diff --git a/.gitignore b/.gitignore
index f71c7f0..99c4055 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,12 @@
 .vscode/
+venv
 .vault-pass
 .vault.yml
 .passbolt.yml
 inventories/local
-venv
+inventories/local.yml
+inventories/local.yaml
+inventories/host_vars/*/local.yml
+inventories/host_vars/*/local.yaml
+inventories/group_vars/*/local.yml
+inventories/group_vars/*/local.yaml
diff --git a/README.md b/README.md
index 3aeee33..7d0991d 100644
--- a/README.md
+++ b/README.md
@@ -40,10 +40,7 @@ ansible-galaxy collection install -r collections/requirements.yml
 
 ## Run playbook
 
-Before merging changes into protected branches, playbooks should be tested 
-locally to ensure they work properly. The *inventories/local* inventory is not 
-uploaded to the repository and can be used for local testing. In any case, it 
-is advisable to use a different repository to store inventories.
+It is advisable to use a different repository to store inventories.
 
 Run playbook on inventory host.
 ```
@@ -62,6 +59,14 @@ List available tags for playbook.
 ansible-playbook playbooks/<playbook_name>.yml --list-tags
 ```
 
+## Playbook testing
+
+Before merging changes into protected branches, playbooks should be tested 
+locally to ensure they work properly. Take a look to *.gitignore* to known 
+the *inventories* file patterns that are excluded from remote.
+
+* https://docs.ansible.com/ansible/latest/inventory_guide/intro_inventory.html#organizing-host-and-group-variables
+
 ## Manage secrets
 
 Secrets can be managed by using Ansible vault or an external keystore, Passbolt 
diff --git a/playbooks/debian.yml b/playbooks/debian.yml
index 1180f9d..0e337af 100644
--- a/playbooks/debian.yml
+++ b/playbooks/debian.yml
@@ -1,18 +1,5 @@
 - name: Configure base Debian host
   hosts: all
   tasks:
-  - name: Configure virtual machine or host (not LXC)
-    import_role:
-      name: debian-host
-    when: ansible_virtualization_role == 'host' or ansible_virtualization_type == 'kvm'
-  - name: Configure base system (all)
-    import_role:
-      name: debian-base 
-  - name: Configure guest
-    import_role:
-      name: debian-guest
-    when: ansible_virtualization_role == 'guest'
-  - name: Configure virtual machine
-    import_role:
-      name: debian-qemu
-    when: ansible_virtualization_role == 'guest' and ansible_virtualization_type == 'kvm'
+  - import_role:
+      name: debian
diff --git a/playbooks/kube.yml b/playbooks/kube.yml
index 0b7d9bf..8628eb1 100644
--- a/playbooks/kube.yml
+++ b/playbooks/kube.yml
@@ -1,5 +1,7 @@
 - name: Configure Kubernetes
   hosts: all
   tasks:
+  - import_role:
+      name: debian
   - import_role:
       name: kube
diff --git a/playbooks/pve.yml b/playbooks/pve.yml
index ab7c817..a351148 100644
--- a/playbooks/pve.yml
+++ b/playbooks/pve.yml
@@ -1,5 +1,7 @@
 - name: Configure PVE
   hosts: all
   tasks:
+  - import_role:
+      name: debian
   - import_role:
       name: pve
diff --git a/roles/debian-base/tasks/main.yml b/roles/debian-base/tasks/main.yml
deleted file mode 100644
index dcd5f94..0000000
--- a/roles/debian-base/tasks/main.yml
+++ /dev/null
@@ -1,34 +0,0 @@
-- import_tasks: witness.yml
-  tags: witness
-- import_tasks: root.yml
-  tags: root
-- import_tasks: resolv.yml
-  tags: resolv
-- import_tasks: timesync.yml
-  tags: timesync
-- import_tasks: sshd_configure.yml
-  tags: sshd_configure
-- import_tasks: defuser.yml
-  tags: defuser
-- import_tasks: install.yml
-  tags: install
-- import_tasks: locale.yml
-  tags: locale
-- import_tasks: tzdata.yml
-  tags: tzdata
-- import_tasks: relayhost.yml
-  tags: relayhost
-- import_tasks: motd.yml
-  tags: motd
-- import_tasks: profile.yml
-  tags: profile
-- import_tasks: vim.yml
-  tags: vim
-- import_tasks: nrpe.yml
-  tags: nrpe
-- import_tasks: fail2ban.yml
-  tags: fail2ban
-- import_tasks: bacula.yml
-  tags: bacula
-- import_tasks: vn-repo.yml
-  tags: vn-repo
diff --git a/roles/debian-base/tasks/vn-repo.yml b/roles/debian-base/tasks/vn-repo.yml
deleted file mode 100644
index bd85ca4..0000000
--- a/roles/debian-base/tasks/vn-repo.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-- name: Install package
-  apt:
-    deb: "{{ vn_host_url }}"
diff --git a/roles/debian-guest/handlers/main.yml b/roles/debian-guest/handlers/main.yml
deleted file mode 100644
index dd3e923..0000000
--- a/roles/debian-guest/handlers/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-- name: restart-nslcd
-  service:
-    name: nslcd
-    state: restarted
-- name: restart-ssh
-  systemd:
-    name: ssh
-    state: restarted
diff --git a/roles/debian-guest/tasks/main.yml b/roles/debian-guest/tasks/main.yml
deleted file mode 100644
index bb9b76f..0000000
--- a/roles/debian-guest/tasks/main.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-- import_tasks: auth.yml
-  tags: auth
-- import_tasks: sudoers.yml
-  tags: sudoers
-- import_tasks: ssh_keys.yml
-  tags: ssh_keys
\ No newline at end of file
diff --git a/roles/debian-host/handlers/main.yml b/roles/debian-host/handlers/main.yml
deleted file mode 100644
index 45b25b1..0000000
--- a/roles/debian-host/handlers/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-- name: restart-sysctl
-  systemd:
-    name: systemd-sysctl
-    state: restarted
\ No newline at end of file
diff --git a/roles/debian-host/tasks/main.yml b/roles/debian-host/tasks/main.yml
deleted file mode 100644
index e4f179a..0000000
--- a/roles/debian-host/tasks/main.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-- import_tasks: hostname.yml
-  tags: hostname
-- import_tasks: sysctl.yml
-  tags: sysctl
-- import_tasks: apparmor.yml
-  tags: apparmor
diff --git a/roles/debian-qemu/defaults/main.yml b/roles/debian-qemu/defaults/main.yml
deleted file mode 100644
index dc2a884..0000000
--- a/roles/debian-qemu/defaults/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-homes_path: /mnt/homes
-autofs_packages:
-  - nfs-common
-  - autofs
-  - libnfs-utils
-  - autofs-ldap
-blacklist_module_kernel: |
-  blacklist snd_hda_intel
diff --git a/roles/debian-qemu/handlers/main.yml b/roles/debian-qemu/handlers/main.yml
deleted file mode 100644
index 0bca163..0000000
--- a/roles/debian-qemu/handlers/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-- name: restart-autofs
-  service:
-    name: autofs
-    state: restarted
\ No newline at end of file
diff --git a/roles/debian-qemu/tasks/main.yml b/roles/debian-qemu/tasks/main.yml
deleted file mode 100644
index 1b49a8d..0000000
--- a/roles/debian-qemu/tasks/main.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- import_tasks: agent.yml
-  tags: agent
-- import_tasks: hotplug.yml
-  tags: hotplug
-- import_tasks: autofs.yml
-  tags: autofs
-- import_tasks: blacklist.yml
-  tags: blacklist
-- import_tasks: grub_startup.yml
-  tags: grub_startup
diff --git a/roles/debian-base/defaults/main.yaml b/roles/debian/defaults/main.yaml
similarity index 67%
rename from roles/debian-base/defaults/main.yaml
rename to roles/debian/defaults/main.yaml
index 6b4f9bf..a861f1c 100644
--- a/roles/debian-base/defaults/main.yaml
+++ b/roles/debian/defaults/main.yaml
@@ -1,5 +1,8 @@
 vn_first_time: false
 vn_witness_checked: false
+deb_packages:
+  - https://apt.verdnatura.es/pool/main/v/vn-host/vn-apt-source_3.0.1_all.deb
+  - https://apt.verdnatura.es/pool/main/v/vn-host/vn-host_3.0.1_all.deb
 grub_user: admin
 default_user: user
 fail2ban:
@@ -36,3 +39,11 @@ base_packages:
 locales_present:
   - en_US.UTF-8
   - es_ES.UTF-8
+homes_path: /mnt/homes
+autofs_packages:
+  - nfs-common
+  - autofs
+  - libnfs-utils
+  - autofs-ldap
+blacklist_module_kernel: |
+  blacklist snd_hda_intel
diff --git a/roles/debian-qemu/files/80-hotplug-cpu-mem.rules b/roles/debian/files/80-hotplug-cpu-mem.rules
similarity index 100%
rename from roles/debian-qemu/files/80-hotplug-cpu-mem.rules
rename to roles/debian/files/80-hotplug-cpu-mem.rules
diff --git a/roles/debian-qemu/files/hotplug.cfg b/roles/debian/files/hotplug.cfg
similarity index 100%
rename from roles/debian-qemu/files/hotplug.cfg
rename to roles/debian/files/hotplug.cfg
diff --git a/roles/debian-base/files/motd b/roles/debian/files/motd
similarity index 100%
rename from roles/debian-base/files/motd
rename to roles/debian/files/motd
diff --git a/roles/debian-base/files/profile.sh b/roles/debian/files/profile.sh
similarity index 100%
rename from roles/debian-base/files/profile.sh
rename to roles/debian/files/profile.sh
diff --git a/roles/debian-base/files/sendmail-common.local b/roles/debian/files/sendmail-common.local
similarity index 100%
rename from roles/debian-base/files/sendmail-common.local
rename to roles/debian/files/sendmail-common.local
diff --git a/roles/debian-host/files/sysctl/30-basic.conf b/roles/debian/files/sysctl/30-basic.conf
similarity index 100%
rename from roles/debian-host/files/sysctl/30-basic.conf
rename to roles/debian/files/sysctl/30-basic.conf
diff --git a/roles/debian-host/files/sysctl/40-network.conf b/roles/debian/files/sysctl/40-network.conf
similarity index 100%
rename from roles/debian-host/files/sysctl/40-network.conf
rename to roles/debian/files/sysctl/40-network.conf
diff --git a/roles/debian-host/files/sysctl/42-noipv6.conf b/roles/debian/files/sysctl/42-noipv6.conf
similarity index 100%
rename from roles/debian-host/files/sysctl/42-noipv6.conf
rename to roles/debian/files/sysctl/42-noipv6.conf
diff --git a/roles/debian-base/files/vimrc.local b/roles/debian/files/vimrc.local
similarity index 100%
rename from roles/debian-base/files/vimrc.local
rename to roles/debian/files/vimrc.local
diff --git a/roles/debian-base/handlers/main.yml b/roles/debian/handlers/main.yml
similarity index 67%
rename from roles/debian-base/handlers/main.yml
rename to roles/debian/handlers/main.yml
index e2ee81e..cc20d9c 100644
