diff --git a/all.yml b/all.yml
index 6259b65ac4c0154db4d549b517800a2ed8984096..abe59634cb5002014239377304a2f1befe4a9109 100755
--- a/all.yml
+++ b/all.yml
@@ -1,25 +1,34 @@
 #!/usr/bin/env ansible-playbook
 ---
+# This playbooks runs all playbooks
+# It's a good tool for lazy administrators that just want to check that
+# current running configuration matches Ansible.
+
 # Core playboot to have minimal configuration
 - import_playbook: plays/root.yml
 
+# Common configuration
 - import_playbook: plays/mail.yml
 - import_playbook: plays/nfs.yml
 #- import_playbook: plays/logs.yml  TODO: rsyncd
-- import_playbook: plays/backup.yml
+- import_playbook: plays/backup.yml  # import borgbackup_client/server.yml
 # - import_playbook: plays/network-interfaces.yml  TODO: check this paybook
 - import_playbook: plays/monitoring.yml
 
 # Services that only apply to a subset of server
-# - import_playbook: plays/cas.yml
+- import_playbook: plays/cas.yml
+- import_playbook: plays/certbot.yml
 - import_playbook: plays/dhcp.yml
 - import_playbook: plays/dns.yml
+- import_playbook: plays/dovecot.yml
+- import_playbook: plays/ethercalc.yml
 - import_playbook: plays/etherpad.yml
 - import_playbook: plays/firewall.yml
 - import_playbook: plays/framadate.yml
 - import_playbook: plays/freeradius.yml
 - import_playbook: plays/generate_documentation.yml
 - import_playbook: plays/gitlab.yml
+- import_playbook: plays/home.yml
 - import_playbook: plays/horde.yml
 - import_playbook: plays/keepalived.yml
 - import_playbook: plays/mailman.yml
@@ -28,14 +37,13 @@
 - import_playbook: plays/nginx_rtmp.yml
 - import_playbook: plays/ntp.yml
 - import_playbook: plays/owncloud.yml
+- import_playbook: plays/postfix.yml
 - import_playbook: plays/postgresql.yml
 - import_playbook: plays/re2o.yml
 - import_playbook: plays/reverse-proxy.yml
 - import_playbook: plays/roundcube.yml
+- import_playbook: plays/ssh_known_hosts.yml
 - import_playbook: plays/tv.yml
+- import_playbook: plays/unifi.yml
 - import_playbook: plays/wireguard.yml
-
-# FIXME: should be in plays/ directory
-# Deploy LDAP replica
-- hosts: odlyd.adm.crans.org,soyouz.adm.crans.org,fy.adm.crans.org,thot.adm.crans.org
-  roles: []  # TODO
+- import_playbook: plays/zamok.yml
diff --git a/network.yml b/network.yml
deleted file mode 100755
index a9f21b531d92175090a6bbf7e2ebace9d7551fa2..0000000000000000000000000000000000000000
--- a/network.yml
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/usr/bin/env ansible-playbook
----
-- hosts: gitzly.adm.crans.org
-  vars:
-    certbot:
-      dns_rfc2136_name: certbot_adm_challenge.
-      dns_rfc2136_secret: "{{ vault_certbot_adm_dns_secret }}"
-      mail: root@crans.org
-      certname: adm.crans.org
-      domains: "*.adm.crans.org"
-    bind:
-      masters: "{{ lookup('re2oapi', 'get_role', 'dns-authoritary-master')[0] }}"
-  roles:
-    - certbot
-
-# Deploy firewall
-- hosts: gulp.adm.crans.org
-  roles: []  # TODO
-
-# Deploy Unifi Controller
-- hosts: unifi.adm.crans.org
-  roles:
-    - unifi-controller
-
-# Configure routers
-- hosts: gulp.adm.crans.org,odlyd.adm.crans.org,ipv6-zayo.adm.crans.org
-  roles:
-    - logall
-    - quagga
-
-# Deploy BGP server configuration on IPv4 routers
-- hosts: gulp.adm.crans.org,odlyd.adm.crans.org
-  vars:
-    zebra:
-      password: "{{ vault_zebra_password }}"
-    bgp:
-      as: 204515
-      router_id: 158.255.113.73
-      network: 185.230.76.0/22
-      neighbor: 158.255.113.72
-      remote_as: 8218
-  roles:
-    - quagga-ipv4
-
-# Deploy BGP server configuration on IPv6 routers
-- hosts: ipv6-zayo.adm.crans.org
-  vars:
-    zebra:
-      password: "{{ vault_zebra_password }}"
-    bgp:
-      as: 204515
-      router_id: 138.231.136.200
-      network: 2a0c:700::/32
-      neighbor: 2001:1b48:2:103::bb:1
-      remote_as: 8218
-  roles:
-    - quagga-ipv6
