diff --git a/.gitignore b/.gitignore
index 769c244..62cf570 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,3 @@
-secrets.yml
+secrets/common.yml
+secrets/valkyrie.yml
+secrets/yggdrasil.yml
diff --git a/README.md b/README.md
index 3cad1b6..8ee9790 100644
--- a/README.md
+++ b/README.md
@@ -5,5 +5,6 @@ Ansible playbooks for provisioning Yggdrasil.
 ## Secrets vault
 
 - Encrypt with: ```ansible-vault encrypt secrets.yml```
+- Decrypt with: ```ansible-vault decrypt secrets.yml```
 - Print secrets to STDOUT: ```ansible-vault decrypt --output - secrets.yml```
 - Run a playbook with ```ansible-playbook --vault-id @prompt playbook.yml```
diff --git a/ansible.cfg b/ansible.cfg
index 804df4a..ce48feb 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -2,4 +2,4 @@
 inventory = ./hosts
 
 [privilege_escalation]
-become=True
+become = True
diff --git a/root/etc/aliases.j2 b/filesystem/common/etc/aliases.j2
similarity index 100%
rename from root/etc/aliases.j2
rename to filesystem/common/etc/aliases.j2
diff --git a/root/etc/apt/apt.conf.d/20auto-upgrades b/filesystem/common/etc/apt/apt.conf.d/20auto-upgrades
similarity index 100%
rename from root/etc/apt/apt.conf.d/20auto-upgrades
rename to filesystem/common/etc/apt/apt.conf.d/20auto-upgrades
diff --git a/root/etc/apt/apt.conf.d/50unattended-upgrades b/filesystem/common/etc/apt/apt.conf.d/50unattended-upgrades
similarity index 100%
rename from root/etc/apt/apt.conf.d/50unattended-upgrades
rename to filesystem/common/etc/apt/apt.conf.d/50unattended-upgrades
diff --git a/root/etc/fail2ban/jail.d/sshd.local.j2 b/filesystem/common/etc/fail2ban/jail.d/sshd.local.j2
similarity index 100%
rename from root/etc/fail2ban/jail.d/sshd.local.j2
rename to filesystem/common/etc/fail2ban/jail.d/sshd.local.j2
diff --git a/root/etc/fail2ban/jail.local.j2 b/filesystem/common/etc/fail2ban/jail.local.j2
similarity index 95%
rename from root/etc/fail2ban/jail.local.j2
rename to filesystem/common/etc/fail2ban/jail.local.j2
index 1d19fa3..21a8d90 100644
--- a/root/etc/fail2ban/jail.local.j2
+++ b/filesystem/common/etc/fail2ban/jail.local.j2
@@ -3,7 +3,7 @@
 # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban
 # will not ban a host which matches an address in this list. Several addresses
 # can be defined using space (and/or comma) separator.
-ignoreip = 127.0.0.1/8 ::1 {{ subnet_address }}/{{ subnet_masklen }}
+ignoreip = 127.0.0.1/8 ::1 {{ subnet }}
 
 # "bantime" is the number of seconds that a host is banned.
 bantime  = 1d
diff --git a/root/etc/logcheck/ignore.d.server/yggdrasil.j2 b/filesystem/common/etc/logcheck/ignore.d.server/hostname.j2
similarity index 100%
rename from root/etc/logcheck/ignore.d.server/yggdrasil.j2
rename to filesystem/common/etc/logcheck/ignore.d.server/hostname.j2
diff --git a/filesystem/common/etc/mailname.j2 b/filesystem/common/etc/mailname.j2
new file mode 100644
index 0000000..78ef6ff
--- /dev/null
+++ b/filesystem/common/etc/mailname.j2
@@ -0,0 +1 @@
+{{ hostname }}.{{ domain }}
diff --git a/root/etc/mailutils.conf.j2 b/filesystem/common/etc/mailutils.conf.j2
similarity index 100%
rename from root/etc/mailutils.conf.j2
rename to filesystem/common/etc/mailutils.conf.j2
diff --git a/root/etc/nftables.conf.j2 b/filesystem/common/etc/nftables.conf.j2
similarity index 75%
rename from root/etc/nftables.conf.j2
rename to filesystem/common/etc/nftables.conf.j2
index 2b812e4..40bb451 100755
--- a/root/etc/nftables.conf.j2
+++ b/filesystem/common/etc/nftables.conf.j2
@@ -3,8 +3,8 @@
 flush ruleset
 
 table inet filter {
-	chain input {
-		type filter hook input priority 0;
+        chain input {
+                type filter hook input priority 0;
 
                 # Accept any localhost traffic.
                 iif lo accept;
@@ -17,19 +17,19 @@ table inet filter {
                 ip6 nexthdr icmpv6 icmpv6 type { echo-request, destination-unreachable, packet-too-big, time-exceeded, parameter-problem, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert } accept;
                 ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } accept;
 
-		# Drop invalid connections.
-		ct state invalid drop;
+                # Drop invalid connections.
+                ct state invalid drop;
 
                 # Activate the following line to accept common local services.
                 tcp dport { 80, 443, {{ ansible_port }} } ct state new accept;
 
                 # Count and drop any other traffic.
                 counter drop;
-	}
-	chain forward {
-		type filter hook forward priority 0;
-	}
-	chain output {
-		type filter hook output priority 0;
-	}
+        }
+        chain forward {
+                type filter hook forward priority 0;
+        }
+        chain output {
+                type filter hook output priority 0;
+        }
 }
diff --git a/root/etc/pam.d/su b/filesystem/common/etc/pam.d/su
similarity index 100%
rename from root/etc/pam.d/su
rename to filesystem/common/etc/pam.d/su
diff --git a/root/etc/postfix/main.cf.j2 b/filesystem/common/etc/postfix/main.cf.j2
similarity index 100%
rename from root/etc/postfix/main.cf.j2
rename to filesystem/common/etc/postfix/main.cf.j2
diff --git a/root/etc/postfix/sasl_passwd.j2 b/filesystem/common/etc/postfix/sasl_passwd.j2
similarity index 100%
rename from root/etc/postfix/sasl_passwd.j2
rename to filesystem/common/etc/postfix/sasl_passwd.j2
diff --git a/root/etc/ssh/sshd_config.d/00-yggdrasil.conf.j2 b/filesystem/common/etc/ssh/sshd_config.d/00-local.conf.j2
similarity index 87%
rename from root/etc/ssh/sshd_config.d/00-yggdrasil.conf.j2
rename to filesystem/common/etc/ssh/sshd_config.d/00-local.conf.j2
index ce0685f..d832629 100644
--- a/root/etc/ssh/sshd_config.d/00-yggdrasil.conf.j2
+++ b/filesystem/common/etc/ssh/sshd_config.d/00-local.conf.j2
@@ -15,3 +15,6 @@ PasswordAuthentication no
 
