Improve variable management for disk role, among things

3 years ago · 8fe0751156
parent a3885fe5ce
commit 8fe0751156
45 changed files with 423 additions and 414 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,3 @@
 vars/all.yml
 .ssh
-inventory
+inventory
--- a/ansible.sh
+++ b/ansible.sh
@ -16,15 +16,11 @@ if [ -f inventory ]; then
  [[ $res =~ [Yy] ]] || new_ip_addr=false
 fi
-echo $new_ip_addr
+if $new_ip_addr; then
 if [ $new_ip_addr ]; then
  read -p "Target ip address: " ip_addr
  echo "[all]" > inventory
  echo $ip_addr >> inventory
 fi
 exit 1
 echo "Running playbook, this may take 5 to 10 minutes..."
 ansible-playbook main.yml -k
--- a/group_vars/all/00-defaults.yml
+++ b/group_vars/all/00-defaults.yml
@ -1,33 +1,78 @@
 ---
-disksetup_strategy: efi_gpt_btrfs
+# --- General disk options ---
-# partitioning_priv_device_node: /dev/sda
+# Abbreviations:
 # * e - EFI
 # * g - gpt
 # * b - btrfs
 # * l - LUKS
 #
 # Available formats:
 # * egb
 # * egbl
 #
 disk_format: egbl
-# grub_theme_name: xenlism
+disk_device: /dev/sda
-# configure_root_password: password
+root_mount: /mnt
-user_name: <user_name>
+# --- Options for egbl disk format ---
-user_password: <user_password>
+# Mapper name of the luks container:
 disk_egbl_luks_name: ""
-hostname: <hostname>
+# Password used to encrypt the luks container:
-timezone: <timezone>
+disk_egbl_luks_password: ""
-# no other options atm
+# --- Grub theme ---
 # Available themes:
 # * xenilism
 #
 grub_theme: xenilism
 # --- Account options ---
 root_user_password: archbtw
 user_name: arch
 user_password: archbtw
 # --- Machine settings ---
 hostname: archlinux
 timezone: Europe/Stockholm
 # --- Display/windowing ---
 # Available display servers:
 # * x11
 #
 display_server: x11
 # Available display managers:
 # * lightdm
 #
 display_manager: lightdm
-# no other options atm
+# Available window managers:
 # * i3
 #
 window_manager: i3
-feat_bluetooth: true
+# --- Togglable features ---
 feat_bluetooth: false
 feat_u2f: false
-mullvad_account: "<mullvad_account>"
+# --- VPN ---
 # Mullvad VPN account number:
 mullvad_account: ""
-# generate with pamu2fcfg
+# --- u2f pam ---
 # u2f key for the user defined above, can be generated with:
 # $ pamu2fcfg
 user_u2f_key: ""
 # Modules where u2f will be an alternative to other auth
 u2f_optional:
  - sudo
 # Modules where u2f will be a required addition to other auth
 u2f_required:
  - su
-  - login
+  - system-login
--- a/main.yml
+++ b/main.yml
@ -7,12 +7,12 @@
    - name: Check if live iso.
      command: arch-chroot
      failed_when: false
-      register: _check_arch_chroot
+      register: result
      changed_when: false
    - name: Set arch chroot fact.
      set_fact:
-        is_live_iso: "{{ _check_arch_chroot.rc == 1 }}"
+        is_live_iso: "{{ result.rc == 1 }}"
    - name: Include tasks.
      include_role:
@ -20,7 +20,7 @@
      with_items:
        - passwordless_connection
        - prep
-        - disksetup
+        - disk
        - configure
      when: is_live_iso
@ -43,17 +43,17 @@
    - display_manager
    - window_manager
    - common_software
    - audio
    - name: bluetooth
      when: feat_bluetooth
    - audio
    - mullvad
    - docker
    - yubikey
-    - u2f
+    - name: u2f
      when: feat_u2f
    - cleanup
  tasks:
    - name: Reboot system.
-      reboot:
+      command: reboot
-        reboot_timeout: 5
+      changed_when: true
      failed_when: false
--- a/roles/base_packages/defaults/main.yml
+++ b/roles/base_packages/defaults/main.yml
@ -1,13 +0,0 @@
 ---
 base_packages_list:
  # Arch base packages
  - base
  - base-devel
  # Linux kernel
  - linux
  - linux-firmware
  # Additional packages that are needed for further ansible functionality
  - sudo
  - networkmanager
  - openssh
  - python
--- a/roles/base_packages/tasks/main.yml
+++ b/roles/base_packages/tasks/main.yml
@ -3,5 +3,16 @@
  include_role:
    name: pacstrap
  vars:
-    packages: "{{ base_packages_list }}"
+    packages:
-    chroot: "{{ partitioning_root_mount_point }}"
+      # arch base packages
      - base
      - base-devel
      # linux kernel
      - linux
      - linux-firmware
      # additional packages that are needed for further ansible functionality
      - sudo
      - networkmanager
      - openssh
      - python
    chroot: "{{ root_mount }}"
--- a/roles/configure/defaults/main.yml
+++ b/roles/configure/defaults/main.yml
@ -1,2 +0,0 @@
 ---
 configure_root_password: password
--- a/roles/configure/tasks/main.yml
+++ b/roles/configure/tasks/main.yml
@ -1,6 +1,6 @@
 ---
 - name: Enable services on installed system.
-  command: arch-chroot {{ partitioning_root_mount_point }}
+  command: arch-chroot {{ root_mount }}
    systemctl enable {{ item }}
  with_items:
    - sshd
@ -27,7 +27,7 @@
 - name: Create static ip config.
  template:
    src: files/static.nmconnection
-    dest: "{{ partitioning_root_mount_point }}/etc/NetworkManager/system-connections/static.nmconnection"
+    dest: "{{ root_mount }}/etc/NetworkManager/system-connections/static.nmconnection"
    owner: root
    group: root
    mode: 0600
@ -35,7 +35,7 @@
 - name: Make sure root's .ssh directory exists.
  file:
    state: directory
-    path: "{{ partitioning_root_mount_point }}/root/.ssh"
+    path: "{{ root_mount }}/root/.ssh"
    owner: root
    group: root
    mode: 0700
@ -44,10 +44,10 @@
  authorized_key:
    state: present
    user: root
-    path: "{{ partitioning_root_mount_point }}/root/.ssh/authorized_keys"
+    path: "{{ root_mount }}/root/.ssh/authorized_keys"
    key: "{{ tmp_pub_key }}"
    manage_dir: true
 - name: Update root password.
-  command: arch-chroot {{ partitioning_root_mount_point }} sh -c "echo root:{{ configure_root_password }} | chpasswd"
+  command: arch-chroot {{ root_mount }} sh -c "echo root:{{ root_user_password }} | chpasswd"
  changed_when: true
--- a/roles/disksetup/efi_gpt_btrfs/bootloader/files/grub
+++ b/roles/disksetup/efi_gpt_btrfs/bootloader/files/grub
--- a/roles/disk/egb/bootloader/tasks/main.yml
+++ b/roles/disk/egb/bootloader/tasks/main.yml
@ -0,0 +1,23 @@
 ---
 - name: Install required packages.
  command: arch-chroot {{ root_mount }} pacman -Sy grub efibootmgr os-prober --noconfirm
  changed_when: true
 - name: Copy grub default config.
  template:
    src: files/grub
    dest: "{{ root_mount }}/etc/default/grub"
    owner: root
    group: root
    mode: 0644
 - name: Install grub.
  command:
    cmd: arch-chroot {{ root_mount }} grub-install --efi-directory=/boot/efi --bootloader-id=grub
    creates: "{{ root_mount }}/boot/efi/EFI/grub"
 - name: Install theme.
  include_role:
    name: grub-theme
  vars:
    chroot: "{{ root_mount }}"
--- a/roles/disk/egb/partitioning/defaults/main.yml
+++ b/roles/disk/egb/partitioning/defaults/main.yml
@ -0,0 +1,22 @@
 ---
 # The size of the ESP partition to be created
 disk_egb_esp_size: "{{ 512 * 1024 * 1024 }}"
 # btrfs subvolumes are laid out in a flat fashion:
 #
 # toplevel       (default subvolume, not mounted)
 #   +-- @        (to be mounted at /)
 #   +-- @home    (to be mmounted at /home)
 #   +-- ...
 #
 disk_egb_btrfs_subvolumes: "{{ disk_egb_core_btrfs_subvolumes + disk_egb_priv_extra_btrfs_subvolumes }}"
 # These subvolumes should always be present. DO NOT OVERRIDE.
 disk_egb_core_btrfs_subvolumes:
  - name: "@"
    mountpoint: /
  - name: "@home"
    mountpoint: /home
 # Add extra subvolumes here, beginning with an @.
 disk_egb_extra_btrfs_subvolumes: []
--- a/roles/disk/egb/partitioning/tasks/format-disk.yml
+++ b/roles/disk/egb/partitioning/tasks/format-disk.yml
@ -0,0 +1,33 @@
 ---
 - name: Create EFI system partition
  parted:
    device: "{{ disk_device }}"
    state: present
    label: gpt
    number: 1
    name: ESP
    part_start: "{{ 1024 * 1024 }}B"
    part_end: "{{ disk_egb_esp_size | int  + 1024 * 1024 - 1 }}B"
    flags:
      - esp
 - name: Create root partition
  parted:
    device: "{{ disk_device }}"
    state: present
    label: gpt
    number: 2
    name: root
    part_start: "{{ disk_egb_esp_size | int  + 1024 * 1024 }}B"
 - name: Enumerate created partitions.
  shell: |
    set -e -o pipefail
    lsblk -n -o PATH {{ disk_device }} | tail -n +2
  register: result
  changed_when: false
 - name: Assign partitions to variables.
  set_fact:
    disk_egb_esp_device_node: "{{ result.stdout_lines[0] }}"
    disk_egb_root_device_node: "{{ result.stdout_lines[1] }}"
--- a/roles/disk/egb/partitioning/tasks/format-parts.yml
+++ b/roles/disk/egb/partitioning/tasks/format-parts.yml
@ -0,0 +1,33 @@
 ---
 - name: Format the boot partition with vfat.
  filesystem:
    device: "{{ disk_egb_esp_device_node }}"
    state: present
    type: vfat
 - name: Format the root partition with btrfs.
  filesystem:
    device: "{{ disk_egb_root_device_node }}"
    state: present
    type: btrfs
 - name: Mount the default subvolume.
