diff --git a/ansible/training/lessons/.gitignore b/ansible/training/lessons/.gitignore
new file mode 100644
index 0000000..1cda54b
--- /dev/null
+++ b/ansible/training/lessons/.gitignore
@@ -0,0 +1 @@
+*.yml
diff --git a/ansible/training/lessons/1-intro.md b/ansible/training/lessons/1-intro.md
index fb5ac2f..12994eb 100644
--- a/ansible/training/lessons/1-intro.md
+++ b/ansible/training/lessons/1-intro.md
@@ -35,13 +35,12 @@ Check if ansible is correctly installed (and the version you have):
 ansible --version
 ```
 ```
-ansible 2.7.7
-  config file = /etc/ansible/ansible.cfg
+ansible 2.10.8
+  config file = None
   configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
   ansible python module location = /usr/lib/python3/dist-packages/ansible
   executable location = /usr/bin/ansible
-  python version = 3.7.3 (default, Jul 25 2020, 13:03:44) [GCC 8.3.0]
-
+  python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
 ```
 
 ## Ad-hoc ping
@@ -68,7 +67,7 @@ ansible localhost -m shell -a "hostname"
 Result:
 ```
 localhost | CHANGED | rc=0 >>
-ansible101
+isen-x
 
 ```
 Q: what command can you use to get the IP of your machine?
diff --git a/ansible/training/lessons/2-inventory.md b/ansible/training/lessons/2-inventory.md
index 94170d7..39fc0d6 100644
--- a/ansible/training/lessons/2-inventory.md
+++ b/ansible/training/lessons/2-inventory.md
@@ -7,11 +7,13 @@ But ansible can be used to manage multiple systems that you have in your infrast
 To do so, we must tell ansible which servers compose our infrastructure. This is done thanks to an `inventory` file.
 The default `inventory` file for ansible is located in `/etc/ansible/hosts`.
 
+For now, your inventory is empty, so you can create one:
+
 ```
-cat /etc/ansible/hosts
+mkdir -p /etc/ansible/
+touch /etc/ansible/hosts
 ```
 
-It's empty by default (not really empty, but everything is commented).
 With an empty `inventory` like that, ansible only knows about `localhost`.
 
 
diff --git a/ansible/training/lessons/cipher.sh b/ansible/training/lessons/cipher.sh
new file mode 100755
index 0000000..31375d9
--- /dev/null
+++ b/ansible/training/lessons/cipher.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+find . -name '*.yml' | while read f ; do
+  echo "Ciiphering $f"
+  cat $f | gpg -e -r arnaud@mailops.fr -r arnaud.choupinette@mailops.fr -r arnaud.morin@gmail.com > $f.gpg
+done
diff --git a/ansible/training/lessons/play.yml.gpg b/ansible/training/lessons/play.yml.gpg
new file mode 100644
index 0000000..d9ebcf7
Binary files /dev/null and b/ansible/training/lessons/play.yml.gpg differ
diff --git a/ansible/training/lessons/roles/demo-flask/tasks/main.yml.gpg b/ansible/training/lessons/roles/demo-flask/tasks/main.yml.gpg
new file mode 100644
index 0000000..b1e9a4b
Binary files /dev/null and b/ansible/training/lessons/roles/demo-flask/tasks/main.yml.gpg differ
diff --git a/ansible/training/lessons/roles/proxy/defaults/main.yml.gpg b/ansible/training/lessons/roles/proxy/defaults/main.yml.gpg
new file mode 100644
index 0000000..2abef70
Binary files /dev/null and b/ansible/training/lessons/roles/proxy/defaults/main.yml.gpg differ
diff --git a/ansible/training/lessons/roles/proxy/handlers/main.yml.gpg b/ansible/training/lessons/roles/proxy/handlers/main.yml.gpg
new file mode 100644
index 0000000..940e29d
Binary files /dev/null and b/ansible/training/lessons/roles/proxy/handlers/main.yml.gpg differ
diff --git a/ansible/training/lessons/roles/proxy/tasks/main.yml.gpg b/ansible/training/lessons/roles/proxy/tasks/main.yml.gpg
new file mode 100644
index 0000000..78f85b4
Binary files /dev/null and b/ansible/training/lessons/roles/proxy/tasks/main.yml.gpg differ
diff --git a/ansible/training/lessons/roles/proxy/templates/proxy.j2 b/ansible/training/lessons/roles/proxy/templates/proxy.j2
new file mode 100644
index 0000000..5bb5091
--- /dev/null
+++ b/ansible/training/lessons/roles/proxy/templates/proxy.j2
@@ -0,0 +1,11 @@
+server {
+        listen {{src_port}};
+        listen [::]:{{src_port}};
+
+        access_log /var/log/nginx/reverse-access.log;
+        error_log /var/log/nginx/reverse-error.log;
+
+        location / {
+                    proxy_pass http://127.0.0.2:{{dst_port}};
+  }
+}
diff --git a/ansible/training/lessons/uncipher.sh b/ansible/training/lessons/uncipher.sh
new file mode 100755
index 0000000..5373645
--- /dev/null
+++ b/ansible/training/lessons/uncipher.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+find . -name '*.gpg' | while read f ; do
+  echo "Unciphering $f"
+  n=${f%.gpg}
+  cat $f | gpg -d > $n
+done