---
- name: "Creating some hcloud volumes for LVM purpose"
  hetzner.hcloud.hcloud_volume:
    api_token: "{{ hetzner_authentication_ansible }}"
    name: "{{ lvm_with_hetzner_volumes__volprefix }}-{{ inventory_hostname }}--vol{{ item }}"
    server: "{{ inventory_hostname }}"
    labels:
      stage: "{{ stage }}"
      used_for: "{{ lvm_with_hetzner_volumes__volprefix }}"
      bound_on: "{{ inventory_hostname }}"
      vol_no: "{{ item | string }}"
    size: "{{ lvm_with_hetzner_volumes__volsize }}"
    state: present
    delete_protection: true
  loop: "{{ range(1, lvm_with_hetzner_volumes__volcount + 1) | list }}"
  register: created_volume
  delegate_to: localhost
  become: false

- name: "Getting all hcloud volumes for {{ inventory_hostname }}"
  hetzner.hcloud.hcloud_volume_info:
    api_token: "{{ hetzner_authentication_ansible }}"
    label_selector: "stage={{ stage }},used_for={{ lvm_with_hetzner_volumes__volprefix }},bound_on={{ inventory_hostname }}"
  register: hcloud_volumes_found
  delegate_to: localhost
  become: false

- name: "Setting LVM related VARs"
  ansible.builtin.set_fact:
    pv_paths: "{{ hcloud_volumes_found.hcloud_volume_info | map(attribute='linux_device') | list }}"
    pv_names: "{{ hcloud_volumes_found.hcloud_volume_info | map(attribute='name') | list }}"
    vg_name: "vg.{{ lvm_with_hetzner_volumes__volprefix }}"
    lv_name: "lv.{{ lvm_with_hetzner_volumes__volprefix }}"
    encrypt_volumes: "{{ lvm_volume_encryption | bool }}"
  when: hcloud_volumes_found.hcloud_volume_info | length > 0

- name: Manage LUKS container(s)
  when: encrypt_volumes
  block:
    - name: Create LUKS container(s)
      community.crypto.luks_device:
        device: "{{ item.0 }}"
        state: "present"
        name: "{{ item.1 }}"
        passphrase: "{{ lvm_with_hetzner_volumes__passphrase }}"
      loop: "{{ pv_paths | zip(pv_names) | list }}"

    - name: Open LUKS container(s)
      community.crypto.luks_device:
        device: "{{ item.0 }}"
        state: "opened"
        name: "{{ item.1 }}"
        passphrase: "{{ lvm_with_hetzner_volumes__passphrase }}"
      loop: "{{ pv_paths | zip(pv_names) | list }}"

- name: "Creating a volume group on top of all found volumes"
  community.general.lvg:
    vg: "{{ vg_name }}"
    pvs: "{{ pv_names | map('regex_replace', '^(.*)$', '/dev/mapper/\\1') if encrypt_volumes else pv_paths }}"
    pvresize: true
  register: create_vg
  when: hcloud_volumes_found.hcloud_volume_info | length > 0

- name: "Create logical volume" # noqa no-handler
  community.general.lvol:
    vg: "{{ vg_name }}"
    lv: "{{ lv_name }}"
    size: "100%PVS"
  when: create_vg.changed

- name: "Format volume"
  community.general.system.filesystem:
    fstype: ext4
    dev: "/dev/{{ vg_name }}/{{ lv_name }}"

- name: "Resize volume" # noqa no-handler
  community.general.system.filesystem:
    fstype: ext4
    dev: "/dev/{{ vg_name }}/{{ lv_name }}"
    resizefs: true
  when:
    - create_vg.changed

# set noqa linter 'tag' due to unknown file permissions/ownership for mount path ;
# must be set in role etc in which this role will be called!!!
- name: "Ensure mountpath exists without setting permission/ownership" # noqa risky-file-permissions
  ansible.builtin.file:
    path: "{{ lvm_with_hetzner_volumes__mountpath }}"
    state: directory

- name: "Mount created LVM volume"
  ansible.posix.mount:
    path: "{{ lvm_with_hetzner_volumes__mountpath }}"
    src: "/dev/{{ vg_name }}/{{ lv_name }}"
    fstype: ext4
    state: mounted