diff --git a/inventory b/inventory
index 74fca67..65c8492 100644
--- a/inventory
+++ b/inventory
@@ -1,5 +1,9 @@
 all:
   vars:
+    server_admin: "admin@netz39.de"
+
+    ag_timezone: Europe/Berlin
+
     users:
     - logname: "alex"
       viewname: "Alexander Dahl"
@@ -42,8 +46,12 @@ all:
 
   hosts:
     tau.netz39.de:
+      server_admin: "admin+tau@netz39.de"
+      mysql_root_pw: !vault |
+        $ANSIBLE_VAULT;1.1;AES256
+        64313138383833643866383332623265383863623332343864306537633931326139303638303761
+        6464653933613663643632383935376164393033363233330a313063613832396166666464666136
+        36633532393231663634663034666666356332373438646130643161383134653739663066626538
+        3661663132343639310a613431653031626434323064313465373866666332353931313836623465
+        3461
 
-  children:
-    tau:
-      hosts:
-        tau.netz39.de:
diff --git a/main.yml b/main.yml
index a4e6009..69b36c6 100644
--- a/main.yml
+++ b/main.yml
@@ -1,25 +1,10 @@
 ---
-- hosts: tau
+- hosts: all
   become: true
 
   vars:
     ansible_python_interpreter: /usr/bin/python3
 
-    server_admin: "admin@netz39.de"
-
-    ag_timezone: Europe/Berlin
-
-    docker_compose_version: "1.25.4"
-    docker_compose_path: /usr/local/bin/docker-compose
-
-    mysql_root_pw: !vault |
-      $ANSIBLE_VAULT;1.1;AES256
-      64313138383833643866383332623265383863623332343864306537633931326139303638303761
-      6464653933613663643632383935376164393033363233330a313063613832396166666464666136
-      36633532393231663634663034666666356332373438646130643161383134653739663066626538
-      3661663132343639310a613431653031626434323064313465373866666332353931313836623465
-      3461
-
   roles:
   - role: ansible.timezone
 
@@ -49,15 +34,64 @@
       include_role:
         name: users
 
-    - name: Install Docker
+
+
+- hosts: tau.netz39.de
+  become: true
+
+  vars:
+    ansible_python_interpreter: /usr/bin/python3
+
+    docker_compose_version: "1.25.4"
+    docker_compose_path: /usr/local/bin/docker-compose
+
+  roles:
+  - role: docker
+  - role: apache
+
+  tasks:
+    - name: Setup docker network
+      docker_network:
+        name: dockernet
+        driver: bridge
+        ipam_config:
+          - subnet: 192.168.0.0/24
+            gateway: 192.168.0.1
+        state: present
+
+    - name: Setup forward site reservierung.netz39.de
       include_role:
-        name: install-docker
+        name: setup-http-site-forward
+      vars:
+        site_name: reservierung.netz39.de
+        forward_to: https://codimd.pingtech.de/aYsBj5wSTviFTozd8b0P_Q
 
-    - name: Setup Docker Environment
-      include_tasks: tasks/docker_env.yml
-
-    - name: Setup httpd
-      include_tasks: tasks/httpd.yml
+    - name: Setup proxy site testredmine.netz39.de
+      include_role:
+        name: setup-http-site-proxy
+      vars:
+        site_name: testredmine.netz39.de
+        proxy_port: 9004
 
     - name: Setup phpmyadmin
-      include_tasks: tasks/phpmyadmin.yml
+      docker_container:
+        name: phpmyadmin
+        state: started
+        image: phpmyadmin:5.0
+        networks_cli_compatible: true
+        networks:
+          - name: dockernet
+        restart_policy: always
+        env:
+          PMA_HOST: 192.168.0.1
+          MYSQL_ROOT_PASSWORD: "{{ mysql_root_pw }}"
+          PMA_ABSOLUTE_URI: "https://mysql.adm.netz39.de"
+        published_ports:
+          - 9001:80
+
+    - name: Setup proxy site mysql.adm.netz39.de
+      include_role:
+        name: setup-http-site-proxy
+      vars:
+        site_name: mysql.adm.netz39.de
+        proxy_port: 9001
diff --git a/roles/apache/tasks/main.yml b/roles/apache/tasks/main.yml
new file mode 100644
index 0000000..349e53d
--- /dev/null
+++ b/roles/apache/tasks/main.yml
@@ -0,0 +1,11 @@
+---
+- name: Ensure Apache2 and modules are installed and up to date
+  apt:
+    name:
+      - apache2
+    state: latest
+
+- name: Ensure mod_rewrite is enabled
+  apache2_module:
+    name: rewrite
+    state: present
diff --git a/roles/install-docker/handlers/main.yml b/roles/docker/handlers/main.yml
similarity index 100%
rename from roles/install-docker/handlers/main.yml
rename to roles/docker/handlers/main.yml
diff --git a/roles/install-docker/tasks/main.yml b/roles/docker/tasks/main.yml
similarity index 100%
rename from roles/install-docker/tasks/main.yml
rename to roles/docker/tasks/main.yml
diff --git a/tasks/docker_env.yml b/tasks/docker_env.yml
deleted file mode 100644
index 3e05570..0000000
--- a/tasks/docker_env.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- name: Setup docker network
-  docker_network:
-    name: dockernet
-    driver: bridge
-    ipam_config:
-      - subnet: 192.168.0.0/24
-        gateway: 192.168.0.1
-    state: present
-
-
diff --git a/tasks/httpd.yml b/tasks/httpd.yml
deleted file mode 100644
index 5dc8983..0000000
--- a/tasks/httpd.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-- name: Ensure Apache2 and modules are installed and up to date
-  apt:
-    name:
-      - apache2
-    state: latest
-
-- name: Ensure mod_rewrite is enabled
-  apache2_module:
-    name: rewrite
-    state: present
-
-
-- name: Setup forward site reservierung.netz39.de
-  include_role:
-    name: setup-http-site-forward
-  vars:
-    site_name: reservierung.netz39.de
-    forward_to: https://codimd.pingtech.de/aYsBj5wSTviFTozd8b0P_Q
-
-
-- name: Setup proxy site testredmine.netz39.de
-  include_role:
-    name: setup-http-site-proxy
-  vars:
-    site_name: testredmine.netz39.de
-    proxy_port: 9004
diff --git a/tasks/phpmyadmin.yml b/tasks/phpmyadmin.yml
deleted file mode 100644
index c9e0a09..0000000
--- a/tasks/phpmyadmin.yml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-- name: Setup phpmyadmin
-  docker_container:
-    name: phpmyadmin
-    state: started
-    image: phpmyadmin:5.0
-    networks_cli_compatible: true
-    networks:
-      - name: dockernet
-    restart_policy: always
-    env:
-      PMA_HOST: 192.168.0.1
-      MYSQL_ROOT_PASSWORD: "{{ mysql_root_pw }}"
-      PMA_ABSOLUTE_URI: "https://mysql.adm.netz39.de"
-    published_ports:
-      - 9001:80
-
-- name: Setup proxy site mysql.adm.netz39.de
-  include_role:
-    name: setup-http-site-proxy
-  vars:
-    site_name: mysql.adm.netz39.de
-    proxy_port: 9001
diff --git a/tasks/users.yml b/tasks/users.yml
deleted file mode 100644
index becf453..0000000
--- a/tasks/users.yml
+++ /dev/null
@@ -1,48 +0,0 @@
----
-- name: Add users | create users, shell, home dirs
-  user:
-    name: "{{ item }}"
-    shell: /bin/bash
-    createhome: yes
-    comment: 'created with ansible'
-    password_lock: true
-    append: true
-  with_items:
-    - "{{ admin_users }}"
-
-- name: Create .ssh user directories
-  file:
-    path: "{{ '/home/' + item + '/.ssh'  }}"
-    state: directory
-    mode: "0700"
-    owner: "{{ item }}"
-    group: "{{ item }}"
-  with_items:
-    - "{{ admin_users }}"
-
-- name: Set authorized keys for users
-  copy:
-    src: "{{'users/' + item + '_authorized_keys'}}"
-    remote_src: no
-    dest: "{{ '/home/' + item + '/.ssh/authorized_keys' }}"
-    mode: "0600"
-    owner: "{{ item }}"
-    group: "{{ item }}"
-  with_items:
-    - "{{ admin_users }}"
-
-- name: Place users in sudo group
-  user:
-    name: "{{ item }}"
-    groups: sudo
-    append: yes
-  with_items:
-    - "{{ admin_users }}"
-
-- name: Configure group sudo for sudoers without password
-  lineinfile:
-    path: /etc/sudoers
-    state: present
-    regexp: '^%sudo\s'
-    line: '%sudo ALL=(ALL) NOPASSWD: ALL'
-    validate: /usr/sbin/visudo -cf %s