diff --git a/README.md b/README.md
index 4ee8a27..3d990b0 100644
--- a/README.md
+++ b/README.md
@@ -8,7 +8,7 @@ The aim here is to slowly switch all configuration over to using ansible.
 
 Prerequisites:
 
-* a working installation of ansible >= 2.4 such that you have `ansible-playbook` and `ansible-vault` commands available
+* a working installation of ansible >= 2.8 such that you have `ansible-playbook` and `ansible-vault` commands available
 * an account on `yuca.yunity.org` with sudo powers
 * access to the vault password (ask @nicksellen or @tiltec or @NerdyProjects)
 
@@ -126,4 +126,4 @@ It should say `hello`.
 curl -k -H 'Host: dev.karrot.world' https://localhost:8443/api/
 ```
 
-It should return JSON.
\ No newline at end of file
+It should return JSON.
diff --git a/playbooks/foodsharing-taiwan/secrets.vars.yml b/playbooks/foodsharing-taiwan/secrets.vars.yml
index 642a5f1..69f1ed4 100644
--- a/playbooks/foodsharing-taiwan/secrets.vars.yml
+++ b/playbooks/foodsharing-taiwan/secrets.vars.yml
@@ -1,25 +1,26 @@
 $ANSIBLE_VAULT;1.1;AES256
-37616362383732383265616637343036306536346439363965346361666462333337363631343630
-3734613266326435633633333839353333323564393834380a653865626162663631383263356532
-35306461313266396638323031303237383665333839363336323434313565633066353930376366
-3261643761336463360a356631303765363162313034313132376432306530663230323064633065
-64303132613131623566363032396539646662623833646262366236343232663233666466343366
-61643530373064303561633435313430346239383461353336313861363438633861313731666339
-62363435663134623736353137333636666566633538306432353638393565383764396537333539
-62383036653731353032623462663131363534653561663263663031666464366130346139393837
-65663738373036626133326239376632376435643761313039386538313164396362353932323632
-63376632306536643233363931366537646564333638616131653133306630633263393236653938
-62643438396366646531363265393931303933353231353166653132623739663634653865623830
-64343836326161316333643030336361666566383566323765626135363539323635646230323265
-66633339663065393833663135643838353663356430353261373335383863363337376132363836
-37613038326231636635663638636265386532643965333534376462336338666162363636353032
-38366665383034393430646338346362653764343134356134316662383130333765383462373139
-38373037343232383866623935653062356262326535343936336335323039303830316432613130
-66663362623037623536613736326464383563386632353561383562666166623163303464333330
-30623631653136313830386334303535353639363465393833363533343861663865393964653836
-64613762386137333237336431373431383439336466366562333333383332303133653962333665
-65623961643464316635323633343837373265363665363637316566303739396339323337626631
-66393332356265613231643864376331633631363634373463636165373363663633336632386433
-66303937636562366265666361386430613263386261633231373936663763316131313732346535
-30336331366136646232306434393463376436316431353637393331656331316235376464383439
-31373631313035343838
+38323237396535633136646163616466343661336161356439396266353561343836326536653339
+3863383236306162316366346438306666343832613764330a663035316131303061623632306162
+35313964643938646264303033636565306363613034316634313132626430323566306434336139
+3633653465633030640a393265306538653338663237666437316530326262383230383763623564
+32333236366535313631396534356530323236656234383032643763313139653438336465393134
+37376531613634646661313665336638323664383336656462386638396438313736306639343035
+34343966613535666637613835343261363561653866373461616334323438613132343137336132
+36376333376537366662313432346365373132633466613833353864646566623762326364306431
+30663563386461626363386662396630663266666165383333356166346432353131383763636631
+61353335353534386437636537636362633964613137346439363534353634623663656130333861
+35353937366165336136613463633035303834316137386363393464316266393463346136323133
+63653164653064363763666361633837633538396235313835303861363139343063393532626537
+33313862643835666534326230643233326365313531653361303538613930366430383636393039