 # No X window forwarding.
 X11Forwarding no
+
+# Check in with the client every now and then.
+ClientAliveInterval 120
diff --git a/root/home/user/bashrc b/filesystem/common/home/user/bashrc
similarity index 100%
rename from root/home/user/bashrc
rename to filesystem/common/home/user/bashrc
diff --git a/root/home/user/tmux.conf b/filesystem/common/home/user/tmux.conf
similarity index 100%
rename from root/home/user/tmux.conf
rename to filesystem/common/home/user/tmux.conf
diff --git a/filesystem/valkyrie/etc/motd b/filesystem/valkyrie/etc/motd
new file mode 100644
index 0000000..5d68235
--- /dev/null
+++ b/filesystem/valkyrie/etc/motd
@@ -0,0 +1,9 @@
+-------------------------------------------------------------------
+                           _ _               _
+               __   ____ _| | | ___   _ _ __(_) ___
+               \ \ / / _` | | |/ / | | | '__| |/ _ \
+                \ V / (_| | |   <| |_| | |  | |  __/
+                 \_/ \__,_|_|_|\_\\__, |_|  |_|\___|
+                                  |___/
+
+-------------------------------------------------------------------
diff --git a/root/etc/apcupsd/apcupsd.conf b/filesystem/yggdrasil/etc/apcupsd/apcupsd.conf
similarity index 100%
rename from root/etc/apcupsd/apcupsd.conf
rename to filesystem/yggdrasil/etc/apcupsd/apcupsd.conf
diff --git a/root/etc/motd b/filesystem/yggdrasil/etc/motd
similarity index 100%
rename from root/etc/motd
rename to filesystem/yggdrasil/etc/motd
diff --git a/root/etc/smartd.conf b/filesystem/yggdrasil/etc/smartd.conf
similarity index 100%
rename from root/etc/smartd.conf
rename to filesystem/yggdrasil/etc/smartd.conf
diff --git a/root/etc/systemd/system/status-mail@.service b/filesystem/yggdrasil/etc/systemd/system/status-mail@.service
similarity index 100%
rename from root/etc/systemd/system/status-mail@.service
rename to filesystem/yggdrasil/etc/systemd/system/status-mail@.service
diff --git a/root/etc/systemd/system/zfs-scrub-monthly@.timer b/filesystem/yggdrasil/etc/systemd/system/zfs-scrub-monthly@.timer
similarity index 100%
rename from root/etc/systemd/system/zfs-scrub-monthly@.timer
rename to filesystem/yggdrasil/etc/systemd/system/zfs-scrub-monthly@.timer
diff --git a/root/etc/systemd/system/zfs-scrub@.service b/filesystem/yggdrasil/etc/systemd/system/zfs-scrub@.service
similarity index 100%
rename from root/etc/systemd/system/zfs-scrub@.service
rename to filesystem/yggdrasil/etc/systemd/system/zfs-scrub@.service
diff --git a/root/etc/systemd/system/zfs-trim-monthly@.timer b/filesystem/yggdrasil/etc/systemd/system/zfs-trim-monthly@.timer
similarity index 100%
rename from root/etc/systemd/system/zfs-trim-monthly@.timer
rename to filesystem/yggdrasil/etc/systemd/system/zfs-trim-monthly@.timer
diff --git a/root/etc/systemd/system/zfs-trim@.service b/filesystem/yggdrasil/etc/systemd/system/zfs-trim@.service
similarity index 100%
rename from root/etc/systemd/system/zfs-trim@.service
rename to filesystem/yggdrasil/etc/systemd/system/zfs-trim@.service
diff --git a/root/usr/local/sbin/systemd-mail-systemctl-status.j2 b/filesystem/yggdrasil/usr/local/sbin/systemd-mail-systemctl-status.j2
similarity index 100%
rename from root/usr/local/sbin/systemd-mail-systemctl-status.j2
rename to filesystem/yggdrasil/usr/local/sbin/systemd-mail-systemctl-status.j2
diff --git a/root/usr/local/sbin/systemd-mail-zpool-status.j2 b/filesystem/yggdrasil/usr/local/sbin/systemd-mail-zpool-status.j2
similarity index 100%
rename from root/usr/local/sbin/systemd-mail-zpool-status.j2
rename to filesystem/yggdrasil/usr/local/sbin/systemd-mail-zpool-status.j2
diff --git a/hosts b/hosts
index f6f48bc..a0571c9 100644
--- a/hosts
+++ b/hosts
@@ -1 +1,2 @@
+valkyrie
 yggdrasil
diff --git a/root/etc/mailname.j2 b/root/etc/mailname.j2
deleted file mode 100644
index 81008ba..0000000
--- a/root/etc/mailname.j2
+++ /dev/null
@@ -1 +0,0 @@
-{{ domain }}
diff --git a/secrets.def.yml b/secrets/template.yml
similarity index 96%
rename from secrets.def.yml
rename to secrets/template.yml
index 619b4e8..f477141 100644
--- a/secrets.def.yml
+++ b/secrets/template.yml
@@ -10,6 +10,7 @@ hostname:
 domain:
 subnet_address:
 subnet_masklen:
+subnet:
 
 # Postfix variables
 postfix_smtp_server:
diff --git a/tasks/fail2ban.yml b/tasks/fail2ban.yml
index bf4d5f2..736f51d 100644
--- a/tasks/fail2ban.yml
+++ b/tasks/fail2ban.yml
@@ -4,14 +4,14 @@
 
 - name: Configure fail2ban
   template:
-    src: ./root/etc/fail2ban/jail.local.j2
+    src: ./filesystem/common/etc/fail2ban/jail.local.j2
     dest: /etc/fail2ban/jail.local
     mode: 0644
   register: fail2ban_conf
 
 - name: Configure fail2ban sshd jail
   template:
-    src: ./root/etc/fail2ban/jail.d/sshd.local.j2
+    src: ./filesystem/common/etc/fail2ban/jail.d/sshd.local.j2
     dest: /etc/fail2ban/jail.d/sshd.local
     mode: 0644
   register: fail2ban_sshd_jail
diff --git a/tasks/firewall.yml b/tasks/firewall.yml
index 1a7e2de..4ae98e5 100644
--- a/tasks/firewall.yml
+++ b/tasks/firewall.yml
@@ -4,7 +4,7 @@
 
