diff --git a/.github/ISSUE_TEMPLATE/agile.yaml b/.github/ISSUE_TEMPLATE/agile.yaml
new file mode 100644
index 0000000..cd2311b
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/agile.yaml
@@ -0,0 +1,48 @@
+---
+name: Story/Task/Issue
+description: Create a new story or task
+body:
+  - type: textarea
+    id: definition_of_done
+    attributes:
+      label: Definition of Done / Acceptance Criteria
+      description: What can someone see/do when this task is done.
+      placeholder: >-
+        The export data is available in the xxx format, including age of the
+        patient at the time of imaging...
+    validations:
+      required: true
+  - type: textarea
+    id: testing
+    attributes:
+      label: Testing
+      description: Specific testing considerations for this task to be done
+      placeholder: Passed integration testing that uses the correct modality...
+    validations:
+      required: false
+  - type: textarea
+    id: documentation
+    attributes:
+      label: Documentation
+      description: Documentation to be completed along with this task
+      placeholder: Update README and user guide...
+    validations:
+      required: false
+  - type: textarea
+    id: dependencies
+    attributes:
+      label: Dependencies
+      description: >-
+        Enter the github issue number(s) that the requirement is dependent on,
+        in the form `#1`
+      placeholder: "#1"
+    validations:
+      required: false
+  - type: textarea
+    id: comments
+    attributes:
+      label: Comments
+      description: Any other considerations or comments
+      placeholder: More details or other comments...
+    validations:
+      required: false
diff --git a/.github/workflows/terraform-docs.yaml b/.github/workflows/terraform-docs.yaml
index 5b2f78b..bcb1f52 100644
--- a/.github/workflows/terraform-docs.yaml
+++ b/.github/workflows/terraform-docs.yaml
@@ -13,7 +13,9 @@ jobs:
     - name: Render terraform docs and push changes back to PR
       uses: terraform-docs/gh-actions@v1.2.0
       with:
-        working-dir: .
+        working-dir: ./terraform
+        recursive: true
+        recursive-path: modules
         output-file: README.md
         output-method: inject
         template: |-
diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml
index de83603..bb52422 100644
--- a/.github/workflows/terraform.yaml
+++ b/.github/workflows/terraform.yaml
@@ -20,6 +20,7 @@ jobs:
     defaults:
       run:
         shell: bash
+        working-directory: ./terraform
 
