---
- name: Wait for system to be fully booted
  ansible.builtin.wait_for_connection:
    timeout: 300
    sleep: 10

- name: Ensure Windows Update service is running
  ansible.windows.win_service:
    name: wuauserv
    state: started
    start_mode: auto

- name: Ensure BITS service is running
  ansible.windows.win_service:
    name: BITS
    state: started
    start_mode: auto

- name: Install Windows updates (loop until no more pending)
  ansible.windows.win_updates:
    category_names:
      - SecurityUpdates
      - CriticalUpdates
      - UpdateRollups
      - Updates
    state: installed
    reboot: true
    reboot_timeout: 3600
    server_selection: windows_update
  register: win_updates_result
  until: win_updates_result.installed_update_count == 0
  retries: 5
  delay: 30

- name: Report Windows Update result
  ansible.builtin.debug:
    msg: >-
      Windows Update complete.
      Last pass installed {{ win_updates_result.installed_update_count }} update(s).
      Reboot required: {{ win_updates_result.reboot_required }}.

- name: Join Active Directory domain
  microsoft.ad.membership:
    dns_domain_name: "{{ domain_name }}"
    hostname: "{{ inventory_hostname_short }}"
    domain_admin_user: "{{ domain_join_user }}"
    domain_admin_password: "{{ domain_join_password }}"
    domain_ou_path: "{{ domain_ou_path | default(omit) }}"
    state: domain
    reboot: true
    reboot_timeout: 1800

- name: Initialize data disk as GPT
  community.windows.win_initialize_disk:
    disk_number: "{{ data_disk_number }}"
    style: gpt
    online: true

- name: Create shares partition (F:)
  community.windows.win_partition:
    disk_number: "{{ data_disk_number }}"
    partition_size: -1
    drive_letter: F
    state: present

- name: Format shares partition (F:)
  community.windows.win_format:
    drive_letter: F
    file_system: NTFS
    new_label: FileShares
    allocation_unit_size: 65536