  mount:
    state: mounted
    src: "{{ disk_egb_root_device_node }}"
    path: "{{ root_mount }}"
    fstype: btrfs
    opts: defaults,noatime,compress=zstd
 - name: Create subvolumes.
  command:
    cmd: btrfs subvolume create {{ (root_mount + "/" + subvolume.name) }}
    creates: '{{ (root_mount + "/" + subvolume.name) }}'
  with_items: "{{ disk_egb_btrfs_subvolumes }}"
  loop_control:
    loop_var: subvolume
 - name: Unmount the default subvolume.
  mount:
    state: unmounted
    path: "{{ root_mount }}"
--- a/roles/disksetup/efi_gpt_btrfs/partitioning/tasks/main.yml
+++ b/roles/disksetup/efi_gpt_btrfs/partitioning/tasks/main.yml
@ -5,7 +5,7 @@
  when: not efi_mode
 - name: Make sure root mount point is unmounted.
-  command: umount -R {{ partitioning_root_mount_point }}
+  command: umount -R {{ root_mount }}
  changed_when: true
  register: result
  failed_when: result.rc != 0 and "not mounted" not in result.stderr
--- a/roles/disksetup/efi_gpt_btrfs/partitioning/tasks/mount.yml
+++ b/roles/disksetup/efi_gpt_btrfs/partitioning/tasks/mount.yml
@ -1,13 +1,13 @@
 ---
 - name: Mount btrfs subvolumes.
  include_tasks: mount_btrfs-subvolume.yml
-  with_items: "{{ partitioning_priv_btrfs_subvolumes }}"
+  with_items: "{{ disk_egb_btrfs_subvolumes }}"
  loop_control:
    loop_var: subvolume
 - name: Make EFI mount point.
  file:
-    path: "{{ partitioning_root_mount_point }}/boot/efi"
+    path: "{{ root_mount }}/boot/efi"
    state: directory
    recurse: true
    owner: root
@ -17,6 +17,6 @@
 - name: Mount EFI boot partition.
  mount:
    state: mounted
-    src: "{{ partitioning_priv_esp_device_node }}"
+    src: "{{ disk_egb_esp_device_node }}"
-    path: "{{ partitioning_root_mount_point }}/boot/efi"
+    path: "{{ root_mount }}/boot/efi"
    fstype: vfat
--- a/roles/disksetup/efi_gpt_btrfs/partitioning/tasks/mount_btrfs-subvolume.yml
+++ b/roles/disksetup/efi_gpt_btrfs/partitioning/tasks/mount_btrfs-subvolume.yml
@ -2,7 +2,7 @@
 - name: Make btrfs subvolume mount point.
  file:
    state: directory
-    path: "{{ (partitioning_root_mount_point + subvolume.mountpoint) | quote }}"
+    path: "{{ root_mount + subvolume.mountpoint }}"
    owner: root
    group: root
    mode: 0755
@ -12,6 +12,6 @@
    mount
      -t btrfs
      -o defaults,noatime,compress=zstd,subvol={{ subvolume.name  }}
-      {{ partitioning_priv_root_device_node }}
+      {{ disk_egb_root_device_node }}
-      {{ (partitioning_root_mount_point + subvolume.mountpoint) | quote }}
+      {{ root_mount + subvolume.mountpoint }}
  changed_when: true
--- a/roles/disksetup/efi_gpt_btrfs/postpartitioning/tasks/main.yml
+++ b/roles/disksetup/efi_gpt_btrfs/postpartitioning/tasks/main.yml
@ -3,28 +3,28 @@
  include_role:
    name: genfstab
  vars:
-    chroot: "{{ partitioning_root_mount_point }}"
+    chroot: "{{ root_mount }}"
 - name: Check if btrfs-progs is installed.
-  command: arch-chroot {{ partitioning_root_mount_point }}
+  command: arch-chroot {{ root_mount }}
    pacman -Qk btrfs-progs
-  register: _btrfs_progs_installed
+  register: result
  failed_when: false
  changed_when: false
 - name: Install btrfs-progs.
-  command: arch-chroot {{ partitioning_root_mount_point }}
+  command: arch-chroot {{ root_mount }}
    pacman -Sy btrfs-progs --noconfirm
-  when: _btrfs_progs_installed.rc != 0
+  when: result.rc != 0
 - name: Configure mkinitcpio.
  mkinitcpio:
    state: present
-    path: "{{ partitioning_root_mount_point }}/etc/mkinitcpio.conf"
+    path: "{{ root_mount }}/etc/mkinitcpio.conf"
    binaries: /usr/bin/btrfs
    hooks:
      - btrfs
 - name: Run mkinitcpio.
