diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..bf7917a
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+# avoid to version passwords and other secret stuff
+*secret*
diff --git a/servers/members2/projects/executive/LocalSettings.php b/servers/members2/projects/executive/LocalSettings.php
new file mode 100644
index 0000000..1364eb7
--- /dev/null
+++ b/servers/members2/projects/executive/LocalSettings.php
@@ -0,0 +1,194 @@
+
+
+ ServerName executive.wikimedia.ch
+
+ # public directory
+ DocumentRoot /var/www/wikimedia.ch/executive/www
+
+ # cute URLs thanks to PATH_INFO
+ Alias /wiki /var/www/wikimedia.ch/executive/www/index.php
+
+ # fix mediawiki package
+ SetEnv MW_INSTALL_PATH /var/www/wikimedia.ch/executive/www
+
+ # adopt custom temporary dir
+ php_admin_value upload_tmp_dir /var/www/wikimedia.ch/executive/tmp
+ php_admin_value sys_temp_dir /var/www/wikimedia.ch/executive/tmp
+
+ # allow big files
+ php_admin_value post_max_size 30M
+ php_admin_value upload_max_filesize 30M
+
+ # harden the installation
+ php_admin_value open_basedir /var/www/wikimedia.ch/executive:/usr/share/mediawiki:/var/lib/mediawiki:/etc/wmch-infrastructure:/dev/null:/usr/bin:/bin
+
+ # certificates
+ SSLEngine on
+ SSLCertificateFile /etc/letsencrypt/live/executive.wikimedia.ch/fullchain.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/executive.wikimedia.ch/privkey.pem
+
+ # public directory - same as DocumentRoot
+
+
+ # disable unused and slow .htaccess feature
+ AllowOverride none
+
+ # avoid listing files in the images directory
+ Options -Indexes
+
+
+ # certbot goodies
+ Include /etc/letsencrypt/options-ssl-apache.conf
+
+
+# redirect unsecure traffic
+
+
+ ServerName executive.wikimedia.ch
+
+ Redirect permanent / https://executive.wikimedia.ch/
+
+
diff --git a/servers/members2/projects/members/LocalSettings.php b/servers/members2/projects/members/LocalSettings.php
new file mode 100644
index 0000000..27eb544
--- /dev/null
+++ b/servers/members2/projects/members/LocalSettings.php
@@ -0,0 +1,192 @@
+
+
+ ServerName members.wikimedia.ch
+
+ DocumentRoot /var/www/wikimedia.ch/members/www
+
+ # cute URLs thanks to PATH_INFO
+ Alias /wiki /var/www/wikimedia.ch/members/www/index.php
+
+ # fix mediawiki package
+ SetEnv MW_INSTALL_PATH /var/www/wikimedia.ch/members/www
+
+ # adopt custom temporary dir
+ php_admin_value upload_tmp_dir /var/www/wikimedia.ch/members/tmp
+ php_admin_value sys_temp_dir /var/www/wikimedia.ch/members/tmp
+
+ # allow big files
+ php_admin_value post_max_size 30M
+ php_admin_value upload_max_filesize 30M
+
+ # harden the installation
+ php_admin_value open_basedir /var/www/wikimedia.ch/members:/usr/share/mediawiki:/var/lib/mediawiki:/var/log/wmch:/etc/wmch-infrastructure:/dev/null:/usr/bin:/bin
+
+ # certificates
+ SSLEngine on
+ SSLCertificateFile /etc/letsencrypt/live/members.wikimedia.ch/cert.pem
+ SSLCertificateKeyFile /etc/letsencrypt/live/members.wikimedia.ch/privkey.pem
+ SSLCertificateChainFile /etc/letsencrypt/live/members.wikimedia.ch/chain.pem
+
+ # disable unused, slow, insecure features
+
+
+ # disable unused and slow .htaccess feature
+ AllowOverride none
+
+ # avoid listing images
+ Options -Indexes
+
+
+ # certbot goodies
+ Include /etc/letsencrypt/options-ssl-apache.conf
+
+
+# redirect unsecure traffic
+
+
+ ServerName members.wikimedia.ch
+
+ Redirect permanent / https://members.wikimedia.ch/
+
+