diff --git a/ansible.cfg b/ansible.cfg
index 7dad879..3d7a459 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,9 +1,12 @@
 [defaults]
+# (string) Path to the Python interpreter to be used for module execution on remote targets, or an automatic discovery mode. Supported discovery modes are ``auto`` (the default), ``auto_silent``, ``auto_legacy``, and ``auto_legacy_silent``. All discovery modes employ a lookup table to use the included system Python (on distributions known to include one), falling back to a fixed ordered list of well-known Python interpreter locations if a platform-specific default is not available. The fallback behavior will issue a warning that the interpreter should be set explicitly (since interpreters installed later may change which one is used). This warning behavior can be disabled by setting ``auto_silent`` or ``auto_legacy_silent``. The value of ``auto_legacy`` provides all the same behavior, but for backwards-compatibility with older Ansible releases that always defaulted to ``/usr/bin/python``, will use that interpreter if present.
+interpreter_python=python3
+
 # (pathspec) Colon separated paths in which Ansible will search for Roles.
 roles_path=./roles
 
 # (pathlist) Comma separated list of Ansible inventory sources
-inventory=./inventory/production
+inventory=./production.ini
 
 # (path) The vault password file to use. Equivalent to --vault-password-file or --vault-id
 # If executable, it will be run and the resulting stdout will be used as the password.
diff --git a/group_vars/all/secrets.yml b/group_vars/all/secrets.yml
index 5c78dc6..7a8a6e3 100644
--- a/group_vars/all/secrets.yml
+++ b/group_vars/all/secrets.yml
@@ -1,56 +1,63 @@
 $ANSIBLE_VAULT;1.1;AES256
-34623331393561623539666362643966336661326136363431666465356535343663376236663066
-3235363061633666626133313363373336656438633566630a383230393161323862303863656464
-61633861323966343263363466343130306635343539326464363637383139343033656130336464
-3163373535613961340a643335626165306663363063656339653862393533633534366331336231
-63393432383731633463323164333831313535373261336166326237306230326465616239306536
-37663863663161393130373835373062393866633864373465333937633838303130386334356566
-64303663303862623038646235303934376230393538353466393232363764366339616633343433
-65343730663864393766313134653335396562646135306637613031333461613965666465376532
-32643261626665396338313836633337383932616265613662383132303539623239623965333966
-66333638643635313262616434396164313833303065303662303736303232346535613834643435
-32316434343231363662393163353832393166643739396165313631363539663439316133616361
-61623830613035396333303363383332653736666231343763353666356539633433373066613330
-65656631343764323234333161636632616130353139626362343361386535313336666566636464
-35323434656439346262336335383366626565333765343562633236636132636532333761663535
-31383565313436633438633336306430343733663539666631386532313836623166356332626664
-39653762353265643861633237326662383466373539633732323833376238383963393837636466
-66656631666131623166393731643537393161303636353932653062363137376334356238643064
-34303666656638396263336639636135393536623037666137653132633264316431656438386432
-34333632616265343435306365373039653036353337633563393739653632656163316636363336
-32346638393364353634386231616639386164326531353134366639653837653236333030666139
-64656334336231636337656233383834343763393738643362626665333362353335656131653165