-  command: arch-chroot {{ partitioning_root_mount_point }} mkinitcpio -P
+  command: arch-chroot {{ root_mount }} mkinitcpio -P
  changed_when: true
--- a/roles/disksetup/efi_gpt_luks_btrfs/bootloader/files/grub
+++ b/roles/disksetup/efi_gpt_luks_btrfs/bootloader/files/grub
@ -1,6 +1,6 @@
 GRUB_TIMEOUT=5
 GRUB_DISTRIBUTOR="Arch"
-GRUB_CMDLINE_LINUX_DEFAULT="cryptdevice=UUID={{ bootloader_priv_luks_device_node_uuid }}:{{ partitioning_priv_luks_name }}"
+GRUB_CMDLINE_LINUX_DEFAULT="cryptdevice=UUID={{ bootloader_priv_luks_device_node_uuid }}:{{ disk_egbl_luks_name }}"
 GRUB_CMDLINE_LINUX=""
 GRUB_PRELOAD_MODULES="btrfs part_gpt"
 GRUB_ENABLE_CRYPTODISK=y
--- a/roles/disk/egbl/bootloader/tasks/main.yml
+++ b/roles/disk/egbl/bootloader/tasks/main.yml
@ -0,0 +1,34 @@
 ---
 - name: Install required packages.
  command: arch-chroot {{ root_mount }} pacman -Sy grub efibootmgr os-prober --noconfirm
  changed_when: true
 - name: Get luks device node uuid.
  shell: |
    set -e -o pipefail
    blkid {{ disk_egbl_luks_device_node }} -o value | head -1
  register: result
  changed_when: false
 - name: Assign device node id to variable.
  set_fact:
    bootloader_priv_luks_device_node_uuid: "{{ result.stdout }}"
 - name: Copy grub default config.
  template:
    src: files/grub
    dest: "{{ root_mount }}/etc/default/grub"
    owner: root
    group: root
    mode: 0644
 - name: Install grub.
  command:
    cmd: arch-chroot {{ root_mount }} grub-install --efi-directory=/boot/efi --bootloader-id=grub
    creates: "{{ root_mount }}/boot/efi/EFI/grub"
 - name: Install theme.
  include_role:
    name: grub-theme
  vars:
    chroot: "{{ root_mount }}"
--- a/roles/disk/egbl/partitioning/defaults/main.yml
+++ b/roles/disk/egbl/partitioning/defaults/main.yml
@ -0,0 +1,22 @@
 ---
 # The size of the ESP partition to be created
 disk_egbl_esp_size: "{{ 512 * 1024 * 1024 }}"
 # btrfs subvolumes are laid out in a flat fashion:
 #
 # toplevel       (default subvolume, not mounted)
 #   +-- @        (to be mounted at /)
 #   +-- @home    (to be mmounted at /home)
 #   +-- ...
 #
 disk_egbl_btrfs_subvolumes: "{{ disk_egbl_core_btrfs_subvolumes + disk_egbl_extra_btrfs_subvolumes }}"
 # These subvolumes should always be present. DO NOT OVERRIDE.
 disk_egbl_core_btrfs_subvolumes:
  - name: "@"
    mountpoint: /
  - name: "@home"
    mountpoint: /home
 # Add extra subvolumes here, beginning with an @.
 disk_egbl_extra_btrfs_subvolumes: []
--- a/roles/disk/egbl/partitioning/tasks/format-disk.yml
+++ b/roles/disk/egbl/partitioning/tasks/format-disk.yml
@ -0,0 +1,33 @@
 ---
 - name: Create EFI system partition
  parted:
    device: "{{ disk_device }}"
    state: present
    label: gpt
    number: 1
    name: ESP
    part_start: "{{ 1024 * 1024 }}B"
    part_end: "{{ disk_egbl_esp_size | int  + 1024 * 1024 - 1 }}B"
    flags:
      - esp
 - name: Create LUKS partition
  parted:
    device: "{{ disk_device }}"
    state: present
    label: gpt
    number: 2
    name: LUKS
    part_start: "{{ disk_egbl_esp_size | int  + 1024 * 1024 }}B"
 - name: Enumerate created partitions.
  shell: |
    set -e -o pipefail
    lsblk -n -o PATH {{ disk_device }} | tail -n +2
  register: result
  changed_when: false
 - name: Assign partitions to variables.
  set_fact:
    disk_egbl_esp_device_node: "{{ result.stdout_lines[0] }}"
    disk_egbl_luks_device_node: "{{ result.stdout_lines[1] }}"
--- a/roles/disk/egbl/partitioning/tasks/format-parts.yml
+++ b/roles/disk/egbl/partitioning/tasks/format-parts.yml
@ -0,0 +1,31 @@
 ---
 - name: Format the boot partition with vfat.
  filesystem:
    device: "{{ disk_egbl_esp_device_node }}"
    state: present
    type: vfat
 - name: Format the luks container with btrfs.
  filesystem:
    device: /dev/mapper/{{ disk_egbl_luks_name }}
    state: present
    type: btrfs
 - name: Mount the default subvolume.
  mount:
    state: mounted
    src: /dev/mapper/{{ disk_egbl_luks_name }}
    path: "{{ root_mount }}"
    fstype: btrfs
    opts: defaults,noatime,compress=zstd
 - name: Create subvolumes.
  command:
    cmd: btrfs subvolume create {{ root_mount + "/" + item.name }}
    creates: '{{ root_mount + "/" + item.name }}'
  with_items: "{{ disk_egbl_btrfs_subvolumes }}"
 - name: Unmount the default subvolume.
  mount:
    state: unmounted
    path: "{{ root_mount }}"
--- a/roles/disk/egbl/partitioning/tasks/luks.yml
+++ b/roles/disk/egbl/partitioning/tasks/luks.yml
@ -0,0 +1,10 @@
 ---
 - name: Create luks container and open it.
  luks_device:
    device: "{{ disk_egbl_luks_device_node }}"
    state: opened
    name: "{{ disk_egbl_luks_name }}"
    type: luks1
    cipher: aes-xts-plain64
    hash: sha256
    passphrase: "{{ disk_egbl_luks_password }}"
--- a/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/main.yml
+++ b/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/main.yml
@ -5,7 +5,7 @@
  when: not efi_mode
 - name: Make sure root mount point is unmounted.
