diff --git a/inventories/cave/group_vars/all/bibliogram.yml b/inventories/cave/group_vars/all/bibliogram.yml
new file mode 100644
index 0000000..d75ea08
--- /dev/null
+++ b/inventories/cave/group_vars/all/bibliogram.yml
@@ -0,0 +1,3 @@
+---
+ansible_bibliogram_base_url: "https://insta.trubles.io"
+ansible_bibliogram_with_systemd: true
diff --git a/inventories/cave/group_vars/all/gateway.yml b/inventories/cave/group_vars/all/gateway.yml
index f0d9ae5..16fba4a 100644
--- a/inventories/cave/group_vars/all/gateway.yml
+++ b/inventories/cave/group_vars/all/gateway.yml
@@ -154,6 +154,21 @@ gateway:
             - "proxy_set_header X-Forwarded-Proto $scheme"
             - "proxy_set_header X-Forwarded-Port $server_port"
             - "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for"
+    - domain_name: insta.troubles.io
+      internal_ip: 192.168.122.11
+      internal_port: 10407
+      cert_email: blallo@troubles.ga
+      redirect_to_https: yes
+      password_protect: yes
+      password_file: /etc/nginx/.insta.troubles.io-htpasswd
+      username: insta
+      password: !vault |
+          $ANSIBLE_VAULT;1.2;AES256;cave
+          33313434396138353666356631616436323566653237383661623433393362373736666236633465
+          3132666533303532643137663632303337333265383261310a646235326639303433626466356462
+          66303631633961353738336633616139333239336231613936386535313634626132306163646430
+          6131373761353966380a336530396564666665346135323038646438303832613132616431346534
+          31363561346464353632353636353838393937306332653565306632343033396130
 
   firewall:
     home_iface: enp0s0
diff --git a/playbooks/playbook.cave.yml b/playbooks/playbook.cave.yml
index 5231141..cf89d47 100644
--- a/playbooks/playbook.cave.yml
+++ b/playbooks/playbook.cave.yml
@@ -4,37 +4,47 @@
     roles:
       - role: jnv.unattended-upgrades
         unattended_remove_unused_dependencies: true
-      - role: base
-        tags: "base"
-      - role: cockpit
+      - role: ansible-base
+      - role: ansible-cockpit
+        tag: srv, web
   - hosts: minos.cave
     roles:
-      - zsh_chic
-      - gateway
-      - sendmail
+      - role: ansible-zsh-chic
+        tag: shell
+      - role: ansible-gateway
+        tag: srv, web
+      - role: ansible-sendmail
+        tag: aux
     vars:
       zsh_chic:
         users: "{{ default_user }}"
   - hosts: srv.cave
     roles:
-      - role: zsh_chic
+      - role: ansible-zsh-chic
         tag: shell
-      - mysql
-      - role: torrent_server
-        tag: srv_torrent
-      - sendmail
-      - syncthing
+      - role: geerlingguy.mysql
+        tag: srv, aux
+      - role: ansible-torrent-server
+        tag: srv, torrent
+      - role: ansible-sendmail
+        tag: aux
+      - role: ansible-syncthing
+        tag: srv
+      - role: ansible-bibliogram
+        tag: web, srv
     vars:
       zsh_chic:
         users: "{{ default_user }}"
   - hosts: mercury.cave
     roles:
-      - zsh_chic
-      - docker_hosts
-      - drone_server
-      - fdroid_server
-      # - lineage-builder
-      - sendmail
+      - role: ansible-zsh-chic
+        tag: shell
+      - role: ansible-role-docker
+        tag: srv, aux
+      - role: ansible_drone
+        tag: srv
+      - role: ansible-sendmail
+        tag: aux
     vars:
       zsh_chic:
         users: "{{ default_user }}"