diff --git a/.vscode/settings.json b/.vscode/settings.json
index 95a5416..a5f45dc 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,9 +1,10 @@
 {
   "files.autoSave": "afterDelay",
   "files.associations": {
-    "hosts": "yaml",
-    "*.yml": "ansible"
+    "**hosts*": "yaml",
+    "*.yml": "ansible",
+    "**/.woodpecker/*.yml": "yaml"
   },
-"ansible.ansible.useFullyQualifiedCollectionNames": true,
-"editor.formatOnSave": true
+  "ansible.ansible.useFullyQualifiedCollectionNames": true,
+  "editor.formatOnSave": true
 }
diff --git a/.woodpecker/ansible.yml b/.woodpecker/ansible.yml
new file mode 100644
index 0000000..48b0760
--- /dev/null
+++ b/.woodpecker/ansible.yml
@@ -0,0 +1,36 @@
+pipeline:
+  check-ansible-syntax:
+    image: harbor.sebclem.fr/sebclem/woodpecker-ansible-runner
+    pull: true
+    settings:
+      playbook: playbooks/install.yml
+      galaxy_file: roles/requirements.yml
+      check_syntax: true
+      vault_token:
+        from_secret: ansible_vault_token
+    when:
+      - event: "push"
+        branch: [main, master]
+      - event: [pull_request, manual, deployment]
+
+  run-ansible-playbook:
+    image: harbor.sebclem.fr/sebclem/woodpecker-ansible-runner
+    pull: true
+    settings:
+      verbosity: ${verbosity=0}
+      limit: ${limit}
+      tags: ${tags}
+      playbook: playbooks/install.yml
+      galaxy_file: roles/requirements.yml
+      vault_token:
+        from_secret: ansible_vault_token
+      private_key:
+        from_secret: ansible_private_key
+    when:
+      environment: production
+      event: deployment
+
+when:
+  - event: "push"
+    branch: [main, master]
+  - event: [pull_request, manual, deployment]
diff --git a/ansible.cfg b/ansible.cfg
index f2a27eb..9043faa 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,8 +1,9 @@
 [defaults]
-inventory = hosts
+inventory = inventories/hosts.yml
 remote_user = root
 host_key_checking = True
 vault_password_file = credentials/vault_token
 roles_path = ./roles
 force_color = true
+stdout_callback = yaml        
 ansible_managed = This file is managed by ansible, don't make changes here - they will be overwritten.
diff --git a/group_vars/nodes.yml b/inventories/group_vars/nodes.yml
similarity index 100%
rename from group_vars/nodes.yml
rename to inventories/group_vars/nodes.yml
diff --git a/host_vars/hostname.yml b/inventories/host_vars/hostname.yml
similarity index 100%
rename from host_vars/hostname.yml
rename to inventories/host_vars/hostname.yml
diff --git a/hosts b/inventories/hosts.yml
similarity index 98%
rename from hosts
rename to inventories/hosts.yml
index 6bcc132..f31bbf5 100644
--- a/hosts
+++ b/inventories/hosts.yml
@@ -1,5 +1,4 @@
 ---
-
 all:
   children:
     nodes:
diff --git a/secrets/hostname.yml b/inventories/secrets/hostname.yml
similarity index 100%
rename from secrets/hostname.yml
rename to inventories/secrets/hostname.yml
diff --git a/sites.yml b/playbooks/install.yml
similarity index 53%
rename from sites.yml
rename to playbooks/install.yml
index 2f8dd9d..6e1070d 100644
--- a/sites.yml
+++ b/playbooks/install.yml
@@ -4,8 +4,8 @@
 
   pre_tasks:
     - name: Load secrets
-      include_vars:
-        file: "secrets/{{ inventory_hostname }}.yml"
+      ansible.builtin.include_vars:
+        file: "{{ inventory_dir }}/secrets/{{ inventory_hostname }}.yml"
       tags:
         - always
 
diff --git a/renovate.json b/renovate.json
index 0256893..856128a 100644
--- a/renovate.json
+++ b/renovate.json
@@ -3,7 +3,7 @@
   "extends": [
     "config:base",
     "group:nodeJs",
-    "local>sebclem/renovate-configs:notest",
+    "local>sebclem/renovate-configs",
     "local>sebclem/renovate-configs:ansible_host_var"
   ]
 }