diff --git a/.gitignore b/.gitignore
index 5fc2606..9b8a14b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,7 @@ ansible/venv
 ansible/ssh_key
 ansible/group_vars
 ansible/inventory
+ansible/collections
 tofu/clouds.yaml
 tofu/ovh.conf
 tofu/terraform.tfstate
diff --git a/README.md b/README.md
index d9d88a4..c6b584e 100644
--- a/README.md
+++ b/README.md
@@ -78,6 +78,47 @@ tofu destroy
 
 # Ansible
 
+## Installation
+
+```
+cd ansible
+ansible-galaxy collection install -r requirements.yml
+```
+
 ## Configuration
 
+File `group_vars/galene.yml`:
+
+```yaml
+certbot_domain: &domain galene.tld
+certbot_email: contact@galene.tld
+galene_domain: *domain
+galene_groups:
+  group1:
+    users:
+      admin:
+        password: CHANGEME
+        permissions: op
+      user1:
+        password: CHANGEME
+        permissions: present
+      user2:
+        password: CHANGEME
+        permissions: present
+```
+
 ## Usage
+
+```
+ansible-playbook site.yml
+```
+
+Do not forget to destroy the infrastructure when you are done with the video
+conference.
+
+# Aliases
+
+```bash
+alias galene-start='cd /path/to/galene-cloud/tofu && tofu apply && cd /path/to/galene-cloud/ansible && ansible-playbook site.yml'
+alias galene-stop='cd /path/to/galene-cloud/tofu && tofu destroy'
+```
diff --git a/ansible/requirements.yml b/ansible/requirements.yml
new file mode 100644
index 0000000..e92432c
--- /dev/null
+++ b/ansible/requirements.yml
@@ -0,0 +1,5 @@
+---
+collections:
+  - name: https://git.riou.xyz/jriou/ansible.git
+    type: git
+    version: 1.0.0
diff --git a/ansible/roles/certbot/tasks/main.yml b/ansible/roles/certbot/tasks/main.yml
deleted file mode 100644
index b7241ef..0000000
--- a/ansible/roles/certbot/tasks/main.yml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-- name: Check requirements
-  ansible.builtin.assert:
-    that:
-      - certbot_email is defined
-      - certbot_domain is defined
-
-- name: Install packages
-  ansible.builtin.package:
-    name: certbot
-
-- name: Request certificate
-  ansible.builtin.command:
-    cmd: >-
-      certbot certonly --standalone -n --agree-tos
-        --email {{ certbot_email }} -d {{ certbot_domain }}
-    creates: /etc/letsencrypt/live/{{ certbot_domain }}/fullchain.pem
diff --git a/ansible/roles/galene/defaults/main.yml b/ansible/roles/galene/defaults/main.yml
deleted file mode 100644
index 56f3852..0000000
--- a/ansible/roles/galene/defaults/main.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-galene_version: galene-1.0
-galene_http_port: 443
-galene_turn: ":1194"
-galene_user: galene
-galene_group: galene
-galene_base_directory: /var/lib/galene
-galene_data_directory: "{{ galene_base_directory }}/data"
-galene_groups_directory: "{{ galene_base_directory }}/groups"
-galene_recording_directory: "{{ galene_base_directory }}/recordings"
-galene_static_directory: "{{ galene_base_directory }}/static"
-# galene_domain:
-
-# galene_config:
-#   canonicalHost: galene.example.org
-galene_config: {}
-
-# galene_groups:
-#   example:
-#     users:
-#       bob:
-#         password: ***
-#         permissions: op
-galene_groups: {}
diff --git a/ansible/roles/galene/handlers/main.yml b/ansible/roles/galene/handlers/main.yml
deleted file mode 100644
index 24198bf..0000000
--- a/ansible/roles/galene/handlers/main.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-- name: Reload systemd
-  ansible.builtin.systemd_service:
-    daemon_reload: true
-
-- name: Restart galene
-  ansible.builtin.service:
-    name: galene
-    state: restarted
diff --git a/ansible/roles/galene/meta/main.yml b/ansible/roles/galene/meta/main.yml
deleted file mode 100644
index affff51..0000000
--- a/ansible/roles/galene/meta/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-dependencies:
-  - role: golang
diff --git a/ansible/roles/galene/tasks/main.yml b/ansible/roles/galene/tasks/main.yml
deleted file mode 100644
index e8570b4..0000000
--- a/ansible/roles/galene/tasks/main.yml
+++ /dev/null
@@ -1,116 +0,0 @@
----
-# TODO: install in block
-- name: Install requirements
-  ansible.builtin.package:
-    name: git
-
-- name: Clone source code
-  ansible.builtin.git:
-    repo: https://github.com/jech/galene
-    dest: /opt/galene
-    version: "{{ galene_version }}"
-
-- name: Compile
-  ansible.builtin.command:
-    chdir: /opt/galene
-    cmd: go build -ldflags='-s -w'
-    creates: /opt/galene/galene
