diff --git a/.ansible-lint b/.ansible-lint
index c4a6494971c0f61a6a804b5ca4b9a6344e45bd72..0e89d59eddf08ff1b35b7bc55af3a0d01b49c100 100644
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -1,5 +1,5 @@
 exclude_paths:
-    - roles/
+    - .roles/
 parseable: true
 quiet: false
 verbosity: 0
diff --git a/.gitignore b/.gitignore
index 7659fa3597b9c674823dfafecde6a9e08bba1f27..967541fa6e756fe2b9b2fa67fa2e8a62fdef20ce 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,5 @@
 .idea/
 .tox/
-virtualenv/
-venv/
-roles/*
+.venv/
+.roles/
 ansible/ansible.log
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index a7e06c720c167692840d5412183767797f2eccfe..abfb3ec2e8ac2f6e7645f4e5fc8104bdcb5a5e12 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -14,7 +14,7 @@ variables:
   GIT_SUBMODULE_STRATEGY: none
   CI_DEBUG_TRACE: "false"
   PIP_CACHE_DIR: ".pip"
-  ANSIBLE_CMD: "venv/bin/ansible-playbook"
+  ANSIBLE_CMD: ".venv/bin/ansible-playbook"
 
 image:
   name: python:3.8-alpine
@@ -26,7 +26,7 @@ cache:
   paths:
     - ${PIP_CACHE_DIR}
     - .tox
-    - venv
+    - .venv
   key: ${CI_PROJECT_ID}
 
 stages:
@@ -35,8 +35,8 @@ stages:
 
 before_script:
   - apk add --update gcc libc-dev libffi-dev openssl-dev openssh-client git
-  - python3 -m venv venv
-  - source venv/bin/activate
+  - python3 -m venv .venv
+  - source .venv/bin/activate
   - pip install --ignore-installed -r requirements.txt
   - python --version
   - pip --version
@@ -55,7 +55,7 @@ deploy:
     # Gitlab-CI issue: SSH key files must be "0600" permissions to work
     - chmod 600 ${ANSIBLE_SSH_PRIV_KEY_PATH}
     # Run pre-tasks.yml BEFORE playbook.yml to install required dependencies
-    - ANSIBLE_ROLES_PATH=roles/ ${ANSIBLE_CMD}
+    - ANSIBLE_ROLES_PATH=.roles/ ${ANSIBLE_CMD}
       --inventory ansible/hosts
       --user ${ANSIBLE_SSH_USERNAME}
       --private-key ${ANSIBLE_SSH_PRIV_KEY_PATH}
diff --git a/.yamllint b/.yamllint
index 8505b74dd7619bed4dd92e2316469954f3aa0f8e..ad98f0971cc044a7f0d10cbf6e60f995f335ed2d 100644
--- a/.yamllint
+++ b/.yamllint
@@ -2,10 +2,9 @@
 ignore: |
   .idea/
   .tox/
-  virtualenv/
-  venv/
+  .venv/
+  .roles/
   __pycache__/
-  roles/
 
 extends: default
 
diff --git a/README.md b/README.md
index 5b1c95286c51807956d6e8b714b0f8a69451ff43..b91a2fa16f51c87a7272c83c4bc407ab80aad2a0 100644
--- a/README.md
+++ b/README.md
@@ -29,9 +29,9 @@ Init a new [virtualenv](https://virtualenv.pypa.io/en/stable/) and then use [pip
 requirements:
 
 ```bash
-$ python3 -m venv venv
-$ source venv/bin/activate
-(venv) $ pip install -r requirements.txt
+$ python3 -m venv .venv
+$ source .venv/bin/activate
+(.venv) $ pip install -r requirements.txt
 ```
 
 
@@ -47,7 +47,7 @@ To force the manual execution of the project, you can to execute the Ansible pla
 allowed to connect with SSH to the remote host):
 
 ```bash
-(venv) $ ANSIBLE_ROLES_PATH=roles/ ansible-playbook -i ansible/hosts ansible/playbook.yml
+(.venv) $ ANSIBLE_ROLES_PATH=.roles/ ansible-playbook -i ansible/hosts ansible/playbook.yml
 ```
 
