diff --git a/bank.yaml b/bank.yaml
index c77308d..7514be2 100644
--- a/bank.yaml
+++ b/bank.yaml
@@ -1,5 +1,6 @@
 ---
 - hosts: bank
+  vars:
   roles:
     - common
     - bank
diff --git a/common.yaml b/common.yaml
deleted file mode 100644
index 2f2247e..0000000
--- a/common.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-- hosts: debian
-  roles:
-    - common
diff --git a/group_vars/mqtt_internal.yaml b/group_vars/mqtt_internal.yaml
deleted file mode 100644
index 3ce5308..0000000
--- a/group_vars/mqtt_internal.yaml
+++ /dev/null
@@ -1 +0,0 @@
-mqtt_internal_public_host: bitlair.nl
diff --git a/group_vars/music.yaml b/group_vars/music.yaml
deleted file mode 100644
index 7106ebf..0000000
--- a/group_vars/music.yaml
+++ /dev/null
@@ -1,3 +0,0 @@
-music_domain: music.bitlair.nl
-acme_san_domains:
-  - [ music.bitlair.nl ]
diff --git a/hosts b/hosts
new file mode 100644
index 0000000..9a609b6
--- /dev/null
+++ b/hosts
@@ -0,0 +1,11 @@
+[bank]
+bank.bitlair.nl
+
+[bar]
+bank-pi.bitlair.nl
+
+[mqtt_internal]
+mqtt.bitlair.nl
+
+[music]
+music.bitlair.nl
diff --git a/hosts.yaml b/hosts.yaml
deleted file mode 100644
index d3ebcdc..0000000
--- a/hosts.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-all:
-  children:
-    raspi:
-      hosts:
-        bank-pi.bitlair.nl:
-    debian:
-      children:
-        bank:
-          hosts:
-            bank.bitlair.nl:
-        git:
-          hosts:
-            git.bitlair.nl:
-        lights:
-          hosts:
-            lights.bitlair.nl:
-        mqtt_internal:
-          hosts:
-            mqtt.bitlair.nl:
-        music:
-          hosts:
-            music.bitlair.nl:
-        www:
-          hosts:
-            cyber.bitlair.nl:
diff --git a/mqtt-internal.yaml b/mqtt-internal.yaml
index 20d0cb7..102998a 100644
--- a/mqtt-internal.yaml
+++ b/mqtt-internal.yaml
@@ -1,5 +1,7 @@
 ---
 - hosts: mqtt_internal
+  vars:
+    mqtt_internal_public_host: bitlair.nl
   roles:
     - common
     - mqtt-internal
diff --git a/music.yaml b/music.yaml
index b6fe086..919aa71 100644
--- a/music.yaml
+++ b/music.yaml
@@ -1,5 +1,9 @@
 ---
 - hosts: music
+  vars:
+    music_domain: music.bitlair.nl
+    acme_san_domains:
+      - [ music.bitlair.nl ]
   roles:
     - common
     - acme
diff --git a/roles/acme/templates/nginx-snippet.conf b/roles/acme/templates/nginx-snippet.conf
index c57ac6a..4d988bd 100644
--- a/roles/acme/templates/nginx-snippet.conf
+++ b/roles/acme/templates/nginx-snippet.conf
@@ -2,6 +2,5 @@
 
 location /.well-known/acme-challenge {
 	allow all;
-	auth_basic off;
 	alias /var/lib/dehydrated/acme-challenges;
 }
diff --git a/roles/common/tasks/main.yaml b/roles/common/tasks/main.yaml
index a47b058..14c461f 100644
--- a/roles/common/tasks/main.yaml
+++ b/roles/common/tasks/main.yaml
@@ -31,7 +31,7 @@
   lineinfile:
     path: /etc/bash.bashrc
     insertafter: EOF
-    regexp: "^source /usr/share/doc/fzf/examples/{{ item }}"
+    regexp: "^source /usr/share/doc/fzf/{{ item }}"
     line: "source /usr/share/doc/fzf/examples/{{ item }} # Managed by Ansible"
   with_items:
     - key-bindings.bash
@@ -77,15 +77,12 @@
     - ipv6
   notify: persist iptables
 
-- name: Allow ICMP
+- name: Allow IPv6 ICMP
   iptables:
     chain: INPUT
-    protocol: "{{ item.proto }}"
+    protocol: ipv6-icmp
     jump: ACCEPT
-    ip_version: "{{ item.ip }}"
-  with_items:
-    - { ip: ipv4, proto: icmp }
-    - { ip: ipv6, proto: ipv6-icmp }
+    ip_version: ipv6
   notify: persist iptables
 
 - name: Allow related and established connections
diff --git a/roles/common/tasks/network.yaml b/roles/common/tasks/network.yaml
index 47053a9..29bf9c2 100644
--- a/roles/common/tasks/network.yaml
+++ b/roles/common/tasks/network.yaml
@@ -5,14 +5,17 @@
     state: present
   when: network_br
 
-- name: Configure sysctl.conf
-  lineinfile:
+- lineinfile:
     path: /etc/sysctl.conf
-    regexp: "^#?{{ item.k }}"
-    line: "{{ item.k }}={{ item.v }} # Managed by Ansible"
-  with_items:
-    - { k: net.ipv4.ip_forward, v: "1" }
-    - { k: net.ipv6.conf.all.forwarding, v: "1" }
+    regexp: ^#?net.ipv4.ip_forward
+    line: "net.ipv4.ip_forward=1 # Managed by Ansible"
+  notify: reboot
+  when: network_br
+
+- lineinfile:
+    path: /etc/sysctl.conf
+    regexp: ^#?net.ipv6.conf.all.forwarding
+    line: "net.ipv6.conf.all.forwarding=1 # Managed by Ansible"
   notify: reboot
   when: network_br
 
diff --git a/roles/common/templates/network-interfaces b/roles/common/templates/network-interfaces
index 4799cd3..b90590e 100644
--- a/roles/common/templates/network-interfaces
+++ b/roles/common/templates/network-interfaces
@@ -18,20 +18,20 @@ iface eth0 inet manual
 
 auto br0
 iface br0 inet static
-	address {{ network_address_v4 }}
-	gateway {{ network_gateway_v4 }}
+	address {{ network_static.address_v4 }}
+	gateway {{ network_static.gateway_v4 }}
 	bridge_ports eth0
 
 iface br0 inet6 auto
 	up echo -n 0 > /sys/devices/virtual/net/br0/bridge/multicast_snooping
-	up ip -6 addr add {{ network_address_v6 }} dev br0
-	up ip -6 route add default via {{ network_gateway_v6 }} dev br0
+	up ip -6 addr add {{ network_static.address_v6 }} dev br0
+	up ip -6 route add default via {{ network_static.gateway_v6 }} dev br0
 	bridge_stp on
 
 {% elif network_static %}
 iface eth0 inet static
-	address {{ network_address_v4 }}
-	gateway {{ network_gateway_v4 }}
+	address {{ network_static.address_v4 }}
+	gateway {{ network_static.gateway_v4 }}
 
 {% else %}
 iface eth0 inet dhcp
diff --git a/roles/music/handlers/main.yaml b/roles/music/handlers/main.yaml
index f3d692b..11225a0 100644
--- a/roles/music/handlers/main.yaml
+++ b/roles/music/handlers/main.yaml
@@ -17,9 +17,3 @@
     name: librespot
     state: restarted
     daemon_reload: true
-
-- name: restart soundboard
-  systemd:
-    name: soundboard
-    state: restarted
-    daemon_reload: true
diff --git a/roles/music/tasks/main.yaml b/roles/music/tasks/main.yaml
index e7021de..3a4eb8c 100644
--- a/roles/music/tasks/main.yaml
+++ b/roles/music/tasks/main.yaml
@@ -8,9 +8,6 @@
 - tags: music_librespot
   import_tasks: librespot.yaml
 
-- tags: music_soundboard
-  import_tasks: soundboard.yaml
-
 - tags: music
   block:
     - name: Install nginx
diff --git a/roles/music/tasks/soundboard.yaml b/roles/music/tasks/soundboard.yaml
deleted file mode 100644
index ae29422..0000000
--- a/roles/music/tasks/soundboard.yaml
+++ /dev/null
@@ -1,72 +0,0 @@
----
-- name: Install dependencies
-  apt:
-    name: virtualenv
-    state: present
-
-- name: Clone soundboard source
-  git:
-    repo: https://github.com/polyfloyd/mqtt-soundboard.git
-    version: main
-    dest: /opt/soundboard
-    accept_hostkey: yes
-  notify: restart soundboard
-
-- name: Create virtualenv
-  command: virtualenv /opt/soundboard/.venv
-  args:
-    creates: /opt/soundboard/.venv
-
-- name: Install Python dependencies
-  shell: . .venv/bin/activate && pip install -r requirements.txt
-  args:
-    chdir: /opt/soundboard
-
-- name: Install soundboard config file
-  template:
-    src: soundboard.yaml
-    dest: /etc/soundboard.yaml
-    owner: root
-    group: root
-    mode: 0644
-  notify: restart soundboard
-
-- name: Install soundboard service file
-  template:
-    src: soundboard.service
-    dest: /etc/systemd/system/soundboard.service
-    owner: root
-    group: root
-    mode: 0644
-  notify: restart soundboard
-
-- name: Enable soundboard
-  systemd:
-    name: soundboard
-    state: started
-    enabled: true
-    daemon_reload: true
-
-- name: Install shutdown sound script
-  template:
-    src: shutdown-sound.sh
-    dest: /opt/shutdown-sound.sh
-    owner: root
-    group: root
-    mode: 0644
-
-- name: Install shutdown sound service
-  template:
-    src: shutdown-sound.service
-    dest: /etc/systemd/system/shutdown-sound.service
-    owner: root
-    group: root
-    mode: 0644
-  notify: daemon reload
-
-- name: Enable shutdown-sound
-  systemd:
-    name: shutdown-sound
-    state: started
-    enabled: true
-    daemon_reload: true
diff --git a/roles/music/templates/shutdown-sound.service b/roles/music/templates/shutdown-sound.service
deleted file mode 100644
index 6c6de88..0000000
--- a/roles/music/templates/shutdown-sound.service
+++ /dev/null
@@ -1,16 +0,0 @@
-# Managed by Ansible
-
-[Unit]
-Description=Goodbye
-Requires=mpd.service
-
-[Service]
-Type=oneshot
-ExecStart=/bin/true
-ExecStop=/opt/shutdown.sh
-RemainAfterExit=true
-User=audio
-Group=audio
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/music/templates/shutdown-sound.sh b/roles/music/templates/shutdown-sound.sh
deleted file mode 100644
index 9346f74..0000000
--- a/roles/music/templates/shutdown-sound.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/bash
-
-# Managed by Ansible
-
-systemctl stop trollibox.service
-mpc clear
-
-su audio -c 'mplayer -volume 10 -ao jack:name=MPlayer /opt/sounds/shutdown.mp3'
diff --git a/roles/music/templates/soundboard.service b/roles/music/templates/soundboard.service
deleted file mode 100644
index 6c74903..0000000
--- a/roles/music/templates/soundboard.service
+++ /dev/null
@@ -1,15 +0,0 @@
-# Managed by Ansible
-
-[Unit]
-Description=MQTT Soundboard
-After=network.target
-
-[Service]
-Type=simple
-ExecStart=/opt/soundboard/.venv/bin/python /opt/soundboard/soundboard.py /etc/soundboard.yaml
-Restart=always
-RestartSec=10
-User=root
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/music/templates/soundboard.yaml b/roles/music/templates/soundboard.yaml
deleted file mode 100644
index 5ef917f..0000000
--- a/roles/music/templates/soundboard.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-loglevel: INFO
-
-mqtt:
-  host: mqtt.bitlair.nl
-
-sounds:
-  directory: /opt/sounds
-  play_cmd: "mplayer -volume 10 -ao jack:name=MPlayer %s"
-  topic: bitlair/soundboard
-
-aliases:
-  - sound: space_open
-    topic: bitlair/state
-    value: open
-  - sound: space_close
-    topic: bitlair/state
-    value: close
-  - sound: doorbell
-    topic: bitlair/doorduino/doorbell
-  - sound: nomunnie
-    topic: bitlair/bank/shame