diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
new file mode 100644
index 0000000..f0292c3
--- /dev/null
+++ b/.github/FUNDING.yml
@@ -0,0 +1,4 @@
+# These are supported funding model platforms
+
+github: dj-wasabi
+patreon: wernerdijkerman
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
new file mode 100644
index 0000000..0320127
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,35 @@
+---
+name: Bug report
+about: Help to improve this Ansible role.
+
+---
+
+**Describe the bug**
+<!--- A clear and concise description of what the bug is. -->
+
+**Installation method/version**
+<!--- Please provide the installation method and version of the role. -->
+
+* Github / latest
+* Ansible Galaxy / 1.1.0
+
+**Ansible Version**
+
+```
+<!--- Paste output from "ansible --version" -->
+```
+
+**Targetted hosts**
+Concerns the following OS(es):
+<!--- Pick one below and delete the rest -->
+
+* Ubuntu
+* Debian
+* CentOS
+* Mint
+
+**Expected behavior**
+<!--- A clear and concise description of what you expected to happen. -->
+
+**Additional context**
+<!--- Add any other context about the problem here. Configuration of the role/group_vars information etc. -->
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
new file mode 100644
index 0000000..08c8343
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,14 @@
+---
+name: Feature request
+about: Suggest an idea for this Ansible role
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.
diff --git a/.github/workflows/agent.yml b/.github/workflows/agent.yml
new file mode 100644
index 0000000..2b600c2
--- /dev/null
+++ b/.github/workflows/agent.yml
@@ -0,0 +1,45 @@
+# This is a basic workflow to help you get started with Actions
+
+name: CI
+
+# Controls when the action will run. Triggers the workflow on push or pull request
+# events but only for the master branch
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  build:
+    strategy:
+      fail-fast: false
+      matrix:
+        molecule_distro:
+          - container: centos7
+          - container: centos8
+          - container: ubuntu1604
+          - container: ubuntu1804
+          - container: debian8
+          - container: debian9
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v1
+
+      - name: Set up Python 3.7
+        uses: actions/setup-python@v1
+        with:
+          python-version: 3.7
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          curl -so requirements.txt 'https://raw.githubusercontent.com/dj-wasabi/ansible-ci-base/master/requirements.txt'
+          pip install -r requirements.txt
+
+      - name: Run role tests
+        run: >-
+          MY_MOLECULE_CONTAINER=${{ matrix.molecule_distro.container }}
+          molecule test
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index b204c73..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-sudo: required
-language: python
-services:
-  - docker
-
-before_install:
-- sudo apt-get -qq update
-- sudo apt-get install -o Dpkg::Options::="--force-confold" --force-yes -y docker-engine
-
-install:
-- pip install molecule ansible docker-py
-
-script:
-- molecule --version
-- ansible --version
-- molecule test
-
-notifications:
-  webhooks: https://galaxy.ansible.com/api/v1/notifications/
diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..451f661
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,33 @@
+# ansible-ossec-agent Release
+
+Below an overview of all changes in the releases.
+
+Version (Release date)
+
+0.2.0   (2020-08-31)
+
+  * Optionally disable public repos #22 (By pull request: briankfitzwater (Thanks!))
+  * Option to set agent name #23 (By pull request: briankfitzwater (Thanks!))
+  * Switch repo to atomicorp #29 (By pull request: emmetog (Thanks!))
+
+0.1.0   (2018-01-02)
+
+  * Using Molecule V2 for CI test purposes #21
+  * Add option to disable active-response in template #20 (By pull request: briankfitzwater (Thanks!))
+  * Set permisisons on client.keys file #19 (By pull request: briankfitzwater (Thanks!))
+  * Update atomic-release #17 (By pull request: aarnaud (Thanks!))
+  * Fix new debian repository #15 (By pull request: aarnaud (Thanks!))
+  * Added run_once: true to several delegate tasks #14
+  * Added first working molecule tests #13
+  * Fix agent registration in managed mode #10 (By pull request: aarnaud (Thanks!))
+  * Add ossec-server fqdn config #9 (By pull request: aarnaud (Thanks!))
+  * control ossec authd with service #5 (By pull request: jlruizmlg (Thanks!))
+  * Allow for situations where the ossec server is not managed by ansible #4 (By pull request: zeroem (Thanks!))
+  * include no dependencies #3 (By pull request: recunius (Thanks!))
+  * Distribution Handling, Agent Profile, and Starting ossec-remoted #2 (By pull request: recunius (Thanks!))
+  * EL7 fixes #1 (By pull request: andskli (Thanks!))
+
+0.0.1   (2014-12-07)
+
+  * Initial working version.
+
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
new file mode 100644
index 0000000..e28ac17
--- /dev/null
+++ b/CODE_OF_CONDUCT.md
@@ -0,0 +1,3 @@
+# Code of Conduct
+
+The Code of Conduct from Ansible found [here](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html) applies to this Ansible role as well.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 0000000..4b8af37
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,88 @@
+# Contributing to this role
+
+**Table of content**
+
+- [Contributing to this role](#contributing-to-this-role)
+  * [Contributing](#contributing)
+  * [(local) Development](#-local--development)
+    + [Requirements](#requirements)
+    + [Execution](#execution)
+- [Other](#other)
+  * [Virtualenv](#virtualenv)
+  * [Links](#links)
+
+Thank you very much for making time to improve this Ansible role.
+
+## Contributing
+
+Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms. [Contributor Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html).
+
+1. Fork the repo
+
+2. Create a branch and apply your changes to this branch.
+
+    a. Make sure you have updated the documentation when adding new variables;
+    
+    b. Don't forget to add/update tests so we can test the functionality during each Pull Request;
+    
+    c. Make sure the tests will succeed.
+
+3. Push the branch to your fork and submit a pull request.
+
+**Note**
+
+Pull Requests that fails during the tests will not be merged.
+
+## Coding Guidelines
+
+Style guides are important because they ensure consistency in the content, look, and feel of a book or a website.
+
+* [Ansible Style Guide](http://docs.ansible.com/ansible/latest/dev_guide/style_guide/)
+* It's "Ansible" when referring to the product and ``ansible`` when referring to the command  line tool, package, etc
+* Playbooks should be written in multi-line YAML with ``key: value``. The form ``key=value`` is only for ``ansible`` ad-hoc, not for ``ansible-playbook``.
+* Tasks should always have a ``name:``
+
+## (local) Development
+
+This role make use of Molecule to test the execution of the role and verificate it. In the root of the repository, a file named `requirements.txt` exists and contains the versions used by the tests.
+
+### Requirements
+
+You can install them with the following command:
+
+```
+pip install -r requirements.txt
+```
+
+Once the dependencies are installed, please install Docker as Molecule is configured in this repository to create Docker containers. See [this](https://docs.docker.com/install/) link to install Docker on your system.
+
+### Execution
+
+Once everything is installed, you can validate your changes by executing:
+```
+molecule test
+```
+
+It should run without any issues.
+
+# Other
+
+## Virtualenv
+
+Suggestion is to create a virtualenv so you won't have issues with other projects.
+
+Some web pages describing for virtual env:
+
+* http://thepythonguru.com/python-virtualenv-guide/
+* https://realpython.com/python-virtual-environments-a-primer/
+* https://www.dabapps.com/blog/introduction-to-pip-and-virtualenv-python/
+
+## Links
+
+[Molecule](https://molecule.readthedocs.io/)
+
+[Ansible](https://www.ansible.com/)
+
+[Molecule V2 with your own role](https://werner-dijkerman.nl/2017/09/05/using-molecule-v2-to-test-ansible-roles/)
+
+**End note**: Have fun making changes. If a feature helps you, then others find it helpful too and I will happily have it merged. 
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..6922fb3
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2018 Werner Dijkerman
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/PULL_REQUEST_TEMPLATE.md b/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 0000000..70c5ede
--- /dev/null
+++ b/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,12 @@
+**Description of PR**
+<!--- Describe what the PR holds -->
+
+**Type of change**
+<!--- Pick one below and delete the rest: -->
+
+Feature Pull Request
+Bugfix Pull Request
+Docs Pull Request
+
+**Fixes an issue**
+<!--- If this PR fixes an issue, please mention it. -->
diff --git a/README.md b/README.md
index 3c88199..147cbaa 100644
--- a/README.md
+++ b/README.md
@@ -1,11 +1,11 @@
 dj-wasabi.ossec-agent
 =========
 
