diff --git a/management/cmd/management.go b/management/cmd/management.go
index faa509fdf..048c4e413 100644
--- a/management/cmd/management.go
+++ b/management/cmd/management.go
@@ -4,8 +4,9 @@ import (
 	"context"
 	"flag"
 	"fmt"
-	"github.com/wiretrustee/wiretrustee/management/http_server"
 	"github.com/wiretrustee/wiretrustee/management/server"
+	grpc2 "github.com/wiretrustee/wiretrustee/management/server/grpc"
+	"github.com/wiretrustee/wiretrustee/management/server/http"
 	"github.com/wiretrustee/wiretrustee/util"
 	"net"
 	"os"
@@ -58,21 +59,21 @@ var (
 
 			var opts []grpc.ServerOption
 
-			var httpServer *http_server.Server
+			var httpServer *http.Server
 			if config.HttpConfig.LetsEncryptDomain != "" {
 				certManager := encryption.CreateCertManager(config.Datadir, config.HttpConfig.LetsEncryptDomain)
 				transportCredentials := credentials.NewTLS(certManager.TLSConfig())
 				opts = append(opts, grpc.Creds(transportCredentials))
 
-				httpServer = http_server.NewHttpsServer(config.HttpConfig, certManager)
+				httpServer = http.NewHttpsServer(config.HttpConfig, certManager)
 			} else {
-				httpServer = http_server.NewHttpServer(config.HttpConfig)
+				httpServer = http.NewHttpServer(config.HttpConfig)
 			}
 
 			opts = append(opts, grpc.KeepaliveEnforcementPolicy(kaep), grpc.KeepaliveParams(kasp))
 			grpcServer := grpc.NewServer(opts...)
 
-			server, err := server.NewServer(config)
+			server, err := grpc2.NewServer(config)
 			if err != nil {
 				log.Fatalf("failed creating new server: %v", err)
 			}
diff --git a/management/server/server.go b/management/server/grpc/server.go
similarity index 91%
rename from management/server/server.go
rename to management/server/grpc/server.go
index 14e9bebf2..424145ce8 100644
--- a/management/server/server.go
+++ b/management/server/grpc/server.go
@@ -1,8 +1,9 @@
-package server
+package grpc
 
 import (
 	"context"
 	"fmt"
+	"github.com/wiretrustee/wiretrustee/management/server"
 	"sync"
 	"time"
 
@@ -17,12 +18,12 @@ import (
 
 // Server an instance of a Management server
 type Server struct {
-	accountManager *AccountManager
+	accountManager *server.AccountManager
 	wgKey          wgtypes.Key
 	proto.UnimplementedManagementServiceServer
 	peerChannels map[string]chan *UpdateChannelMessage
 	channelsMux  *sync.Mutex
-	config       *Config
+	config       *server.Config
 }
 
 // AllowedIPsFormat generates Wireguard AllowedIPs format (e.g. 100.30.30.1/32)
@@ -33,12 +34,12 @@ type UpdateChannelMessage struct {
 }
 
 // NewServer creates a new Management server
-func NewServer(config *Config) (*Server, error) {
+func NewServer(config *server.Config) (*Server, error) {
 	key, err := wgtypes.GeneratePrivateKey()
 	if err != nil {
 		return nil, err
 	}
-	store, err := NewStore(config.Datadir)
+	store, err := server.NewStore(config.Datadir)
 	if err != nil {
 		return nil, err
 	}
@@ -47,7 +48,7 @@ func NewServer(config *Config) (*Server, error) {
 		// peerKey -> event channel
 		peerChannels:   make(map[string]chan *UpdateChannelMessage),
 		channelsMux:    &sync.Mutex{},
-		accountManager: NewManager(store),
+		accountManager: server.NewManager(store),
 		config:         config,
 	}, nil
 }
@@ -152,7 +153,7 @@ func (s *Server) RegisterPeer(ctx context.Context, req *proto.RegisterPeerReques
 	for _, remotePeer := range peers {
 		if channel, ok := s.peerChannels[remotePeer.Key]; ok {
 			// exclude notified peer and add ourselves
-			peersToSend := []*Peer{peer}
+			peersToSend := []*server.Peer{peer}
 			for _, p := range peers {
 				if remotePeer.Key != p.Key {
 					peersToSend = append(peersToSend, p)
@@ -166,17 +167,17 @@ func (s *Server) RegisterPeer(ctx context.Context, req *proto.RegisterPeerReques
 	return &proto.RegisterPeerResponse{}, nil
 }
 
