diff --git a/.yamllint b/.yamllint
index 0f25798..186d524 100644
--- a/.yamllint
+++ b/.yamllint
@@ -5,3 +5,7 @@ rules:
   line-length:
     max: 160
     level: warning
+
+ignore: |
+  .travis.yml
+  .github
diff --git a/ansible/inventories/production/group_vars/chronyservers/main.yml b/ansible/inventories/production/group_vars/chronyservers/main.yml
index d398e01..354d2aa 100644
--- a/ansible/inventories/production/group_vars/chronyservers/main.yml
+++ b/ansible/inventories/production/group_vars/chronyservers/main.yml
@@ -1,4 +1,4 @@
 ---
 
-chrony_server = true
-chrony_allow_cidr = "10.0.0.0/16"
+chrony_server: true
+chrony_allow_cidr: "10.0.0.0/16"
diff --git a/ansible/inventories/production/group_vars/ipaclients/main.yml b/ansible/inventories/production/group_vars/ipaclients/main.yml
index 3ded04c..0c6edac 100644
--- a/ansible/inventories/production/group_vars/ipaclients/main.yml
+++ b/ansible/inventories/production/group_vars/ipaclients/main.yml
@@ -1,7 +1,7 @@
 ---
 
-ipaclient_domain = rockylinux.org
-ipaclient_realm = ROCKYLINUX.ORG
-ipaadmin_principal = admin
-ipaclient_no_ntp = true
-ipaclient_mkhomedir = true
+ipaclient_domain: rockylinux.org
+ipaclient_realm: ROCKYLINUX.ORG
+ipaadmin_principal: admin
+ipaclient_no_ntp: true
+ipaclient_mkhomedir: true
diff --git a/ansible/inventories/production/group_vars/ipareplicas/main.yml b/ansible/inventories/production/group_vars/ipareplicas/main.yml
index e9e570e..d04be2b 100644
--- a/ansible/inventories/production/group_vars/ipareplicas/main.yml
+++ b/ansible/inventories/production/group_vars/ipareplicas/main.yml
@@ -1,14 +1,14 @@
 ---
 
-ipaadmin_principal = admin
-ipaclient_no_ntp = true
-ipaclient_mkhomedir = true
-ipaserver_realm = ROCKYLINUX.ORG
-ipaserver_hostname = ipa002.rockylinux.org
-ipareplica_domain = rockylinux.org
-ipareplica_auto_forwarders = true
-ipareplica_setup_firewalld = true
-ipareplica_setup_ca = true
-ipareplica_setup_kra = true
-ipareplica_setup_dns = true
-ipa_dns_master = 10.100.1.110
+ipaadmin_principal: admin
+ipaclient_no_ntp: true
+ipaclient_mkhomedir: true
+ipaserver_realm: ROCKYLINUX.ORG
+ipaserver_hostname: ipa002.rockylinux.org
+ipareplica_domain: rockylinux.org
+ipareplica_auto_forwarders: true
+ipareplica_setup_firewalld: true
+ipareplica_setup_ca: true
+ipareplica_setup_kra: true
+ipareplica_setup_dns: true
+ipa_dns_master: 10.100.1.110
diff --git a/ansible/inventories/production/group_vars/ipaserver/main.yml b/ansible/inventories/production/group_vars/ipaserver/main.yml
new file mode 100644
index 0000000..c09acd8
--- /dev/null
+++ b/ansible/inventories/production/group_vars/ipaserver/main.yml
@@ -0,0 +1,15 @@
+---
+
+ipaserver_domain: rockylinux.org
+ipaserver_realm: ROCKYLINUX.ORG
+ipaserver_setup_dns: true
+ipaserver_setup_kra: true
+ipaserver_auto_forwarders: true
+ipaserver_no_host_dns: true
+ipaserver_hostname: ipa001.rockylinux.org
+ipaserver_allow_zone_overlap: true
+ipaserver_setup_firewalld: true
+ipaclient_no_ntp: true
+ipaclient_mkhomedir: true
+ipaserver_no_hbac_allow: true
+ipaserver_reverse_zones: ["1.100.10.in-addr.arpa."]
diff --git a/ansible/inventories/production/group_vars/ipaservers/main.yml b/ansible/inventories/production/group_vars/ipaservers/main.yml
deleted file mode 100644
index 20606d7..0000000
--- a/ansible/inventories/production/group_vars/ipaservers/main.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-
-ipaserver_domain = rockylinux.org
-ipaserver_realm = ROCKYLINUX.ORG
-ipaserver_setup_dns = true
-ipaserver_setup_kra = true
-ipaserver_auto_forwarders = true
-ipaserver_no_host_dns = true
-ipaserver_hostname = ipa001.rockylinux.org
-ipaserver_allow_zone_overlap = true
-ipaserver_setup_firewalld = true
-ipaclient_no_ntp = true
-ipaclient_mkhomedir = true
-ipaserver_reverse_zones = ["1.100.10.in-addr.arpa."]
diff --git a/ansible/playbooks/role-rocky-ipa-client.yml b/ansible/playbooks/role-rocky-ipa-client.yml
index 3307275..a75eccb 100644
--- a/ansible/playbooks/role-rocky-ipa-client.yml
+++ b/ansible/playbooks/role-rocky-ipa-client.yml
@@ -24,7 +24,7 @@
 
 
   roles:
-    - role: ipaclient
+    - role: freeipa.ansible_freeipa.ipaclient
       state: present
 
   post_tasks:
diff --git a/ansible/playbooks/role-rocky-ipa-replica.yml b/ansible/playbooks/role-rocky-ipa-replica.yml
index 4226d7e..df13c85 100644
--- a/ansible/playbooks/role-rocky-ipa-replica.yml
+++ b/ansible/playbooks/role-rocky-ipa-replica.yml
@@ -50,7 +50,7 @@
         - reload_networkmanager
 
   roles:
-    - role: ipareplica
+    - role: freeipa.ansible_freeipa.ipareplica
       state: present
 
   post_tasks: