diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
deleted file mode 100644
index 0705f6ea233c92944290480a35851feacbfc08bd..0000000000000000000000000000000000000000
--- a/.gitlab-ci.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-
-stages:
-  - test
-
-test_mail:
-  stage: test
-  tags: [ai3]
-  script:
-    - ./run-test.sh --mixin mail --registry-password $REGISTRY_PASSWORD
-  only:
-    - master
-
-variables:
-  GIT_SUBMODULE_STRATEGY: normal
-
diff --git a/.gitmodules b/.gitmodules
deleted file mode 100644
index 8b58f96a8ba5b1d1a3e4f93455dc214405403669..0000000000000000000000000000000000000000
--- a/.gitmodules
+++ /dev/null
@@ -1,6 +0,0 @@
-[submodule "float"]
-	path = float
-	url = ../../ai3/float.git
-[submodule "testdata"]
-	path = testdata
-	url = ../../ai3/testdata.git
diff --git a/HOWTO_DOCKER_TESTING.md b/HOWTO_DOCKER_TESTING.md
deleted file mode 100644
index 5775d48360dd938e47e43e437214145c101f9a6c..0000000000000000000000000000000000000000
--- a/HOWTO_DOCKER_TESTING.md
+++ /dev/null
@@ -1,61 +0,0 @@
-### COME TESTARE UNA MODIFICA IN UN CONTAINER DOCKER
-
-es. voglio testare una modifica in roundcube
-
-entro nel repository git di docker-roundcube
-
-creo un branch TestNuovaFeature
-
-```shell
-git checkout -b TestNuovaFeature
-```
-
-faccio le mie modifiche
-
-```shell
-git commit -a "mie modifiche per nuova feature"
-```
-
-```shell
-git push origin TestNuovaFeature
-```
-
-controllo che venga fatto correttamente il build dell'immagine:
-https://git.autistici.org/ai3/docker-roundcube/pipelines
-
-per testare la modifica vado nel git di testbed e 
-apro il file services.mail.yml che contiene il riferimento all'immagine docker di roundcube:
-
-```shell
-image: registry.git.autistici.org/ai3/docker-roundcube:master
-```
-
-e lo modifico in modo da non usare il branch master ma il branch di test: 
-
-```shell
-image: registry.git.autistici.org/ai3/docker-roundcube:TestNuovaFeature
-```
-
-nel testbed lancio i comandi per ricostruire l'ambiente come da README:
-
-```shell
-[.....] float run site.yml
-```
-
-**verifico che tutto funzioni** 
-
-torno nel git di roundcube e mando le modifiche sul branch master
-
-```shell
-git checkout master
-```
-
-```shell
-git merge TestNuovaFeature
-```
-
-```shell
-git push
-```
-
-in ultimo rimetto a posto il file services-mail.yml per puntare di nuovo al branch master
diff --git a/README.md b/README.md
index 2c752177d3fc8f57a6e14d47e98a4dfb82c47ee4..02bb3e194654f551171f2c5218f8c23d8ba4345a 100644
--- a/README.md
+++ b/README.md
@@ -1,254 +1 @@
-ai3 infrastructure test environment
-===================================
-
-Ambiente di test per l'infrastruttura AI3, usando il sistema di
-orchestration minimale [float](https://git.autistici.org/ai3/float).
-
-La struttura delle directory in questo repository è la seguente:
-
-* `float` contiene il *framework* Ansible menzionato sopra, come un
-  sub-modulo git.
-* `rules` contiene la configurazione specifica Ansible dei servizi A/I
-  (cf. [README](rules/README.md)).
-* `create-test-env` è uno script per creare al volo ambienti di
-  test per vari servizi di A/I.
-* `services.*.yml` e `passwords.*.yml` contengono le descrizioni dei
-  servizi e delle credenziali per vari gruppi di configurazioni di
-  alto livello (web, mail, etc) che possiamo includere in modo
-  modulare negli ambienti di test (e in produzione, ovviamente).
-
-Questo repository consente di creare rapidamente ambienti di test con
-alcune configurazioni standard (*web*, *mail*, *noblogs*, etc),
-facilmente customizzabili per testare nuovi servizi o variazioni su
-quelli esistenti. L'intenzione è di includere dati di test e
-automazione per la verifica, così da essere sicuri che i cambiamenti
-abbiano l'effetto voluto.
-
-# Prerequisiti
-
-Eseguire ambienti di test significa creare una o più VM, ed usare
-Ansible per configurarle. Questo richiede la presenza di una discreta
-quantità di software sull'host usato per lanciare i test. Per
-semplicità è stato deciso di supportare un unico ambiente di
-virtualizzazione (Vagrant con Virtualbox), anche se sono stati fatti
-[esperimenti con Qubes](README.old.md) con successo: questa decisione
-riguarda esclusivamente i tool di automazione della creazione di
-ambienti di test, *float* funziona con qualsiasi host virtuale o meno.
-
-Siccome l'ambiente completo di testing di A/I richiede un po' di
-risorse (principalmente banda), abbiamo messo a disposizione un server
-fisico condiviso per fare esperimenti con questo repository. Quindi si
-può scegliere se installare l'ambiente di test in locale (comunque
-consigliato dove possibile), oppure se utilizzare il server condiviso.
-
-## Opzione 1: installazione sul proprio PC
-
-L'unica distribuzione supportata al momento è Debian Stretch, anche se
-è possibile far funzionare il tutto su [altre versioni di Linux e
-OSX](README.old.md). In questo caso ci serviremo comunque del
-repository *debian-backports* per avere versioni recenti dei tool:
-
-```shell
-echo deb http://deb.debian.org/debian stretch-backports main \
-  | sudo tee /etc/apt/sources.list.d/backports.list
-sudo apt update
-sudo apt install golang bind9utils apt-cacher-ng
-sudo apt install -t stretch-backports ansible vagrant virtualbox
-export GOPATH=$HOME/go
-export PATH=$PATH:$GOPATH/bin
-mkdir $GOPATH
-go get git.autistici.org/ale/x509ca
-go get git.autistici.org/ale/ed25519gen
-```
-
-### Mitogen (opzionale)
-
-[Mitogen](https://mitogen.readthedocs.io/en/stable/ansible.html) è un
-plugin per Ansible che gestisce in modo furbo le connessioni SSH agli
-host. Il risultato è che le esecuzioni di Ansible dopo la prima (in
-cui il tempo di esecuzione è comunque dominato dall'installazione del
-software) diventano effettivamente 4x-10x volte più veloci, cosa molto
-utile in fase di test.
-
-Per installare Mitogen:
-
-```shell
-cd $HOME
-curl -s https://codeload.github.com/dw/mitogen/tar.gz/v0.2.3 \
-    | tar xzf -
-export MITOGEN=$HOME/mitogen-0.2.3
-```
-
-Quando la variabile di ambiente `MITOGEN` è definita, il tool
-*create-test-env* (vedi sotto) modificherà automaticamente le
-configurazioni di Ansible generate per supportare Mitogen. Conviene
-aggiungere l'ultima riga (quella con "export") al proprio *.bashrc*
-per persistere questa configurazione.
-
-## Opzione 2: utilizzo del server condiviso
-
-Per collegarsi al server condiviso (ci sarà la vostra chiave SSH):
-
-```shell
-ssh -A barakus@contumacia.investici.org
-```
-
-dopodiché create una directory col vostro nome, da usare come spazio
-di lavoro personale, ed eseguite tutti i comandi successivi da lì.
-
-Il server condiviso ha abbastanza memoria e spazio disco da poter
-lanciare test complessi, ed ha già tutti i prerequisiti installati,
-quindi in questo caso non c'è da fare nient'altro e si può procedere
-con l'[installazione](#installazione).
-
-# Installazione
-
-Per installare ai3/testbed è sufficiente clonare il repository. È
-necessaria particolare attenzione per via dell'uso dei sub-moduli git:
-
-```shell
-git clone --recurse-submodules git@git.autistici.org:ai3/testbed.git
-```
-
-e quando si aggiorna il repository bisogna ricordarsi di fare
-
-```shell
-git pull && git submodule update --init --recursive
-```
-
-per farlo si puo' usare il comando git pullall (git >= 2.14) creato con:
-
-```shell
-git config --global alias.pullall '!git pull && git submodule update --init --recursive'
-```
-
-
-# Utilizzo
-
-Per creare un ambiente di test e fare delle prove con i servizi, è
-necessario essere in possesso del token di autenticazione per
-*registry.git.autistici.org* (a nome *docker-registry-client*, si
-trova nel repository dei gatti in *accounts*). Una volta ottenutolo,
-si possono creare nuovi ambienti di test a piacimento, ciascuno in una
-sua directory, selezionando di volta in volta i componenti da testare,
-usando il tool *create-test-env*. Per esempio, assumiamo che il
-suddetto token di autenticazione sia nella variabile `$TOKEN`, e
-creiamo un ambiente di test contenente soltanto noblogs:
-
-```shell
-cd testbed
-./create-test-env --registry-password $TOKEN --mixin noblogs ./env/test-noblogs
-```
-
-L'opzione --mixin identifica un gruppo di servizi, e può essere
-specificata più volte, aggiungendo via via gruppi di servizi
-all'ambiente di test. Tra i mixin disponibili al momento ci sono *web*
-(hosting siti utenti), *mail* (posta utenti), e *noblogs* (soltanto
-noblogs.org), ovvero i servizi utente senza dipendenze tra loro.
-
-A questo punto ci sarà una configurazione di *float* nella directory
-*./env/test-noblogs*. Per usarla, lanciamo i comandi suggeriti da
-*create-test-env*:
-
-```shell
-cd env/test-noblogs
-export ANSIBLE_VAULT_PASSWORD_FILE=.ansible_vault_pw
-export ANSIBLE_HOST_KEY_CHECKING=False
-../../float/float init-credentials
-vagrant up
-../../float/float run site.yml
-```
-
-Una volta che Ansible ha avuto successo, si può lanciare la test suite
-per verificare che i servizi stiano effettivamente funzionando:
-
-```shell
-../../float/float run integration-test
-```
-
-Si può anche usare un browser per controllare i servizi offerti,
-usando un proxy SOCKS5 di debugging inserito
-nell'infrastruttura. Nella directory dell'environment (in questo caso
-*env/test-noblogs*) c'è uno script *test-browser* che lancia
-Chrome/Chromium con i parametri corretti, per altri browser bisognerà
-configurare il proxy a mano usando l'indirizzo scritto in quel file.
-
-Se state usando il server condiviso, si può connettersi al proxy
-SOCKS5 guardando l'IP presente nel file
-*env/test-noblogs/test-browser* e poi dicendo a SSH di forwardargli una
-qualsiasi porta locale -- per questo esempio scegliamo 9999. La porta
-remota invece e' sempre 9051:
-
-```shell
-ssh -L 9999:$QUELL_IP:9051 barakus@contumacia.investici.org
-```
-
-il comando qui sopra rende disponibile un proxy SOCKS5 all'indirizzo
-*localhost:9999*. Bisogna poi configurare il proprio browser per usare
-questo proxy, usando lo script *test-browser* che si trova nella
-cartella principale del repository git di testbed, per esempio:
-
-```shell
-./test-browser  --proxy 127.0.0.1:9999 https://admin.investici.org/ &
-```
-
-Una volta completati i test, non dimenticarsi di fermare le virtual
-machines lanciando (sempre dalla directory dell'ambiente di test):
-
-```shell
-vagrant destroy -f
-```
-
-Per controllare l'esecuzione delle VM, ad esempio per sospendere le VM in
-mancanza di memoria i comandi sono questi:
-
-```shell
-vagrant suspend
-vagrant resume
-```
-
-# Documentazione
-
-## Sull'architettura
-
-Volendo invece capire come usare *float* per scrivere servizi, o per
-capire come è stato usato per quelli già scritti, ci sono numerose
-risorse a disposizione. In generale si fa riferimento ai documenti di
-design pubblicati in [ai3/notes](https://git.autistici.org/ai3/notes).
-
-Più nello specifico:
-
-* [ai3/notes/config-mgmt.md](https://git.autistici.org/ai3/notes/blob/master/config-mgmt.md)
-  e
-  [ai3/notes/internal-api.md](https://git.autistici.org/ai3/notes/blob/master/internal-api.md)
-  descrivono architettura e features del *framework* infrastrutturale;
-* [ai3/notes/trust.md](https://git.autistici.org/ai3/notes/blob/master/trust.md)
-  descrive il modello di gestione delle credenziali usando git e GPG;
-
-Inoltre abbiamo creato dei *tutorial* per introdurre i concetti usati
-dal framework:
-
-* [ai3/tutorial-1](https://git.autistici.org/ai3/tutorial-1)
-* [ai3/tutorial-2](https://git.autistici.org/ai3/tutorial-2)
-
-C'è infine la documentazione del framework di base usato per creare
-ai3 (la parte infrastrutturale), che si chiama
-[float](https://git.autistici.org/ai3/float):
-
-* [documentazione su Ansible](float/docs/ansible.md)
-* [reference per la configurazione](float/docs/configuration.md)
-* [struttura dell'interazione tra servizi](float/docs/service_mesh.md)
-* [routing delle richieste HTTP in ingresso](float/docs/http_router.md)
-
-## Sulla "meccanica"
-
-Gli script usati qua sopra fanno una certa quantità di lavoro dietro
-le quinte, volendo approfondire di cosa si tratta ci sono diversi
-spunti da seguire:
-
-* [guida al troubleshooting di Ansible](TROUBLESHOOTING.md)
-* la [vecchia documentazione di questo repository](README.old.md)
-  (in attesa di riorganizzazione) affronta in dettaglio il setup
-  di Vagrant, Virtualbox, Ansible, etc.
-* il [codice sorgente di create-test-env](create-test-env) contiene
-  numerosi commenti che spiegano cosa fa
+Questa directory contiene i ruoli Ansible relativi ai servizi di A/I.
diff --git a/README.old.md b/README.old.md
deleted file mode 100644
index d932716ebdb14e924be1d87d097dbf544ac84931..0000000000000000000000000000000000000000
--- a/README.old.md
+++ /dev/null
@@ -1,408 +0,0 @@
-ai3 infrastructure test environment
-===================================
-
-Ambiente di test per l'infrastruttura AI3.
-
-Questo repository attualmente contiene:
-
-* un *framework* infrastrutturale per gestire servizi distribuiti
-  (comprensivo di scheduling, *service mesh*, etc) usando Ansible;
-* la configurazione dei servizi di A/I usando il suddetto framework;
-* *mock* dei repository di configurazione per testare sia il setup di
-  produzione (GPG-encrypted) che quello di test (credenziali
-  autogenerate).
-
-In prospettiva, queste componenti saranno suddivise in repository
-separati, al momento sono accentrati in un unico repository per
-velocizzare il ciclo di test e sviluppo (e anche perché non abbiamo
-ancora un ambiente di produzione).
-
-La struttura delle directory in questo repository è la seguente:
-
-* `root` emula il *nucleo base di trust* come descritto in
-  [ai3/notes/trust.md](https://git.autistici.org/ai3/notes/blob/master/trust.md)
-  (cf. [README](root/README.md))
-* `conf` emula il repository di credenziali di *secondo livello*,
-  sempre come descritto in
-  [ai3/notes/trust.md](https://git.autistici.org/ai3/notes/blob/master/trust.md)
-* `float` contiene il *framework* Ansible menzionato sopra
-* `rules` contiene la configurazione specifica dei servizi A/I
-  (cf. [README](rules/README.md)).
-* `env` contiene vari ambienti di test, ciascuno configurato per
-  testare rapidamente aspetti diversi del sistema. *test-full*, come
-  il nome suggerisce, è l'ambiente di test completo con tutti i servizi.
-
-# Documentazione
-
-C'è una [guida rapida per gli impazienti](QUICK.md) che si può seguire
-per ottenere rapidamente un ambiente di test in locale con cui
-sperimentare.
-
-In generale si fa riferimento ai documenti di design pubblicati in
-[ai3/notes](https://git.autistici.org/ai3/notes).
-
-Più nello specifico:
-
-* [ai3/notes/config-mgmt.md](https://git.autistici.org/ai3/notes/blob/master/config-mgmt.md)
-  e
-  [ai3/notes/internal-api.md](https://git.autistici.org/ai3/notes/blob/master/internal-api.md)
-  descrivono architettura e features del *framework* infrastrutturale;
-* [ai3/notes/trust.md](https://git.autistici.org/ai3/notes/blob/master/trust.md)
-  descrive il modello di gestione delle credenziali usando git e GPG;
-
-Inoltre abbiamo creato dei *tutorial* per introdurre i concetti usati
-dal framework:
-
-* [ai3/tutorial-1](https://git.autistici.org/ai3/tutorial-1)
-* [ai3/tutorial-2](https://git.autistici.org/ai3/tutorial-2)
-
-C'è infine la documentazione del framework di base usato per creare
-ai3 (la parte infrastrutturale), che si chiama *float*:
-
-* [documentazione su Ansible](float/docs/ansible.md)
-* [reference per la configurazione](float/docs/configuration.md)
-* [struttura dell'interazione tra servizi](float/docs/service_mesh.md)
-* [routing delle richieste HTTP in ingresso](float/docs/http_router.md)
-
-
-# Utilizzo
-
-I passi seguenti marcati *Setup* vanno eseguiti una volta sola, per
-preparare l'esecuzione locale dell'ambiente di test. Successivamente
-si potrà lanciare vagrant ed ansible tutte le volte che sarà
-necessario (oppure usare tre appVM standalone su Qubes OS).
-
-## Setup: git
-
-Questo repository importa [float](https://git.autistici.org/ai3/float)
-come un *submodule* git, quindi va inizializzato dopo aver clonato il
-repository:
-
-```
-git submodule init
-git submodule update
-```
-
-Questo riempirà la directory *float* con i contenuti necessari.
-
-## Setup: Vagrant
-
-*Se usi Qubes OS, segui le istruzioni alternative più sotto.*
-
-L'ambiente di test utilizza [Vagrant](https://www.vagrantup.com/) per
-creare delle VM dove installare i servizi, in locale sul proprio
-computer. Lo scopo di Vagrant è soltanto quello di avviare delle
-virtual machines, installarvi Debian stretch, e garantire che vi si
-possa accedere via SSH: se hai un modo alternativo di ottenere lo
-stesso risultato (per esempio appunto con Qubes, o con lxc, o libvirt,
-o qualsiasi cosa), Vagrant non è necessario.
-
-Nota bene che, nel caso utilizzi un meccanismo alternativo, è
-altamente probabile che debba modificare l'*inventory* dei vari
-ambienti di esempio e di test per riflettere gli IP / utenti
-effettivamente utilizzati.
-
-Requisiti:
-
-* Python2 (!!)
-* [Ansible](http://docs.ansible.com/ansible/latest/intro_installation.html#installing-the-control-machine) (versione >= 2.4.1)
-* [Virtualbox](https://www.virtualbox.org/manual/ch02.html) (per usare Vagrant)
-* [Vagrant](https://www.vagrantup.com/docs/installation/) (versione > 1.8.7)
-* [Go](https://golang.org/) per compilare un paio di mini-tool ausiliari
-* *dnssec-keygen*, un tool che fa parte di *bind9* e serve a generare
-  chiavi TSIG per controllare il DNS
-
-Su un sistema Debian, da root:
-
-```
-echo deb http://ppa.launchpad.net/ansible/ansible/ubuntu trusty main \
-    > /etc/apt/sources.list.d/ansible.list
-apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367
-echo deb http://download.virtualbox.org/virtualbox/debian stretch contrib \
-    > /etc/apt/sources.list.d/virtualbox.list
-apt-key adv --keyserver sks-keyservers.net --recv-keys A2F683C52980AECF
-apt-get update
-apt-get install ansible vagrant virtualbox-5.1 golang bind9utils
-```
-
-(Nota: serve esplicitamente VirtualBox 5.1, 5.2 non funziona con la
-versione di Vagrant in Debian...)
-
-Su Ubuntu sufficientemente recente dovrebbero bastare i pacchetti di
-sistema per Vagrant/Virtualbox:
-
-```
-apt-get install vagrant virtualbox
-```
-
-Su OS X e' possibile installare tutto con [Homebrew](https://brew.sh/):
-
-```
-brew install go ansible gpg
-brew cask install vagrant virtualbox
-```
-
-## Setup: Inizializzazione delle credenziali
-
-Al momento stiamo emulando un ambiente di produzione (un po' per
-essere sicuri che la metodologia funzioni, un po' per impratichirci
-con quello che sarà il funzionamento finale), però il setup è
-incompleto, quindi è ancora necessario fare dei passaggi manuali per
-inizializzare le varie credenziali usate dal sistema.
-
-In futuro questo passaggio non sarà necessario, in quanto avremo:
-* un ambiente di produzione che userà credenziali prese da un
-  repository già esistente
-* un ambiente di test che genererà tutto da solo senza fare domande.
-
-Nel frattempo, bisogna dunque creare la passphrase globale per
-ansible-vault, crittandola con la propria chiave GPG (*nota 1*: tutti
-i comandi di seguito vanno eseguiti dalla directory di base di questo
-repository, quella che contiene questo README; *nota 2*: se invece di
-`gpg` avete `gpg2`, usate quello):
-
-Prima di tutto settiamo l'id della nostra chiave gpg che vogliamo usare
-
-	MIA_CHIAVE=<insersci id della chiave gpg che vuoi usare>
-
-Settiamo la passphrase globale per ansible-vault. Per simulare
-l'ambiente di produzione finale, dove questa password sarà distribuita
-crittata con GPG in un repository simile ai *gatti*, crittiamo questa
-passphrase con GPG (qui la passphrase di esempio è *trallallero*,
-sostituitela se volete con quel che vi pare):
-
-```
-echo trallallero | gpg --encrypt -r $MIA_CHIAVE \
-    > root/vault_pw.gpg
-```
-
-Per lo stesso motivo bisogna copiare la password dell'account
-*docker-registry-client* dal repository ai/gatti e metterla dove il
-testbed possa leggerla. Per fare questo, supponendo che il repository
-dei gatti sia in `$HOME/gatti`:
-
-```
-gpg -d $HOME/gatti/docker-for-ai3.yml | tail -n +2 \
-    | gpg --encrypt -r $MIA_CHIAVE \
-    > root/vars/docker.yml.gpg
-```
-
-## Setup: Tool ausiliari
-
-Ci sono un paio di piccoli tool che vanno installati a mano, servono a
-generare chiavi e certificati. Per fare ciò bisogna aver configurato
-correttamente un ambiente di sviluppo Go, che banalmente implica
-impostare due variabili di ambiente:
-
-```
-export GOPATH=$HOME/go
-export PATH=$PATH:$GOPATH/bin
-```
-
-Fatto questo, i tool si installano con due comandi:
-
-```
-go get -u git.autistici.org/ale/x509ca
-go get -u git.autistici.org/ale/ed25519gen
-```
-
-È importante lanciare questi comandi regolarmente, per avere sempre
-l'ultima versione dei tool, dato che ogni tanto potremmo introdurre
-delle incompatibilità.
-
-## Setup (opzionale): cache APT
-
-Per evitare di dover scaricare una tonnellata di pacchetti Debian ogni
-volta che si installano le macchine di test, conviene installare una
-cache sul proprio PC. Il pacchetto raccomandato è *apt-cacher-ng*, non
-ha bisogno di particolare configurazione, lancia un demone in ascolto
-sulla porta 3142. Per dire al testbed di usare la cache:
-
-```
-sudo apt-get install apt-cacher-ng
-echo "apt_proxy: 192.168.10.1:3142" > env/test-base/group_vars/all/apt_proxy.yml
-```
-
-Ricordandoci che 192.168.10.1 è l'IP del proprio PC sulla rete
-virtuale usata da Vagrant.
-
-## Setup (opzionale): mitogen
-
-Per ottenere la desiderabile [velocità
-smodata](https://www.youtube.com/watch?v=NeGBiDMot7A) conviene assai
-installare
-[Mitogen](https://mitogen.readthedocs.io/en/stable/index.html), un
-oggetto che comprende un'estensione per Ansible in grado di
-velocizzare di parecchio l'esecuzione dei task. Conviene consultare le
-[istruzioni di installazione di
-mitogen](https://mitogen.readthedocs.io/en/stable/ansible.html#installation),
-che sono piuttosto semplici (il punto riguardo *sudoers* non si
-applica al nostro caso), ed assicurarsi che tutti gli *ansible.cfg*
-dei vari ambienti di esempio e test che si usano contengano quelle due
-righe con *strategy_plugins* e *strategy* nella sezione
-*\[defaults\]*.
-
-*Nota*: per funzionare bene con Vagrant è necessario dire ad Ansible
-di disabilitare il check delle chiavi degli host, per qualche motivo
-mitogen lo ri-abilita, quindi serve sempre, prima di invocare *float*:
-
-```
-export ANSIBLE_HOST_KEY_CHECKING=False
-```
-
-## Vagrant
-
-La documentazione dettagliata su come gestire le VM con Vagrant esula
-da questo documento, a livello minimo è sufficiente sapere che il
-comando *vagrant* va lanciato da una delle directory sotto `env/`,
-corrispondenti a differenti ambienti di test, e che per tirare su le
-VM bisogna dirgli (per esempio):
-
-```
-cd env/test-full
-vagrant up
-```
-
-Mentre per spegnere e cancellare le VM si usa:
-
-```
-vagrant destroy
-```
-
-Vagrant è configurato per creare due o più VM sulla rete 192.168.10.x:
-*host1* (192.168.10.10), *host2* (192.168.10.11), etc.
-
-## Ansible
-
-Per lanciare Ansible e configurare l'ambiente di test servono i
-seguenti elementi:
-
-* un modo per accedere alla passphrase di ansible-vault
-* una configurazione (elenco di host e servizi), che passiamo ad
-  Ansible come *inventory*
-
-Dentro la directory *env/* sono presenti una serie di ambienti di test
-predefiniti, per questo esempio useremo *test-full*, che lancia due vm
-con Vagrant (un front-end ed un back-end), e vi configura lo stack
-completo dei servizi a/i.
-
-Prima di qualsiasi altra cosa, è necessario lanciare il playbook
-chiamato *init-credentials.yml* per inizializzare le PKI (certificati,
-chiavi ssh etc) e autogenerare un tot di password:
-
-```
-cd env/test-full
-ANSIBLE_VAULT_PASSWORD_FILE=../../root/vault_pw.gpg \
-    ../../float/float init-credentials
-```
-
-Questo va fatto una volta sola, poi non è più necessario (a meno di
-aver modificato il file *passwords.yml*).
-
-Dopodiché è possibile lanciare normalmente Ansible, tutte le volte che
-lo si desidera, con:
-
-```
-ANSIBLE_VAULT_PASSWORD_FILE=../../root/vault_pw.gpg \
-    ../../float/float run site.yml
-```
-
-(sempre dalla directory *env/test-full* di cui sopra).
-
-Dover sempre specificare ANSIBLE_VAULT_PASSWORD_FILE diventa
-rapidamente noioso, in tal caso è possibile esportare la variabile
-d'ambiente di modo che sia settata per tutte le esecuzioni successive
-di *float*. Per evitare confusioni quando si cambia ambiente di
-test in questo caso conviene usare un path assoluto.
-
-Per dettagli su come è strutturato il file di configurazione ed il
-modo in cui usiamo Ansible, vedere [rules/README.md](rules/README.md).