+64633265313165383266636436656262376434653938316435383139666635633065636261356332
+36363538306537396230623130376231393234316238393565313463303961613563646330376234
+37373861353564356466323165323461356362353437613265636532636436643331373337326264
+35383936333232333638663063613666363964396566346238633235316338323763626634373363
+62326162353436643031383630353866353865303031363861396634653462613033643135336532
+33613334326264333637396666616133316238336161623830353363373966663865373332643030
+37663632646461373337323338656463623938646332376164643434646563323631366366383838
+66313230366364626339313264626261393461323366386239303838663263613132376662376633
+32623261346330373631306237386364323165393535393738616163303462353965383230313466
+30346265376136376432376636383835326330343766316231313832333363656330303265663831
+32373061323130333137353234323833326630353464636265336633633331623232666332653161
+30623465353636643732636531626239356261353164373931353766623962303435
diff --git a/playbooks/foodsharing/roles b/playbooks/foodsharing/roles
new file mode 120000
index 0000000..b741aa3
--- /dev/null
+++ b/playbooks/foodsharing/roles
@@ -0,0 +1 @@
+../../roles
\ No newline at end of file
diff --git a/playbooks/foodsharing/secrets.vars.yml b/playbooks/foodsharing/secrets.vars.yml
new file mode 100644
index 0000000..94d9397
--- /dev/null
+++ b/playbooks/foodsharing/secrets.vars.yml
@@ -0,0 +1,8 @@
+$ANSIBLE_VAULT;1.1;AES256
+61373834646465616537646336633566313665646430643231666336663664653631373563306132
+3931396662343436306264663239333161626463343530380a356439363761653239616461336637
+33396635366162333564353736373861323465323435323031353839383766313439306335656661
+6264393338316633390a653938386530636465323830623733633434313933616662303431623739
+32313730336161386331333661383533366163633138646339396435653737323030303238333565
+64313231376366363731333439373965613265353861333764373361303535356530313936363333
+613061633865343937336166626235623733
diff --git a/playbooks/foodsharing/setup.playbook.yml b/playbooks/foodsharing/setup.playbook.yml
new file mode 100644
index 0000000..9713b0b
--- /dev/null
+++ b/playbooks/foodsharing/setup.playbook.yml
@@ -0,0 +1,22 @@
+---
+- name: foodsharing services on yuca
+  hosts: all
+  become: yes
+  vars_files:
+    - secrets.vars.yml
+
+  tasks:
+    - name: check ansible version
+      include_role:
+        name: check-ansible-version
+
+    - name: server-base
+      include_role:
+        name: server-base
+
+    - name: telegraf_influxdb
+      include_role:
+        name: influxdb
+      vars:
+        influxdb_database: foodsharing_telegraf
+        influxdb_password: "{{ telegraf_influxdb_password }}"
\ No newline at end of file
diff --git a/playbooks/karrot-dev/secrets.vars.yml b/playbooks/karrot-dev/secrets.vars.yml
index f56b35b..0a9fdb8 100644
--- a/playbooks/karrot-dev/secrets.vars.yml
+++ b/playbooks/karrot-dev/secrets.vars.yml
@@ -1,26 +1,28 @@
 $ANSIBLE_VAULT;1.1;AES256
-63333038613466613064376564323635383964666162373939383661613164353337393063643031
-6636616439353030393930626237393062383261306432630a356636363730346231346631343763
-37336437316232623661636433623530356238393162316363643731626431653662643264303530
-3136623163626262650a623235333661653436323336343738656332383266336438306664373863
-35396237633465396566613539343336303536346639363939663165613739636639396165396166
-64663836636166326439666162653661393863333431653233663162366165633062623432303361
-66323538666564346663643235363739633936336635326639643437633562356332316439393961
-63643235643733323362623233396263396334366334383533663534663563343732376535386233
-33336236353733643564333034653138316564633065306461656464383433396562386131383563
-31363435623139356333643464636262396132316538383962656530643866353538623738613463
-35656631663734623830633834323037363137396465646165666166386538393131393931356666
-32626131353366323033383936306635326532623335663139353439316337393366363739643635
-37366634363633363137333364623230623231663535643937643238353134353330386263613632
