---
- name: Encrypt second disk
  ansible.builtin.shell: |
    echo -n "your_passphrase" | cryptsetup luksFormat /dev/{{ second_disk }} --key-file=-
  ignore_errors: true

- name: Open encrypted second disk
  ansible.builtin.shell: |
    echo -n "your_passphrase" | cryptsetup luksOpen /dev/{{ second_disk }} crypt_second_disk --key-file=-
  ignore_errors: true
  register: second_disk_status

- name: Format the encrypted second disk
  command: mkfs.ext4 /dev/mapper/crypt_second_disk
  when: second_disk_status.rc == 0 

- name: Ensure the mount point exists
  file:
    path: /mnt/encrypted_disk
    state: directory

- name: Mount the encrypted second disk
  mount:
    path: /mnt/encrypted_disk
    src: /dev/mapper/crypt_second_disk
    fstype: ext4
    state: mounted