diff --git a/.ansible-lint b/.ansible-lint
index 3f851df..d98efd4 100644
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -1,5 +1,10 @@
 skip_list:
-  - '301'
+  - no-changed-when
+  - load-failure
+  - document-start
 
 warn_list:
   - experimental  # all rules tagged as experimental
+
+exclude_paths:
+- group_vars/all/vault.yml
diff --git a/.drone.yml b/.drone.yml
index 58679a2..eb6ce40 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -4,16 +4,9 @@ type: docker
 name: check
 
 steps:
-  - name: yamllint
-    image: python:3.9-alpine
+  - name: ansible and yaml linting
+    pull: never
+    image: aurore-ansible-lint-image
     commands:
-      - pip install yamllint==1.25.0
-      - yamllint -c .yamllint.yml .
-
-  - name: ansible-lint
-    image: python:3.9-alpine
-    commands:
-      - apk add --no-cache gcc libc-dev libffi-dev openssl-dev
-      - pip install ansible-lint==4.3.7
       - ansible-lint
 ...
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
deleted file mode 100644
index c62f35b..0000000
--- a/.gitlab-ci.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-image: python:3.9-alpine
-
-stages:
-  - lint
-
-yamllint:
-  stage: lint
-  script:
-    - pip install yamllint==1.25.0
-    - yamllint -c .yamllint.yml .
-
-ansible-lint:
-  stage: lint
-  script:
-    - apk add gcc libc-dev libffi-dev openssl-dev
-    - pip install ansible-lint==4.3.7
-    - ansible-lint *.yml
-...
diff --git a/.yamllint.yml b/.yamllint.yml
index c8666c8..af15be3 100644
--- a/.yamllint.yml
+++ b/.yamllint.yml
@@ -6,6 +6,5 @@ rules:
     max: 120
     level: warning
   document-start:
-    ignore: |
-      /groups_var/all/vault.yml
+    ignore: group_vars/all/vault.yml
 ...
diff --git a/README.md b/README.md
index 00897a4..cb8683f 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,5 @@
+[![Linter Status](https://drone.auro.re/api/badges/Aurore/ansible/status.svg)](https://drone.auro.re/Aurore/ansible)
+
 # Recettes Ansible d'Aurore
 
 Ensemble des recettes de déploiement Ansible pour les serveurs d'Aurore.
diff --git a/deploy_postfix_non_mailhost.yml b/deploy_postfix_non_mailhost.yml
new file mode 100644
index 0000000..e335928
--- /dev/null
+++ b/deploy_postfix_non_mailhost.yml
@@ -0,0 +1,8 @@
+---
+# Deploy a correclty configured postfix on non mailhost servers
+- hosts: all,!unifi
+  vars:
+    local_network: 10.128.0.0/16
+    relay_host: proxy.adm.auro.re
+  roles:
+    - postfix_non_mailhost
diff --git a/docker-ansible-lint/Dockerfile b/docker-ansible-lint/Dockerfile
new file mode 100644
index 0000000..5d60549
--- /dev/null
+++ b/docker-ansible-lint/Dockerfile
@@ -0,0 +1,7 @@
+FROM python:3.9-alpine
+LABEL description="Aurore's docker image for ansible-lint"
+
+RUN apk add --no-cache gcc musl-dev python3-dev libffi-dev openssl-dev cargo
+RUN pip install "yamllint>=1.26.0,<2.0"
+RUN pip install "ansible-lint==5.0.0"
+RUN pip install "ansible>=2.10,<2.11"
diff --git a/docker-ansible-lint/README.md b/docker-ansible-lint/README.md
new file mode 100644
index 0000000..adabac3
--- /dev/null
+++ b/docker-ansible-lint/README.md
@@ -0,0 +1,18 @@
+# Ansible-lint image
+
+In order to build this image when a new version comes out, you need to
+1. ssh into the `drone.adm.auro.re` server
+2. git pull this repo to the lastest version
+3. optionally make the changes if it has not been done yet
+4. `sudo docker build -t aurore-ansible-lint-image docker-ansible-lint/`
+5. ???
+6. enjoy
+
+You can verify that the image was correclty built by running
+```
+# list the images present
+sudo docker image ls
+
+# run your image with an interactive shell
+sudo docker run -it --rm aurore-ansible-lint-image /bin/sh
+```
diff --git a/roles/postfix_non_mailhost/handlers/main.yml b/roles/postfix_non_mailhost/handlers/main.yml
new file mode 100644
index 0000000..bc28f6e
--- /dev/null
+++ b/roles/postfix_non_mailhost/handlers/main.yml
@@ -0,0 +1,10 @@
+---
+- name: restart postfix
+  service:
+    name: postfix
+    state: restarted
+
+- name: reload postfix
+  service:
+    name: postfix
+    state: reloaded
diff --git a/roles/postfix_non_mailhost/tasks/main.yml b/roles/postfix_non_mailhost/tasks/main.yml
new file mode 100644
index 0000000..42f3482
--- /dev/null
+++ b/roles/postfix_non_mailhost/tasks/main.yml
@@ -0,0 +1,17 @@
+---
+- name: Install postfix
+  apt:
+    name: postfix
+    update_cache: true
+  register: result
+  retries: 3
+  until: result is succeeded
+
+- name: Configure postfix
+  template:
+    src: main.cf.j2
+    dest: /etc/postfix/main.cf
+    mode: 0644
+    owner: root
+    group: root
+  notify: restart postfix
diff --git a/roles/postfix_non_mailhost/templates/main.cf.j2 b/roles/postfix_non_mailhost/templates/main.cf.j2
new file mode 100644
index 0000000..d5f5166
--- /dev/null
+++ b/roles/postfix_non_mailhost/templates/main.cf.j2
@@ -0,0 +1,32 @@
+# {{ ansible_managed }}
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+# Template based on /usr/share/postfix/main.cf.debian
+
+smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+biff = no
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+
+# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
+# fresh installs.
+compatibility_level = 2
+
+# Send mail as user@{{ ansible_fqdn }}
+myhostname = {{ ansible_fqdn }}
+myorigin = $myhostname
+mydomain = $myhostname
+
+# Specify the trusted networks
+mynetworks = 127.0.0.0/8 {{ local_network }}
+
+# This host does not relay mail from untrusted networks
+relay_domains =
+
+# This is needed if no direct Internet access is available
+relayhost = {{ relay_host }}
diff --git a/utils/README.md b/utils/README.md
new file mode 100644
index 0000000..651404b
--- /dev/null
+++ b/utils/README.md
@@ -0,0 +1,4 @@
+# Utils
+
+A repository of Ansible Playbooks that are useful, as little script or various
+utilities, but not used in production.
diff --git a/logrotate.yml b/utils/logrotate.yml
similarity index 100%
rename from logrotate.yml
rename to utils/logrotate.yml
diff --git a/nuke_radius_dbs.yml b/utils/nuke_radius_dbs.yml
similarity index 100%
rename from nuke_radius_dbs.yml
rename to utils/nuke_radius_dbs.yml
diff --git a/utils/re2o_mail_server.yml b/utils/re2o_mail_server.yml
new file mode 100755
index 0000000..79fd7ff
--- /dev/null
+++ b/utils/re2o_mail_server.yml
@@ -0,0 +1,13 @@
+---
+# Deploy Re2o mail service
+- hosts: mail.auro.re
+  vars:
+    service_repo: https://gitea.auro.re/aurore/re2o-mail-server.git
+    service_name: mail-server
+    service_version: aurore
+    service_config:
+      hostname: re2o-test.adm.auro.re  # use test instance for now, should be changed for prod!
+      username: service-user
+      password: "{{ vault_serviceuser_passwd }}"
+  roles:
+    - re2o-service
diff --git a/utils/reboot_needed_check.yml b/utils/reboot_needed_check.yml
new file mode 100755
index 0000000..631d496
--- /dev/null
+++ b/utils/reboot_needed_check.yml
@@ -0,0 +1,31 @@
+#!/usr/bin/env ansible-playbook
+---
+# Check if a reboot is required by the installation of some packages (ie kernel)
+- hosts: localhost
+  tasks:
+    - name: Make sure local file exist but is empty  # weird hack, I know
+      copy:
+        dest: /tmp/ansible_dump_reboot_needed.txt
+        content: ""
+        force: true
+        mode: 0644
+
+- hosts: all,!unifi,!escalope.adm.auro.re,!loki.adm.auro.re,!viviane.adm.auro.re,!vpn-ovh.adm.auro.re
+  tasks:
+    # Register the output of the file /var/run/reboot-required.pkgs
+    - name: Register if boot is required
+      shell: if [ -e /var/run/reboot-required.pkgs ]; then cat /var/run/reboot-required.pkgs; fi
+      register: result
+
+    - name: DEBUG
+      debug:
+        msg: "{{ ansible_facts['nodename'] }} : {{ result.stdout }}"
+      when: result.stdout is defined
+
+    # Add info line by line
+    - name: Dump all info into the local file
+      delegate_to: localhost
+      lineinfile:
+        path: /tmp/ansible_dump_reboot_needed.txt
+        line: "{{ ansible_facts['nodename'] }} : {{ result.stdout }}"
+      when: result.stdout is defined
diff --git a/upgrade.yml b/utils/upgrade.yml
similarity index 100%
rename from upgrade.yml
rename to utils/upgrade.yml
diff --git a/utils/version_check.yml b/utils/version_check.yml
new file mode 100755
index 0000000..1a8a7c5
--- /dev/null
+++ b/utils/version_check.yml
@@ -0,0 +1,21 @@
+#!/usr/bin/env ansible-playbook
+---
+# Check for the distribution
+- hosts: localhost
+  tasks:
+    - name: Make sure local file exist but is empty  # weird hack, I know
+      copy:
+        dest: /tmp/ansible_dump_reboot_needed.txt
+        content: ""
+        force: true
+        mode: 0644
+
+- hosts: all,!unifi
+  tasks:
+    # Add info line by line
+    - name: Dump all info into the local file
+      delegate_to: localhost
+      lineinfile:
+        path: /tmp/ansible_dump_dist_version.txt
+        line: "[{{ ansible_facts['nodename'] }}] {{ ansible_fqdn }} : {{
+                ansible_distribution }} {{ ansible_distribution_version }}"