diff --git a/group_vars/nas/vars.yml b/group_vars/nas/vars.yml
index 1f7bfe2..a31419e 100644
--- a/group_vars/nas/vars.yml
+++ b/group_vars/nas/vars.yml
@@ -1,14 +1,8 @@
 raid_uuid: '4d184875-19eb-4923-9b79-bf669c1f7978'
-
 lambroek_password: "{{ vault_lambroek_password }}"
-
 s3_access_key_id: "{{ vault_s3_access_key_id }}"
 s3_secret_access_key: "{{ vault_s3_secret_access_key }}"
-rclone_obf_pass: "{{ vault_rclone_obf_pass }}"
-rclone_obf_pass2: "{{ vault_rclone_obf_pass2 }}"
-
+rclone_photos_obf_pass: "{{ vault_rclone_photos_obf_pass }}"
+rclone_photos_obf_pass2: "{{ vault_rclone_photos_obf_pass2 }}"
 lander_commit_sha: 'e438bd045ca2ee64e3d9ab98f416027b5417c3f6'
 lander_api_key: "{{ vault_lander_api_key }}"
-
-restic_rest_version: '0.12.1'
-restic_version: '0.16.2'
diff --git a/group_vars/nas/vault.yml b/group_vars/nas/vault.yml
index 393c6c6..012369d 100644
--- a/group_vars/nas/vault.yml
+++ b/group_vars/nas/vault.yml
@@ -1,32 +1,33 @@
 $ANSIBLE_VAULT;1.1;AES256
-37346237633132376331343965346531353137643430376563323237353761313035396634316464
-6562336662656266636466626531373834653832353331630a653962656431373932363937396438
-65663735326331323333396336653933373633383530386463346435316466393664383630393065
-6366326463306435340a616263613366333536626239636239393364333363346630666430393163
-65613063383539323339636262353462343439656135333130396134326433356333623366333638
-38653939306564633865303032666337616436666264656432346339386361666161333034376632
-34363035333431343035643635663839326130396465653066323639333833663761313565393537
-31363861646630633032643838636663396235336265316161353036623539356534646530323534
-65313863333233383461383165383534386435633130633864363038353932636631376461663763
-35626364636633303738346161393161356333306630386438626534356336646531336164396537
-63613434366232333738326166303237353831666137386134346562663766656536373431343630
-66363666353432306539383035356636303635636639646537663362656235373236393866383364
-30333261646661393566373833613336316533336632613663383061613431376337376234666636
-34393864313462303937366136333662386465653839356563653236663632376531363663343963
-61333966323661383364363733373062373230363664356661306134393061386464393763633433
-35333330616234656531306431306566663131663932303231613665363030313733326337313635
-32666539306638333763623161303730613663366630326562303731343064376634373264323337
-66353161376537333461613438316662623138393835666539303030656134373664663537373462
-36303833333831626632633337393562336538633465326537653431386162346165356465393837
-66393161383639643638366336356139323533393932646333373631366566626537313536346664
-64343064373432326633393263623365323561386261633161313638656539363434393332353736
-38633537653730333837303766353338383433626331623937313136326561623730346361623336
-65303961626230363634653333396566333735323132336165623734363165366137663765663636
-65316431363666653738623838663831343433333939616162366337346135336631333661643865
-38613536373837393664336133333934303166356365346563643265326136353838316336666664
-35376138326431343661316264626665343366613335383062366331373634626133626163333361
-61366262633965323165336663633963626633656236666239346434396439393461336230663366
-31393135663433313933613862353962333664653962653562303832616334663334356562646133
-64303761363833316464363237366238376230386236636265363339666332613238353865646537
-34333333336631393033353532366333376465643362326438396138383861646463363462396164
-343064393363653934613861366638616461
+65316664376330633730613661343336373835663166343536666632633931623431336664346130
+3030623238313032363964623836316166656165623736390a383233313938343662656634326364
+66333237396532303061646565396132376633386365633665656434363332656637303434646265
+3336666432633037650a373437326532343461666363323763343535386465356436313964306663
+38383732366666663962666462326463626264313965396664303534313863636263323164653162
+65653762356431636231643263303339346536313665346363336231613464396238313266326662
+66346433643134383661366265613739346239356639613032613339393739343738643864356136
+34353366666538346630356566653065363563383938633462333337363962666133386239333236
+38653133316364643536623831306263363063343237393232623930626239316661643862613363
+37336162353063353437363566356133363139646435316663303966363339623865656231393163
+38323062643666343730333032643735643738393063633336303834393733393065356135633236
+65323938306461326138303837626463646131303139386461653763383065316236396334353762
+63343766626362353865306436343937653964386236613062386466626132323264333136313636
+30336338313731613531316531306433393535396538643065626265363832316264376666356461
+36363866633832646234626336633032656566366231626431366232313536383561656534346231
+37373561376361623133383330333262386331336631383961333439656430623162346330323037
+32336366336264323139653861666563393935366663616239353364656264383134386662323439
+34376239373636663764616237613136663630343365333064396665316537366531333131393364
+37353835353332643538323436333331316435343664346164666463396639313736653961373465
+65366634653563396333636333333565633534396463646133666563303139663338343563363535
+33623033316136343837646265633633636662346161373836396264663761353536386463366139
+38343333356439393438653663316438636431373264623134356134633361306636666463396661
+34353166323963613634393032633262313034353166653530613164613036653537633165396337
+63363563356233316335363534326364633433646134303033343830663537313434313833316565
+65643464313230353138393537376137356561653739633934663539376636356339313836356332
+31363730653362613431616563326465353833343165633962663665346337306564333832336364
+32346532366233343566323339393064376461613033386261653064313333346461363733336636
+32386139363865626232353866633866643133313036363637323035613738383635343432396263
+38653430623137343934316231326630323234323237303162643231613961646538376332326630
+63306637303539376534313237323863376131623462626465373231363630616439346533353566
+61343833613466653063346634366133376561336632356465363831366230386330663231353932
+37343634306466663931
diff --git a/hosts.ini b/hosts.ini
index 0d9705f..cd752ae 100644
--- a/hosts.ini
+++ b/hosts.ini
@@ -1,16 +1,2 @@
 [nas]
 192.168.0.3 static_ip=192.168.0.3
-
-[ruby]
-192.168.0.2 static_ip=192.168.0.2
-
-# Caddy reverse proxy host
-[web]
-192.168.0.3 static_ip=192.168.0.3
-
-[lander]
-192.168.0.3 static_ip=192.168.0.3
-
-# Miniflux server host
-[miniflux]
-192.168.0.2 static_ip=192.168.0.2
diff --git a/nas.yml b/nas.yml
index 0eaccc8..60ef4dc 100644
--- a/nas.yml
+++ b/nas.yml
@@ -55,17 +55,3 @@
   roles:
     - lander
   tags: lander
-
-- name: Install Restic REST server
-  hosts: nas
-  become: yes
-  roles:
-    - restic-rest
-  tags: restic-rest
-
-- name: Install Restic
-  hosts: nas
-  become: yes
-  roles:
-    - restic
-  tags: restic
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 90506d4..bb1ea27 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -22,9 +22,6 @@
 
       # Periodic tasks
       - cron
-
-      # General compression tools
-      - bzip2
     state: present
 
 - name: Ensure cron service is enabled
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index ed16ec8..5f20a61 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -26,6 +26,7 @@
       - docker-ce
       - docker-ce-cli
       - containerd.io
+      - docker-compose
       - cron
     state: present
 
diff --git a/roles/lander-web/tasks/main.yml b/roles/lander-web/tasks/main.yml
deleted file mode 100644
index 35d87e5..0000000
--- a/roles/lander-web/tasks/main.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-- name: Ensure Caddyfile is present
-  template:
-    src: 'lander.Caddyfile.j2'
-    dest: '/etc/caddy/lander.Caddyfile'
-    owner: root
-    group: root
-    mode: '0644'
-  notify: caddy-reload
diff --git a/roles/lander-web/templates/lander.Caddyfile.j2 b/roles/lander-web/templates/lander.Caddyfile.j2
deleted file mode 100644
index f379beb..0000000
--- a/roles/lander-web/templates/lander.Caddyfile.j2
+++ /dev/null
@@ -1,3 +0,0 @@
-s.roosens.me {
-    reverse_proxy {{ groups['lander'][0] }}:18080
-}
diff --git a/roles/lander/files/lander.Caddyfile b/roles/lander/files/lander.Caddyfile
new file mode 100644
index 0000000..fd99453
--- /dev/null
+++ b/roles/lander/files/lander.Caddyfile
@@ -0,0 +1,3 @@
+s.roosens.me {
+    reverse_proxy localhost:18080
+}
diff --git a/roles/lander-web/meta/main.yml b/roles/lander/meta/main.yml
similarity index 100%
rename from roles/lander-web/meta/main.yml
rename to roles/lander/meta/main.yml
diff --git a/roles/lander/tasks/main.yml b/roles/lander/tasks/main.yml
index f64ed46..f4103fa 100644
--- a/roles/lander/tasks/main.yml
+++ b/roles/lander/tasks/main.yml
@@ -67,3 +67,12 @@
     name: 'lander'
     state: started
     enabled: true
+
+- name: Ensure Caddyfile is present
+  copy:
+    src: 'lander.Caddyfile'
+    dest: '/etc/caddy/lander.Caddyfile'
+    owner: root
+    group: root
+    mode: '0644'
+  notify: caddy-reload
diff --git a/roles/miniflux-web/meta/main.yml b/roles/miniflux-web/meta/main.yml
deleted file mode 100644
index 1dbd0f6..0000000
--- a/roles/miniflux-web/meta/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-dependencies:
-  - role: caddy
diff --git a/roles/miniflux-web/tasks/main.yml b/roles/miniflux-web/tasks/main.yml
deleted file mode 100644
index b1059a9..0000000
--- a/roles/miniflux-web/tasks/main.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-- name: Ensure Caddyfile is present
-  template:
-    src: 'miniflux.Caddyfile.j2'
-    dest: '/etc/caddy/miniflux.Caddyfile'
-    owner: root
-    group: root
-    mode: '0644'
-  notify: caddy-reload
diff --git a/roles/miniflux-web/templates/miniflux.Caddyfile.j2 b/roles/miniflux-web/templates/miniflux.Caddyfile.j2
deleted file mode 100644
index 45f0583..0000000
--- a/roles/miniflux-web/templates/miniflux.Caddyfile.j2
+++ /dev/null
@@ -1,3 +0,0 @@
-nws.roosens.me {
-    reverse_proxy {{ groups['miniflux'][0] }}:8080
-}
diff --git a/roles/mount-nfs/tasks/main.yml b/roles/mount-nfs/tasks/main.yml
new file mode 100644
index 0000000..f5edcef
--- /dev/null
+++ b/roles/mount-nfs/tasks/main.yml
@@ -0,0 +1,13 @@
+---
+- name: Install NFS client.
+  apt:
+    name: nfs-common
+    state: present
+
+- name: Mount NFS share.
+  ansible.posix.mount:
+    src: {{ hostvars['admin']['ansible_host'] }}:/mnt/data
+    path: /mnt/data
+    fstype: nfs4
+    opts: defaults,user,exec
+    state: mounted
diff --git a/roles/rclone/templates/rclone.conf.j2 b/roles/rclone/templates/rclone.conf.j2
index f11f220..679b602 100644
--- a/roles/rclone/templates/rclone.conf.j2
+++ b/roles/rclone/templates/rclone.conf.j2
@@ -15,11 +15,6 @@ endpoint = https://s3.gra.io.cloud.ovh.net/
 [photos-crypt]
 type = crypt
 remote = ovh-s3:pi-s3/photos
-password = {{ rclone_obf_pass }}
-password2 = {{ rclone_obf_pass2 }}
+password = {{ rclone_photos_obf_pass }}
+password2 = {{ rclone_photos_obf_pass2 }}
 
-[jef-crypt]
-type = crypt
-remote = ovh-s3:pi-s3/jef
-password = {{ rclone_obf_pass }}
-password2 = {{ rclone_obf_pass2 }}
diff --git a/roles/restic-rest/files/restic-rest-server.service b/roles/restic-rest/files/restic-rest-server.service
deleted file mode 100644
index 4b071a6..0000000
--- a/roles/restic-rest/files/restic-rest-server.service
+++ /dev/null
@@ -1,14 +0,0 @@
-[Unit]
-Description=Restic REST server
-After=network.target network-online.target
-Requires=network-online.target
-
-[Service]
-Type=exec
-User=restic
-Group=restic
-ExecStart=/usr/local/bin/restic-rest-server --path /mnt/data1/restic-rest --no-auth
-Restart=always
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/restic-rest/tasks/main.yml b/roles/restic-rest/tasks/main.yml
deleted file mode 100644
index 9f1ea7d..0000000
--- a/roles/restic-rest/tasks/main.yml
+++ /dev/null
@@ -1,69 +0,0 @@
----
-- name: Ensure download directory is present
-  ansible.builtin.file:
-    path: "/home/debian/restic-rest-{{ restic_rest_version }}"
-    state: directory
-    mode: '0755'
-  
-- name: Ensure binary is downloaded
-  ansible.builtin.unarchive:
-    src: "https://github.com/restic/rest-server/releases/download/v{{ restic_rest_version }}/rest-server_{{ restic_rest_version }}_linux_arm64.tar.gz"
-    remote_src: true
-    dest: "/home/debian/restic-rest-{{ restic_rest_version }}"
-    creates: "/home/debian/restic-rest-{{ restic_rest_version }}/rest-server_{{ restic_rest_version }}_linux_arm64/rest-server"
-    include:
-      - "rest-server_{{ restic_rest_version }}_linux_arm64/rest-server"
-  register: res
-
-- name: Ensure binary is copied to correct location
-  ansible.builtin.copy:
-    src: "/home/debian/restic-rest-{{ restic_rest_version }}/rest-server_{{ restic_rest_version }}_linux_arm64/rest-server"
-    remote_src: true
-    dest: '/usr/local/bin/restic-rest-server'
-    owner: 'root'
-    group: 'root'
-    mode: '0755'
-  when: 'res.changed'
-
-- name: Ensure system group exists
-  ansible.builtin.group:
-    name: 'restic'
-    gid: 202
-    system: true
-    state: present
-
-- name: Ensure system user exists
-  ansible.builtin.user:
-    name: 'restic'
-    group: 'restic'
-    uid: 202
-    system: true
-    create_home: false
-
-- name: Ensure data directory is present
-  ansible.builtin.file:
-    path: '/mnt/data1/restic-rest'
-    state: directory
-    mode: '0755'
-    owner: 'restic'
-    group: 'restic'
-
-- name: Ensure service file is present
-  ansible.builtin.copy:
-    src: 'restic-rest-server.service'
-    dest: '/lib/systemd/system/restic-rest-server.service'
-    owner: 'root'
-    group: 'root'
-    mode: '0644'
-  register: res
-
-- name: systemd-reload
-  ansible.builtin.systemd_service:
-    daemon_reload: true
-  when: 'res.changed'
-
-- name: Ensure service is enabled
-  ansible.builtin.service:
-    name: 'restic-rest-server'
-    state: started
-    enabled: true
diff --git a/roles/restic/tasks/main.yml b/roles/restic/tasks/main.yml
deleted file mode 100644
index cf22626..0000000
--- a/roles/restic/tasks/main.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-- name: Ensure download directory is present
-  ansible.builtin.file:
-    path: "/home/debian/restic-{{ restic_version }}"
-    state: directory
-    mode: '0755'
-
-- name: Ensure compressed binary is downloaded
-  ansible.builtin.get_url:
-    url: "https://github.com/restic/restic/releases/download/v{{ restic_version }}/restic_{{ restic_version }}_linux_arm64.bz2"
-    dest: "/home/debian/restic-{{ restic_version }}/restic-{{ restic_version }}.bz2"
-  register: res
-
-- name: Ensure binary is decompressed
-  ansible.builtin.shell:
-    cmd: "bunzip2 -k /home/debian/restic-{{ restic_version }}/restic-{{ restic_version }}.bz2"
-  when: 'res.changed'
-
-- name: Ensure binary is copied to correct location
-  ansible.builtin.copy:
-    src: "/home/debian/restic-{{ restic_version }}/restic-{{ restic_version }}"
-    remote_src: true
-    dest: '/usr/local/bin/restic'
-    owner: 'root'
-    group: 'root'
-    mode: '0755'
-  when: 'res.changed'
diff --git a/roles/samba/files/smb.conf b/roles/samba/files/smb.conf
index e37ac8e..3b9ff1f 100644
--- a/roles/samba/files/smb.conf
+++ b/roles/samba/files/smb.conf
@@ -246,14 +246,8 @@
   writeable = yes
   guest ok = no
 
-[media]
-  path = /mnt/data1/media
+[jellyfin-libraries]
+  path = /mnt/data1/jellyfin/libraries
   browseable = no
   writeable = yes
   guest ok = no
-
-[jef]
-    path = /mnt/data1/jef
-    browseable = no
-    writeable = yes
-    guest ok = no
diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml
index 0fa0b46..60ea3c3 100644
--- a/roles/samba/tasks/main.yml
+++ b/roles/samba/tasks/main.yml
@@ -20,14 +20,6 @@
     shell: /sbin/nologin
   notify: smbpasswd-lambroek
 
-- name: Ensure Jef share directory is present
-  ansible.builtin.file:
-    path: '/mnt/data1/jef'
-    state: 'directory'
-    mode: '0775'
-    owner: 'debian'
-    group: 'data'
-
 - name: Copy over smb config file
   copy:
     src: smb.conf
diff --git a/web.yml b/web.yml
deleted file mode 100644
index 2dd9112..0000000
--- a/web.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-- hosts: web
-  become: yes
-  roles:
-    - lander-web
-  tags: lander
-
-- hosts: web
-  become: yes
-  roles:
-    - miniflux-web
-  tags: miniflux