diff --git a/README.md b/README.md
index fa1483e..8210134 100644
--- a/README.md
+++ b/README.md
@@ -43,3 +43,8 @@ The user managment role allows to manage user.
 Especially, it generate the described users on each hosts. 
 
 The password are stored in the variables in there hash form. The script `hash_passwd.py` can give you the hash of a password.
+
+## Passwords
+
+`keyring set ansible-painsperdus vault-default the_vault_password`
+`keyring set ansible-painsperdus become your_password`
diff --git a/TODO.md b/TODO.md
index 1302708..0ba2116 100644
--- a/TODO.md
+++ b/TODO.md
@@ -2,6 +2,11 @@
 
 Stuff that I should do but will probably never do.
 
+## Base
+
+- Add sudo configuration role
+- Add hostname/hosts configuration role that works on Ubuntu and Debian
+
 ## Polish the user role
 
 The role is fine, but could use some default filter, like for the shell value.
@@ -37,4 +42,8 @@ setup:
 - disable cloud init
 - remove cloud init account and change the connenction variable for the vm
 
+## Matrix
+
+- Potgres role should be redone, it is currently called too many times that could be globalized I think. Also the setting of timezone and locale is not idempotent
+
 good luck
diff --git a/ansible.cfg b/ansible.cfg
index 8c16ad8..960b7ef 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,7 +1,6 @@
 # Ansible configuration
 
 [defaults]
-
 # Do not create .retry files
 retry_files_enabled = False
 
@@ -23,18 +22,14 @@ forks = 15
 # Some SSH connection will take time
 timeout = 60
 
-vault_identity_list = main_vault@.main_vault_password , user_vault@.user_vault_password, vpn_vault@.vpn_vault_password
+vault_password_file: vault-client.sh
+vault_identity = default
 
 [privilege_escalation]
-
 # Use sudo to get priviledge access
 become = True
 
-# Ask for password
-become_ask_pass = True
-
 [diff]
-
 # TO know what changed
 always = yes
 
diff --git a/books/all.yml b/books/all.yml
new file mode 100755
index 0000000..bcbca86
--- /dev/null
+++ b/books/all.yml
@@ -0,0 +1,8 @@
+#!/usr/bin/env ansible-playbook
+---
+
+- import_playbook: base.yml
+- import_playbook: apt_proxy.yml
+- import_playbook: web_services.yml
+- import_playbook: matrix.yml
+- import_playbook: monitoring.yml
diff --git a/books/apt_proxy.yml b/books/apt_proxy.yml
index fb59756..4beba54 100755
--- a/books/apt_proxy.yml
+++ b/books/apt_proxy.yml
@@ -1,5 +1,11 @@
 #!/usr/bin/env ansible-playbook
 ---
-- hosts: apt_proxies
+- hosts: apt_cacher_ng
   roles:
     - apt_cacher_ng
+
+- import_playbook: vpn.yml
+
+- hosts: vpn
+  roles: 
+  - client_apt_proxy
diff --git a/books/base.yml b/books/base.yml
index 23c0daf..b150a48 100755
--- a/books/base.yml
+++ b/books/base.yml
@@ -1,18 +1,11 @@
 #!/usr/bin/env ansible-playbook
 ---
-- hosts: vpn, !tests,
-  roles:
-    - vpn
-    - client_apt_proxy
-
-- hosts: all, !tests,
+- hosts: server
   roles:
     - networking
-    - base_config
-    - prometheus-node-exporter
-
-- hosts: all, !tests, !no_user,
+    - users
+    - ssh
+    - base
+- hosts: vm
   roles:
-    - create_users
-    - ssh_totp
-
+    - guest_agent
diff --git a/books/dns.yml b/books/dns.yml
deleted file mode 100755
index d56493d..0000000
--- a/books/dns.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env ansible-playbook
----
-
-# Reverse proxy
-- hosts: proxy
-  roles:
-   - configure_resolved
-   - reverse_proxy_stream
diff --git a/books/gitea.yml b/books/gitea.yml
deleted file mode 100755
index c300b70..0000000
--- a/books/gitea.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env ansible-playbook
----
-
-- hosts: gitea_host
-  roles:
-    - install_docker
-    - generate_self_signed_certificate
-    - install_gitea
diff --git a/books/keycloak.yml b/books/keycloak.yml
deleted file mode 100755
index 5a895c1..0000000
--- a/books/keycloak.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env ansible-playbook
----
-
-- hosts: keycloak_host
-  roles:
-    - install_docker
-    - generate_self_signed_certificate
-    - install_keycloak
diff --git a/books/matrix.yml b/books/matrix.yml
index 6458b34..94c47e4 100755
--- a/books/matrix.yml
+++ b/books/matrix.yml
@@ -1,6 +1,6 @@
 #!/usr/bin/env ansible-playbook
 ---
-- hosts: matrix
+- hosts: synapse
   roles:
     - synapse
     - matrix-bridge-discord
diff --git a/books/monitoring.yml b/books/monitoring.yml
index 1265a5b..e738a56 100755
--- a/books/monitoring.yml
+++ b/books/monitoring.yml
@@ -1,12 +1,12 @@
 #!/usr/bin/env ansible-playbook
 ---
-- hosts: prometheus_servers
+- hosts: prometheus
   roles:
     - prometheus
     - prometheus-alert-manager
     - grafana
     - prometheus-blackbox-exporter
 
-- hosts: all, !tests,
+- hosts: monitoring
   roles:
     - prometheus-node-exporter
diff --git a/books/update.yaml b/books/update.yaml
new file mode 100755
index 0000000..0a711a0
--- /dev/null
+++ b/books/update.yaml
@@ -0,0 +1,22 @@
+#!/usr/bin/env ansible-playbook
+---
+- name: Update
+  hosts: all
+  gather_facts: true
+  tasks:
+    - name: Update all packages with apt
+      apt:
+        name: "*"
+        state: latest
+      register: apt
+      when: ansible_os_family == "Debian" 
+    - debug: msg={{ apt.stdout.split('\n')[:-1] }}
+      when: ansible_os_family == "Debian"
+    - name: Update all packages with pacamn
+      pacman:
+        update_cache: yes
+        upgrade: yes
+      register: pacman
+      when: ansible_os_family == "Archlinux"
+    - debug: msg={{ pacman.msg }}
+      when: ansible_os_family == "Archlinux"
diff --git a/books/users.yml b/books/users.yml
deleted file mode 100755
index 03736fd..0000000
--- a/books/users.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/usr/bin/env ansible-playbook
----
-
-- hosts: all, !tests, !no_user
-  roles:
-    - create_users
-    - base_totp
diff --git a/books/vpn.yml b/books/vpn.yml
index 841482d..77ab98b 100755
--- a/books/vpn.yml
+++ b/books/vpn.yml
@@ -1,6 +1,5 @@
 #!/usr/bin/env ansible-playbook
 ---
-- hosts: vpn, !tests
+- hosts: vpn
   roles:
     - vpn
-    - networking
diff --git a/group_vars/all/ansible.yml b/group_vars/all/ansible.yml
new file mode 100644
index 0000000..075ca96
--- /dev/null
+++ b/group_vars/all/ansible.yml
@@ -0,0 +1,5 @@
+# Use python 3
+ansible_python_interpreter: /usr/bin/python3
+
+# Set your become password with `keyring set ansible-painsperdus become`
+ansible_become_password: "{{lookup('community.general.keyring','ansible-painsperdus become')}}"
diff --git a/group_vars/all/ca.yml b/group_vars/all/ca.yml
index 6c4c46a..52c50bf 100644
--- a/group_vars/all/ca.yml
+++ b/group_vars/all/ca.yml
@@ -1,6 +1,5 @@
 ---
-ca_passphrase: "{{ vault_ca_passphrase }}"
-ca_key: "{{ vault_ca_key }}"
+
 ca_cert: |
   -----BEGIN CERTIFICATE-----
   MIIFhzCCA2+gAwIBAgIUP+ptXLNUBVsZm5oYpynQd5mhB60wDQYJKoZIhvcNAQEL
diff --git a/group_vars/all/generate_self_signed_certificate.yml b/group_vars/all/generate_self_signed_certificate.yml
deleted file mode 100644
index 0ed0244..0000000
--- a/group_vars/all/generate_self_signed_certificate.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-country_name: FR
-organization_name: Pains-Perdus
diff --git a/group_vars/all/install_gitea b/group_vars/all/install_gitea
deleted file mode 100644
index 979514a..0000000
--- a/group_vars/all/install_gitea
+++ /dev/null
@@ -1,3 +0,0 @@
----
-gitea_ssh_port: 2222
-gitea_https_port: 8443
diff --git a/group_vars/all/install_keycloak b/group_vars/all/install_keycloak
deleted file mode 100644
index 8ad462f..0000000
--- a/group_vars/all/install_keycloak
+++ /dev/null
@@ -1,2 +0,0 @@
----
-keycloak_https_port: 7443
diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml
new file mode 100644
index 0000000..1d07ad2
--- /dev/null
+++ b/group_vars/all/main.yml
@@ -0,0 +1,13 @@
+---
+
+# Default prometheus serveur, to overide in host_vars or something
+appointed_prometheus_server: hindley
+
+## DNS Servers
+dns_server: 1.1.1.1
+dns_server_fallback: 1.0.0.1
+
+## Self Signed certificates
+country_name: FR
+organization_name: Pains-Perdus
+
diff --git a/group_vars/all/matrix.yml b/group_vars/all/matrix.yml
deleted file mode 100644
index 3e7bf0b..0000000
--- a/group_vars/all/matrix.yml
+++ /dev/null
@@ -1,65 +0,0 @@
----
-matrix_server_name: pains-perdus.fr
-matrix_local_server_name: synapse.pp.intra
-matrix_enable_registration: False
-synapse_postgre_user_pwd: "{{ vault_synapse_postgre_user_pwd }}"
-matrix_max_upload_size: 50M
-matrix_registration_shared_secret: "{{ vault_matrix_registration_shared_secret }}"
-matrix_macaroon_secret: "{{ vault_matrix_macaroon_secret }}"
-matrix_form_secret: "{{ vault_matrix_form_secret }}"
-
-matrix_apps_services:
-  - discord
-  - facebook
-  - signal
-  - instagram
-  - telegram
-
-# bridge discord
-matrix_bridge_discord_postgre_user_pwd: "{{ vault_matrix_bridge_discord_postgre_user_pwd }}"
-matrix_bridge_discord_client_ID: "{{ vault_matrix_bridge_discord_client_ID }}"
-matrix_bridge_discord_botToken: "{{ vault_matrix_bridge_discord_botToken }}"
-
-# bridge facebook
-matrix_bridge_facebook_postgre_user_pwd: "{{ vault_matrix_bridge_facebook_postgre_user_pwd }}"
-# Those values are generated by the bridge the first time the bridge is launched.
-# we copied the values generated from our test config
-matrix_bridge_facebook_integration_manager_shared_secret: "{{ vault_matrix_bridge_facebook_integration_manager_shared_secret }}"
-# matrix_bridge_facebook_as_token: "{{ vault_matrix_bridge_facebook_as_token }}"
-# matrix_bridge_facebook_hs_token: "{{ vault_matrix_bridge_facebook_hs_token }}"
-matrix_bridge_facebook_admins:
-  - g33kex
-  - histausse
-matrix_bridge_facebook_allowed_external_user:
-  - '@dorianx:matrix.rezel.net'
-
-# bridge signal
-matrix_bridge_signal_postgre_user_pwd: "{{ vault_matrix_bridge_signal_postgre_user_pwd }}"
-matrix_bridge_signal_admins:
-  - g33kex
-  - histausse
-matrix_bridge_signal_allowed_external_user:
-  - '@dorianx:matrix.rezel.net'
-
-# bridge instagram
-matrix_bridge_instagram_postgre_user_pwd: "{{ vault_matrix_bridge_instagram_postgre_user_pwd }}"
-matrix_bridge_instagram_admins:
-  - g33kex
-  - histausse
-matrix_bridge_instagram_allowed_external_user:
-  - '@dorianx:matrix.rezel.net'
-
-# bridge telegram
-matrix_bridge_telegram_postgre_user_pwd: "{{ vault_matrix_bridge_telegram_postgre_user_pwd }}"
-matrix_bridge_telegram_admins:
-  - g33kex
-  - histausse
-matrix_bridge_telegram_allowed_external_user:
-  - '@dorianx:matrix.rezel.net'
-matrix_bridge_telegram_api_id: "{{ vault_matrix_bridge_telegram_api_id }}"
-matrix_bridge_telegram_api_hash: "{{ vault_matrix_bridge_telegram_api_hash }}"
-matrix_bridge_telegram_bot_token: "{{ vault_matrix_bridge_telegram_bot_token }}"
-
-# Not configured for now
-matrix_stats_endpoint: https://127.0.0.1/report-usage-stats/push
-
diff --git a/group_vars/all/networking.yml b/group_vars/all/networking.yml
index 9587af1..a9abcd1 100644
--- a/group_vars/all/networking.yml
+++ b/group_vars/all/networking.yml
@@ -28,6 +28,11 @@ intranet:
           ipv4: 172.20.1.5
           netmaskv4: 32
           comment: Matrix server
+        technetium:
+          domaine: technetium
+          ipv4: 172.20.1.99
+          netmaskv4: 32
+          comment: Test VM
     guest_hellman:
       domaine: hllm
       ipv4: 172.20.198.0
diff --git a/group_vars/all/reverse_proxy_stream.yml b/group_vars/all/reverse_proxy_stream.yml
deleted file mode 100644
index 5addcdf..0000000
--- a/group_vars/all/reverse_proxy_stream.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-
-reverse_proxy_stream:
-  - {from_port: 2222, type: "tcp", to: "azerty.fil.sand.auro.re:2222"}
diff --git a/group_vars/all/totp.yml b/group_vars/all/totp.yml
deleted file mode 100644
index b171f71..0000000
--- a/group_vars/all/totp.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-totp_periode: 60
-totp_digits: 6
-totp_machine: "pains-perdus"
diff --git a/group_vars/all/user_vault b/group_vars/all/user_vault
deleted file mode 100644
index c23d962..0000000
--- a/group_vars/all/user_vault
+++ /dev/null
@@ -1,162 +0,0 @@
-$ANSIBLE_VAULT;1.2;AES256;user_vault
-66646139353961656263643538333430306336343661306434346136646234336534393663333732
-6265656462333262363466366232313434643739616235660a323232393330383037636664303162
-66343861653038663534313139653266376563613030633934323335383431623538643135643637
-6634656439313233390a316435623232376135323666656332323038646565353733393039373533
-64663035613930303631313536636130333363633362383934623863333631633538393231633531
-30646430346634346433323339343461323430643938613634613164393461613863356633346638
-33396463303162333338623731646431663839623034613664616166383237323435623631393737
-32316336393330633330616530306538353136623737346530343838313634386535376633393134
-36306438393531613464326561356633373139663863666564323433353161656266616638626436
-66316363663631646562333566356638343830626437643666306335393364353165313939323363
-39323362333364323531353330343164643938346636333865626630363431663130373161353263
-34366131333362396634326336396635343961393239333665626632343533363263653535306438
-66343430343734653261386230653738373436313432393839313765333062363165373762303536
-34303939663837333531626437653263383662326238306162356361333362353863313466343031
-65646537323762373234633134323737333137316161343539663065386538653762616236396133
-33313637316331326432363132643462666438663037613537363263306564316530396433383662
-34356464353562336331623934316138376662396466626430383162656430653935626537303138
-61663033353961303061646364363865653135346362373433666531363432366566396638376139
-32656265636163326632356133653639623633663934353636396365356662666563623735353830
-33386166326564656135386161653032646635663832383662323162343039323665326165613263
-38613732373962363264373237643239383961383639393832616631613535316332306330353637
-39613638656434393039613362383738383039343030393761666534393633666630656632613739
-65376461323363643462613064336566353463363031303436616335633632623838306565313464
-61323431363635356431333336323434353334666539323233666132333931633636633632626461
-39366335613739393634636637663535643663353035663731613939323864613965663632616136
-61613133316636336336623563373564333533343062333262336539363962623739373233633462
-66643664616438383030303764313038613133353535636130643531623564373639396563333934
-32353663343533616262323165373564303239356635633136306133326666313037363062633132
-62363364623465353435386461623062373836353531616361346533626266623961393166323639
-35613261666533363436386438656232653732396631626638356532306163656661633738326361
-38353961323135383439326331663139613730303362326233363436353532373865656633633462
-32326339323865666531393565333633386234663463663133386463323730323230646533393535
-35356336326235333536663165393938353730653862356161356137666532653231396265663336
-63633330336264383765356661303431353239346433326138383565396663643638666330633161
-65323338646436323237613235343936636333653332666435373461346632643462383961356233
-62373066616239303437383637323838613666353465383035303230386565366138663933653838
-33626665663562353137316561303863333862376537303831316665653164656336323461666436
-33323165393762616664356561633138383836316433623635383664353564353664383566313561
-38623631356432316431343934306334633532383034383432323562313033356238323736316239
-31653261333035663631666362366231303237656630656435373636383164306266646164363265
-30653064306132393330376561616431343765656637356336306565306135336664373837353566
-65323636646235386661616132316461376531653738343632393638663938626564333235643238
-61653164616331653933336138393763613837353030653239626532633562396530373736316462
-63643930313264393363613564316637306562643336373536353036306233343266653066343832
-35306231383866613439636333623039376465386463653266663365646332336335326564323939
-65386630336131343964653037646365616631663466323036623661363836363135363636623361
-65613831653164393732623031613234323437383136636466353362313966656661623861373532
-64653063373933373730386363353939373062386637303936646566646137353238633765326132
-62393239386264346133623039616630636139646261366132623765613439303836336266323930
-64623861386131613239323261306636373065343233353566353565643532643031346332336331
-35663564353433383966633961383061613739373039643265653661666139363735313131363637
-62383539643433633164313563366161393133333433656131656331383861393566366631656136
-32653131363836366330313239383635336662633838363734366234343533353035356334303662
-66613833653930653836663137333064656564376464633435636431326336316339336533613866
-31373962333134653863316339623838333439386433663937306539343635363134633062306237
-64663834613937663733666662343933633839343532376662366561326535316530363466663432
-33626332303032386232363165653439666233616362306665656133656561306564363561633138
-34393237316239643462613931633530643062373130386162333537663136666131623263363534
-34333164376238353534623038333532343266636535366532633837633161393363393734613765
-37333438613332653466653231303361623439376465343231383135316230323337616330613262
-31613235356137313233616637333733633437376262383862323566343865313138633538333136
-35356261336263323330653664306635656332646365646630373437386536363538376636323533
-63383531336261626463613265386337346639616130613333363061643065313766326262313635
-30396438653535653739316264346531646438323862346438633339613563383930306230663932
-39653564336531376234373364306462396433633738313565363335303435353736616264313131
-38363738303431653963363765666238613435386261613037353465303337613933353430353131
-38653366643866303863616366383339653631666466646332323463616663376139636632393434
-35376537646236623339346366613066383061353535303036383732616337643331616263373131
-32633336303963653562386664313532373666346132663334313065336564346362373433326532
-65396532356238326237353034333264393233343138363739383830653230643665646362663630
-39333537353832616331363534326164323133373761306630623130383465663636636464313539
-61646363626434393530333465316333623139626433326337383766343730323963353731333930
-35646535376531656262326536306536633137636138663732366330656565633565313533306465
-34383464326330353133303731303534663834393837323965393363303635343236313666656264
-33633735653135643062313664663432363231653230636339386438386339623363323336393566
-62353037346564633535376638363037363861366263323766333961303534393539356530633562
-61616664633236613865626663636632323066643534393630393033626635663336366632393134
-32326565303031333566346461633136326566306461323436393539353533313033333061383032
-34326337616338626630316661663237333831616363346130653663663861353562366164643730
-34656638303531353861386437646662346132346662336164616232623839303934383166623532
-63343538656130306636313337646238663663636432376237353738303864303835646433353137
-61653931383837353934663536663266636636373936376230353836636134653531353031363938
-65333361303361363334393733666466643063653266363262306233633834353331666565353266
-38666431643139316139623263663864386534376566393437373965346530343433366535323732
-65626336396362393331623564656436383135636539333934633233666330643465633531316166
-62306637323739346639306630623132346665373630343566656437303630626664333465383766
-62303365653332653162336230336634333232663732653237386533646531643839643465366637
-65303964626463363130383164633938636538316461366335356664613138336463653539393465
-35353637616462613833636137333139356538386162616538613562333337383233313038313035
-31303065663630353865303338643533393839373665373231383666646634353035316261613662
-34663661323235383331643634636534363238353934303837666531376630643830323863343932
-32333934376332646537373064346666343535303038383234356165303635633732373939656438
-30326463396631376538346366373135373164666631323036623066613664376334353331386463
-32346132643361646136376362356266316231336162333834646232353935656363373766323338
-63616337343631383963343165303938333665333731373163383264656537356130343536626661
-63663236643539313436636531623232643163643036363438616230306264373166336630363833
-39396530643765336436386639323533643638336566636135613438643936623531613436653733
-62326536663538376266393233373135333231613161613335323562613734653639633137383364
-39313263303036396635663431356363663964393231333663396433653263333337653763613738
-66653636653436326636353361623637346562303465303034356561663964666139623630366261
-34656338363863393861323735613739366339363063633762363235626264666561373334376135
-33396663306131313530663763393137313264383335373830333939636238393163303065323731
-33636630363033646530383438343465623462346666333131626434616138363435623732663030
-65616632393866633466363837383238386264363536633439366661313265316333666435333536
-33376661663733343136353061623065393061306435396338623961623466376532613163353739
-64343033626666646130663861383236613961663335623134313063376436383666636338633332
-65643365656161373631633232353930343533653134346566643066376265626661366234303439
-33386539386536663932636238626234646266643432626162633534376161633262366631356662
-63643066383631326632643732616432343733306134616432636561393333326431626230643935
-32663232373331643335356562336563653837656164653531323561623432303334333330656263
-35303237663131616133643235646634373931313831313965346661356334396266356437613362
-63393136353762636666343538663134336138353661663161663936366531316662373666363035
-65363333393464303933646230396230363238313264373665623465393434346638663837366364
-65633536633464306138663033323132653436663461646432636161353038663836393735316663
-32316130383234633664663163663965313436656461353835633439303239663038646464653662
-63636261653263373337356433353935323563616438363964653036633139393836366537343562
-35323935396461303136623961633730623361663631393036633635663564306139353139646230
-32333731643838613465343064633638663738333666653637393331373033383834346134396261
-62393564633630353065646563336439623735636461313231343864326132323935633235643637
-33353935383665613162663364356232356661393565386231396534633865303938663239353137
-36323364346438386231643664306637333039353330616232356536323361356332643564323065
-64373137316131643631333331353062643930323265663935656532613430333537663038666337
-30656636666233386564663362386366353634613261393261303738643762656266653463633534
-35643537376639633563363266663534633662363432373032613738613130313065643134613635
-33336236346231346534363064356461653330383763626133386663616661306330393438333139
-63326264623864623463333937303338383061393835386132383336666234396437313165373634
-37346363616237666337613335313432386563323434333031626261373031343662376430336638
-30316466633362623663353037353863633037383631653233616334383562333236386633326464
-37336134663563656233623639643665343633323965613136613536633161353835363636663863
-34376234633364323534616465633762643033396433326436316435663533653639303536303931
-33643261623935363032346233393462653136346461383334336462613735633836663732323735
-61353538623534313564643037333162396562373836383763373861343361373164646564343537
-34326230393730333766356663343831616663666564613237636661353237313162623237313565
-38343239336561343435326535363363313739353165663835363865333164623332346234346430
-36336333626434343964383635363864386535343230313036663331666538363433363639346634
-65356534343432643064356332343337633034323735623531303638366461383137383038663833
-35373262356462666136313564643932663534396366386161326662316166626336353334313333
-64326238383962386534396466636235616464633166636134313162646663356438393331633066
-37333532373137646139653535623938386364613331346437626537646637366565653038633563
-63643431653538396363333566343339326632626566383035356631323931643135303830316162
-35336563396534633136343166623638643661623662366466613432616332313133663366323735
-63663533383735623262643963353530643330353130356131623733373937623662336536613565
-62306535353738613139326337326130333234373036646663633932366532336463616162343936
-33373764336530383439333133646339646330376265396639393063623761386464303532376338
-30306630626262333839613533663766613730653764373939306437613032323536623531353363
-32316464636231386634356534616162373064653066326637636533393230643263633635303263
-31663939393236306362616534646136643038666436306137313139366162303163333366323231
-33313763623839306162373134623361626263363365633834636331313030313635353932313165
-61666364646435643233303862613238373333303130333465643561656634663531303231323936
-37626565366334386536343637366162666464613639356139353761656563313532343764653064
-31396139373337353363643436666634623037613136333637313931323539383833316338623164
-63633562313536396462613437373031396137396532616466343034333839316461663632366365
-39396663366536373833363533353039623833613436393065366163383566303537316334343064
-31356334343034356431303533633236646334376136666665326365373239376233636436666337
-35333731366133616365303365396338653031343432373966356633313136303063653033643462
-36653566363630646564303531336330343566383861313431633933386265343661393965653439
-65636262393335373038643432633236646134356135323835616336323737373738353636323036
-35396363613565633431333434376530666662316434313938653338316163303033623931373932
-38363538303561646161636662633136313536633634366133316166366631663732633162663130
-33313038383230313464656131623039396230613661626534303563353033623365663765363936
-38396234356563373465366134646165633464323166333832393465393433363361
diff --git a/group_vars/all/user_vault.example b/group_vars/all/user_vault.example
deleted file mode 100644
index 9fa62c5..0000000
--- a/group_vars/all/user_vault.example
+++ /dev/null
@@ -1,10 +0,0 @@
----
-uservault_users:
-  - {
-      name: lorem,
-      groups: sudo,
-      shell: "/bin/bash",
-      password_hash: "$6$lvbzekjvbzejbvzvzvbzvbzhvbzbv....aezrfv/", # the string betwenn the first and second `:` in /etc/shadow
-      ssh_key: "ssh-rsa azrekgnbmoienbzrinoien...aoeuzn user@host",
-      totp: "daeae8ce486f6636d68c37c21ce002" # the hex value
-    }
diff --git a/group_vars/all/users.example b/group_vars/all/users.example
new file mode 100644
index 0000000..e12f5ca
--- /dev/null
+++ b/group_vars/all/users.example
@@ -0,0 +1,8 @@
+---
+user_dict:
+  lorem:
+      shell: "/bin/bash",
+      password_hash: "$6$lvbzekjvbzejbvzvzvbzvbzhvbzbv....aezrfv/", # the string betwenn the first and second `:` in /etc/shadow
+      ssh_keys: 
+        - "ssh-rsa azrekgnbmoienbzrinoien...aoeuzn lorem@host1",
+        - "ssh-ed25519 azrekgnbmoienbzrinoien...aoeuzn lorem@host2",
diff --git a/group_vars/all/users.yml b/group_vars/all/users.yml
new file mode 100644
index 0000000..1e4a24f
--- /dev/null
+++ b/group_vars/all/users.yml
@@ -0,0 +1,142 @@
+$ANSIBLE_VAULT;1.1;AES256
+61636436366131323962383930303537366139383363383134643432386435616663653239623962
+3061313236386134333165353762313361643834336637660a313035623736366236383663353363
+61366139636330323332373331656433393066636135353038333134613530323634356230353130
+6234646531646636380a346132343965663164646465636666353236666232633339373766393664
+31393538653262386234636435316632656661613236333139326137346631346436346163346139
+33633339393237663234646133386564353234383636376231366637663435656239633561303861
+33343131383935643531313437663833333261373538626236393536303263376136353735633332
+30663065663337646336623262366233306531343038613863366136323237626533616338633161
+61323662333439343164666161363366303865353637383765336463356364663232343732663862
+37386633326336343263313531376663393038626562393133653630316137376363666530623734
+37616334396630303135346536363437636262343936393034303864653036623865653362646430
+65333733653231646337323836626331626130386663393738346333396261313133346636353766
+33343962616634323564623863613966366534376539363065656330653132663563663032316131
+64633162623262333035653436313265396337643662636465306361643635333834383032376637
+61393663363631633861363661376362333061626666396461653566316363613163646132366237
+65393661653532613731383537656530323461366666373962616666343666343437393039623464
+31666261323635346234326366633834333731316363303230616438383165616335326132333563
+61316364633237613832346165636664656462626538656462323332373633616132663361343232
+64376132373661306362613362363430316463636436393433303962393436646531356361353531
+35396162633039396362313065643431383538663330366535633036663136376566626464653835
+65316439636664333537663330623733616234643434396134323765373338653264333865393139
+37323561633030366134316633343036396437376265616261643239316461383638636265623230
+63396563653862343465613465623866666465346530303334353561343135366564393533303566
+38306532663536626532313539663737373838636432343961356134323431333330626566306563
+39346339363136343135356562306431326233643565353862343066376661313066636139323530
+63623131623238656132653966373863373466656565346461373233336135653337343863666335
+61613139303933313531346565393631373638616336313331633566663335326562366431386263
+38396530326165356366613564656432356365323566623865313763356539613134306239343035
+31356664396136373561316634616433643237303463626662646538313164333330393639313531
+62613434363137393430313934303266656265393636313165313637623430373339383265656665
+65656265396130373931346634613635636661333331323661346462336134383765643038383938
+66316566323366353363653230656431393239343237373663373632333338373939356137633361
+37613132376463366536623238396639666132333234363937616638343364303436373238666333
+33313839326339366131333835643464363461316262363234386564643238666464356561303362
+66343936353336313666633537666532323462666533386632633665303932366366323633623763
+36636637343562333161386330366337303863393333663261626138333631356366313464326163
+30653265326163623435333561626534303166646531636235666266643330636133303063333834
+30353134336531646639363438393566383465376136653561646165333633373765613065663565
+66616432353162323163623231613064346233373330643832393062346261386232333436396365
+35353562323639333236623037613534616338323130623332306234613465363532613564323162
+63316466323463636134326664393838356230313566383031353033343665303463393938356266
+30626639303166316636633465346338396632353932346533306332653636663464353865303463
+33313636623137353562663533343231376338303335313330653164613661666161376537643565
+65636532623033643065363665633538636138306439643139636538316262643132666366643034
+30623639333162363138636534643430396662616265303362653833383865343262383563623233
+62393261616563666635646564353534663132316230343163636665633730383039313633656663
+39376466316336623161316330343036333631343539353832333037346636653831633464333564
+64363564633565663932346665643535636438613732303163616663393835353166323763633030
+30646465393366343932326332386335393033616262643136383537613536326430646135383936
+34336164336231623930616236623839393434613034333432383565393266363439363537666236
+30386363346465366465373562303165383937336436393533323765383862386265393361323034
+64633361643365316434393665316134643163623465633963353035326363393133323565393463
+32373965656366353139393165643232343263623537613937393339353463386330663931323930
+65333238313364313132333930663466306335653933356335376131636639323038383131333965
+39336165626463323366316334626364376162623866666437653635306466393165336234316432
+34366138343239353336633135633665396666656236636639363861656532646364323132646231
+30646461333331623939653339646665653364373734373532343738383766643062613366623830
+39616462643637343735623433383139333437326337313161626131326634303966643237636463
+62306365346263383035353164323464363365653464383762306532356363663262643634633239
+63333034373964383963663837386136623164313561643836313731353932666631303331663132
+31383134646432626230373564383531366139313462333432363836616138316365656465613137
+35323364356237393661626437353432646665396330303966363137373066353137616265636537
+37383537396564396639373361336336646334313731633733313639393431393065343130663237
+62333264313435393736623062303330366636356635343830633238393732343564306430353864
+63376465633338613036353734613361383239393538323261323166393230366535396666616631
+30633039346636383135396131393337366333313132366532333033393538376433656134393537
+36666564666239663137333263666362396362643165666466623639613331626439663230653537
+63343838663338353461613738656361636362336638313761386166653036373937333366643536
+62343833326264323033643832636630636337666234343064663234373030343938386232613665
+63323834366334633232623333646561323564626232343231366261333962313037306561306430
+31623235343635313039646338323661376464363335656633313330303935353330396134366263
+37636537343739353535336233346536353830383532356162633330623138383233643339336135
+36666236643535333739623035313830343563623039376561323735633161343132373263383862
+35623238326238623464623839336632396563643938643465336136316434323738616565383335
+36353362633230663236623730623738326264626161336637666662386165383631353530333937
+39353761373239636665656537646332376464623632323563613130383464643932376162343061
+32633730393834316566366262623832343237306161653032313665653164346438666139383838
+62336662613732356239373833336131656165343435613431326536333832623033386663323163
+65306464333631323063616264656336323065373539346231316438373838626330356331366365
+62373437623761396334383662373434613364363530393862373238626436346434666532643563
+37393365346533643837383334643964346537353263633136323639353131323837336163343365
+66306631366162373238326237666438346162323565313633663534383236353037353939393230
+30633030613234326138343862386333653632326538396165663137373464326366383839323262
+39663636633831653066336436386336663366343031663038363732653231626666356164346338
+61303062316637653462636134393538623561323563663663636666623163393466386538643039
+62363437366138356161633531666331663133653261323261613838353835643566353335363165
+65643930656136336366616436656633656266303864643434656539363965666334313061643637
+33666236313730633239306561333765336563653564663864656265313137656565636434313431
+36353139323563636330376338363833613337646331666432646266373736623033303164333462
+38333930323461303333353137356330366237633763633663326333336539396261373932336437
+38396230326630666535386362383637626263366539326630336433663665363661306263633839
+64613561383066356561633064633233376637313131613633613561353330316534636261636136
+30653332306535623161393236653662623966393933326337653835633634366364653264356436
+33663534623766366461393835343936613034346132373366326661326132396333653863653665
+36396638363931623664663334306433353665356239373466383533636363356164333131623432
+30326433643033393333323739333866336539643864333065643639623333326238313766653134
+61613432613962346135373565346366376666656336316639373931346234623432333665666136
+30353533356561373364303265333836313932303966616164616261636561633664303465313236
+64616632336234343566306335306532373434643130366436643862343462643332386264333633
+30383363666135333566613065306164643536333933666434653030653466623332376565626234
+35306537616235666338323532633261643035626166646436656139393462663831373966636130
+30633236346131616133633137306430363933383036376136383831313466326631376532623934
+65666636326163393738633062366131373434346262616237633438313636663439643466343861
+61623335626330343031633737323738383231386432376161663261346162626565363563653238
+31393666623762663538653936343464303661396531383539663831623463366664653535323032
+31323264373234383539666263373236663132313338343039373264383961343162383837306464
+37666436313335376463363530623139653663623430393431646636653731333634306535336534
+35666131613266303263663339633432666134653235633664663939356334323139383130383632
+30303664386634376437333464393539323063306433356663343539353733373765373436643232
+39653737653239303365363739303964363065666664333262666134333134626438306635356537
+31393863383339383030653733646363373034666233373736396137353030323834373436343365
+64663938646265663431643339356565333265313938323265613963333262303630333332393663
+66646632386536393366623139303138616264613261346662393533643264373365333665356431
+37333261303838643232663331343266626366366637353831343736306461383037383535383235
+35323039306462323461393961393730646137646663346664316662373332613263613561396562
+32613665396538646336643439343061333933626239393765326139346135366439346138643130
+61393662336366626634666231346332326265346465353462336535666132656131303362303332
+62646163326137663139356539323939663165623233323339356438376366303330616333653239
+36393130656639366239633134656264646662336437623264653266613561393931303736383266
+38386639306631313936346265303237383266616431393838303264393632653138636136363938
+35633330383161616466343031643036323862643836346337306265336333666231633235316133
+63343032396435386131396561653933373165323231653633356365366636663335383661636432
+34326632353030633436353737373637353134646530343833626335346339646432393732623238
+63636136373737353963333438326130366239383435643038666331376265366431323662373361
+63376637373864646338626661336537663036313362663135393430623831663536653537343430
+64633337343561363637386436373536643239323862666431306262626265343335616330613266
+31313831386636376561303834366435333834363339623661376664636233666262626631666530
+38303961383062613230386136303361396131326237633434393361663061613436346631333064
+38633036383330303962313561306233326165373832303436613530383634653737656233383438
+37386464396330383935306365343461656530613862316665626632383732363032343436633636
+64376131623738306565346537643763316331663038613934313635323937626633363231653832
+30303933386632636637666162343039316432656164313839313030316162323666366338613430
+37393961393137313630303039323263356536363864373936313538393863326631623234663836
+30336239326466623666636235623031393631303838326564353835646666373234383637646364
+31633162393534323333373836353461363865353665613737653766343638663161386465376430
+33663165613163633535383931636137373034383365333764366138363765663962316461396334
+64656238613737633735353364313238303137346664643432323239653830356630623335346639
+39393033303038633438666232623764366665366634636433363439633833333133326538353931
+37646566353965626137363930666436616239323330626161336635383336643133643838353134
+64646563623264343931616239303130313165636266663539363638333438623831383933353264
+30306563313762336332643131663463363066376363623538663162656636323831
diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml
deleted file mode 100644
index 90d7b95..0000000
--- a/group_vars/all/vars.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-# Use python 3
-ansible_python_interpreter: /usr/bin/python3
-dns_resolve_server: 1.1.1.1
-
-# Default prometheus serveur, to overide in host_vars or something
-appointed_prometheus_server: hindley
-
-grafana_admin_password: "{{ vault_grafana_admin_password }}"
-grafana_domain_name: monitoring.deso-palaiseau.fr
-
-kassandra_username: cassandre
-kassandra_password: "{{ vault_kassandra_password }}"
-alert_rooms:
-  - "#monitoring:pains-perdus.fr"
diff --git a/group_vars/all/vault b/group_vars/all/vault
deleted file mode 100644
index 90b8fb6..0000000
--- a/group_vars/all/vault
+++ /dev/null
@@ -1,305 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-66396364626137653230336236313132366334386632383339303335333062323833373534643931
-3035323936343830646136386237623565303262616366320a303665383565613936323763383538
-32373832626130636665313664356636623339353266656433366563366439363764386136616537
-6230376436363463620a663761633130383262353661313461343839656361356238376433396639
-36643034376539383136633937613031343862653739396536346130303164346465356530323564
-38396130343031343862383237383566333661623466353538343462343565373765316132666430
-32393635623834343566303932343734653566326231303531346662303436653437663034333865
-65666230623861393161353339336663616131393830333136373366626233363966613064656630
-65663362636566323263353838393932343036613337383533393838636338393738303835666538
-34373266393237326465613064656231616562626531353937653565346634646162653038356566
-37643364336562643439616464636536353335666162623831313035663039386637323639623035
-66653538646665306130393934333732346366366439396637313932366463343935303264613033
-64633162373062373534643938646633306332303064356662366163366366326561656266636234
-36613630346162353061313532386330653939373663616534653263306339633139653935663565
-31316237373766653865326632306232346234613237643038613334353737323930636365303562
-63333261646638633031313032386239383938386439376333613762346237313463643663336133
-36353833333661323632633461333064313263323937613263356264366539313036366637646138
-63373761626566613732623365643065626234643032323263623965316464343734386532333165
-37626561616334396561333930326461393863346139663738393536626135386463366366396336
-36306538373331616562373263653636643938643031386435633234666561353164386463323339
-63353761653538663264333762613731336333656139313434613563343061386462643535346533
-65366263383735306336386430636338396561346236333837336465323866333933333337626235
-39653030326430663332636263333938326536356366643734346362643430336366623164633330
-65383838383830306133626461643632656637336264666638383636376565666231373331393834
-38663939633137363236303632616638646238313431653262346437313237356263616530656339
-34336634386133383434623739326234313339333265636364373963343334363836313934653565
-64336132376336323063663765643365336366303732666137376631323231343631656439383666
-36383535316232636434653238313738653166633836303461376232333933316332326462656432
-39313166396234613162623361343037383131663465383438356438663130306138356266656561
-37306232653730653962656336373634643937333633623361343132393964623739623161373233
-35373461303833343666623261616534323435663634363639316466613761616533646531616635
-37663038396537343361393635343264613635666564343065313930376365393361363934643234
-34663830386664613062626465633666616430646566633435303837623536646466616337376162
-39376431643738336163653333333638663564356237393630636537306564333531336330333039
-61386261316335323866353637626536363939346564373333633561323361396264373034353063
-33613835393064393363326263623964353131326566353938623431396566663961633863313465
-37373264343331333839356538346436336561656435643434353532626539333538343261616336
-66623432653930633334363266316339373830643631316432303633633337666537373039323037
-62316333356438346364663734613863316334636365316565336561626563373266386636366164
-62346536313965643661356433383538646532633234313137353035633732356366643934663661
-63373735323138356565613131373938613338653061383734643633636363353438373533313765
-65393665616139343137643565626437373033363737633061386362376332353739313861623339
-66333538666563636264303239353535306166656530346363396338373963653536333066383035
-39633938353932303164306236626564306235326237646238393461306464386536616463376132
-38666237376533353965656131373639353533333532396430616165383037303266653033633432
-36666535616633333736653033386263616434343361383066663163363936386435626130303836
-66623833323735643435653261323437386338663137653633663261336434636234623232356664
-39376338303433303534636632376136656366633165616638623934666362666638653730343564
-38303566653464383231633464306139306635386136336634643732623237643961643636333761
-66326136633434346262343364633732303831323337663566613833646537346237643761616236
-36373966356330333233336330663063663966633337373835656334326330326630353261666437
-65316362643165353166656330313839623562633562373161356561663163636437633133323131
-30373462336532353063663164303837653332383565663436383436396265373966653036316661
-62663534383061656363643439633032383735376237653832616563383865613733356633323633
-65326631353265383433346130636364656533333736653834333661623733333966666638326437
-37353833663432613133336566663337313833323334393065303633396464613333393663643732
-39666235353664323036306531306462653161613937313633623333306663333834303763623362
-34613362396331383636626237376433303966626463633364353265356637653533623538653630
-35393766306639633431373530363633306635663666373137653932663963363939616134643366
-37363436336535663861336463653639653536303634363661666335666633306530633934363466
-31386437363765633938633966343535386335323735623739656131623232393238316161353634
-38633338643937623663346561383239313933613330626166636334333838333531666233356233
-65343439373233353463663462333036376362643066613762303963383065633337326139353638
-39373461386664313935393463313231353833663133663930323435353332373562396638343138
-33636465626238663534313765363333326561386164346139396432336431376234383238333530
-66356535353966633132626161343661643465633730633164666465366332623061386261383164
-39313433663237633166343033353063613733383130636237393063623962613938373164653630
-66343031613439316434666364366662373838626164653637636232643737376637633863616330
-30326233323137323865643262363837353162363634333336353465373264336337383066323939
-35336462336462613634363831343266336364646334386239373832653863323832303766643435
-34356339653964373532326138303132616530663362303664633861373931373061393566313765
-66343937343532386162346431623166366262623163306633393933663266616135663961643436
-37653663303337623662393761336632356534663430316264343437653763656635323437646637
-38393661306362313064613434396331613366373037613464356565373461393663636138633532
-64343561346463316532366361646438323731383963646337623165383663666266316139656166
-37336463633834636435343761613837666635653166326163346539626139613562396439306130
-33363230626633346138303538373439626161623163626135643665613932666535343532303036
-35373431343635393665616366643332643035623133613666396234353338623636663762636336
-35346431303536613962323861336539396333346234393763396438383539383036333636353637
-39646333383633326238393164333835393237623734383537376230353264346237353866333264
-38643231343536356339373531633165393334353365336261656665336230373266633938343134
-37646266383438633835323233306363643765653833666363376338356265663831636431646637
-39633532353130396635383965643531363564373766323064616165376134613834303666306231
-38643366333166633238626335313463623935373233353236393663353561383763636131383862
-34623536343664623962326237326532643830636533636361666432333261363530373464356233
-64373865653035613363373832653163326165363061623531373337663765653937303036656663
-66636463346139663962393431633162303664313031306331323865313739323661303538336238
-65313639663663393962396333666438633432323533613064313765353362326532613834373136
-65326265646136613030353862326233646331396238343634323534626136376136356561316635
-66333662666437613339396563323531396261366138323938303834393865633439313965613463
-38343961646664626663346464393061396234356237663339323462623864663864383939353862
-34313266373138346235626236303433613062306332343638663538356431663930303863306461
-63386262333663393262623364343864376437616237313537343839656632363436613933376438
-65346137313732316639353937336162313661386536383339633938613763336532353634373935
-64393635366435666639346537386661383362623565623365636136316363336337663738356463
-32333466363366336337653739313166396435323434376662356165643662353332306431383839
-61613331313164336537313037393166356537656530616336663138316532323164346266353831
-65666238306135346235376237376561333063373163633433386461383834633762646431396462
-65313637623266646332336332363139376265363037383533613763373734313664343835396335
-35323230326463356333653833326561306236336238373539653938653933636239626661376436
-35303639643832343364393439386631616632313830363461326665303162383839653762366630
-34656330393539636564346461316638396230323566376431636236306632616331323132623962
-35666466326136633166323466666361326137306335353565326232373363323965373261636235
-32363935323865303630383836303964326138393632333234643261386361393961336161636664
-36393163343634633033396561313535663534623936323564373430396238356635356231386365
-64313331633231336361613333313532626439393562356430386238396430393861396136633339
-34303962343336356331663530613031636361333836646132316131343839623235356561633266
-31343733353631653266353631376161613632373063323765663932646633653964366563363531
-31313363393136643036366531333138353135666235303335393531353833313231386364393934
-63653566616235303835393136646562626562353830653663386564366633343061613034383634
-33363238303661313034636562356235393861356563333039313136396232343964613437356232
-36346239303732333462613838653232326234353737633236396165616433656531393332663433
-62366161373231646235656562323765653662343161383031613461643138303462386236666339
-33623037366431353462346534636565393234626434613134343135343466623662386537386535
-62306533386532353962626532613839346236303963646265333235336363653037373961663236
-34366162353466373265643765356236313732353830303934376538343833343065363562356362
-61623364386366396366353037393434626530326231623165376337306261373164343030383533
-39353633656332363130326361636233363739333662663362366534396331353330343633313130
-61326266343235396461353637333630333133326339303431376234356433623631316132633632
-34653365623632613630306134643666373961623137393135393163383666326232633933393630
-34666430316266326638613537373337386138383261643564313564666663666664363363323463
-38366633346563343964653561316533323965366662663965623661613735366333313133663730
-63626432306132356138623762366432613064326138646238643766313737653531653530663337
-62393136356331636131303163313236386436663261613935353532666534386265313964656235
-62633135643630313032666134393638663136373162646365343163353432333232613733346539
-36666664613461343831373733393231303962356461383632303539633862633630636331613236
-65376464363235326338366262323535646636316438356161316333663134613865326465626639
-34633834376130663235316563333936633036623031326232636436363563633432323930383636
-36383538333162623836306339613236623632353063366332636366376231353132663163623737
-66373563663166666235313364383761383730346233363466623133386530313265383962333130
-61313064316264613466626131616162376563346363323639303630343361613230333434613836
-39303065626232393663626562376239356531613931323530323666353734396132613461643133
-66356564626666303836326262666466623431373933303435616461653837383765393363623635
-63386335313835366139633761613539366539356536663763396530356230353138633833316337
-62343434323330393439656236626336323439333063376131643964376631376564306339323066
-39666433663438306266393430303538316435336238383934323439323261373936326666623539
-39633035313633313563663366666231383865333032333162386365633163366635393766366162
-35663334303061303862346337376435616337663130633864383439653764366262323539666433
-61306432626635323730373964353338323030656437656364663035336531353537653839623133
-66363934333866356635383930383036326638326534333164383034613730383861303439383632
-30343434623834366162366564356131356139363432353864646535623537656137383166303262
-33313433303561333932333832383465366633336262386163363137353731393135636632323931
-37373233663336333332326238323338373639346333663366383966653337623132653537356632
-66366462336133613735666631366661643432333037383536303736333432663338623165653834
-36383930303664313432363433333130396236343332303561373261353561303331356333393330
-38613037383038376335313836363337313633346539626532383132323766613838303237333766
-62623235343232663566616233653764323132613634316263373330356635396232656264346333
-31333339336630373934353130353464373962656264613938366132646665646531646633646536
-37373639393030303161373032373638656566316666393239326338353164626434393235366264
-63343864646336376538323235313333363531303563316634373338393137656663323132333533
-35343062373534376531383531313835303738376439636630336161303539346363633064383435
-38656434666239396539353338396662343035626333633862323739366136393063646431363531
-33643566343736616665666361633961336163306632383632616264636165366165396132303237
-32643436613034623062616463623038313061356364303235656439323430366430623339386339
-66383130323530333963666431306130633565353833336464626331313030616239336138343035
-31343833613631666461313631336565376264333336353561386233626234623730323561373134
-61616236333962386231343532323464646235633530333062343663373830656130636665623865
-36643633323539376165616238646139336365316532643565656266353539366433366330323330
-62663735396233386463653437616639313331623736613562343236613564306139336233656263
-65646534643762336435323232373062306434393463623662323963333232373631373530353237
-35373131356538646462303961663862656533643162383436303361306639643134383436343739
-66393238663837353164333662653933353530376433633930663336373634383036393637663934
-39336337313264366135386464363061356664303638333866303562316664336636333566623366
-32306639303963336233386365373562366466303930303931643266373235343366336163303930
-30386337393966633135326164646532376637636265663762326562336565383935613062323462
-62353536663936633837316363653366356231323664363439393866393133336261346134333863
-64643832306236666636333939326531346163346335356636643566333362643533333034643739
-36373736353464653531316262636231343963376633653239633037336133373130643762626461
-35346637653434656339323861316233303863393263373638353664326430303731643439613430
-65313161336137656536346435356132343835326636616164366266373561323864386366366432
-66613039663836626161643336316432343436333130383935306638393564303838373938313930
-37393633343562646461653339626135303262626434343132303462353662323066633639346433
-64336239663733613234333738633730306337313936343865323030626566323066306266336334
-33393332373163353130623132633264656137386163373662613965343162646433653263393566
-39356464393962636233306462323730333837656363643164376438363565303138666564656633
-33343933313138386539303837306365373639373464306537663439376637303134626262656264
-64336663663238376231323030306438616434626466616566303135363333366564346636323562
-32343765353931663261633338356161383734303764356465616136643862393266343031353534
-37393030656663613764323831353839616466633664623530663962666466383562663464353334
-37376435363230366362633939613764383863653438303933633962653937643332633063353937
-36613434306634623362643233313164333832663639653066313137336565333138363864306363
-31643366393733316236353263316537396336656139643435373365313965383235376166353862
-62363438613163626564383966343331316338343835656236303565303631313733353265396537
-38316463633931633431653837633134383563366133373362326664323731326363326137326232
-30373536386435353236313330373537303239313538303361396330663837383166393536383966
-34313466623333623466326365643664383737363363623731316565353366373864636135656333
-64633132613138313564336337383338656639666330313939376234343839386438636433373832
-37653366633238663266383565346564396135356163326566313665343339346333323765336631
-35643762313662636662376331336139373866373437623631363636326135346536363765613936
-32306166306135313638643633353131643939366465346233636639663961303563643162366133
-32316634383963653038613037366266346634323361313337666262343432386239326337326334
-65653461626264353564323161656631373865666433353139363639393338376661353064353966
-33663064613665326564333737303733633433333735303461613933353435303461333033623433
-62356236323735653338333861656435616661386339303439653531643065643030393536663963
-64613730343036353636616462633365326661333038383264616336633839346466393665393465
-30316465323466633234376466383538613539313239353937353531316462636463316238356634
-38346439363033336363396165376162633536363361386564633362623864316339623233313235
-36646161323832346332386261623837663135646237343864333564653533623835333834343333
-33333739633130386131316537386636363234333466623730303061336136633330646361366632
-37386336623862373561386663353063616635326131663535313337623232376164316631346436
-65656536313761653739623130313766366662613630396337373034323562343633333234373031
-63383861656461336333303436353739646461623333616236333962356564623566363031353334
-38636165646632346633353766393230343736313966333564313730353262636135633164393334
-32373063393964656365333164623165326532643633313563643337653062363566393636653934
-63383533326337393762343462313732323561316532303137336133616634373339633864306334
-64333032356531313763313838353730633939393536383165376130663163643339393439616163
-35363162313063663765616332613834306134393731633662306130656464336132303130303165
-32303261333162303438366436653963326162626334613030653038343834336232333733643461
-62326632373832623863333536613339373539396533393639326463633837306439383439643437
-61326261373064313733636566316631343132656663376234323339383464363537643266383238
-63353366383664653837326637376537616266346161653038306331353938373230386131333032
-36653461633134373034656534623262383335626539623939313936396136376565643332353230
-62643633323835376563653337306631376664336464646234666336626532356562613864626464
-64323135373835613239613830616134303561363630623435346562633466323462643839303536
-62303634386563313565663837393761666532303834623063343431343364363338663838313961
-39643431366661333465313066643939356336643264613133653738666438653630353239386465
-32363739663566616431623665363763613531346134343933333963623033313762346438343937
-31306262353364353434663231656538376262393235346432383936663065316165376364326134
-61396563636462396438623262343537636131636339636566393138666565356438333562613461
-64313139326365393439366138623366646435333132326638656438396161386139393036656439
-32646535663564663462343862366666386633623730336333346335666436623866613564636665
-64316230343332306266303831373139353934353633323032646135376632303631616533663534
-31656539353538653539306331373233333337653864323433393038636232373439326462336337
-65356565633835333939373736383134373963396132306638323664363639663262393232383335
-30386231353535643139363536653065326663353665353932376533363634373164333061326634
-33343330626136363465313132363563326666323335383239376133633161623033386231616332
-66636566353337356433333266336565646133346637386366353239623937626431633039663734
-31656466383362666333393165306561323164313164363030393639363435656262643461613033
-30303466623230643330313164663535663836363536353238663136373133356663323062336438
-33393935353161633536356134363064646235323339663730383464636134636433353062353537
-30613135626264366566623339613037383636353334363530653732626165323738643461613337
-35383138323336616563333965643630353836383032363034623963373733626232353365643536
-32303761613033353563333531396630646261343966393662336661313336626662306538636633
-30346430653736346636646264633936353562313537323863363462316561333865353563363630
-37326336363234313933363333396336626436343936623535316665366437656637386539303862
-34336330316430626563623331656464313663633432396263346564376532306364353566363664
-61653131643837633639356533376163643465326166636436646165336635323838386265316264
-38393433346262626365303261303533653931366531303565623165376661323834333535376364
-30633034346635663262653835326131396165306632663161366138376631366364356162626338
-65666465336365313535376637313365653632346432393937326334633861313562323564663638
-36623462653539356339623666643234363361656639313133313635306362373738636264646531
-32313063393731373666373266326661623562633935656233383339383161316564393130643932
-39336163306462336638646138626236396237363939323461633330633762616561343432613937
-66636663623063333333376666646334306662303561656231333365626164366336653237396236
-63323531333139646336393033633731653437313230376465616663623734623339623238313863
-35366639613930303166393739393163313635663063326432323434333363613930653937653136
-65663766616465383736333164346533643236326561323335653331623931326130616236306462
-63336434326464613335356333666237303261326432396361376534326566346435376461613933
-39313537323939373264333064356166386339356131396466376437323638313366336336653766
-63613365303032373939326463383463303136396239333236303437326331636637356133353135
-63666430386631626139626664376264333833386437316563383830666135663431383162383366
-33343463633462333263613965383034666336396564376635313666343434346366376434313830
-38613638656439343465363261653737333362316433353964653530366562613137303231633464
-33656364363032396566353830656634613434636561633063643261396334613935343133653830
-37386634653166636561646163623964313465616163343661646464313036356435636338313237
-39323266623861366562323238316666613237353236363235333436303333653561316635373233
-61323233346330643431333866623861656632376164616533653765393866623432363130653331
-36323937393138616162326438323463363438633437303665313630643432353633316337613537
-33623130303738623763383936653333386631333135616637393731346665626634633238326537
-36336539306166333062313465653630393134363936616237643866313264306531363163616136
-30616166643439643034616562646464316662666539653439626461636537333639383636643630
-38353266303831396630653261643536376633633430616365303866366132343062306539346530
-65353836313464333833623364326661356164313963383462623138306534613934373366646535
-38646630363564343865613035383130666663373333643530643237323030643432633139646239
-61623136663139343866636663313731633530363033666536666137303861643339306331313233
-30633665306333653734383731396663396433353862326162643463326365363565303634396661
-36663832626636333936336131383236323538306131613237393835663235313636373330633164
-32383331636561386164373964373664643436663830623361393965656265646137666263666632
-33653736363232373838653235343665663465333562653861646436633061393430333133613735
-33343238373633383966366365383333373263343139646533356439333763663462343263383631
-35663666656562383230333065376439643132313734316166313430386661313234396164356338
-39653265306637376239343537626237323332313234373862393862653265386266323161316135
-64353139613530323264326639333464333366323437633932363334633635343436353462343130
-32623337663533666334323965656435636561333865303461326163653061316137306339626136
-64363166623962346366353732633865373037636563373338333061303263636363393632633337
-61633833646466626663613063663131323139663263356663356538623536313230623361363332
-35343630353637376636663762323564323033393834336261333838326332333966383266333363
-66626436323566623866333462333832323536363465373265333830353265306263343731343662
-37663036356330353537333434313165313662303038326335653761343432383639663365613334
-63376239373638343432616665336437373266376463623330393238396138393734633934626661
-34333164643330313531346636636432656230633264396130636338613564306337353337653030
-39623466373732336435343738383539663833356233666165616638356436373231656661613138
-31353062393463383035323962633330393733346237666366363939333437396163353433336638
-65393433613337373935353338613630666539303231633139376235376162373932646338333436
-65663363613831363538336233616666393836316237653432343137376262636632646234363230
-39373133333931393963363339376166623563633733363137363361653463333066666465613432
-39316662613734636462393936613338346361323438396634313234393335323462666632653938
-65626464393733666431366161653238373266646266376463633366336332303133633738343165
-32616239653230646565316463373139373933323365366430663463653631343837376232613666
-63336134316536353962396430326166306339656137333765306233336234393233646136633833
-31623861303530313739666636373138353339393434396335646535613932343666643261383639
-39386135356463663335616466633137623035376639623635613765303732326232303937366262
-34326464336666613566333562316164333339303636613265323538373263363866333932656532
-33306163343437343861363861666533393462373561303562386135306133363664313638336163
-61666239636535326634393437656536333034313139383961353062326138373463323361613533
-61376264616361393262306237336363386237383665383839373637346535663639323065636135
-33363436383031373232323936653163383535633436623936653766666231343838656533643532
-64623961613837363362393563353438656631666336653861666233636437363632376365363630
-66636536343365653761353235353435383132366464306432323434386135356631653538306134
-65616630323833373732323535633932633563386233353062333739393562353338663663343734
-62616333366630303833313131313633346539316163633665633438323237396533636232396661
-63333432636166646433366138356263343535613334623538396335303739356135313566353265
-34313936393436356334396139643863383561616130376466643533336363323163386437636138
-34663961313534646439
diff --git a/group_vars/all/vault.example b/group_vars/all/vault.example
deleted file mode 100644
index 198225f..0000000
--- a/group_vars/all/vault.example
+++ /dev/null
@@ -1,5 +0,0 @@
-vault_email: user@example.com
-
-# keycloak
-vault_admin_keycloak: admin
-vault_mdp_admin_keycloak: my_password
diff --git a/group_vars/all/vpn_vault b/group_vars/all/vpn_vault
deleted file mode 100644
index dfb1517..0000000
--- a/group_vars/all/vpn_vault
+++ /dev/null
@@ -1,36 +0,0 @@
-$ANSIBLE_VAULT;1.2;AES256;vpn_vault
-63336164323763623961373136616238363832356135343764343966356631333766396265653566
-6139626665393664343961363966363339346636376431340a343730653565383265616365386366
-32333533666333373663373037653731666361343737356261636532303562663063343633346537
-3337643137653839320a346236613362393636363935373162643237343831333535393461633963
-37343039383931613031663733666538383735383064356532373232633661386237366433396236
-63666134376463313637643061623934653666353364353235323431633930373663636137313462
-30666263386237303563393936373566386563386631656162303634306466656663666330313937
-32313431343536666437626130646231333237343734303538363639383933633661323565353661
-32343065383433623730346664643361306539623937656331333764346336396231656465373561
-33343034303263303833373936383936366131663962613961666161303134316134316635626639
-36666334393961306662626162393433643961646339323934653335613933383131633635623763
-34656538336434303339613032623432613239303239373937643361306535383137643239646134
-33336461613034303362353837313362643934666239363036333432373631336162646330333532
-36303332306333623765653838373361353435646366323462383237343134643736376230353434
-35333738313030636339363538656130643163353238666638383830316665646438366164636138
-30643031336164323862633135313630666561656335626464336162386564306261396532396238
-36666139386236663736613936633964363166343765626366323566613733353233313862646165
-33373264633763386166373739313136343362383864343866323231373536633130633032616334
-30383930333130646636666134363661316236323937373861343333333833616633346161323965
-31343966396635626465613630333732353335373264646464373764363433393439656635636430
-31303930333731656339633032366166386265653632633638323932626161623966613761636236
-61303134663931636139336436313637333739626336643838663861626539323336393239643131
-37383665326332393663323166643338353135363831306561623639643663326364343639316665
-38343337323633353066653666366238633932393836396338336261663331656565653532613438
-36323462326431333235376566343134663734373534663834316133333236636166386439633766
-31323931363066343334363764356630383764346332353162316461333762613366663130393831
-36633430383131326335333130303832666430366134393462616163326239383538616531373166
-37383130616339343832313335636364623434636434393430383566376433363565626336303064
-63376234613835666338373662373735386561643431633037336231643033393563316363613131
-61656232363035333635636464656465613763613032376666623238613362343032613465313331
-62353035313862323631653766393463383565336535616630383839376135393037363038343639
-39646531666130626638666535623533373766386531343236313962636539373233363462363032
-61373938373139376236633062353063643037333062363464383638333635643331616465643533
-34646238663731616635313131313438376536633862346165666631326632623534306666396264
-636139633664356536626239303631643864
diff --git a/group_vars/all/vpn_vault.example b/group_vars/all/vpn_vault.example
deleted file mode 100644
index 303cf10..0000000
--- a/group_vars/all/vpn_vault.example
+++ /dev/null
@@ -1,4 +0,0 @@
----
-vpn_vault_hindley_key: "AAAAAcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
-vpn_vault_azerty_key: "BBBBBcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
-vpn_vault_hellman_key: "CCCCCcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
diff --git a/group_vars/all/web_services.yml b/group_vars/all/web_services.yml
deleted file mode 100644
index 9397b85..0000000
--- a/group_vars/all/web_services.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-
-reverse_proxy_sites:
-  - {from: hindley.pains-perdus.fr,   to: "http://127.0.0.1:5000"}
-
-sharing_sites:
-  - {from: share.deso-palaiseau.fr,                 folder: "/home/histausse/www",            user: histausse,     group: histausse}
-  - {from: wiki.deso-palaiseau.fr,                  folder: "/home/histausse/wiki/public",    user: histausse,     group: histausse}
diff --git a/group_vars/all/apt_proxy.yml b/group_vars/apt_proxy/main.yml
similarity index 80%
rename from group_vars/all/apt_proxy.yml
rename to group_vars/apt_proxy/main.yml
index 290ae89..3e3a1f5 100644
--- a/group_vars/all/apt_proxy.yml
+++ b/group_vars/apt_proxy/main.yml
@@ -1,7 +1,7 @@
 ---
 apt_proxy_port: 3142
 apt_proxy_admin_user: admin
-apt_proxy_admin_mdp: "{{ vault_apt_proxy_admin_mdp }}"
+apt_proxy_admin_mdp: "{{ apt_proxy_admin_mdp }}"
 