-66323631376130376139383837653661333134316130363762323435666464613637636261303433
-64643038393235316233326566613434336639373465653234623264353730656235303839343464
-62313431373632646662613536646635323731326462336133393032303864353836376333643065
-37356336363230376263306538396530623834643237646361346132613335373536316463346666
-37373530633338336336616263666632303564346664323232303634653466626162313332636630
-66343966633464663536613939353664386135373030643362353038323936626330366438616432
-34353663343865373039306632316464623331303330336266356331636630373936653962646364
-62313030373432613738666263666463663633653933653365366439303731643035663430373938
-32393865653865313830636565316535393766663364356463303933303965633139666161376565
-37386133643739623335643630313731393337666363313264396632613930626466623864303465
-61383734663934346466313637643965326237383330666435373231363732613737393337396634
-3033
+62306262363338306637316438643837353332663133336436326334343862646365316236613765
+3031616566313866393835313139613836633931346565650a373462356630303262363737336135
+64393463353736653235323733646561386332326238616331363763623131626534313162636636
+3265366339353234620a336134346438316363386365383165396436303633333962613730373832
+62343432353130373930353562663966646666653561356135323031373339663136303430366337
+61383831356434336335306531653733356338623363646339323362353364626330663961366362
+33633164363635383765663231386561393364636363653962383232623465313439623035666530
+61353162343437653263346330643564323035323665356337393739376337386330303664636433
+66396132613634623565393032363532356563333664393831376463396235393232623663666362
+66373565633831316464346536663162363631313163626466366261613763623339643531323234
+33313132653638303766363331643065383861646133643631356434373962383433666566316561
+64396264643761396261363162363436616664303737633662666162376336363332363963323032
+32333663313233393361386563633837356332323865323366393962663139666634396563666631
+36653266343837333166323430643933383634643839623639336564646332366532346531616239
+63326531323334336563346432303139623639386165383438333931343031376236396437626366
+35383531646335633031346231643539373737396431376332376333613431336134313161613863
+31366537313862303938383333633964386266623835366634366538653563313432333334376330
+36633638356165626238623533343965653164313531643532323739366135373662326265373439
+37613131333031666136343639623637626234343963393632333035643364386331336330376132
+62653432393666343863323966303166376432323065373335636561636361366461383334326237
+64633232643764656436616632373863356337623537333431336531326463393930636266623134
+34376461613937393932396261363533343937653264366230633166346664393936393235386638
+62633439376530353835383735623230323331646261666664326663386233353734356132326462
+65343735393934616137313762353930663664626139393461623363613231373336356365376333
+34386539663066336334616566353561633730643064626366343961653763393031616233663035
+31393562633330373164363733323638336137613930303837666332383937393964323734333564
+306633343933306164623138323164333666
diff --git a/playbooks/karrot-world/secrets.vars.yml b/playbooks/karrot-world/secrets.vars.yml
index 6d2e5d0..b9c3343 100644
--- a/playbooks/karrot-world/secrets.vars.yml
+++ b/playbooks/karrot-world/secrets.vars.yml
@@ -1,33 +1,35 @@
 $ANSIBLE_VAULT;1.1;AES256
-62333638643930363563666266623538313264633734353135626336366331666231623633613166
-3735623339323830653036353332633338326461323965640a383336396532656237613130656138
-61346231306261336134323261656536656338343233326234363331376533653930333366613231
-3161636661613432660a633432336432613631313533386434626465653539323431393232666533
-34383562393664313939623134386262323838333765336666323135343733303034306435373734
-33303966653637623533373038633435663662653437393930373635653638633661636433633965
-37393239306633303764313566323966616538646165313435376536386162613461313231386263
-30616434666233653564663530663338623365313732653734333062373463626433376535643539