     steps:
       # Checkout the repository to the GitHub Actions runner
diff --git a/README.md b/README.md
index baba278..1cbde14 100644
--- a/README.md
+++ b/README.md
@@ -1,66 +1 @@
-# SSRC Jupyter Instance
-
-![SSRC-Jupyter diagram](docs/ssrc-jupyter.drawio.svg)
-
-## Usage
-
-1. Populate the `public_key_openssh` and `KUBECONFIG` variables
-2. Deploy the Terraform module
-3. Wait for `cloud-init` to finish configuring k3s on the VM
-4. Log into the VM and become root
-5. Fill out the `jupyterhub_config.yaml` file with data from a
-   suitable AzureAD app registration
-6. Run the `install_jupyterhub.sh` script
-
-## References
-
-- [K3s](https://docs.k3s.io/installation)
-- [Zero to JupyterHub](https://z2jh.jupyter.org/en/stable/)
-
-<!-- BEGIN_TF_DOCS -->
-## Requirements
-
-| Name | Version |
-|------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.8.5 |
-| <a name="requirement_harvester"></a> [harvester](#requirement\_harvester) | 0.6.4 |
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_harvester"></a> [harvester](#provider\_harvester) | 0.6.4 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [harvester_cloudinit_secret.cloud-config-jupyter](https://registry.terraform.io/providers/harvester/harvester/0.6.4/docs/resources/cloudinit_secret) | resource |
-| [harvester_virtualmachine.vm](https://registry.terraform.io/providers/harvester/harvester/0.6.4/docs/resources/virtualmachine) | resource |
-| [harvester_image.rhel9](https://registry.terraform.io/providers/harvester/harvester/0.6.4/docs/data-sources/image) | data source |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_namespace"></a> [namespace](#input\_namespace) | Name of the SSRC namespace | `string` | `"ssrc-ns"` | no |
-| <a name="input_network_name"></a> [network\_name](#input\_network\_name) | Name of the SSRC network | `string` | `"ssrc-net"` | no |
-| <a name="input_os_disk_gb"></a> [os\_disk\_gb](#input\_os\_disk\_gb) | Size of the VM's primary disk | `string` | `"50Gi"` | no |
-| <a name="input_public_key_openssh"></a> [public\_key\_openssh](#input\_public\_key\_openssh) | Public SSH key installed on the VM | `string` | n/a | yes |
-| <a name="input_ram_gb"></a> [ram\_gb](#input\_ram\_gb) | Amount of memory for the VM | `string` | `"8Gi"` | no |
-| <a name="input_vcpu"></a> [vcpu](#input\_vcpu) | Number of CPUs for the VM | `number` | `2` | no |
-| <a name="input_vm_count"></a> [vm\_count](#input\_vm\_count) | Number of instances of the VM | `number` | `1` | no |
-| <a name="input_vm_prefix"></a> [vm\_prefix](#input\_vm\_prefix) | Prefix applied to the VM | `string` | `"ssrc-jupyter"` | no |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_access_url"></a> [access\_url](#output\_access\_url) | The URL from which Jupyter can be accessed |
-
----
-<!-- END_TF_DOCS -->
+# ssrc-jupyter
diff --git a/terraform/README.md b/terraform/README.md
new file mode 100644
index 0000000..4f53ca9
--- /dev/null
+++ b/terraform/README.md
@@ -0,0 +1,53 @@
+# ssrc-jupyter
+
+![SSRC-Jupyter diagram](../docs/ssrc-jupyter.drawio.svg)
+
+## Usage
+
+1. Populate the `public_key_openssh` and `KUBECONFIG` variables
+2. Deploy the Terraform module
+3. Wait for `cloud-init` to finish configuring k3s on the VM
+4. Log into the VM and become root
+5. Fill out the `jupyterhub_config.yaml` file with data from a
+   suitable AzureAD app registration
+6. Run the `install_jupyterhub.sh` script
+
+## References
+
+- [K3s](https://docs.k3s.io/installation)
+- [Zero to JupyterHub](https://z2jh.jupyter.org/en/stable/)
+
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | 1.8.5 |
+| <a name="requirement_harvester"></a> [harvester](#requirement\_harvester) | 0.6.4 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_ssrc-jupyter-dept"></a> [ssrc-jupyter-dept](#module\_ssrc-jupyter-dept) | ./modules/jupyter | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_public_key_openssh"></a> [public\_key\_openssh](#input\_public\_key\_openssh) | Public SSH key installed on the VM | `list(string)` | n/a | yes |
+
+## Outputs
+
+No outputs.
+
+---
+<!-- END_TF_DOCS -->
diff --git a/terraform/main.tf b/terraform/main.tf
new file mode 100644
index 0000000..eb544fb
--- /dev/null
+++ b/terraform/main.tf
@@ -0,0 +1,16 @@
+module "ssrc-jupyter-dept" {
+  source = "./modules/jupyter"
+
+  vm_count = 1
+
+  vcpu       = 4
+  ram_gb     = "16Gi"
+  os_disk_gb = "50Gi"
+
+  vm_prefix = "ssrc-jupyter-dept"
+
+  namespace    = "ssrc-ns"
+  network_name = "ssrc-net"
+
+  public_key_openssh = var.public_key_openssh
+}
diff --git a/terraform/modules/jupyter/README.md b/terraform/modules/jupyter/README.md
new file mode 100644
index 0000000..3b6e45f
--- /dev/null
+++ b/terraform/modules/jupyter/README.md
@@ -0,0 +1,49 @@
+# jupyter
+
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | 1.8.5 |
+| <a name="requirement_harvester"></a> [harvester](#requirement\_harvester) | 0.6.4 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_harvester"></a> [harvester](#provider\_harvester) | 0.6.4 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [harvester_cloudinit_secret.cloud-config-jupyter](https://registry.terraform.io/providers/harvester/harvester/0.6.4/docs/resources/cloudinit_secret) | resource |
+| [harvester_virtualmachine.vm](https://registry.terraform.io/providers/harvester/harvester/0.6.4/docs/resources/virtualmachine) | resource |
+| [harvester_image.rhel9](https://registry.terraform.io/providers/harvester/harvester/0.6.4/docs/data-sources/image) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_namespace"></a> [namespace](#input\_namespace) | Name of the SSRC namespace | `string` | n/a | yes |
+| <a name="input_network_name"></a> [network\_name](#input\_network\_name) | Name of the SSRC network | `string` | n/a | yes |
+| <a name="input_os_disk_gb"></a> [os\_disk\_gb](#input\_os\_disk\_gb) | Size of the VM's primary disk | `string` | n/a | yes |
+| <a name="input_public_key_openssh"></a> [public\_key\_openssh](#input\_public\_key\_openssh) | Public SSH key installed on the VM | `list(string)` | n/a | yes |
+| <a name="input_ram_gb"></a> [ram\_gb](#input\_ram\_gb) | Amount of memory for the VM | `string` | n/a | yes |
+| <a name="input_vcpu"></a> [vcpu](#input\_vcpu) | Number of CPUs for the VM | `number` | n/a | yes |
+| <a name="input_vm_count"></a> [vm\_count](#input\_vm\_count) | Number of instances of the VM | `number` | n/a | yes |
+| <a name="input_vm_prefix"></a> [vm\_prefix](#input\_vm\_prefix) | Prefix applied to the server resources | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_access_url"></a> [access\_url](#output\_access\_url) | The URL from which Jupyter can be accessed |
+
+---
+<!-- END_TF_DOCS -->
diff --git a/cloud-init.tmpl.yml b/terraform/modules/jupyter/cloud-init.tmpl.yml
similarity index 92%
rename from cloud-init.tmpl.yml
rename to terraform/modules/jupyter/cloud-init.tmpl.yml
index 676046b..47891e3 100644
--- a/cloud-init.tmpl.yml
+++ b/terraform/modules/jupyter/cloud-init.tmpl.yml
@@ -37,4 +37,6 @@ runcmd:
   - bash /tmp/install_k3s.sh
 