 
@@ -56,7 +56,7 @@ Tests
 To run these tests, just use the [tox](https://tox.readthedocs.io/en/latest/) command:
 
 ```bash
-(venv) $ tox
+(.venv) $ tox
 ```
 
 
diff --git a/ansible/playbook.yml b/ansible/playbook.yml
index 6df744e167b1fb8811660801cc3821689c46e1f6..a68691ceaf5d90b61cd16d62fae953ae2db98507 100644
--- a/ansible/playbook.yml
+++ b/ansible/playbook.yml
@@ -3,8 +3,8 @@
   gather_facts: false
   any_errors_fatal: true
 
-  vars:
-    ansible_python_interpreter: "python3"
+  vars_files:
+    - "{{ playbook_dir }}/../config/config.yml"
 
   tasks:
     - name: Installing project requirements
@@ -13,14 +13,14 @@
       pip:
         requirements: "{{ playbook_dir }}/../requirements.txt"
         state: present
-        virtualenv: "{{ playbook_dir }}/../venv"
+        virtualenv: "{{ playbook_dir }}/../.venv"
 
     - name: Installing / upgrading required roles
       delegate_to: localhost
       run_once: yes
-      command: "{{ playbook_dir }}/../venv/bin/ansible-galaxy install
+      command: "{{ playbook_dir }}/../.venv/bin/ansible-galaxy install
         --force
-        --roles-path {{ playbook_dir }}/../roles/
+        --roles-path {{ playbook_dir }}/../.roles/
         --role-file {{ playbook_dir }}/../requirements-roles.yml"
       changed_when: false
 
@@ -28,42 +28,29 @@
       delegate_to: localhost
       run_once: yes
       pip:
-        requirements: "{{ playbook_dir }}/../roles/{{ item }}/requirements.txt"
+        requirements: "{{ playbook_dir }}/../.roles/{{ item }}/requirements.txt"
         state: present
-        virtualenv: "{{ playbook_dir }}/../venv"
-      loop:
-        - bhean.iptables
-        - bhean.snmpd
-        - bhean.minecraft
+        virtualenv: "{{ playbook_dir }}/../.venv"
+      loop: "{{ roles_to_run }}"
 
 - hosts: minecraft_servers
   gather_facts: true
   any_errors_fatal: true
 
-  vars:
-    ansible_python_interpreter: "python3"
-    role_icinga_private_ip: "192.168.1.19/32"
-    role_icinga_public_ip: "151.80.54.66/32"
-    role_icinga_snmp_community: icinga2
-    role_admin_email: admin@vandalsweb.com
-
   vars_files:
-    - "{{ playbook_dir }}/../vars/iptables.yml"
-    - "{{ playbook_dir }}/../vars/snmpd.yml"
-    - "{{ playbook_dir }}/../vars/minecraft.yml"
+    - "{{ playbook_dir }}/../config/config.yml"
 
