diff --git a/inventory/desktops.yml b/inventory/desktops.yml
index a77073f..f8532be 100644
--- a/inventory/desktops.yml
+++ b/inventory/desktops.yml
@@ -7,24 +7,17 @@ desktops:
     ohm:
 
   vars:
-    sshd:
-      port: 22
+    sshd_port: 22
+    sshd_sign_host_keys: false
+    sshd_auth_password_authentication: "yes"
 
-      auth:
-        permit_root_login: "no"
-        password_authentication: "yes"
-        trusted_ca: true
-
-      sign_host_keys: false
-
-    flatpak:
-      apps:
-        - com.chatterino.chatterino
-        - com.discordapp.Discord
-        - com.spotify.Client
-        # - net.ankiweb.Anki
-        - org.gnome.DejaDup
-        - org.mozilla.Thunderbird
-        # - org.raspberrypi.rpi-imager
-        - org.telegram.desktop
-        # - org.x.Warpinator
+    flatpak_apps:
+      - com.chatterino.chatterino
+      - com.discordapp.Discord
+      - com.spotify.Client
+      # - net.ankiweb.Anki
+      - org.gnome.DejaDup
+      - org.mozilla.Thunderbird
+      # - org.raspberrypi.rpi-imager
+      - org.telegram.desktop
+      # - org.x.Warpinator
diff --git a/inventory/servers.yml b/inventory/servers.yml
index 0b20909..90c51e9 100644
--- a/inventory/servers.yml
+++ b/inventory/servers.yml
@@ -3,12 +3,4 @@ servers:
   hosts:
     poincare:
     maxwell:
-      sshd:
-        port: 6969
-
-        auth:
-          permit_root_login: "no"
-          password_authentication: "no"
-          trusted_ca: true
-
-        sign_host_keys: true
+      sshd_port: 6969
diff --git a/roles/system/flatpak/defaults/main.yml b/roles/system/flatpak/defaults/main.yml
index 65a3fa2..0489ac3 100644
--- a/roles/system/flatpak/defaults/main.yml
+++ b/roles/system/flatpak/defaults/main.yml
@@ -1,3 +1,2 @@
 ---
-flatpak:
-  apps: []
+flatpak_apps: []
diff --git a/roles/system/flatpak/tasks/main.yml b/roles/system/flatpak/tasks/main.yml
index 08bc744..75e5a0b 100644
--- a/roles/system/flatpak/tasks/main.yml
+++ b/roles/system/flatpak/tasks/main.yml
@@ -11,5 +11,5 @@
   community.general.packaging.os.flatpak:
     name: "{{ item }}"
     state: present
-  loop: "{{ flatpak.apps }}"
-  when: flatpak.apps
+  loop: "{{ flatpak_apps }}"
+  when: flatpak_apps
diff --git a/roles/system/sshd/defaults/main.yml b/roles/system/sshd/defaults/main.yml
index f353109..42abf2e 100644
--- a/roles/system/sshd/defaults/main.yml
+++ b/roles/system/sshd/defaults/main.yml
@@ -1,10 +1,7 @@
 ---
-sshd:
-  port: 10022
+sshd_port: 10022
+sshd_sign_host_keys: true
 
-  auth:
-    permit_root_login: "no"
-    password_authentication: "no"
-    trusted_ca: true
-
-  sign_host_keys: true
+sshd_auth_permit_root_login: "no"
+sshd_auth_password_authentication: "no"
+sshd_auth_trusted_ca: true
diff --git a/roles/system/sshd/tasks/main.yml b/roles/system/sshd/tasks/main.yml
index 24d3e5e..b9144d1 100644
--- a/roles/system/sshd/tasks/main.yml
+++ b/roles/system/sshd/tasks/main.yml
@@ -29,4 +29,4 @@
 
 - name: Set trusted CA
   ansible.builtin.include_tasks: trusted_ca.yml
-  when: sshd.auth.trusted_ca
+  when: sshd_auth_trusted_ca
diff --git a/roles/system/sshd/templates/10-harden.conf b/roles/system/sshd/templates/10-harden.conf
index 9369da9..1b24217 100644
--- a/roles/system/sshd/templates/10-harden.conf
+++ b/roles/system/sshd/templates/10-harden.conf
@@ -1,6 +1,6 @@
 # Port
-Port {{ sshd.port }}
+Port {{ sshd_port }}
 
 # Auth
-PermitRootLogin {{ sshd.auth.permit_root_login }}
-PasswordAuthentication {{ sshd.auth.password_authentication }}
+PermitRootLogin {{ sshd_auth_permit_root_login }}
+PasswordAuthentication {{ sshd_auth_password_authentication }}