 apt_proxy_allowed_clients: 
   - "{{ intranet['ipv4'] }}/{{ intranet['netmaskv4'] }}"
diff --git a/group_vars/apt_proxy/secrets.yml b/group_vars/apt_proxy/secrets.yml
new file mode 100644
index 0000000..865fc66
--- /dev/null
+++ b/group_vars/apt_proxy/secrets.yml
@@ -0,0 +1,15 @@
+$ANSIBLE_VAULT;1.1;AES256
+30323236643561306338313061343932636537636639393739633834393033346366316339393865
+3661363066636462363234386661333831306534343332340a313261633732313435313634393161
+62323666376565386237643066626363366630643936666566393534376432386166356431326437
+3438393866366232310a666161646462666539356432633539356336376536616261353962373430
+65336564343862343536396362643032313961643561393634643461333236626661623065626436
+32303831336430376162353131316164306264613733396130353966346638633465306165626361
+65616563633065366562346130303561366166343935396630366364636637376430326431363364
+39663565613930333431363838636535313966353362396662653933666138646339343965613035
+34343965363761633835323339366339386462656261353463326333326563666664303863383530
+66646433636235333264336634303164336263376264666362643835656364636563653234346537
+33366232363736636234653733363135323161623564646166316363366137333161663266346534
+30353436633933666363393730393763313739636433316233376533653231393435353032306564
+32396434336364643431333361653937366361623338666431663436303965643635666335653939
+3132663337386166616336653961343335656232616238623631
diff --git a/group_vars/matrix/main.yml b/group_vars/matrix/main.yml
new file mode 100644
index 0000000..1a00996
--- /dev/null
+++ b/group_vars/matrix/main.yml
@@ -0,0 +1,6 @@
+---
+
+matrix_server_name: pains-perdus.fr
+matrix_local_server_name: synapse.pp.intra
+matrix_max_upload_size: 50M
+
diff --git a/group_vars/monitoring/main.yml b/group_vars/monitoring/main.yml
new file mode 100644
index 0000000..52c50bf
--- /dev/null
+++ b/group_vars/monitoring/main.yml
@@ -0,0 +1,56 @@
+---
+
+ca_cert: |
+  -----BEGIN CERTIFICATE-----
+  MIIFhzCCA2+gAwIBAgIUP+ptXLNUBVsZm5oYpynQd5mhB60wDQYJKoZIhvcNAQEL
+  BQAwUzELMAkGA1UEBhMCRlIxEzARBgNVBAgMClNvbWUtU3RhdGUxFTATBgNVBAoM
+  DFBhaW5zLVBlcmR1czEYMBYGA1UEAwwPQ0EgUGFpbnMtUGVyZHVzMB4XDTIxMDky
+  MTE0NDUxNloXDTMxMDkxOTE0NDUxNlowUzELMAkGA1UEBhMCRlIxEzARBgNVBAgM
+  ClNvbWUtU3RhdGUxFTATBgNVBAoMDFBhaW5zLVBlcmR1czEYMBYGA1UEAwwPQ0Eg
+  UGFpbnMtUGVyZHVzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4jG+
+  8N5YN91KghYjYTOBQ+lRYJ45X5S9mfcwwf8OIMGe+NyNkXx2GX4uYpZOitYOApI4
+  rGnAjhll7tdZevzfdqpUDCYUDT6iR4BzL32k22mIN+iW6zQPaZetOU7VIA9V5TsM
+  WbDsftqh6fj3N4SwVMpHiuiajMkX8CIELxoXDAJULvwyreWOONlwDMObtVCHBIhM
+  uf1Jbx2DfRNS/w6lbHPCrZefMCea1FrSaotOANXxNgQfptX3fLZbhH5RiZQLDU8k
+  ZChAUoW9hE4+uiSOUMd2hl9XgCWHcGEMcKyWG+/lx8UUw3Zl+oOrfb+IWo5IByVZ
+  8nV5aiTMCuRlcTcMHUuedRaPcWfl5ZaEOVzhYXIYM4Oa8ShqXuWqW0WZ8oIhI2ya
+  hTE03mIPV1nX3ucE9GsDZpnrj7t+qd8etiZXFGVihKEqVFfhzKRsPh4wgUKH/gwG
+  AJshPA9NyJ0JpzUaWQ2acUjo3Hg9WPSTaMb46FS7hUdZUcZZiwSq9JjHDNAUKjNY
+  zudKjTyqJXkqwhNvMfKWFIGYjldvZgQXzuT8XmSHYSKuLfH9Ko28FX0Aujye1TTH
+  MPljXruyO04Q7NUg/jqtxdsWRpH/qCt12PmRuIiXsNCAeLjSuc75H+AOPbNudJLT
+  w2AUTkfn3mw/XTwEBfemHAo6GAdtCDKo6GxBqvcCAwEAAaNTMFEwHQYDVR0OBBYE
+  FIh4sxxlmesmbVKPWKo81BXMFVqVMB8GA1UdIwQYMBaAFIh4sxxlmesmbVKPWKo8
+  1BXMFVqVMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAKipx6Nu
+  QwnYmwYPd3kUVBOj9ia0PVeE4LoUSRapzRTF2HilSIo9Sa7qD1HVxbWrghUPLjW/
+  Ru04k82hxvAm26gc1XeqIBzpgZmxwF0QibCeuj1vDXsndACXVHd6Atvnl0rW4bEI
+  pVCqerXNu0T4STk2V/xNqndGMRp/vZX67BlyHAHD4el957R9RYlyxW6fADrHDKqk
+  tC1eTeQtEi5W7v9X3dNGdtFS+exDrYpUTHPDwM81u25oCGUFGsH3RlG7LUEQ5mYW
+  SsJ3EKpIkMxSZB3/GqttCIHi+yEMtwDDL3dN8UnVaTkRjVNQxraOUwe66QByGqnJ
+  9YeQNpUfZxWFW/GW2fBAvD/RaLrLZ4ywhUze38ks4jsLnAIduawjQ8GlNg9i2MqD
+  zvDat41LWSCDjRUOfCp7fc9lMlI5blTafozrAddMV8YUs3bQ6XD0H31pP59jb7nc
+  5kmwqH6RivbFZZYBquQVujiiI7d+9m+X9OfTZJTCpRPCGYZcLuqH7txyPhixxrZd
+  a8lWJ+5jHOdncV/ZWSB5JnjKbaMMEPcaTo3puEPt/yl74CR7UOJXr5oM0bVFKjas
+  90hY5U+jPAcneCk2oc44R4NWuQ7qbsjPRfcxxi27DoLbhlmPp9jQwYQEqmdflcZ0
+  zCTEq81KO2mAbJgTc/ahhcvAV/huJ5d8c9R1
+  -----END CERTIFICATE-----
+crl_distribution_points:
+  - full_name: "URI:https://ca.deso-palaiseau.fr/revocations.crl"
+    reasons:
+      - key_compromise
+      - ca_compromise
+      - affiliation_changed
+      - superseded
+      - cessation_of_operation
+      - certificate_hold
+      - privilege_withdrawn
+      - aa_compromise
+  - full_name: "URI:https://ca-pains-perdus.intra/revocations.crl"
+    reasons:
+      - key_compromise
+      - ca_compromise
+      - affiliation_changed
+      - superseded
+      - cessation_of_operation
+      - certificate_hold
+      - privilege_withdrawn
+      - aa_compromise
diff --git a/group_vars/monitoring/secrets.yml b/group_vars/monitoring/secrets.yml
new file mode 100644
index 0000000..1a2b783
--- /dev/null
+++ b/group_vars/monitoring/secrets.yml
@@ -0,0 +1,183 @@
+$ANSIBLE_VAULT;1.1;AES256
+35306430386637386563313131333565633136653435623965623463336130646566623139393861
+3264326634623533373663356438323334393466653162320a366339643733333062366165386263
+31613232356138663465323362333437313835616361346363316639313665393637303536613730
+3130386639343132300a376230643466616338333131616538313061663765626539396361336564
+61346433663339343235393935623663323739346539636431346334326366366266303937643435
+65616530643330363331343564373738633763366131323862353966363264383237366230663839
+65383162346330313231386439353238386163333662316135363564626132646333333936643834
+35346135336530656137636538616536343261306264336562363732343264326139663538616163
+34373730626262316531343336646236643333616136333231313864383336383839663534376263
+36636362373062316137376639616436363361393130353262653662316261616666346430373861
+61623031396365646538653036373232643465353766616332633535356230373661386538643234
+31656634313564316361373031383230383664646233656161323561636266346335316632316465
+32666131393066373233386437353738663937346638626463386434323234353738386630663063
+33316164326234666239643366393638363138633466623733326534376439323732303736613564
+36356432663738653862343461653030353230616566383261633431386336336637333064356362
+64373039633436353230613865346365373063376132643732633836323963336264633536643266
+36616361373939366132663035336364633238613731323531383564383636306264633561643931
+34333838366665316331363638373934313364356563373366363434666638343635323536383335
+31373661386135393338363337613839356232303730636137616561616636323732353238316365
+31396562313632373964653531656464396531663130313633363165306331356261303837643237
+35636661306234633662616166316539656433353064343665393964626437613965666234656132
+66333939343939333763373264343461353064313831626162666163313833343239376639653732
+38386631383662386538343537653061363466306430633836653538646166396465626434353836
+62346239336331333764373338633137313335386234376465353930376337373039373735323736
+39653936613964323462306433633833666337323065333663653639633363626537613539663138
+37383763356237323436633335383632393965376663653061383762356334346335663133393666
+39646235363639303536643133653862343236393939353733393632663830356662373332386435
+35656632613766343138613139626563653536383437326131333664666437396238333661313363
+30343838393334633235373462346665653538383165616534343165373339346437666332303365
+39633135363266396536346434333738613435616337333535316534366234356363353735633838
+64356532373631333564346232393734623638666135383138313237343730313565643538386665
+37653362623863366338313237363663316364666332373434363532613164333433376165613564
+38303561353165633763613434623266336334303264346231353439316536386263636135376264
+32356162343561373839653435653264663739346132656239323837616337393238663465393436
+65353134346663653237373731643232643733323464323239663534336335313038633939313732
+33656161616338326663396636386233666166623731383565326264373637646534383934633336
+32363534343538346461363639653864393939353432623336303732303935663831383337633461
+30333261396364656332343737353938363835613934303062666262653638353134363038393232
+34363433306433633331306237313765366234643939363331316337333261613336303136326338
+65373064646332353831656634343165363637383734313734383738653531373533393430666431
+34393230336562613561646432636132383537346161643362633337323538663038313834306637
+36316130316337333063343530376538653866333865626531633861366235633635666236613032
+36383933623463386131666133313036323030303533313863313863353639393135343264656536
+30636535356431623733656665653162663362666532393561343963646161636435663762643737
+31393833323534316466316163653231386138653663306365373561393533346636663233333163
+34323031383130343164633231383333373332653435626135343333303232663962666163633161
+30653333313430343831663937333462386162386165333835303261396333343664663538313931
+33663439663930323766333861393361316366656132666235616366653431623038363738313465
+66363165323735353539346431323435323865613833333166336631393463316332353335343839
+62383261393438303639323132393765363134623235323139663432373664383538626136303033
+36306631646135303165636436326538653134653332653134346466663031623735316131383261
+64313132323735666533306537303466623033323665656538306261623839383538363165333866
+39343235346566366333316361333639356238663833363236613065396232396338363539646461
+66653335376432636635613037383634383438653664633133636363356466366566653139376635
+64396365323861376631623838343465323036386538336431393834613336366230383263336364
+61323962353262646632653335386239653561343366313661333736316138303764333238333437
+32376332373234353538346232656234356634333032313661383762616637386539353465643139
+31383430333631313161353534626164316662656335396635663564366136633866353232623237
+63646136613764663261636264653162333563373061316539383133366165663932336536313136
+32343433343238383363336535333064623537383735326632636638333037353335613862333939
+66376666343438316332386334316134623033373166333435373064356366636262303237316662
+38316532656238633165373739636333643431373266616331626465666237323366656535396539
+37383633383032313134343332333839396334633431353239613338633634626538373465656665
+39303535653230306132303461626437636166336434376532653031653065353762383561363230
+65373430383031636464303236323063656336376364353137353135306137633835383363386262
+63643566663037386430303965343639653663636632343665323765343761383833373961356332
+65346466653334323239316161376435386135646531303264306430613237613836323939653433
+33653862313863363734616532643637343833646434623238646332383665306236613734376530
+38633935356164373937386163643961663861663665373332656561393965326464623065663631
+39656166633065356533373563376532383966653730613366643930333232356430653061323430
+34623262613939666336336265393763366638303162633232366232643566323239623135333364
+38666561396632313234666566376234663365356365346136383631386131393264626562336536
+32353264633133633435356263356261386665333032633035366236396637353433366464353035
+66383238613464383266343538643433366534313638366162633739383532343931313535313663
+33333365646636623135366265313432373762643635623736663364343838663063313862626239
+31396230336631343562333135376437613063613531323761383662313737373633313735626136
+62633035346636306535633866653033393930323465386438306636653131303465633837643839
+30343566613337333837656436383731333763353266646238376135623031306439656133333663
+66356134393438653335313435396463373338636164656336366161643737646237616165393837
+35386536633465666630616661393536376532373033336565373630643461643764663564656238
+63653330333938376362636562363530663866323865376362643938623764353063333933366266
+30643235643939323937393239636238346433326336303761333166326166363935383564613834
+38353030636133346432633761313036623566323962343436323165336137666366393835623163
+32623734326431656365356532326339663136356663623939313537343934373133353134396238
+61656163313934353039373739393630333832346439336133333936626135373638363138366463
+38616165613730323136386334653337313736343536333039373063393334646665623036323035
+66663162306231373266346237663431393464386631373862363562346536313866313239663239
+33353030636464386662366637626138393565383239613166303231633538343038323032353434
+62353138633961373930333239636263313463396537613933333261313632393939333562636636
+37336137623234623663663334623239646464333935636634313062333139616661666532386533
+39373864323030623834333337353565383834313837373334316334663835333362373439303466
+63316337353965396531373631363965313539303536666261376639373933353234643038326236
+62366535343535353833373531333838346466656538323235383339623566303031623630396630
+63363331666636316466666461306561343531346162353234386534646437383762386236376364
+30366431326132383964633565653866386265396263383539313063306537616166636337623639
+32653032653462366162666634626662613962646663336562383661366363643532636537336538
+63393831653032313866623462636364343466343331383166653233353666653262386436393366
+32613663666638386565346631653864373237353366333561303266646439316531663138626264
+33343833356663636162656663643963666266336265353532613331643266323764363138376237
+31653264386363373661336437616264633530386335663239353639626261383036386566313335
+33633335366566656434636361666566336436303539626538653632363864663134366635326634
+32373736396361333562646265333932633438643666363437323834313331646635323630333239
+66313763323334373839386232623332383162393162333733613136613031346336313239386236
+63653331626439636532613434383131373038663962326535663739356438336563343837393065
+39623838653036626332623661646337666462623734366331333766326566616233376465306464
+36663864653930303934396661303830613762643366376133666366343936323937366330356339
+62373061393363373065663565613064616463646233613164323633333463303065313264316432
+64663062386333396334623533386333323835646435616634613265326436303430616330663034
+61663936333935383237363733303164333766366136386131343762656232316336366237323331
+38333834376664656535376263393664316533353839393366623766663134623639663861386464
+32393831326334623534643232653961646363333861386463666431383035663465306130643937
+65356563326330383736636562356436363965356237343061666262386232663939636364396630
+39643131666332363333373537353735383165356539636434356234353239633333316561626362
+37323230613239316531346531633463376632333266656165316566363866623835336464346230
+63656530376339326165333761663239356238623933653762346430653832396435623730656466
+65333463353065346435333438336433616139313239326261376130616335633263366335333865
+62656362376432613137656163633833393962393934383766373262376537636532643164313662
+39653639623562303862646434366639626239346163616361626336666631303862643930393132
+30353766363461396465643335356530646365613132646637353738393363353033363462336434
+38633634383237653763303765336131666337323037386330363535336563313461303234343963
+33393265313736653165333330323964333862396331323837613432393361363863333064386463
+33383036373533376266363731646437376434613930393562643765353032636265323765363039
+61663939306432303266663634666437303931363835666339356563393365393034376138303132
+30663833326464663230613266636366613336633064396261333833633834383636396435316438
+39646539323562393163366138363364306334336463313566363464343037653333333834656231
+64656236363062356464613333346436636532346265653037373631353836383266663339323466
+66306235306462623936316261333336336661366138373937313531626339343161323131333931
+35633564633535663833623765656466356435303762663863373231396663326161623366333737
+61343534623331623238623334623961396634333630393366316135303238303864373365643766
+34326235313435366133336536376337623938366235633135346333653866326265363932663565
+39663939636665313333363936306533356564653739633139613435653563626466303137343064
+62346230353135306130306235356631643038336431323566326666643030306261393532383366
+37386562323232663038383661333561366264646662383738363562613631666665633930313335
+38343963616664306137623362393436383166613936353830393564346563373963663130653937
+30653932346436616238636537656364313538353561326162326139373032386432626632663461
+34623735373338303733323034333931383161313133346266396364373032313662663731376135
+64666133383566373462333066646634636631363963636436383936633963383766623236306439
+31393738646363306334353464333161373031373265653964326663626531363463333639373039
+33623734636433396566326436316638643638633739383739626639623136663266633133623264
+66333931653930333565356438636334613032363333326137623064306136386134666130383938
+62633931653366613331626332396538383536666562353533323265653533376133663461623732
+34326364363333363563353266626463626464396461333531303736336266646238353163333438
+65343432353332613264313638326431613963363635313963346637333034653565346561633935
+62346362653162656263356433316262386438396638636266613766313038336534376339643239
+31623934376465333763393665336661343866376337666666356433393765343532383936346432
+36636564313861323861323034613037626639356465323230313565386137616531363530326239
+31396661306130323465663631333636643934626530636339653162663430653332653764386565
+63653463353861383635323539633433383839356431326262343064323430333163636363386139
+31316132393362386261336262613263363261333931363637646630643530366266663264396532
+34643831663536616365633961623932336131303064333861636263323565363764346431306231
+36313831636436613239353665333638393762396163616566353932376431656666623838346363
+36613061346135303066643332336163393534363938663537383961363834613536666537613339
+37626336613464613433363863326261373235643535366661323930663866636135343330393830
+38633234663038666530383334613032646634643434613064363564373536386566666635363462
+33366233303636653435313934613063353337633131623236393831386433393564333533393237
+35396436346538373532653662646161653264383233666336623035656662633161323530376365
+31313534396336326438356433366466663934663135636531346537366265303135313038613531
+39313838313533663861626630666431343066336535653561313463323665633131393063393064
+33636536316365663937363932613838353234653236623634363439663362336631636264356664
+63386461613164613639626530376337313530343230663032393639323832303733623433623564
+39336430643961323761346539623165663635386338306337616637666438343561663364383539
+31386636643836343233383264656234616361613166633735353330383862626331643363656332
+65353730363038626636636537303335383937646135633363653134306361376364316362653731
+30363837333234386366393631363833316361313132343865376666636364643833356363663932
+35313362623166643461626133363730653737363839303139623662303264656362336331383030
+62303430623533623030383262346563613361396130396136376132383264633838656463646332
+39623333306539326337333638363137306235313539346238613732646233633430626130333138
+36313937653433373137323335393639633737333664636238653739353138373264643562613463
+34643661643538373037346433336237356334323731326163323836343332666338663663613436
+66376536323464353138303230323133366562363862353363386636396665353032643437653633
+65343832623636346565386134633763303261306263383336353936343162366663623265656639
+39383661623838643165646531356136316564646232643537373662386439343533356164326134
+36373335333733633435616132353963373130343038363965343166383835373131303435393031
+33653532313237623736323636353635313234343930663039353562633034373961376162623766
+37393965396635383936666565353336316433396632353738333833366134643433316438613134
+30333563656165333335643366343636623938383737333535386235383634356431333035613232
+37353433323730643361316337653735373862633030303764633331663836373837323662636134
+36383535616165323332636134303462653065336461393264656634393366666139663337393136
+61383566303762386531666364356433326434326632633766646664373661636434383033366138
+35363338626666313631343962326532376634633564656137363236613838346436376266323838
+35333166653930623166643861636562353831626432393536666535333435643765393066366339
+6135633232653265376433363338366662396266303261393232
diff --git a/group_vars/prometheus/main.yml b/group_vars/prometheus/main.yml
new file mode 100644
index 0000000..ec233e8
--- /dev/null
+++ b/group_vars/prometheus/main.yml
@@ -0,0 +1,11 @@
+---
+
+## Grafana
+grafana_domain_name: monitoring.deso-palaiseau.fr
+
+## Kassandra
+kassandra_username: cassandre
+alert_rooms:
+  - "#monitoring:pains-perdus.fr"
+
+
diff --git a/group_vars/prometheus/secrets.yml b/group_vars/prometheus/secrets.yml
new file mode 100644
index 0000000..6c8e778
--- /dev/null
+++ b/group_vars/prometheus/secrets.yml
@@ -0,0 +1,18 @@
+$ANSIBLE_VAULT;1.1;AES256
+32373765643939613231393031333062613064343062616361633265393733366638626363663263
+3261633230383735643663303334313338666364613236340a393839333730386439353732303634
+39663536346132316634383837336530306661613963396664323436353034376539386162396666
+6562653730663434610a636133623133303830653830623565393734306161303439396637313536
+35313637393734326637333437336233643966383636663565623366666463393261303164313162
+31346137633165306261633034653234386263303239353332653762366163366630353630316464
+66336234633435626563386164656133353433393637633937663432303637653635633465663830
+34363565663039383366363433626531313737323333316465346165633338633735323663343734
+32376233323434663630333462666631633437643830363663376438623334336238636132653232
+62643462323735353462363536383262666663353964343532316130366232393232656364373832
+61363466336539356166373063306335363161363566383466323336313139386364323435313834
+37366432666430333036326439396539343664313261633261363465383666363364346231313461
+61323931343364633137303539343763663337343762313561336432613838323861396564326235
+38666436663236363463396261363430643032386435356665303438363239313263623364653639
+34653934623232613665346535383163383837353762626635633434663230343565336432303136
+33333962613339656566353833663037396133623466313932313064306466336630316331303235
+3363
diff --git a/group_vars/all/in_memoriam.yml b/group_vars/proxy/in_memoriam.yml
similarity index 100%
rename from group_vars/all/in_memoriam.yml
rename to group_vars/proxy/in_memoriam.yml
diff --git a/group_vars/all/revers_proxy.yml b/group_vars/proxy/main.yml
similarity index 70%
rename from group_vars/all/revers_proxy.yml
rename to group_vars/proxy/main.yml
index 34aea68..685f861 100644
--- a/group_vars/all/revers_proxy.yml
+++ b/group_vars/proxy/main.yml
@@ -1,9 +1,9 @@
 ---
 