-
-
-## Setup alternativo: Qubes OS
-
-L'ambiente di test può essere basato su tre appVM standalone su Qubes OS basate su Debian 9:
-
-1. VM in cui scaricare questa repository e da cui lanciare lo script Ansible (macchina dev)
-2. VM per host 1
-3. VM per host 2
-
-Requisiti per la macchina 1:
-
-* Python2 (!!)
-* [Ansible](http://docs.ansible.com/ansible/latest/intro_installation.html#installing-the-control-machine) (versione >= 2.4.1)
-* [Go](https://golang.org/) per compilare un paio di mini-tool ausiliari
-
-Per installare queste dipendenze, nell'appVM in cui ha scaricato questa repository, lancia i seguenti comandi da root:
-
-```
-echo deb http://ppa.launchpad.net/ansible/ansible/ubuntu trusty main \
-    > /etc/apt/sources.list.d/ansible.list
-
-apt-get install ansible golang
-```
-
-Prima di cominciare, devi autorizzare il networking fra queste tre macchine (seguendo [queste istruzioni](https://www.qubes-os.org/doc/firewall/#enabling-networking-between-two-qubes):
-
-1. Tutte e tre le macchine devono essere collegate alla stessa firewall VM
-2. Nella firewall VM autorizza il networking fra le macchine con i seguenti comandi (assumendo che "10.137.2.A" sia l'indirizzo IP della macchina dev, "10.137.2.B" sia host1 e "10.137.2.C" sia host2):
-
-```
-sudo iptables -I FORWARD 2 -s 10.137.2.A -d 10.137.2.B -j ACCEPT
-sudo iptables -I FORWARD 2 -s 10.137.2.A -d 10.137.2.C -j ACCEPT
-sudo iptables -I FORWARD 2 -s 10.137.2.C -d 10.137.2.B -j ACCEPT
-sudo iptables -I FORWARD 2 -s 10.137.2.B -d 10.137.2.C -j ACCEPT
-```
-3. In host 1 autorizza il networking dalla macchina dev e da host2:
-
-```
-sudo iptables -I INPUT -s 10.137.2.A -p tcp --dport 22 -j ACCEPT
-sudo iptables -I INPUT -s 10.137.2.C -p tcp --dport 22 -j ACCEPT
-```
-
-4. In host 2 autorizza il networking dalla macchina dev e da host1:
-
-```
-sudo iptables -I INPUT -s 10.137.2.A -p tcp --dport 22 -j ACCEPT
-sudo iptables -I INPUT -s 10.137.2.B -p tcp --dport 22 -j ACCEPT
-```
-
-Ti conviene anche generare una chiave GPG e una chiave ssh nella macchina dev per seguire le istruzioni.
-
-Aggiungi la chiave pubblica ssh che hai generato nella macchina dev alle authorized keys nella cartella .ssh di host1 e host2. Prima di lanciare lo script, ti conviene importare la chiave ssh nell'ssh agent della macchina dev.
-
-
-### Setup e Ansible
-
-*Da questo punto in poi torna su alle istruzioni nella sezione su Vagrant (a partire dalla sezione "Setup: Inizializzazione delle credenziali" e saltando la sezione per Vagrant. Usa l'env `test-qubes` invece dell'env `test-full`*
-
-
-## Esecuzioni successive
-
-Ogni volta che si vuole lanciare un ambiente di test, conviene
-ricordarsi di fare alcune cose *prima*, per aggiornare il repository:
-
-* lanciare `git pull`
-* lanciare `git submodule update`
-
-ed alcune cose *dopo*:
-
-* lanciare `vagrant destroy`, altrimenti le VM rimangono attive e
-  occupano risorse
-
-# Contribuire al repository
-
-È molto importante che in ogni dato momento, l'ambiente di test sia
-funzionale e *corretto*. Per questo, quando si fanno delle modifiche
-non banali, è meglio utilizzare un *branch* dedicato, e soltanto alla
-fine, quando si sia verificato il corretto funzionamento della
-modifica, usare una *merge request* sul branch *master*.
-
-Per fare un esempio, se dobbiamo aggiungere il servizio blah:
-
-```
-git checkout -b blah
-... # modifiche, e verifiche di vario tipo
-git commit
-git push -u origin blah
-```
diff --git a/WHAT.md b/WHAT.md
deleted file mode 100644
index f0c6b76ce90df46edbc7e77ced08a815cba3db13..0000000000000000000000000000000000000000
--- a/WHAT.md
+++ /dev/null
@@ -1,51 +0,0 @@
-Cosa fare
-===
-
-Istruzioni per guardarsi intorno, e debugging / troubleshotting
-generico. Ovvero una serie di risposte e suggerimenti alla domanda
-*"ora che un ipotetico ambiente di test è su, cosa si può fare?"*.
-
-## Utenti
-
-La prima cosa da sapere è che nell'ambiente di test esiste un utente
-*amministratore* ed alcuni utenti normali. L'utente amministratore si
-chiama *admin*, ed ha accesso a tutte le interfacce di debugging e
-gestione del sistema.
-
-Tutte le password degli utenti sono *"password"*, tranne *uno@investici.org*
-che ha password *"porcodio"*
-
-Gli utenti di test sono *uno@investici.org*, *due@investici.org* e
-*tre@investici.org*.
-"uno" NON ha le chiavi per la posta crittata, "due" si'
-per il resto sono uguali, hanno solo una diversa distribuzione di
-vari tipi di risorse come email, liste e siti web.
-
-
-
-Per quanto riguarda SSH, l'ambiente di test non configura SSH in alcun
-modo quindi è sempre possibile accedere a tutte le macchine come
-utente *vagrant* e diventare root:
-
-```shell
-cd env/test-noblogs
-vagrant ssh host1
-sudo su
-```
-
-## Servizi amministrativi
-
-La prima cosa da guardare come amministratore normalmente è la
-*dashboard di sistema*, presso https://admin.investici.org (o quel che
-è il dominio di test). Questa contiene un elenco di tutti i servizi, e
-link alle relative pagine di monitoring e di log.
-
-## Servizi utente
-
-Il pannello utente si trova presso https://accounts.investici.org/.
-
-
-Se si vuole vedere i log mentre si opera con un utente si devono creare
-due diverse persone in chromium, cosi' da avere due finestre con utenti
-e cookies separati.
-
diff --git a/create-test-env b/create-test-env
deleted file mode 100755
index 7019ed8053aa4fc292af4b20647b57011f1fb7dd..0000000000000000000000000000000000000000
--- a/create-test-env
+++ /dev/null
@@ -1,281 +0,0 @@
-#!/bin/bash
-#
-# Create a test environment using 'float create-env', then modifying
-# it with some ai-specific parameters.
-#
-
-usage() {
-    cat >&2 <<EOF
-Usage: $0 [<options>] <dir>
-
-Create a a/i test environment using ai3/float and ai3/testbed. The newly
-created environment will have all the necessary configuration to test the full
-autistici.org set up, or parts of it.
-
-The parts to include in the test environment correspond to high-level groups
-of services, and are called 'mixins'. You can combine more than one by using
-the --mixin option multiple times. Available mixins currently include:
-
-  'web' - the web hosting stack
-  'mail' - email services and account management services
-  'noblogs' - just noblogs.org
-
-Known options:
-
-  --hosts N         Turn up N virtual machines (default: 2)
-  --mixin NAME      Include mixin NAME in the test environment
-  --registry-password PASSWORD
-                    Specify the password for the docker-registry-client user
-                    on registry.git.autistici.org, to access the private
-                    images on the Docker registry
-
-As a convenience, if the environment variable MITOGEN is not empty and points
-at the Mitogen source directory, the generated ansible.cfg will already be
-properly configured to use Mitogen's Ansible plugin.
-
-EOF
-    exit 2
-}
-
-# Get the absolute path of the testbed root directory, the one
-# containing this same script.
-testbed_root_dir="$(dirname "$0")"
-testbed_root_dir="${testbed_root_dir:-.}"
-testbed_root_dir="$(cd "$testbed_root_dir" && pwd)"
-
-preflight_checks() {
-    # Find the float binary.
-    float_bin="${testbed_root_dir}/float/float"
-    if [ ! -x "$float_bin" ]; then
-        echo "The ./float/float binary does not seem to be there. Have you already run 'git submodule init' and 'git submodule update'?" >&2
-        exit 1
-    fi
-
-    # Find required local binaries
-    local_binaries="x509ca ed25519gen"
-    for binary in $local_binaries; do
-      path=$(command -v "$binary")
-      if [ -z "$path" ]; then
-        echo "Could not find $binary in \$PATH."
-        echo "Make sure these commands are available: $local_binaries"
-        exit 1
-      fi
-    done
-}
-
-preflight_checks
-
-# Parse command-line options.
-docker_registry_password=
-services_mixin=common
-num_hosts=2
-while [ $# -gt 0 ]; do
-    case "$1" in
-        -h|--help)
-            usage
-            ;;
-
-        --registry-password=*)
-            docker_registry_password="${1##*=}"
-            ;;
-        --registry-password)
-            docker_registry_password="$2"
-            shift
-            ;;
-
-        --mixin=*)
-            services_mixin="$services_mixin ${1#*=}"
-            ;;
-        --mixin)
-            services_mixin="$services_mixin $2"
-            shift
-            ;;
-
-        --hosts=*)
-            num_hosts="${1##*=}"
-            ;;
-        --hosts)
-            num_hosts="$2"
-            shift
-            ;;
-
-        -*)
-            echo "Unknown option $1" >&2
-            exit 2
-            ;;
-        *)
-            break
-            ;;
-    esac
-    shift
-done
-
-# The output directory is the first argument.
-if [ $# -lt 1 ]; then
-    echo "Not enough arguments" >&2
-    usage
-fi
-dir="$1"
-if [ -e "$dir" ]; then
-    echo "The output directory ${dir} already exists! Remove it if you want to re-create the test environment." >&2
-    exit 1
-fi
-
-create_env_opts=
-if [ -n "$MITOGEN" ]; then
-    if [ ! -d "$MITOGEN" ]; then
-        echo "The MITOGEN environment variable is set, but does not point to a directory" >&2
-    else
-        create_env_opts="--mitogen $MITOGEN"
-    fi
-fi
-create_env_opts="--domain ${DOMAIN:-investici.org} ${create_env_opts}"
-
-"$float_bin" create-env --vagrant --num-hosts $num_hosts $create_env_opts "$dir"
-if [ $? -gt 0 ]; then
-    echo "ERROR, test environment creation incomplete" >&2
-    exit 1
-fi
-
-# Fix the path to the ai3/testbed roles.
-sed -e "s,^\\(roles_path.*\\):roles\$,\\1:${testbed_root_dir}/rules/roles," -i \
-    "${dir}/ansible.cfg"
-
-# Generate the services.yml file (overwriting the one created by float
-# create-env).
-cat > "${dir}/services.yml" <<EOF
----
-
-include:
-  - "${testbed_root_dir}/float/services.yml.default"
-EOF
-for mixin in $services_mixin; do
-    if [ -e "${testbed_root_dir}/services.${mixin}.yml" ]; then
-        echo "  - \"${testbed_root_dir}/services.${mixin}.yml\"" \
-             >> "${dir}/services.yml"
-    fi
-done
-
-# Generate the passwords.yml file (overwriting the one created by
-# float create-env).
-cat > "${dir}/passwords.yml" <<EOF
----
-
-- include: "${testbed_root_dir}/float/passwords.yml.default"
-EOF
-for mixin in $services_mixin; do
-    if [ -e "${testbed_root_dir}/passwords.${mixin}.yml" ]; then
-        echo "- include: \"${testbed_root_dir}/passwords.${mixin}.yml\"" \
-             >> "${dir}/passwords.yml"
-    fi
-done
-
-# Generate the site.yml file.
-cat > "${dir}/site.yml" <<EOF
----
-
-- import_playbook: "${testbed_root_dir}/float/playbooks/all.yml"
-EOF
-for mixin in $services_mixin; do
-    if [ -e "${testbed_root_dir}/rules/playbooks/${mixin}.yml" ]; then
-        echo "- import_playbook: \"${testbed_root_dir}/rules/playbooks/${mixin}.yml\"" \
-             >> "${dir}/site.yml"
-    fi
-done
-echo "- import_playbook: \"${testbed_root_dir}/rules/playbooks/testdata.yml\"" \
-    >> "${dir}/site.yml"
-
-# Write the ai3 default configuration (for SSO customization).
-cat > "${dir}/group_vars/all/sso.yml" <<EOF
----
-
-enable_keystore: true
-sso_server_url: "https://accounts.{{ domain_public[0] }}/sso/"
-sso_server_url_path_prefix: "/sso/"
-sso_server_account_recovery_url: "/account/recovery"
-
-EOF
-
-# Write the Docker registry configuration, with its secret auth token.
-if [ -n "$docker_registry_password" ]; then
-    (umask 077 ; cat > "${dir}/group_vars/all/docker.yml" <<EOF
----
-
-docker_registry_url: "https://registry.git.autistici.org"
-docker_registry_username: "docker-registry-client"
-docker_registry_password: "${docker_registry_password}"
-
-EOF
-     )
-fi
-
-# Generate an apt proxy configuration if we have apt-cacher-ng
-# installed locally. In order to do so, we have to parse the host
-# network randomly assigned by 'float create-env'.
-net_autodetect=$(awk '$1 == "ip:" {print $2}' < "${dir}/hosts.yml" | head -1 | cut -d. -f1-3)
-if [ -e /usr/sbin/apt-cacher-ng ]; then
-    # The local host will be reachable at the IP address ${network}.1
-    apt_proxy_ip="${net_autodetect}.1"
-    echo "apt_proxy: ${apt_proxy_ip}:3142" \
-         > "${dir}/group_vars/all/apt_proxy.yml"
-    echo "Auto-configured apt proxy at ${apt_proxy_ip}:3142"
-fi
-
-# Generate an Ansible Vault password for the test environment.
-echo testpass > "${dir}/.ansible_vault_pw"
-
-# Install the test DH parameters, which is going to save a lot of time
-# during init-credentials.
-mkdir -p "${dir}/credentials/x509"
-cp "${testbed_root_dir}/float/test/dhparam.test" "${dir}/credentials/x509/dhparam"
-
-# Create a script to run tests.
-cat > ${dir}/run-tests <<EOF
-#!/bin/sh
-set -e
-${testbed_root_dir}/float/float run integration-test
-${testbed_root_dir}/float/float run ${testbed_root_dir}/rules/playbooks/ai3-test.yml
-EOF
-chmod a+x ${dir}/run-tests
-
-# Create a script to start a test browser.
-cat > ${dir}/test-browser <<EOF
-#!/bin/sh
-exec ${testbed_root_dir}/test-browser --proxy ${net_autodetect}.10:9051 "\$@"
-EOF
-chmod a+x ${dir}/test-browser
-
-# Print a friendly summary to the user.
-cat > ${dir}/README.md <<EOF
-
-Your test environment in ${dir} is now set up!
-
-Run the following commands to use it:
-
-    cd ${dir}
-    export ANSIBLE_VAULT_PASSWORD_FILE=.ansible_vault_pw
-    export ANSIBLE_HOST_KEY_CHECKING=False
-    ${testbed_root_dir}/float/float init-credentials
-    vagrant up
-    ${testbed_root_dir}/float/float run site.yml
-
-You will then be able to browse the live services on your test
-instance by running:
-
-    ${dir}/test-browser https://admin.investici.org/
-
-The default admin account is 'admin' with password 'password'.
-
-To run the test suite, ensure the python-nose package is installed,
-and run:
-
-    ${dir}/run-tests
-
-EOF
-
-cat ${dir}/README.md
-echo
-echo "You can find these instructions at ${dir}/README.md"
-
-
-exit 0
diff --git a/float b/float
deleted file mode 160000
index 90973b3ba1c3a3c870c56c850b6ca5f24a8d115b..0000000000000000000000000000000000000000
--- a/float
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 90973b3ba1c3a3c870c56c850b6ca5f24a8d115b
diff --git a/migration/export_ldap.py b/migration/export_ldap.py
deleted file mode 100755
index a72f31b1f70371084b4ede12e9cb7e79d79981e4..0000000000000000000000000000000000000000
--- a/migration/export_ldap.py
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/usr/bin/env python
-#
-# Esporta i dati LDAP in formato LDIF, effettuando al volo sia la
-# ri-assegnazione degli account ai nuovi backend (shards), che le
-# varie modifiche elencate in
-# https://git.autistici.org/ai3/testbed/issues/73
-#
-
-from __future__ import print_function
-import ai
-import random
-
-
-AVAILABLE_SHARDS = {
-    'mail': ['1', '2', '3'],
-    'list': ['1', '2', '3'],
-    'web': ['4', '5'],
-}
-
-
-def pick_shard(obj_type):
-    return random.choice(AVAILABLE_SHARDS[obj_type])
-
-
-def is_objectclass(obj, oc):
-    return oc in obj.get_list('objectClass')
-
-
-def resource_type(obj):
-    if is_objectclass(obj, 'virtualMailUser'):
-        return 'mail'
-    elif is_objectclass(obj, 'mailingList'):
-        return 'list'
-    else:
-        return 'web'
-
-
-def dump_user(user_obj):
-    # Per fare un resharding di tutte le risorse, mantenendo le
-    # invarianti (web/ftp colocati), scegliamo le shard di
-    # destinazione per ciascun possibile tipo di risorsa una volta
-    # sola per ciascun utente.
-    new_shards = dict((x, pick_shard(x)) for x in ('mail', 'web'))
-    
-    user_obj['status'] = 'inactive'
-    ocs = user_obj.get_list('objectClass')
-    if 'investiciUser' not in ocs:
-        ocs.append('investiciUser')
-        user_obj['objectClass'] = ocs
-
-    resources = []
-    for resource in user_obj.search('(objectClass=*)'):
-        # Skip self
-        if resource.dn == user_obj.dn:
-            continue
-        if resource['host']:
-            shard = new_shards[resource_type(resource)]
-            resource['host'] = shard
-            # Lasciamo originalHost immutato (con la vecchia nomenclatura dunque).
-            #resource['originalHost'] = shard
-        if is_objectclass(resource, 'virtualMailUser'):
-            # Map shards to the user object.
-            user_obj['host'] = shard
-            user_obj['originalHost'] = shard
-            # Move auth and 2FA attributes to the user object.
-            for attr in ('recoverQuestion', 'recoverAnswer', 'totpSecret', 'appSpecificPassword'):
-                if resource[attr]:
-                    user_obj[attr] = resource.get_list(attr)
-                    del resource[attr]
-        if is_objectclass(resource, 'subSite') or is_objectclass(resource, 'virtualHost'):
-            resource['uidNumber'] = user_obj['uidNumber']
-        # Any active resource causes the user status to be set to active.
-        if resource['status'] in ('active', 'readonly'):
-            user_obj['status'] = 'active'
-        resources.append(resource)
-
-    print(user_obj.ldif())
-    for r in resources:
-        print(r.ldif())
-
-
-def dump_users(username='*'):
-    root = ai.LDAPObj('ou=People,dc=investici,dc=org,o=Anarchy')
-    f = '(uid=%s)' % (username,)
-    for user in root.search(f):
-        print('# dumping %s' % user['uid'])
-        dump_user(user)
-
-
-def dump_list(obj):
-    shard = pick_shard('list')
-    obj['host'] = shard
-    print(obj.ldif())
-    
-
-def dump_lists(listname='*'):
-    root = ai.LDAPObj('dc=investici,dc=org,o=Anarchy')
-    f = '(listName=%s)' % (listname,)
-    for l in root.search(f):
-        print('# dumping list %s' % l['listName'])
-        dump_list(l)
-
-
-if __name__ == '__main__':
-    import sys
-    u = '*'
-    if len(sys.argv) > 1:
-        u = sys.argv[1]
-    dump_users(u)
-    dump_lists(u)
-
diff --git a/rules/playbooks/ai3-test.yml b/playbooks/ai3-test.yml
similarity index 100%
rename from rules/playbooks/ai3-test.yml
rename to playbooks/ai3-test.yml
diff --git a/rules/playbooks/all.yml b/playbooks/all.yml
similarity index 100%
rename from rules/playbooks/all.yml
rename to playbooks/all.yml
diff --git a/rules/playbooks/common.yml b/playbooks/common.yml
similarity index 100%
rename from rules/playbooks/common.yml
rename to playbooks/common.yml
diff --git a/rules/playbooks/mail.yml b/playbooks/mail.yml
similarity index 100%
rename from rules/playbooks/mail.yml
rename to playbooks/mail.yml
diff --git a/rules/playbooks/noblogs.yml b/playbooks/noblogs.yml
similarity index 100%
rename from rules/playbooks/noblogs.yml
rename to playbooks/noblogs.yml
diff --git a/rules/playbooks/testdata.yml b/playbooks/testdata.yml
similarity index 100%
rename from rules/playbooks/testdata.yml
rename to playbooks/testdata.yml
diff --git a/rules/playbooks/web.yml b/playbooks/web.yml
similarity index 100%
rename from rules/playbooks/web.yml
rename to playbooks/web.yml
diff --git a/rules/roles/account-automation-backend-mail/meta/main.yml b/roles/account-automation-backend-mail/meta/main.yml
similarity index 100%
rename from rules/roles/account-automation-backend-mail/meta/main.yml
rename to roles/account-automation-backend-mail/meta/main.yml
diff --git a/rules/roles/account-automation-backend-mailman/meta/main.yml b/roles/account-automation-backend-mailman/meta/main.yml
similarity index 100%
rename from rules/roles/account-automation-backend-mailman/meta/main.yml
rename to roles/account-automation-backend-mailman/meta/main.yml
diff --git a/rules/roles/account-automation-backend-web/meta/main.yml b/roles/account-automation-backend-web/meta/main.yml
similarity index 100%
rename from rules/roles/account-automation-backend-web/meta/main.yml
rename to roles/account-automation-backend-web/meta/main.yml
diff --git a/rules/roles/account-automation-backend/meta/main.yml b/roles/account-automation-backend/meta/main.yml
similarity index 100%
rename from rules/roles/account-automation-backend/meta/main.yml
rename to roles/account-automation-backend/meta/main.yml
diff --git a/rules/roles/account-automation-backend/tasks/main.yml b/roles/account-automation-backend/tasks/main.yml
similarity index 100%
rename from rules/roles/account-automation-backend/tasks/main.yml
rename to roles/account-automation-backend/tasks/main.yml
diff --git a/rules/roles/account-automation-common/defaults/main.yml b/roles/account-automation-common/defaults/main.yml
similarity index 100%
rename from rules/roles/account-automation-common/defaults/main.yml
rename to roles/account-automation-common/defaults/main.yml
diff --git a/rules/roles/account-automation-common/files/cron.common b/roles/account-automation-common/files/cron.common
similarity index 100%
rename from rules/roles/account-automation-common/files/cron.common
rename to roles/account-automation-common/files/cron.common
diff --git a/rules/roles/account-automation-common/tasks/main.yml b/roles/account-automation-common/tasks/main.yml
similarity index 100%
rename from rules/roles/account-automation-common/tasks/main.yml
rename to roles/account-automation-common/tasks/main.yml
diff --git a/rules/roles/account-automation-cron/meta/main.yml b/roles/account-automation-cron/meta/main.yml
similarity index 100%
rename from rules/roles/account-automation-cron/meta/main.yml
rename to roles/account-automation-cron/meta/main.yml
diff --git a/rules/roles/account-automation-cron/tasks/main.yml b/roles/account-automation-cron/tasks/main.yml
similarity index 100%
rename from rules/roles/account-automation-cron/tasks/main.yml
rename to roles/account-automation-cron/tasks/main.yml
diff --git a/rules/roles/account-automation-cron/tasks/timer-script.yml b/roles/account-automation-cron/tasks/timer-script.yml
similarity index 100%
rename from rules/roles/account-automation-cron/tasks/timer-script.yml
rename to roles/account-automation-cron/tasks/timer-script.yml
diff --git a/rules/roles/account-automation-cron/templates/script.timer.j2 b/roles/account-automation-cron/templates/script.timer.j2
similarity index 100%
rename from rules/roles/account-automation-cron/templates/script.timer.j2
rename to roles/account-automation-cron/templates/script.timer.j2
diff --git a/rules/roles/account-automation-frontend-mail/meta/main.yml b/roles/account-automation-frontend-mail/meta/main.yml
similarity index 100%
rename from rules/roles/account-automation-frontend-mail/meta/main.yml
rename to roles/account-automation-frontend-mail/meta/main.yml
diff --git a/rules/roles/account-automation-frontend-mailman/meta/main.yml b/roles/account-automation-frontend-mailman/meta/main.yml
similarity index 100%
rename from rules/roles/account-automation-frontend-mailman/meta/main.yml
rename to roles/account-automation-frontend-mailman/meta/main.yml
diff --git a/rules/roles/account-automation-frontend-web/meta/main.yml b/roles/account-automation-frontend-web/meta/main.yml
similarity index 100%
rename from rules/roles/account-automation-frontend-web/meta/main.yml
rename to roles/account-automation-frontend-web/meta/main.yml
diff --git a/rules/roles/account-automation-frontend/defaults/main.yml b/roles/account-automation-frontend/defaults/main.yml
similarity index 100%
rename from rules/roles/account-automation-frontend/defaults/main.yml
rename to roles/account-automation-frontend/defaults/main.yml
diff --git a/rules/roles/account-automation-frontend/files/nginx-snippet-proxy.conf b/roles/account-automation-frontend/files/nginx-snippet-proxy.conf
similarity index 100%
rename from rules/roles/account-automation-frontend/files/nginx-snippet-proxy.conf
rename to roles/account-automation-frontend/files/nginx-snippet-proxy.conf
diff --git a/rules/roles/account-automation-frontend/meta/main.yml b/roles/account-automation-frontend/meta/main.yml
similarity index 100%
rename from rules/roles/account-automation-frontend/meta/main.yml
rename to roles/account-automation-frontend/meta/main.yml
diff --git a/rules/roles/account-automation-frontend/tasks/main.yml b/roles/account-automation-frontend/tasks/main.yml
similarity index 100%
rename from rules/roles/account-automation-frontend/tasks/main.yml
rename to roles/account-automation-frontend/tasks/main.yml
diff --git a/rules/roles/account-automation-frontend/templates/dns-base.yml.j2 b/roles/account-automation-frontend/templates/dns-base.yml.j2
similarity index 100%
rename from rules/roles/account-automation-frontend/templates/dns-base.yml.j2
rename to roles/account-automation-frontend/templates/dns-base.yml.j2
diff --git a/rules/roles/accountadmin/handlers/main.yml b/roles/accountadmin/handlers/main.yml
similarity index 100%
rename from rules/roles/accountadmin/handlers/main.yml
rename to roles/accountadmin/handlers/main.yml