-This role will install and configure an ossec-agent on the server. When there there is an parameter `ossec_server_name` configured, it will delagate an action for automatically authenticate the agent. 
+This role will install and configure an ossec-agent on the server. When there is a parameter, `ossec_server_name` configured, it will delagate an action to automatically authenticate the agent.
 
 Build Status:
 
-[![Build Status](https://travis-ci.org/dj-wasabi/ansible-ossec-agent.svg?branch=master)](https://travis-ci.org/dj-wasabi/ansible-ossec-agent)
+[![Build Status](https://img.shields.io/endpoint.svg?url=https%3A%2F%2Factions-badge.atrox.dev%2Fdj-wasabi%2Fansible-ossec-agent%2Fbadge%3Fref%3Dmaster&style=flat)](https://actions-badge.atrox.dev/dj-wasabi/ansible-ossec-agent/goto?ref=master)
 
 
 Requirements
@@ -24,10 +24,25 @@ Role Variables
 This role needs 4 parameters:
 * `ossec_server_ip`: This is the ip address of the server running the ossec-server.
 * `ossec_server_fqdn`: This is the fqdn of the server running the ossec-server.
-* `ossec_server_name`: This is the hostname of the server running the ossec-server used for delegate with ansible. 
+* `ossec_server_name`: This is the hostname of the server running the ossec-server used for delegate with ansible.
 * `ossec_managed_server`: When set to false, tasks that delegate to ossec server will be skipped
 
-This role has 3 tasks with 'delagation_to' which needs the parameter `ossec_server_name`. When this parameter is not set, you'll need to run manually the `/var/ossec/bin/ossec-authd` on the server and `/var/ossec/bin/agent-auth` on the agent. When this is the case, it will show you an message with the exact command line.
+This role has 3 tasks with 'delagation_to' which needs the parameter `ossec_server_name`. When this parameter
+is not set, you'll need to run manually the `/var/ossec/bin/ossec-authd` on the server and `/var/ossec/bin/agent-auth`
+on the agent. When this is the case, it will pause and show you an message with the exact command line. You can skip
+these pauses using the `ossec_agent_pause_for_manual_steps` variable (see below).
+
+The following role variables are optional:
+* `ossec_active_response_disabled`: Disables active response if set to yes. If this is not defined active response is enabled.
+* `ossec_disable_public_repos`: Disables installation of public repositories if set to "yes".
+* `ossec_agent_package_name`: Default is "ossec-hids-agent". This can be set to a URL or path to a .rpm file or path to a .deb file if the public repositories cannot be used.
+* `ossec_agent_name`: Optional name for the OSSEC agent.  Default is to use hostname.
+* `ossec_agent_pause_for_manual_steps`: Defaults to true, if false then the playbook will not pause to run manual steps on server. Meant to be used with auto registration.
+* `ossec_agent_client_pass`: If set, the agent will use this password when registering with the server.
+* `ossec_agent_server_cert_path`: If set, the agent will use this root cert to validate any certs provided by the server when registering (the SAN of the cert used by the server must match the `ossec_server_name` used by the client to connect).
+* `ossec_agent_cert_path`: If set, the agent will use this cert for itself when registering.
+* `ossec_agent_key_path`: If set, the agent will use this key for itself when registering.
+```
 
 Dependencies
 ------------
@@ -62,7 +77,7 @@ GPLv3
 Author Information
 ------------------
 
-Please send suggestion or pull requests to make this role better. 
+Please send suggestion or pull requests to make this role better.
 