-61366635396535643134623261353439643066653463323237653832303038623862356234303533
-63393033393236633332363037633030323330336130633762306437336265666131653565303837
-63383937363630363133353034393839633733393339653165366438663135343563333933626561
-37343165663432656566653832376239663264313531366164316166376461323634656535383261
-32343737653565383066353263333537346633613461373064653762333037343563386137376564
-64613366386530383439313539623361393931383361393331636563363735326333333265343864
-66333334316265613162353539363935643161633231643238303763303033663630323835623565
-39643033636462633830376533616462303933383837353635373436306566356630636230646131
-39393861633066313732643433363131633939656132623164303437326339396235303833333636
-39643938303064646166646433646565343265393437316261386138636438616262333733396232
-33353839396263326265613030643264346132393738666164333836303632663833303835333338
-36366165643564313733613832333463626261613730373736346165396534303562383235386532
-62333664326563643030383537633233613733336666336664333564373436623232636432323836
-34643562343533363834626438653732653230383764633836653930373732643433633030333337
-65376437363464393961386437623862646162356634616137663666643734633631643637633965
-36333030626237316333396631646630626435666662633932653138636335626364646162363635
-62313964616133303430326539333535373737316634333032653838653733383439616131363235
-30623561626337376431343532323338343165383536646530303731613864613033626435636162
-36316462636339343238396137386635643736313737333532323535623063303266663438346237
-32366134666435623762373536613238396431336330333464353965356136376531326334623138
-35623133356562353934376166326364343365633562326635313261653166633631306633343638
-35646438613732626262313836613435393937313232363436373534336630666534356666363735
-39626435353963626433363230383736353637316137636239383537343431656464333064326264
-39313434373231666464
+35303031393333393466303332336339323033616637616433633631626136633434643765376632
+6635326563363535336439663333363133613366323335330a306137353835336139363538336134
+39623334626238383361396535373934343862653735643131393736363437373466356234626536
+3062356162396265350a333261373966303165346663663236353632326336363031333565323635
+62636365333036633838646561373630653838653732626161396630373935666232323166343830
+32626464626532396166623964313064383235333439633963323931666331376432386637616333
+36613865326636656532613432626331613662663036636636323234363965383130336237383463
+61336661383366643535376661623566336564633262373166626131353234333135663638636565
+34306334653066656433386438373436363063656461663965316166626662376639393731383634
+33326438363365653338663065343139376337633931646164636363343436303530323335303430
+39643564333232653066613338343733353461346538613265643262343236396330633439336337
+33646237633863336465333736613261376433663431663462303761303232653733636361333434
+65376631326531303462636661633466663264626265346435363561356263316336653633663838
+31396366383965366337633030366361396365363861386539633831336639383362643361353339
+66333731386638613061633062336666636131383166343137346337396361376136353737633436
+61346364366265663465323338396434333039623236626339363965636437306461333361616266
+65653836623539336439663031616461336534363863623739333436613634333235363433353563
+33666636373234623838623432633037626266343437343135306132383237386534666164333130
+30316138643030653564343663343232306330623439393030316266373539366665656131353066
+37386431353364323466366330626366323263623435303565626532333166313164343633396166
+64643030363838333635663963646339656434343832313938633238663631646234323231666130
+36343530623637623239373038653266333066613766333938393765343039383636303234376235
+33333862646237613532643963393338653533303034303064383439653238393162663866313963
+66363264626438333161326530326130626465353864613637623431323136653935386334616163
+33383763306630653039396531336163646631643436613336356436323563373634316632343063
+33306231323637386330343465376538376232356561663437353837343938343566303335346465
