diff --git a/tasks/main.yml b/tasks/main.yml
index db362f3..55c505b 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,135 +1,140 @@
 ---
-- name: Include vars for {{ ansible_os_family }}
-  include_vars: "{{ ansible_os_family }}_{{ ansible_distribution_major_version }}.yml"
+- name: Openvpn Server setup
+  block:
+  - name: Include vars for {{ ansible_os_family }}
+    include_vars: "{{ ansible_os_family }}_{{ ansible_distribution_major_version }}.yml"
 
-- name: Install packages for openvpn
-  package:
-    name: "{{ openvpn_packages }}"
-    state: present
-    update_cache: yes
+  - name: Install packages for openvpn
+    package:
+      name: "{{ openvpn_packages }}"
+      state: present
+      update_cache: yes
 
-- name: Install OpenVSwitch
-  include_role:
-    name: openvswitch
-  when:
-    - openvpn_bridge_type == "ovs"
+  - name: Install OpenVSwitch
+    include_role:
+      name: openvswitch
+    when:
+      - openvpn_bridge_type == "ovs"
 
-#- openvswitch_bridge:
-#    bridge: "{{ openvpn_bridge }}"
-#    parent: "{{ openvpn_bridgemaster }}"
-#    vlan: "{{ openvpn_vlan }}"
-#    state: present
-#  when:
-#    - openvpn_bridge_type == "ovs"
+#  - openvswitch_bridge:
+#      bridge: "{{ openvpn_bridge }}"
+#      parent: "{{ openvpn_bridgemaster }}"
+#      vlan: "{{ openvpn_vlan }}"
+#      state: present
+#    when:
+#      - openvpn_bridge_type == "ovs"
 
 # Doesn't work !!
-#- name: try nmcli add bridge - conn_name only & ip4 gw4 mode
-#  nmcli:
-#    type: bridge
-#    conn_name: '{{ openvpn_bridge }}'
-#    ip4: '{{ openvpn_bridge_ip }}/24'
-#    state: present
-#  when:
-#    - openvpn_bridge_type == "bridge"
+#  - name: try nmcli add bridge - conn_name only & ip4 gw4 mode
+#    nmcli:
+#      type: bridge
+#      conn_name: '{{ openvpn_bridge }}'
+#      ip4: '{{ openvpn_bridge_ip }}/24'
+#      state: present
+#    when:
+#      - openvpn_bridge_type == "bridge"
 
-- name: Make server config directory
-  file:
-    path: /etc/openvpn/server
-    state: directory
-    owner: root
-    group: root
-    mode: 0750
+  - name: Make server config directory
+    file:
+      path: /etc/openvpn/server
+      state: directory
+      owner: root
+      group: root
+      mode: 0750
 
-- name: Install vpn-up.sh script
-  template:
-    src: etc/openvpn/server/vpn-up-down.sh.j2
-    dest: /etc/openvpn/server/vpn-up.sh
-    owner: root
-    group: root
-    mode: 0755
-- name: Install vpn-down.sh link
-  file:
-    src: vpn-up.sh
-    dest: /etc/openvpn/server/vpn-down.sh
-    state: link
-    force: yes
-# setsebool openvpn_run_unconfined on
-- name: Set boolean selinux flag for scripts
-  seboolean:
-    name: openvpn_run_unconfined
-    state: yes
-    persistent: yes
-# chcon -t openvpn_unconfined_script_exec_t vpn-up.sh
-- name: Set selinux context to vpn-up.sh script
-  sefcontext:
-    target: '/etc/openvpn/server/vpn-up.sh'
-    setype: openvpn_unconfined_script_exec_t
-    state: present
+  - name: Install vpn-up.sh script
+    template:
+      src: etc/openvpn/server/vpn-up-down.sh.j2
+      dest: /etc/openvpn/server/vpn-up.sh
+      owner: root
+      group: root
+      mode: 0755
+  - name: Install vpn-down.sh link
+    file:
+      src: vpn-up.sh
+      dest: /etc/openvpn/server/vpn-down.sh
+      state: link
+      force: yes
+  # setsebool openvpn_run_unconfined on
+  - name: Set boolean selinux flag for scripts
+    seboolean:
+      name: openvpn_run_unconfined
+      state: yes
+      persistent: yes
+  # chcon -t openvpn_unconfined_script_exec_t vpn-up.sh
+  - name: Set selinux context to vpn-up.sh script
+    sefcontext:
+      target: '/etc/openvpn/server/vpn-up.sh'
+      setype: openvpn_unconfined_script_exec_t
+      state: present
 
-# openssl pkcs12 -in PFXFILE -cacerts -nokeys -out ca.pem
-# openssl pkcs12 -in PFXFILE -nokeys -clcerts -out cert.pem
-# openssl pkcs12 -in PFXFILE -nocerts -nodes -out key.pem
-# openssl dhparam -out dh2048.pem 2048
-# source vars
-# ./pkitool Client1
+  # openssl pkcs12 -in PFXFILE -cacerts -nokeys -out ca.pem
+  # openssl pkcs12 -in PFXFILE -nokeys -clcerts -out cert.pem
+  # openssl pkcs12 -in PFXFILE -nocerts -nodes -out key.pem
+  # openssl dhparam -out dh2048.pem 2048
+  # source vars
+  # ./pkitool Client1
 
-# Need more step to generate certificat files
-- name: Install Certificat files
-  copy:
-    src: etc/openvpn/server/easy-rsa/2.0/keys/{{ item }}
-    dest: /etc/openvpn/server/{{ item }}
-    owner: root
-    group: root
-    mode: 0600
-  with_items:
-    - ca.crt
-    - dh2048.pem
-    - server.crt
-    - server.key
-    - ta.key
+  # Need more step to generate certificat files
+  - name: Install Certificat files
+    copy:
+      src: etc/openvpn/server/easy-rsa/2.0/keys/{{ item }}
+      dest: /etc/openvpn/server/{{ item }}
+      owner: root
+      group: root
+      mode: 0600
+    with_items:
+      - ca.crt
+      - dh2048.pem
+      - server.crt
+      - server.key
+      - ta.key
 
-- name: Install openvpn configuration files
-  template:
-    src: etc/openvpn/server/config.conf.j2
-    dest: /etc/openvpn/server/{{ openvpn_vpn_name }}.{{ item.proto }}.conf
-    owner: root
-    group: root
-    mode: 0644
-  with_items:
-    - '{{ openvpn_subnets }}'
-  notify: Restart openvpn-server-{{ item.proto }}
+  - name: Install openvpn configuration files
+    template:
+      src: etc/openvpn/server/config.conf.j2
+      dest: /etc/openvpn/server/{{ openvpn_vpn_name }}.{{ item.proto }}.conf
+      owner: root
+      group: root
+      mode: 0644
+    with_items:
+      - '{{ openvpn_subnets }}'
+    notify: Restart openvpn-server-{{ item.proto }}
 
-- name: Enable openvpn services
-  service:
-    name: "openvpn-server@{{ openvpn_vpn_name }}.{{ item.proto }}"
-    enabled: yes
-  with_items:
-    - '{{ openvpn_subnets }}'
+  - name: Enable openvpn services
+    service:
+      name: "openvpn-server@{{ openvpn_vpn_name }}.{{ item.proto }}"
+      enabled: yes
+    with_items:
+      - '{{ openvpn_subnets }}'
 
-- name: Install Personnal OpenVPN config file for firewalld
-  template:
-    src: etc/firewalld/services/openvpn.xml
-    dest: /etc/firewalld/services/openvpn-{{ openvpn_vpn_name | regex_replace('\.','_') }}.xml
-    owner: root
-    group: root
-    mode: 0644
-  register: result
+  - name: Install Personnal OpenVPN config file for firewalld
+    template:
+      src: etc/firewalld/services/openvpn.xml
+      dest: /etc/firewalld/services/openvpn-{{ openvpn_vpn_name | regex_replace('\.','_') }}.xml
+      owner: root
+      group: root
+      mode: 0644
+    register: result
 
-- name: reload firewalld to refresh service list
-  command: firewall-cmd --reload
-  when: result is changed
+  - name: reload firewalld to refresh service list
+    command: firewall-cmd --reload
+    when: result is changed
 
-- name: Open Firewalld
-  firewalld:
-    service: openvpn-{{ openvpn_vpn_name | regex_replace('\.','_') }}
-    permanent: true
-    state: enabled
-    immediate: true
+  - name: Open Firewalld
+    firewalld:
+      service: openvpn-{{ openvpn_vpn_name | regex_replace('\.','_') }}
+      permanent: true
+      state: enabled
+      immediate: true
 
-# firewall-cmd --reload
-# firewall-cmd --add-service openvpn --permanent
-# firewall-cmd --add-service openvpn-tcp --permanent
-# firewall-cmd --zone=external --change-interface=eth0
-# firewall-cmd --add-service=openvpn --zone=external --permanent
-# firewall-cmd --add-service=openvpn-tcp --zone=external --permanent
+  # firewall-cmd --reload
+  # firewall-cmd --add-service openvpn --permanent
+  # firewall-cmd --add-service openvpn-tcp --permanent
+  # firewall-cmd --zone=external --change-interface=eth0
+  # firewall-cmd --add-service=openvpn --zone=external --permanent
+  # firewall-cmd --add-service=openvpn-tcp --zone=external --permanent
 
+  tags:
+    - openvpn
+    - openvpn-server
diff --git a/vars/RedHat_8.yml b/vars/RedHat_8.yml
new file mode 100644
index 0000000..0f0da32
--- /dev/null
+++ b/vars/RedHat_8.yml
@@ -0,0 +1,6 @@
+---
+openvpn_packages:
+  - openvpn
+  - python3-libsemanage
+  - python3-policycoreutils
+#  - NetworkManager-libnm