diff --git a/Makefile b/Makefile
index a2802ee..83998a2 100644
--- a/Makefile
+++ b/Makefile
@@ -83,6 +83,7 @@ vault:
 		create) $(RUN) bash -c "ansible-vault create --encrypt-vault-id default --vault-password-file vault-password.txt vars/secrets.yml";; \
 		edit) $(RUN) bash -c "ansible-vault edit --vault-password-file vault-password.txt vars/secrets.yml";; \
 		delete) $(RUN) bash -c "rm vars/secrets.yml";; \
+		rekey) $(RUN) bash -c "ansible-vault rekey --vault-password-file vault-password.txt vars/secrets.yml";; \
 		*) echo "Unknown action";; \
 	esac
 
diff --git a/README.md b/README.md
index 6af31f2..7b0b9ec 100644
--- a/README.md
+++ b/README.md
@@ -34,6 +34,7 @@
 - **make vault delete** - удалить файл с переменными
 - **make vault edit** - отредактировать файл переменных
 - **make vault show** - показать содержимое файла переменных
+- **make vault rekey** - сменить пароль шифрования
 
 ### Работа с Git
 
diff --git a/gitlab-ci.yml b/gitlab-ci.yml
deleted file mode 100644
index 49ff971..0000000
--- a/gitlab-ci.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-stages:
-  - lint
-  - test
-  - deploy
-
-services:
-  - name: docker:dind
-    command: ["--tls=false"]
-
-variables:
-  DOCKER_IMAGE: "hub.cism-ms.ru/ansible/ansible:latest"
-  DOCKER_TLS_CERTDIR: ""
-  ANSIBLE_FORCE_COLOR: 'true'
-
-before_script:
-  - echo "$CI_REGISTRY_PASSWORD" | docker login hub.cism-ms.ru -u "$CI_REGISTRY_USER" --password-stdin
-  - docker pull $DOCKER_IMAGE
-  - echo "Fixing directory permissions..."
-  - chmod o-w $CI_PROJECT_DIR
-
-lint:
-  stage: lint
-  script:
-    - echo "Начинаем стейдж Lint"
-    - echo "Распаковываем секреты..."
-    - ansible-vault decrypt vars/secrets.yml --vault-password-file ./vault-password.txt
-    - echo "Запускаем ansible-lint..."
-    - ansible-lint roles/*
-    - echo "Упаковываем секреты..."
-    - ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file ./vault-password.txt
-  allow_failure: false
-
-test:
-  stage: test
-  script:
-    - echo "Распаковываем секреты..."
-    - ansible-vault decrypt --vault-password-file ./vault-password.txt vars/secrets.yml
-    - echo "Запускаем тесты через Молекулу..."
-    - molecule test --parallel
-    - echo "Упаковываем секреты..."
-    - ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file ./vault-password.txt
-  allow_failure: false
-
-deploy:
-  stage: deploy
-  script:
-    - echo "Распаковываем секреты..."
-    - ansible-vault decrypt --vault-password-file ./vault-password.txt vars/secrets.yml
-    - echo "Все ок. Деплоим в прод..."
-    - ansible-playbook roles/deploy.yaml
-    - echo "Упаковываем секреты..."
-    - ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file ./vault-password.txt
-  only:
-    - /^cluster-.*$/
-
-after_script:
-  - echo "Removing symlink..."
-  #- rm -rf /ansible