-  command: umount -R {{ partitioning_root_mount_point }}
+  command: umount -R {{ root_mount }}
  changed_when: true
  register: result
  failed_when: result.rc != 0 and "not mounted" not in result.stderr
--- a/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/mount.yml
+++ b/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/mount.yml
@ -1,13 +1,13 @@
 ---
 - name: Mount btrfs subvolumes.
  include_tasks: mount_btrfs-subvolume.yml
-  with_items: "{{ partitioning_priv_btrfs_subvolumes }}"
+  with_items: "{{ disk_egbl_btrfs_subvolumes }}"
  loop_control:
    loop_var: subvolume
 - name: Make EFI mount point.
  file:
-    path: "{{ partitioning_root_mount_point }}/boot/efi"
+    path: "{{ root_mount }}/boot/efi"
    state: directory
    recurse: true
    owner: root
@ -17,6 +17,6 @@
 - name: Mount EFI boot partition.
  mount:
    state: mounted
-    src: "{{ partitioning_priv_esp_device_node }}"
+    src: "{{ disk_egbl_esp_device_node }}"
-    path: "{{ partitioning_root_mount_point }}/boot/efi"
+    path: "{{ root_mount }}/boot/efi"
    fstype: vfat
--- a/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/mount_btrfs-subvolume.yml
+++ b/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/mount_btrfs-subvolume.yml
@ -2,7 +2,7 @@
 - name: Make btrfs subvolume mount point.
  file:
    state: directory
-    path: "{{ (partitioning_root_mount_point + subvolume.mountpoint) | quote }}"
+    path: "{{ root_mount + subvolume.mountpoint }}"
    owner: root
    group: root
    mode: 0755
@ -12,6 +12,6 @@
    mount
      -t btrfs
      -o defaults,noatime,compress=zstd,subvol={{ subvolume.name  }}
-      /dev/mapper/{{ partitioning_priv_luks_name }}
+      /dev/mapper/{{ disk_egbl_luks_name }}
-      {{ (partitioning_root_mount_point + subvolume.mountpoint) | quote }}
+      {{ root_mount + subvolume.mountpoint }}
  changed_when: true
--- a/roles/disk/egbl/postpartitioning/tasks/main.yml
+++ b/roles/disk/egbl/postpartitioning/tasks/main.yml
@ -0,0 +1,47 @@
 ---
 - name: Generate fstab.
  include_role:
    name: genfstab
  vars:
    chroot: "{{ root_mount }}"
 - name: Check if btrfs-progs is installed.
  command: arch-chroot {{ root_mount }}
    pacman -Qk btrfs-progs
  register: result
  failed_when: false
  changed_when: false
 - name: Install btrfs-progs.
  command: arch-chroot {{ root_mount }}
    pacman -Sy btrfs-progs --noconfirm
  when: result.rc != 0
 - name: Create crypto keyfile.
  shell:
    # yamllint disable rule:line-length
    cmd: |
      set -e -o pipefail
      dd bs=512 count=8 if=/dev/urandom of={{ root_mount }}/crypto_keyfile.bin
      echo {{ disk_egbl_luks_password }} | cryptsetup luksAddKey {{ disk_egbl_luks_device_node }} {{ root_mount }}/crypto_keyfile.bin
    # yamllint enable rule:line-length
    creates: "{{ root_mount }}/crypto_keyfile.bin"
 - name: Set proper permissions on crypto keyfile.
  file:
    path: "{{ root_mount }}/crypto_keyfile.bin"
    mode: 0000
 - name: Configure mkinitcpio.
  mkinitcpio:
    state: present
    path: "{{ root_mount }}/etc/mkinitcpio.conf"
    binaries: /usr/bin/btrfs
    files: /crypto_keyfile.bin
    hooks:
      - encrypt
      - btrfs
 - name: Run mkinitcpio.
  command: arch-chroot {{ root_mount }} mkinitcpio -P
  changed_when: true
--- a/roles/disk/tasks/main.yml
+++ b/roles/disk/tasks/main.yml
@ -0,0 +1,16 @@
 ---
 - name: Include partitioning role for {{ disk_format }} disk format.
  include_role:
    name: "disk/{{ disk_format }}/partitioning"
    public: true
 - name: Bootstrap system with base packages.
  import_role:
    name: base_packages
 - name: Include postpartitioning role for {{ disk_format }} disk format.
  include_role:
    name: "disk/{{ disk_format }}/postpartitioning"
    public: true
 - name: Include bootloader role for {{ disk_format }} disk format.