 - name: Configure nftables
   template:
-    src: ./root/etc/nftables.conf.j2
+    src: ./filesystem/common/etc/nftables.conf.j2
     dest: /etc/nftables.conf
     mode: 0755
   register: nftables_conf
diff --git a/tasks/fstrim.yml b/tasks/fstrim.yml
new file mode 100644
index 0000000..cf1861f
--- /dev/null
+++ b/tasks/fstrim.yml
@@ -0,0 +1,5 @@
+- name: Enable fstrim
+  systemd:
+    name: fstrim.timer
+    enabled: yes
+    state: started
diff --git a/tasks/logs.yml b/tasks/logs.yml
index 66bc4ac..3997bd6 100644
--- a/tasks/logs.yml
+++ b/tasks/logs.yml
@@ -6,7 +6,7 @@
 
 - name: Configure logcheck
   template:
-    src: ./root/etc/logcheck/ignore.d.server/yggdrasil.j2
-    dest: /etc/logcheck/ignore.d.server/yggdrasil
+    src: ./filesystem/common/etc/logcheck/ignore.d.server/hostname.j2
+    dest: /etc/logcheck/ignore.d.server/{{ hostname }}
     group: logcheck
     mode: 0644
diff --git a/tasks/mail.yml b/tasks/mail.yml
index 88ee82d..15142e0 100644
--- a/tasks/mail.yml
+++ b/tasks/mail.yml
@@ -1,24 +1,13 @@
 - name: Configure mailname
   template:
-    src: ./root/etc/mailname.j2
+    src: ./filesystem/common/etc/mailname.j2
     dest: /etc/mailname
     mode: 0644
   register: mail_mailname
 
-- name: Configure aliases
-  template:
-    src: ./root/etc/aliases.j2
-    dest: /etc/aliases
-    mode: 0644
-  register: mail_aliases
-
-- name: Update aliases
-  command: newaliases
-  when: mail_aliases is changed
-
 - name: Configure mailutils
   template:
-    src: ./root/etc/mailutils.conf.j2
+    src: ./filesystem/common/etc/mailutils.conf.j2
     dest: /etc/mailutils.conf
     mode: 0644
 
@@ -29,16 +18,27 @@
       - ca-certificates
       - libsasl2-modules
 
+- name: Configure aliases
+  template:
+    src: ./filesystem/common/etc/aliases.j2
+    dest: /etc/aliases
+    mode: 0644
+  register: mail_aliases
+
+- name: Update aliases
+  command: newaliases
+  when: mail_aliases is changed
+
 - name: Configure postfix
   template:
-    src: ./root/etc/postfix/main.cf.j2
+    src: ./filesystem/common/etc/postfix/main.cf.j2
     dest: /etc/postfix/main.cf
     mode: 0644
   register: mail_postfix_conf
 
 - name: Configure credentials
   template:
-    src: ./root/etc/postfix/sasl_passwd.j2
+    src: ./filesystem/common/etc/postfix/sasl_passwd.j2
     dest: /etc/postfix/sasl_passwd
     mode: 0600
   register: mail_postfix_credentials
diff --git a/tasks/motd.yml b/tasks/motd.yml
index 4985225..18f0925 100644
--- a/tasks/motd.yml
+++ b/tasks/motd.yml
@@ -1,5 +1,5 @@
 - name: Set MotD
   copy:
-    src: ./root/etc/motd
+    src: ./filesystem/{{ hostname }}/etc/motd
     dest: /etc/motd
     mode: 0644
diff --git a/tasks/root-shell.yml b/tasks/root-shell.yml
index 8dd4206..3095f4f 100644
--- a/tasks/root-shell.yml
+++ b/tasks/root-shell.yml
@@ -5,6 +5,6 @@
 
 - name: Disable su for non-wheel users
   copy:
-    src: ./root/etc/pam.d/su
+    src: ./filesystem/common/etc/pam.d/su
     dest: /etc/pam.d/su
     mode: 0644
diff --git a/tasks/smart.yml b/tasks/smart.yml
index f88dec7..f09871e 100644
--- a/tasks/smart.yml
+++ b/tasks/smart.yml
@@ -4,7 +4,7 @@
 