 Github: https://github.com/dj-wasabi/ansible-ossec-agent
 
diff --git a/defaults/main.yml b/defaults/main.yml
index 4f72c8e..7548f95 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,7 +1,24 @@
 ---
 # defaults file for ossec-agent
 
-#ossec_server_fqdn: ossec-server.local
-#ossec_server_ip: 127.0.0.1
 ossec_server_name: ""
 ossec_managed_server: true
+ossec_server_atomic_release: 1.0-21
+ossec_agent_package_name: ossec-hids-agent
+
+# Set to an empty string or null to disable adding a key
+ossec_agent_debian_repository_key: "https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt"
+ossec_agent_debian_repository_url: "https://updates.atomicorp.com/channels/atomic/{{ ansible_distribution | lower }}"
+
+ossec_filename: "atomic-release-{{ ossec_server_atomic_release }}.el{{ ansible_distribution_major_version }}.art.noarch.rpm"
+ossec_url: "https://www.atomicorp.com/channels/atomic/centos/{{ ansible_distribution_major_version }}/x86_64/RPMS"
+ossec_download_url: "{{ ossec_url }}/{{ ossec_filename }}"
+
+ossec_server_disable_gpgkey: False
+ossec_agent_client_pass: ""
+
+ossec_agent_server_cert_path: ""
+ossec_agent_cert_path: ""
+ossec_agent_key_path: ""
+
+ossec_agent_pause_for_manual_steps: true
diff --git a/handlers/main.yml b/handlers/main.yml
index f072849..6e8d938 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -2,6 +2,7 @@
 # handlers file for ossec-agent
 
