diff --git a/roles/inspircd/defaults/main.yml b/roles/inspircd/defaults/main.yml
new file mode 100644
index 0000000..43d8e88
--- /dev/null
+++ b/roles/inspircd/defaults/main.yml
@@ -0,0 +1,94 @@
+---
+
+inspircd_modules:
+  - argon2
+  - bcrypt
+  - botmode
+  - cap
+  - connflood
+  - ircv3
+  - ircv3_batch
+  - ircv3_capnotify
+  - ircv3_ctctags
+  - ircv3_labeledresponse
+  - ircv3_msgid
+  - ircv3_servertime
+  # - ircv3_sts
+  - messageflood
+  - password_hash
+  - pbkdf2
+  - sha356
+  - sasl
+  - showfile
+  - sslmodes
+  - sslrehashsignal
+  - ssl_gnutls
+  - spanningtree
+  - userip
+  - watch
+
+inspircd_server_hostname: "{{ inventory_hostname }}"
+inspircd_server_description: "{{ inventory_hostname }}"
+inspircd_server_id: null
+inspircd_server_network: "{{ inventory_hostname }}"
+
+inspircd_admin_name: null
+inspircd_admin_nick: admin
+inspircd_admin_email: noreply@example.com
+
+inspircd_gnutls_profiles: {}
+
+inspircd_bind:
+  - address: "::1"
+    port: 6667
+
+inspircd_autoconnect: []
+inspircd_links: []
+
+inspircd_oper_classes:
+  Shutdown:
+    commands: [DIE, RESTART, REHASH, LOADMODULE, UNLOADMODULE, RELOADMODULE, GLOADMODULE, GUNLOADMODULE, GRELOADMODULE]
+    privs: [users/auspex, channels/auspex, servers/auspex, users/mass-message]
+    usermodes: "*"
+    chanmodes: "*"
+    snomasks: "*"
+  SACommands:
+    commands: [SAJOIN, SAPART, SANICK, SAQUIT, SATOPIC, SAKICK, SAMODE, OJOIN]
+  ServerLink:
+    commands: [CONNECT, SQUIT, RCONNECT, RSQUIT, MKPASSWD, ALLTIME, SWHOIS, LOCKSERV, UNLOCKSER]
+    privs: [servers/auspex]
+    usermodes: "*"
+    chanmodes: "*"
+    snomasks: "Cc"
+  BanControl:
+    commands: [KILL, GLINE, KLINE, ZLINE, QLINE, ELINE, TLINE, RLINE, CHECK, NICKLOCK, NICKUNLOCK, SHUN, CLONES, CBAN]
+    usermodes: "*"
+    chanmodes: "*"
+    snomasks: "Xx"
+  OperChat:
+    commands: [WALLOPS, GLOBOPS]
+    privs: [users/mass-message]
+    usermodes: "*"
+    chanmodes: "*"
+    snomasks: "Gg"
+  HostCloak:
+    commands: [SETHOST SETIDENT SETIDLE CHGNAME CHGHOST CHGIDENT]
+    privs: [users/auspex]
+    usermodes: "*"
+    chanmodes: "*"
+
+inspircd_oper_types:
+  NetAdmin:
+    classes:
+      - SACommands
+      - OperChat
+      - BanControl
+      - HostCloak
+      - Shutdown
+      - ServerLink
+    modes: "+s +cCqQ"
+
+inspircd_opers: {}
+
+
+inspircd_additional_config: ""
diff --git a/roles/inspircd/tasks/config.yml b/roles/inspircd/tasks/config.yml
index ed97d53..5f48166 100644
--- a/roles/inspircd/tasks/config.yml
+++ b/roles/inspircd/tasks/config.yml
@@ -1 +1,20 @@
 ---
+
+- name: generate /etc/inspircd/spanningtree.pw
+  set_fact:
+    inspircd_link_sendpass: "{{ lookup('password', '/etc/inspircd/spanningtree.pw') }}"
+
+- name: render /etc/inspircd/inspircd.conf
+  template:
+    src: etc/inspircd/inspircd.conf.2
+    dest: /etc/inspircd/inspircd.conf
+    owner: root
+    group: root
+    mode: 0644
+  notify: reload inspircd
+
+- name: start and enable inspircd
+  service:
+    name: inspircd
+    state: started
+    enabled: yes
diff --git a/roles/inspircd/tasks/install.yml b/roles/inspircd/tasks/install.yml
index 7224286..a07eccc 100644
--- a/roles/inspircd/tasks/install.yml
+++ b/roles/inspircd/tasks/install.yml
@@ -11,9 +11,3 @@
 - name: install inspircd
   package:
     name: inspircd
-
-- name: start and enable inspircd
-  service:
-    name: inspircd
-    state: started
-    enabled: yes
diff --git a/roles/inspircd/templates/etc/inspircd/inspircd.conf.2 b/roles/inspircd/templates/etc/inspircd/inspircd.conf.2
new file mode 100644
index 0000000..ec7c05d
--- /dev/null
+++ b/roles/inspircd/templates/etc/inspircd/inspircd.conf.2
@@ -0,0 +1,158 @@
+{{ ansible_managed | comment }}
+
+<config format="xml">
+
+#
+#  MODULES
+#
+
+{% for module in inspircd_modules %}
+<module name="{{ module }}">
+{% endfor %}
+{% for module in inspircd_modules_additional %}
+<module name="{{ module }}">
+{% endfor %}
+
+#
+#  SERVER METADATA
+#
+
+<server
+    name="{{ inspircd_server_hostname }}"
+{% if inspircd_server_id != null %}
+    id="{{ inspircd_server_id }}"
+{% endif %}
+    description="{{ inspircd_server_description }}"
+    network="{{ inspircd_server_network }}">
+
+<admin
+{% if inspircd_admin_name != null %}
+    name="{{ inspircd_admin_name }}"
+{% endif %}
+    nick="{{ inspircd_admin_nick }}"
+    email="{{ inspircd_admin_email }}">
+
+{% if 'ssl_gnutls' in inspircd_modules + inspircd_modules_additional %}
+#
+#  TLS CONFIG
+#
+
+{% for name, profile in inspircd_gnutls_profiles.items() %}
+<sslprofile
+    name="{{ name }}"
+    provider="gnutls"
+    {% if 'cafile' in profile %}cafile="{{ profile.cafile }}"{% endif %}
+    {% if 'certfile' in profile %}certfile="{{ profile.certfile }}"{% endif %}
+    {% if 'crlfile' in profile %}crlfile="{{ profile.crlfile }}"{% endif %}
+    {% if 'dhfile' in profile %}dhfile="{{ profile.dhfile }}"{% endif %}
+    {% if 'hash' in profile %}hash="{{ profile.hash }}"{% endif %}
+    {% if 'cafile' in profile %}cafile="{{ profile.cafile }}"{% endif %}
+    {% if 'keyfile' in profile %}keyfile="{{ profile.keyfile }}"{% endif %}
+    {% if 'mindhbits' in profile %}mindhbits="{{ profile.mindhbits }}"{% endif %}
+    {% if 'outrecsize' in profile %}outrecsize="{{ profile.outrecsize }}"{% endif %}
+    {% if 'priority' in profile %}priority="{{ profile.priority }}"{% endif %}
+    {% if 'requestclientcert' in profile %}requestclientcert="{{ profile.requestclientcert | ternary('yes', 'no') }}"{% endif %}
+    {% if 'strictpriority' in profile %}strictpriority="{{ profile.strictpriority | ternary('yes', 'no') }}"{% endif %}>
+
+{% endfor %}
+{% endif %}{# ssl_gnutls in modules #}
+
+#
+#  SERVER ENDPOINTS
+#
+
+{% for bind in inspircd_bind %}
+<bind
+    {% if 'address' in bind %}address="{{ bind.address }}"{% endif %}
+    {% if 'port' in bind %}port="{{ bind.port }}"{% endif %}
+    {% if 'defer' in bind %}defer="{{ bind.defer }}"{% endif %}
+    {% if 'free' in bind %}free="{{ bind.free | ternary('yes', 'no') }}"{% endif %}
+    {% if 'path' in bind %}path="{{ path.cafile }}"{% endif %}