diff --git a/plays/gather_fact.yml b/plays/gather_fact.yml
deleted file mode 100755
index 294047900fe5fdfecdc05e75167b238834a87bbd..0000000000000000000000000000000000000000
--- a/plays/gather_fact.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/usr/bin/env ansible-playbook
----
-- hosts: all
diff --git a/plays/get_adm_iface.yml b/plays/get_adm_iface.yml
deleted file mode 100755
index 4c98d38c7a7a39640e2c4e35bad403f3243467b0..0000000000000000000000000000000000000000
--- a/plays/get_adm_iface.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/usr/bin/env ansible-playbook
----
-- hosts: server
-  tasks:
-    - name: Register adm interface in adm_iface variable
-      shell: set -o pipefail && grep adm /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||"
-      register: adm_iface
-      check_mode: false
-      changed_when: true
-      args:
-        executable: /bin/bash
diff --git a/plays/gitlab.yml b/plays/gitlab.yml
index 3be109e0bb42570531b88e6380d72d3c8a9a89de..1e1b6410bd3f25a79e6dce224789f3f7b89e65f6 100755
--- a/plays/gitlab.yml
+++ b/plays/gitlab.yml
@@ -5,3 +5,17 @@
   roles:
     - docker
     - gitlab-runner
+
+# This seems strange, don't know if it still used
+# - hosts: gitzly.adm.crans.org
+#   vars:
+#     certbot:
+#       dns_rfc2136_name: certbot_adm_challenge.
+#       dns_rfc2136_secret: "{{ vault_certbot_adm_dns_secret }}"
+#       mail: root@crans.org
+#       certname: adm.crans.org
+#       domains: "*.adm.crans.org"
+#     bind:
+#       masters: "{{ lookup('re2oapi', 'get_role', 'dns-authoritary-master')[0] }}"
+#   roles:
+#     - certbot
diff --git a/plays/unifi.yml b/plays/unifi.yml
new file mode 100755
index 0000000000000000000000000000000000000000..28334d9822e3ab05faa4a415c3df90de0309b7f3
--- /dev/null
+++ b/plays/unifi.yml
@@ -0,0 +1,6 @@
+#!/usr/bin/env ansible-playbook
+---
+# Deploy Unifi Controller
+- hosts: unifi.adm.crans.org
+  roles:
+    - unifi-controller
diff --git a/radius.yml b/radius.yml
deleted file mode 100755
index a26e35499f8d807ae3f0443bdb0eb4bc608959ec..0000000000000000000000000000000000000000
--- a/radius.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/usr/bin/env ansible-playbook
----
-- hosts: eap.adm.crans.org, odlyd.adm.crans.org, radius.adm.crans.org
-  vars:
-    certbot: '{{ glob_certbot | default({}) | combine(loc_certbot | default({})) }}'
-    bind:
-      masters: "{{ lookup('re2oapi', 'get_role', 'dns-authoritary-master')[0] }}"
-  roles:
-    - certbot
-    - freeradius
diff --git a/re2o.yml b/re2o.yml
index 576fc219c1e486f370ac1b8111a9ff88e6e1dbb0..44f085d77077f14e3d91f9229017e8f4f7f45d27 100755
--- a/re2o.yml
+++ b/re2o.yml
@@ -1,21 +1,6 @@
 #!/usr/bin/env ansible-playbook
 ---
-# Deploy Re2o
-- hosts: otis.adm.crans.org
-  vars:
-    re2o:
-      owner: root
-      group: nounou
-      version: dev_crans
-      settings_local_owner: root
-      settings_local_group: root
-      db_password: "{{ vault_re2o_db_password }}"
-      django_secret_key: "{{ vault_re2o_django_secret_key }}"
-      aes_key: "{{ vault_re2o_aes_key }}"
-    ldap:
-      master_password: "{{ vault_ldap_master_password }}"
-  roles:
-    - re2o
+# THIS FILE SHOULD BE UPDATED TO NEW INFRA AND THE MERGED TO plays/
 
 # Deploy services config on all servers
 - hosts: server
diff --git a/services_web.yml b/services_web.yml
deleted file mode 100755
index 5e45ef72f5db4adcdf47d46c93e8e04c5b759fc7..0000000000000000000000000000000000000000
--- a/services_web.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/usr/bin/env ansible-playbook
----
-# Deploy MoinMoin Wiki
-- hosts: soyouz.adm.crans.org
-  roles: []  # TODO
-
-- hosts: cas-srv.adm.crans.org
-  roles: ["django-cas"]
-
-- hosts: ethercalc-srv.adm.crans.org
-  roles: ["ethercalc"]
-
-- import_playbook: plays/horde.yml
-- import_playbook: plays/framadate.yml
-