audit', '/var/cache/pacman/pkg'])
            )
          )
        - >-
          not (item.path in ['/swap', '/var/cache/pacman/pkg'] and system_cfg.filesystem != 'btrfs')
        - system_cfg.features.swap.enabled | bool or item.path != '/swap'
      ansible.posix.mount:
        path: /mnt{{ item.path }}
        src: "{{ 'UUID=' + (partitioning_main_uuid.stdout if system_cfg.filesystem == 'btrfs' else item.uuid) }}"
        fstype: "{{ system_cfg.filesystem }}"
        opts: "{{ item.opts }}"
        state: mounted
      loop:
        # ssd: no-op on kernels 5.15+ (btrfs auto-detects); kept for older kernel compat
        - path: ""
          uuid: "{{ partitioning_uuid_root[0] | default(omit) }}"
          opts: >-
            {{
              'defaults'
              if system_cfg.filesystem != 'btrfs'
              else [
                'rw', 'relatime', partitioning_btrfs_compress_opt, 'ssd', 'space_cache=v2',
                'discard=async', 'subvol=@'
              ] | reject('equalto', '') | join(',')
            }}
        - path: /swap
          opts: >-
            {{
              [
                'rw', 'nosuid', 'nodev', 'relatime', partitioning_btrfs_compress_opt, 'ssd',
                'space_cache=v2', 'discard=async', 'subvol=@swap'
              ] | reject('equalto', '') | join(',')
            }}
        - path: /home
          uuid: "{{ partitioning_uuid_home[0] | default(omit) }}"
          opts: >-
            {{
              'defaults,nosuid,nodev'
              if system_cfg.filesystem != 'btrfs'
              else [
                'rw', 'nosuid', 'nodev', 'relatime', partitioning_btrfs_compress_opt, 'ssd',
                'space_cache=v2', 'discard=async', 'subvol=@home'
              ] | reject('equalto', '') | join(',')
            }}
        - path: /var
          uuid: "{{ partitioning_uuid_var[0] | default(omit) }}"
          opts: >-
            {{
              'defaults,nosuid,nodev'
              if system_cfg.filesystem != 'btrfs'
              else [
                'rw', 'nosuid', 'nodev', 'relatime', partitioning_btrfs_compress_opt, 'ssd',
                'space_cache=v2', 'discard=async', 'subvol=@var'
              ] | reject('equalto', '') | join(',')
            }}
        - path: /var/log
          uuid: "{{ partitioning_uuid_var_log[0] | default(omit) }}"
          opts: >-
            {{
              'defaults,nosuid,nodev,noexec'
              if system_cfg.filesystem != 'btrfs'
              else [
                'rw', 'nosuid', 'nodev', 'noexec', 'relatime', partitioning_btrfs_compress_opt,
                'ssd', 'space_cache=v2', 'discard=async', 'subvol=@var_log'
              ] | reject('equalto', '') | join(',')
            }}
        - path: /var/cache/pacman/pkg
          uuid: "{{ partitioning_uuid_root | default([]) | first | default(omit) }}"
          opts: >-
            {{
              'defaults,nosuid,nodev,noexec'
              if system_cfg.filesystem != 'btrfs'
              else [
                'rw', 'nosuid', 'nodev', 'noexec', 'relatime', partitioning_btrfs_compress_opt,
                'ssd', 'space_cache=v2', 'discard=async', 'subvol=@pkg'
              ] | reject('equalto', '') | join(',')
            }}
        - path: /var/log/audit
          uuid: "{{ partitioning_uuid_var_log_audit[0] | default(omit) }}"
          opts: >-
            {{
              'defaults,nosuid,nodev,noexec'
              if system_cfg.filesystem != 'btrfs'
              else [
                'rw', 'nosuid', 'nodev', 'noexec', 'relatime', partitioning_btrfs_compress_opt,
                'ssd', 'space_cache=v2', 'discard=async', 'subvol=@var_log_audit'
              ] | reject('equalto', '') | join(',')
            }}
      loop_control:
        label: "{{ item.path }}"

    - name: Mount /boot filesystem
      when: partitioning_separate_boot | bool
      ansible.posix.mount:
        path: /mnt/boot
        src: "UUID={{ partitioning_boot_fs_uuid.stdout }}"
        fstype: "{{ partitioning_boot_fs_fstype }}"
        opts: defaults
        state: mounted

    - name: Mount boot filesystem
      ansible.posix.mount:
        path: "/mnt{{ partitioning_efi_mountpoint }}"
        src: UUID={{ partitioning_boot_uuid.stdout }}
        fstype: vfat
        state: mounted

    - name: Activate swap
      when: system_cfg.features.swap.enabled | bool
      vars:
        partitioning_swap_cmd: >-
          {{ 'swapon /mnt/swap/swapfile' if system_cfg.filesystem == 'btrfs' else 'swapon -U ' + partitioning_uuid_swap[0] }}
      ansible.builtin.command: "{{ partitioning_swap_cmd }}"
      register: partitioning_swap_activate_result
      # swapon returns 255 if swap is already active
      failed_when: partitioning_swap_activate_result.rc not in [0, 255]
      changed_when: partitioning_swap_activate_result.rc == 0