   tasks:
-    - name: Running Iptables role
-      include_role:
-        name: bhean.iptables
-      tags: [ 'iptables' ]
-
-    - name: Running SNMPd role
-      include_role:
-        name: bhean.snmpd
-      tags: [ 'snmpd' ]
-
-    - name: Running Minecraft role
+    - name: "Include config files"
+      include_vars:
+        file: "{{ playbook_dir }}/../config/role-{{ role_to_run }}.yml"
+      loop: "{{ roles_to_run }}"
+      loop_control:
+        loop_var: role_to_run
+
+    - name: "Include roles"
       include_role:
-        name: bhean.minecraft
-      tags: [ 'minecraft' ]
+        name: "{{ role_to_run }}"
+      loop: "{{ roles_to_run }}"
+      loop_control:
+        loop_var: role_to_run
diff --git a/config/config.yml b/config/config.yml
new file mode 100644
index 0000000000000000000000000000000000000000..d1ee2b62205143b6e7f113f01ddb976e2eb79b64
--- /dev/null
+++ b/config/config.yml
@@ -0,0 +1,7 @@
+---
+ansible_python_interpreter: "python3"
+
+roles_to_run:
+  - iptables
+  - snmpd
+  - minecraft
diff --git a/vars/iptables.yml b/config/role-iptables.yml
similarity index 100%
rename from vars/iptables.yml
rename to config/role-iptables.yml
diff --git a/vars/minecraft.yml b/config/role-minecraft.yml
similarity index 100%
rename from vars/minecraft.yml
rename to config/role-minecraft.yml
diff --git a/config/role-snmpd.yml b/config/role-snmpd.yml
new file mode 100644
index 0000000000000000000000000000000000000000..9f7ed7bd6eca4bb7886823c456e8a671fd11eba8
--- /dev/null
+++ b/config/role-snmpd.yml
@@ -0,0 +1,14 @@
+---
+icinga_private_ip: "192.168.1.19/32"
+icinga_public_ip: "151.80.54.66/32"
+icinga_snmp_community: icinga2
+
+snmpd_listen_ipv6_enabled: false
+snmpd_information_contact: "Admin <admin@vandalsweb.com>"
+snmpd_communities_readonly:
+  - name: "{{ icinga_snmp_community }}"
+    description: Icinga 2 monitoring system (from Icinga server public IP)
+    from_network: "{{ icinga_public_ip }}"
+  - name: "{{ icinga_snmp_community }}"
+    description: Icinga 2 monitoring system (from Icinga server private IP)
+    from_network: "{{ icinga_private_ip }}"
diff --git a/requirements-roles.yml b/requirements-roles.yml
index 863dc6d887b9ae07dc0f2d18ef833ced2f1ae432..cc68ec4537c4e7e7f778c5fbdbcdc3c7c481230e 100644
--- a/requirements-roles.yml
+++ b/requirements-roles.yml
@@ -3,16 +3,16 @@
 - src: https://code.vandalsweb.com/ansible-roles/iptables.git
   scm: git
   version: origin/master
-  name: bhean.iptables
+  name: iptables
 
 # SNMPd
 - src: https://code.vandalsweb.com/ansible-roles/snmpd.git
   scm: git
   version: origin/master
-  name: bhean.snmpd
+  name: snmpd
 
 # Minecraft
 - src: https://code.vandalsweb.com/ansible-roles/minecraft.git
   scm: git
   version: origin/master
-  name: bhean.minecraft
+  name: minecraft
diff --git a/requirements-tests.txt b/requirements-tests.txt
index c2941c4be021a4d7709e3b3d20b23ceaff2cd421..99327f4801e14ad6d91749298014e080c7ab4277 100644
--- a/requirements-tests.txt
+++ b/requirements-tests.txt
@@ -1,3 +1,3 @@
 -rrequirements.txt
 yamllint~=1.24
-ansible-lint~=4.2
+ansible-lint~=4.3
diff --git a/requirements.txt b/requirements.txt
index 19a11ef75c19dbf498c7805bba2a84cf57e60a1b..74a7518ba3c90538bb6f509b45ee904d5282faa7 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,2 +1,2 @@
 ansible~=2.9
-tox~=3.16
+tox~=3.20
diff --git a/tox.ini b/tox.ini
index 37f43600d4942b244f868cbb98baabd412ee9e48..2b9f884b0eaa5858fcd5372225ea8e6ae021c08f 100644
--- a/tox.ini
+++ b/tox.ini
@@ -6,11 +6,11 @@
 [tox]
 minversion = 3.7
 envlist = py3
-skipsdist=True
+skipsdist = True
 
 [testenv]
 deps = -rrequirements-tests.txt
 
 commands =
-    yamllint -c .yamllint .
-    ansible-lint -c .ansible-lint ansible/playbook.yml
+    yamllint --strict -c .yamllint .
+    ansible-lint -c .ansible-lint -v ansible/playbook.yml
diff --git a/vars/snmpd.yml b/vars/snmpd.yml
deleted file mode 100644
index 90539a947859b7f162c68870a99bed089a2c815e..0000000000000000000000000000000000000000
--- a/vars/snmpd.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-snmpd_listen_ipv6_enabled: false
-snmpd_information_contact: "Admin <{{ role_admin_email }}>"
-snmpd_communities_readonly:
-  - name: "{{ role_icinga_snmp_community }}"
-    description: Icinga 2 monitoring system (from Icinga server public IP)
-    from_network: "{{ role_icinga_public_ip }}"
-  - name: "{{ role_icinga_snmp_community }}"
-    description: Icinga 2 monitoring system (from Icinga server private IP)
-    from_network: "{{ role_icinga_private_ip }}"