From f755b3d22c1d5c36f33872282ac506efa2225fca Mon Sep 17 00:00:00 2001
From: Daniel Vijge <danielvijge@users.noreply.github.com>
Date: Fri, 13 Oct 2023 13:56:21 +0200
Subject: [PATCH 1/8] Option to configure VLAN

---
 config/network | 48 +++++++++++++++++++++++++++++-------------------
 config/system  |  2 +-
 2 files changed, 30 insertions(+), 20 deletions(-)

diff --git a/config/network b/config/network
index 0aa76b7..6a351e3 100644
--- a/config/network
+++ b/config/network
@@ -8,8 +8,12 @@ config interface 'loopback'
 config globals 'globals'
 	option ula_prefix '{{ ula_prefix }}'
 
-config device 'wan_eth0_2_dev'
+config device
+{% if vlans is defined %}
+	option name 'eth0.{{ vlans | community.general.json_query('[?wan].vid') | first }}'
+{% else %}
 	option name 'eth0.2'
+{% endif %}
 	option macaddr '{{ mac }}'
 
 config switch
@@ -32,11 +36,19 @@ config interface 'lan'
 	option ip6ifaceid '::{{ id }}'
 
 config interface 'wan'
-	option device 'eth0.300'
+{% if vlans is defined %}
+	option device 'eth0.{{ vlans | community.general.json_query('[?wan].vid') | first }}'
+{% else %}
+	option device 'eth0.2'
+{% endif %}
 	option proto 'dhcp'
 
 config interface 'wan6'
-	option device 'eth0.300'
+{% if vlans is defined %}
+	option device 'eth0.{{ vlans | community.general.json_query('[?wan].vid') | first }}'
+{% else %}
+	option device 'eth0.2'
+{% endif %}
 	option proto 'dhcpv6'
 	option reqaddress 'try'
 	option reqprefix 'auto'
@@ -47,26 +59,24 @@ config switch_vlan
 	option ports '0t 2 3 4 5'
 	option vid '1'
 
+{% if vlans is defined %}
+{% for vlan in vlans %}
 config switch_vlan
 	option device 'switch0'
-	option vlan '2'
-	option ports '0t 1t'
-	option vid '100'
-	option description 'Management'
-
-config switch_vlan
-	option device 'switch0'
-	option vlan '3'
-	option ports '0t 1t'
-	option vid '300'
-	option description 'Internet'
+	option vlan '{{ loop.index+1 }}'
+	option ports '{{ vlan.ports }}'
+	option vid '{{ vlan.vid }}'
+{% if vlan.name is defined %}
+	option description '{{ vlan.name }}'
+{% endif %}
 
+{% endfor %}
+{% else %}
 config switch_vlan
-	option device 'switch0'
-	option vlan '4'
-	option ports '0t 1t'
-	option vid '640'
-	option description 'Television'
+	option devide 'switch0'
+	option vlan '2'
+	option ports '0t 2 3 4 5'
+{% endif %}
 
 {% if ipv6_6to4 is defined %}
 config interface 'wan6to4'
diff --git a/config/system b/config/system
index db02915..19ddabf 100644
--- a/config/system
+++ b/config/system
@@ -22,7 +22,7 @@ config led
 	option default '0'
 {% if inventory_hostname in groups['routers'] %}
 	option trigger 'netdev'
-	option dev 'eth0.2'
+	option dev 'eth0'
 	list mode 'tx'
 	list mode 'rx'
 {% else %}

From 2a929f5c42229e085eb3f049b0fc50d40f3f1ca1 Mon Sep 17 00:00:00 2001
From: Daniel Vijge <danielvijge@users.noreply.github.com>
Date: Fri, 13 Oct 2023 13:56:51 +0200
Subject: [PATCH 2/8] Do not print newline during package list update

---
 bin/upgrade-all-packages | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/upgrade-all-packages b/bin/upgrade-all-packages
index 9526f0e..4f7a5b9 100644
--- a/bin/upgrade-all-packages
+++ b/bin/upgrade-all-packages
@@ -13,7 +13,7 @@ if [ $LATEST_RELEASE != $DISTRIB_RELEASE ]; then
 fi
 echo ""
 
-echo "Updating package list..."
+echo -n "Updating package list..."
 opkg update > /dev/null
 
 if [ `opkg list-upgradable | cut -d " " -f1 | wc -l` -gt 0 ]; then

From ca4fc708ce77963a9cddb3317ef21e3dac00f6e8 Mon Sep 17 00:00:00 2001
From: Daniel Vijge <danielvijge@users.noreply.github.com>
Date: Fri, 13 Oct 2023 13:58:39 +0200
Subject: [PATCH 3/8] Update readme for OpenWrt 23.05

---
 readme.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/readme.md b/readme.md
index 3476e93..e39ad9b 100644
--- a/readme.md
+++ b/readme.md
@@ -17,12 +17,12 @@ Besides a description of the setup, this repository also includes an
 Ansible playbook and inventory to centrally apply configuration changes
 to all devices and/or update the firmware version on all devices.
 
-This configuration and the Ansible playbook have been tested with OpenWrt 22.03, 21.02, and 19.07.
+This configuration and the Ansible playbook have been tested with OpenWrt 23.05, 22.03, 21.02, and 19.07.
 It has at least been tested on TP-Link Archer C7-v5 and TP-Link WDR4300 v1, but in theory any
 router supported by OpenWrt should work.
 
-The main branch is based on OpenWrt 22.03. The branches _openwrt-22.02_ and _openwrt-19.07_ contains
-the previous configurations for 22.02 and 19.07 respectively. A lot of improvements from later version
+The main branch is based on OpenWrt 23.05. The branches _openwrt-22.03_, _openwrt-21.02_ and _openwrt-19.07_ contains
+the previous configurations for 21.02 and 19.07 respectively. A lot of improvements from later version
 could be backported to older version, if desired.
 
 ## Table of content
@@ -57,8 +57,8 @@ things can be configured as desired.
 
 ### Packages
 
-* Remove the package _wpad-basic-wolfssl_.
-* Install the packages _wpad-wolfssl_ and _luci-app-dawn_.
+* Remove the package _wpad-basic-mbedtls.
+* Install the packages _wpad-mbedtls and _luci-app-dawn_.
 
 ### System
 
@@ -137,8 +137,8 @@ Each access point is configured in the same way.
 
 ### Packages
 
-* Remove the package _wpad-basic-wolfssl_.
-* Install the package _wpad-wolfssl_ and _dawn_.
+* Remove the package _wpad-basic-mbedtls_.
+* Install the package _wpad-mbedtls_ and _dawn_.
 
 ### System
 

From 9de18e9a21546d0f80e17163974bd388672d06be Mon Sep 17 00:00:00 2001
From: Daniel Vijge <danielvijge@users.noreply.github.com>
Date: Fri, 13 Oct 2023 14:22:37 +0200
Subject: [PATCH 4/8] Change wolfssl to mbedtls

---
 inventory-sample.yaml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/inventory-sample.yaml b/inventory-sample.yaml
index 17279c9..5b14cd7 100644
--- a/inventory-sample.yaml
+++ b/inventory-sample.yaml
@@ -97,14 +97,13 @@ openwrt:
     # installed is always common_packages_installed + packages_installed
     common_packages:
       install:
-        - wpad-wolfssl
-        - luci-ssl
+        - wpad-mbedtls
         - nano
         - fping
       # Packages that will be removed on all devices. Use `packages_removed`
       # to set packages on a group level that should be removed.
       remove:
-        - wpad-basic-wolfssl
+        - wpad-basic-mbedtls
     # Network address, this would allow address from 10.0.0.1 - 10.0.0.255
     network: 10.0.0.0/24
     # Local domain name

From 2a227fc18f44d42cf97e0bb00f34fe818de7b8ba Mon Sep 17 00:00:00 2001
From: Daniel Vijge <danielvijge@users.noreply.github.com>
Date: Fri, 13 Oct 2023 14:25:00 +0200
Subject: [PATCH 5/8] Add documentation for VLAN configuration

---
 inventory-sample.yaml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/inventory-sample.yaml b/inventory-sample.yaml
index 5b14cd7..e0bc904 100644
--- a/inventory-sample.yaml
+++ b/inventory-sample.yaml
@@ -205,3 +205,15 @@ openwrt:
     # retrieved.
     upnp:
       configure_with_external_ip: false
+    # Optional configuration for VLANs
+    # vlans:
+    #   - name: Management
+    #     vid: 100
+    #     ports: 0t 1t
+    #   - name: Internet
+    #     vid: 300
+    #     ports: 0t 1t
+    #     # for the main VLAN that connect to the WAN, set wan to true
+    #     wan: true
+    #   - name: Television
+    #     vid: 640

From 7899bbb9a0695111615019a74cb39c4e3986d2c9 Mon Sep 17 00:00:00 2001
From: Daniel Vijge <danielvijge@users.noreply.github.com>
Date: Fri, 13 Oct 2023 15:06:40 +0200
Subject: [PATCH 6/8] Print newline after package list has finished updating

---
 bin/upgrade-all-packages | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/upgrade-all-packages b/bin/upgrade-all-packages
index 4f7a5b9..d90f181 100644
--- a/bin/upgrade-all-packages
+++ b/bin/upgrade-all-packages
@@ -15,6 +15,7 @@ echo ""
 
 echo -n "Updating package list..."
 opkg update > /dev/null
+echo ""
 
 if [ `opkg list-upgradable | cut -d " " -f1 | wc -l` -gt 0 ]; then
   echo "Available updates:"

From b4559caaa4d8ccfa6caeed58080e6ed8e5cb2ced Mon Sep 17 00:00:00 2001
From: Daniel Vijge <danielvijge@users.noreply.github.com>
Date: Fri, 13 Oct 2023 15:14:37 +0200
Subject: [PATCH 7/8] Install community.general ansible collection for testing

---
 ansible-requirements.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ansible-requirements.yaml b/ansible-requirements.yaml
index 093cc3a..2034706 100644
--- a/ansible-requirements.yaml
+++ b/ansible-requirements.yaml
@@ -2,3 +2,4 @@ roles:
   - name: gekmihesg.openwrt
 collections:
   - name: ansible.utils
+  - name: community.general

From 3ec45f19525ac14f472ef49ca7d04b101676d8a7 Mon Sep 17 00:00:00 2001
From: Daniel Vijge <danielvijge@users.noreply.github.com>
Date: Fri, 13 Oct 2023 16:03:18 +0200
Subject: [PATCH 8/8] Change to newer Ansible GitHub action

Newer version of Ansible is required to download galaxy packages
---
 .github/workflows/test-configuration.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/test-configuration.yaml b/.github/workflows/test-configuration.yaml
index f2c7bc8..58fac27 100644
--- a/.github/workflows/test-configuration.yaml
+++ b/.github/workflows/test-configuration.yaml
@@ -12,7 +12,7 @@ jobs:
           persist-credentials: false
           fetch-depth: 0
       - name: Run Ansible Playbook
-        uses: arillso/action.playbook@master
+        uses: ansible-lockdown/action.playbook@main
         with:
           playbook: test_config_local.yaml
           inventory: inventory-sample.yaml