  include_role:
    name: "disk/{{ disk_format }}/bootloader"
    public: true
--- a/roles/disksetup/defaults/main.yml
+++ b/roles/disksetup/defaults/main.yml
@ -1,2 +0,0 @@
 ---
 disksetup_strategy: efi_gpt_luks_btrfs
--- a/roles/disksetup/efi_gpt_btrfs/bootloader/tasks/main.yml
+++ b/roles/disksetup/efi_gpt_btrfs/bootloader/tasks/main.yml
@ -1,23 +0,0 @@
 ---
 - name: Install required packages.
  command: arch-chroot {{ partitioning_root_mount_point }} pacman -Sy grub efibootmgr os-prober --noconfirm
  changed_when: true
 - name: Copy grub default config.
  template:
    src: files/grub
    dest: "{{ partitioning_root_mount_point }}/etc/default/grub"
    owner: root
    group: root
    mode: 0644
 - name: Install grub.
  command:
    cmd: arch-chroot {{ partitioning_root_mount_point }} grub-install --efi-directory=/boot/efi --bootloader-id=grub
    creates: "{{ partitioning_root_mount_point }}/boot/efi/EFI/grub"
 - name: Install theme.
  include_role:
    name: grub-theme
  vars:
    chroot: "{{ partitioning_root_mount_point }}"
--- a/roles/disksetup/efi_gpt_btrfs/partitioning/defaults/main.yml
+++ b/roles/disksetup/efi_gpt_btrfs/partitioning/defaults/main.yml
@ -1,33 +0,0 @@
 ---
 ##### Public variables used by the rest of the playbook #####
 partitioning_root_mount_point: "/mnt"
 ##### Private variables used only by the partitioning roles #####
 # Two partitions will be created on this device node
 # * xxx1 will be used by /boot/efi
 # * xxx2 will be the root partition
 partitioning_priv_device_node: "/dev/sda"
 # The size of the ESP partition to be created
 partitioning_priv_esp_size: "{{ 512 * 1024 * 1024 }}"
 # btrfs subvolumes are laid out in a flat fashion:
 #
 # toplevel       (default subvolume, not mounted)
 #   +-- @        (to be mounted at /)
 #   +-- @home    (to be mmounted at /home)
 #   +-- ...
 #
 # yamllint disable-line rule:line-length
 partitioning_priv_btrfs_subvolumes: "{{ partitioning_priv_core_btrfs_subvolumes + partitioning_priv_extra_btrfs_subvolumes }}"
 # These subvolumes should always be present. DO NOT OVERRIDE.
 partitioning_priv_core_btrfs_subvolumes:
  - name: "@"
    mountpoint: /
 # Other subvolumes can be added here, beginning with an @.
 partitioning_priv_extra_btrfs_subvolumes:
  - name: "@home"
    mountpoint: /home
--- a/roles/disksetup/efi_gpt_btrfs/partitioning/tasks/format-disk.yml
+++ b/roles/disksetup/efi_gpt_btrfs/partitioning/tasks/format-disk.yml
@ -1,33 +0,0 @@
 ---
 - name: Create EFI system partition
  parted:
    device: "{{ partitioning_priv_device_node }}"
    state: present
    label: gpt
    number: 1
    name: ESP
    part_start: "{{ 1024 * 1024 }}B"
    part_end: "{{ partitioning_priv_esp_size | int  + 1024 * 1024 - 1 }}B"
    flags:
      - esp
 - name: Create root partition
  parted:
    device: "{{ partitioning_priv_device_node }}"
    state: present
    label: gpt
    number: 2
    name: root
    part_start: "{{ partitioning_priv_esp_size | int  + 1024 * 1024 }}B"
 - name: Enumerate created partitions.
  shell: |
    set -e -o pipefail
    lsblk -n -o PATH {{ partitioning_priv_device_node | quote }} | tail -n +2
  register: _partitions
  changed_when: false
 - name: Assign partitions to variables.
  set_fact:
    partitioning_priv_esp_device_node: "{{ _partitions.stdout_lines[0] }}"
    partitioning_priv_root_device_node: "{{ _partitions.stdout_lines[1] }}"
--- a/roles/disksetup/efi_gpt_btrfs/partitioning/tasks/format-parts.yml
+++ b/roles/disksetup/efi_gpt_btrfs/partitioning/tasks/format-parts.yml
@ -1,31 +0,0 @@
 ---
 - name: Format the boot partition with vfat.
  filesystem:
    device: "{{ partitioning_priv_esp_device_node }}"
    state: present
    type: vfat
 - name: Format the root partition with btrfs.
  filesystem:
    device: "{{ partitioning_priv_root_device_node }}"
    state: present
    type: btrfs
 - name: Mount the default subvolume.
  mount:
    state: mounted
    src: "{{ partitioning_priv_root_device_node }}"
    path: "{{ partitioning_root_mount_point }}"
    fstype: btrfs
    opts: defaults,noatime,compress=zstd
 - name: Create subvolumes.
  command:
    cmd: btrfs subvolume create {{ (partitioning_root_mount_point + "/" + item.name) }}
    creates: '{{ (partitioning_root_mount_point + "/" + item.name) }}'
  with_items: "{{ partitioning_priv_btrfs_subvolumes }}"
 - name: Unmount the default subvolume.
  mount:
    state: unmounted
    path: "{{ partitioning_root_mount_point }}"
--- a/roles/disksetup/efi_gpt_luks_btrfs/bootloader/tasks/main.yml
+++ b/roles/disksetup/efi_gpt_luks_btrfs/bootloader/tasks/main.yml
@ -1,34 +0,0 @@
 ---
 - name: Install required packages.