+34333463306363393537303464323561626635313065383264653661623863366532623662353737
+62393935303838393064376638363765353436323230633833623037353561316332303761636434
+61366334323166633836356533633836666232376162666537636238316536633130343564613036
+32333666383536363665646663396236383839643631303463666264336134326337656330366633
+66396438643164393161646138656239313265643939393830626532363361383764383462616164
+32393362653234363566303135656336646332323465346164373066366634343262646433303161
+31313561313562376562303834633363303138646235653431613239383634643363646130636634
+3231366235323966633035316364646537313435323661383666
diff --git a/playbooks/matthias/roles b/playbooks/matthias/roles
new file mode 120000
index 0000000..b741aa3
--- /dev/null
+++ b/playbooks/matthias/roles
@@ -0,0 +1 @@
+../../roles
\ No newline at end of file
diff --git a/playbooks/matthias/secrets.vars.yml b/playbooks/matthias/secrets.vars.yml
new file mode 100644
index 0000000..616a88a
--- /dev/null
+++ b/playbooks/matthias/secrets.vars.yml
@@ -0,0 +1,8 @@
+$ANSIBLE_VAULT;1.1;AES256
+34313234613663373365336537613035333530643331393630323063386161326362363835336132
+3831613432623031353437663931653938393034343963340a643839613866616539623939613866
+63333365316630373866616130636466343936323434353962633365393038346164363237303765
+3866653064636633620a633134643361353130303366356565326638396165393163316430373561
+36306365663365653063346662666563343337663964636138633330656134306536353930336334
+32336437653139306330373834393965656266316438626335646230313435653162363166643038
+656533613337366265383130646562313235
diff --git a/playbooks/matthias/setup.playbook.yml b/playbooks/matthias/setup.playbook.yml
new file mode 100644
index 0000000..11ce3ae
--- /dev/null
+++ b/playbooks/matthias/setup.playbook.yml
@@ -0,0 +1,22 @@
+---
+- name: matthias private hosted stuff on yuca
+  hosts: all
+  become: yes
+  vars_files:
+    - secrets.vars.yml
+
+  tasks:
+    - name: check ansible version
+      include_role:
+        name: check-ansible-version
+
+    - name: server-base
+      include_role:
+        name: server-base
+
+    - name: larse8n_influxdb
+      include_role:
+        name: influxdb
+      vars:
+        influxdb_database: matthias_larse8n
+        influxdb_password: "{{ larse8n_influxdb_password }}"
\ No newline at end of file
diff --git a/roles/check-ansible-version/tasks/main.yml b/roles/check-ansible-version/tasks/main.yml
index 3511f86..a13fb20 100644
--- a/roles/check-ansible-version/tasks/main.yml
+++ b/roles/check-ansible-version/tasks/main.yml
@@ -1,10 +1,10 @@
 ---
 
 - fail:
-    msg: You need to have at least ansible >= 2.4
+    msg: You need to have at least ansible >= 2.8
   when: |
     not (
-      (ansible_version.major == 2 and ansible_version.minor >= 4)
+      (ansible_version.major == 2 and ansible_version.minor >= 8)
       or
       ansible_version.major > 2
-    )
\ No newline at end of file
+    )
diff --git a/roles/influxdb/tasks/main.yml b/roles/influxdb/tasks/main.yml
new file mode 100644
index 0000000..98d722e
--- /dev/null
+++ b/roles/influxdb/tasks/main.yml
@@ -0,0 +1,18 @@
+---
+
+- name: create influxdb database
+  influxdb_database:
+    database_name: "{{ influxdb_database }}"
+    login_username: "{{ influxdb_admin_username }}"
+    login_password: "{{ influxdb_admin_password }}"
+
+- name: create influxdb user
+  influxdb_user:
+    user_name: "{{ influxdb_database }}"
+    user_password: "{{ influxdb_password }}"
+    login_username: "{{ influxdb_admin_username }}"
+    login_password: "{{ influxdb_admin_password }}"
+    grants:
+      - database: "{{ influxdb_database }}"
+        privilege: 'ALL'
+        
\ No newline at end of file
diff --git a/roles/karrot-backend/tasks/influxdb.yml b/roles/karrot-backend/tasks/influxdb.yml
index ecf71ce..2b5114f 100644
--- a/roles/karrot-backend/tasks/influxdb.yml
+++ b/roles/karrot-backend/tasks/influxdb.yml
@@ -33,8 +33,18 @@
   influxdb_database:
     database_name: "{{ influxdb_database }}"
     hostname: 127.0.0.1