 - name: restart ossec-agent
-  service: name={{ ossec_init_name }}
-           state=restarted
-           enabled=yes
+  service:
+    name: "{{ ossec_init_name }}"
+    state: restarted
+    enabled: yes
diff --git a/meta/main.yml b/meta/main.yml
index ee4542a..aaf0bd6 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -3,32 +3,25 @@ galaxy_info:
   author: Werner Dijkerman
   description: Installing and maintaining the ossec-agent.
   company: myCompany.Dotcom
-  license: license (GPLv3)
-  min_ansible_version: 1.4
+  license: MIT
+  min_ansible_version: 2.4
   platforms:
-  - name: EL
-    versions:
-    - 5
-    - 6
-    - 7
-  - name: Fedora
-    versions:
-    - all
-  #- name: Ubuntu
-  #  versions:
-  #  - all
-  #  - lucid
-  #  - maverick
-  #  - natty
-  #  - oneiric
-  #  - precise
-  #  - quantal
-  #  - raring
-  #  - saucy
-  #  - trusty
-  - name: Debian
-    versions:
-    - all
+    - name: EL
+      versions:
+        - 5
+        - 6
+        - 7
+    - name: Fedora
+      versions:
+        - all
+    - name: Debian
+      versions:
+        - all
   categories:
-  - monitoring
+    - monitoring
+  galaxy_tags:
+    - ossec
+    - ossec-agent
+    - hids
+    - monitoring
 dependencies: []
diff --git a/molecule.yml b/molecule.yml
deleted file mode 100644
index fe9b7c1..0000000
--- a/molecule.yml
+++ /dev/null
@@ -1,100 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-
-ansible:
-  playbook: playbook.yml
-  group_vars:
-    ossec:
-      ossec_server_config:
-        mail_to:
-          - me@example.com
-        mail_smtp_server: localhost
-        mail_from: ossec@example.com
-        frequency_check: 72000
-        ignore_files:
-          - /etc/mtab
-          - /etc/mnttab
-          - /etc/hosts.deny
-        directories:
-          - check_all: 'yes'
-            dirs: /etc,/usr/bin,/usr/sbin
-          - check_all: 'yes'
-            dirs: /bin,/sbin
-        localfiles:
-          - format: 'syslog'
-            location: '/var/log/messages'
-          - format: 'syslog'
-            location: '/var/log/secure'
-        globals:
-          - '127.0.0.1'
-          - '192.168.2.1'
-        connection: 'secure'
-        log_level: 1
-        email_level: 7
-        commands:
-          - name: 'host-deny'
-            executable: 'host-deny.sh'
-            expect: 'srcip'
-            timeout_allowed: 'yes'
-        active_responses:
-          - command: 'host-deny'
-            location: 'local'
-            level: 6
-            timeout: 600
-        localfiles:
-          - format: 'syslog'
-            location: '/var/log/messages'
-      ossec_agent_configs:
-        - type: os
-          type_value: linux
-          frequency_check: 79200
-          ignore_files:
-            - /etc/mtab
-            - /etc/mnttab
-          directories:
-            - check_all: yes
-              dirs: /etc,/usr/bin,/usr/sbin
-          localfiles:
-            - format: 'syslog'
-              location: '/var/log/messages'
-
-dependency:
-  name: galaxy
-  requirements_file: requirements.yml
-  options:
-      ignore-certs: True
-      ignore-errors: True
-
-docker:
-  containers:
-    - name: ossec-server-centos
-      ansible_groups:
-        - ossec
-      image: milcom/centos7-systemd
-      image_version: latest
-      privileged: True
-    - name: ossec-agent-centos
-      ansible_groups:
-        - agent
-      image: milcom/centos7-systemd
-      image_version: latest
-      privileged: True
-    - name: ossec-agent-debian
-      ansible_groups:
-        - agent
-      image: maint/debian-systemd
-      image_version: latest
-      privileged: True
-    - name: ossec-agent-ubuntu
-      ansible_groups:
-        - agent
-      image: rastasheep/ubuntu-sshd
-      image_version: latest
-      privileged: True
-
-
-verifier:
-  name: testinfra
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
new file mode 100644
index 0000000..d85fde8
--- /dev/null
+++ b/molecule/default/converge.yml
@@ -0,0 +1,21 @@
+---
+- name: Converge
+  hosts: server
+  pre_tasks:
+    - name: "Get ip Ossec Server"
+      shell: grep $(hostname) /etc/hosts | awk '{print $1}' | sort | head -n 1
+      register: ossec_server
+      changed_when: False
+
+    - name: "Get ossec_server_client_auth"
+      shell: cat /var/ossec/logs/ossec.log | grep "Random password chosen for agent authentication:" | tail -n1 | cut -d':' -f4 | awk '{$1=$1};1'
+      register: ossec_server_client_auth
+      changed_when: False
+
+- hosts: all:!server
+  roles:
+    - role: ansible-ossec-agent
+      ossec_server_name: ossec-server-centos
+      ossec_server_ip: "{{ hostvars['ossec-server-centos']['ossec_server']['stdout'] }}"
+      ossec_server_fqdn: ossec-server-centos
+      ossec_agent_client_pass: "{{ hostvars['ossec-server-centos']['ossec_server_client_auth']['stdout'] }}"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
new file mode 100644
index 0000000..4b5046b
--- /dev/null
+++ b/molecule/default/molecule.yml
@@ -0,0 +1,96 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+
+platforms:
+  - name: ossec-server-centos
+    hostname: ossec-server-centos
+    groups:
+      - server
