diff --git a/envs/vserver-2.ez.soeren.cloud/.terraform.lock.hcl b/envs/vserver-2.ez.soeren.cloud/.terraform.lock.hcl
index 2a8a762..560fa9c 100644
--- a/envs/vserver-2.ez.soeren.cloud/.terraform.lock.hcl
+++ b/envs/vserver-2.ez.soeren.cloud/.terraform.lock.hcl
@@ -1,11 +1,11 @@
-# This file is maintained automatically by "terraform init".
+# This file is maintained automatically by "tofu init".
 # Manual edits may be lost in future updates.
 
-provider "registry.terraform.io/dmacvicar/libvirt" {
+provider "registry.opentofu.org/dmacvicar/libvirt" {
   version     = "0.7.6"
   constraints = "0.7.6"
   hashes = [
-    "h1:mmbm4vTyC/DCGO4Ed/vbp5AKvy1gmVn/94fzB9VmR08=",
+    "h1:h5AOtaYpdnjPPtjKw2PsNmjZ9VmjnAgqXTndl3Mwwug=",
     "zh:0bde54f6f658b20b620b875daf106b5b25b1bae4d15408d6c5f06d58360e254d",
     "zh:0c97c6930015918b8a34b6d7a2b0c3d17a649c226fcd1874fcba5bbbc0f35972",
     "zh:1bdd7aa0011c5f024a09a124836ee9bc8e71b05a6ece810c61824275fd3f695f",
@@ -22,20 +22,3 @@ provider "registry.terraform.io/dmacvicar/libvirt" {
     "zh:f85c1d9e51a94ecde137435c9d6b0fb7be590437ea8a725334d1577eebbc550c",
   ]
 }
-
-provider "registry.terraform.io/hashicorp/template" {
-  version = "2.2.0"
-  hashes = [
-    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
-    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
-    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
-    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
-    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
-    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
-    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
-    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
-    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
-    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
-    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
-  ]
-}
diff --git a/envs/vserver-2.ez.soeren.cloud/main.tf b/envs/vserver-2.ez.soeren.cloud/main.tf
deleted file mode 100644
index d698319..0000000
--- a/envs/vserver-2.ez.soeren.cloud/main.tf
+++ /dev/null
@@ -1,71 +0,0 @@
-resource "libvirt_pool" "default" {
-  name = "default"
-  type = "dir"
-  path = "/var/lib/libvirt/images"
-}
-
-resource "libvirt_network" "bridge" {
-  name      = "bridge"
-  mode      = "bridge"
-  bridge    = "br0"
-  autostart = true
-}
-
-resource "libvirt_volume" "base" {
-  for_each = var.iso_urls
-  name     = "base-${each.key}"
-  source   = each.value
-  format   = "qcow2"
-  pool     = libvirt_pool.default.name
-}
-
-locals {
-  hosts_file = "/home/soeren/src/gitlab/ansible/inventory/prod/group_vars/all/hosts.yml"
-  hosts_yaml = file(local.hosts_file)
-  hosts_data = try(yamldecode(local.hosts_yaml), [])
-
-  ssh_pubkeys = distinct(compact(concat(try([chomp(file(var.ssh_public_key_file))], []), split(",", var.ssh_fallback_public_keys))))
-
-  defined_hosts = flatten([for hosts_key, hosts_value in local.hosts_data : [
-    for datacenter_key, datacenter_values in hosts_value : [
-      for host in datacenter_values : host if lookup(host, "physical", null) != null
-    ] if datacenter_key == var.datacenter
-    ] if hosts_key == "local_hosts"
-  ])
-
-  hosts_macs = {
-    for host in local.defined_hosts :
-    host.host => host.physical
-  }
-
-  domains = {
-    for host in local.hosts_data.local_hosts[var.datacenter] :
-    host.host => host.vm_config
-    if try(host.vm_config.host, "") == var.vm_host && try(host.vm_config.disabled, false) == false
-  }
-
-  mac_domains = { for domain, val in local.domains :
-    domain => merge(val, { "mac" = lookup(val, "mac", null) != null ? val["mac"] : lookup(local.hosts_macs, domain, null) })
-  }
-}
-
-module "domains" {
-  for_each    = local.mac_domains
-  source      = "../../domain-cloudinit"
-  domain_name = each.key
-
-  memory_m        = each.value.memory
-  vcpus           = each.value.vcpus
-  running         = lookup(each.value, "running", true)
-  base_image_id   = try(each.value.create_volume, false) ? libvirt_volume.base[each.value.os].id : null
-  block_devices   = try(each.value.block_devices, [])
-  domain_mac      = each.value.mac
-  create_volume   = try(each.value.create_volume, false)
-  disk_size_bytes = each.value.disk_size_b
-
-  provider_uri    = var.provider_uri
-  ssh_public_keys = local.ssh_pubkeys
-
-  pool_name    = libvirt_pool.default.name
-  network_name = libvirt_network.bridge.name
-}
diff --git a/envs/vserver-2.ez.soeren.cloud/terraform.tfvars b/envs/vserver-2.ez.soeren.cloud/terraform.tfvars
index 605aa32..12992e9 100644
--- a/envs/vserver-2.ez.soeren.cloud/terraform.tfvars
+++ b/envs/vserver-2.ez.soeren.cloud/terraform.tfvars
@@ -5,5 +5,5 @@ datacenter = "ez"
 vm_host    = "vserver-2"
 
