From 1269427fb25c6b3820550cd370ae4a52d673b483 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Wed, 18 Jun 2025 23:12:09 +0000
Subject: [PATCH] Use ipaddr filter instead of string manipulation

---
 group_vars/dnagw.yml                        | 25 ++++++++-------------
 roles/dhcpd/templates/dhcpd.conf.j2         | 10 ++++-----
 roles/unbound/templates/unbound.conf.dna.j2 | 14 ++++++------
 3 files changed, 21 insertions(+), 28 deletions(-)

diff --git a/group_vars/dnagw.yml b/group_vars/dnagw.yml
index 36e764b..1434d5a 100644
--- a/group_vars/dnagw.yml
+++ b/group_vars/dnagw.yml
@@ -2,38 +2,31 @@
 # increase memory size
 mem_size: 512
 
-intnet_netmask: "{{ network_interfaces[0].netmask }}"
-intnet_prefix: >-
-  {% set ip = network_interfaces[0].ipaddr.split('.') -%}
-  {% if intnet_netmask == '255.255.252.0' -%}
-  {{ [ ip[0], ip[1], ip[2] | int - 1 ] | join('.') -}}
-  {% else -%}
-  {{ [ ip[0], ip[1], ip[2] ] | join('.') -}}
-  {% endif -%}
+intnet: "{{ network_interfaces[0].ipaddr + '/' + network_interfaces[0].netmask }}"
 
 network_vip_interfaces:
   - device: vio0
     vhid: 1
-    ipaddr: "{{ intnet_prefix }}.1"
-    netmask: "{{ intnet_netmask }}"
+    ipaddr: "{{ intnet | ansible.utils.ipaddr(1) | ansible.utils.ipaddr('address') }}"
+    netmask: "{{ intnet | ansible.utils.ipaddr('netmask') }}"
     pass: "{{ vip1_pass }}"
     priority: 120
   - device: vio0
     vhid: 10
-    ipaddr: "{{ intnet_prefix }}.10"
-    netmask: "{{ intnet_netmask }}"
+    ipaddr: "{{ intnet | ansible.utils.ipaddr(10) | ansible.utils.ipaddr('address') }}"
+    netmask: "{{ intnet | ansible.utils.ipaddr('netmask') }}"
     pass: "{{ vip10_pass }}"
     priority: 120
   - device: vio0
     vhid: 11
-    ipaddr: "{{ intnet_prefix }}.11"
-    netmask: "{{ intnet_netmask }}"
+    ipaddr: "{{ intnet | ansible.utils.ipaddr(11) | ansible.utils.ipaddr('address') }}"
+    netmask: "{{ intnet | ansible.utils.ipaddr('netmask') }}"
     pass: "{{ vip11_pass }}"
     priority: "{{ vip11_priority }}"
   - device: vio0
     vhid: 12
-    ipaddr: "{{ intnet_prefix }}.12"
-    netmask: "{{ intnet_netmask }}"
+    ipaddr: "{{ intnet | ansible.utils.ipaddr(12) | ansible.utils.ipaddr('address') }}"
+    netmask: "{{ intnet | ansible.utils.ipaddr('netmask') }}"
     pass: "{{ vip12_pass }}"
     priority: "{{ vip12_priority }}"
 network_ether_interfaces:
diff --git a/roles/dhcpd/templates/dhcpd.conf.j2 b/roles/dhcpd/templates/dhcpd.conf.j2
index 79bb885..45dd165 100644
--- a/roles/dhcpd/templates/dhcpd.conf.j2
+++ b/roles/dhcpd/templates/dhcpd.conf.j2
@@ -35,15 +35,15 @@ class "PXEClient" {
     }
 }
 
-subnet {{ intnet_prefix }}.0 netmask {{ intnet_netmask }} {
+subnet {{ intnet | ansible.utils.ipaddr('network') }} netmask {{ intnet | ansible.utils.ipaddr('netmask') }} {
     default-lease-time 86400;
     max-lease-time 604800;
-    option subnet-mask {{ intnet_netmask }};
-    #option broadcast-address 172.20.23.255;
-    option routers {{ intnet_prefix }}.1;
+    option subnet-mask {{ intnet | ansible.utils.ipaddr('netmask') }};
+    option broadcast-address {{ intnet | ansible.utils.ipaddr('broadcast') }};
+    option routers {{ intnet | ansible.utils.ipaddr(1) | ansible.utils.ipaddr('address')}};
 
     option domain-name "{{ inventory_hostname.split('.')[1] }}.foo.sh";
-    option domain-name-servers {{ intnet_prefix }}.10, {{ intnet_prefix }}.11, {{ intnet_prefix }}.12;
+    option domain-name-servers {{ intnet | ansible.utils.ipaddr(10) | ansible.utils.ipaddr('address') }}, {{ intnet | ansible.utils.ipaddr(11) | ansible.utils.ipaddr('address') }}, {{ intnet | ansible.utils.ipaddr(12) | ansible.utils.ipaddr('address') }};
     use-host-decl-names on;
 }
 
diff --git a/roles/unbound/templates/unbound.conf.dna.j2 b/roles/unbound/templates/unbound.conf.dna.j2
index d8928fb..7d49662 100644
--- a/roles/unbound/templates/unbound.conf.dna.j2
+++ b/roles/unbound/templates/unbound.conf.dna.j2
@@ -8,12 +8,12 @@ server:
 
     outgoing-range: {{ ( 1024 / ansible_processor_cores | int - 50 ) | int }}
 
-    interface: {{ intnet_prefix }}.10@53
-    interface: {{ intnet_prefix }}.10@853
-    interface: {{ intnet_prefix }}.11@53
-    interface: {{ intnet_prefix }}.11@853
-    interface: {{ intnet_prefix }}.12@53
-    interface: {{ intnet_prefix }}.12@853
+    interface: {{ intnet | ansible.utils.ipaddr(10) | ansible.utils.ipaddr('address') }}@53
+    interface: {{ intnet | ansible.utils.ipaddr(10) | ansible.utils.ipaddr('address') }}@853
+    interface: {{ intnet | ansible.utils.ipaddr(11) | ansible.utils.ipaddr('address') }}@53
+    interface: {{ intnet | ansible.utils.ipaddr(11) | ansible.utils.ipaddr('address') }}@853
+    interface: {{ intnet | ansible.utils.ipaddr(12) | ansible.utils.ipaddr('address') }}@53
+    interface: {{ intnet | ansible.utils.ipaddr(12) | ansible.utils.ipaddr('address') }}@853
 
     tls-service-key: {{ tls_private }}/dns.{{ inventory_hostname.split('.')[1] }}.foo.sh.key
     tls-service-pem: {{ tls_certs }}/dns.{{ inventory_hostname.split('.')[1] }}.foo.sh.crt
@@ -21,7 +21,7 @@ server:
 
     access-control: 127.0.0.0/8 allow
     access-control: ::1 allow
-    access-control: {{ intnet_prefix }}.0/{{ (intnet_prefix + '.0/' + intnet_netmask) | ansible.utils.ipaddr('prefix') }} allow
+    access-control: {{ intnet | ansible.utils.ipaddr(0) }} allow
 
     extended-statistics: yes
     verbosity: 1