+    image: geerlingguy/docker-centos7-ansible
+    pre_build_image: True
+    privileged: True
+    command: /usr/sbin/init
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    networks:
+      - name: ossec
+  - name: ossec-agent-${MY_MOLECULE_CONTAINER:-centos7}
+    groups:
+      - agent
+    image: geerlingguy/docker-${MY_MOLECULE_CONTAINER:-centos7}-ansible
+    privileged: True
+    pre_build_image: True
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    networks:
+      - name: ossec
+
+provisioner:
+  name: ansible
+  lint:
+    name: ansible-lint
+  inventory:
+    group_vars:
+      agent:
+        ossec_server_disable_gpgkey: True
+      server:
+        ossec_server_disable_gpgkey: True
+        ossec_server_config:
+          mail_to:
+            - me@example.com
+          mail_smtp_server: localhost
+          mail_from: ossec@example.com
+          frequency_check: 72000
+          ignore_files:
+            - /etc/mtab
+            - /etc/mnttab
+            - /etc/hosts.deny
+          directories:
+            - check_all: 'yes'
+              dirs: /etc,/usr/bin,/usr/sbin
+            - check_all: 'yes'
+              dirs: /bin,/sbin
+          localfiles:
+            - format: 'syslog'
+              location: '/var/log/messages'
+            - format: 'syslog'
+              location: '/var/log/secure'
+          globals:
+            - '127.0.0.1'
+            - '192.168.2.1'
+          connection: 'secure'
+          log_level: 1
+          email_level: 7
+          commands:
+            - name: 'host-deny'
+              executable: 'host-deny.sh'
+              expect: 'srcip'
+              timeout_allowed: 'yes'
+          active_responses:
+            - command: 'host-deny'
+              location: 'local'
+              level: 6
+              timeout: 600
+        ossec_agent_configs:
+          - type: os
+            type_value: linux
+            frequency_check: 79200
+            ignore_files:
+              - /etc/mtab
+              - /etc/mnttab
+            localfiles:
+              - format: 'syslog'
+                location: '/var/log/messages'
+            directories:
+              - check_all: yes
+                dirs: /etc,/usr/bin,/usr/sbin
+
+scenario:
+  name: default
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
new file mode 100644
index 0000000..a4d2eaa
--- /dev/null
+++ b/molecule/default/prepare.yml
@@ -0,0 +1,35 @@
+---
+- name: Prepare
+  hosts: server
+  pre_tasks:
+    - name: "Installing dummy file"
+      file:
+        path: /etc/sysconfig/network
+        state: touch
+
+  roles:
+    - role: dj-wasabi.ossec-server
+
+- name: Prepare
+  hosts: agent
+  tasks:
+
+    - name: "Apt-update"
+      shell: apt-get update
+      args:
+        warn: False
+      when:
+        - ansible_os_family == "Debian"
+    
+    - name: "Installing tools on Debian"
+      apt:
+        name:
+          - net-tools
+          - apt-transport-https
+          - sudo
+          - apt-utils
+          - ca-certificates
+          - "{{ 'gnupg-agent' if ansible_distribution_major_version in ['8', '16'] else 'gpg-agent' }}"
+        state: present
+      when:
+        - ansible_os_family == "Debian"
diff --git a/molecule/default/requirements.yml b/molecule/default/requirements.yml
new file mode 100644
index 0000000..2064543
--- /dev/null
+++ b/molecule/default/requirements.yml
@@ -0,0 +1,2 @@
+---
+- src: dj-wasabi.ossec-server
diff --git a/molecule/default/tests/test_agent.py b/molecule/default/tests/test_agent.py
new file mode 100644
index 0000000..bef86ae
--- /dev/null
+++ b/molecule/default/tests/test_agent.py
@@ -0,0 +1,40 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('agent')
+
+
+def test_ossec_package_installed(host):
+    if host.system_info.distribution in ['debian', 'ubuntu']:
+        ossec = host.package('ossec-hids-agent')
+    elif host.system_info.distribution == 'centos':
+        ossec = host.package('ossec-hids')
+    assert ossec.is_installed
+
+
+def test_ossec_service_running_and_enabled(host):
+    if host.system_info.distribution in ['debian', 'ubuntu']:
+        ossec = host.service('ossec')
+    else:
+        ossec = host.service('ossec-hids')
+    assert ossec.is_enabled
+    assert ossec.is_running
+
+
+def test_client_keys(host):
+    zabbix_server_conf = host.file("/var/ossec/etc/client.keys")
+    assert zabbix_server_conf.user == "root"
+    assert zabbix_server_conf.group == "ossec"
+    assert zabbix_server_conf.mode == 0o640
+
+
+def test_ossec_agent(host):
+    if host.system_info.distribution in ['debian', 'ubuntu']:
+        ossec_file = host.file("/var/ossec/etc/ossec.conf")
+    else:
+        ossec_file = host.file("/var/ossec/etc/ossec-agent.conf")
+    assert ossec_file.user == "root"
+    assert ossec_file.group == "root"
+    assert ossec_file.mode == 0o644
diff --git a/tasks/Debian.yml b/tasks/Debian.yml
index b05c7ce..7860199 100644
--- a/tasks/Debian.yml
+++ b/tasks/Debian.yml
@@ -1,10 +1,10 @@
 ---
 - name: Debian/Ubuntu | Installing repository key
-  apt_key: url=http://ossec.wazuh.com/repos/apt/conf/ossec-key.gpg.key
+  apt_key:
+    url: "{{ ossec_agent_debian_repository_key }}"
 
 - name: Debian/Ubuntu | Installing repository
-  apt_repository: repo="deb http://ossec.wazuh.com/repos/apt/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main" state=present
-
-- name: Debian/Ubuntu | Install ossec-hids-agent
-  apt: pkg=ossec-hids-agent
-       state=present
+  apt_repository:
+    repo: "deb {{ ossec_agent_debian_repository_url }} {{ ansible_distribution_release }} main"
+    mode: '0644'
+    state: present
diff --git a/tasks/RedHat.yml b/tasks/RedHat.yml
index 627e448..6bc57ed 100644
--- a/tasks/RedHat.yml
+++ b/tasks/RedHat.yml
@@ -1,23 +1,24 @@
 ---
 # Tasks specific for RedHat systems
 
-- name: RedHat | Set some facts
+- name: "RedHat | Set some facts"
   set_fact:
-      ansible_distribution: centos
+    ansible_distribution: centos
   when: ansible_distribution == "RedHat"
 
-- name: RedHat | Install atomicorp repo
-  yum: >
-      name=https://www.atomicorp.com/channels/atomic/centos/{{ansible_distribution_major_version}}/x86_64/RPMS/atomic-release-1.0-19.el{{ansible_distribution_major_version}}.art.noarch.rpm
-      state=present
+- name: "RedHat | Install atomicorp repo"
+  yum:
+    name: "{{ ossec_download_url }}"
+    disable_gpg_check: "{{ ossec_server_disable_gpgkey }}"
+    state: present
 
-- name: RedHat | Install epel repo
-  yum: >
-      name=https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ansible_distribution_major_version}}.noarch.rpm
-      state=present
+- name: "RedHat | Install epel repo rpm key"
+  rpm_key:
+    state: present
+    key: "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}"
 
-- name: RedHat | Install ossec-hids-client
-  yum: pkg=ossec-hids-client
-       state=present
-  tags:
-    - init
+
+- name: "RedHat | Install epel repo"
+  yum:
+    name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm"
+    state: present
diff --git a/tasks/main.yml b/tasks/main.yml
index 64577bd..4c4fe15 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -2,12 +2,17 @@
 # tasks file for ossec-agent
 
 - name: "Install the correct repository"
-  include: "RedHat.yml"
-  when: ansible_os_family == "RedHat"
+  include_tasks: "{{ ansible_os_family }}.yml"
+  when: (ossec_disable_public_repos is not defined) or (ossec_disable_public_repos != 'yes')
 
-- name: "Install the correct repository"
-  include: "Debian.yml"
-  when: ansible_os_family == "Debian"
+- name: "Install {{ ossec_agent_package_name }}"
+  package:
+    name: "{{ ossec_agent_package_name }}"
+  when: "'.deb' not in ossec_agent_package_name"
+
+- name: Install OSSEC Agent from .deb package
+  apt: deb="{{ ossec_agent_package_name }}"
+  when: "'.deb' in ossec_agent_package_name"
 
 - name: Set ossec deploy facts for RedHat
   set_fact:
@@ -22,24 +27,36 @@
   when: ansible_os_family == "Debian"
 
 - name: "Installing the ossec-agent.conf"
-  template: src=var-ossec-etc-ossec-agent.conf.j2
-            dest=/var/ossec/etc/{{ ossec_agent_config_filename }}
-            owner=root
-            group=root
-            mode=0644
+  template:
+    src: var-ossec-etc-ossec-agent.conf.j2
+    dest: /var/ossec/etc/{{ ossec_agent_config_filename }}
+    owner: root
+    group: root
+    mode: 0644
   notify: restart ossec-agent
   tags:
     - init
     - config
 
+- name: "Install pass file"
+  copy:
+    dest: /var/ossec/etc/authd.pass
+    content: "{{ ossec_agent_client_pass }}"
+    owner: ossec
+    group: ossec
+    mode: 0600
+  when: ossec_agent_client_pass != ""
+
 - name: "Check if client.keys exists"
-  stat: path=/var/ossec/etc/client.keys
+  stat:
+    path: /var/ossec/etc/client.keys
   register: check_keys
   tags:
     - config
 
 - name: "Check if client.keys exists on ossec-server"
-  stat: path=/var/ossec/etc/client.keys
+  stat:
+    path: /var/ossec/etc/client.keys
   when: ossec_managed_server
   delegate_to: "{{ ossec_server_name }}"
   register: check_server_keys
@@ -47,7 +64,9 @@
     - config
 