-35376330336433383262653039643131313437643265343663626363373439643932643063646439
-37663630363839643263373630646430386536346132383564396463376361343661346661333636
-39643961643031626462363537633263393838363262626439313838313039373035373634633462
-38363938343932626131343966616638323632303636383034383536616164393539343635666166
-39383434313863356434383961383139623436636230323866396366326665623863336438623335
-33346634303639643131333933363838666336306438646335343931366437326462376438663837
-34353938343837663930356464373332356530643231653166616331376335643832316365303164
-32393062313638393936393863613731363233376537323834623164613231393133353635623866
-35626337336562653265613730363961633662653331663966333430343462666535306133663835
-64663539303765366331613666653632313233626231313264346332323266653230323332373836
-33303564633464333064613431383230383535633362373839323334353162623433646230393838
-33306162613739393338373361616634396636313765326465393332396537613263383339626666
-63613162616363363138323965373966353366323463313934356530663931653565656164346363
-37633862366436623030303233396639393434336438623433383530393836626164353064366432
-35303532393437316162346366346636633135383938323631316563323935383561326335323438
-30613266643232656138663431666162663330643133643263343237663565323231316239633037
-39323732386236396136633539383335646634306139643533666636633131623566333137376236
-39616134306463613864353135313636343365643437323465643862303137663937376233306261
-31383862356535646563383438396363323838613237623034656561396163376433663262366137
-63323562346633303162666530616534386539383238366139376263326265343138373139393432
-35643335363139373139666230626363386232316536306431653964376333366235303763336135
-65623231336638643034373932376263636336653561646664366138643031316438316465353363
-38386539363631393433313664323135646562313537376236653635303263633230383866653039
-66636534336234363438363139366531653237323137613961383831376665626365393462363834
-36333965366463636233643433616431376436323535396238363933326363333661326462353161
-66626435373938633832393662313161663336613862343332643766333633653866316464653735
-31356135363662633961386264613836323435323836386635336338353663333137336666323531
-36663731336664633763633634613136663866363530613264356431326539316530326161313362
-62616539356537353261343464356334636134396664353463623163313765633432653932346136
-32326239373333643461333733646264353238356134613037663836643131316664653539643839
-30613235623933356565336630323939633266613164306262386666363137666661666131613962
-61623930663536646462343264336535353634373833316537613839396566376466653736333830
-33376663613063326230346439626237373232656665633832373364653931663361666432303166
-663564323132383864336332363139393534
+62353334666233376566326532636437376331316231323234643438323138316538363739343966
+3637633035343637363766613038346162336437303035390a663363313565343230346363646534
+39393835313839323534663430646461336536343764636463376262646666356465386234313635
+3965343062616437660a613633343839303638656464616638306234363732656139653736373262
+63643739313466353637613738343233353738373764653762343432643430383637313137376236
+37643033323439656161333361346638643562393031363230383033363862316162353132313161
+61323433643933323735376163666564666264666461666234376664323661333734313231623730
+65323839383932303436306434356334396130353236323965646564303930383765376265356438
