diff --git a/inventory/group_vars/all/vars.yml b/inventory/group_vars/all/vars.yml
index 66341cf..7b8ebe1 100644
--- a/inventory/group_vars/all/vars.yml
+++ b/inventory/group_vars/all/vars.yml
@@ -1,18 +1,29 @@
 ---
 
-# this information is whared between all hosts
+# this information is shared between all hosts
 servers:
   - uuid: 7e24bc5f-3495-4773-a60c-0cf748383aa9
     # domain of server that will be put into config
     domain: !vault |
       $ANSIBLE_VAULT;1.1;AES256
-      62653963623830643262373530393466613738333931336236663964346664323564663233643237
-      3266393336393663643037636230613036633939323433380a383033343564343233396461643838
-      62333134393533353030353535303238303834393237666634333362653338363332616439316136
-      6366613034646366320a633134356438356539653263373637363032376463343663636462626261
-      31356432663063363638656336326537346565613833363833343565386634663435
+      61373932633565623362373062346266313537623233353166333735646463363564616630386237
+      3731386535333063376264653835363236663633643531660a363263383061633234393136623862
+      66376238653533633365313439616536366335376163653861303764356438363966643334356566
+      6461383639343231330a363063363764353738303062656234626232663865646166666331343062
+      3564
     remarks: "Server #1"
     # port of shadowsocks to be exposed and used publicly
     ss_port: 443
     # cipher to use in shadowsocks
     ss_cipher: aes-256-gcm
+  - uuid: 446d2ed0-ab45-40a6-ae36-b1eb7f26d684
+    domain: !vault |
+      $ANSIBLE_VAULT;1.1;AES256
+      66363465613833656166313336376162333131376535643234373632623330326435353163303762
+      3762623866373230316636313937373165616266646435620a666665376163376564373031336338
+      36326239363533613961353431353866333163303964396566653835353763303862393036313732
+      3334623465396633370a633765353433383835313538623533306462303834333437373733393166
+      6535
+    remarks: "Server #2"
+    ss_port: 443
+    ss_cipher: chacha20-ietf-poly1305
diff --git a/inventory/group_vars/s1/vars.yml b/inventory/group_vars/s1/vars.yml
index f32ac4d..107b873 100644
--- a/inventory/group_vars/s1/vars.yml
+++ b/inventory/group_vars/s1/vars.yml
@@ -18,6 +18,3 @@ ansible_user: !vault |
   3131
 
 server: "{{ servers[0] }}"
-
-ssl_cert_path: "/etc/letsencrypt/live/{{ server.domain }}/fullchain.pem"
-ssl_key_path: "/etc/letsencrypt/live/{{ server.domain }}/privkey.pem"
diff --git a/inventory/group_vars/s2/vars.yml b/inventory/group_vars/s2/vars.yml
new file mode 100644
index 0000000..41570fe
--- /dev/null
+++ b/inventory/group_vars/s2/vars.yml
@@ -0,0 +1,20 @@
+---
+
+# SSH port ansible should connect to
+ansible_port: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  64616533623135613236626662363238326332653338393666336232346536336262356238646463
+  3831323161666261393366373537636362643436333062660a613333373835626233333930353736
+  63663261633730656433363366313834376236653735333436356332373839336639303332636533
+  6331333464643763340a343964383630393331333263353934376166393961666332646663393462
+  3532
+# linux user ansible should connect as via SSH
+ansible_user: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  63623864653032633530653132613231356437303236343737383736303864646564653138383135
+  3835643266623465323339306334653639366636656131350a643761626336643161623963363531
+  65626566393032303138336533373263363530306137393431626635366463393434656462323334
+  6133366665643432360a333561363434376134656437323731636565386533363736313363356138
+  3933
+
+server: "{{ servers[1] }}"
diff --git a/inventory/hosts b/inventory/hosts
index ff9679d..c840eb5 100644
--- a/inventory/hosts
+++ b/inventory/hosts
@@ -1,8 +1,10 @@
 $ANSIBLE_VAULT;1.1;AES256
-62326562313035653332663736396634303330646363633539646536643666323033643131353363
-3035626461353735343231343835313339396164616532390a613037393633626537656461343735
-62353332313238633166366538383864613163633637366237393736666532323432306337646230
-3064643466376566660a393236313932326631363839346539333438356136636361653830366434
-64333266333836643831623834303739336364393838326136656139316239353635366465356631
-64633462616334363962373861316238623362353462386139623034633236633835663631303264
-356234663638613638663035616435386463
+63666564666633353766316538626561386230323535376165616330663435306662353331306266
+3337646338653834653335656362666537653531666330380a366462333438306561636462613963
+34636138343031373266303830643635396161346339376439383532343765323839393231393763
+3864636435663736630a663638633935383134666235643931343236616430616634396635366435
+61383430393337366638323838646565663762376636353562633261326234623663373830313766
+65343232613864646439333632366132373061316134333664656135626332333238323034313235
+39306631333332353431656530306664626162313736373862316163363837656233613432386530
+36366439636238333931636535363835336138303965316630646665336466323438356235616232
+6363
diff --git a/proxies.yml b/proxies.yml
index 3c6d666..83ce66f 100644
--- a/proxies.yml
+++ b/proxies.yml
@@ -1,5 +1,5 @@
 - hosts:
-    - s1
+    - proxies
   no_log: true
   roles:
     - outline
diff --git a/roles/frontman/tasks/main.yml b/roles/frontman/tasks/main.yml
index a7723a6..9a4a2b3 100644
--- a/roles/frontman/tasks/main.yml
+++ b/roles/frontman/tasks/main.yml
@@ -60,7 +60,7 @@
   vars:
     client: "{{ item }}"
     prefix: "POST"
-    default_server: "{{ servers | random }}"
+    default_server: "{{ servers[loop_index % (servers | length)] }}"
 
 - name: Synchronize local static root with remote host
   synchronize: