diff --git a/roles/client/tasks/main.yml b/roles/client/tasks/main.yml
index a241e20..63ffbcf 100644
--- a/roles/client/tasks/main.yml
+++ b/roles/client/tasks/main.yml
@@ -26,7 +26,9 @@
     dest: "/tmp/{{ item.name }}.toml"
   when:
     - item.cidr == "machines"
-    - item.name in "{{ ansible_host }}"
+    # NOTE innernet does not accept '.' in a name
+    - item.name in ansible_host|replace('.', '-')
+    - item.name in added_peers.stdout
   with_items: "{{ peers }}"
 
 - name: Install non-admin invitation on servers
@@ -36,7 +38,9 @@
       --delete-invite
   when:
     - item.cidr == "machines"
-    - item.name in "{{ ansible_host }}"
+    # NOTE innernet does not accept '.' in a name
+    - item.name in ansible_host|replace('.', '-')
+    - item.name in added_peers.stdout
   with_items: "{{ peers }}"
   ignore_errors: true
 
diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml
index d999f07..97ca6cd 100644
--- a/roles/server/tasks/main.yml
+++ b/roles/server/tasks/main.yml
@@ -20,6 +20,46 @@
     deb: "/tmp/innernet-server.deb"
     install_recommends: true
 
+- name: Copy relevant network var to host
+  copy:
+    content: "{{ network_name }}"
+    dest: /root/network.txt
+  register: network_file
+
+- name: Move old cidrs file
+  shell: mv cidrs.txt cidrs.txt.old
+
+- name: Copy relevant cidrs var to host
+  template:
+    src: cidrs.j2
+    dest: /root/cidrs.txt
+  register: cidrs_file
+
+- name: Get changed cidrs
+  shell: awk 'FNR==NR{old[$0];next};!($0 in old)' cidrs.txt.old cidrs.txt
+  register: added_cidrs
+
+- name: Move old peers file
+  shell: mv peers.txt peers.txt.old
+
+- name: Copy relevant peers var to host
+  template:
+    src: peers.j2
+    dest: /root/peers.txt
+  register: peers_file
+
+- name: Get changed peers
+  shell: awk 'FNR==NR{old[$0];next};!($0 in old)' peers.txt.old peers.txt
+  register: added_peers
+
+- name: "These CIDRs have been added"
+  debug:
+    msg: "{{ added_cidrs.stdout|from_yaml }}"
+
+- name: "These peers have been added"
+  debug:
+    msg: "{{ added_peers.stdout|from_yaml }}"
+
 - name: Create base network
   shell: |
     innernet-server new \
@@ -27,8 +67,7 @@
     --network-cidr "{{ network_cidr }}" \
     --external-endpoint "[{{ hostvars[inventory_hostname]['ansible_default_ipv6']['address'] }}]:{{ network_listen_port }}" \
     --listen-port {{ network_listen_port }}
-  # FIXME innernet gives an error if network exists already
-  ignore_errors: true
+  when: network_file.changed
 
 - name: Create CIDRs
   shell: |
@@ -38,50 +77,46 @@
         --cidr "{{ item.cidr }}" \
         --yes
   with_items: "{{ cidrs }}"
-  # FIXME innernet gives an error if CIDR exists already
-  ignore_errors: true
-
-- name: Create admin peers
-  shell: |
-    innernet-server add-peer "{{ network_name }}" \
-        --name "{{ item.name }}" \
-        --cidr "{{ item.cidr }}" \
-        --admin true \
-        --save-config "{{ item.name }}.toml" \
-        --invite-expires "14d" \
-        --auto-ip \
-        --yes
-  with_items: "{{ admin_peers }}"
-  # FIXME innernet gives an error if admin peer exists already
-  ignore_errors: true
+  when:
+    - cidrs_file.changed
+    - item.name in added_cidrs.stdout
 
 - name: Create peers
   shell: |
     innernet-server add-peer "{{ network_name }}" \
         --name "{{ item.name }}" \
         --cidr "{{ item.cidr }}" \
-        --admin false \
+        --admin "{{ item.admin }}" \
         --save-config "{{ item.name }}.toml" \
         --invite-expires "14d" \
         --auto-ip \
         --yes
   with_items: "{{ peers }}"
-  # FIXME innernet gives an error if peer exists already
+  ignore_errors: true
+  when:
+    - peers_file.changed
+    - item.name in added_peers.stdout
+
+- name: Delete empty files
+  shell: find . -maxdepth 1 -type f -empty -print -delete
   ignore_errors: true
 
-- name: Copy invitation files of admin peers to controller
-  # NOTE other machines should never be admins. Only humans.
-  synchronize:
-    src: "/root/{{ item.name }}.toml"
-    dest: "{{ playbook_dir }}/roles/client/files/{{ item.name }}_admin.toml"
-    mode: pull
-  with_items: "{{ admin_peers }}"
+- name: Check for actual peer invitation files
+  shell: ls | grep .toml
+  register: toml_files
+  ignore_errors: true
+
+- name: Custom error message
+  fail:
+    msg: "Could not find any new invitation files. Have you added a new peer?"
+  when: toml_files.rc == 1
 
 - name: Copy invitation files of peers to controller
   synchronize:
     src: "/root/{{ item.name }}.toml"
     dest: "{{ playbook_dir }}/roles/client/files/{{ item.name }}.toml"
     mode: pull
+  when: toml_files.stdout.find(item.name) != -1
   with_items: "{{ peers }}"
 
 - name: Make sure invitation files are absent on innernet-server