---
- name: Configure Debian VM with ansible user and LVM partitioning
  hosts: debian_vm
  remote_user: root
  gather_facts: yes
  vars:
    ansible_ssh_key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILBrnivsqjhAxWYeuuvnYc3neeRRuHsr2SjeKv+Drtpu user@debian"

  tasks:
    - name: Create ansible user
      user:
        name: ansible
        groups: sudo
        shell: /bin/bash
        create_home: yes

    - name: Create .ssh directory for ansible user
      file:
        path: /home/ansible/.ssh
        state: directory
        owner: ansible
        group: ansible
        mode: '0700'

    - name: Add SSH authorized key for ansible user
      copy:
        content: "{{ ansible_ssh_key }}\n"
        dest: /home/ansible/.ssh/authorized_keys
        owner: ansible
        group: ansible
        mode: '0600'

    - name: Configure passwordless sudo for ansible user
      copy:
        content: "ansible ALL=(ALL) NOPASSWD:ALL\n"
        dest: /etc/sudoers.d/ansible
        mode: '0440'
        validate: 'visudo -cf %s'

    - name: Configure SSH security settings
      copy:
        content: |
          PermitRootLogin no
          PasswordAuthentication no
          PubkeyAuthentication yes
        dest: /etc/ssh/sshd_config.d/99-security.conf
        mode: '0644'
      notify: restart sshd

    - name: Install essential packages
      apt:
        name:
          - sudo
          - vim
          - htop
          - tmux
          - curl
          - wget
          - rsync
          - git
          - python3
          - python3-pip
          - jq
          - bc
          - aide
          - auditd
          - chrony
          - ufw
          - lvm2
          - cloud-guest-utils
          - parted
        state: present
        update_cache: yes

    - name: Check current disk layout
      command: lsblk -o NAME,SIZE,TYPE,MOUNTPOINT
      register: disk_layout
      changed_when: false

    - name: Display current disk layout
      debug:
        var: disk_layout.stdout_lines

    - name: Check if LVM is already configured
      stat:
        path: /dev/vg_system
      register: vg_system_check

    - name: Configure LVM partitioning (if not already configured)
      when: not vg_system_check.stat.exists
      block:
        - name: Grow root partition to use available space
          command: growpart /dev/vda 1
          ignore_errors: yes

        - name: Resize root filesystem
          command: resize2fs /dev/vda1
          ignore_errors: yes

    - name: Gather final disk usage
      command: df -h
      register: disk_usage
      changed_when: false

    - name: Display disk usage
      debug:
        var: disk_usage.stdout_lines

  handlers:
    - name: restart sshd
      systemd:
        name: sshd
        state: restarted