 iso_urls = {
-  "debian-12" = "https://cdimage.debian.org/images/cloud/bookworm/20230723-1450/debian-12-generic-amd64-20230723-1450.qcow2"
+  "debian-12" = "https://cloud.debian.org/images/cloud/bookworm/20240901-1857/debian-12-generic-amd64-20240901-1857.qcow2"
 }
diff --git a/envs/vserver-2.ez.soeren.cloud/tf_locals.tf b/envs/vserver-2.ez.soeren.cloud/tf_locals.tf
new file mode 100644
index 0000000..0defdaf
--- /dev/null
+++ b/envs/vserver-2.ez.soeren.cloud/tf_locals.tf
@@ -0,0 +1,29 @@
+locals {
+  hosts_file = "~/src/github/ansible-inventory-prod/group_vars/all/hosts.yml"
+  hosts_yaml = file(local.hosts_file)
+  hosts_data = try(yamldecode(local.hosts_yaml), [])
+
+  ssh_pubkeys = distinct(compact(concat(try([chomp(file(var.ssh_public_key_file))], []), split(",", var.ssh_fallback_public_keys))))
+
+  defined_hosts = flatten([for hosts_key, hosts_value in local.hosts_data : [
+    for datacenter_key, datacenter_values in hosts_value : [
+      for host in datacenter_values : host if lookup(host, "physical", null) != null
+    ] if datacenter_key == var.datacenter
+    ] if hosts_key == "local_hosts"
+  ])
+
+  hosts_macs = {
+    for host in local.defined_hosts :
+    host.host => host.physical
+  }
+
+  domains = {
+    for host in local.hosts_data.local_hosts[var.datacenter] :
+    host.host => host.vm_config
+    if try(host.vm_config.host, "") == var.vm_host && try(host.vm_config.disabled, false) == false
+  }
+
+  mac_domains = { for domain, val in local.domains :
+    domain => merge(val, { "mac" = lookup(val, "mac", null) != null ? val["mac"] : lookup(local.hosts_macs, domain, null) })
+  }
+}
diff --git a/envs/vserver-2.ez.soeren.cloud/tf_main.tf b/envs/vserver-2.ez.soeren.cloud/tf_main.tf
new file mode 100644
index 0000000..767d85d
--- /dev/null
+++ b/envs/vserver-2.ez.soeren.cloud/tf_main.tf
@@ -0,0 +1,40 @@
+resource "libvirt_pool" "default" {
+  name = "default"
+  type = "dir"
+  path = "/var/lib/libvirt/images"
+}
+
+resource "libvirt_network" "bridge" {
+  name      = "bridge"
+  mode      = "bridge"
+  bridge    = "br0"
+  autostart = true
+}
+
+resource "libvirt_volume" "base" {
+  for_each = var.iso_urls
+  name     = "base-${each.key}"
+  source   = each.value
+  format   = "qcow2"
+  pool     = libvirt_pool.default.name
+}
+
+module "domains" {
+  for_each    = local.mac_domains
+  source      = "../../domain-cloudinit"
+  domain_name = each.key
+
+  memory_m        = each.value.memory
+  vcpus           = each.value.vcpus
+  running         = lookup(each.value, "running", true)
+  base_image_id   = try(each.value.create_volume, false) ? libvirt_volume.base[each.value.os].id : null
+  block_devices   = try(each.value.block_devices, [])
+  domain_mac      = each.value.mac
+  create_volume   = try(each.value.create_volume, false)
+  disk_size_bytes = each.value.disk_size_b
+
+  ssh_public_keys = local.ssh_pubkeys
+
+  pool_name    = libvirt_pool.default.name
+  network_name = libvirt_network.bridge.name
+}
diff --git a/envs/vserver-2.ez.soeren.cloud/providers.tf b/envs/vserver-2.ez.soeren.cloud/tf_provider.tf
similarity index 58%
rename from envs/vserver-2.ez.soeren.cloud/providers.tf
rename to envs/vserver-2.ez.soeren.cloud/tf_provider.tf
index 5ef766c..edb3869 100644
--- a/envs/vserver-2.ez.soeren.cloud/providers.tf
+++ b/envs/vserver-2.ez.soeren.cloud/tf_provider.tf
@@ -6,12 +6,6 @@ terraform {
       version = "0.7.6"
     }
   }
-
-  backend "s3" {
-    bucket = "soerenschneider-terraform"
-    key    = "libvirt-prd-vserver-2.ez.soeren.cloud"
-    region = "us-east-1"
-  }
 }
 
 provider "libvirt" {
diff --git a/envs/vserver-2.ez.soeren.cloud/variables.tf b/envs/vserver-2.ez.soeren.cloud/tf_variables.tf
similarity index 100%
rename from envs/vserver-2.ez.soeren.cloud/variables.tf
rename to envs/vserver-2.ez.soeren.cloud/tf_variables.tf