9 files changed, 60 insertions, 10 deletions

diff --git a/ansible/plays/danneri.yml b/ansible/plays/danneri.yml
index 88d6412..6b4265a 100644
--- a/ansible/plays/danneri.yml
+++ b/ansible/plays/danneri.yml
@@ -14,10 +14,14 @@
         name: timezone
 
     - become: yes
+      tags: k3s
       copy:
         dest: /etc/rancher/k3s/config.yaml
         content: |
           tls-san:
+            - "danneri.dn42.trygvis.io"
             - "{{ ipam6.networks.lhn2_dn42.hosts.danneri }}"
             - "2a06:2240:f00d:b500:9422:d355:95b7:f170"
+          cluster-cidr: "{{ ipam6.networks.danneri_cluster.range }}"
+          service-cidr: "{{ ipam6.networks.danneri_service.range }}"
 
diff --git a/ansible/plays/host-hash.yml b/ansible/plays/host-hash.yml
new file mode 100644
index 0000000..62b781f
--- /dev/null
+++ b/ansible/plays/host-hash.yml
@@ -0,0 +1,10 @@
+- hosts: hash
+  tasks:
+    - become: yes
+      copy:
+        dest: /etc/docker/daemon.json
+        content: |
+          {
+            "ipv6": true,
+            "fixed-cidr-v6": "{{ ipam6.networks.hash_docker_dn42.range }}"
+          }
diff --git a/ansible/plays/host-lhn2pi.yml b/ansible/plays/host-lhn2pi.yml
new file mode 100644
index 0000000..551c3dd
--- /dev/null
+++ b/ansible/plays/host-lhn2pi.yml
@@ -0,0 +1,6 @@
+- hosts:
+    - lhn2pi
+  roles:
+    - systemd-networkd
+    - prometheus-bird-exporter
+    - prometheus-node-exporter
diff --git a/ansible/plays/host-unifi.yml b/ansible/plays/host-unifi.yml
new file mode 100644
index 0000000..41fb292
--- /dev/null
+++ b/ansible/plays/host-unifi.yml
@@ -0,0 +1,18 @@
+- hosts:
+    - unifi
+  tasks:
+    - become: yes
+      apt:
+        name:
+          - etckeeper
+
+    - import_role:
+        name: timezone
+
+    - import_role:
+        name: systemd-networkd
+
+    - become: yes
+      apt:
+        name:
+          - docker.io
diff --git a/ansible/plays/ipam-generate-dns.yml b/ansible/plays/ipam-generate-dns.yml
index d29b3e8..25f8087 100644
--- a/ansible/plays/ipam-generate-dns.yml
+++ b/ansible/plays/ipam-generate-dns.yml
@@ -1,6 +1,8 @@
 - hosts: localhost
   gather_facts: no
   connection: local
+  vars_files:
+    - ../group_vars/all/ipam.yml
   tasks:
     - set_fact:
         content: |
diff --git a/ansible/plays/ipam-generate-tf.yml b/ansible/plays/ipam-generate-tf.yml
index e43a559..d9888b4 100644
--- a/ansible/plays/ipam-generate-tf.yml
+++ b/ansible/plays/ipam-generate-tf.yml
@@ -1,6 +1,8 @@
 - hosts: localhost
   gather_facts: no
   connection: local
+  vars_files:
+    - ../group_vars/all/ipam.yml
   collections:
     - ansible.utils
   tasks:
@@ -20,14 +22,14 @@
                 description = "{{ network.description }}"
           {% endif %}
                 range = "{{ network.range }}"
-                address = "{{ network.range|ipaddr("network") }}"
-                prefix = "{{ network.range|ipaddr("prefix") }}"
+                address = "{{ network.range|ansible.utils.ipaddr("network") }}"
+                prefix = "{{ network.range|ansible.utils.ipaddr("prefix") }}"
           {% set hosts = network.hosts|default({}) %}
                 hosts = {
           {% for name, addr in hosts.items() %}
                   {{ name }} = {
-                    address: "{{ addr|ipaddr("address") }}"
-                    prefix: "{{ addr|ipaddr("prefix") }}"
+                    address: "{{ addr|ansible.utils.ipaddr("address") }}"
+                    prefix: "{{ addr|ansible.utils.ipaddr("prefix") }}"
                   }
           {% endfor %}
                 }
@@ -42,8 +44,8 @@
           {% set hosts = network.hosts|default({}) %}
           {% for name, addr in hosts.items() %}
               {{ name }} = {
-                address: "{{ addr|ipaddr("address") }}"
-                prefix: "{{ addr|ipaddr("prefix") }}"
+                address: "{{ addr|ansible.utils.ipaddr("address") }}"
+                prefix: "{{ addr|ansible.utils.ipaddr("prefix") }}"
               }
           {% endfor %}
           {% endfor %}
diff --git a/ansible/plays/lhn2pi.yml b/ansible/plays/lhn2pi.yml
deleted file mode 100644
index 614b926..0000000
--- a/ansible/plays/lhn2pi.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-- hosts:
-    - lhn2pi
-  roles:
-    - systemd-networkd
diff --git a/ansible/plays/templates/lhn2pi/systemd/network/10-eth0.network b/ansible/plays/templates/lhn2pi/systemd/network/10-eth0.network
index f17b3f9..853556d 100644
--- a/ansible/plays/templates/lhn2pi/systemd/network/10-eth0.network
+++ b/ansible/plays/templates/lhn2pi/systemd/network/10-eth0.network
@@ -5,3 +5,7 @@ Name=eth0
 DHCP=ipv4
 Address={{ ipam6.networks.lhn2_dn42.hosts.lhn2pi }}
 # IPv6Forwarding=yes # needs newer systemd
+
+# Disables the automatic activation of DHCPv6 from RA packets
+[IPv6AcceptRA]
+DHCPv6Client=no
diff --git a/ansible/plays/templates/unifi/systemd-networkd/enp1s0.network b/ansible/plays/templates/unifi/systemd-networkd/enp1s0.network
new file mode 100644
index 0000000..251bf45
--- /dev/null
+++ b/ansible/plays/templates/unifi/systemd-networkd/enp1s0.network
@@ -0,0 +1,8 @@
+[Match] 
+Name=enp1s0
+
+[Network]
+DHCP=ipv4
+
+[IPv6AcceptRA]
+Token=static:{{ ipam6.networks.lhn2_dn42.hosts.unifi }}