diff --git a/1-terraform.yml b/1-terraform.yml
index edd8da4..6c16442 100644
--- a/1-terraform.yml
+++ b/1-terraform.yml
@@ -2,23 +2,28 @@
 - hosts: terraform-master.e2m
   remote_user: hybris
 
-##########################################
-###### DEFINE YOUR MACHINES HERE
+  roles:
+    - terraform
+
   vars:
     # libvirt host vars
-    libvirt_host: [2001:470:6d:22c:1::1]
+    libvirt_host: 2001:470:6d:22c:1::1
     libvirt_storage_pool: kubernetes
     libvirt_network_bridge: home-lan
 
+    # network vars
+    network_domain: e2m
+    network_default_gw: 2001:470:6d:22c::1
+    network_dns: 2001:470:6d:22c::1
+
     # ansible user vars
-    # python -c 'import crypt; print crypt.crypt("This is my Password", "$1$SomeSalt$")'
-    remote_user_pass: $1$tG6Uv4$BPCIRF6RFuLrJ.lQO1GB8.
     remote_user_ssh_pubkey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDXh0iMMtbTEhRSgIbgCunAuE+Q1iKycRVRBYWDCQ45xE8nHsg7K98fdv6LqQwkTqlojEHKp2/TPawk8V6w3MTgOHXi/WO9FyvhMjUcfdxTvny1z3Pj1j0NglKjyQ3t30snwOBYJiC2qDDtvRYNJs+Re/aSdVbygOHMf0UqCyP8DL7Tcj5sNPgnleEC7jE+YNbyDJo2KtNFXy3+AMbwa742D5Ygi5FqaBO090gVQfb3hbnZLw9CNSK7vjo7k5hJo8d1kcPDth1Vo12IDejL8Al3ArfGSy5IqYXs8Stj4YVRW+78AOpQZiInCaFybqjsGG+5tezrXHrxhjJPHuSCuXk9vxkcUk7aC5eSDqoCP7RTB+iQCPJ1ZvkVbaebExZGgHpD9t2Xo2bd/3BRagIxPTzKo9q4+qCCClhWR4iUSOr/YKAZBFDdoVWg2IMqbUHzvHX7TE7I8hbAdg6CpgwBoJm8OWmfjkDU6aYnF8z9l36VV7xjvvuYbOrhpCJ9LGFSfmG3wswo8OH4XyRSHd3y7qrSYIGujtymrzozXo2MrMU3Rj2bW5MIEZSxleIVje4PHWOfZwwn3hwvqM/nyknzfNwPCidTsP3Q2FwfBtZYo1cIXH41bzjs4Bxb8+KJqwTcerzB1pT4qsoPnoYW0fnZE7NHVNhfNx53LdctclFerHTLMw== hybris@sparks
 
     ## does this make sense??
     source_cloud_image_name: CentOS-7-x86_64-GenericCloud.qcow2
-    source_cloud_image_url: https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1503.qcow2
+    source_cloud_image_url: "https://cloud.centos.org/centos/7/images/{{ source_cloud_image_name }}"
 