-func toResponseProto(configProto Protocol) proto.HostConfig_Protocol {
+func toResponseProto(configProto server.Protocol) proto.HostConfig_Protocol {
 	switch configProto {
-	case UDP:
+	case server.UDP:
 		return proto.HostConfig_UDP
-	case DTLS:
+	case server.DTLS:
 		return proto.HostConfig_DTLS
-	case HTTP:
+	case server.HTTP:
 		return proto.HostConfig_HTTP
-	case HTTPS:
+	case server.HTTPS:
 		return proto.HostConfig_HTTPS
-	case TCP:
+	case server.TCP:
 		return proto.HostConfig_TCP
 	default:
 		//mbragin: todo something better?
@@ -184,7 +185,7 @@ func toResponseProto(configProto Protocol) proto.HostConfig_Protocol {
 	}
 }
 
-func toSyncResponse(config *Config, peer *Peer, peers []*Peer) *proto.SyncResponse {
+func toSyncResponse(config *server.Config, peer *server.Peer, peers []*server.Peer) *proto.SyncResponse {
 
 	var stuns []*proto.HostConfig
 	for _, stun := range config.Stuns {
@@ -267,7 +268,7 @@ func (s *Server) closeUpdatesChannel(peerKey string) {
 }
 
 // sendInitialSync sends initial proto.SyncResponse to the peer requesting synchronization
-func (s *Server) sendInitialSync(peerKey wgtypes.Key, peer *Peer, srv proto.ManagementService_SyncServer) error {
+func (s *Server) sendInitialSync(peerKey wgtypes.Key, peer *server.Peer, srv proto.ManagementService_SyncServer) error {
 
 	peers, err := s.accountManager.GetPeersForAPeer(peer.Key)
 	if err != nil {
diff --git a/management/http_server/handler/callback.go b/management/server/http/handler/callback.go
similarity index 93%
rename from management/http_server/handler/callback.go
rename to management/server/http/handler/callback.go
index 12a35a06c..310637ce2 100644
--- a/management/http_server/handler/callback.go
+++ b/management/server/http/handler/callback.go
@@ -4,18 +4,18 @@ import (
 	"context"
 	"github.com/coreos/go-oidc"
 	"github.com/gorilla/sessions"
-	"github.com/wiretrustee/wiretrustee/management/http_server/middleware"
+	middleware2 "github.com/wiretrustee/wiretrustee/management/server/http/middleware"
 	"log"
 	"net/http"
 )
 
 // Callback handler used to receive a callback from the identity provider
 type Callback struct {
-	authenticator *middleware.Authenticator
+	authenticator *middleware2.Authenticator
 	sessionStore  sessions.Store
 }
 
-func NewCallback(authenticator *middleware.Authenticator, sessionStore sessions.Store) *Callback {
+func NewCallback(authenticator *middleware2.Authenticator, sessionStore sessions.Store) *Callback {
 	return &Callback{
 		authenticator: authenticator,
 		sessionStore:  sessionStore,
diff --git a/management/http_server/handler/dashboard.go b/management/server/http/handler/dashboard.go
similarity index 100%
rename from management/http_server/handler/dashboard.go
rename to management/server/http/handler/dashboard.go
diff --git a/management/http_server/handler/login.go b/management/server/http/handler/login.go
similarity index 86%
rename from management/http_server/handler/login.go
rename to management/server/http/handler/login.go
index 38e28155d..f27752926 100644
--- a/management/http_server/handler/login.go
+++ b/management/server/http/handler/login.go
@@ -4,18 +4,18 @@ import (
 	"crypto/rand"
 	"encoding/base64"
 	"github.com/gorilla/sessions"
-	"github.com/wiretrustee/wiretrustee/management/http_server/middleware"
+	middleware2 "github.com/wiretrustee/wiretrustee/management/server/http/middleware"
 	"io/fs"
 	"net/http"
 )
 
 // Login handler used to login a user
 type Login struct {
-	authenticator *middleware.Authenticator
+	authenticator *middleware2.Authenticator
 	sessionStore  sessions.Store
 }
 
-func NewLogin(authenticator *middleware.Authenticator, sessionStore sessions.Store) *Login {
+func NewLogin(authenticator *middleware2.Authenticator, sessionStore sessions.Store) *Login {
 	return &Login{
 		authenticator: authenticator,
 		sessionStore:  sessionStore,
diff --git a/management/http_server/handler/logout.go b/management/server/http/handler/logout.go
similarity index 100%
rename from management/http_server/handler/logout.go
rename to management/server/http/handler/logout.go
diff --git a/management/http_server/middleware/auth.go b/management/server/http/middleware/auth.go
similarity index 100%
rename from management/http_server/middleware/auth.go
rename to management/server/http/middleware/auth.go
diff --git a/management/http_server/middleware/authenticated.go b/management/server/http/middleware/authenticated.go
similarity index 100%
rename from management/http_server/middleware/authenticated.go
rename to management/server/http/middleware/authenticated.go
diff --git a/management/http_server/server.go b/management/server/http/server.go
similarity index 76%
rename from management/http_server/server.go
rename to management/server/http/server.go
index 1495f71e5..723b891aa 100644
--- a/management/http_server/server.go
+++ b/management/server/http/server.go
@@ -1,12 +1,12 @@
-package http_server
+package http
 
 import (
 	"context"
 	"encoding/gob"
 	log "github.com/sirupsen/logrus"
-	"github.com/wiretrustee/wiretrustee/management/http_server/handler"
-	"github.com/wiretrustee/wiretrustee/management/http_server/middleware"
 	s "github.com/wiretrustee/wiretrustee/management/server"
+	handler2 "github.com/wiretrustee/wiretrustee/management/server/http/handler"
+	middleware2 "github.com/wiretrustee/wiretrustee/management/server/http/middleware"
 	"golang.org/x/crypto/acme/autocert"
 	"net/http"
 	"time"
@@ -51,7 +51,7 @@ func (s *Server) Stop(ctx context.Context) error {
 func (s *Server) Start() error {
 
 	sessionStore := sessions.NewFilesystemStore("", []byte("something-very-secret"))
-	authenticator, err := middleware.NewAuthenticator(s.config.AuthDomain, s.config.AuthClientId, s.config.AuthClientSecret, s.config.AuthCallback)
+	authenticator, err := middleware2.NewAuthenticator(s.config.AuthDomain, s.config.AuthClientId, s.config.AuthClientSecret, s.config.AuthCallback)
 	if err != nil {
 		log.Errorf("failed cerating authentication middleware %v", err)
 		return err
@@ -62,12 +62,12 @@ func (s *Server) Start() error {
 	r := http.NewServeMux()
 	s.server.Handler = r
 
-	r.Handle("/login", handler.NewLogin(authenticator, sessionStore))
-	r.Handle("/logout", handler.NewLogout(s.config.AuthDomain, s.config.AuthClientId))
-	r.Handle("/callback", handler.NewCallback(authenticator, sessionStore))
+	r.Handle("/login", handler2.NewLogin(authenticator, sessionStore))
+	r.Handle("/logout", handler2.NewLogout(s.config.AuthDomain, s.config.AuthClientId))
+	r.Handle("/callback", handler2.NewCallback(authenticator, sessionStore))
 	r.Handle("/dashboard", negroni.New(
-		negroni.HandlerFunc(middleware.NewAuth(sessionStore).IsAuthenticated),
-		negroni.Wrap(handler.NewDashboard(sessionStore))),
+		negroni.HandlerFunc(middleware2.NewAuth(sessionStore).IsAuthenticated),
+		negroni.Wrap(handler2.NewDashboard(sessionStore))),
 	)
 	http.Handle("/", r)
 
diff --git a/management/http_server/template/templates.go b/management/server/http/template/templates.go
similarity index 100%
rename from management/http_server/template/templates.go
rename to management/server/http/template/templates.go
diff --git a/management/server/management_test.go b/management/server/management_test.go
index 288a837f8..b10f0cc4b 100644
--- a/management/server/management_test.go
+++ b/management/server/management_test.go
@@ -3,6 +3,7 @@ package server_test
 import (
 	"context"
 	server "github.com/wiretrustee/wiretrustee/management/server"
+	grpc2 "github.com/wiretrustee/wiretrustee/management/server/grpc"
 	"io/ioutil"
 	"math/rand"
 	"net"
@@ -425,7 +426,7 @@ func startServer(config *server.Config) (*grpc.Server, net.Listener) {
 	lis, err := net.Listen("tcp", ":0")
 	Expect(err).NotTo(HaveOccurred())
 	s := grpc.NewServer()
-	mgmtServer, err := server.NewServer(config)
+	mgmtServer, err := grpc2.NewServer(config)
 	Expect(err).NotTo(HaveOccurred())
 	mgmtProto.RegisterManagementServiceServer(s, mgmtServer)
 	go func() {