  command: arch-chroot {{ partitioning_root_mount_point }} pacman -Sy grub efibootmgr os-prober --noconfirm
  changed_when: true
 - name: Get luks device node uuid.
  shell: |
    set -e -o pipefail
    blkid {{ partitioning_priv_luks_device_node }} -o value | head -1
  register: _device_node_uuid
  changed_when: false
 - name: Assign device node id to variable.
  set_fact:
    bootloader_priv_luks_device_node_uuid: "{{ _device_node_uuid.stdout }}"
 - name: Copy grub default config.
  template:
    src: files/grub
    dest: "{{ partitioning_root_mount_point }}/etc/default/grub"
    owner: root
    group: root
    mode: 0644
 - name: Install grub.
  command:
    cmd: arch-chroot {{ partitioning_root_mount_point }} grub-install --efi-directory=/boot/efi --bootloader-id=grub
    creates: "{{ partitioning_root_mount_point }}/boot/efi/EFI/grub"
 - name: Install theme.
  include_role:
    name: grub-theme
  vars:
    chroot: "{{ partitioning_root_mount_point }}"
--- a/roles/disksetup/efi_gpt_luks_btrfs/partitioning/defaults/main.yml
+++ b/roles/disksetup/efi_gpt_luks_btrfs/partitioning/defaults/main.yml
@ -1,39 +0,0 @@
 ---
 ##### Public variables used by the rest of the playbook #####
 partitioning_root_mount_point: "/mnt"
 ##### Private variables used only by the partitioning roles #####
 # Two partitions will be created on this device node
 # * xxx1 will be used by /boot/efi
 # * xxx2 will be a luks container, with btrfs inside
 partitioning_priv_device_node: "/dev/sda"
 # The size of the ESP partition to be created
 partitioning_priv_esp_size: "{{ 512 * 1024 * 1024 }}"
 # btrfs subvolumes are laid out in a flat fashion:
 #
 # toplevel       (default subvolume, not mounted)
 #   +-- @        (to be mounted at /)
 #   +-- @home    (to be mmounted at /home)
 #   +-- ...
 #
 # yamllint disable-line rule:line-length
 partitioning_priv_btrfs_subvolumes: "{{ partitioning_priv_core_btrfs_subvolumes + partitioning_priv_extra_btrfs_subvolumes }}"
 # These subvolumes should always be present. DO NOT OVERRIDE.
 partitioning_priv_core_btrfs_subvolumes:
  - name: "@"
    mountpoint: /
 # Other subvolumes can be added here, beginning with an @.
 partitioning_priv_extra_btrfs_subvolumes:
  - name: "@home"
    mountpoint: /home
 # The mapper name of the luks container
 partitioning_priv_luks_name: cryptoroot
 # The password used to encrypt the luks container
 partitioning_priv_luks_password: password
--- a/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/format-disk.yml
+++ b/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/format-disk.yml
@ -1,33 +0,0 @@
 ---
 - name: Create EFI system partition
  parted:
    device: "{{ partitioning_priv_device_node }}"
    state: present
    label: gpt
    number: 1
    name: ESP
    part_start: "{{ 1024 * 1024 }}B"
    part_end: "{{ partitioning_priv_esp_size | int  + 1024 * 1024 - 1 }}B"
    flags:
      - esp
 - name: Create LUKS partition
  parted:
    device: "{{ partitioning_priv_device_node }}"
    state: present
    label: gpt
    number: 2
    name: LUKS
    part_start: "{{ partitioning_priv_esp_size | int  + 1024 * 1024 }}B"
 - name: Enumerate created partitions.
  shell: |
    set -e -o pipefail
    lsblk -n -o PATH {{ partitioning_priv_device_node | quote }} | tail -n +2
  register: _partitions
  changed_when: false
 - name: Assign partitions to variables.
  set_fact:
    partitioning_priv_esp_device_node: "{{ _partitions.stdout_lines[0] }}"
    partitioning_priv_luks_device_node: "{{ _partitions.stdout_lines[1] }}"
--- a/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/format-parts.yml
+++ b/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/format-parts.yml
@ -1,31 +0,0 @@
 ---
 - name: Format the boot partition with vfat.
  filesystem:
    device: "{{ partitioning_priv_esp_device_node }}"
    state: present
    type: vfat
 - name: Format the luks container with btrfs.
  filesystem:
    device: /dev/mapper/{{ partitioning_priv_luks_name }}
    state: present
    type: btrfs
 - name: Mount the default subvolume.
  mount:
    state: mounted
    src: /dev/mapper/{{ partitioning_priv_luks_name }}
    path: "{{ partitioning_root_mount_point }}"
    fstype: btrfs
    opts: defaults,noatime,compress=zstd
 - name: Create subvolumes.
  command:
    cmd: btrfs subvolume create {{ (partitioning_root_mount_point + "/" + item.name) | quote }}
    creates: '{{ (partitioning_root_mount_point + "/" + item.name) | quote }}'
  with_items: "{{ partitioning_priv_btrfs_subvolumes }}"
 - name: Unmount the default subvolume.