+    {% if 'permissions' in bind %}permissions="{{ bind.permissions }}"{% endif %}
+    {% if 'replace' in bind %}replace="{{ bind.replace | ternary('yes', 'no') }}"{% endif %}
+    {% if 'type' in bind %}type="{{ bind.type }}"{% endif %}
+    {% if 'ssl' in bind %}ssl="{{ bind.ssl }}"{% endif %}>
+
+{% endfor %}
+
+{% if 'spanningtree' in inspircd_modules + inspircd_modules_additional %}
+#
+#  IRC NETWORK
+#
+
+{% for ac in inspircd_autoconnect %}
+<autoconnect
+    {% if 'period' in ac %}period="{{ ac.period }}"{% endif %}
+    server="{{ ac.servers | join('') }}">
+
+{% endfor %}
+
+{% for name, link in inspircd_links.items() %}
+<link
+    name="{{ name }}"
+    ipaddr="{{ link.ipaddr }}"
+    allowmask="{{ link.allowcidr | join(' ') }}"
+    sendpass="{{ inspircd_link_sendpass }}"
+    {% if link.recvpass is defined %}
+    recvpass="{{ link.recvpass }}"
+    {% else %}
+    recvpass="{{ hostvars[link.ansible_inventory_name|default(name)].inspircd_link_sendpass }}"
+    {% endif %}
+    {% if 'bind' in link %}bind="{{ link.bind }}"{% endif %}
+    {% if 'fingerprint' in link %}fingerprint="{{ link.fingerprint }}"{% endif %}
+    {% if 'hidden' in link %}hidden="{{ link.hidden | ternary('yes', 'no') }}"{% endif %}
+    {% if 'port' in link %}port="{{ link.port }}"{% endif %}
+    {% if 'ssl' in link %}ssl="{{ link.ssl }}"{% endif %}
+    {% if 'statshidden' in link %}statshidden="{{ link.statshidden | ternary('yes', 'no') }}"{% endif %}
+    {% if 'timeout' in link %}timeout="{{ link.timeout }}"{% endif %}>
+{% endfor %}
+
+{% for uline in inspircd_ulines %}
+<uline
+    server="{{ uline.server }}"
+    {% if 'silent' in uline %}silent="{{ uline.silent | ternary('yes', 'no') }}"{% endif %}>
+{% endfor %}
+{% endif %}
+
+
+#
+#  OPERS
+#
+
+{% for name, cls in inspircd_oper_classes.items() %}
+<class
+    name="{{ name }}"
+    {% if 'commands' in cls %}commands="{{ cls.commands | join(' ') }}"{% endif %}
+    {% if 'privs' in cls %}privs="{{ cls.privs | join(' ') }}"{% endif %}
+    {% if 'chanmodes' in cls %}chanmodes="{{ cls.chanmodes }}"{% endif %}
+    {% if 'usermodes' in cls %}usermodes="{{ cls.usermodes }}"{% endif %}
+    {% if 'snomasks' in cls %}snomasks="{{ cls.snomasks }}"{% endif %}>
+    
+{% endfor %}
+
+{% for name, type in inspircd_oper_types.items() %}
+<type
+    name="{{ name }}"
+    {% if 'class' in type %}class="{{ cls.class }}"{% endif %}
+    {% if 'classes' in type %}classes="{{ type.classes | join(' ') }}"{% endif %}
+    {% if 'vhost' in type %}vhost="{{ type.vhost }}"{% endif %}
+    
+{% endfor %}
+
+{% for name, oper in inspircd_opers.items() %}
+<oper
+    name="{{ name }}"
+    host="{{ oper.host }}"
+    password="{{ oper.password }}"
+    type="{{ oper.type }}"
+    {% if 'class' in oper %}class="{{ oper.class }}"{% endif %}
+    {% if 'hash' in oper %}hash="{{ hash.class }}"{% endif %}
+    {% if 'vhost' in oper %}vhost="{{ vhost.class }}"{% endif %}>
+
+{% endfor %}
+
+#
+#  ADDITIONAL CONFIG
+#
+
+{{ inspircd_additional_config }}
\ No newline at end of file