diff --git a/rules/roles/accountadmin/tasks/main.yml b/roles/accountadmin/tasks/main.yml
similarity index 100%
rename from rules/roles/accountadmin/tasks/main.yml
rename to roles/accountadmin/tasks/main.yml
diff --git a/rules/roles/accountadmin/templates/accountadmin.conf.j2 b/roles/accountadmin/templates/accountadmin.conf.j2
similarity index 100%
rename from rules/roles/accountadmin/templates/accountadmin.conf.j2
rename to roles/accountadmin/templates/accountadmin.conf.j2
diff --git a/rules/roles/accountadmin/templates/tls_auth.conf.j2 b/roles/accountadmin/templates/tls_auth.conf.j2
similarity index 100%
rename from rules/roles/accountadmin/templates/tls_auth.conf.j2
rename to roles/accountadmin/templates/tls_auth.conf.j2
diff --git a/rules/roles/accounts/handlers/main.yml b/roles/accounts/handlers/main.yml
similarity index 100%
rename from rules/roles/accounts/handlers/main.yml
rename to roles/accounts/handlers/main.yml
diff --git a/rules/roles/accounts/tasks/main.yml b/roles/accounts/tasks/main.yml
similarity index 100%
rename from rules/roles/accounts/tasks/main.yml
rename to roles/accounts/tasks/main.yml
diff --git a/rules/roles/accounts/templates/pannello.conf.j2 b/roles/accounts/templates/pannello.conf.j2
similarity index 100%
rename from rules/roles/accounts/templates/pannello.conf.j2
rename to roles/accounts/templates/pannello.conf.j2
diff --git a/rules/roles/accounts/templates/tls_auth.conf.j2 b/roles/accounts/templates/tls_auth.conf.j2
similarity index 100%
rename from rules/roles/accounts/templates/tls_auth.conf.j2
rename to roles/accounts/templates/tls_auth.conf.j2
diff --git a/rules/roles/accountserver/files/forbidden_passwords b/roles/accountserver/files/forbidden_passwords
similarity index 100%
rename from rules/roles/accountserver/files/forbidden_passwords
rename to roles/accountserver/files/forbidden_passwords
diff --git a/rules/roles/accountserver/files/forbidden_usernames b/roles/accountserver/files/forbidden_usernames
similarity index 100%
rename from rules/roles/accountserver/files/forbidden_usernames
rename to roles/accountserver/files/forbidden_usernames
diff --git a/rules/roles/accountserver/handlers/main.yml b/roles/accountserver/handlers/main.yml
similarity index 100%
rename from rules/roles/accountserver/handlers/main.yml
rename to roles/accountserver/handlers/main.yml
diff --git a/rules/roles/accountserver/tasks/main.yml b/roles/accountserver/tasks/main.yml
similarity index 100%
rename from rules/roles/accountserver/tasks/main.yml
rename to roles/accountserver/tasks/main.yml
diff --git a/rules/roles/accountserver/templates/config.yml.j2 b/roles/accountserver/templates/config.yml.j2
similarity index 100%
rename from rules/roles/accountserver/templates/config.yml.j2
rename to roles/accountserver/templates/config.yml.j2
diff --git a/rules/roles/ai3-base/tasks/main.yml b/roles/ai3-base/tasks/main.yml
similarity index 100%
rename from rules/roles/ai3-base/tasks/main.yml
rename to roles/ai3-base/tasks/main.yml
diff --git a/rules/roles/ai3-prometheus/files/rules/rules_phpfpm.conf.yml b/roles/ai3-prometheus/files/rules/rules_phpfpm.conf.yml
similarity index 100%
rename from rules/roles/ai3-prometheus/files/rules/rules_phpfpm.conf.yml
rename to roles/ai3-prometheus/files/rules/rules_phpfpm.conf.yml
diff --git a/rules/roles/ai3-prometheus/handlers/main.yml b/roles/ai3-prometheus/handlers/main.yml
similarity index 100%
rename from rules/roles/ai3-prometheus/handlers/main.yml
rename to roles/ai3-prometheus/handlers/main.yml
diff --git a/rules/roles/ai3-prometheus/tasks/main.yml b/roles/ai3-prometheus/tasks/main.yml
similarity index 100%
rename from rules/roles/ai3-prometheus/tasks/main.yml
rename to roles/ai3-prometheus/tasks/main.yml
diff --git a/rules/roles/auth-server-ldap/README.md b/roles/auth-server-ldap/README.md
similarity index 100%
rename from rules/roles/auth-server-ldap/README.md
rename to roles/auth-server-ldap/README.md
diff --git a/rules/roles/auth-server-ldap/handlers/main.yml b/roles/auth-server-ldap/handlers/main.yml
similarity index 100%
rename from rules/roles/auth-server-ldap/handlers/main.yml
rename to roles/auth-server-ldap/handlers/main.yml
diff --git a/rules/roles/auth-server-ldap/meta/main.yml b/roles/auth-server-ldap/meta/main.yml
similarity index 100%
rename from rules/roles/auth-server-ldap/meta/main.yml
rename to roles/auth-server-ldap/meta/main.yml
diff --git a/rules/roles/auth-server-ldap/tasks/main.yml b/roles/auth-server-ldap/tasks/main.yml
similarity index 100%
rename from rules/roles/auth-server-ldap/tasks/main.yml
rename to roles/auth-server-ldap/tasks/main.yml
diff --git a/rules/roles/auth-server-ldap/templates/ldap.yml.j2 b/roles/auth-server-ldap/templates/ldap.yml.j2
similarity index 100%
rename from rules/roles/auth-server-ldap/templates/ldap.yml.j2
rename to roles/auth-server-ldap/templates/ldap.yml.j2
diff --git a/rules/roles/auth-server-ldap/templates/sso.yml.j2 b/roles/auth-server-ldap/templates/sso.yml.j2
similarity index 100%
rename from rules/roles/auth-server-ldap/templates/sso.yml.j2
rename to roles/auth-server-ldap/templates/sso.yml.j2
diff --git a/rules/roles/ldap/README.md b/roles/ldap/README.md
similarity index 100%
rename from rules/roles/ldap/README.md
rename to roles/ldap/README.md
diff --git a/rules/roles/ldap/defaults/main.yml b/roles/ldap/defaults/main.yml
similarity index 100%
rename from rules/roles/ldap/defaults/main.yml
rename to roles/ldap/defaults/main.yml
diff --git a/rules/roles/ldap/files/config/ldap.conf b/roles/ldap/files/config/ldap.conf
similarity index 100%
rename from rules/roles/ldap/files/config/ldap.conf
rename to roles/ldap/files/config/ldap.conf
diff --git a/rules/roles/ldap/files/config/schema/investici.schema b/roles/ldap/files/config/schema/investici.schema
similarity index 100%
rename from rules/roles/ldap/files/config/schema/investici.schema
rename to roles/ldap/files/config/schema/investici.schema
diff --git a/rules/roles/ldap/files/config/schema/qmail-essential.schema b/roles/ldap/files/config/schema/qmail-essential.schema
similarity index 100%
rename from rules/roles/ldap/files/config/schema/qmail-essential.schema
rename to roles/ldap/files/config/schema/qmail-essential.schema
diff --git a/rules/roles/ldap/files/config/slapd.conf.acl b/roles/ldap/files/config/slapd.conf.acl
similarity index 100%
rename from rules/roles/ldap/files/config/slapd.conf.acl
rename to roles/ldap/files/config/slapd.conf.acl
diff --git a/rules/roles/ldap/files/config/slapd.conf.index b/roles/ldap/files/config/slapd.conf.index
similarity index 100%
rename from rules/roles/ldap/files/config/slapd.conf.index
rename to roles/ldap/files/config/slapd.conf.index
diff --git a/rules/roles/ldap/handlers/main.yml b/roles/ldap/handlers/main.yml
similarity index 100%
rename from rules/roles/ldap/handlers/main.yml
rename to roles/ldap/handlers/main.yml
diff --git a/rules/roles/ldap/tasks/bootstrap.yml b/roles/ldap/tasks/bootstrap.yml
similarity index 100%
rename from rules/roles/ldap/tasks/bootstrap.yml
rename to roles/ldap/tasks/bootstrap.yml
diff --git a/rules/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
similarity index 100%
rename from rules/roles/ldap/tasks/main.yml
rename to roles/ldap/tasks/main.yml
diff --git a/rules/roles/ldap/templates/bootstrap/00base.ldif.j2 b/roles/ldap/templates/bootstrap/00base.ldif.j2
similarity index 100%
rename from rules/roles/ldap/templates/bootstrap/00base.ldif.j2
rename to roles/ldap/templates/bootstrap/00base.ldif.j2
diff --git a/rules/roles/ldap/templates/bootstrap/01operators.ldif.j2 b/roles/ldap/templates/bootstrap/01operators.ldif.j2
similarity index 100%
rename from rules/roles/ldap/templates/bootstrap/01operators.ldif.j2
rename to roles/ldap/templates/bootstrap/01operators.ldif.j2
diff --git a/rules/roles/ldap/templates/bootstrap/03domains.ldif.j2 b/roles/ldap/templates/bootstrap/03domains.ldif.j2
similarity index 100%
rename from rules/roles/ldap/templates/bootstrap/03domains.ldif.j2
rename to roles/ldap/templates/bootstrap/03domains.ldif.j2
diff --git a/rules/roles/ldap/templates/slapd-prometheus-exporter.default.j2 b/roles/ldap/templates/slapd-prometheus-exporter.default.j2
similarity index 100%
rename from rules/roles/ldap/templates/slapd-prometheus-exporter.default.j2
rename to roles/ldap/templates/slapd-prometheus-exporter.default.j2
diff --git a/rules/roles/ldap/templates/slapd.conf.j2 b/roles/ldap/templates/slapd.conf.j2
similarity index 100%
rename from rules/roles/ldap/templates/slapd.conf.j2
rename to roles/ldap/templates/slapd.conf.j2
diff --git a/rules/roles/ldap/templates/slapd.service.j2 b/roles/ldap/templates/slapd.service.j2
similarity index 100%
rename from rules/roles/ldap/templates/slapd.service.j2
rename to roles/ldap/templates/slapd.service.j2
diff --git a/rules/roles/mail-certs/handlers/main.yml b/roles/mail-certs/handlers/main.yml
similarity index 100%
rename from rules/roles/mail-certs/handlers/main.yml
rename to roles/mail-certs/handlers/main.yml
diff --git a/rules/roles/mail-certs/tasks/main.yml b/roles/mail-certs/tasks/main.yml
similarity index 100%
rename from rules/roles/mail-certs/tasks/main.yml
rename to roles/mail-certs/tasks/main.yml
diff --git a/rules/roles/mail-certs/templates/mail-acme.yml.j2 b/roles/mail-certs/templates/mail-acme.yml.j2
similarity index 100%
rename from rules/roles/mail-certs/templates/mail-acme.yml.j2
rename to roles/mail-certs/templates/mail-acme.yml.j2
diff --git a/rules/roles/mail/README.md b/roles/mail/README.md
similarity index 100%
rename from rules/roles/mail/README.md
rename to roles/mail/README.md
diff --git a/rules/roles/mail/defaults/main.yml b/roles/mail/defaults/main.yml
similarity index 100%
rename from rules/roles/mail/defaults/main.yml
rename to roles/mail/defaults/main.yml
diff --git a/rules/roles/mail/files/default.sieve b/roles/mail/files/default.sieve
similarity index 100%
rename from rules/roles/mail/files/default.sieve
rename to roles/mail/files/default.sieve
diff --git a/rules/roles/mail/files/mail-frontend.firewall b/roles/mail/files/mail-frontend.firewall
similarity index 100%
rename from rules/roles/mail/files/mail-frontend.firewall
rename to roles/mail/files/mail-frontend.firewall
diff --git a/rules/roles/mail/files/policyd-rate-limit.cron b/roles/mail/files/policyd-rate-limit.cron
similarity index 100%
rename from rules/roles/mail/files/policyd-rate-limit.cron
rename to roles/mail/files/policyd-rate-limit.cron
diff --git a/rules/roles/mail/files/postmap-create-if-missing b/roles/mail/files/postmap-create-if-missing
similarity index 100%
rename from rules/roles/mail/files/postmap-create-if-missing
rename to roles/mail/files/postmap-create-if-missing
diff --git a/rules/roles/mail/files/spamass-milter.default b/roles/mail/files/spamass-milter.default
similarity index 100%
rename from rules/roles/mail/files/spamass-milter.default
rename to roles/mail/files/spamass-milter.default
diff --git a/rules/roles/mail/files/spamassassin-openphish.cron b/roles/mail/files/spamassassin-openphish.cron
similarity index 100%
rename from rules/roles/mail/files/spamassassin-openphish.cron
rename to roles/mail/files/spamassassin-openphish.cron
diff --git a/rules/roles/mail/files/spamassassin.default b/roles/mail/files/spamassassin.default
similarity index 100%
rename from rules/roles/mail/files/spamassassin.default
rename to roles/mail/files/spamassassin.default
diff --git a/rules/roles/mail/handlers/main.yml b/roles/mail/handlers/main.yml
similarity index 100%
rename from rules/roles/mail/handlers/main.yml
rename to roles/mail/handlers/main.yml
diff --git a/rules/roles/mail/meta/main.yml b/roles/mail/meta/main.yml
similarity index 100%
rename from rules/roles/mail/meta/main.yml
rename to roles/mail/meta/main.yml
diff --git a/rules/roles/mail/tasks/backend.yml b/roles/mail/tasks/backend.yml
similarity index 100%
rename from rules/roles/mail/tasks/backend.yml
rename to roles/mail/tasks/backend.yml
diff --git a/rules/roles/mail/tasks/dovecot.yml b/roles/mail/tasks/dovecot.yml
similarity index 100%
rename from rules/roles/mail/tasks/dovecot.yml
rename to roles/mail/tasks/dovecot.yml
diff --git a/rules/roles/mail/tasks/frontend.yml b/roles/mail/tasks/frontend.yml
similarity index 100%
rename from rules/roles/mail/tasks/frontend.yml
rename to roles/mail/tasks/frontend.yml
diff --git a/rules/roles/mail/tasks/keystore.yml b/roles/mail/tasks/keystore.yml