 ssh_authorized_keys:
-  - ${public_key_openssh}
+%{ for key in public_key_openssh ~}
+  - ${key}
+%{ endfor ~}
diff --git a/install_jupyterhub.sh b/terraform/modules/jupyter/install_jupyterhub.sh
similarity index 100%
rename from install_jupyterhub.sh
rename to terraform/modules/jupyter/install_jupyterhub.sh
diff --git a/install_k3s.sh b/terraform/modules/jupyter/install_k3s.sh
similarity index 100%
rename from install_k3s.sh
rename to terraform/modules/jupyter/install_k3s.sh
diff --git a/jupyterhub_config.yaml b/terraform/modules/jupyter/jupyterhub_config.yaml
similarity index 100%
rename from jupyterhub_config.yaml
rename to terraform/modules/jupyter/jupyterhub_config.yaml
diff --git a/main.tf b/terraform/modules/jupyter/main.tf
similarity index 100%
rename from main.tf
rename to terraform/modules/jupyter/main.tf
diff --git a/output.tf b/terraform/modules/jupyter/output.tf
similarity index 100%
rename from output.tf
rename to terraform/modules/jupyter/output.tf
diff --git a/variables.tf b/terraform/modules/jupyter/variables.tf
similarity index 75%
rename from variables.tf
rename to terraform/modules/jupyter/variables.tf
index 466b212..4bacddb 100644
--- a/variables.tf
+++ b/terraform/modules/jupyter/variables.tf
@@ -1,46 +1,39 @@
-variable "namespace" {
-  type        = string
-  default     = "ssrc-ns"
-  description = "Name of the SSRC namespace"
+variable "vm_count" {
+  type        = number
+  description = "Number of instances of the VM"
 }
 
-variable "network_name" {
+variable "vcpu" {
+  type        = number
+  description = "Number of CPUs for the VM"
+}
+
+variable "ram_gb" {
   type        = string
-  default     = "ssrc-net"
-  description = "Name of the SSRC network"
+  description = "Amount of memory for the VM"
 }
 
 variable "os_disk_gb" {
   type        = string
-  default     = "50Gi"
   description = "Size of the VM's primary disk"
 }
 
-variable "public_key_openssh" {
+variable "vm_prefix" {
   type        = string
-  description = "Public SSH key installed on the VM"
+  description = "Prefix applied to the server resources"
 }
 
-variable "ram_gb" {
+variable "namespace" {
   type        = string
-  default     = "16Gi"
-  description = "Amount of memory for the VM"
-}
-
-variable "vcpu" {
-  type        = number
-  default     = 4
-  description = "Number of CPUs for the VM"
+  description = "Name of the SSRC namespace"
 }
 
-variable "vm_count" {
-  type        = number
-  default     = 1
-  description = "Number of instances of the VM"
+variable "network_name" {
+  type        = string
+  description = "Name of the SSRC network"
 }
 
-variable "vm_prefix" {
-  type        = string
-  default     = "ssrc-jupyter"
-  description = "Prefix applied to the VM"
+variable "public_key_openssh" {
+  type        = list(string)
+  description = "Public SSH key installed on the VM"
 }
diff --git a/versions.tf b/terraform/modules/jupyter/versions.tf
similarity index 58%
rename from versions.tf
rename to terraform/modules/jupyter/versions.tf
index 55495a5..5d1a0cc 100644
--- a/versions.tf
+++ b/terraform/modules/jupyter/versions.tf
@@ -1,12 +1,12 @@
-# Enforce minimum Terraform and provider version numbers.
 terraform {
-  required_providers {
 
+  required_version = "1.8.5"
+
+  required_providers {
     harvester = {
       source  = "harvester/harvester"
       version = "0.6.4"
     }
   }
 
-  required_version = ">= 1.8.5"
 }
diff --git a/terraform/output.tf b/terraform/output.tf
new file mode 100644
index 0000000..e69de29
diff --git a/terraform/providers.tf b/terraform/providers.tf
new file mode 100644
index 0000000..82cec19
--- /dev/null
+++ b/terraform/providers.tf
@@ -0,0 +1 @@
+provider "harvester" {}
diff --git a/terraform/variables.tf b/terraform/variables.tf
new file mode 100644
index 0000000..c4e4c96
--- /dev/null
+++ b/terraform/variables.tf
@@ -0,0 +1,4 @@
+variable "public_key_openssh" {
+  type        = list(string)
+  description = "Public SSH key installed on the VM"
+}
diff --git a/terraform/versions.tf b/terraform/versions.tf
new file mode 100644
index 0000000..5d1a0cc
--- /dev/null
+++ b/terraform/versions.tf
@@ -0,0 +1,12 @@
+terraform {
+
+  required_version = "1.8.5"
+
+  required_providers {
+    harvester = {
+      source  = "harvester/harvester"
+      version = "0.6.4"
+    }
+  }
+
+}