diff --git a/handlers/main.yml b/handlers/main.yml
index eade7a3..fc2696b 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,17 +1,20 @@
 ---
 - name: "Restart gitea"
+  become: true
   service:
     name: gitea
     state: restarted
   when: ansible_service_mgr == "systemd"
 
 - name: "Reload systemd"
+  become: true
   systemd:
     daemon_reload: true
   when: ansible_service_mgr == "systemd"
 
-- name: "Restart fail2ban"
-  service:
+- name: "systemctl restart fail2ban"
+  become: true
+  ansible.builtin.systemd:
     name: fail2ban
     state: restarted
   when: ansible_service_mgr == "systemd"
diff --git a/tasks/backup.yml b/tasks/backup.yml
index e3b8ab3..5bbf374 100644
--- a/tasks/backup.yml
+++ b/tasks/backup.yml
@@ -1,15 +1,18 @@
 ---
 - name: Get service facts
-  service_facts:
+  ansible.builtin.service_facts:
 
 - block:
     - name: Stopping gitea before upgrade
-      service:
+      become: true
+      ansible.builtin.systemd:
         name: gitea
         state: stopped
+      when: ansible_service_mgr == "systemd"
 
     - name: "Create backup directory"
-      file:
+      become: true
+      ansible.builtin.file:
         path: "{{ item }}"
         state: directory
         owner: "{{ gitea_user }}"
@@ -19,13 +22,11 @@
         - "{{ gitea_backup_location }}"
 
     - name: Backing up gitea before upgrade
-      command:
+      ansible.builtin.command:
         cmd: "gitea dump -c /etc/gitea/gitea.ini"
         chdir: "{{ gitea_backup_location }}"
       become: true
-      become_method: su
       become_user: "{{ gitea_user }}"
-      become_flags: "-s /bin/sh"
   when:
     - ansible_facts.services["gitea.service"] is defined
     - ansible_facts.services["gitea.service"].state == "running"
diff --git a/tasks/configure.yml b/tasks/configure.yml
new file mode 100644
index 0000000..ae86a3e
--- /dev/null
+++ b/tasks/configure.yml
@@ -0,0 +1,18 @@
+---
+- name: "Configure gitea"
+  become: true
+  ansible.builtin.template:
+    src: gitea.ini.j2
+    dest: /etc/gitea/gitea.ini
+    owner: "{{ gitea_user }}"
+    group: "{{ gitea_group }}"
+    mode: 0600
+  notify: "Restart gitea"
+
+- name: "Service gitea"
+  become: true
+  ansible.builtin.systemd:
+    name: gitea
+    state: started
+    enabled: true
+  when: ansible_service_mgr == "systemd"
diff --git a/tasks/create_user.yml b/tasks/create_user.yml
index 50d308a..7a8919d 100644
--- a/tasks/create_user.yml
+++ b/tasks/create_user.yml
@@ -1,11 +1,13 @@
 ---
 - name: "Create Gitea Group"
+  become: true
   group:
     name: "{{ gitea_group }}"
     system: true
     state: "present"
 
 - name: "Create Gitea user"
+  become: true
   user:
     name: "{{ gitea_user }}"
     comment: "Gitea user"
diff --git a/tasks/fail2ban.yml b/tasks/fail2ban.yml
index 5a9837e..640b754 100644
--- a/tasks/fail2ban.yml
+++ b/tasks/fail2ban.yml
@@ -1,18 +1,20 @@
 ---
 - name: Install fail2ban filter
-  template:
+  become: true
+  ansible.builtin.template:
     src: fail2ban/filter.conf.j2
     dest: /etc/fail2ban/filter.d/gitea.conf
     owner: root
     group: root
     mode: 0444
-  notify: Restart fail2ban
+  notify: systemctl restart fail2ban
 
 - name: Install fail2ban jail
-  template:
+  become: true
+  ansible.builtin.template:
     src: fail2ban/jail.conf.j2
     dest: /etc/fail2ban/jail.d/gitea.conf
     owner: root
     group: root
     mode: 0444
-  notify: Restart fail2ban
+  notify: systemctl restart fail2ban
diff --git a/tasks/install_systemd.yml b/tasks/install_systemd.yml
index 4079aac..695a268 100644
--- a/tasks/install_systemd.yml
+++ b/tasks/install_systemd.yml
@@ -1,5 +1,6 @@
 ---
 - name: "Setup systemd service"
+  become: true
   template:
     src: gitea.service.j2
     dest: /lib/systemd/system/gitea.service
@@ -10,8 +11,7 @@
     - "Reload systemd"
     - "Restart gitea"
 
-# systemd to be reloaded the first time because
-#  it is the only way Systemd is going to be aware of the new unit file.
 - name: "Reload systemd"
+  become: true
   systemd:
     daemon_reload: true
diff --git a/tasks/main.yml b/tasks/main.yml
index 0dfaba0..e0c49ba 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -28,28 +28,19 @@
 - name: Create directorys
   ansible.builtin.include_tasks: directory.yml
 
-- include: install_systemd.yml
+- name: setup gitea systemd service
+  ansible.builtin.include_tasks: install_systemd.yml
   when: ansible_service_mgr == "systemd"
 
-- include_tasks: jwt_secrets.yml
+- name: generate JWT Secrets if undefined
+  ansible.builtin.include_tasks: jwt_secrets.yml
 
-- include_tasks: gitea_secrets.yml
+- name: generate gitea secrets if undefined
+  ansible.builtin.include_tasks: gitea_secrets.yml
 
-- name: "Configure gitea"
-  template:
-    src: gitea.ini.j2
-    dest: /etc/gitea/gitea.ini
-    owner: "{{ gitea_user }}"
-    group: "{{ gitea_group }}"
-    mode: 0600
-  notify: "Restart gitea"
+- name: configure gitea
+  ansible.builtin.include_tasks: configure.yml
 
-- name: "Service gitea"
-  service:
-    name: gitea
-    state: started
-    enabled: true
-  when: ansible_service_mgr == "systemd"
-
-- include: fail2ban.yml
+- name: deploy optional fail2ban rules
+  ansible.builtin.include_tasks: fail2ban.yml
   when: gitea_fail2ban_enabled|bool