diff --git a/hardening.yml b/hardening.yml
index b14cc96..38d2980 100644
--- a/hardening.yml
+++ b/hardening.yml
@@ -1,4 +1,4 @@
-- hosts: test
+- hosts: monitoring
   # vars:
   become: true
   gather_facts: true
@@ -7,7 +7,45 @@
 
     - name: Set hostname
       ansible.builtin.hostname:
-        name: "{{ ansible_hostname }}"
+        name: "{{ inventory_hostname }}"
+
+    - name: Check for Netbird Installation
+      ansible.builtin.shell:
+        cmd: netbird version
+      ignore_errors: true
+      register: netbird_installed
+
+    - name: Install Netbird first to have private network
+      block:
+        - name: Add key Netbird
+          become: true
+          ansible.builtin.shell: curl -sSL https://pkgs.netbird.io/debian/public.key | sudo gpg --dearmor --output /usr/share/keyrings/netbird-archive-keyring.gpg
+
+        - name: mode file for netbird key
+          ansible.builtin.file:
+            path: /usr/share/keyrings/netbird-archive-keyring.gpg
+            state: file
+            mode: 0644
+
+        - name: somerepo | apt source
+          ansible.builtin.apt_repository:
+            repo: "deb [signed-by=/usr/share/keyrings/netbird-archive-keyring.gpg] https://pkgs.netbird.io/debian stable main"
+            state: present
+
+        - name: Install netbird
+          ansible.builtin.apt:
+            name: "netbird"
+            state: present
+            update_cache: true
+
+        - name: Start Netbird
+          become: true
+          ansible.builtin.shell: netbird up --setup-key="{{ netbird_setup_key }}"
+      when: netbird_installed.rc != 0
+
+# curl -sSL https://pkgs.netbird.io/debian/public.key | sudo gpg --dearmor --output /usr/share/keyrings/netbird-archive-keyring.gpg
+# chmod 0644 /usr/share/keyrings/netbird-archive-keyring.gpg
+# # echo 'deb [signed-by=/usr/share/keyrings/netbird-archive-keyring.gpg] https://pkgs.netbird.io/debian stable main' | sudo tee /etc/apt/sources.list.d/netbird.list
 
     - name: Create node_exporter cert dir
       file:
@@ -29,7 +67,7 @@
       community.crypto.openssl_csr:
         path: /etc/node_exporter/tls.csr
         privatekey_path: /etc/node_exporter/tls.key
-        common_name: "{{ ansible_hostname }}.netbird.cloud"
+        common_name: "{{ inventory_hostname }}.netbird.cloud"
 
     - name: Generate a Self Signed OpenSSL certificate
       community.crypto.x509_certificate:
@@ -43,22 +81,22 @@
 # chmod go+r /usr/share/keyrings/netbird-archive-keyring.gpg for error:
 #||-----> GPG error: https://pkgs.netbird.io/debian stable InRelease: The following signatures couldn't be verified because the public key is not available
 
-  roles:
-    - robertdebock.update
-    - devsec.hardening.os_hardening
-    - devsec.hardening.ssh_hardening
-    - maxlareo.rkhunter
-    - maxlareo.chkrootkit
-    - robertdebock.auditd
-    - geerlingguy.firewall
-    - grog.management-user
-    - GROG.user
-    - GROG.authorized-key
-    - GROG.sudo
-    - ansible_unattended_upgrades
-    - dominion_solutions.netbird.netbird
-    - buluma.lynis
+  # roles:
+    # - robertdebock.update
+    # - devsec.hardening.os_hardening
+    # - devsec.hardening.ssh_hardening
+    # - maxlareo.rkhunter
+    # - maxlareo.chkrootkit
+    # - robertdebock.auditd
+    # - geerlingguy.firewall
+    # - grog.management-user
+    # - GROG.user
+    # - GROG.authorized-key
+    # - GROG.sudo
+    # - ansible_unattended_upgrades
+    # - buluma.lynis
   tasks:
+
     - name: Retrieve private IP address netbird
       ansible.builtin.gather_facts:
 
@@ -67,6 +105,7 @@
        host_interfaces: "{{ host_interfaces +  [item]}}"
       vars:
         host_interfaces: []
+      when: ansible_facts[item].ipv4.address is defined 
       loop: "{{ ansible_facts.interfaces }}"
 
     - name: Set host_private_address
@@ -83,25 +122,12 @@
     #   when: group_names is search("monitoring") 
 
     - ansible.builtin.import_role: 
-      name: prometheus.prometheus.node_exporter
+        name: prometheus.prometheus.node_exporter
 
     - ansible.builtin.import_role: 
-      name: prometheus.prometheus.prometheus
+        name: prometheus.prometheus.prometheus
       when: group_names is search("monitoring") 
 
-
-    # - name: "Include labocbz.install_grafana"
-    #   tags:
-    #     - test
-    #   vars:
-    #     install_grafana__protocol: "https"
-    #     install_grafana__http_addr: "{{ host_private_address }}"
-    #     install_grafana__domain: "{{ ansible_hostname }}.netbird.cloud"
-    #     inv_install_grafana__cert_file: /etc/node_exporter/tls.cert
-    #     inv_install_grafana__cert_key: /etc/node_exporter/tls.key
-
-    #   ansible.builtin.include_role:
-    #     name: ansible-role-labocbz-install-grafana
-
-    # - prometheus.prometheus.node_exporter
-# https://galaxy.ansible.com/ui/repo/published/prometheus/prometheus/content/role/node_exporter/
\ No newline at end of file
+    - ansible.builtin.import_role: 
+        name: ansible-role-labocbz-install-grafana
+      when: group_names is search("monitoring") 
diff --git a/host_vars/ovh01.yml b/host_vars/ovh01.yml
index fbe1865..05086e6 100644
--- a/host_vars/ovh01.yml
+++ b/host_vars/ovh01.yml
@@ -57,6 +57,14 @@ prometheus_scrape_configs:
     static_configs:
       - targets:
           - "{{ ansible_hostname }}.netbird.cloud:9100"
+  - job_name: "node2"  
+    scheme: https  # Custom scrape job, here using `static_config`
+    metrics_path: "/metrics"
+    tls_config:
+      ca_file: "/etc/node_exporter/tls_scaleway.cert"
+    static_configs:
+      - targets:
+          - "scaleway.netbird.cloud:9100"
           # - "{{ host_private_address }}:9100"
   - job_name: "git"  
     scheme: https  # Custom scrape job, here using `static_config`
diff --git a/host_vars/scaleway_fr.yml b/host_vars/scaleway.yml
similarity index 99%
rename from host_vars/scaleway_fr.yml
rename to host_vars/scaleway.yml
index 91981f6..f27334f 100644
--- a/host_vars/scaleway_fr.yml
+++ b/host_vars/scaleway.yml
@@ -1,5 +1,25 @@
 ---
 
+
+#* NETBIRD 
+
+netbird_setup_key: F234BD1F-385B-4BEA-8234-608CCB1062ED
+netbird_register: true
+
+#* TLS 
+
+node_exporter_tls_server_config:
+  cert_file: /etc/node_exporter/tls.cert
+  key_file: /etc/node_exporter/tls.key
+
+#* NODE_EXPORTER
+
+# node_exporter_basic_auth_users:
+#   randomuser: examplepassword
+node_exporter_web_listen_address: "{{ host_private_address }}:9100"
+
+
+
   ########
   # USER #
   ########
diff --git a/host_vars/test.yml b/host_vars/ubuntu.yml
similarity index 100%
rename from host_vars/test.yml
rename to host_vars/ubuntu.yml
diff --git a/hosts b/hosts
index 8518bdc..72e04ee 100644
--- a/hosts
+++ b/hosts
@@ -11,14 +11,14 @@ ovh01 ansible_host=5.135.181.11 ansible_user=stephane
 scaleway_fr ansible_host=163.172.84.28 ansible_user=stephane
 
 [controller]
-scaleway_fr ansible_host=163.172.84.28 ansible_user=stephane
+scaleway ansible_host=163.172.84.28 ansible_user=stephane
 
 [monitoring]
 ovh01 ansible_host=5.135.181.11 ansible_user=stephane
-ubuntu ansible_host=192.168.0.21 ansible_user=vagrant ansible_password=vagrant
+; ubuntu ansible_host=192.168.0.22 ansible_user=vagrant ansible_password=vagrant
 
 [test]
-ubuntu ansible_host=192.168.0.21 ansible_user=vagrant ansible_password=vagrant
+ubuntu ansible_host=192.168.0.22 ansible_user=vagrant ansible_password=vagrant
 
 ; # TO KNOW WHOIS CHISEL SERVER
 ; [server]
diff --git a/requirements.yml b/requirements.yml
index d7b9287..7021dc3 100644
--- a/requirements.yml
+++ b/requirements.yml
@@ -1,6 +1,5 @@
 collections:
   - name: devsec.hardening
-  - name: dominion_solutions.netbird
   - name: prometheus.prometheus
   - name: community.crypto
   - name: ansible.utils