diff --git a/states/base/bash_functions b/states/base/bash_functions
deleted file mode 100644
index 00658d6..0000000
--- a/states/base/bash_functions
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/bash
-
-function devenv
-{
-    . $HOME/gvasettings.sh
-    . {{ venv }}/bin/activate
-    cd {{ appdir }}
-}
-
-function testenv
-{
-    devenv
-    export DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE%%.local}.test
-}
-
-function settitle
-{
-    if [ -n "$STY" ] ; then      # We are in a screen session
-        echo "Setting screen titles to $@"
-        printf "\033k%s\033\\" "$@"
-        screen -X eval "at \\# title $@" "shelltitle $@"
-    else
-        printf "\033]0;%s\007" "$@"
-    fi
-}
diff --git a/states/gnuviechadmin/bash_functions b/states/gnuviechadmin/bash_functions
deleted file mode 100644
index 2c7fd41..0000000
--- a/states/gnuviechadmin/bash_functions
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/bash
-
-function devenv
-{
-    . $HOME/gvasettings.sh
-    . $HOME/gva-venv/bin/activate
-    cd /vagrant/gnuviechadmin
-}
-
-function testenv
-{
-    devenv
-    export DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE%%.local}.test
-}
-
-function settitle
-{
-    if [ -n "$STY" ] ; then      # We are in a screen session
-        echo "Setting screen titles to $@"
-        printf "\033k%s\033\\" "$@"
-        screen -X eval "at \\# title $@" "shelltitle $@"
-    else
-        printf "\033]0;%s\007" "$@"
-    fi
-}
diff --git a/states/gnuviechadmin/gva/env-vars b/states/gnuviechadmin/gva/env-vars
deleted file mode 100644
index 1bbf1f8..0000000
--- a/states/gnuviechadmin/gva/env-vars
+++ /dev/null
@@ -1,23 +0,0 @@
-DJANGO_SETTINGS_MODULE=gnuviechadmin.settings
-GVA_ADMIN_EMAIL={{ salt['pillar.get']('gnuviechadmin:adminemail', 'admin@example.org') }}
-GVA_ADMIN_NAME={{ salt['pillar.get']('gnuviechadmin:adminname', 'Gnuviech Admin') }}
-GVA_BROKER_URL={{ broker_url }}
-GVA_DOMAIN_NAME={{ salt['pillar.get']('gnuviechadmin:{}:domainname'.format(gvaappname), 'service.localhost') }}
-GVA_MIN_OS_GID={{ salt['pillar.get']('gnuviechadmin:minosgid', 10000) }}
-GVA_MIN_OS_UID={{ salt['pillar.get']('gnuviechadmin:minosuid', 10000) }}
-GVA_OSUSER_DEFAULT_SHELL={{ salt['pillar.get']('gnuviechadmin:osuserdefaultshell', '/sbin/nologin') }}
-GVA_OSUSER_HOME_BASEPATH={{ salt['pillar.get']('gnuviechadmin:osuserhomedirbase', '/home') }}
-GVA_OSUSER_PREFIX={{ salt['pillar.get']('gnuviechadmin:osuserprefix', 'user') }}
-GVA_OSUSER_UPLOADSERVER={{ salt['pillar.get']('gnuviechadmin:uploadserver') }}
-GVA_PGSQL_DATABASE={{ salt['pillar.get']('gnuviechadmin:database:name') }}
-GVA_PGSQL_HOSTNAME={{ salt['pillar.get']('gnuviechadmin:database:host', 'localhost') }}
-GVA_PGSQL_PASSWORD={{ salt['pillar.get']('gnuviechadmin:database:owner:password') }}
-GVA_PGSQL_PORT={{ salt['pillar.get']('gnuviechadmin:database:port', 5432) }}
-GVA_PGSQL_USER={{ salt['pillar.get']('gnuviechadmin:database:owner:user', gvaappname ) }}
-GVA_RESULTS_REDIS_URL={{ result_url }}
-GVA_SITE_ADMINMAIL={{ salt['pillar.get']('gnuviechadmin:adminemail', 'admin@example.org') }}
-GVA_SITE_NAME={{ salt['pillar.get']('gnuviechadmin:sitename') }}
-GVA_SITE_SECRET={{ salt['pillar.get']('gnuviechadmin:{}:django_secret_key'.format(gvaappname)) }}
-GVA_URL_MYSQL_ADMIN={{ salt['pillar.get']('gnuviechadmin:{}:url_mysql_admin'.format(gvaappname)) }}
-GVA_URL_PGSQL_ADMIN={{ salt['pillar.get']('gnuviechadmin:{}:url_pgsql_admin'.format(gvaappname)) }}