+35633031623036313634333534663564653863366535643466306332386166666531343262386330
+32633530313666653462326565643163616632333835643231643063393438356265313638336662
+36376132353931613835343030633464633561613361376264613535383830376337303539316133
+64666164306235333663303564656364303762326262313835343233303465653934623965653933
+62336130653938643966656665306134376237376537663533306261623132653838363034626131
+39346339666566633037663730313732393464306438623630326533333866636465353631373435
+61623833393039393961633664383939623930633562383936373036616431333664376364663930
+36326666653431326332316361336439303163643061343435643363376665616135653036663466
+65613563356631633238303731366330303265396661303735616534653731616439613531353939
+35386562626432616239643665663432373536623064383963306537386338636437663439313066
+64373336373830633163633433666334393035336539363261336364376139373434316433643364
+35353035326134626661663730383132323466343938373562336332663964393164663731633231
+37386330363531616566663965613164663463303762363635323438366130336334323134393332
+37313638346162633561393562666334616464303330376230633264623262336335613063653665
+32393332396631363562643961336166666339326233366364333061303766616632323732666338
+39363864336634356535333063343730663231303839393061366238353032643965353939656135
+39316539333338333431383635323537653761356665343136303231633265643735623962346133
+66313132313765643231373435653266633564316331633563623138303835616133303061333239
+39333362323162303466383865343031663663613266643932653862623137663766343665366263
+66303962353330653162356333343231393137613763316134663135613738666231373835616563
+33656564343864333263646437656435363338376663636435353432643931303032306330353831
+37623634353735373635303934653034356431346330376637656435356530656131343736636463
+63376565333730623335386231333838353763633031663238346438643664373130343632313462
+39343033623939653865383965653331366539643934363236663631313537323338643266313030
+65363736653237336633343333393665333666386336666630366664313336393136383734613635
+62366365356262643632306430626166346636343837653730626665646631373966396535666336
+36396464626437393433656361386263613330333561643563643232333064333565626534353736
+32653239353531343265353631623430363537396233363666393335356261323532633432376139
+33663266303631383936623332313833616262616635356139336165323662656131643334633563
+39396538383661306564333239383131623039303835323636326532653331346135343065363533
+32616533643662643365383132666438383237396362653465666264346333383133653738643166
+61393561396535343230343665363235326561666565376165323262396638626631363032643865
+66656439626339653837353133626133326234333036386563353532383764613261326130363361
+39663233656538356334326530366132346339666161386433393431663262646433353430366532
+31336661316562323534356632616633363862366163346532613433393434323639313733656562
+37633962613630336661623733626237613365623436346662376135646563353735623030303064
+34303064323635306465326638633665333639306564343034646262326466323539643437646239
+65343865646137336564356438623739323639336437626564393337343232313563353762333561
+65633265386132666635303831653236346165623537343638326639383436326633323163643765
+63336439643465313039653362373538333834666432383533376233643031323665303161336630
+34643462376262363530633933393631343662393631356338316538333366303966623936633163
+31643663616536626538323033396564656432373938383637373831306432353034383630323133
+66646339636335623835636638653533323365323132383134636264396465393463353234363839
+62323236386235303830393930346632366331653632306633376335643232633432386536663630
+35393035303162666563653137613639636561396666623665323832636364336232333165336135
+36626465393762373064353561333939626638613335323066666366326539316438363736373331
+64303538663863613135303531326465666636386364356635316265373533366434323330323266
+39613464343138616235663035316538636137396532373365393866376666343631626333306436
+66383734303032343131356466333264393739663834393836376236656634373832356363343639
+61306436366665616438636539386363616166633536316533386332383632366265313161643965
+31386463323438336165383764396166393530623537666662353735646535653938383031333331
+32646431366166373264326564326630313634333639646662376165643861616139336231373432
+30666165373861343965333264303632623766633763376339353366313839336537616131616436
+6236303866623939313466633635633136383232363034376236
diff --git a/group_vars/docker/vars.yml b/group_vars/docker/vars.yml
index 522b0a3..00ea96a 100644
--- a/group_vars/docker/vars.yml
+++ b/group_vars/docker/vars.yml
@@ -111,7 +111,7 @@ services:
       - VERSION=docker
   - name: jellyfin
     vm:
-      - docker-host02
+      - docker-host01
     container_name: jellyfin
     image: jellyfin/jellyfin
     restart: "unless-stopped"
@@ -142,7 +142,7 @@ services:
     environment:
   - name: hass
     vm:
-      - docker-host02
+      - docker-host01
     container_name: homeassistant
     image: "ghcr.io/home-assistant/home-assistant:stable"
     restart: unless-stopped
@@ -319,7 +319,7 @@ services:
         external: 8080
   - name: git
     vm:
-      - docker-host02
+      - docker-host01
     container_name: gitea
     image: gitea/gitea:1.23.1-rootless
     restart: unless-stopped
diff --git a/group_vars/proxmox/vars.yml b/group_vars/proxmox/vars.yml
new file mode 100644
index 0000000..d3329f5
--- /dev/null
+++ b/group_vars/proxmox/vars.yml
@@ -0,0 +1,13 @@
+proxmox_api_user: root
+proxmox_api_host: 192.168.20.12
+proxmox_api_password: "{{ vault.pve.aya01.root.sudo }}"
+
+proxmox_vms:
+  - name: "test-vm-00"
+    hostname: "test-vm-00"
+    node:
+      - "aya01"
+    ostemplate: ""
+
+proxmox_lxcs:
+  - name: "test-lxc-00"
diff --git a/host_vars/docker-host00.yml b/host_vars/docker-host00.yml
index 154dc19..74135f1 100644
--- a/host_vars/docker-host00.yml
+++ b/host_vars/docker-host00.yml
@@ -1,10 +1,11 @@
 ---
-ansible_user: "{{ user }}"
-ansible_host: 192.168.20.34
-ansible_port: 22
-ansible_ssh_private_key_file: "{{ pk_path }}"
+# Configure this in ~/.ssh/config*
+# ansible_user: "{{ user }}"
+# ansible_host: 192.168.20.34
+# ansible_port: 22
+# ansible_ssh_private_key_file: "{{ pk_path }}"
 ansible_become_pass: "{{ vault.docker.host00.sudo }}"
 
 host:
   hostname: "docker-host00"
-  ip: "{{ ansible_host }}"
+  ip: "192.168.20.34"
diff --git a/host_vars/docker-host01.yml b/host_vars/docker-host01.yml
index a493c5e..19c5d36 100644
--- a/host_vars/docker-host01.yml
+++ b/host_vars/docker-host01.yml
@@ -1,10 +1,11 @@
 ---
-ansible_user: "{{ user }}"
-ansible_host: 192.168.20.35
-ansible_port: 22
-ansible_ssh_private_key_file: "{{ pk_path }}"
+# Configure this in ~/.ssh/config*
+# ansible_user: "{{ user }}"
+# ansible_host: 192.168.20.35
+# ansible_port: 22
+# ansible_ssh_private_key_file: "{{ pk_path }}"
 ansible_become_pass: "{{ vault.docker.host01.sudo }}"
 
 host:
   hostname: "docker-host01"
-  ip: "{{ ansible_host }}"
+  ip: "192.168.20.35"
diff --git a/host_vars/docker-host02.yml b/host_vars/docker-host02.yml
index 9debe14..589ac16 100644
--- a/host_vars/docker-host02.yml
+++ b/host_vars/docker-host02.yml
@@ -1,10 +1,11 @@
 ---
-ansible_user: "{{ user }}"
-ansible_host: 192.168.20.36
-ansible_port: 22
-ansible_ssh_private_key_file: "{{ pk_path }}"
+# Configure this in ~/.ssh/config*
+# ansible_user: "{{ user }}"
+# ansible_host: 192.168.20.36
+# ansible_port: 22
+# ansible_ssh_private_key_file: "{{ pk_path }}"
 ansible_become_pass: "{{ vault.docker.host02.sudo }}"
 
 host:
   hostname: "docker-host02"
-  ip: "{{ ansible_host }}"
+  ip: "192.168.20.36"
diff --git a/host_vars/docker-lb.yml b/host_vars/docker-lb.yml
index ab2b1ad..7024e36 100644
--- a/host_vars/docker-lb.yml
+++ b/host_vars/docker-lb.yml
@@ -1,10 +1,10 @@
 ---
-ansible_user: "{{ user }}"
-ansible_host: 192.168.20.37
-ansible_port: 22
-ansible_ssh_private_key_file: "{{ pk_path }}"
+# ansible_user: "{{ user }}"
+# ansible_host: 192.168.20.37
+# ansible_port: 22
+# ansible_ssh_private_key_file: "{{ pk_path }}"
 ansible_become_pass: "{{ vault.docker.lb.sudo }}"
 
 host:
   hostname: "docker-lb"
-  ip: "{{ ansible_host }}"
+  ip: "192.168.20.37"
diff --git a/playbooks/docker-host.yml b/playbooks/docker-host.yml
index 01324e3..199fc11 100644
--- a/playbooks/docker-host.yml
+++ b/playbooks/docker-host.yml
@@ -1,7 +1,7 @@
 ---
 - name: Set up Servers
   hosts: docker_host
-  gather_facts: yes
+  gather_facts: true
   vars_files:
     - secrets.yml
   roles:
diff --git a/playbooks/docker-lb.yml b/playbooks/docker-lb.yml
index 97995e5..150dec0 100644
--- a/playbooks/docker-lb.yml
+++ b/playbooks/docker-lb.yml
@@ -1,7 +1,7 @@
 ---
 - name: Set up reverse proxy for docker
   hosts: docker_lb
-  gather_facts: yes
+  gather_facts: true
   vars_files:
     - secrets.yml
   roles:
diff --git a/playbooks/docker.yml b/playbooks/docker.yml
new file mode 100644
index 0000000..3065b90
--- /dev/null
+++ b/playbooks/docker.yml
@@ -0,0 +1,5 @@
+---
+- name: Setup Docker Hosts
+  ansible.builtin.import_playbook: docker-host.yml
+- name: Setup Docker load balancer
+  ansible.builtin.import_playbook: docker-lb.yml
diff --git a/playbooks/proxmox.yml b/playbooks/proxmox.yml
new file mode 100644
index 0000000..7706349
--- /dev/null
+++ b/playbooks/proxmox.yml
@@ -0,0 +1,10 @@
+---
+- name: Run proxmox vm playbook
+  hosts: proxmox
+  gather_facts: true
+  vars_files:
+    - secrets.yml
+  roles:
+    - role: proxmox_vm
+      tags:
+        - proxmox_vm
diff --git a/inventory/production b/production.ini
similarity index 92%
rename from inventory/production
rename to production.ini
index ad976af..183cf78 100644
--- a/inventory/production
+++ b/production.ini
@@ -1,4 +1,7 @@
 [proxmox]
+127.0.0.1 ansible_connection=local
+
+[proxmox:children]
 aya01
 lulu
 inko
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..0d1b6c4
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1,6 @@
+certifi==2025.1.31
+charset-normalizer==3.4.1
+idna==3.10
+proxmoxer==2.2.0
+requests==2.32.3
+urllib3==2.3.0
diff --git a/roles/common/files/ssh/vault-ca.pub b/roles/common/files/ssh/vault-ca.pub
new file mode 100644
index 0000000..413aef3
--- /dev/null
+++ b/roles/common/files/ssh/vault-ca.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDxIbkko72kVSfYDjJpiMH9SjHUGqBn3MbBvmotsPQhybFgnnkBpX/3fM9olP+Z6PGsmbOEs0fOjPS6uY5hjKcKsyHdZfS6cA4wjY/DL8fwATAW5FCDBtMpdg2/sb8j9jutHHs4sQeRBolVwKcv+ZAaJNnOzNHwxVUfT9bNwShthnAFjkY7oZo657FRomlkDJjmGQuratP0veKA8jYzqqPWwWidTGQerLYTyJ3Z8pbQa5eN7svrvabjjDLbVTDESE8st9WEmwvAwoj7Kz+WovCy0Uz7LRFVmaRiapM8SXtPPUC0xfyzAB3NxwBtxizdUMlShvLcL6cujcUBMulVMpsqEaOESTpmVTrMJhnJPZG/3j9ziGoYIa6hMj1J9/qLQ5dDNVVXMxw99G31x0LJoy12IE90P4Cahux8iN0Cp4oB4+B6/qledxs1fcRzsnQY/ickjKhqcJwgHzsnwjDkeYRaYte5x4f/gJ77kA20nPto7mxr2mhWot/i9B1KlMURVXOH/q4nrzhJ0hPJpM0UtzQ58TmzE4Osf/B5yoe8V//6XnelbmG/nKCIzg12d7PvaLjbFMn8IgOwDMRlip+vpyadRr/+pCawrfo4vLF7BsnJ84aoByIpbwaysgaYHtjfZWImorMVkgviC4O6Hn9/ZiLNze2A9DaNUnLVJ0nYNbmv9Q==
diff --git a/roles/common/tasks/sshd.yml b/roles/common/tasks/sshd.yml
index ff28064..b102abf 100644
--- a/roles/common/tasks/sshd.yml
+++ b/roles/common/tasks/sshd.yml
@@ -10,8 +10,7 @@
 
 - name: Copy pubkey
   ansible.builtin.copy:
-    content: "{{ pubkey }}"
-    dest: "/home/{{ user }}/.ssh/authorized_keys"
-    owner: "{{ user }}"
-    group: "{{ user }}"
+    src: files/ssh/vault-ca.pub
+    dest: "/etc/ssh/vault-ca.pub"
     mode: "644"
+  become: true
diff --git a/roles/common/templates/ssh/sshd_config b/roles/common/templates/ssh/sshd_config
index 172784e..fa02962 100644
--- a/roles/common/templates/ssh/sshd_config
+++ b/roles/common/templates/ssh/sshd_config
@@ -1,4 +1,3 @@
-Include /etc/ssh/sshd_config.d/*.conf
 Protocol 2
 PermitRootLogin no
 MaxAuthTries 3
@@ -13,6 +12,7 @@ X11Forwarding no
 PrintMotd no
 TCPKeepAlive no
 ClientAliveCountMax 2
+TrustedUserCAKeys /etc/ssh/vault-ca.pub
 UseDNS yes
 AcceptEnv LANG LC_*
 Subsystem	sftp	/usr/lib/openssh/sftp-server
diff --git a/roles/proxmox_vm/tasks/create_vm.yml b/roles/proxmox_vm/tasks/create_vm.yml
new file mode 100644
index 0000000..32cd4d1
--- /dev/null
+++ b/roles/proxmox_vm/tasks/create_vm.yml
@@ -0,0 +1,7 @@
+---
+# - name: Create VM
+#   community.general.proxmox:
+#     api_host: "{{ api_host }}"
+#     api_user: "{{ api_user }}"
+#     api_password: "{{ vault.proxmox.api_password }}"
+#     node: "{{  }}"
diff --git a/roles/proxmox_vm/tasks/get_info.yml b/roles/proxmox_vm/tasks/get_info.yml
new file mode 100644
index 0000000..d1670e0
--- /dev/null
+++ b/roles/proxmox_vm/tasks/get_info.yml
@@ -0,0 +1,11 @@
+---
+- name: List existing nodes
+  community.general.proxmox_node_info:
+    api_host: "{{ proxmox_api_host }}"
+    api_user: "{{ proxmox_api_user }}@pam"
+    api_password: "{{ proxmox_api_password }}"
+  register: proxmox_nodes
+
+- name: Print info
+  ansible.builtin.debug:
+    msg: "{{ proxmox_nodes }}"
diff --git a/roles/proxmox_vm/tasks/main.yml b/roles/proxmox_vm/tasks/main.yml
new file mode 100644
index 0000000..8932427
--- /dev/null
+++ b/roles/proxmox_vm/tasks/main.yml
@@ -0,0 +1,5 @@
+---
+- name: Get info
+  ansible.builtin.include_tasks: get_info.yml
+# - name: Create vm
+#   ansible.builtin.include_tasks: create_vm.yml
diff --git a/roles/reverse_proxy/templates/Caddyfile.j2 b/roles/reverse_proxy/templates/Caddyfile.j2
index 0af73e0..389859c 100644
--- a/roles/reverse_proxy/templates/Caddyfile.j2
+++ b/roles/reverse_proxy/templates/Caddyfile.j2
@@ -10,7 +10,7 @@
 {% if http_port %}
 {{ service.name }}.{{ domain }} {
     {% for vm in service.vm %}
-    reverse_proxy {{ hostvars[vm].ansible_host }}:{{ http_port[0] }}
+    reverse_proxy {{ hostvars[vm].host.ip }}:{{ http_port[0] }}
     {% endfor %}
     log {
         output file /var/log/caddy/{{ service.name }}.log