 reverse_proxy_sites:
-  - {from: wiki.pains-perdus.fr,          to: "https://azerty.fil.sand.auro.re:2443"}
   - {from: hindley.pains-perdus.fr,       to: "http://127.0.0.1:5000"}
   - {from: "{{ grafana_domain_name }}",   to: "http://127.0.0.1:3000"}
 
 sharing_sites:
   - {from: share.deso-palaiseau.fr,                 folder: "/home/histausse/www",            user: histausse,     group: histausse}
+  - {from: wiki.deso-palaiseau.fr,                  folder: "/home/histausse/wiki/public",    user: histausse,     group: histausse}
diff --git a/group_vars/synapse/main.yml b/group_vars/synapse/main.yml
new file mode 100644
index 0000000..34bb740
--- /dev/null
+++ b/group_vars/synapse/main.yml
@@ -0,0 +1,43 @@
+---
+
+## Synapse
+matrix_enable_registration: False
+
+matrix_apps_services:
+  - discord
+  - facebook
+  - signal
+  - instagram
+  - telegram
+
+# Not configured for now
+matrix_stats_endpoint: https://127.0.0.1/report-usage-stats/push
+
+## Bridge facebook
+matrix_bridge_facebook_admins:
+  - g33kex
+  - histausse
+matrix_bridge_facebook_allowed_external_user:
+  - '@dorianx:matrix.rezel.net'
+
+## Bridge signal
+matrix_bridge_signal_admins:
+  - g33kex
+  - histausse
+matrix_bridge_signal_allowed_external_user:
+  - '@dorianx:matrix.rezel.net'
+
+## Bridge instagram
+matrix_bridge_instagram_admins:
+  - g33kex
+  - histausse
+matrix_bridge_instagram_allowed_external_user:
+  - '@dorianx:matrix.rezel.net'
+
+## Bridge telegram
+matrix_bridge_telegram_admins:
+  - g33kex
+  - histausse
+matrix_bridge_telegram_allowed_external_user:
+  - '@dorianx:matrix.rezel.net'
+
diff --git a/group_vars/synapse/secrets.example b/group_vars/synapse/secrets.example
new file mode 100644
index 0000000..938593c
--- /dev/null
+++ b/group_vars/synapse/secrets.example
@@ -0,0 +1,34 @@
+---
+
+## TODO: replace this example file with proper documentation
+## Synapse
+synapse_postgre_user_pwd: 
+matrix_registration_shared_secret: 
+matrix_macaroon_secret: 
+matrix_form_secret: 
+
+## Bridge discord
+matrix_bridge_discord_postgre_user_pwd: 
+matrix_bridge_discord_client_ID: 
+matrix_bridge_discord_botToken: 
+
+## Bridge facebook
+matrix_bridge_facebook_postgre_user_pwd: 
+# Those values are generated by the bridge the first time the bridge is launched.
+# we copied the values generated from our test config
+matrix_bridge_facebook_integration_manager_shared_secret: 
+
+## Bridge signal
+matrix_bridge_signal_postgre_user_pwd: 
+
+## Bridge instagram
+matrix_bridge_instagram_postgre_user_pwd: 
+
+## Bridge telegram
+matrix_bridge_telegram_postgre_user_pwd: 
+matrix_bridge_telegram_api_id: 
+matrix_bridge_telegram_api_hash: 
+matrix_bridge_telegram_bot_token:
+
+
+
diff --git a/group_vars/synapse/secrets.yml b/group_vars/synapse/secrets.yml
new file mode 100644
index 0000000..5889687
--- /dev/null
+++ b/group_vars/synapse/secrets.yml
@@ -0,0 +1,95 @@
+$ANSIBLE_VAULT;1.1;AES256
+63613062313131653261643433653535326438363161343337326234353165393065663066653938
+3362356639356131643030643264663136373764663933330a386138363330363636326266653936
+66333866353330386163643964626232363166353439363461626230363437306330386162653638
+3263323861623834660a326530633963666139323431393434333038336435303363393432616130
+64373938393430396665663035313937396632396332343434353361626636353636316134383130
+31363131353633613563666437646262373132363366363836616231306137323134326562383337
+39633161386132666162373831373036656632393737653937636164636437336366336338383030
+34313434336230623135643531316164613962623765333131653135663131613338396461386261
+66363137663935653734306461616366313636393633313765613764646535613938666664353932
+63643833323335356538366434393363373463646632306232623230663735626235653434306137
+31353034386162393431363938316261666431653766636464373735363661363338343861313564
+65613963616438323961333639613332663531663834636166653439666461353261383731343862
+31636535323932363539383034363535653865653366346432656332626665633766353363303738
+61653231663565613266363564316237323834373330626333623638343639343763393062396531
+37383833353839356563623034373737663436386130333932313835306437623065363166633635
+62653030313131636638323137383031623363663061376333616438343239353332333636626230
+35373034373830306165363235386263376130623065333037663366653937383935373666323661
+31303235376562643037316134326664353864386436316665633031363163623265306339313866
+63303936353434326234343363383139626265323132373638313064643665373065613162326635
+30313063376266383632626332343037633233366165636131363736303532326662663865343432
+31363366623032663233306333666635646366386433643066613336366532326266316634383765
+31363166626636333363643737313831326664613462663631313164386130373536653561303238
+62646362643937363339626265356132383966646231356462623831663736643763623665353763
+37313234363135396335313637613030313539396336333562303065613739353238663135386663
+62313536306263383232633232633639333461643039393739636235663761313230626532343934
+63623136326638646633303663363430396232376630306339343037663364336166353133366361
+65383732383033613633376265343362613864346230613733333130356566376537393934616630
+35656136356136353830636332616133623031613165353530666533613362633637343335633635
+37323033656533633936316366613965323532646538386264393234386431393364653763653763
+61626438636364623632646364633733366636376433336366346663383831303766303739653362
+39613265396232343435353065323361656635636336373637306163303730626536363166333364
+37623732383733633564623162623861373733323037643535663833383161313262636337613033
+62303033396237633530353031356232336533616432366232616262343335643536316437623430
+39373765313137376264656633646437346266316632356535376236396237363934396537623333
+30356433333339363164316437393233643337356439373634336466653466303136333531633630
+39313765356633353163376466666230633266383833623364383238323863663937356532653734
+62363266633235616662663166366136356532653932376636613466396330613234343766663530
+64353536383232353131313235383738333136666130356537646231346561373639373438656231
+30323032646431323436303231663935323330393230373762336631316236366462373433616365
+31396335353666393233653137393936303562663131643265326235306538326635363463343364
+37373064666335666563666332613132363431376230366163626132306134633831373632623765
+62613633323739393437366135396164383339356536663066636433393562396131393839386461
+37623231613566396436616439613263373366643534353965656562663834633937343633343565
+64303165313833613034613965356637633761633862633964316264323138383238366163643366
+66666461613066313638363432636666313166306363383636653361666565383035613161393333
+39376338636438343532376134363434666465363332653534363434663565653736613663323263
+66386361633230626331326638636161626331663233363365326665616637623962643233353436
+65306235346531636435313038313739643737303036326238353065663930626361316262653362
+65376565323038333466376366373430383138666631363465303134373561373131333533656233
+37383138343062306330396265373334386139623235323833323533613636373333363165303434
+31616336336434633834353963643330386565336565353533623532316664626665663936613231
+62666439386663393339373235623733383233653364623662666635306461656233323835393163
+30306261386362653134316537326238663634623830623466316438343862353131326361623035
+31346164376137616237333539333766333964366435343234333165656666643231333466646635
+63343337323336386661663862383034363865643565643131323932623737376231313235643939
+31323831363534633965623864326236626636376433633334326466643138636263356262373962
+62383937623439643364633832313663326231616463656266303530343835363236313239386164
+30363963383435336438366263313064653633393737623666616239353336643331303435323335
+31633562636339613363376236376135353735653331666132323033613666356535313834636330
+64363366383266303136313738633931383032666339653132656431646332306463353562326561
+36373764306361613761353163356430666363343561313864623963303166356437376136333732
+62303337346663636439616431306234353362353838333331636363626138303033373238656137
+37326432666164323262366637323162326364303665333431653537343932643465356332633433
+32663263653437316137636263356363366565656538373261333336336332313536363930336134
+34336435326531333037636133646639643564333934356431303737373731666433353061666539
+62663862343233393063353932633366653538643662393266343834626236353366363936396166
+34636139623533306366623061316266393062356562333134653236326365656161303962383061
+32643363386335363366636239343435303830653638333530363362323439373838656265366531
+36373031613962656632373839663431343338353465653535393861383965336232363731373533
+66623535653364333664373363636532323137643461326661353961303762343366323533636363
+38353436393137326235656434363332623565306362616561643837333034383266316362303230
+66303735353435393031663232363161333964303538633336663365393966636161376335306264
+36326435636162353664353161373037313437373765373231363434346530373739356137396133
+37383733346435666634633832373064303163656565393334646162313462356235383764353633
+35363738616162303239383964323135616232653562356233366262353533336131393231353332
+36646139356339386137323764336665346534623964613865646330323762666135326361336632
+38653935633933313762643565613332346364396462303366663064313966626262643430323766
+61333135616131643065613763666331653730386339343766303035613065343136616163386631
+35346234316361366464636464633431633039363631623863653630313262623030646666376664
+33656331383536643463663236393430373564373865396134633461373534616435333564396537
+37396664303363393036633537323334363339393230623463376235343234356666633162396362
+66333631616665663931616438333531633333356532343135633564626162613331663239333966
+64323235393764383639326236353439643934616564656432386537613934343537613330323463
+61656634383338653632383232393135323836616461333437363666376661353933306639656465
+35643333393435313330333134383866626530623730313230333437356435613335393835363734
+32616561643737623835326531373164393061353934656638643436643838363865336239616463
+35346563613630313534343864336234663838363638653230646464653765633162303231353532
+30643536333763353662353662653532636539396461373864303664313834343132343636636533
+37653637623630646461343433373232343863316234336339333466346238363863616161613036
+36353738393966366138383666626161366332633534306230316632326637393865353665356664
+33613737303638373461313462303565386664376238636262313638613161363233346661326531
+62643831363164336266363436356638383661343164376562656265363361353234323835313534
+37626461333639623739306634306131643334353335353465646363326537666431303537396634
+6134346232656665323561353433323661636262306232643735
diff --git a/group_vars/all/vpn.yml b/group_vars/vpn/main.yml
similarity index 100%
rename from group_vars/all/vpn.yml
rename to group_vars/vpn/main.yml
diff --git a/host_vars/barium/main.yml b/host_vars/barium/main.yml
new file mode 100644
index 0000000..bf7c4d2
--- /dev/null
+++ b/host_vars/barium/main.yml
@@ -0,0 +1,6 @@
+---
+ansible_host: "barium.lan"
+
+## Users
+users:
+  - g33kex: sudo
diff --git a/host_vars/bismuth/main.yml b/host_vars/bismuth/main.yml
new file mode 100644
index 0000000..8e80981
--- /dev/null
+++ b/host_vars/bismuth/main.yml
@@ -0,0 +1,15 @@
+---
+ansible_host: "bismuth.lan"
+
+## Users
+users:
+  g33kex: sudo
+  antoine: sudo
+
+## Network
+interfaces:
+  ens18:
+    type: dhcp
+
+ipv4_forwarding: false
+ipv6_forwarding: false
diff --git a/host_vars/hindley/ansible.yml b/host_vars/hindley/ansible.yml
deleted file mode 100644
index 287daec..0000000
--- a/host_vars/hindley/ansible.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-ansible_host: "hindley.adh.auro.re"
diff --git a/host_vars/hindley/apt_proxy.yml b/host_vars/hindley/apt_proxy.yml
deleted file mode 100644
index 583f7f8..0000000
--- a/host_vars/hindley/apt_proxy.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-proxy_apt_interfaces:
-  - "{{ interfaces['wg0'].ipv4 }}"
diff --git a/host_vars/hindley/main.yml b/host_vars/hindley/main.yml
new file mode 100644
index 0000000..e1e07d2
--- /dev/null
+++ b/host_vars/hindley/main.yml
@@ -0,0 +1,54 @@
+---
+ansible_host: "hindley.adh.auro.re"
+
+## Users
+users:
+  histausse: sudo
+  g33kex: sudo
+  thomyrock: sudo
+  dorian: sudo
+
+## Networking
+interfaces:
+  enp2s0:
+    ipv4: 45.66.110.3
+    type: dhcp
+  wg0:
+    ipv4: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"
+    netmaskv4: "{{ intranet.netmaskv4 }}"
+    type: wireguard
+
+ipv4_forwarding: true
+ipv6_forwarding: false
+
+lan_address: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"
+
+## VPN
+vpn_interfaces:
+  wg0:
+    ip: "{{ interfaces.wg0.ipv4 }}"
+    private_key: "{{ vpn_key }}"
+    public_key: "Ce48/ZdvpI2S82bIivhiWHQsyidzTAtxCnEYojY3xEA="
+    keepalive: false
+    peers:
+    - public_key: "jvjOCj5xVTLwyQ8o7QsYvF2ep1HbD/GKnmjpqJuztB8="
+      allowed_ips:
+        - "{{ intranet.subnets.physical.subnets.router_hellman.ipv4 }}/{{ intranet.subnets.physical.subnets.router_hellman.netmaskv4  }}"
+        - "{{ intranet.subnets.guest_hellman.ipv4 }}/{{ intranet.subnets.guest_hellman.netmaskv4 }}"
+      comment: "Router hosted on Hellman"
+    - public_key: "{{ vpn_guest_keys.knuth }}"
+      allowed_ips: 
+        - "{{ intranet.subnets.guest.subnets.knuth.ipv4 }}/{{ intranet.subnets.guest.subnets.knuth.netmaskv4 }}"
+      comment: "Client laptop: knuth"
+    - public_key: "{{ hostvars['sulfur'].vpn_interfaces.wg0.public_key }}"
+      allowed_ips: 
+        - "{{ hostvars['sulfur'].vpn_interfaces.wg0.ip }}/32"
+      comment: "matrix VM, hosted on g33kex's server"
+    - public_key: "{{ hostvars['technetium'].vpn_interfaces.wg0.public_key }}"
+      allowed_ips:
+        - "{{ hostvars['technetium'].vpn_interfaces.wg0.ip }}/32"
+      comment: "test VM"
+
+# apt proxy
+proxy_apt_interfaces:
+  - "{{ interfaces['wg0'].ipv4 }}"
diff --git a/host_vars/hindley/networking.yml b/host_vars/hindley/networking.yml
deleted file mode 100644
index efdd3e5..0000000
--- a/host_vars/hindley/networking.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-interfaces:
-  enp2s0:
-    ipv4: 45.66.110.3
-    type: dhcp
-  wg0:
-    ipv4: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"
-    netmaskv4: "{{ intranet.netmaskv4 }}"
-    type: wireguard
-
-ipv4_forwarding: true
-ipv6_forwarding: false
-
-lan_address: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"
diff --git a/host_vars/hindley/secrets.yml b/host_vars/hindley/secrets.yml
new file mode 100644
index 0000000..8d96e19
--- /dev/null
+++ b/host_vars/hindley/secrets.yml
@@ -0,0 +1,9 @@
+$ANSIBLE_VAULT;1.1;AES256
+61376264343163613261623830323664633639366466666462626538616634633233326664326462
+3663363361316438306162343163326364323937626430310a326566636131646534336536303130
+63393162363830323761313132633032616339653062666136363164323132643037316562613633
+6166366135323962650a353433346361643638613434653137396337663432303361656361633835
+36303965343635386130653230663330633361306665633861626163663264303761303235316639
+62613134353661373061383836633935343938623464333739643963386634663536353335616536
+62363838643832613662386630666334623931646536323035313531303139616639613839363137
+36333933353538613165
diff --git a/host_vars/hindley/vpn.yml b/host_vars/hindley/vpn.yml
deleted file mode 100644
index ead66d1..0000000
--- a/host_vars/hindley/vpn.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-vpn_interfaces:
-  wg0:
-    ip: "{{ interfaces.wg0.ipv4 }}"
-    private_key: "{{ vpn_vault_hindley_key }}"
-    public_key: "Ce48/ZdvpI2S82bIivhiWHQsyidzTAtxCnEYojY3xEA="
-    keepalive: false
-    peers:
-    - endpoint: ""
-      public_key: "jvjOCj5xVTLwyQ8o7QsYvF2ep1HbD/GKnmjpqJuztB8="
-      allowed_ips:
-        - "{{ intranet.subnets.physical.subnets.router_hellman.ipv4 }}/{{ intranet.subnets.physical.subnets.router_hellman.netmaskv4  }}"
-        - "{{ intranet.subnets.guest_hellman.ipv4 }}/{{ intranet.subnets.guest_hellman.netmaskv4 }}"
-      comment: "Router hosted on Hellman"
-    - endpoint: ""
-      public_key: "{{ vpn_guest_keys.knuth }}"
-      allowed_ips: 
-        - "{{ intranet.subnets.guest.subnets.knuth.ipv4 }}/{{ intranet.subnets.guest.subnets.knuth.netmaskv4 }}"
-      comment: "Client laptop: knuth"
-    - endpoint: ""
-      public_key: "{{ hostvars['matrix_server'].vpn_interfaces.wg0.public_key }}"
-      allowed_ips: 
-        - "{{ hostvars['matrix_server'].vpn_interfaces.wg0.ip }}/32"
-      comment: "matrix VM, hosted on g33kex's server"
-
-
-
diff --git a/host_vars/krypton/main.yml b/host_vars/krypton/main.yml
new file mode 100644
index 0000000..5c05669
--- /dev/null
+++ b/host_vars/krypton/main.yml
@@ -0,0 +1,6 @@
+---
+ansible_host: "krypton.lan"
+
+## Users
+users:
+  - g33kex: sudo
diff --git a/host_vars/matrix_server/ansible.yml b/host_vars/matrix_server/ansible.yml
deleted file mode 100644
index b60da3e..0000000
--- a/host_vars/matrix_server/ansible.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-#ansible_host: "172.20.1.5"
-ansible_host: "nyx.ovh"
-ansible_port: "4502"
diff --git a/host_vars/matrix_server/networking.yml b/host_vars/matrix_server/networking.yml
deleted file mode 100644
index de2694d..0000000
--- a/host_vars/matrix_server/networking.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-interfaces:
-  ens18:
-    type: dhcp
-  wg0:
-    ipv4: "{{ intranet.subnets.physical.subnets.matrix.ipv4 }}"
-    netmaskv4: "{{ intranet.netmaskv4 }}"
-    type: wireguard
-
-ipv4_forwarding: false
-ipv6_forwarding: false
-
-lan_address: "{{ intranet.subnets.physical.subnets.matrix.ipv4 }}"
diff --git a/host_vars/matrix_server/vpn.yml b/host_vars/sulfur/main.yml
similarity index 50%
rename from host_vars/matrix_server/vpn.yml
rename to host_vars/sulfur/main.yml
index beae875..7cf561a 100644
--- a/host_vars/matrix_server/vpn.yml
+++ b/host_vars/sulfur/main.yml
@@ -1,8 +1,30 @@
 ---
+ansible_host: sulfur.lan
+
+## Users
+users: 
+  g33kex: sudo
+  histausse: sudo
+
+## Networking
+interfaces:
+  ens18:
+    type: dhcp
+  wg0:
+    ipv4: "{{ intranet.subnets.physical.subnets.matrix.ipv4 }}"
+    netmaskv4: "{{ intranet.netmaskv4 }}"
+    type: wireguard
+
+ipv4_forwarding: false
+ipv6_forwarding: false
+
+lan_address: "{{ intranet.subnets.physical.subnets.matrix.ipv4 }}"
+
+## VPN
 vpn_interfaces:
   wg0:
     ip: "{{ interfaces.wg0.ipv4 }}"
-    private_key: "{{ vpn_vault_matrix_key }}"
+    private_key: "{{ vpn_key }}"
     public_key: "oQH8CBofxNSOGevaz1HZlz3ZW+H3ndb/TmqM0pCiRR8="
     keepalive: true
     peers:
@@ -11,3 +33,4 @@ vpn_interfaces:
       allowed_ips:
         - "{{ hostvars['hindley'].vpn_interfaces.wg0.ip }}/{{ interfaces.wg0.netmaskv4 }}"
       comment: "hindley"
+        
diff --git a/host_vars/sulfur/secrets.yml b/host_vars/sulfur/secrets.yml
new file mode 100644
index 0000000..aec2996
--- /dev/null
+++ b/host_vars/sulfur/secrets.yml
@@ -0,0 +1,9 @@
+$ANSIBLE_VAULT;1.1;AES256
+65636333393239393537363163356565376535366136633266643165393662306533613137396262
+3263333334636263383162623533333637303466383139660a356161616138353764326166383566
+39383038613361616663646166626335396537343466336133356135633130643532373165633233
+3437613237656666630a346263643330343336633431313264373365633439623235396236353133
+63623733363935663035393666343739643461393263393966356336346563306434623833303139
+63653036343662333062393936316138613236326332363336326561316131356239646266643936
+30366265636138366239626633363562613330623432626266386135313537643030366534613237
+65633430346337643331
diff --git a/host_vars/technetium/main.yml b/host_vars/technetium/main.yml
new file mode 100644
index 0000000..f63122d
--- /dev/null
+++ b/host_vars/technetium/main.yml
@@ -0,0 +1,37 @@
+---
+ansible_host: technetium.lan
+
+## Users
+users: 
+  g33kex: sudo, video
+  histausse: sudo, video
+  antoine:
+
+## Networking
+interfaces:
+  eth0:
+    type: dhcp
+  wg0:
+    ipv4: "{{ intranet.subnets.physical.subnets.technetium.ipv4 }}"
+    netmaskv4: "{{ intranet.netmaskv4 }}"
+    type: wireguard
+
+ipv4_forwarding: false
+ipv6_forwarding: false
+
+lan_address: "{{ intranet.subnets.physical.subnets.technetium.ipv4 }}"
+
+## VPN
+vpn_interfaces:
+  wg0:
+    ip: "{{ interfaces.wg0.ipv4 }}"
+    private_key: "{{ vpn_key }}"
+    public_key: "sBk95X1alesUr7EhbJ04SfQ3HXHhnE4mm9PGYNa1xmc="
+    keepalive: true
+    peers:
+    - endpoint: "{{ hostvars['hindley'].interfaces.enp2s0.ipv4 }}"
+      public_key: "{{ hostvars['hindley'].vpn_interfaces.wg0.public_key }}"
+      allowed_ips:
+        - "{{ hostvars['hindley'].vpn_interfaces.wg0.ip }}/{{ interfaces.wg0.netmaskv4 }}"
+      comment: "hindley"
+        
diff --git a/host_vars/technetium/secrets.yml b/host_vars/technetium/secrets.yml
new file mode 100644
index 0000000..ab94825
--- /dev/null
+++ b/host_vars/technetium/secrets.yml
@@ -0,0 +1,9 @@
+$ANSIBLE_VAULT;1.1;AES256
+62353537323135663839356464396361646432303638653765616663363432613266383739343835
+6435313938393332396537613031316333643835666164650a396464396632353031303662386332
+65643437616137383837623566316438376334363634653061383334356530366261343865323631
+3466653030623239390a363765386362323563333861353964343161613732626565633666343430
+61353266623033643030346238303562313864653161623436666463363761336532346137656138
+38316439663361363930656162633232396237343165396463626633633837346335643038653131
+36323039663333346131303735316539333335383565623061646634613861303630356563633238
+63393034323136663861
diff --git a/host_vars/vanadium/main.yml b/host_vars/vanadium/main.yml
new file mode 100644
index 0000000..0884bda
--- /dev/null
+++ b/host_vars/vanadium/main.yml
@@ -0,0 +1,26 @@
+---
+ansible_host: "vanadium.lan"
+
+## Users
+users:
+  g33kex: sudo
+
+## Network
+interfaces:
+  eno4:
+    type: manual
+  eno3:
+    type: manual
+  vmbr0:
+    type: dhcp
+    bridge: yes
+    interfaces:
+      - eno4
+  vmbr1:
+    type: manual
+    bridge: yes
+    interfaces:
+      - eno3
+
+ipv4_forwarding: false
+ipv6_forwarding: false
diff --git a/hosts b/hosts
index b44fe00..d1a8c19 100644
--- a/hosts
+++ b/hosts
@@ -1,28 +1,59 @@
-# Servers and VMs inventory
-all:
-  children:
-    ubuntu:
-      hosts:
-        hindley:
-    debian_bullseye:
-      hosts:
-        matrix_server:
-    proxy:
-      hosts:
-        hindley:
-    vpn:
-      hosts:
-        hindley:
-        matrix_server:
-    apt_proxies:
-      hosts:
-        hindley:
-    prometheus_servers:
-      hosts:
-        hindley:
-    matrix:
-      hosts:
-        matrix_server:
-    no_user:
-      hosts:
-        matrix_server:
+# Inventory
+# Meta group containing everything except test servers
+[server:children]
+vm
+container
+physical
+
+[vm]
+bismuth # BigBlueButton
+sulfur # Synapse
+technetium # Test
+
+[container]
+
+[physical]
+hindley # Various
+vanadium # Proxmox
+barium # Backup
+
+[cloudinit]
+bismuth
+technetium
+
+# Groups
+[monitoring]
+hindley
+technetium
+sulfur
+
+[apt_proxy:children]
+vpn
+apt_cacher_ng
+
+[vpn]
+hindley
+sulfur
+technetium
+
+[matrix:children]
+proxy
+synapse
+
+[apt_cacher_ng]
+hindley
+
+[synapse]
+sulfur
+
+[proxy]
+hindley
+
+[prometheus]
+hindley
+
+[proxmox]
+vanadium
+
+[backup]
+barium
diff --git a/roles/apt_cacher_ng/tasks/main.yml b/roles/apt_cacher_ng/tasks/main.yml
index 3b99764..07b5c90 100644
--- a/roles/apt_cacher_ng/tasks/main.yml
+++ b/roles/apt_cacher_ng/tasks/main.yml
@@ -1,27 +1,27 @@
 ---
-- name: Use a newer version of apt cacher nc for ubuntu 20.04
-  block:
-    - name: Set the default release
-      lineinfile:
-        path: /etc/apt/apt.conf.d/01-vendor-ubuntu
-        regexp: '^APT::Default-Release '
-        line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";"
-    - name: Pin node exporter
-      copy:
-        dest: /etc/apt/preferences.d/pin-apt-cacher-nc
-        content: |
-          Package: apt-cacher-nc
-          Pin: release n={{ ansible_facts['lsb']['codename'] }}
-          Pin-Priority: -10
+#- name: Use a newer version of apt cacher nc for ubuntu 20.04
+#  block:
+#    - name: Set the default release
+#      lineinfile:
+#        path: /etc/apt/apt.conf.d/01-vendor-ubuntu
+#        regexp: '^APT::Default-Release '
+#        line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";"
+#    - name: Pin node exporter
+#      copy:
+#        dest: /etc/apt/preferences.d/pin-apt-cacher-nc
+#        content: |
+#          Package: apt-cacher-nc
+#          Pin: release n={{ ansible_facts['lsb']['codename'] }}
+#          Pin-Priority: -10
 
-          Package: apt-cacher-nc
-          Pin: release n=groovy
-          Pin-Priority: 900
-    - name: Add the repo from groovy
-      apt_repository:
-        repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe
-        state: present
-  when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal'
+#          Package: apt-cacher-nc
+#          Pin: release n=groovy
+#          Pin-Priority: 900
+#    - name: Add the repo from groovy
+#      apt_repository:
+#        repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe
+#        state: present
+#  when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal'
 
 - name: Install apt-cacher-ng
   apt:
@@ -29,9 +29,6 @@
       - apt-cacher-ng
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Create config files
   template:
@@ -50,7 +47,7 @@
     group: apt-cacher-ng
     mode: '640'
   notify: Restart apt-cacher-ng
-  no_log: true
+  no_log: "{{ enable_no_log | default('true') }}"
 
 # This is uggly, and overkill
 - name: Set cron job to clear the cache 
diff --git a/roles/base_config/files/update-motd.d/01-logo b/roles/base/files/update-motd.d/01-logo
similarity index 100%
rename from roles/base_config/files/update-motd.d/01-logo
rename to roles/base/files/update-motd.d/01-logo
diff --git a/roles/base_config/tasks/main.yml b/roles/base/tasks/main.yml
similarity index 76%
rename from roles/base_config/tasks/main.yml
rename to roles/base/tasks/main.yml
index 6338f03..4e4679e 100644
--- a/roles/base_config/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -19,9 +19,6 @@
       - acl
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Customize motd
   copy:
@@ -31,3 +28,11 @@
   loop:
     - 01-logo
 
+- name: Check for cloud init
+  stat:
+    path: /etc/cloud
+  register: cloudinit_folder
+- include_role: 
+    name: cloudinit
+  when: cloudinit_folder.stat.exists
+
diff --git a/roles/base_totp/tasks/main.yml b/roles/base_totp/tasks/main.yml
deleted file mode 100644
index de187a4..0000000
--- a/roles/base_totp/tasks/main.yml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-- name: Install the PAM lib
-  apt:
-    name:
-      - libpam-oath
-    state: latest
-    update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
-
-- name: Add the totp secret for users
-  lineinfile:
-    path: /etc/users.oath
-    regexp: "{{ item.name }}"
-    line: "HOTP/T{{ totp_periode }}/{{ totp_digits }} {{ item.name }} - {{item.totp}}"
-    create: true
-    group: root
-    owner: root
-    mode: '600'
-  loop: "{{ uservault_users }}"
-  no_log: true
diff --git a/roles/cloudinit/tasks/main.yml b/roles/cloudinit/tasks/main.yml
new file mode 100644
index 0000000..ddee5b3
--- /dev/null
+++ b/roles/cloudinit/tasks/main.yml
@@ -0,0 +1,21 @@
+---
+- name: Remove cloudinit sudoers file
+  file:
+    path: "/etc/sudoers.d/90-cloud-init-users"
+    state: absent
+
+- name: Remove cloudinit netplan
+  file:
+    path: "/etc/netplan/50-cloud-init.yaml"
+    state: absent
+  when: ansible_facts["lsb"]["id"] == "Ubuntu"
+
+- name: Disable cloudinit
+  file:
+    path: "/etc/cloud/cloud-init.disabled"
+    owner: root
+    group: root
+    mode: "0644"
+    state: touch
+    modification_time: preserve
+    access_time: preserve
diff --git a/roles/configure_resolved/handlers/main.yml b/roles/configure_resolved/handlers/main.yml
deleted file mode 100644
index 2937480..0000000
--- a/roles/configure_resolved/handlers/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: Reload systemd-resolve
-  systemd:
-    name: systemd-resolved
-    state: restart
diff --git a/roles/configure_resolved/tasks/main.yml b/roles/configure_resolved/tasks/main.yml
deleted file mode 100644
index a3eff0f..0000000
--- a/roles/configure_resolved/tasks/main.yml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-- name: Change the DNS server
-  lineinfile:
-    path: /etc/systemd/resolved.conf
-    insertafter: '[Resolve]'
-    regexp: '^#?DNS='
-    line: "DNS={{ dns_resolve_server }}"
-  notify: Reload systemd-resolve
-
-- name: Remove the stub listener
-  lineinfile:
-    path: /etc/systemd/resolved.conf
-    insertafter: '[Resolve]'
-    regexp: '^#?DNSStubListener='
-    line: "DNSStubListener=no"
-  notify: Reload systemd-resolve
-
-- name: Link resolve conf
-  file:
-    src: /run/systemd/resolve/resolv.conf 
-    dest: /etc/resolv.conf
-    state: link
-    force: yes
diff --git a/roles/create_users/tasks/main.yml b/roles/create_users/tasks/main.yml
deleted file mode 100644
index 76937e0..0000000
--- a/roles/create_users/tasks/main.yml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-
-- name: Generate user
-  user:
-    name: "{{ item.name }}"
-    groups: "{{ item.groups }}"
-    shell: "{{ item.shell }}"
-    password: "{{ item.password_hash }}"
-  loop: "{{ uservault_users }}"
-  no_log: true
-
-- name: Add ssh key
-  authorized_key:
-    key: "{{ item.ssh_key }}"
-    user: "{{ item.name }}"
-  loop: "{{ uservault_users }}"
-  no_log: true
diff --git a/roles/generate-cert/tasks/main.yml b/roles/generate-cert/tasks/main.yml
index afd91c7..7b90db8 100644
--- a/roles/generate-cert/tasks/main.yml
+++ b/roles/generate-cert/tasks/main.yml
@@ -79,7 +79,7 @@
         dest: "/tmp/ansible_hacky_pki_ca.key"
         mode: u=rw,g=,o=
       delegate_to: localhost
-      no_log: yes
+      no_log: "{{ enable_no_log | default('true') }}"
     
     - name: Sign the certificate
       become: false
@@ -100,7 +100,7 @@
         owner: "{{ owner | default('root') }}"
         group: "{{ group | default('root') }}"
         mode: "{{ key_mode | default('u=rw,g=,o=') }}"
-      no_log: yes
+      no_log: "{{ enable_no_log | default('true') }}"
     
     - name: Send certificate to the server
       copy:
diff --git a/roles/generate_self_signed_certificate/tasks/main.yml b/roles/generate_self_signed_certificate/tasks/main.yml
index 3fc83bf..334635b 100644
--- a/roles/generate_self_signed_certificate/tasks/main.yml
+++ b/roles/generate_self_signed_certificate/tasks/main.yml
@@ -4,9 +4,6 @@
     name: python3-openssl
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Ensure the cert directory exists
   file:
@@ -25,7 +22,7 @@
     privatekey_path: "/var/certificates/{{ server_hostname }}_privkey.pem"
     country_name: "{{ country_name }}"
     organization_name: "{{ organization_name }}"
-    email_address: "{{ vault_email }}"
+    email_address: "{{ certificate_email }}"
     common_name: "{{ server_hostname }}"
 
 - name: Generate a Self Signed OpenSSL certificate
diff --git a/roles/grafana/tasks/main.yml b/roles/grafana/tasks/main.yml
index 98c4d41..cbd05c2 100644
--- a/roles/grafana/tasks/main.yml
+++ b/roles/grafana/tasks/main.yml
@@ -5,9 +5,6 @@
       - apt-transport-https
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Add Graphana Repo Key
   apt_key:
@@ -25,9 +22,6 @@
       - grafana
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Configure Grafana
   template:
@@ -36,7 +30,7 @@
     owner: grafana
     group: grafana
     mode: u=rw,g=r,o=
-  no_log: true
+  no_log: "{{ enable_no_log | default('true') }}"
   notify: Restart Grafana
 
 - name: Copy the CA cert
diff --git a/roles/guest_agent/tasks/main.yml b/roles/guest_agent/tasks/main.yml
new file mode 100644
index 0000000..4dbb7b8
--- /dev/null
+++ b/roles/guest_agent/tasks/main.yml
@@ -0,0 +1,5 @@
+# Setup QEMU Guest Agent
+- name: Install QEMU Guest Agent
+  package: 
+    name: qemu-guest-agent
+    state: present
diff --git a/roles/install_docker/tasks/main.yml b/roles/install_docker/tasks/main.yml
deleted file mode 100644
index d9de1fa..0000000
--- a/roles/install_docker/tasks/main.yml
+++ /dev/null
@@ -1,38 +0,0 @@
----
-- name: Add the docker repo key
-  apt_key:
-    url: https://download.docker.com/linux/debian/gpg
-    state: present
-
-- name: Add docker repo
-  apt_repository:
-    repo: deb [arch=amd64] https://download.docker.com/linux/debian buster stable
-    # TODO replace by "... /linux/debian $(lsb_release -cs) stable"
-    state: present
-
-- name: Install docker
-  apt:
-    update_cache: true
-    name:
-      - docker-ce
-      - docker-ce-cli
-      - containerd.io
-    state: latest
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
-
-# Official methode for docker compose, redundant with pip
-#- name: Install docker-compose
-#  get_url:
-#    url: https://github.com/docker/compose/releases/download/1.28.0/docker-compose-Linux-x86_64 
-#    # TODO: replace by "...1.28.0/docker-compose-$(uname -s)-$(uname -m)"
-#    dest: /usr/local/bin/docker-compose
-#    mode: '0755'
-
-# Methode requiered by ansible docker_compose module
-- name: Install docker and docker-compose
-  pip:
-    name:
-      - docker
-      - docker-compose>=1.28.0
diff --git a/roles/install_gitea/handlers/main.yml b/roles/install_gitea/handlers/main.yml
deleted file mode 100644
index 3fbdb12..0000000
--- a/roles/install_gitea/handlers/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: restart gitea
-  docker_compose:
-    project_src: /var/local/gitea
-    restarted: yes
diff --git a/roles/install_gitea/tasks/main.yml b/roles/install_gitea/tasks/main.yml
deleted file mode 100644
index 524540b..0000000
--- a/roles/install_gitea/tasks/main.yml
+++ /dev/null
@@ -1,74 +0,0 @@
----
-- name: Ensure the directory exist
-  file:
-     path: /var/local/gitea
-     state: directory
-
-- name: Ensure the user gitea exists
-  user:
-    name: gitea
-    create_home: no
-    password_lock: yes
-
-- name: Retrieve info about users
-  getent:
-    database: passwd
-
-- name: Warning
-  debug:
-    msg: This is a test server, do not use in production
-
-- name: Copy docker-compose.yml
-  template:
-    src: docker-compose.yml.j2
-    dest: /var/local/gitea/docker-compose.yml
-    mode: 0644
-    owner: root
-    group: staff
-
-- name: Start the container
-  docker_compose:
-    project_src: /var/local/gitea
-
-- name: Copy key
-  copy:
-    src: /var/certificates/{{ server_hostname }}_privkey.pem
-    dest: /var/local/gitea/gitea/key.pem
-    owner: gitea
-    group: gitea
-    mode: 0600
-    remote_src: yes
-  notify: restart gitea
-
-- name: Copy certificate
-  copy:
-    src: /var/certificates/{{ server_hostname }}_cert.pem
-    dest: /var/local/gitea/gitea/cert.pem
-    owner: gitea
-    group: gitea
-    remote_src: yes
-  notify: restart gitea
-
-- name: Specify the link the private key
-  lineinfile:
-    path: /var/local/gitea/gitea/gitea/conf/app.ini
-    insertafter: '^\[server\]'
-    regexp: '^KEY_FILE'
-    line: KEY_FILE         = /data/key.pem
-  notify: restart gitea
-
-- name: Specify the link the private key
-  lineinfile:
-    path: /var/local/gitea/gitea/gitea/conf/app.ini
-    insertafter: '^\[server\]'
-    regexp: '^CERT_FILE'
-    line: CERT_FILE        = /data/cert.pem
-  notify: restart gitea
-
-- name: Use https
-  lineinfile:
-    path: /var/local/gitea/gitea/gitea/conf/app.ini
-    insertafter: '^\[server\]'
-    regexp: '^PROTOCOL'
-    line: PROTOCOL         = https
-  notify: restart gitea
diff --git a/roles/install_gitea/templates/docker-compose.yml.j2 b/roles/install_gitea/templates/docker-compose.yml.j2
deleted file mode 100644
index 9f670c9..0000000
--- a/roles/install_gitea/templates/docker-compose.yml.j2
+++ /dev/null
@@ -1,43 +0,0 @@
-# {{ ansible_managed }}
-# version: "3.8"
-
-networks:
-  gitea:
-    external: false
-
-services:
-  server:
-    image: gitea/gitea:1.13.1
-    container_name: gitea
-    environment:
-      - USER_UID={{ getent_passwd["gitea"].1 }}
-      - USER_GID={{ getent_passwd["gitea"].2 }}
-      - DB_TYPE=postgres
-      - DB_HOST=db:5432
-      - DB_NAME=gitea
-      - DB_USER=gitea
-      - DB_PASSWD=gitea
-    restart: always
-    networks:
-      - gitea
-    volumes:
-      - ./gitea:/data
-      - /etc/timezone:/etc/timezone:ro
-      - /etc/localtime:/etc/localtime:ro
-    ports:
-      - "{{ gitea_https_port }}:3000"
-      - "{{ gitea_ssh_port }}:22"
-    depends_on:
-      - db
-
-  db:
-    image: postgres:9.6
-    restart: always
-    environment:
-      - POSTGRES_USER=gitea
-      - POSTGRES_PASSWORD=gitea
-      - POSTGRES_DB=gitea
-    networks:
-      - gitea
-    volumes:
-      - ./postgres:/var/lib/postgresql/data
diff --git a/roles/install_keycloak/tasks/main.yml b/roles/install_keycloak/tasks/main.yml
deleted file mode 100644
index b291cbc..0000000
--- a/roles/install_keycloak/tasks/main.yml
+++ /dev/null
@@ -1,66 +0,0 @@
----
-- name: Ensure the directory exist
-  file:
-     path: /var/local/keycloak
-     state: directory
-
-- name: Ensure the user keycloak exists
-  user:
-    name: keycloak
-    create_home: no
-    password_lock: yes
-
-- name: Retrieve info about users
-  getent:
-    database: passwd
-
-- name: Warning
-  debug:
-    msg: This is a test server, do not use in production
-
-- name: Copy env variables
-  template:
-    src: dot_env.j2
-    dest: /var/local/keycloak/.env
-    mode: 0400
-    owner: root
-    group: staff
-
-- name: Ensure the certificate directory exist
-  file:
-    path: /var/local/keycloak/certificates
-    state: directory
-
-- name: Copy key
-  copy:
-    src: /var/certificates/{{ server_hostname }}_privkey.pem
-    dest: /var/local/keycloak/certificates/tls.key
-    remote_src: yes
-    owner: keycloak
-    group: keycloak
-    mode: 0644 # 0600 
-# I wanted to limite read access to the private key to one "keycloak" user,
-# but It doesn't works because the user running some script inside the container
-# has a fix uid (1000) and obviously this uid is taken on the host by the first
-# user created... I hope you're serveur is well protected...
-
-- name: Copy certificate
-  copy:
-    src: /var/certificates/{{ server_hostname }}_cert.pem
-    dest: /var/local/keycloak/certificates/tls.crt
-    remote_src: yes
-    owner: keycloak
-    group: keycloak
-
-- name: Copy docker-compose.yml
-  template:
-    src: docker-compose.yml.j2
-    dest: /var/local/keycloak/docker-compose.yml
-    mode: 0644
-    owner: root
-    group: staff
-
-- name: Start the container
-  docker_compose:
-    project_src: /var/local/keycloak
-
diff --git a/roles/install_keycloak/templates/docker-compose.yml.j2 b/roles/install_keycloak/templates/docker-compose.yml.j2
deleted file mode 100644
index a102919..0000000
--- a/roles/install_keycloak/templates/docker-compose.yml.j2
+++ /dev/null
@@ -1,18 +0,0 @@
-# {{ ansible_managed }}
-# version: "3.8"
-
-services:
-  server:
-    image: jboss/keycloak
-    container_name: keycloak
-    restart: always
-    environment:
-      - USER_UID={{ getent_passwd["keycloak"].1 }}
-      - USER_GID={{ getent_passwd["keycloak"].2 }}
-      - "KEYCLOAK_USER=${USERNAME}"
-      - "KEYCLOAK_PASSWORD=${PASSWORD}"
-    volumes:
-      - ./certificates:/etc/x509/https
-      - /etc/localtime:/etc/localtime:ro
-    ports:
-      - "{{ keycloak_https_port }}:8443"
diff --git a/roles/install_keycloak/templates/dot_env.j2 b/roles/install_keycloak/templates/dot_env.j2
deleted file mode 100644
index dd648b0..0000000
--- a/roles/install_keycloak/templates/dot_env.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-# {{ ansible_managed }}
-
-USERNAME={{ vault_admin_keycloak }}
-PASSWORD={{ vault_mdp_admin_keycloak }}
diff --git a/roles/install_nginx/tasks/main.yml b/roles/install_nginx/tasks/main.yml
index 218ca39..fe31967 100644
--- a/roles/install_nginx/tasks/main.yml
+++ b/roles/install_nginx/tasks/main.yml
@@ -4,9 +4,6 @@
     update_cache: true
     name: nginx
     state: latest
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Add wasm to mime type
   lineinfile:
diff --git a/roles/matrix-bridge-discord b/roles/matrix-bridge-discord
index 2358c02..3c96034 160000
--- a/roles/matrix-bridge-discord
+++ b/roles/matrix-bridge-discord
@@ -1 +1 @@
-Subproject commit 2358c022895b3ce2f2a08dea41580e4cf84d218f
+Subproject commit 3c96034b253012a07e10eb23c2bb2163effaf74e
diff --git a/roles/matrix-bridge-facebook b/roles/matrix-bridge-facebook
index 89fb99e..950bada 160000
--- a/roles/matrix-bridge-facebook
+++ b/roles/matrix-bridge-facebook
@@ -1 +1 @@
-Subproject commit 89fb99ebb7c35ec3c11ecd5e4fbb194817f9cae6
+Subproject commit 950badac374e89e038e4076703b07068b2ba3e35
diff --git a/roles/matrix-bridge-instagram b/roles/matrix-bridge-instagram
index 70675be..4166832 160000
--- a/roles/matrix-bridge-instagram
+++ b/roles/matrix-bridge-instagram
@@ -1 +1 @@
-Subproject commit 70675bec04af6bf456857c30687c5e57fa5e812a
+Subproject commit 4166832cb237d08a6e697669be4df51f83d1e9e9
diff --git a/roles/matrix-bridge-signal b/roles/matrix-bridge-signal
index b273607..cc98bfa 160000
--- a/roles/matrix-bridge-signal
+++ b/roles/matrix-bridge-signal
@@ -1 +1 @@
-Subproject commit b27360700e82dd14fc42de6bdffc3d80bf3fa975
+Subproject commit cc98bfa0dbbf167bf40d54a85513516d7254abf5
diff --git a/roles/matrix-bridge-telegram b/roles/matrix-bridge-telegram
index c8e442e..79a1de1 160000
--- a/roles/matrix-bridge-telegram
+++ b/roles/matrix-bridge-telegram
@@ -1 +1 @@
-Subproject commit c8e442e4a931acc2220e4406282925c2d4a48954
+Subproject commit 79a1de19232417987652386aef575fb0910d0f81
diff --git a/roles/networking/tasks/main.yml b/roles/networking/tasks/main.yml
index 7ee6fd9..9e54fd9 100644
--- a/roles/networking/tasks/main.yml
+++ b/roles/networking/tasks/main.yml
@@ -1,56 +1,4 @@
 ---
-
-- name: Install ifupdown2
-  apt:
-    name:
-      - ifupdown2
-    state: latest
-    update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
-  when: ansible_facts["lsb"]["id"] == "Debian"
-
-- name: Install bridge-utils
-  apt:
-    name:
-      - bridge-utils
-    state: latest
-    update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
-  when: (ansible_facts["lsb"]["id"] == "Debian") and 
-        (lookup('dict', interfaces, wantlist=True) | selectattr('value.bridge', 'defined') | selectattr('value.bridge') | list)
-
-- name: Enable ipv4 forwarding
-  ansible.posix.sysctl:
-    name: net.ipv4.ip_forward
-    value: '1'
-    sysctl_set: true
-  when: ipv4_forwarding
-
-- name: Enable ipv6 forwarding
-  ansible.posix.sysctl:
-    name: net.ipv6.conf.all.forwarding
-    value: '1'
-    sysctl_set: true
-  when: ipv6_forwarding
-
-- name: Disable ipv4 forwarding
-  ansible.posix.sysctl:
-    name: net.ipv4.ip_forward
-    value: '0'
-    sysctl_set: true
-  when: not ipv4_forwarding
-
-- name: Disable ipv6 forwarding
-  ansible.posix.sysctl:
-    name: net.ipv6.conf.all.forwarding
-    value: '0'
-    sysctl_set: true
-  when: not ipv6_forwarding
-
 - name: Create interface config files
   ansible.builtin.template:
     src: "debian_interfaces.j2"
@@ -80,3 +28,33 @@
     mode: '644'
   notify: Apply netplan ubuntu
   when: ansible_facts["lsb"]["id"] == "Ubuntu"
+
+#- name: Install ifupdown2
+#  apt:
+#    name:
+#      - ifupdown2
+#    state: latest
+#    update_cache: true
+#  when: ansible_facts["lsb"]["id"] == "Debian"
+
+- name: Install bridge-utils
+  apt:
+    name:
+      - bridge-utils
+    state: latest
+    update_cache: true
+  when: (ansible_facts["lsb"]["id"] == "Debian") and 
+        (lookup('dict', interfaces, wantlist=True) | selectattr('value.bridge', 'defined') | selectattr('value.bridge') | list)
+
+- name: Set ipv4 forwarding
+  ansible.posix.sysctl:
+    name: net.ipv4.ip_forward
+    value: "{{ ipv4_forwarding | int | default(0) }}"
+    sysctl_set: true
+
+- name: Set ipv6 forwarding
+  ansible.posix.sysctl:
+    name: net.ipv6.conf.all.forwarding
+    value: "{{ ipv6_forwarding | int | default(0) }}"
+    sysctl_set: true
+
diff --git a/roles/postgre b/roles/postgre
index e5ce162..f774bc0 160000
--- a/roles/postgre
+++ b/roles/postgre
@@ -1 +1 @@
-Subproject commit e5ce16268f165be36d4f2f893caf47f9bdb6f332
+Subproject commit f774bc096487cba7fec6ed9e196032e169cfbb4a
diff --git a/roles/prometheus-alert-manager/tasks/kassandra.yml b/roles/prometheus-alert-manager/tasks/kassandra.yml
index 6136298..fb117f3 100644
--- a/roles/prometheus-alert-manager/tasks/kassandra.yml
+++ b/roles/prometheus-alert-manager/tasks/kassandra.yml
@@ -6,9 +6,6 @@
       - python3.9-venv
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Create the kassandra user
   user:
@@ -35,7 +32,7 @@
     group: nogroup
     mode: '0600'
   notify:  Restart kassandra
-  no_log: true
+  no_log: "{{ enable_no_log | default('true') }}"
 
 - name: Copy the CA cert
   copy:
diff --git a/roles/prometheus-alert-manager/tasks/main.yml b/roles/prometheus-alert-manager/tasks/main.yml
index be60549..6bb246b 100644
--- a/roles/prometheus-alert-manager/tasks/main.yml
+++ b/roles/prometheus-alert-manager/tasks/main.yml
@@ -5,9 +5,6 @@
       - prometheus-alertmanager
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Setup the arguments for alertmanager
   template:
diff --git a/roles/prometheus-blackbox-exporter/tasks/main.yml b/roles/prometheus-blackbox-exporter/tasks/main.yml
index caf3464..cc580ce 100644
--- a/roles/prometheus-blackbox-exporter/tasks/main.yml
+++ b/roles/prometheus-blackbox-exporter/tasks/main.yml
@@ -5,9 +5,6 @@
       - prometheus-blackbox-exporter
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Copy the CA cert
   copy:
@@ -42,7 +39,7 @@
     group: prometheus
     mode: '0640'
   notify: Restart blackbox-exporter
-  no_log: true
+  no_log: "{{ enable_no_log | default('true') }}"
 
 #- name: Copy the web-config folder
 #  template:
diff --git a/roles/prometheus-node-exporter/tasks/local_x509_collector.yml b/roles/prometheus-node-exporter/tasks/local_x509_collector.yml
index e7c896b..0c82583 100644
--- a/roles/prometheus-node-exporter/tasks/local_x509_collector.yml
+++ b/roles/prometheus-node-exporter/tasks/local_x509_collector.yml
@@ -5,9 +5,6 @@
       - moreutils
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Ensure /usr/share/prometheus-node-exporter exist
   file:
diff --git a/roles/prometheus-node-exporter/tasks/main.yml b/roles/prometheus-node-exporter/tasks/main.yml
index db8b2a8..78788d9 100644
--- a/roles/prometheus-node-exporter/tasks/main.yml
+++ b/roles/prometheus-node-exporter/tasks/main.yml
@@ -1,27 +1,27 @@
 ---
-- name: Use a newer version of Node exporter for ubuntu 20.04
-  block:
-    - name: Set the default release
-      lineinfile:
-        path: /etc/apt/apt.conf.d/01-vendor-ubuntu
-        regexp: '^APT::Default-Release '
-        line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";"
-    - name: Pin node exporter
-      copy:
-        dest: /etc/apt/preferences.d/pin-prometheus-node-exporter
-        content: |
-          Package: prometheus-node-exporter
-          Pin: release n={{ ansible_facts['lsb']['codename'] }}
-          Pin-Priority: -10
-          
-          Package: prometheus-node-exporter
-          Pin: release n=groovy
-          Pin-Priority: 900
-    - name: Add the repo from groovy
-      apt_repository:
-        repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe
-        state: present
-  when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal'
+#- name: Use a newer version of Node exporter for ubuntu 20.04
+#  block:
+#    - name: Set the default release
+#      lineinfile:
+#        path: /etc/apt/apt.conf.d/01-vendor-ubuntu
+#        regexp: '^APT::Default-Release '
+#        line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";"
+#    - name: Pin node exporter
+#      copy:
+#        dest: /etc/apt/preferences.d/pin-prometheus-node-exporter
+#        content: |
+#          Package: prometheus-node-exporter
+#          Pin: release n={{ ansible_facts['lsb']['codename'] }}
+#          Pin-Priority: -10
+
+#          Package: prometheus-node-exporter
+#          Pin: release n=groovy
+#          Pin-Priority: 900
+#    - name: Add the repo from groovy
+#      apt_repository:
+#        repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe
+#        state: present
+#  when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal'
 
 - name: Install Prometheus Node exporter
   apt:
@@ -31,9 +31,6 @@
     state: latest
     update_cache: true
     install_recommends: false  # Do not install smartmontools
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 
 - name: Install the local_x509 exporter
@@ -115,7 +112,7 @@
         - name: Put the new target list
           copy:
             content: "{{ new_server_node_target | to_nice_json }}"
-            dest: /etc/prometheus/node-targets.json
+            dest: /etc/prometheus/targets/node-targets.json
           delegate_to: "{{ appointed_prometheus_server }}"
       when: (lan_address + '|' + ansible_facts['nodename']) not in server_node_target.0.targets
 
diff --git a/roles/prometheus/tasks/main.yml b/roles/prometheus/tasks/main.yml
index 2acae58..eb6318c 100644
--- a/roles/prometheus/tasks/main.yml
+++ b/roles/prometheus/tasks/main.yml
@@ -6,9 +6,6 @@
       - prometheus-pushgateway
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Ensure the alert folder exist
   file:
@@ -59,7 +56,7 @@
     group: prometheus
     mode: '0640'
   notify: Restart prometheus
-  no_log: true
+  no_log: "{{ enable_no_log | default('true') }}"
 
 - name: Add node targets file
   template:
diff --git a/roles/reverse_proxy_http/tasks/main.yml b/roles/reverse_proxy_http/tasks/main.yml
index 5ebf7fb..db4bf5f 100644
--- a/roles/reverse_proxy_http/tasks/main.yml
+++ b/roles/reverse_proxy_http/tasks/main.yml
@@ -6,9 +6,6 @@
       - certbot
       - python3-certbot-nginx
     state: latest
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Ensure the cert directory exists
   file:
@@ -38,7 +35,7 @@
   loop: "{{ reverse_proxy_sites }}"
 
 - name: Generate Certificate for Domains
-  shell: certbot certonly --standalone -d {{ item.from }} -m {{ vault_email }}  --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx"
+  shell: certbot certonly --standalone -d {{ item.from }} -m {{ certificate_email }}  --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx"
   args:
     creates: "/etc/letsencrypt/live/{{ item.from }}/cert.pem"
   loop: "{{ reverse_proxy_sites }}"
diff --git a/roles/reverse_proxy_stream/meta/main.yml b/roles/reverse_proxy_stream/meta/main.yml
deleted file mode 100644
index ff0926f..0000000
--- a/roles/reverse_proxy_stream/meta/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
-dependencies:
-  - role: install_nginx
diff --git a/roles/reverse_proxy_stream/tasks/main.yml b/roles/reverse_proxy_stream/tasks/main.yml
deleted file mode 100644
index 549aa0c..0000000
--- a/roles/reverse_proxy_stream/tasks/main.yml
+++ /dev/null
@@ -1,34 +0,0 @@
----
-
-- name: Ensure the stream proxy conf available directory exists
-  file:
-    path: /etc/nginx/stream-available
-    state: directory
-
-- name: Ensure the stream proxy conf enabled directory exists
-  file:
-    path: /etc/nginx/stream-enabled
-    state: directory
-
-- name: Include the stream proxy configuration files
-  blockinfile:
-    path: /etc/nginx/nginx.conf
-    block: |
-      stream {
-          include /etc/nginx/stream-enabled/*;
-      }
-
-- name: Copy reverse proxy stream
-  template:
-    src: "nginx/stream-available/reverse_proxy"
-    dest: "/etc/nginx/stream-available/stream_{{ item.type }}_{{ item.from_port }}"
-  loop: "{{ reverse_proxy_stream }}"
-
-- name: Activate stream
-  file:
-    src: "/etc/nginx/stream-available/stream_{{ item.type }}_{{ item.from_port }}"
-    dest: "/etc/nginx/stream-enabled/stream_{{ item.type }}_{{ item.from_port }}"
-    state: link
-    force: yes
-  loop: "{{ reverse_proxy_stream }}"
-  notify: Reload nginx
diff --git a/roles/reverse_proxy_stream/templates/nginx/stream-available/reverse_proxy b/roles/reverse_proxy_stream/templates/nginx/stream-available/reverse_proxy
deleted file mode 100644
index fd86921..0000000
--- a/roles/reverse_proxy_stream/templates/nginx/stream-available/reverse_proxy
+++ /dev/null
@@ -1,12 +0,0 @@
-{{ ansible_managed | comment }}
-
-server {
-    {% if item.type == "udp" %}
-	listen {{ item.from_port }} udp;
-	{% else %}
-	listen {{ item.from_port }};
-	{% endif %}
-
-	proxy_pass {{ item.to }};
-}
-
diff --git a/roles/rp_synapse/tasks/main.yml b/roles/rp_synapse/tasks/main.yml
index 1837c75..c6d66f8 100644
--- a/roles/rp_synapse/tasks/main.yml
+++ b/roles/rp_synapse/tasks/main.yml
@@ -10,9 +10,6 @@
       - certbot
       - python3-certbot-nginx
     state: latest
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Ensure the cert directory exists
   file:
@@ -20,7 +17,7 @@
     state: directory
 
 - name: Generate Certificate for Domains
-  shell: certbot certonly --standalone -d {{ matrix_server_name }} -m {{ vault_email }}  --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx"
+  shell: certbot certonly --standalone -d {{ matrix_server_name }} -m {{ certificate_email }}  --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx"
   args:
     creates: "/etc/letsencrypt/live/{{ matrix_server_name }}/cert.pem"
 
diff --git a/roles/rp_synapse/templates/reverse_proxy b/roles/rp_synapse/templates/reverse_proxy
index 8ba5916..7b24f66 100644
--- a/roles/rp_synapse/templates/reverse_proxy
+++ b/roles/rp_synapse/templates/reverse_proxy
@@ -4,6 +4,9 @@ server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
 
+    listen 8448 ssl http2;
+    listen [::]:8448 ssl http2;
+
     server_name {{ matrix_server_name }};
 
     ssl_certificate /etc/nginx/certs/{{ matrix_server_name }}.crt;
diff --git a/roles/share_file_web/tasks/main.yml b/roles/share_file_web/tasks/main.yml
index 3692806..33cf759 100644
--- a/roles/share_file_web/tasks/main.yml
+++ b/roles/share_file_web/tasks/main.yml
@@ -6,9 +6,6 @@
       - certbot
       - python3-certbot-nginx
     state: latest
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Ensure the cert directory exists
   file:
@@ -46,7 +43,7 @@
   loop: "{{ sharing_sites }}"
 
 - name: Generate Certificate for Domains
-  shell: certbot certonly --standalone -d {{ item.from }} -m {{ vault_email }}  --noninteractive --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx"
+  shell: certbot certonly --standalone -d {{ item.from }} -m {{ certificate_email }}  --noninteractive --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx"
   args:
     creates: "/etc/letsencrypt/live/{{ item.from }}/cert.pem"
   loop: "{{ sharing_sites }}"
diff --git a/roles/ssh_totp/handlers/main.yml b/roles/ssh/handlers/main.yml
similarity index 65%
rename from roles/ssh_totp/handlers/main.yml
rename to roles/ssh/handlers/main.yml
index 8500e47..a4838a3 100644
--- a/roles/ssh_totp/handlers/main.yml
+++ b/roles/ssh/handlers/main.yml
@@ -1,5 +1,4 @@
----
-- name: Reload sshd
+- name: reload_sshd
   systemd:
     name: sshd
     state: reloaded
diff --git a/roles/ssh/tasks/main.yml b/roles/ssh/tasks/main.yml
new file mode 100644
index 0000000..03c881d
--- /dev/null
+++ b/roles/ssh/tasks/main.yml
@@ -0,0 +1,8 @@
+- name: sshd_config
+  ansible.builtin.template:
+    src: sshd_config.j2
+    dest: /etc/ssh/sshd_config
+    owner: root
+    group: root
+    mode: 0644
+  notify: reload_sshd
diff --git a/roles/ssh/templates/sshd_config.j2 b/roles/ssh/templates/sshd_config.j2
new file mode 100644
index 0000000..85eab90
--- /dev/null
+++ b/roles/ssh/templates/sshd_config.j2
@@ -0,0 +1,13 @@
+{{ ansible_managed | comment }}
+{% if ansible_os_family == "Ubuntu" %} 
+Include /etc/ssh/sshd_config.d/*.conf
+
+{% endif %}
+AuthorizedKeysFile /etc/ssh/authorized_keys/%u
+PermitRootLogin no
+PasswordAuthentication no
+ChallengeResponseAuthentication no
+UsePAM yes
+AcceptEnv LANG LC_*
+Subsystem sftp /usr/lib/openssh/sftp-server
+PrintMotd no
diff --git a/roles/ssh_totp/meta/main.yml b/roles/ssh_totp/meta/main.yml
deleted file mode 100644
index 608d56d..0000000
--- a/roles/ssh_totp/meta/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
-dependencies:
-  - role: base_totp
diff --git a/roles/ssh_totp/tasks/main.yml b/roles/ssh_totp/tasks/main.yml
deleted file mode 100644
index f313398..0000000
--- a/roles/ssh_totp/tasks/main.yml
+++ /dev/null
@@ -1,25 +0,0 @@
----
-- name: Eddit pam config for ssh
-  lineinfile:
-    path: /etc/pam.d/sshd
-    regexp: 'pam_oath.so'
-    line: "auth	  required pam_oath.so usersfile=/etc/users.oath window={{totp_periode}} digits={{totp_digits}}"
-    insertafter: "^# PAM configuration for the Secure Shell service"
-
-- name: Set ChallengeResponseAuthentication in sshd conf
-  lineinfile:
-    path: /etc/ssh/sshd_config
-    regexp: '^#?ChallengeResponseAuthentication'
-    line: 'ChallengeResponseAuthentication yes'
-  notify: Reload sshd
-
-- name: Set UsePAM in sshd conf
-  lineinfile:
-    path: /etc/ssh/sshd_config
-    regexp: '^#?UsePAM'
-    line: 'UsePAM yes'
-  notify: Reload sshd
-
-
-
-
diff --git a/roles/synapse/tasks/main.yml b/roles/synapse/tasks/main.yml
index c58dd32..21ddc44 100644
--- a/roles/synapse/tasks/main.yml
+++ b/roles/synapse/tasks/main.yml
@@ -12,7 +12,7 @@
         owner: synapse_user
         local: C
         template: template0
-  no_log: true
+  no_log: "{{ enable_no_log | default('true') }}"
 
 - name: Install apt utils
   apt:
@@ -23,9 +23,6 @@
       - debconf-utils
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Install the pgp key for the synapse repo
   copy:
@@ -51,16 +48,13 @@
       - matrix-synapse-py3
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Configure synapse
   template:
     src: homeserver.yaml
     dest: /etc/matrix-synapse/homeserver.yaml
   notify: Restart synapse
-  no_log: true
+  no_log: "{{ enable_no_log | default('true') }}"
 
 # --- DRAFT ---
 - name: Install nginx
@@ -68,9 +62,6 @@
     name: nginx
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Generate self signed cert
   include_role:
diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml
new file mode 100644
index 0000000..ea64192
--- /dev/null
+++ b/roles/users/tasks/main.yml
@@ -0,0 +1,32 @@
+---
+
+- name: Create users
+  user:
+    name: "{{ item.key }}"
+    groups: "{{ item.value | default('') }}"
+    shell: "{{ user_dict[item.key].shell | default('/bin/bash') }}"
+    password: "{{ user_dict[item.key].password_hash }}"
+    update_password: always
+    # Prevent the user from changing their password
+    password_expire_max: -1
+    password_expire_min: 1
+      
+    state: present
+  loop: "{{ users | dict2items }}"
+
+- name: Create authorized_keys directory
+  file:
+    path: /etc/ssh/authorized_keys
+    state: directory
+    owner: root
+    group: root
+    mode: 0711
+
+- name: Add SSH key to users
+  ansible.builtin.copy:
+    dest: "/etc/ssh/authorized_keys/{{ item.key }}"
+    content: "{{ user_dict[item.key].ssh_keys | join('\n') }}\n"
+    owner: root
+    group: "{{ item.key }}"
+    mode: 0640
+  loop: "{{ users | dict2items }}"
diff --git a/roles/vpn/handlers/main.yml b/roles/vpn/handlers/main.yml
index dc9f10c..96ee8e4 100644
--- a/roles/vpn/handlers/main.yml
+++ b/roles/vpn/handlers/main.yml
@@ -3,6 +3,5 @@
   systemd:
     name: "wg-quick@{{ item.key }}"
     state: restarted
-  loop:
-    - "{{ lookup('dict', vpn_interfaces) }}"
-  no_log: true
+  loop: "{{ vpn_interfaces | dict2items }}"
+  no_log: "{{ enable_no_log | default('true') }}"
diff --git a/roles/vpn/tasks/main.yml b/roles/vpn/tasks/main.yml
index 30c947b..48ed553 100644
--- a/roles/vpn/tasks/main.yml
+++ b/roles/vpn/tasks/main.yml
@@ -3,7 +3,7 @@
   apt_repository:
     repo: deb http://deb.debian.org/debian buster-backports main
     state: present
-  when: ('debian_buster' in group_names) or ('proxmox_buster' in group_names)
+  when: ansible_facts["lsb"]["codename"] == "buster"
 
 - name: Install wireguard dependencies for proxmox
   apt:
@@ -12,10 +12,7 @@
       - wireguard-dkms # May need a `dkms autoinstall` and reboot ?
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
-  when: ('proxmox_buster' in group_names)
+  when: ('proxmox' in group_names)
 
 - name: Install wireguard
   apt:
@@ -23,9 +20,6 @@
       - wireguard
     state: latest
     update_cache: true
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
 
 - name: Create wireguard config files
   ansible.builtin.template:
@@ -35,15 +29,13 @@
     group: root
     mode: '600'
   notify: Restart wireguard for interface
-  loop:
-    - "{{ lookup('dict', vpn_interfaces) }}"
-  no_log: true
+  loop: "{{ vpn_interfaces | dict2items }}"
+  no_log: "{{ enable_no_log | default('true') }}"
 
 - name: Enable interface
   systemd:
     name: "wg-quick@{{ item.key }}"
     state: started
     enabled: yes
-  loop:
-    - "{{ lookup('dict', vpn_interfaces) }}"
-  no_log: true
+  loop: "{{ vpn_interfaces | dict2items }}"
+  no_log: "{{ enable_no_log | default('true') }}"
diff --git a/roles/vpn/templates/wiregard.conf.j2 b/roles/vpn/templates/wiregard.conf.j2
index 7f6af40..3b43127 100644
--- a/roles/vpn/templates/wiregard.conf.j2
+++ b/roles/vpn/templates/wiregard.conf.j2
@@ -9,7 +9,7 @@ ListenPort = {{ vpn_port }}
 [Peer]
 {{ peer.comment | comment }}
 Publickey = {{ peer.public_key }}
-{% if peer.endpoint %}
+{% if peer.endpoint is defined %}
 Endpoint = {{ peer.endpoint }}:{{ vpn_port }}
 {% endif %}
 AllowedIPs = {{ peer.allowed_ips | join(", ") }}
diff --git a/vault-client.sh b/vault-client.sh
new file mode 100755
index 0000000..c3e047e
--- /dev/null
+++ b/vault-client.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+if [ $# -ne 2 ] || [ $1 != "--vault-id" ]; then
+	>&2 echo "Usage: vault-client.sh --vault-id [vault-id]"
+	exit 1
+fi
+keyring get ansible-painsperdus vault-$2