similarity index 100%
rename from rules/roles/mail/tasks/keystore.yml
rename to roles/mail/tasks/keystore.yml
diff --git a/rules/roles/mail/tasks/main.yml b/roles/mail/tasks/main.yml
similarity index 100%
rename from rules/roles/mail/tasks/main.yml
rename to roles/mail/tasks/main.yml
diff --git a/rules/roles/mail/tasks/postfix_instance.yml b/roles/mail/tasks/postfix_instance.yml
similarity index 100%
rename from rules/roles/mail/tasks/postfix_instance.yml
rename to roles/mail/tasks/postfix_instance.yml
diff --git a/rules/roles/mail/templates/auth-server.yml.j2 b/roles/mail/templates/auth-server.yml.j2
similarity index 100%
rename from rules/roles/mail/templates/auth-server.yml.j2
rename to roles/mail/templates/auth-server.yml.j2
diff --git a/rules/roles/mail/templates/dovecot-backend/conf.d/10-mail.conf b/roles/mail/templates/dovecot-backend/conf.d/10-mail.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot-backend/conf.d/10-mail.conf
rename to roles/mail/templates/dovecot-backend/conf.d/10-mail.conf
diff --git a/rules/roles/mail/templates/dovecot-backend/conf.d/10-master.conf b/roles/mail/templates/dovecot-backend/conf.d/10-master.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot-backend/conf.d/10-master.conf
rename to roles/mail/templates/dovecot-backend/conf.d/10-master.conf
diff --git a/rules/roles/mail/templates/dovecot-backend/conf.d/20-managesieve.conf b/roles/mail/templates/dovecot-backend/conf.d/20-managesieve.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot-backend/conf.d/20-managesieve.conf
rename to roles/mail/templates/dovecot-backend/conf.d/20-managesieve.conf
diff --git a/rules/roles/mail/templates/dovecot-backend/conf.d/auth-ai3.conf.ext b/roles/mail/templates/dovecot-backend/conf.d/auth-ai3.conf.ext
similarity index 100%
rename from rules/roles/mail/templates/dovecot-backend/conf.d/auth-ai3.conf.ext
rename to roles/mail/templates/dovecot-backend/conf.d/auth-ai3.conf.ext
diff --git a/rules/roles/mail/templates/dovecot-backend/dovecot-dict.conf.ext b/roles/mail/templates/dovecot-backend/dovecot-dict.conf.ext
similarity index 100%
rename from rules/roles/mail/templates/dovecot-backend/dovecot-dict.conf.ext
rename to roles/mail/templates/dovecot-backend/dovecot-dict.conf.ext
diff --git a/rules/roles/mail/templates/dovecot-backend/dovecot-ldap.conf.ext b/roles/mail/templates/dovecot-backend/dovecot-ldap.conf.ext
similarity index 100%
rename from rules/roles/mail/templates/dovecot-backend/dovecot-ldap.conf.ext
rename to roles/mail/templates/dovecot-backend/dovecot-ldap.conf.ext
diff --git a/rules/roles/mail/templates/dovecot-backend/local.conf b/roles/mail/templates/dovecot-backend/local.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot-backend/local.conf
rename to roles/mail/templates/dovecot-backend/local.conf
diff --git a/rules/roles/mail/templates/dovecot-frontend/conf.d/10-mail.conf b/roles/mail/templates/dovecot-frontend/conf.d/10-mail.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot-frontend/conf.d/10-mail.conf
rename to roles/mail/templates/dovecot-frontend/conf.d/10-mail.conf
diff --git a/rules/roles/mail/templates/dovecot-frontend/conf.d/10-master.conf b/roles/mail/templates/dovecot-frontend/conf.d/10-master.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot-frontend/conf.d/10-master.conf
rename to roles/mail/templates/dovecot-frontend/conf.d/10-master.conf
diff --git a/rules/roles/mail/templates/dovecot-frontend/conf.d/10-ssl.conf b/roles/mail/templates/dovecot-frontend/conf.d/10-ssl.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot-frontend/conf.d/10-ssl.conf
rename to roles/mail/templates/dovecot-frontend/conf.d/10-ssl.conf
diff --git a/rules/roles/mail/templates/dovecot-frontend/conf.d/auth-ai3.conf.ext b/roles/mail/templates/dovecot-frontend/conf.d/auth-ai3.conf.ext
similarity index 100%
rename from rules/roles/mail/templates/dovecot-frontend/conf.d/auth-ai3.conf.ext
rename to roles/mail/templates/dovecot-frontend/conf.d/auth-ai3.conf.ext
diff --git a/rules/roles/mail/templates/dovecot-frontend/dovecot-ldap.conf.ext b/roles/mail/templates/dovecot-frontend/dovecot-ldap.conf.ext
similarity index 100%
rename from rules/roles/mail/templates/dovecot-frontend/dovecot-ldap.conf.ext
rename to roles/mail/templates/dovecot-frontend/dovecot-ldap.conf.ext
diff --git a/rules/roles/mail/templates/dovecot-keylookupd.yml.j2 b/roles/mail/templates/dovecot-keylookupd.yml.j2
similarity index 100%
rename from rules/roles/mail/templates/dovecot-keylookupd.yml.j2
rename to roles/mail/templates/dovecot-keylookupd.yml.j2
diff --git a/rules/roles/mail/templates/dovecot.pam b/roles/mail/templates/dovecot.pam
similarity index 100%
rename from rules/roles/mail/templates/dovecot.pam
rename to roles/mail/templates/dovecot.pam
diff --git a/rules/roles/mail/templates/dovecot/conf.d/10-auth.conf b/roles/mail/templates/dovecot/conf.d/10-auth.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot/conf.d/10-auth.conf
rename to roles/mail/templates/dovecot/conf.d/10-auth.conf
diff --git a/rules/roles/mail/templates/dovecot/conf.d/10-director.conf b/roles/mail/templates/dovecot/conf.d/10-director.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot/conf.d/10-director.conf
rename to roles/mail/templates/dovecot/conf.d/10-director.conf
diff --git a/rules/roles/mail/templates/dovecot/conf.d/10-ssl.conf b/roles/mail/templates/dovecot/conf.d/10-ssl.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot/conf.d/10-ssl.conf
rename to roles/mail/templates/dovecot/conf.d/10-ssl.conf
diff --git a/rules/roles/mail/templates/dovecot/conf.d/15-lda.conf b/roles/mail/templates/dovecot/conf.d/15-lda.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot/conf.d/15-lda.conf
rename to roles/mail/templates/dovecot/conf.d/15-lda.conf
diff --git a/rules/roles/mail/templates/dovecot/conf.d/15-mailboxes.conf b/roles/mail/templates/dovecot/conf.d/15-mailboxes.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot/conf.d/15-mailboxes.conf
rename to roles/mail/templates/dovecot/conf.d/15-mailboxes.conf
diff --git a/rules/roles/mail/templates/dovecot/conf.d/20-imap.conf b/roles/mail/templates/dovecot/conf.d/20-imap.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot/conf.d/20-imap.conf
rename to roles/mail/templates/dovecot/conf.d/20-imap.conf
diff --git a/rules/roles/mail/templates/dovecot/conf.d/20-lmtp.conf b/roles/mail/templates/dovecot/conf.d/20-lmtp.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot/conf.d/20-lmtp.conf
rename to roles/mail/templates/dovecot/conf.d/20-lmtp.conf
diff --git a/rules/roles/mail/templates/dovecot/conf.d/20-pop3.conf b/roles/mail/templates/dovecot/conf.d/20-pop3.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot/conf.d/20-pop3.conf
rename to roles/mail/templates/dovecot/conf.d/20-pop3.conf
diff --git a/rules/roles/mail/templates/dovecot/conf.d/90-plugin.conf b/roles/mail/templates/dovecot/conf.d/90-plugin.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot/conf.d/90-plugin.conf
rename to roles/mail/templates/dovecot/conf.d/90-plugin.conf
diff --git a/rules/roles/mail/templates/dovecot/conf.d/90-quota.conf b/roles/mail/templates/dovecot/conf.d/90-quota.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot/conf.d/90-quota.conf
rename to roles/mail/templates/dovecot/conf.d/90-quota.conf
diff --git a/rules/roles/mail/templates/dovecot/conf.d/90-sieve.conf b/roles/mail/templates/dovecot/conf.d/90-sieve.conf
similarity index 100%
rename from rules/roles/mail/templates/dovecot/conf.d/90-sieve.conf
rename to roles/mail/templates/dovecot/conf.d/90-sieve.conf
diff --git a/rules/roles/mail/templates/keystore.yml.j2 b/roles/mail/templates/keystore.yml.j2
similarity index 100%
rename from rules/roles/mail/templates/keystore.yml.j2
rename to roles/mail/templates/keystore.yml.j2
diff --git a/rules/roles/mail/templates/ldap.base.j2 b/roles/mail/templates/ldap.base.j2
similarity index 100%
rename from rules/roles/mail/templates/ldap.base.j2
rename to roles/mail/templates/ldap.base.j2
diff --git a/rules/roles/mail/templates/main.cf.base.j2 b/roles/mail/templates/main.cf.base.j2
similarity index 100%
rename from rules/roles/mail/templates/main.cf.base.j2
rename to roles/mail/templates/main.cf.base.j2
diff --git a/rules/roles/mail/templates/policyd-rate-limit.yaml.j2 b/roles/mail/templates/policyd-rate-limit.yaml.j2
similarity index 100%
rename from rules/roles/mail/templates/policyd-rate-limit.yaml.j2
rename to roles/mail/templates/policyd-rate-limit.yaml.j2
diff --git a/rules/roles/mail/templates/postfix-delivery/domains b/roles/mail/templates/postfix-delivery/domains
similarity index 100%
rename from rules/roles/mail/templates/postfix-delivery/domains
rename to roles/mail/templates/postfix-delivery/domains
diff --git a/rules/roles/mail/templates/postfix-delivery/main.cf b/roles/mail/templates/postfix-delivery/main.cf
similarity index 100%
rename from rules/roles/mail/templates/postfix-delivery/main.cf
rename to roles/mail/templates/postfix-delivery/main.cf
diff --git a/rules/roles/mail/templates/postfix-in/access-recipient b/roles/mail/templates/postfix-in/access-recipient
similarity index 100%
rename from rules/roles/mail/templates/postfix-in/access-recipient
rename to roles/mail/templates/postfix-in/access-recipient
diff --git a/rules/roles/mail/templates/postfix-in/access-sender b/roles/mail/templates/postfix-in/access-sender
similarity index 100%
rename from rules/roles/mail/templates/postfix-in/access-sender
rename to roles/mail/templates/postfix-in/access-sender
diff --git a/rules/roles/mail/templates/postfix-in/body-checks b/roles/mail/templates/postfix-in/body-checks
similarity index 100%
rename from rules/roles/mail/templates/postfix-in/body-checks
rename to roles/mail/templates/postfix-in/body-checks
diff --git a/rules/roles/mail/templates/postfix-in/dnsbl-reply-map b/roles/mail/templates/postfix-in/dnsbl-reply-map
similarity index 100%
rename from rules/roles/mail/templates/postfix-in/dnsbl-reply-map
rename to roles/mail/templates/postfix-in/dnsbl-reply-map
diff --git a/rules/roles/mail/templates/postfix-in/domains b/roles/mail/templates/postfix-in/domains
similarity index 100%
rename from rules/roles/mail/templates/postfix-in/domains
rename to roles/mail/templates/postfix-in/domains
diff --git a/rules/roles/mail/templates/postfix-in/header-checks b/roles/mail/templates/postfix-in/header-checks
similarity index 100%
rename from rules/roles/mail/templates/postfix-in/header-checks
rename to roles/mail/templates/postfix-in/header-checks
diff --git a/rules/roles/mail/templates/postfix-in/main.cf b/roles/mail/templates/postfix-in/main.cf
similarity index 100%
rename from rules/roles/mail/templates/postfix-in/main.cf
rename to roles/mail/templates/postfix-in/main.cf
diff --git a/rules/roles/mail/templates/postfix-in/master.cf b/roles/mail/templates/postfix-in/master.cf
similarity index 100%
rename from rules/roles/mail/templates/postfix-in/master.cf
rename to roles/mail/templates/postfix-in/master.cf
diff --git a/rules/roles/mail/templates/postfix-in/mime-header-checks b/roles/mail/templates/postfix-in/mime-header-checks
similarity index 100%
rename from rules/roles/mail/templates/postfix-in/mime-header-checks
rename to roles/mail/templates/postfix-in/mime-header-checks
diff --git a/rules/roles/mail/templates/postfix-in/postscreen-access.cidr b/roles/mail/templates/postfix-in/postscreen-access.cidr
similarity index 100%
rename from rules/roles/mail/templates/postfix-in/postscreen-access.cidr
rename to roles/mail/templates/postfix-in/postscreen-access.cidr
diff --git a/rules/roles/mail/templates/postfix-in/virtual b/roles/mail/templates/postfix-in/virtual
similarity index 100%
rename from rules/roles/mail/templates/postfix-in/virtual
rename to roles/mail/templates/postfix-in/virtual
diff --git a/rules/roles/mail/templates/postfix-out/domains b/roles/mail/templates/postfix-out/domains
similarity index 100%
rename from rules/roles/mail/templates/postfix-out/domains
rename to roles/mail/templates/postfix-out/domains
diff --git a/rules/roles/mail/templates/postfix-out/main.cf b/roles/mail/templates/postfix-out/main.cf
similarity index 100%
rename from rules/roles/mail/templates/postfix-out/main.cf
rename to roles/mail/templates/postfix-out/main.cf
diff --git a/rules/roles/mail/templates/postfix-out/master.cf b/roles/mail/templates/postfix-out/master.cf
similarity index 100%
rename from rules/roles/mail/templates/postfix-out/master.cf
rename to roles/mail/templates/postfix-out/master.cf
diff --git a/rules/roles/mail/templates/postfix-out/tls_policy b/roles/mail/templates/postfix-out/tls_policy
similarity index 100%
rename from rules/roles/mail/templates/postfix-out/tls_policy
rename to roles/mail/templates/postfix-out/tls_policy
diff --git a/rules/roles/mail/templates/postfix-smtp-auth/access-sender b/roles/mail/templates/postfix-smtp-auth/access-sender
similarity index 100%
rename from rules/roles/mail/templates/postfix-smtp-auth/access-sender
rename to roles/mail/templates/postfix-smtp-auth/access-sender
diff --git a/rules/roles/mail/templates/postfix-smtp-auth/header-checks b/roles/mail/templates/postfix-smtp-auth/header-checks
similarity index 100%
rename from rules/roles/mail/templates/postfix-smtp-auth/header-checks
rename to roles/mail/templates/postfix-smtp-auth/header-checks
diff --git a/rules/roles/mail/templates/postfix-smtp-auth/main.cf b/roles/mail/templates/postfix-smtp-auth/main.cf
similarity index 100%
rename from rules/roles/mail/templates/postfix-smtp-auth/main.cf
rename to roles/mail/templates/postfix-smtp-auth/main.cf
diff --git a/rules/roles/mail/templates/postfix-smtp-auth/master.cf b/roles/mail/templates/postfix-smtp-auth/master.cf
similarity index 100%
rename from rules/roles/mail/templates/postfix-smtp-auth/master.cf
rename to roles/mail/templates/postfix-smtp-auth/master.cf
diff --git a/rules/roles/mail/templates/postfix-smtp-auth/sender-login b/roles/mail/templates/postfix-smtp-auth/sender-login
similarity index 100%
rename from rules/roles/mail/templates/postfix-smtp-auth/sender-login
rename to roles/mail/templates/postfix-smtp-auth/sender-login
diff --git a/rules/roles/mail/templates/postfix/domains b/roles/mail/templates/postfix/domains
similarity index 100%
rename from rules/roles/mail/templates/postfix/domains
rename to roles/mail/templates/postfix/domains
diff --git a/rules/roles/mail/templates/postfix/generic b/roles/mail/templates/postfix/generic
similarity index 100%
rename from rules/roles/mail/templates/postfix/generic
rename to roles/mail/templates/postfix/generic
diff --git a/rules/roles/mail/templates/postfix/ldap/aliases b/roles/mail/templates/postfix/ldap/aliases
similarity index 100%
rename from rules/roles/mail/templates/postfix/ldap/aliases
rename to roles/mail/templates/postfix/ldap/aliases
diff --git a/rules/roles/mail/templates/postfix/ldap/local-recipients b/roles/mail/templates/postfix/ldap/local-recipients
similarity index 100%
rename from rules/roles/mail/templates/postfix/ldap/local-recipients
rename to roles/mail/templates/postfix/ldap/local-recipients
diff --git a/rules/roles/mail/templates/postfix/ldap/recipients b/roles/mail/templates/postfix/ldap/recipients
similarity index 100%
rename from rules/roles/mail/templates/postfix/ldap/recipients
rename to roles/mail/templates/postfix/ldap/recipients
diff --git a/rules/roles/mail/templates/postfix/ldap/sender-login b/roles/mail/templates/postfix/ldap/sender-login
similarity index 100%
rename from rules/roles/mail/templates/postfix/ldap/sender-login
rename to roles/mail/templates/postfix/ldap/sender-login
diff --git a/rules/roles/mail/templates/postfix/main.cf b/roles/mail/templates/postfix/main.cf
similarity index 100%
rename from rules/roles/mail/templates/postfix/main.cf
rename to roles/mail/templates/postfix/main.cf
diff --git a/rules/roles/mail/templates/postfix/master.cf b/roles/mail/templates/postfix/master.cf
similarity index 100%
rename from rules/roles/mail/templates/postfix/master.cf
rename to roles/mail/templates/postfix/master.cf
diff --git a/rules/roles/mail/templates/postfix/virtual b/roles/mail/templates/postfix/virtual
similarity index 100%
rename from rules/roles/mail/templates/postfix/virtual
rename to roles/mail/templates/postfix/virtual
diff --git a/rules/roles/mail/templates/roundcube/config.inc.php b/roles/mail/templates/roundcube/config.inc.php
similarity index 100%
rename from rules/roles/mail/templates/roundcube/config.inc.php
rename to roles/mail/templates/roundcube/config.inc.php
diff --git a/rules/roles/mail/templates/roundcube/managesieve.config.inc.php b/roles/mail/templates/roundcube/managesieve.config.inc.php
similarity index 100%
rename from rules/roles/mail/templates/roundcube/managesieve.config.inc.php
rename to roles/mail/templates/roundcube/managesieve.config.inc.php
diff --git a/rules/roles/mail/templates/roundcube/my.cnf b/roles/mail/templates/roundcube/my.cnf
similarity index 100%
rename from rules/roles/mail/templates/roundcube/my.cnf
rename to roles/mail/templates/roundcube/my.cnf
diff --git a/rules/roles/mail/templates/roundcube/sauserprefs.config.inc.php b/roles/mail/templates/roundcube/sauserprefs.config.inc.php
similarity index 100%
rename from rules/roles/mail/templates/roundcube/sauserprefs.config.inc.php
rename to roles/mail/templates/roundcube/sauserprefs.config.inc.php
diff --git a/rules/roles/mail/templates/roundcube/sso.config.inc.php b/roles/mail/templates/roundcube/sso.config.inc.php
similarity index 100%
rename from rules/roles/mail/templates/roundcube/sso.config.inc.php
rename to roles/mail/templates/roundcube/sso.config.inc.php
diff --git a/rules/roles/mail/templates/spamassassin/init.pre b/roles/mail/templates/spamassassin/init.pre
similarity index 100%
rename from rules/roles/mail/templates/spamassassin/init.pre
rename to roles/mail/templates/spamassassin/init.pre
diff --git a/rules/roles/mail/templates/spamassassin/local.cf b/roles/mail/templates/spamassassin/local.cf
similarity index 100%
rename from rules/roles/mail/templates/spamassassin/local.cf
rename to roles/mail/templates/spamassassin/local.cf
diff --git a/rules/roles/mail/templates/spamassassin/schema.sql b/roles/mail/templates/spamassassin/schema.sql
similarity index 100%
rename from rules/roles/mail/templates/spamassassin/schema.sql
rename to roles/mail/templates/spamassassin/schema.sql
diff --git a/rules/roles/mail/templates/spamassassin/v310.pre b/roles/mail/templates/spamassassin/v310.pre
similarity index 100%
rename from rules/roles/mail/templates/spamassassin/v310.pre
rename to roles/mail/templates/spamassassin/v310.pre
diff --git a/rules/roles/mail/templates/spamassassin/v320.pre b/roles/mail/templates/spamassassin/v320.pre
similarity index 100%
rename from rules/roles/mail/templates/spamassassin/v320.pre
rename to roles/mail/templates/spamassassin/v320.pre
diff --git a/rules/roles/mail/templates/spamassassin/v342.pre b/roles/mail/templates/spamassassin/v342.pre
similarity index 100%
rename from rules/roles/mail/templates/spamassassin/v342.pre
rename to roles/mail/templates/spamassassin/v342.pre
diff --git a/rules/roles/mail/templates/spf-policyd.conf.j2 b/roles/mail/templates/spf-policyd.conf.j2
similarity index 100%
rename from rules/roles/mail/templates/spf-policyd.conf.j2
rename to roles/mail/templates/spf-policyd.conf.j2
diff --git a/rules/roles/mailman/files/forced_params b/roles/mailman/files/forced_params
similarity index 100%
rename from rules/roles/mailman/files/forced_params
rename to roles/mailman/files/forced_params
diff --git a/rules/roles/mailman/handlers/main.yml b/roles/mailman/handlers/main.yml
similarity index 100%
rename from rules/roles/mailman/handlers/main.yml
rename to roles/mailman/handlers/main.yml
diff --git a/rules/roles/mailman/meta/main.yml b/roles/mailman/meta/main.yml
similarity index 100%
rename from rules/roles/mailman/meta/main.yml
rename to roles/mailman/meta/main.yml
diff --git a/rules/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml
similarity index 100%
rename from rules/roles/mailman/tasks/main.yml
rename to roles/mailman/tasks/main.yml
diff --git a/rules/roles/mailman/templates/domains.j2 b/roles/mailman/templates/domains.j2
similarity index 100%
rename from rules/roles/mailman/templates/domains.j2
rename to roles/mailman/templates/domains.j2
diff --git a/rules/roles/mailman/templates/mailman_api.conf.j2 b/roles/mailman/templates/mailman_api.conf.j2
similarity index 100%
rename from rules/roles/mailman/templates/mailman_api.conf.j2
rename to roles/mailman/templates/mailman_api.conf.j2
diff --git a/rules/roles/mailman/templates/mm_cfg.py.j2 b/roles/mailman/templates/mm_cfg.py.j2
similarity index 100%
rename from rules/roles/mailman/templates/mm_cfg.py.j2
rename to roles/mailman/templates/mm_cfg.py.j2
diff --git a/rules/roles/mariadb-users/tasks/main.yml b/roles/mariadb-users/tasks/main.yml
similarity index 100%
rename from rules/roles/mariadb-users/tasks/main.yml
rename to roles/mariadb-users/tasks/main.yml
diff --git a/rules/roles/mariadb-users/templates/mysql_users_remote.cnf b/roles/mariadb-users/templates/mysql_users_remote.cnf
similarity index 100%
rename from rules/roles/mariadb-users/templates/mysql_users_remote.cnf
rename to roles/mariadb-users/templates/mysql_users_remote.cnf
diff --git a/rules/roles/noblogs-dns/README.md b/roles/noblogs-dns/README.md
similarity index 100%
rename from rules/roles/noblogs-dns/README.md
rename to roles/noblogs-dns/README.md
diff --git a/rules/roles/noblogs-dns/handlers/main.yml b/roles/noblogs-dns/handlers/main.yml
similarity index 100%
rename from rules/roles/noblogs-dns/handlers/main.yml
rename to roles/noblogs-dns/handlers/main.yml
diff --git a/rules/roles/noblogs-dns/tasks/main.yml b/roles/noblogs-dns/tasks/main.yml
similarity index 100%
rename from rules/roles/noblogs-dns/tasks/main.yml
rename to roles/noblogs-dns/tasks/main.yml
diff --git a/rules/roles/noblogs-dns/templates/noblogs.yml.j2 b/roles/noblogs-dns/templates/noblogs.yml.j2
similarity index 100%
rename from rules/roles/noblogs-dns/templates/noblogs.yml.j2
rename to roles/noblogs-dns/templates/noblogs.yml.j2
diff --git a/rules/roles/noblogs/defaults/main.yml b/roles/noblogs/defaults/main.yml
similarity index 100%
rename from rules/roles/noblogs/defaults/main.yml
rename to roles/noblogs/defaults/main.yml
diff --git a/rules/roles/noblogs/files/bootstrap/wordpress-base.sql b/roles/noblogs/files/bootstrap/wordpress-base.sql
similarity index 100%
rename from rules/roles/noblogs/files/bootstrap/wordpress-base.sql
rename to roles/noblogs/files/bootstrap/wordpress-base.sql
diff --git a/rules/roles/noblogs/tasks/main.yml b/roles/noblogs/tasks/main.yml
similarity index 100%
rename from rules/roles/noblogs/tasks/main.yml
rename to roles/noblogs/tasks/main.yml
diff --git a/rules/roles/noblogs/templates/config.json.j2 b/roles/noblogs/templates/config.json.j2
similarity index 100%
rename from rules/roles/noblogs/templates/config.json.j2
rename to roles/noblogs/templates/config.json.j2
diff --git a/rules/roles/redis/README.md b/roles/redis/README.md
similarity index 100%
rename from rules/roles/redis/README.md
rename to roles/redis/README.md
diff --git a/rules/roles/redis/handlers/main.yml b/roles/redis/handlers/main.yml
similarity index 100%
rename from rules/roles/redis/handlers/main.yml
rename to roles/redis/handlers/main.yml
diff --git a/rules/roles/redis/tasks/main.yml b/roles/redis/tasks/main.yml
similarity index 100%
rename from rules/roles/redis/tasks/main.yml
rename to roles/redis/tasks/main.yml
diff --git a/rules/roles/redis/templates/redis.conf.j2 b/roles/redis/templates/redis.conf.j2
similarity index 100%
rename from rules/roles/redis/templates/redis.conf.j2
rename to roles/redis/templates/redis.conf.j2
diff --git a/rules/roles/rsync/README.md b/roles/rsync/README.md
similarity index 100%
rename from rules/roles/rsync/README.md
rename to roles/rsync/README.md
diff --git a/rules/roles/rsync/handlers/main.yml b/roles/rsync/handlers/main.yml
similarity index 100%
rename from rules/roles/rsync/handlers/main.yml
rename to roles/rsync/handlers/main.yml
diff --git a/rules/roles/rsync/tasks/main.yml b/roles/rsync/tasks/main.yml
similarity index 100%
rename from rules/roles/rsync/tasks/main.yml
rename to roles/rsync/tasks/main.yml
diff --git a/rules/roles/rsync/templates/module.conf.j2 b/roles/rsync/templates/module.conf.j2
similarity index 100%
rename from rules/roles/rsync/templates/module.conf.j2
rename to roles/rsync/templates/module.conf.j2
diff --git a/rules/roles/rsync/templates/rsyncd.conf.j2 b/roles/rsync/templates/rsyncd.conf.j2
similarity index 100%
rename from rules/roles/rsync/templates/rsyncd.conf.j2
rename to roles/rsync/templates/rsyncd.conf.j2
diff --git a/rules/roles/testdata-ldap/tasks/load.yml b/roles/testdata-ldap/tasks/load.yml
similarity index 100%
rename from rules/roles/testdata-ldap/tasks/load.yml
rename to roles/testdata-ldap/tasks/load.yml
diff --git a/rules/roles/testdata-ldap/tasks/main.yml b/roles/testdata-ldap/tasks/main.yml
similarity index 100%
rename from rules/roles/testdata-ldap/tasks/main.yml
rename to roles/testdata-ldap/tasks/main.yml
diff --git a/rules/roles/testdata-noblogs/files/install-noblogs b/roles/testdata-noblogs/files/install-noblogs
similarity index 100%
rename from rules/roles/testdata-noblogs/files/install-noblogs
rename to roles/testdata-noblogs/files/install-noblogs
diff --git a/rules/roles/testdata-noblogs/tasks/load.yml b/roles/testdata-noblogs/tasks/load.yml
similarity index 100%
rename from rules/roles/testdata-noblogs/tasks/load.yml
rename to roles/testdata-noblogs/tasks/load.yml
diff --git a/rules/roles/testdata-noblogs/tasks/main.yml b/roles/testdata-noblogs/tasks/main.yml
similarity index 100%
rename from rules/roles/testdata-noblogs/tasks/main.yml
rename to roles/testdata-noblogs/tasks/main.yml
diff --git a/rules/roles/testdata-noblogs/templates/noblogs-batch.dat.j2 b/roles/testdata-noblogs/templates/noblogs-batch.dat.j2
similarity index 100%
rename from rules/roles/testdata-noblogs/templates/noblogs-batch.dat.j2
rename to roles/testdata-noblogs/templates/noblogs-batch.dat.j2
diff --git a/rules/roles/testdata-web-users/files/install-web-users b/roles/testdata-web-users/files/install-web-users
similarity index 100%
rename from rules/roles/testdata-web-users/files/install-web-users
rename to roles/testdata-web-users/files/install-web-users
diff --git a/rules/roles/testdata-web-users/tasks/load.yml b/roles/testdata-web-users/tasks/load.yml
similarity index 100%
rename from rules/roles/testdata-web-users/tasks/load.yml
rename to roles/testdata-web-users/tasks/load.yml
diff --git a/rules/roles/testdata-web-users/tasks/main.yml b/roles/testdata-web-users/tasks/main.yml
similarity index 100%
rename from rules/roles/testdata-web-users/tasks/main.yml
rename to roles/testdata-web-users/tasks/main.yml
diff --git a/rules/roles/web-users/files/ai-webdav-default b/roles/web-users/files/ai-webdav-default
similarity index 100%
rename from rules/roles/web-users/files/ai-webdav-default
rename to roles/web-users/files/ai-webdav-default
diff --git a/rules/roles/web-users/files/users.firewall b/roles/web-users/files/users.firewall
similarity index 100%
rename from rules/roles/web-users/files/users.firewall
rename to roles/web-users/files/users.firewall
diff --git a/rules/roles/web-users/handlers/main.yml b/roles/web-users/handlers/main.yml
similarity index 100%
rename from rules/roles/web-users/handlers/main.yml
rename to roles/web-users/handlers/main.yml
diff --git a/rules/roles/web-users/tasks/main.yml b/roles/web-users/tasks/main.yml
similarity index 100%
rename from rules/roles/web-users/tasks/main.yml
rename to roles/web-users/tasks/main.yml
diff --git a/rules/roles/web-users/tasks/webdav.yml b/roles/web-users/tasks/webdav.yml
similarity index 100%
rename from rules/roles/web-users/tasks/webdav.yml
rename to roles/web-users/tasks/webdav.yml
diff --git a/root/.gitignore b/root/.gitignore
deleted file mode 100644
index da84f24374d0ef4e4a3b729751abb257722b219a..0000000000000000000000000000000000000000
--- a/root/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-vault_pw
diff --git a/root/README.md b/root/README.md
deleted file mode 100644
index baa568f6c7ab816381125f5868dffa1da98c404e..0000000000000000000000000000000000000000
--- a/root/README.md
+++ /dev/null
@@ -1,12 +0,0 @@
-Questa directory contiene le credenziali fondamentali che controllano
-l'accesso all'ambiente di produzione da parte del sistema di
-automazione. In particolare:
-
-* la passphrase di ansible-vault che decritta le credenziali
-  secondarie (rigenerabili automaticamente) del repository di
-  configurazione;
-* altre credenziali necessarie per l'accesso a sistemi di terze parti
-  sia da parte dell'ambiente di produzione che di quello di test (per
-  esempio l'accesso al registro Docker privato).
-
-Queste credenziali devono essere crittate a riposo con GPG.
diff --git a/root/vars/.gitignore b/root/vars/.gitignore
deleted file mode 100644
index 731dc0605fe5059171d5de1c3d9b530f291738f3..0000000000000000000000000000000000000000
--- a/root/vars/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-docker.yml
-docker.yml.gpg
diff --git a/root/vars/docker.yml.template b/root/vars/docker.yml.template
deleted file mode 100644
index aa4a81a4dde1246e8c4e0077a24b21cc13b28f68..0000000000000000000000000000000000000000
--- a/root/vars/docker.yml.template
+++ /dev/null
@@ -1,6 +0,0 @@
----
-
-docker_registry_url: "https://registry.git.autistici.org"
-docker_registry_username: "docker-registry-client"
-docker_registry_password: ""
-
diff --git a/rules/README.md b/rules/README.md
deleted file mode 100644
index 02bb3e194654f551171f2c5218f8c23d8ba4345a..0000000000000000000000000000000000000000
--- a/rules/README.md
+++ /dev/null
@@ -1 +0,0 @@
-Questa directory contiene i ruoli Ansible relativi ai servizi di A/I.
diff --git a/run-test.sh b/run-test.sh
deleted file mode 100755
index 3a3b1312efc7b6a484becd3d42e0567473fb127e..0000000000000000000000000000000000000000
--- a/run-test.sh
+++ /dev/null
@@ -1,95 +0,0 @@
-#!/bin/bash
-#
-# Wrapper used to run CI tests in a temporary environment.
-#
-
-# Find the absolute path to this script's directory
-# (so that we can find the 'float' root dir).
-bin_dir=$(dirname "$0")
-bin_dir=${bin_dir:-.}
-bin_dir=$(cd "${bin_dir}" && pwd)
-root_dir="${bin_dir}"
-float_dir="${bin_dir}/float"
-
-# Used for all ansible/float invocations.
-export ANSIBLE_VAULT_PASSWORD_FILE=".ansible_vault_pw"
-export ANSIBLE_HOST_KEY_CHECKING=False
-
-die() {
-    echo "ERROR: $*" >&2
-    exit 1
-}
-
-start_vagrant() {
-    vagrant up \
-        || die "could not start virtual machines"
-}
-
-stop_vagrant() {
-    pushd "$test_dir"
-    vagrant destroy -f
-    popd
-}
-
-check_hosts_ready() {
-    # Wait at most 30 seconds for the vms to become reachable.
-    local i=0
-    while [ $i -lt 10 ]; do
-        sleep 3
-        ansible -v -i config.yml all -m ping && break
-        i=$(($i + 1))
-    done
-    [ $i -eq 10 ] && die "could not reach virtual machines over SSH"
-}
-
-run_ansible() {
-    ${float_dir}/float run init-credentials \
-        || die "failed to run the init-credentials playbook"
-    ANSIBLE_STDOUT_CALLBACK=actionable ${float_dir}/float run site.yml \
-        || die "failed to run the site.yml playbook"
-}
-
-run_integration_test() {
-    # Give the system some time to stabilize.
-    # TODO: increase this to >5 minutes so that alerts have time to fire.
-    sleep 30
-
-    ANSIBLE_STDOUT_CALLBACK=minimal ${float_dir}/float run integration-test \
-        || die "failed to run the integration tests"
-}
-
-run_ai3_tests() {
-    ANSIBLE_STDOUT_CALLBACK=minimal ${float_dir}/float run \
-            ${root_dir}/rules/playbooks/ai3-test.yml \
-        || die "failed to run the integration tests"
-}
-
-setup_mitogen() {
-    local mitogen_version=0.2.3
-    local mitogen_url="https://files.pythonhosted.org/packages/source/m/mitogen/mitogen-${mitogen_version}.tar.gz"
-    curl -L "${mitogen_url}" | tar zxv -C ${temp_dir}
-    if [ $? -gt 0 ]; then
-        die "Unable to setup mitogen"
-    fi
-    export MITOGEN=${temp_dir}/mitogen-${mitogen_version}
-}
-
-# Create a temporary directory for the test.
-temp_dir=$(mktemp -d)
-test_dir="${temp_dir}/env"
-trap "stop_vagrant; cd /; rm -fr \"$temp_dir\"" EXIT SIGINT SIGTERM
-
-setup_mitogen
-
-${root_dir}/create-test-env "$@" "${test_dir}" \
-    || die "error in create-test-env"
-
-cd $test_dir \
-    || die "can't cd to test env directory"
-start_vagrant
-check_hosts_ready
-run_ansible
-run_integration_test
-run_ai3_tests
-
-exit 0
diff --git a/start-local-backup-server.sh b/start-local-backup-server.sh
deleted file mode 100755
index 8442fd84cff5cb7f05f06e69f819f7f6410a069f..0000000000000000000000000000000000000000
--- a/start-local-backup-server.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/bash
-#
-# Starts a local backup server using github.com/restic/rest-server.
-#
-
-addr=:18080
-backup_dir=/tmp/rest-server
-version=0.9.7
-
-mkdir -p $backup_dir
-mkdir $backup_dir/backup
-mkdir $backup_dir/.bin
-
-# Download the binary if necessary (just the first time).
-bin=${backup_dir}/.bin/rest-server
-if [ ! -e $bin ]; then
-    arch=$(dpkg-architecture -qDEB_BUILD_ARCH)
-    download_url="https://github.com/restic/rest-server/releases/download/v${version}/rest-server-${version}-linux-${arch}.gz"
-    wget -O ${bin}.gz "$download_url"
-    gunzip ${bin}.gz
-    chmod +x ${bin}
-fi
-
-# The password here is "backup".
-echo 'backup:$2y$05$UjOt6frxhJjNsARLiSbv5ewPLsGH8WbmB6QXjkqsQxeGkrb8SH8hm' \
-	> $backup_dir/.htpasswd
-
-# Start the rest-server.
-echo "configure restic with rest:http://backup:backup@$(hostname -f)${addr}/backup"
-$bin --append-only --debug --listen $addr \
-	--path $backup_dir --prometheus --private-repos
-
diff --git a/test-browser b/test-browser
deleted file mode 100755
index fe63a368f972d948ae158de0f3436e37c2fd939f..0000000000000000000000000000000000000000
--- a/test-browser
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/bin/bash
-
-browser=
-socks_proxy=192.168.10.10:9051
-while [ $# -gt 0 ]; do
-    case "$1" in
-        -h|--help)
-            usage
-            ;;
-
-        --browser=*)
-            browser="${1##*=}"
-            ;;
-        --browser)
-            browser="$2"
-            shift
-            ;;
-
-        --proxy=*)
-            socks_proxy="${1##*=}"
-            ;;
-        --proxy)
-            socks_proxy="$2"
-            shift
-            ;;
-
-        --)
-            shift
-            break
-            ;;
-        -*)
-            echo "Unknown option $1" >&2
-            ;;
-        *)
-            break
-            ;;
-    esac
-    shift
-done
-
-if [ -z "$browser" ]; then
-    for s in chromium google-chrome google-chrome-beta ; do
-        browser=$(which $s)
-        [ -n "$browser" ] && break
-    done
-fi
-if [ -z "$browser" ]; then
-    echo "Could not find a usable browser. Unfortunately this script only works with Chrome / Chromium." >&2
-    exit 2
-fi
-
-tmpdir=$(mktemp -d)
-trap "rm -fr \"$tmpdir\"; trap - EXIT; exit 0" EXIT INT TERM
-$browser --user-data-dir="$tmpdir" --no-first-run --no-default-browser-check --proxy-server=socks5://$socks_proxy "$@"
diff --git a/rules/test/.gitignore b/test/.gitignore
similarity index 100%
rename from rules/test/.gitignore
rename to test/.gitignore
diff --git a/rules/test/README.md b/test/README.md
similarity index 100%
rename from rules/test/README.md
rename to test/README.md
diff --git a/rules/test/ai3test/__init__.py b/test/ai3test/__init__.py
similarity index 100%
rename from rules/test/ai3test/__init__.py
rename to test/ai3test/__init__.py
diff --git a/rules/test/ai3test/ai3-test-params.yml b/test/ai3test/ai3-test-params.yml
similarity index 100%
rename from rules/test/ai3test/ai3-test-params.yml
rename to test/ai3test/ai3-test-params.yml
diff --git a/rules/test/ai3test/test_mail.py b/test/ai3test/test_mail.py
similarity index 100%
rename from rules/test/ai3test/test_mail.py
rename to test/ai3test/test_mail.py
diff --git a/rules/test/ai3test/test_pannello.py b/test/ai3test/test_pannello.py
similarity index 100%
rename from rules/test/ai3test/test_pannello.py
rename to test/ai3test/test_pannello.py
diff --git a/rules/test/ai3test/test_web_users.py b/test/ai3test/test_web_users.py
similarity index 100%
rename from rules/test/ai3test/test_web_users.py
rename to test/ai3test/test_web_users.py
diff --git a/rules/test/setup.py b/test/setup.py
similarity index 100%
rename from rules/test/setup.py
rename to test/setup.py
diff --git a/rules/test/tox.ini b/test/tox.ini
similarity index 100%
rename from rules/test/tox.ini
rename to test/tox.ini
diff --git a/testdata b/testdata
deleted file mode 160000
index 734def074dad5d6648f5d67b86d472547334ded1..0000000000000000000000000000000000000000
--- a/testdata
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 734def074dad5d6648f5d67b86d472547334ded1