+    # TODO: import hosts from a specific host group of the inventory instead of listing them here again
     kubernetes:
       - hostname: k8s-master
         ipv6: 2001:470:6d:22c:42::1
@@ -45,54 +50,3 @@
         mac_address: 52:54:00:b2:2f:86
         memory: 5072
         vcpu: 2
-######
-##########################################
-
-  tasks:
-
-  - name: download qcow2 cloud image
-    uri:
-      url: {{ source_cloud_image_url }}
-      dest: /home/{{ remote_user }}/terraform/{{ source_cloud_image_name }}
-
-  - name: create vm definitions
-    template: 
-      src: "roles/terraform/files/cloud-init.tf.j2"
-      dest: "/home/{{ remote_user }}/terraform/{{ item.hostname }}.tf"
-      owner: {{ remote_user }}
-      group: {{ remote_user }}
-    with_items: "{{ kubernetes }}"
-
-  - name: create cloud-init config
-    template: 
-      src: "roles/terraform/files/cloud-init.cfg.j2"
-      dest: "/home/{{ remote_user }}/terraform/{{ item.hostname }}.cloud_init.cfg"
-      owner: {{ remote_user }}
-      group: {{ remote_user }}
-    with_items: "{{ kubernetes }}"
-
-  - name: create libvirt_provider config
-    copy: 
-      src: roles/terraform/files/libvirt_provider.tf
-      dest: /home/{{ remote_user }}/terraform/libvirt_provider.tf
-
-  - name: delete statefile if it exists
-    file:
-      path: /home/{{ remote_user }}/terraform/terraform.tfstate
-      state: absent
-
-  - name: initialize terraform
-    shell: terraform init
-    args:
-      chdir: /home/{{ remote_user }}/terraform
-
-  - name: plan terraform
-    shell: terraform plan -out=cloud-init-plan
-    args:
-      chdir: /home/{{ remote_user }}/terraform
-
-  - name: apply terraform
-    shell: terraform apply "cloud-init-plan"
-    args:
-      chdir: /home/{{ remote_user }}/terraform
-[]
\ No newline at end of file
diff --git a/3-kubeadm-init.yml b/3-kubeadm-init.yml
index cf0fc7a..270c6f0 100644
--- a/3-kubeadm-init.yml
+++ b/3-kubeadm-init.yml
@@ -1,11 +1,11 @@
 ---
-- hosts: k8s-nodes
+- hosts: k8s-masters
   remote_user: hybris
   become: yes
 
   tasks:
     - name: initialize kubernetes master
-      shell: kubeadm init --apiserver-advertise-address=2001:470:6d:22c:42::1 --pod-network-cidr=2001:470:6d:22c:42::/80
+      shell: kubeadm init --apiserver-advertise-address=2001:470:6d:22c:42::1 --pod-network-cidr=2001:470:6d:22c::/64
       delegate_to: k8s-master.e2m
       run_once: yes
 
@@ -33,4 +33,5 @@
 
     - name: join nodes to cluster
       shell: kubeadm join [2001:470:6d:22c:42::1]:6443 --token {{ k8s_token }} --discovery-token-ca-cert-hash sha256:{{ k8s_ca_cert_hash }}
-      delegate_to: k8s-nodes
\ No newline at end of file
+      delegate_to: "{{ item }}"
+      with_items: "{{ k8s-nodes }}"
\ No newline at end of file
diff --git a/roles/terraform/files/cloud-init-network.cfg.j2 b/roles/terraform/files/cloud-init-network.cfg.j2
new file mode 100644
index 0000000..0072a6e
--- /dev/null
+++ b/roles/terraform/files/cloud-init-network.cfg.j2
@@ -0,0 +1,14 @@
+version: 1
+config:
+    - type: physical
+      name: eth0
+      mac_address: {{ item.mac_address }}
+      subnets:
+      - type: static
+        address: {{ item.ipv6 }}/64
+        gateway: {{ network_default_gw }}
+    - type: nameserver
+      address:
+      - {{ network_dns }}
+      search:
+      - {{ network_domain }}
\ No newline at end of file
diff --git a/roles/terraform/files/cloud-init.cfg.j2 b/roles/terraform/files/cloud-init.cfg.j2
index ea290a0..99647c2 100644
--- a/roles/terraform/files/cloud-init.cfg.j2
+++ b/roles/terraform/files/cloud-init.cfg.j2
@@ -1,20 +1,19 @@
 #cloud-config
 users:
-  - name: {{ remote_user }}
+  - name: {{ ansible_ssh_user }}
     lock-passwd: false
-    passwd: {{ remote_user_pass }}
     sudo: ALL=(ALL) NOPASSWD:ALL
     ssh_authorized_keys:
       - {{ remote_user_ssh_pubkey }}
 write_files:
--   content: |
-        #!/bin/bash
-        # inet6_addr=$(ip a s | grep "inet6 2001:470:6d:22c:" | awk '{print substr($2,0)}')
-        sudo hostnamectl set-hostname {{ item.hostname }}
-        sudo ip -6 addr add {{ item.ipv6 }}/64 dev eth0
-        sudo chown -R {{ remote_user }}:{{ remote_user }} /home/{{ remote_user }}
-    path: /home/{{ remote_user }}/cloud-init.sh
-    owner: {{ remote_user }}:{{ remote_user }}
+  - content: |
+      #!/bin/bash
+      # inet6_addr=$(ip a s | grep "inet6 2001:470:6d:22c:" | awk '{print substr($2,0)}')
+      sudo hostnamectl set-hostname {{ item.hostname }}
+      #sudo ip -6 addr add {{ item.ipv6 }}/64 dev eth0
+      sudo chown -R {{ ansible_ssh_user }}:{{ ansible_ssh_user }} /home/{{ ansible_ssh_user }}
+    path: /home/{{ ansible_ssh_user }}/cloud-init.sh
+    owner: {{ ansible_ssh_user }}:{{ ansible_ssh_user }}
     permissions: '0744'
 runcmd:
- - [ '/home/{{ remote_user }}/cloud-init.sh' ]
+  - [ '/home/{{ ansible_ssh_user }}/cloud-init.sh' ]
diff --git a/roles/terraform/files/cloud-init.tf.j2 b/roles/terraform/files/cloud-init.tf.j2
index 107871f..149d09b 100644
--- a/roles/terraform/files/cloud-init.tf.j2
+++ b/roles/terraform/files/cloud-init.tf.j2
@@ -1,20 +1,3 @@
-resource "libvirt_cloudinit_disk" "cloud-init-{{ item.hostname }}" {
-  name      = "cloud-init-{{ item.hostname }}.iso"
-  pool      = "{{ libvirt_storage_pool }}"
-  user_data = "${data.template_file.user-data-{{ item.hostname }}.rendered}"
-}
-
-data "template_file" "user-data-{{ item.hostname }}" {
-  template = "${file("${path.module}/{{ item.hostname }}.cloud_init.cfg")}"
-}
-
-resource "libvirt_volume" "{{ item.hostname }}" {
-  name     = "{{ item.hostname }}"
-  source   = "{{ source_cloud_image_name }}"
-  pool     = "{{ libvirt_storage_pool }}"
-  format   = "qcow2"
-}
-
 resource "libvirt_domain" "domain-{{ item.hostname }}" {
   name   = "{{ item.hostname }}"
   memory = "{{ item.memory }}"
@@ -22,18 +5,6 @@ resource "libvirt_domain" "domain-{{ item.hostname }}" {
 
   cloudinit = "${libvirt_cloudinit_disk.cloud-init-{{ item.hostname }}.id}"
 
-  console {
-    type        = "pty"
-    target_port = "0"
-    target_type = "serial"
-  }
-
-  console {
-      type        = "pty"
-      target_type = "virtio"
-      target_port = "1"
-  }
-
   network_interface {
     bridge = "{{ libvirt_network_bridge }}"
     mac    = "{{ item.mac_address }}"
@@ -52,4 +23,27 @@ resource "libvirt_domain" "domain-{{ item.hostname }}" {
     listen_type = "address"
     autoport    = true
   }
-}
\ No newline at end of file
+}
+
+resource "libvirt_volume" "{{ item.hostname }}" {
+  name     = "{{ item.hostname }}"
+  source   = "{{ source_cloud_image_name }}"
+  pool     = "{{ libvirt_storage_pool }}"
+  format   = "qcow2"
+}
+
+resource "libvirt_cloudinit_disk" "cloud-init-{{ item.hostname }}" {
+  name           = "cloud-init-{{ item.hostname }}.iso"
+  pool           = "{{ libvirt_storage_pool }}"
+  user_data      = "${data.template_file.user-data-{{ item.hostname }}.rendered}"
+  network_config = "${data.template_file.network-config-{{ item.hostname }}.rendered}"
+}
+
+data "template_file" "user-data-{{ item.hostname }}" {
+  template = "${file("${path.module}/{{ item.hostname }}.cloud_init.cfg")}"
+}
+
+data "template_file" "network-config-{{ item.hostname }}" {
+  template = "${file("${path.module}/{{ item.hostname }}.cloud_init_network.cfg")}"
+}
+
diff --git a/roles/terraform/tasks/main.yml b/roles/terraform/tasks/main.yml
index 717b8ba..2c2675f 100644
--- a/roles/terraform/tasks/main.yml
+++ b/roles/terraform/tasks/main.yml
@@ -8,6 +8,7 @@
     - absent
     - directory
 
+# TODO: make it actually download the image, lol (module:uri)
 - name: "download qcow2 cloud image"
   copy:
     src: "/home/{{ ansible_ssh_user }}/images/{{ source_cloud_image_name }}"