-GVA_URL_WEBMAIL={{ salt['pillar.get']('gnuviechadmin:{}:url_webmail'.format(gvaappname)) }}
diff --git a/states/gnuviechadmin/gva/gnuviechadmin.nginx b/states/gnuviechadmin/gva/gnuviechadmin.nginx
deleted file mode 100644
index d5768bd..0000000
--- a/states/gnuviechadmin/gva/gnuviechadmin.nginx
+++ /dev/null
@@ -1,27 +0,0 @@
-server {
-  server_name www.{{ domainname }};
-  listen 443 ssl;
-
-  ssl_certificate {{ ssl_certdir }}/{{ domainname }}.crt.pem;
-  ssl_certificate_key {{ ssl_keydir }}/{{ domainname }}.key.pem;
-
-  if ( $host != '{{ domainname }}') {
-    return 301 https://{{ domainname }}$request_uri;
-  }
-
-  client_max_body_size 1M;
-  gzip on;
-  gzip_types text/javascript application/x-javascript text/css;
-
-  location /media {
-    alias /vagrant/gnuviechadmin/media;
-  }
-
-  location /static {
-    alias /vagrant/gnuviechadmin/assets;
-  }
-
-  location / {
-    proxy_pass http://localhost:8000;
-  }
-}
diff --git a/states/gnuviechadmin/gva/settings.sh b/states/gnuviechadmin/gva/settings.sh
deleted file mode 100644
index 35fad76..0000000
--- a/states/gnuviechadmin/gva/settings.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/sh
-
-export DJANGO_SETTINGS_MODULE="gnuviechadmin.settings.{{ salt['pillar.get']('gnuviechadmin:deploymenttype', 'production') }}"
-export GVA_ADMIN_NAME="Jan Dittberner"
-export GVA_ADMIN_EMAIL="{{ salt['pillar.get']('gnuviechadmin:adminemail') }}"
-export GVA_PGSQL_DATABASE="{{ salt['pillar.get']('gnuviechadmin:database:name') }}"
-export GVA_PGSQL_USER="{{ salt['pillar.get']('gnuviechadmin:database:owner:user') }}"
-export GVA_PGSQL_PASSWORD="{{ salt['pillar.get']('gnuviechadmin:database:owner:password') }}"
-export GVA_PGSQL_HOSTNAME="{{ salt['pillar.get']('gnuviechadmin:database:host') }}"
-export GVA_PGSQL_PORT={{ salt['pillar.get']('gnuviechadmin:database:port') }}
-export GVA_DOMAIN_NAME="{{ salt['pillar.get']('gnuviechadmin:domainname') }}"
-export GVA_SITE_NAME="{{ salt['pillar.get']('gnuviechadmin:sitename') }}"
-export GVA_SITE_SECRET="{{ salt['pillar.get']('gnuviechadmin:django_secret_key') }}"
-export GVA_SITE_ADMINMAIL="{{ salt['pillar.get']('gnuviechadmin:adminemail') }}"
-export GVA_MIN_OS_UID={{ salt['pillar.get']('gnuviechadmin:minosuid') }}
-export GVA_MIN_OS_GID={{ salt['pillar.get']('gnuviechadmin:minosgid') }}
-export GVA_OSUSER_PREFIX="{{ salt['pillar.get']('gnuviechadmin:osuserprefix') }}"
-export GVA_OSUSER_HOME_BASEPATH="{{ salt['pillar.get']('gnuviechadmin:osuserhomedirbase') }}"
-export GVA_OSUSER_DEFAULT_SHELL="{{ salt['pillar.get']('gnuviechadmin:osuserdefaultshell') }}"
-export GVA_BROKER_URL="{{ broker_url }}"
-export GVA_OSUSER_UPLOADSERVER="{{ salt['pillar.get']('gnuviechadmin:uploadserver') }}"
-export GVA_WEBMAIL_URL="{{ salt['pillar.get']('gnuviechadmin:webmail_url') }}"
-export GVA_PHPMYADMIN_URL="{{ salt['pillar.get']('gnuviechadmin:phpmyadmin_url') }}"
-export GVA_PHPPGADMIN_URL="{{ salt['pillar.get']('gnuviechadmin:phppgadmin_url') }}"
-export GVA_RESULTS_REDIS_URL="redis://:{{ salt['pillar.get']('gnuviechadmin:redis_password') }}@{{ salt['pillar.get']('gnuviechadmin:redis_host') }}/0"
diff --git a/states/gnuviechadmin/gvaapp_macros.sls b/states/gnuviechadmin/gvaapp_macros.sls
index 3490c1f..9ef29d3 100644
--- a/states/gnuviechadmin/gvaapp_macros.sls
+++ b/states/gnuviechadmin/gvaapp_macros.sls
@@ -128,7 +128,7 @@ gvabase-dependencies:
   file.managed:
     - user: root
     - group: {{ app_group }}
-    - mode: 0640
+    - mode: 0644
     - source: salt://gnuviechadmin/celery-worker.service
     - template: jinja
     - context:
diff --git a/states/gnuviechadmin/gvafile.sls b/states/gnuviechadmin/gvafile.sls
index 6fd914a..14d4c28 100644
--- a/states/gnuviechadmin/gvafile.sls
+++ b/states/gnuviechadmin/gvafile.sls
@@ -80,5 +80,6 @@ bind_mount_sftp_chroot:
     - template: jinja
     - context:
         app_user: {{ salt['grains.get']('gnuviechadmin:user', gvaappname) }}
+    - check_cmd: /usr/sbin/visudo -c -f
     - require:
       - pkg: sudo
diff --git a/states/gnuviechadmin/gvamysql.sls b/states/gnuviechadmin/gvamysql.sls
index 206a8b6..14700fa 100644
--- a/states/gnuviechadmin/gvamysql.sls
+++ b/states/gnuviechadmin/gvamysql.sls
@@ -1,3 +1,4 @@
+---
 {% set gvaappname = salt['pillar.get']('gnuviechadmin:appname') %}
 {% set purpose = "for MySQL/MariaDB configuration management" %}
 {% set mysql_admin_user = salt['pillar.get']('gnuviechadmin:{}:mysql_admin_user'.format(gvaappname), 'gvamysql') %}
diff --git a/states/gnuviechadmin/gvapgsql.sls b/states/gnuviechadmin/gvapgsql.sls
index 26443a4..6f5cf81 100644
--- a/states/gnuviechadmin/gvapgsql.sls
+++ b/states/gnuviechadmin/gvapgsql.sls
@@ -1,3 +1,4 @@
+---
 {% set gvaappname = salt['pillar.get']('gnuviechadmin:appname') %}
 {% set purpose = "for PostgreSQL configuration management" %}
 {% from 'gnuviechadmin/gvaapp_macros.sls' import create_celery_worker with context %}
@@ -22,5 +23,7 @@ gvapgsql-pgsql-user:
     - user: postgres
     - superuser: True
     - login: True
+    - watch_in:
+      - service: {{ gvaappname }}-celery-worker
     - require:
       - pkg: postgresql
diff --git a/states/gnuviechadmin/gvaweb.sls b/states/gnuviechadmin/gvaweb.sls
index a301e89..1f04f0b 100644
--- a/states/gnuviechadmin/gvaweb.sls
+++ b/states/gnuviechadmin/gvaweb.sls
@@ -1,3 +1,4 @@
+---
 {% set gvaappname = salt['pillar.get']('gnuviechadmin:appname') %}
 {% set purpose = "for website configuration management" %}
 {% from 'gnuviechadmin/gvaapp_macros.sls' import create_celery_worker with context %}
@@ -15,5 +16,6 @@ include:
     - template: jinja
     - context:
         app_user: {{ salt['grains.get']('gnuviechadmin:user', gvaappname) }}
+    - check_cmd: /usr/sbin/visudo -c -f
     - require:
       - pkg: sudo
diff --git a/states/gnuviechadmin/ssh_deploy_config b/states/gnuviechadmin/ssh_deploy_config
deleted file mode 100644
index 321cde9..0000000
--- a/states/gnuviechadmin/ssh_deploy_config
+++ /dev/null
@@ -1,5 +0,0 @@
-Host git
-Hostname file
-User gituser
-IdentityFile {{ key }}
-IdentitiesOnly yes
diff --git a/states/python/pipenv.sls b/states/python/pipenv.sls
deleted file mode 100644
index 95be653..0000000
--- a/states/python/pipenv.sls
+++ /dev/null
@@ -1,14 +0,0 @@
-pipenv-preconditions:
-  pkg.installed:
-    - pkgs:
-      - python3-wheel
-      - python3-pip
-      - python3-setuptools
-
-install_pipenv:
-  cmd.run:
-    - name: python3 -m pip install -U --prefix /usr/local pipenv
-    - creates: /usr/local/bin/pipenv
-    - require:
-      - pipenv-preconditions
-
diff --git a/states/python/virtualenv.sls b/states/python/virtualenv.sls
deleted file mode 100644
index 609b11b..0000000
--- a/states/python/virtualenv.sls
+++ /dev/null
@@ -1,5 +0,0 @@
-python3-virtualenv-packages:
-  pkg.installed:
-    - pkgs:
-      - python3-dev
-      - python3-virtualenv