 - name: Smartd configuration
   copy:
-    src: ./root/etc/smartd.conf
+    src: ./filesystem/yggdrasil/etc/smartd.conf
     dest: /etc/smartd.conf
     mode: 0644
   register: smartd_conf
diff --git a/tasks/sshd.yml b/tasks/sshd.yml
index 054eef2..c30a184 100644
--- a/tasks/sshd.yml
+++ b/tasks/sshd.yml
@@ -3,8 +3,8 @@
 
 - name: Configure sshd
   template:
-    src: ./root/etc/ssh/sshd_config.d/00-yggdrasil.conf.j2
-    dest: /etc/ssh/sshd_config.d/00-yggdrasil.conf
+    src: ./filesystem/common/etc/ssh/sshd_config.d/00-local.conf.j2
+    dest: /etc/ssh/sshd_config.d/00-local.conf
     mode: 0600
   register: sshd_conf
 
diff --git a/tasks/systemd-mail.yml b/tasks/systemd-mail.yml
index 8e407a9..c7e1f26 100644
--- a/tasks/systemd-mail.yml
+++ b/tasks/systemd-mail.yml
@@ -1,12 +1,12 @@
 - name: SystemD mail script
   template:
-    src: ./root/usr/local/sbin/systemd-mail-systemctl-status.j2
+    src: ./filesystem/yggdrasil/usr/local/sbin/systemd-mail-systemctl-status.j2
     dest: /usr/local/sbin/systemd-mail-systemctl-status
     mode: 0755
 
 - name: SystemD mail service
   copy:
-    src: ./root/etc/systemd/system/status-mail@.service
+    src: ./filesystem/yggdrasil/etc/systemd/system/status-mail@.service
     dest: /etc/systemd/system/status-mail@.service
     mode: 0644
   register: systemd_status_mail_service_file
diff --git a/tasks/unattended-upgrades.yml b/tasks/unattended-upgrades.yml
index 579c274..7367202 100644
--- a/tasks/unattended-upgrades.yml
+++ b/tasks/unattended-upgrades.yml
@@ -4,12 +4,12 @@
 
 - name: Configure unattended-upgrades
   copy:
-    src: ./root/etc/apt/apt.conf.d/50unattended-upgrades
+    src: ./filesystem/common/etc/apt/apt.conf.d/50unattended-upgrades
     dest: /etc/apt/apt.conf.d/50unattended-upgrades
     mode: 0644
 
 - name: Enable unattended-upgrades
   copy:
-    src: ./root/etc/apt/apt.conf.d/20auto-upgrades
+    src: ./filesystem/common/etc/apt/apt.conf.d/20auto-upgrades
     dest: /etc/apt/apt.conf.d/20auto-upgrades
     mode: 0644
diff --git a/tasks/ups.yml b/tasks/ups.yml
index 6b257e1..6cc8cc5 100644
--- a/tasks/ups.yml
+++ b/tasks/ups.yml
@@ -4,7 +4,7 @@
 
 - name: Apcupsd configuration
   copy:
-    src: ./root/etc/apcupsd/apcupsd.conf
+    src: ./filesystem/yggdrasil/etc/apcupsd/apcupsd.conf
     dest: /etc/apcupsd/apcupsd.conf
     mode: 0644
   register: apcupsd_conf
diff --git a/tasks/user.yml b/tasks/user.yml
index 0418081..6a4dcb2 100644
--- a/tasks/user.yml
+++ b/tasks/user.yml
@@ -8,14 +8,14 @@
 - name: Configure tmux
   become: no
   copy:
-    src: ./root/home/user/tmux.conf
+    src: ./filesystem/common/home/user/tmux.conf
     dest: .tmux.conf
     mode: 0644
 
 - name: Configure bashrc
   become: no
   copy:
-    src: ./root/home/user/bashrc
+    src: ./filesystem/common/home/user/bashrc
     dest: .bashrc
     mode: 0644
 
diff --git a/tasks/utils.yml b/tasks/utils.yml
index 8a3410a..070ec84 100644
--- a/tasks/utils.yml
+++ b/tasks/utils.yml
@@ -4,4 +4,5 @@
       - git
       - htop
       - man
+      - perl
       - tmux
diff --git a/tasks/zfs-scrub.yml b/tasks/zfs-scrub.yml
index 240f543..474ceef 100644
--- a/tasks/zfs-scrub.yml
+++ b/tasks/zfs-scrub.yml
@@ -1,19 +1,19 @@
 - name: Zpool status mail script
   template:
-    src: ./root/usr/local/sbin/systemd-mail-zpool-status.j2
+    src: ./filesystem/yggdrasil/usr/local/sbin/systemd-mail-zpool-status.j2
     dest: /usr/local/sbin/systemd-mail-zpool-status
     mode: 0755
 
 - name: Zfs scrub service file
   copy:
-    src: ./root/etc/systemd/system/zfs-scrub@.service
+    src: ./filesystem/yggdrasil/etc/systemd/system/zfs-scrub@.service
     dest: /etc/systemd/system/zfs-scrub@.service
     mode: 0644
   register: systemd_zfs_scrub_service_file
 
 - name: Zfs scrub timer file
   copy:
-    src: ./root/etc/systemd/system/zfs-scrub-monthly@.timer
+    src: ./filesystem/yggdrasil/etc/systemd/system/zfs-scrub-monthly@.timer
     dest: /etc/systemd/system/zfs-scrub-monthly@.timer
     mode: 0644
   register: systemd_zfs_scrub_monthly_timer_file
diff --git a/tasks/trim.yml b/tasks/zfs-trim.yml
similarity index 77%
rename from tasks/trim.yml
rename to tasks/zfs-trim.yml
index b90fd35..792ae7f 100644
--- a/tasks/trim.yml
+++ b/tasks/zfs-trim.yml
@@ -1,19 +1,13 @@
-- name: Enable fstrim
-  systemd:
-    name: fstrim.timer
-    enabled: yes
-    state: started
-
 - name: Zfs trim service file
   copy:
-    src: ./root/etc/systemd/system/zfs-trim@.service
+    src: ./filesystem/yggdrasil/etc/systemd/system/zfs-trim@.service
     dest: /etc/systemd/system/zfs-trim@.service
     mode: 0644
   register: systemd_zfs_trim_service_file
 
 - name: Zfs trim timer file
   copy:
-    src: ./root/etc/systemd/system/zfs-trim-monthly@.timer
+    src: ./filesystem/yggdrasil/etc/systemd/system/zfs-trim-monthly@.timer
     dest: /etc/systemd/system/zfs-trim-monthly@.timer
     mode: 0644
   register: systemd_zfs_trim_monthly_timer_file
diff --git a/valkyrie.yml b/valkyrie.yml
new file mode 100644
index 0000000..fda102e
--- /dev/null
+++ b/valkyrie.yml
@@ -0,0 +1,20 @@
+---
+- hosts: valkyrie
+
+  vars_files:
+    - secrets/common.yml
+    - secrets/valkyrie.yml
+
+  tasks:
+    - import_tasks: tasks/sshd.yml
+    - import_tasks: tasks/firewall.yml
+    - import_tasks: tasks/ntp.yml
+    - import_tasks: tasks/mail.yml
+    - import_tasks: tasks/unattended-upgrades.yml
+    - import_tasks: tasks/fail2ban.yml
+    - import_tasks: tasks/fstrim.yml
+    - import_tasks: tasks/logs.yml
+    - import_tasks: tasks/motd.yml
+    - import_tasks: tasks/utils.yml
+    - import_tasks: tasks/user.yml
+    - import_tasks: tasks/root-shell.yml
diff --git a/machine.yml b/yggdrasil.yml
similarity index 83%
rename from machine.yml
rename to yggdrasil.yml
index 4529a66..8d994d3 100644
--- a/machine.yml
+++ b/yggdrasil.yml
@@ -2,7 +2,8 @@
 - hosts: yggdrasil
 
   vars_files:
-    - secrets.yml
+    - secrets/common.yml
+    - secrets/yggdrasil.yml
 
   tasks:
     - import_tasks: tasks/sshd.yml
@@ -13,7 +14,8 @@
     - import_tasks: tasks/fail2ban.yml
     - import_tasks: tasks/systemd-mail.yml
     - import_tasks: tasks/zfs-scrub.yml
-    - import_tasks: tasks/trim.yml
+    - import_tasks: tasks/zfs-trim.yml
+    - import_tasks: tasks/fstrim.yml
     - import_tasks: tasks/zfsutils-cron.yml
     - import_tasks: tasks/ups.yml
     - import_tasks: tasks/smart.yml