diff --git a/README.md b/README.md
index 72b7b6f..18a040f 100644
--- a/README.md
+++ b/README.md
@@ -17,6 +17,8 @@
 >    - Extend `ansible/group_vars/all.yml`
 >    - Or add a dedicated `group_vars` file
 >    - Create the `ansible/main.yml` playbook
+>- Github
+>    - Add to `infra-repos/variables.tf`
 
 # Repo Usage
 
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index feeaa6f..5c146d4 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -2,8 +2,11 @@
 # Root password
 bootstrap__root_pass: '{{lookup("bitwarden", "root-pass")}}'
 # Consul
-bootstrap__consul_encryption_key: '{{lookup("bitwarden", "consul/cluster", field="encryption-key")}}'
-bootstarp__consul_agent_acl_token: '{{lookup("bitwarden", "consul/acl-tokens", field="agent-default")}}'
+bootstrap__consul_encryption_key:   '{{lookup("bitwarden", "consul/cluster",    field="encryption-key")}}'
+bootstarp__consul_agent_acl_token:  '{{lookup("bitwarden", "consul/acl-tokens", field="agent-default")}}'
+bootstrap__consul_certs_ca_crt:     '{{lookup("bitwarden", "consul/certs",      file="ca.pem")}}'
+bootstrap__consul_certs_client_crt: '{{lookup("bitwarden", "consul/certs",      file="client.pem")}}'
+bootstrap__consul_certs_client_key: '{{lookup("bitwarden", "consul/certs",      file="client-key.pem")}}'
 # SSHGuard
 bootstrap__sshguard_whitelist_extra: ['{{lookup("bitwarden", "sshguard/whitelist", field="jakubgs-home")}}']
 # Wireguard
diff --git a/ansible/requirements.yml b/ansible/requirements.yml
index c78c988..34ae52d 100644
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@@ -1,30 +1,24 @@
 ---
 - name: infra-role-bootstrap-linux
   src: git@github.com:status-im/infra-role-bootstrap-linux.git
-  version: 50eda0808cceaaad2a5c5cdb4493935f2e3a637d
   scm: git
 
 - name: infra-role-wireguard
   src: git@github.com:status-im/infra-role-wireguard.git
-  version: b711bbabd2dc3d9ce8b1c3a6e5bc785901db9d09
   scm: git
 
 - name: open-ports
   src: git@github.com:status-im/infra-role-open-ports.git
-  version: 24dc30dbdf85e6758cb6924074b2f7a0f4541524
   scm: git
 
 - name: swap-file
   src: git@github.com:status-im/infra-role-swap-file.git
-  version: 3fb0fb8d313ab388df1b38d516e2ff88b72a2cf7
   scm: git
 
 - name: consul-service
   src: git@github.com:status-im/infra-role-consul-service.git
-  version: 2b3d4e53856d6cc91ae5c5a342fd12f2bb96aa88
   scm: git
 
 - name: systemd-timer
   src: git@github.com:status-im/infra-role-systemd-timer.git
-  version: c6bbc3d1b4b0ba603d82fa06cd17297d12523182
   scm: git