---
- name: Configure bridges
  community.routeros.api_modify:
    path: interface bridge
    data:
      - name: bridge1
        vlan-filtering: true
      - name: dockers
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

- name: Configure VLAN interfaces
  community.routeros.api_modify:
    path: interface vlan
    data:
      - name: vlan2
        comment: LAN (PC, WIFI)
        interface: bridge1
        vlan-id: 2
      - name: vlan3
        comment: KAMERY
        interface: bridge1
        vlan-id: 3
      - name: vlan4
        comment: SERVER LAN
        interface: bridge1
        vlan-id: 4
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

- name: Configure interface lists
  community.routeros.api_modify:
    path: interface list
    data:
      - name: wan
        comment: contains interfaces facing internet
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

- name: Configure interface list members
  community.routeros.api_modify:
    path: interface list member
    data:
      - interface: pppoe-gpon
        list: wan
      - interface: lte1
        list: wan
      - interface: sit1
        list: wan
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

- name: Configure bridge ports
  community.routeros.api_modify:
    path: interface bridge port
    data:
      - bridge: dockers
        interface: veth1
        comment: Tailscale container interface
      - bridge: bridge1
        interface: ether1
        pvid: 2
      - bridge: bridge1
        interface: ether2
        pvid: 2
      - bridge: bridge1
        interface: ether8
        pvid: 4
      - bridge: bridge1
        interface: ether9
        pvid: 2
      - bridge: bridge1
        interface: ether10
        pvid: 3
      - bridge: bridge1
        interface: sfp-sfpplus2
      - bridge: bridge1
        interface: ether11
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

- name: Configure bridge VLAN membership
  community.routeros.api_modify:
    path: interface bridge vlan
    data:
      - bridge: bridge1
        tagged: sfp-sfpplus2
        untagged: ether1,ether2,ether9
        vlan-ids: 2
      - bridge: bridge1
        tagged: sfp-sfpplus2
        untagged: ether10
        vlan-ids: 3
      - bridge: bridge1
        untagged: ether8
        vlan-ids: 4
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

- name: Configure IPv4 pools
  community.routeros.api_modify:
    path: ip pool
    data:
      - name: dhcp_pool0
        ranges: 192.168.0.50-192.168.0.250
        comment: LAN DHCP pool
      - name: dhcp_pool1
        ranges: 192.168.255.1-192.168.255.9,192.168.255.11-192.168.255.254
        comment: MGMT DHCP pool
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

- name: Configure DHCP servers
  community.routeros.api_modify:
    path: ip dhcp-server
    data:
      - name: dhcp1
        address-pool: dhcp_pool0
        interface: vlan2
        lease-time: 30m
        comment: LAN
      - name: dhcp2
        address-pool: dhcp_pool1
        interface: bridge1
        lease-time: 30m
        comment: MGMT
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

- name: Configure DHCP networks
  community.routeros.api_modify:
    path: ip dhcp-server network
    data:
      - address: 192.168.0.0/24
        dns-server: 192.168.0.1
        gateway: 192.168.0.1
      - address: 192.168.255.0/24
        dns-none: true
        gateway: 192.168.255.10
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

# TODO: IPv6 pools are useful when we have dynamic prefix, but we don't
# We can remove it now
- name: Configure IPv6 pools
  community.routeros.api_modify:
    path: ipv6 pool
    data:
      - name: pool1
        prefix: 2001:470:61a3::/48
        prefix-length: 64
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

- name: Configure DNS
  community.routeros.api_find_and_modify:
    ignore_dynamic: false
    path: ip dns
    find: {}
    values:
      allow-remote-requests: true
      cache-size: 20480
      servers: 1.1.1.1,1.0.0.1,2606:4700:4700::1111,2606:4700:4700::1001

- name: Configure NAT-PMP global settings
  community.routeros.api_find_and_modify:
    ignore_dynamic: false
    path: ip nat-pmp
    find: {}
    values:
      enabled: true

- name: Configure NAT-PMP interfaces
  community.routeros.api_modify:
    path: ip nat-pmp interfaces
    data:
      - interface: dockers
        type: internal
      - interface: pppoe-gpon
        type: external
      - interface: vlan2
        type: internal
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

- name: Configure UPnP global settings
  community.routeros.api_find_and_modify:
    ignore_dynamic: false
    path: ip upnp
    find: {}
    values:
      enabled: true

- name: Configure UPnP interfaces
  community.routeros.api_modify:
    path: ip upnp interfaces
    data:
      - interface: dockers
        type: internal
      - interface: pppoe-gpon
        type: external
      - interface: vlan2
        type: internal
    handle_absent_entries: remove
    handle_entries_content: remove_as_much_as_possible
    ensure_order: true

- name: Configure IPv6 ND defaults
  community.routeros.api_find_and_modify:
    ignore_dynamic: false
    path: ipv6 nd
    find:
      default: true
    values:
      advertise-dns: true