-    username: ""
-    password: ""
+    login_username: "{{ influxdb_admin_username }}"
+    login_password: "{{ influxdb_admin_password }}"
+
+- name: create influxdb user
+  influxdb_user:
+    user_name: "{{ influxdb_database }}"
+    user_password: "{{ influxdb_password }}"
+    login_username: "{{ influxdb_admin_username }}"
+    login_password: "{{ influxdb_admin_password }}"
+    grants:
+      - database: "{{ influxdb_database }} "
+        privilege: 'ALL'
 
 - name: create grafana postgres user
   postgresql_user:
diff --git a/roles/server-base/tasks/influxdb.yml b/roles/server-base/tasks/influxdb.yml
new file mode 100644
index 0000000..5477fc7
--- /dev/null
+++ b/roles/server-base/tasks/influxdb.yml
@@ -0,0 +1,29 @@
+---
+- name: create influxdb admin user
+  influxdb_user:
+    user_name: "{{ influxdb_admin_username }}"
+    user_password: "{{ influxdb_admin_password }}"
+    admin: yes
+
+- name: create influxdb proxy
+  include_role:
+        name: basic-site
+
+- name: setup influxdb proxy config
+  template:
+    src: nginx_influxdb_proxy.conf.j2
+    dest: /etc/nginx/sites-available/{{ site }}
+  notify:
+    - reload nginx
+  tags:
+    - nginx
+
+- name: nginx sites-enabled symlink
+  file:
+    src: /etc/nginx/sites-available/{{ site }}
+    dest: /etc/nginx/sites-enabled/{{ site }}
+    state: link
+  notify:
+    - reload nginx
+  tags:
+    - nginx
\ No newline at end of file
diff --git a/roles/server-base/tasks/main.yml b/roles/server-base/tasks/main.yml
index 5787965..6f3aea6 100644
--- a/roles/server-base/tasks/main.yml
+++ b/roles/server-base/tasks/main.yml
@@ -25,4 +25,6 @@
 
 - import_tasks: redis.yml
 
-- import_tasks: yarn.yml
\ No newline at end of file
+- import_tasks: yarn.yml
+
+- import_tasks: influxdb.yml
diff --git a/roles/server-base/tasks/ufw.yml b/roles/server-base/tasks/ufw.yml
index 3c07a80..d161e8f 100644
--- a/roles/server-base/tasks/ufw.yml
+++ b/roles/server-base/tasks/ufw.yml
@@ -27,6 +27,13 @@
     - port: 80
     - port: 443
 
+- name: allow incoming traffic for https influxdb
+  ufw:
+    rule: allow
+    direction: in
+    to_port: 8087
+    proto: tcp
+
 - name: allow incoming influxdb access for some IPs from foodsharing.de
   ufw:
     rule: allow
diff --git a/roles/server-base/templates/nginx_influxdb_proxy.conf.j2 b/roles/server-base/templates/nginx_influxdb_proxy.conf.j2
new file mode 100644
index 0000000..a9022f6
--- /dev/null
+++ b/roles/server-base/templates/nginx_influxdb_proxy.conf.j2
@@ -0,0 +1,47 @@
+# This file is managed by ansible. It belongs to {{ role_path }}.
+# See https://github.com/yunity/yuca to change.
+map $http_upgrade $connection_upgrade {
+    default upgrade;
+    '' close;
+}
+
+server {
+    server_name {{ server_name }};
+
+    listen 8087 ssl http2;
+    listen [::]:8087 ssl http2;
+
+    ssl_certificate /var/www/{{ site }}/cert/fullchain.pem;
+    ssl_certificate_key /var/www/{{ site }}/cert/key.pem;
+
+    root /var/www/{{ site }}/www;
+
+
+    access_log off;
+    error_log off;
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        proxy_pass http://localhost:8086;
+        proxy_redirect off;
+        proxy_http_version 1.1;
+        proxy_max_temp_file_size 10m;
+        proxy_connect_timeout 20;
+        proxy_send_timeout 20;
+        proxy_read_timeout 20;
+        proxy_set_header Host $host;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection keep-alive;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto http;
+        proxy_set_header X-Original-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Original-Proto https;
+        proxy_cache_bypass $http_upgrade;
+    }
+}
\ No newline at end of file
diff --git a/roles/server-base/vars/main/vars.yml b/roles/server-base/vars/main/vars.yml
new file mode 100644
index 0000000..75d9a35
--- /dev/null
+++ b/roles/server-base/vars/main/vars.yml
@@ -0,0 +1,4 @@
+site: influxdb-proxy
+site_name: influxdb proxy
+server_name: influxdb.yunity.org
+redirects: []
\ No newline at end of file