-  environment:
-    CGO_ENABLED: "0"
-    PATH: /usr/local/go/bin
-
-- name: Install
-  ansible.builtin.copy:
-    remote_src: true
-    src: /opt/galene/galene
-    dest: /usr/local/bin/galene
-    owner: root
-    group: root
-    mode: "0755"
-# TODO End of install in block
-
-- name: Create user
-  ansible.builtin.user:
-    name: "{{ galene_user }}"
-    system: true
-    password: '!'
-    home: "{{ galene_base_directory }}"
-    create_home: false
-
-- name: Create directories
-  ansible.builtin.file:
-    path: "{{ item }}"
-    state: directory
-    owner: "{{ galene_user }}"
-    group: "{{ galene_group }}"
-    mode: "0755"
-  loop:
-    - "{{ galene_base_directory }}"
-    - "{{ galene_data_directory }}"
-    - "{{ galene_groups_directory }}"
-    - "{{ galene_recording_directory }}"
-    - "{{ galene_static_directory }}"
-
-- name: Copy static directory
-  ansible.builtin.copy:
-    src: /opt/galene/static/
-    dest: "{{ galene_static_directory }}/"
-    remote_src: true
-    mode: "0755"
-    owner: "{{ galene_user }}"
-    group: "{{ galene_group }}"
-  when: galene_static_directory != "/opt/galene/static"
-
-- name: Configure groups
-  ansible.builtin.copy:
-    content: "{{ item.value | to_json }}"
-    dest: "{{ galene_groups_directory }}/{{ item.key }}.json"
-    owner: "{{ galene_user }}"
-    group: "{{ galene_group }}"
-    mode: "0600"
-  loop: "{{ galene_groups | dict2items }}"
-  loop_control:
-    label: "{{ item.key }}"
-  notify: Restart galene
-
-- name: Create global configuration
-  ansible.builtin.copy:
-    content: "{{ galene_config | to_json }}"
-    dest: "{{ galene_data_directory }}/config.json"
-    owner: "{{ galene_user }}"
-    group: "{{ galene_group }}"
-    mode: "0600"
-  notify: Restart galene
-
-- name: Configure TLS certificates
-  when: galene_domain is defined
-  ansible.builtin.copy:
-    remote_src: true
-    src: "{{ item.src }}"
-    dest: "{{ item.dest }}"
-    owner: "{{ galene_user }}"
-    group: "{{ galene_group }}"
-  loop:
-    - src: "/etc/letsencrypt/live/{{ galene_domain }}/fullchain.pem"
-      dest: "{{ galene_data_directory }}/cert.pem"
-      mode: "0644"
-    - src: "/etc/letsencrypt/live/{{ galene_domain }}/privkey.pem"
-      dest: "{{ galene_data_directory }}/key.pem"
-      mode: "0600"
-
-- name: Create service
-  ansible.builtin.template:
-    src: galene.service.j2
-    dest: /etc/systemd/system/galene.service
-    mode: "0644"
-    owner: root
-    group: root
-  notify:
-    - Reload systemd
-    - Restart galene
-
-- name: Start service
-  ansible.builtin.service:
-    name: galene
-    state: started
-    enabled: true
diff --git a/ansible/roles/galene/templates/galene.service.j2 b/ansible/roles/galene/templates/galene.service.j2
deleted file mode 100644
index 5a90399..0000000
--- a/ansible/roles/galene/templates/galene.service.j2
+++ /dev/null
@@ -1,19 +0,0 @@
-{{ ansible_managed | comment }}
-
-[Unit]
-Description=Galene
-After=network.target
-
-[Service]
-Type=simple
-WorkingDirectory={{ galene_base_directory }}
-User={{ galene_user }}
-Group={{ galene_group }}
-{% if galene_http_port < 1024 %}
-AmbientCapabilities=CAP_NET_BIND_SERVICE
-{% endif %}
-ExecStart=/usr/local/bin/galene -http :{{ galene_http_port }} -data {{ galene_data_directory }} -groups {{ galene_groups_directory }} -recordings {{ galene_recording_directory }} -static {{ galene_static_directory }} -turn "{{ galene_turn }}"
-LimitNOFILE=65536
-
-[Install]
-WantedBy=multi-user.target
diff --git a/ansible/roles/golang/defaults/main.yml b/ansible/roles/golang/defaults/main.yml
deleted file mode 100644
index f969c1d..0000000
--- a/ansible/roles/golang/defaults/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-golang_version: 1.25.4
diff --git a/ansible/roles/golang/tasks/main.yml b/ansible/roles/golang/tasks/main.yml
deleted file mode 100644
index 6af3007..0000000
--- a/ansible/roles/golang/tasks/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-- name: Install
-  ansible.builtin.unarchive:
-    src: "https://go.dev/dl/go{{ golang_version }}.linux-amd64.tar.gz"
-    dest: /usr/local
-    remote_src: true
-    creates: /usr/local/go
diff --git a/ansible/site.yml b/ansible/site.yml
index 6475ac6..f599d0a 100644
--- a/ansible/site.yml
+++ b/ansible/site.yml
@@ -21,5 +21,5 @@
   hosts:
     - galene
   roles:
-    - certbot
-    - galene
+    - jriou.general.certbot
+    - jriou.general.galene