diff --git a/ansible/roles/hypervisor_qcow/defaults/main.yaml b/ansible/roles/hypervisor/defaults/main.yaml
similarity index 58%
rename from ansible/roles/hypervisor_qcow/defaults/main.yaml
rename to ansible/roles/hypervisor/defaults/main.yaml
index cda758f..0787198 100644
--- a/ansible/roles/hypervisor_qcow/defaults/main.yaml
+++ b/ansible/roles/hypervisor/defaults/main.yaml
@@ -9,4 +9,8 @@ libvirt_packages:
 
 hypervisor:
   storage: dir
-  device: /dev/sda
\ No newline at end of file
+  device: /dev/sda
+  datasets:
+    - name: tank/vhds
+      compression: lz4
+      encryption: 'off'
\ No newline at end of file
diff --git a/ansible/roles/hypervisor_qcow/tasks/libvirt_dir.yaml b/ansible/roles/hypervisor/tasks/libvirt_dir.yaml
similarity index 57%
rename from ansible/roles/hypervisor_qcow/tasks/libvirt_dir.yaml
rename to ansible/roles/hypervisor/tasks/libvirt_dir.yaml
index c9774f8..c563323 100644
--- a/ansible/roles/hypervisor_qcow/tasks/libvirt_dir.yaml
+++ b/ansible/roles/hypervisor/tasks/libvirt_dir.yaml
@@ -5,7 +5,7 @@
     - hypervisor.device not in (ansible_mounts | json_query('[?mount == `/`].device'))
     - hypervisor.device not in (ansible_mounts | json_query('[?mount == `/var/lib/libvirt`].device'))
   ansible.builtin.include_tasks:
-    file: libvirt_mount.yaml
+    file: libvirt_dir_mount.yaml
 
 - name: Create the libvirt storage directories
   ansible.builtin.file:
@@ -16,46 +16,27 @@
     mode: '0775'
   loop:
     - /var/lib/libvirt/vhds/
-    - /var/lib/libvirt/isos/
-    - /var/lib/libvirt/nvram/
 
-- name: Remove the default libvirt storage pool
-  community.libvirt.virt_pool:
-    name: default
-    state: deleted
-
-- name: Get libvirt storage pool facts
-  community.libvirt.virt_pool:
-    command: facts
-
-- name: Define the libvirt storage pools
+- name: Define additional libvirt storage pools
   community.libvirt.virt_pool:
     name: "{{ item.name }}"
     command: define
-    xml: "{{ lookup('template', 'dir_pool.xml.j2') }}"
+    xml: "{{ lookup('template', 'dir_libvirt_pool.xml.j2') }}"
   loop:
     - name: vhds
       path: /var/lib/libvirt/vhds/
-    - name: isos
-      path: /var/lib/libvirt/isos/
-    - name: nvram
-      path: /var/lib/libvirt/nvram/
 
-- name: Create the libvirt storage pools
+- name: Create additional libvirt storage pools
   community.libvirt.virt_pool:
     name: "{{ item }}"
     command: build
   loop:
     - vhds
-    - isos
-    - nvram
 
-- name: Start the libvirt storage pools
+- name: Start additional libvirt storage pools
   community.libvirt.virt_pool:
     name: "{{ item }}"
     state: active
     autostart: true
   loop:
     - vhds
-    - isos
-    - nvram
diff --git a/ansible/roles/hypervisor_qcow/tasks/libvirt_mount.yaml b/ansible/roles/hypervisor/tasks/libvirt_dir_mount.yaml
similarity index 100%
rename from ansible/roles/hypervisor_qcow/tasks/libvirt_mount.yaml
rename to ansible/roles/hypervisor/tasks/libvirt_dir_mount.yaml
diff --git a/ansible/roles/hypervisor/tasks/libvirt_zfs.yaml b/ansible/roles/hypervisor/tasks/libvirt_zfs.yaml
new file mode 100644
index 0000000..245da7c
--- /dev/null
+++ b/ansible/roles/hypervisor/tasks/libvirt_zfs.yaml
@@ -0,0 +1,40 @@
+---
+
+- name: Create libvirt zfs dataset(s)
+  community.general.zfs:
+    name: "{{ item.name }}"
+    state: present
+    extra_zfs_properties: # TODO fix property values
+      canmount: false
+      mountpoint: none
+      compression: false
+      primarycache: metadata
+      secondarycache: none
+      reservation: none
+      refreservation: none
+      dedup: false
+      encryption: "{{ item.encryption | default('off') }}"
+      volmode: dev
+      devices: false
+      atime: false
+  loop: "{{ hypervisor.datasets }}"
+
+- name: Define additional libvirt storage pools
+  community.libvirt.virt_pool:
+    name: "{{ item.name | split('/') | last }}"
+    command: define
+    xml: "{{ lookup('template', 'zfs_libvirt_pool.xml.j2') }}"
+  loop: "{{ hypervisor.datasets }}"
+
+- name: Create additional libvirt storage pools
+  community.libvirt.virt_pool:
+    name: "{{ item.name | split('/') | last }}"
+    command: build
+  loop: "{{ hypervisor.datasets }}"
+
+- name: Start additional libvirt storage pools
+  community.libvirt.virt_pool:
+    name: "{{ item.name | split('/') | last }}"
+    state: active
+    autostart: true
+  loop: "{{ hypervisor.datasets }}"
diff --git a/ansible/roles/hypervisor/tasks/main.yaml b/ansible/roles/hypervisor/tasks/main.yaml
new file mode 100644
index 0000000..1c9826b
--- /dev/null
+++ b/ansible/roles/hypervisor/tasks/main.yaml
@@ -0,0 +1,122 @@
+---
+
+- name: Install libvirt packages (Arch)
+  when: ansible_os_distribution == 'Archlinux'
+  community.general.pacman:
+    name: "{{ libvirt_packages['Arch'] }}"
+    state: present
+    update_cache: true
+
+- name: Add user to libvirt group
+  ansible.builtin.user:
+    name: "{{ ansible_user }}"
+    groups: libvirt
+    append: true
+
+- name: Set required sysctl flags for bridging
+  ansible.posix.sysctl:
+    name: "{{ item.name }}"
+    reload: true
+    state: present
+    sysctl_file: /etc/sysctl.d/bridge.conf
+    sysctl_set: true
+    value: "{{ item.value }}}}"
+  loop:
+    - name: net.ipv4.ip_forward
+      value: 1
+    - name: net.bridge.bridge-nf-call-iptables
+      value: 0
+    - name: net.bridge.bridge-nf-call-ip6tables
+      value: 0
+    - name: net.bridge.bridge-nf-call-arptables
+      value: 0
+
+- name: Add bridge(s) to qemu_bridge_helper
+  when: qemu_bridges is defined
+  ansible.builtin.lineinfile:
+    path: /etc/qemu/bridge.conf
+    line: "{{ item }}"
+    state: present
+    backup: false
+    insertafter: EOF
+  loop: "{{ qemu_bridges | default(['virbr0']) }}"
+
+- name: Start and enable libvirt service
+  ansible.builtin.service:
+    name: libvirtd.service
+    state: started
+    enabled: true
+
+- name: Stop the default libvirt network
+  community.libvirt.virt_net:
+    name: default
+    state: inactive
+
+- name: Remove default libvirt network
+  community.libvirt.virt_net:
+    name: default
+    state: absent
+
+- name: Remove the default libvirt storage pool
+  community.libvirt.virt_pool:
+    name: default
+    state: deleted
+
+- name: Create standard libvirt storage directories
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    owner: libvirt-qemu
+    group: libvirt-qemu
+    mode: '0775'
+  loop:
+    - /var/lib/libvirt/isos/
+    - /var/lib/libvirt/nvram/
+
+- name: Get libvirt storage pool facts
+  community.libvirt.virt_pool:
+    command: facts
+
+- name: Define the standard libvirt storage pools
+  community.libvirt.virt_pool:
+    name: "{{ item.name }}"
+    command: define
+    xml: "{{ lookup('template', 'dir_pool.xml.j2') }}"
+  loop:
+    - name: isos
+      path: /var/lib/libvirt/isos/
+    - name: nvram
+      path: /var/lib/libvirt/nvram/
+
+- name: Create the standard libvirt storage pools
+  community.libvirt.virt_pool:
+    name: "{{ item }}"
+    command: build
+  loop:
+    - isos
+    - nvram
+
+- name: Start the standard libvirt storage pools
+  community.libvirt.virt_pool:
+    name: "{{ item }}"
+    state: active
+    autostart: true
+  loop:
+    - isos
+    - nvram
+
+- name: Setup additional libvirt storage (dir)
+  when: hypervisor.storage == 'dir'
+  ansible.builtin.include_tasks:
+    file: libvirt_dir.yaml
+
+- name: Setup additional libvirt storage (zfs)
+  when: hypervisor.storage == 'zfs'
+  ansible.builtin.include_tasks:
+    file: libvirt_zfs.yaml
+
+# - name: Enroll libvirtd TLS certificate
+
+# - name: Configure libvirtd TLS listener
+
+# - name: Open libvirtd TLS firewall ports
diff --git a/ansible/roles/hypervisor_qcow/templates/dir_libvirt_pool.xml.j2 b/ansible/roles/hypervisor/templates/dir_libvirt_pool.xml.j2
similarity index 100%
rename from ansible/roles/hypervisor_qcow/templates/dir_libvirt_pool.xml.j2
rename to ansible/roles/hypervisor/templates/dir_libvirt_pool.xml.j2
diff --git a/ansible/roles/hypervisor/templates/zfs_libvirt_pool.xml.j2 b/ansible/roles/hypervisor/templates/zfs_libvirt_pool.xml.j2
new file mode 100644
index 0000000..1754099
--- /dev/null
+++ b/ansible/roles/hypervisor/templates/zfs_libvirt_pool.xml.j2
@@ -0,0 +1,6 @@
+<pool type="zfs">
+  <name>{{ item.name | split('/') | last }}</name>
+  <source>
+    <name>{{ item.name }}</name>
+  </source>
+</pool>
\ No newline at end of file
diff --git a/ansible/roles/hypervisor_zfs/defaults/main.yml b/ansible/roles/hypervisor_old/defaults/main.yml
similarity index 100%
rename from ansible/roles/hypervisor_zfs/defaults/main.yml
rename to ansible/roles/hypervisor_old/defaults/main.yml
diff --git a/ansible/roles/hypervisor_zfs/tasks/main.yml b/ansible/roles/hypervisor_old/tasks/main.yml
similarity index 100%
rename from ansible/roles/hypervisor_zfs/tasks/main.yml
rename to ansible/roles/hypervisor_old/tasks/main.yml
diff --git a/ansible/roles/hypervisor_zfs/templates/network.xml.j2 b/ansible/roles/hypervisor_old/templates/network.xml.j2
similarity index 100%
rename from ansible/roles/hypervisor_zfs/templates/network.xml.j2
rename to ansible/roles/hypervisor_old/templates/network.xml.j2
diff --git a/ansible/roles/hypervisor_zfs/templates/pool.xml.j2 b/ansible/roles/hypervisor_old/templates/pool.xml.j2
similarity index 100%
rename from ansible/roles/hypervisor_zfs/templates/pool.xml.j2
rename to ansible/roles/hypervisor_old/templates/pool.xml.j2
diff --git a/ansible/roles/hypervisor_qcow/tasks/main.yaml b/ansible/roles/hypervisor_qcow/tasks/main.yaml
deleted file mode 100644
index 90c3b9a..0000000
--- a/ansible/roles/hypervisor_qcow/tasks/main.yaml
+++ /dev/null
@@ -1,60 +0,0 @@
----
-
-- name: Install libvirt packages (Arch)
-  when: ansible_os_distribution == 'Archlinux'
-  community.general.pacman:
-    name: "{{ libvirt_packages['Arch'] }}"
-    state: present
-    update_cache: true
-
-- name: Add user to libvirt group
-  ansible.builtin.user:
-    name: "{{ ansible_user }}"
-    groups: libvirt
-    append: true
-
-- name: Set required sysctl flags for bridging
-  ansible.posix.sysctl:
-    name: "{{ item.name }}"
-    value: "{{ item.value }}}}"
-    state: present
-    sysctl_set: true
-    reload: true # TODO set sysctl file?
-  loop:
-    - net.ipv4.ip_forward # TODO add remaining values here
-
-- name: Add bridge(s) to qemu_bridge_helper
-  when: qemu_bridges is defined
-  ansible.builtin.lineinfile:
-    path: /etc/qemu/bridge.conf
-    line: "{{ item }}"
-    state: present
-    backup: false
-    insertafter: EOF
-  loop: "{{ qemu_bridges | default(['virbr0']) }}"
-
-- name: Start and enable libvirt service
-  ansible.builtin.service:
-    name: libvirtd.service
-    state: started
-    enabled: true
-
-- name: Stop the default libvirt network
-  community.libvirt.virt_net:
-    name: default
-    state: inactive
-
-- name: Remove default libvirt network
-  community.libvirt.virt_net:
-    name: default
-    state: absent
-
-- name: Setup libvirt storage (dir)
-  when: hypervisor.storage == 'dir'
-  ansible.builtin.include_tasks:
-    file: libvirt_dir.yaml
-
-- name: Setup libvirt storage (zfs)
-  when: hypervisor.storage == 'zfs'
-  ansible.builtin.include_tasks:
-    file: libvirt_zfs.yaml
diff --git a/ansible/roles/hypervisor_qcow/templates/zfs_libvirt_pool.xml.j2 b/ansible/roles/hypervisor_qcow/templates/zfs_libvirt_pool.xml.j2
deleted file mode 100644
index d1cdfef..0000000
--- a/ansible/roles/hypervisor_qcow/templates/zfs_libvirt_pool.xml.j2
+++ /dev/null
@@ -1,6 +0,0 @@
-<pool type="zfs">
-  <name>{{ item.name }}</name>
-  <source>
-    <name>{{ item.dataset }}</name>
-  </source>
-</pool>
\ No newline at end of file