  mount:
    state: unmounted
    path: "{{ partitioning_root_mount_point }}"
--- a/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/luks.yml
+++ b/roles/disksetup/efi_gpt_luks_btrfs/partitioning/tasks/luks.yml
@ -1,10 +0,0 @@
 ---
 - name: Create luks container and open it.
  luks_device:
    device: "{{ partitioning_priv_luks_device_node }}"
    state: opened
    name: "{{ partitioning_priv_luks_name }}"
    type: luks1
    cipher: aes-xts-plain64
    hash: sha256
    passphrase: "{{ partitioning_priv_luks_password }}"
--- a/roles/disksetup/efi_gpt_luks_btrfs/postpartitioning/tasks/main.yml
+++ b/roles/disksetup/efi_gpt_luks_btrfs/postpartitioning/tasks/main.yml
@ -1,47 +0,0 @@
 ---
 - name: Generate fstab.
  include_role:
    name: genfstab
  vars:
    chroot: "{{ partitioning_root_mount_point }}"
 - name: Check if btrfs-progs is installed.
  command: arch-chroot {{ partitioning_root_mount_point }}
    pacman -Qk btrfs-progs
  register: _btrfs_progs_installed
  failed_when: false
  changed_when: false
 - name: Install btrfs-progs.
  command: arch-chroot {{ partitioning_root_mount_point }}
    pacman -Sy btrfs-progs --noconfirm
  when: _btrfs_progs_installed.rc != 0
 - name: Create crypto keyfile.
  shell:
    cmd: |
      set -e -o pipefail
      dd bs=512 count=8 if=/dev/urandom of={{ partitioning_root_mount_point }}/crypto_keyfile.bin
      echo {{ partitioning_priv_luks_password }} \
        | cryptsetup luksAddKey {{ partitioning_priv_luks_device_node }} \
        {{ partitioning_root_mount_point }}/crypto_keyfile.bin
    creates: "{{ partitioning_root_mount_point }}/crypto_keyfile.bin"
 - name: Set proper permissions on crypto keyfile.
  file:
    path: "{{ partitioning_root_mount_point }}/crypto_keyfile.bin"
    mode: 0000
 - name: Configure mkinitcpio.
  mkinitcpio:
    state: present
    path: "{{ partitioning_root_mount_point }}/etc/mkinitcpio.conf"
    binaries: /usr/bin/btrfs
    files: /crypto_keyfile.bin
    hooks:
      - encrypt
      - btrfs
 - name: Run mkinitcpio.
  command: arch-chroot {{ partitioning_root_mount_point }} mkinitcpio -P
  changed_when: true
--- a/roles/disksetup/tasks/main.yml
+++ b/roles/disksetup/tasks/main.yml
@ -1,16 +0,0 @@
 ---
 - name: Include partitioning role for selected partitioning strategy.
  include_role:
    name: "disksetup/{{ disksetup_strategy }}/partitioning"
    public: true
 - name: Bootstrap system with base packages.
  import_role:
    name: base_packages
 - name: Include postpartitioning role for selected partitioning strategy.
  include_role:
    name: "disksetup/{{ disksetup_strategy }}/postpartitioning"
    public: true
 - name: Include bootloader role for selected partitioning strategy.
  include_role:
    name: "disksetup/{{ disksetup_strategy }}/bootloader"
    public: true
--- a/roles/display_server/tasks/main.yml
+++ b/roles/display_server/tasks/main.yml
@ -1,5 +1,5 @@
 ---
- name: Include display server xorg.
+- name: Include display server strategy.
  include_role:
-    name: "display_server/xorg"
+    name: "display_server/{{ display_server }}"
    public: true
--- a/roles/display_server/xorg/tasks/main.yml
+++ b/roles/display_server/xorg/tasks/main.yml
--- a/roles/genfstab/tasks/main.yml
+++ b/roles/genfstab/tasks/main.yml
@ -1,13 +1,13 @@
 ---
 - name: Generate fstab.
  command: genfstab -U {{ chroot | quote }}
-  register: _fstab
+  register: result
  changed_when: false
 - name: Save fstab.
  copy:
    dest: "{{ chroot | quote }}/etc/fstab"
-    content: "{{ _fstab.stdout }}"
+    content: "{{ result.stdout }}"
    owner: root
    group: root
    mode: 0644
--- a/roles/paru/tasks/main.yml
+++ b/roles/paru/tasks/main.yml
@ -9,8 +9,8 @@
  become: true
  become_user: "{{ user_name }}"
  command: rustup install stable
-  changed_when: '"unchanged" not in ret.stdout'
+  changed_when: '"unchanged" not in result.stdout'
-  register: ret
+  register: result
 - name: Install paru.
  become: true
--- a/roles/prep/tasks/main.yml
+++ b/roles/prep/tasks/main.yml
@ -2,11 +2,11 @@
 - name: Check if EFI directory exists.
  stat:
    path: /sys/firmware/efi
-  register: private_efi_directory_exists
+  register: result
 - name: Set efi_mode fact.
  set_fact:
-    efi_mode: "{{ private_efi_directory_exists.stat.exists }}"
+    efi_mode: "{{ result.stat.exists }}"
 - name: Check internet connectivity.
  uri:
		`@ -1,2 +0,0 @@`
			`---`
			`disksetup_strategy: efi_gpt_luks_btrfs`