--- a/roles/debian-base/handlers/main.yml
+++ b/roles/debian/handlers/main.yml
@@ -18,6 +18,22 @@
   systemd:
     name: sshd
     state: restarted
+- name: restart-sysctl
+  systemd:
+    name: systemd-sysctl
+    state: restarted
+- name: restart-nslcd
+  service:
+    name: nslcd
+    state: restarted
+- name: restart-ssh
+  systemd:
+    name: ssh
+    state: restarted
+- name: restart-autofs
+  service:
+    name: autofs
+    state: restarted
 - name: generate locales
   command: /usr/sbin/locale-gen
 - name: reconfigure tzdata
diff --git a/roles/debian-qemu/tasks/agent.yml b/roles/debian/tasks/agent.yml
similarity index 100%
rename from roles/debian-qemu/tasks/agent.yml
rename to roles/debian/tasks/agent.yml
diff --git a/roles/debian-host/tasks/apparmor.yml b/roles/debian/tasks/apparmor.yml
similarity index 100%
rename from roles/debian-host/tasks/apparmor.yml
rename to roles/debian/tasks/apparmor.yml
diff --git a/roles/debian-guest/tasks/auth.yml b/roles/debian/tasks/auth.yml
similarity index 100%
rename from roles/debian-guest/tasks/auth.yml
rename to roles/debian/tasks/auth.yml
diff --git a/roles/debian-qemu/tasks/autofs.yml b/roles/debian/tasks/autofs.yml
similarity index 100%
rename from roles/debian-qemu/tasks/autofs.yml
rename to roles/debian/tasks/autofs.yml
diff --git a/roles/debian-base/tasks/bacula.yml b/roles/debian/tasks/bacula.yml
similarity index 100%
rename from roles/debian-base/tasks/bacula.yml
rename to roles/debian/tasks/bacula.yml
diff --git a/roles/debian-qemu/tasks/blacklist.yml b/roles/debian/tasks/blacklist.yml
similarity index 100%
rename from roles/debian-qemu/tasks/blacklist.yml
rename to roles/debian/tasks/blacklist.yml
diff --git a/roles/debian-base/tasks/defuser.yml b/roles/debian/tasks/defuser.yml
similarity index 100%
rename from roles/debian-base/tasks/defuser.yml
rename to roles/debian/tasks/defuser.yml
diff --git a/roles/debian-base/tasks/fail2ban.yml b/roles/debian/tasks/fail2ban.yml
similarity index 100%
rename from roles/debian-base/tasks/fail2ban.yml
rename to roles/debian/tasks/fail2ban.yml
diff --git a/roles/debian-qemu/tasks/grub_startup.yml b/roles/debian/tasks/grub_startup.yml
similarity index 100%
rename from roles/debian-qemu/tasks/grub_startup.yml
rename to roles/debian/tasks/grub_startup.yml
diff --git a/roles/debian-host/tasks/hostname.yml b/roles/debian/tasks/hostname.yml
similarity index 100%
rename from roles/debian-host/tasks/hostname.yml
rename to roles/debian/tasks/hostname.yml
diff --git a/roles/debian-qemu/tasks/hotplug.yml b/roles/debian/tasks/hotplug.yml
similarity index 100%
rename from roles/debian-qemu/tasks/hotplug.yml
rename to roles/debian/tasks/hotplug.yml
diff --git a/roles/debian-base/tasks/install.yml b/roles/debian/tasks/install.yml
similarity index 100%
rename from roles/debian-base/tasks/install.yml
rename to roles/debian/tasks/install.yml
diff --git a/roles/debian-base/tasks/locale.yml b/roles/debian/tasks/locale.yml
similarity index 100%
rename from roles/debian-base/tasks/locale.yml
rename to roles/debian/tasks/locale.yml
diff --git a/roles/debian/tasks/main.yml b/roles/debian/tasks/main.yml
new file mode 100644
index 0000000..87dcf43
--- /dev/null
+++ b/roles/debian/tasks/main.yml
@@ -0,0 +1,71 @@
+
+- name: Configure virtual machine or host (not LXC)
+  when: ansible_virtualization_role == 'host' or ansible_virtualization_type == 'kvm'
+  block:
+    - import_tasks: hostname.yml
+      tags: hostname
+    - import_tasks: sysctl.yml
+      tags: sysctl
+    - import_tasks: apparmor.yml
+      tags: apparmor
+
+- name: Configure base system (all)
+  block:
+    - import_tasks: witness.yml
+      tags: witness
+    - import_tasks: root.yml
+      tags: root
+    - import_tasks: resolv.yml
+      tags: resolv
+    - import_tasks: timesync.yml
+      tags: timesync
+    - import_tasks: sshd_configure.yml
+      tags: sshd_configure
+    - import_tasks: defuser.yml
+      tags: defuser
+    - import_tasks: install.yml
+      tags: install
+    - import_tasks: locale.yml
+      tags: locale
+    - import_tasks: tzdata.yml
+      tags: tzdata
+    - import_tasks: relayhost.yml
+      tags: relayhost
+    - import_tasks: motd.yml
+      tags: motd
+    - import_tasks: profile.yml
+      tags: profile
+    - import_tasks: vim.yml
+      tags: vim
+    - import_tasks: nrpe.yml
+      tags: nrpe
+    - import_tasks: fail2ban.yml
+      tags: fail2ban
+    - import_tasks: bacula.yml
+      tags: bacula
+    - import_tasks: vn-repo.yml
+      tags: vn-repo
+
+- name: Configure guest
+  when: ansible_virtualization_role == 'guest'
+  block:
+    - import_tasks: auth.yml
+      tags: auth
+    - import_tasks: sudoers.yml
+      tags: sudoers
+    - import_tasks: ssh_keys.yml
+      tags: ssh_keys
+
+- name: Configure virtual machine
+  when: ansible_virtualization_role == 'guest' and ansible_virtualization_type == 'kvm'
+  block:
+    - import_tasks: agent.yml
+      tags: agent
+    - import_tasks: hotplug.yml
+      tags: hotplug
+    - import_tasks: autofs.yml
+      tags: autofs
+    - import_tasks: blacklist.yml
+      tags: blacklist
+    - import_tasks: grub_startup.yml
+      tags: grub_startup
diff --git a/roles/debian-base/tasks/motd.yml b/roles/debian/tasks/motd.yml
similarity index 100%
rename from roles/debian-base/tasks/motd.yml
rename to roles/debian/tasks/motd.yml
diff --git a/roles/debian-base/tasks/nrpe.yml b/roles/debian/tasks/nrpe.yml
similarity index 100%
rename from roles/debian-base/tasks/nrpe.yml
rename to roles/debian/tasks/nrpe.yml
diff --git a/roles/debian-base/tasks/profile.yml b/roles/debian/tasks/profile.yml
similarity index 100%
rename from roles/debian-base/tasks/profile.yml
rename to roles/debian/tasks/profile.yml
diff --git a/roles/debian-base/tasks/relayhost.yml b/roles/debian/tasks/relayhost.yml
similarity index 100%
rename from roles/debian-base/tasks/relayhost.yml
rename to roles/debian/tasks/relayhost.yml
diff --git a/roles/debian-base/tasks/resolv.yml b/roles/debian/tasks/resolv.yml
similarity index 100%
rename from roles/debian-base/tasks/resolv.yml
rename to roles/debian/tasks/resolv.yml
diff --git a/roles/debian-base/tasks/root.yml b/roles/debian/tasks/root.yml
similarity index 100%
rename from roles/debian-base/tasks/root.yml
rename to roles/debian/tasks/root.yml
diff --git a/roles/debian-guest/tasks/ssh_keys.yml b/roles/debian/tasks/ssh_keys.yml
similarity index 100%
rename from roles/debian-guest/tasks/ssh_keys.yml
rename to roles/debian/tasks/ssh_keys.yml
diff --git a/roles/debian-base/tasks/sshd_configure.yml b/roles/debian/tasks/sshd_configure.yml
similarity index 100%
rename from roles/debian-base/tasks/sshd_configure.yml
rename to roles/debian/tasks/sshd_configure.yml
diff --git a/roles/debian-guest/tasks/sudoers.yml b/roles/debian/tasks/sudoers.yml
similarity index 100%
rename from roles/debian-guest/tasks/sudoers.yml
rename to roles/debian/tasks/sudoers.yml
diff --git a/roles/debian-host/tasks/sysctl.yml b/roles/debian/tasks/sysctl.yml
similarity index 100%
rename from roles/debian-host/tasks/sysctl.yml
rename to roles/debian/tasks/sysctl.yml
diff --git a/roles/debian-base/tasks/timesync.yml b/roles/debian/tasks/timesync.yml
similarity index 100%
rename from roles/debian-base/tasks/timesync.yml
rename to roles/debian/tasks/timesync.yml
diff --git a/roles/debian-base/tasks/tzdata.yml b/roles/debian/tasks/tzdata.yml
similarity index 100%
rename from roles/debian-base/tasks/tzdata.yml
rename to roles/debian/tasks/tzdata.yml
diff --git a/roles/debian-base/tasks/vim.yml b/roles/debian/tasks/vim.yml
similarity index 100%
rename from roles/debian-base/tasks/vim.yml
rename to roles/debian/tasks/vim.yml
diff --git a/roles/debian/tasks/vn-repo.yml b/roles/debian/tasks/vn-repo.yml
new file mode 100644
index 0000000..c3db0ca
--- /dev/null
+++ b/roles/debian/tasks/vn-repo.yml
@@ -0,0 +1,4 @@
+- name: Install package
+  apt:
+    deb: "{{ item }}"
+  with_items: "{{ deb_packages }}"
diff --git a/roles/debian-base/tasks/witness.yml b/roles/debian/tasks/witness.yml
similarity index 100%
rename from roles/debian-base/tasks/witness.yml
rename to roles/debian/tasks/witness.yml
diff --git a/roles/debian-qemu/templates/auto.homes b/roles/debian/templates/auto.homes
similarity index 100%
rename from roles/debian-qemu/templates/auto.homes
rename to roles/debian/templates/auto.homes
diff --git a/roles/debian-base/templates/bacula-fd.conf b/roles/debian/templates/bacula-fd.conf
similarity index 100%
rename from roles/debian-base/templates/bacula-fd.conf
rename to roles/debian/templates/bacula-fd.conf
diff --git a/roles/debian-qemu/templates/homes.autofs b/roles/debian/templates/homes.autofs
similarity index 100%
rename from roles/debian-qemu/templates/homes.autofs
rename to roles/debian/templates/homes.autofs
diff --git a/roles/debian-base/templates/jail.local b/roles/debian/templates/jail.local
similarity index 100%
rename from roles/debian-base/templates/jail.local
rename to roles/debian/templates/jail.local
diff --git a/roles/debian-base/templates/nrpe.cfg b/roles/debian/templates/nrpe.cfg
similarity index 100%
rename from roles/debian-base/templates/nrpe.cfg
rename to roles/debian/templates/nrpe.cfg
diff --git a/roles/debian-guest/templates/nslcd.conf b/roles/debian/templates/nslcd.conf
similarity index 100%
rename from roles/debian-guest/templates/nslcd.conf
rename to roles/debian/templates/nslcd.conf
diff --git a/roles/debian-base/templates/resolv.conf b/roles/debian/templates/resolv.conf
similarity index 100%
rename from roles/debian-base/templates/resolv.conf
rename to roles/debian/templates/resolv.conf
diff --git a/roles/debian-guest/templates/sudoers b/roles/debian/templates/sudoers
similarity index 100%
rename from roles/debian-guest/templates/sudoers
rename to roles/debian/templates/sudoers