 - name: "Starting auth daemon on server {{ ossec_server_name }}"
-  service: name=ossec-authd state=started
+  systemd:
+    name: ossec-authd
+    state: started
   when: ossec_managed_server and not check_keys.stat.exists and ossec_server_name|default("") != ""
   delegate_to: "{{ ossec_server_name }}"
   run_once: true
@@ -58,20 +77,41 @@
   pause:
     minutes: 2
     prompt: 'Please execute the following command on your ossec-server: "service ossec-authd start"'
-  when: not ossec_managed_server and not check_keys.stat.exists or ossec_server_name|default("") == ""
+  when: ossec_agent_pause_for_manual_steps and ( not ossec_managed_server and not check_keys.stat.exists or ossec_server_name|default("") == "" )
   tags:
     - skip_ansible_lint
 
+- name: Generate command to register client
+  set_fact:
+    ossec_agent_register_string: |
+      /var/ossec/bin/agent-auth
+            -m {{ ossec_server_ip|default(ossec_server_fqdn) }}
+            -p {{ ossec_server_port|default(1515) }}
+            -A '{{ ossec_agent_name|default(ansible_hostname) }}'
+            {% if ossec_agent_client_pass %}-P /var/ossec/etc/authd.pass{% endif %}
+            {% if ossec_agent_server_cert_path %}-v {{ ossec_agent_server_cert_path }}{% endif %}
+            {% if ossec_agent_cert_path %}-x {{ ossec_agent_cert_path }}{% endif %}
+            {% if ossec_agent_key_path %}-k {{ ossec_agent_key_path }}{% endif %}
+
+- debug: var=ossec_agent_register_string
+
 - name: "register client"
-  shell: /var/ossec/bin/agent-auth -m {{ ossec_server_ip|default(ossec_server_fqdn) }} -p 1515
+  command: "{{ ossec_agent_register_string }}"
   args:
     creates: /var/ossec/etc/client.keys
   tags:
     - config
     - skip_ansible_lint
 
+- name: Set permissions on client.keys file
+  file:
+    dest: /var/ossec/etc/client.keys
+    mode: 0640
+
 - name: "kill the auth-daemon on server {{ ossec_server_name }}"
-  service: name=ossec-authd state=stopped
+  service:
+    name: ossec-authd
+    state: stopped
   delegate_to: "{{ ossec_server_name }}"
   when: ossec_managed_server and not check_keys.stat.exists and ossec_server_name|default("") != ""
   run_once: true
@@ -82,7 +122,7 @@
   pause:
     minutes: 2
     prompt: 'Please execute the following command on your ossec-server: "service ossec-authd stop"'
-  when: not ossec_managed_server and not check_keys.stat.exists and ossec_server_name|default("") == ""
+  when: ossec_agent_pause_for_manual_steps and ( not ossec_managed_server and not check_keys.stat.exists and ossec_server_name|default("") == "" )
 
 - name: "Restart ossec-remoted on server. If this is the first agent added it will not be running."
   shell: /var/ossec/bin/ossec-control restart
@@ -96,4 +136,10 @@
   pause:
     minutes: 2
     prompt: 'Please execute the following command on your ossec-server: "/var/ossec/bin/ossec-control restart"'
-  when: not ossec_managed_server and not check_server_keys.stat.exists and ossec_server_name|default("") == ""
\ No newline at end of file
+  when: ossec_agent_pause_for_manual_steps and ( not ossec_managed_server and not check_server_keys.stat.exists and ossec_server_name|default("") == "" )
+
+- name: "Start ossec-agent if not already running"
+  service:
+    name: "{{ ossec_init_name }}"
+    state: started
+    enabled: yes
diff --git a/templates/var-ossec-etc-ossec-agent.conf.j2 b/templates/var-ossec-etc-ossec-agent.conf.j2
index 3dc1bb9..ed7edde 100644
--- a/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -1,6 +1,11 @@
 <!-- OSSEC example config -->
 
 <ossec_config>
+  {% if ossec_active_response_disabled is defined %}
+  <active-response>
+    <disabled>{{ ossec_active_response_disabled }}</disabled>
+  </active-response>
+  {% endif %}
   <client>
     {% if ossec_server_ip is defined %}
     <server-ip>{{ ossec_server_ip }}</server-ip>
diff --git a/vars/main.yml b/vars/main.yml
deleted file mode 100644
index 285e838..0000000
--- a/vars/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-# vars file for ossec-agent