diff --git a/README.md b/README.md
index 51e0150..e42ac2e 100644
--- a/README.md
+++ b/README.md
@@ -66,17 +66,54 @@ Here is a deeper insight into the variables of this gitea role. For the exact fu
 ### gitea in the linux world
 | variable name | default value | description |
 | ------------- | ------------- | ----------- |
-| `gitea_user` | `gitea ` | UNIX user used by Gitea |
 | `gitea_group` | `gitea` | UNIX group used by Gitea |
 | `gitea_home` | `/var/lib/gitea` | Base directory to work |
 | `gitea_shell` | `/bin/false` | UNIX shell used by gitea. Set it to `/bin/bash` if you don't use the gitea built-in ssh server. |
 
-### Look and feel
+### Overall ([DEFAULT](https://docs.gitea.io/en-us/config-cheat-sheet/#overall-default))
 | variable name | default value | description |
 | ------------- | ------------- | ----------- |
 | `gitea_app_name` | `Gitea` | Displayed application name |
-| `gitea_repository_root` | `{{ gitea_home }}/repos` | The path where all gitea repositorys are stored |
+| `gitea_user` | `gitea ` | UNIX user used by Gitea |
+| `gitea_run_mode`| `prod`| Application run mode, affects performance and debugging. Either “dev”, “prod” or “test”. |
+
+### Repository ([repository](https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository))
+| variable name | default value | description |
+| ------------- | ------------- | ----------- |
+| `gitea_repository_root` | `{{ gitea_home }}/repos` |  Root path for storing all repository data. It must be an absolute path. |
+| `gitea_force_private` | `false` | Force every new repository to be private. |
+| `gitea_user_repo_limit` | `-1` | Limit how many repos a user can have *(`-1` for unlimited)* |
+| `gitea_disable_http_git` | `false` | Disable the ability to interact with repositories over the HTTP protocol. (true/false) |
+| `gitea_default_branch` | `main` | Default branch name of all repositories. |
+| `gitea_repository_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[repository]` section of the config. |
+
+### UI ([ui](https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui))
+| variable name | default value | description |
+| ------------- | ------------- | ----------- |
 | `gitea_show_user_email` | `false` | Do you want to display email addresses ? (true/false) |
+| `gitea_theme_default` | `gitea` | Default theme |
+| `gitea_themes` | `gitea,arc-green` | List of enabled themes |
+| `gitea_ui_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[ui]` section of the config. |
+
+### Server [server](https://docs.gitea.io/en-us/config-cheat-sheet/#server-server)
+| variable name | default value | description |
+| ------------- | ------------- | ----------- |
+| `gitea_protocol`| `http` | Listening protocol [http, https, fcgi, unix, fcgi+unix] |
+| `gitea_http_domain` | `localhost` | Domain name of this server. Set it to the FQDN where you can reach your gitea server |
+| `gitea_root_url` | `http://localhost:3000` | Root URL used to access your web app (full URL) |
+| `gitea_http_listen` | `127.0.0.1` | HTTP listen address |
+| `gitea_http_port` | `3000` | Bind port *(redirect from `80` will be activated if value is `443`)* |
+| `gitea_http_letsencrypt_mail` | `undefined` | Enable Let`s Encrypt if a email address is given |
+| `gitea_start_ssh` | `true` | When enabled, use the built-in SSH server. |
+| `gitea_ssh_domain` | `{{ gitea_http_domain ` |  Domain name of this server, used for displayed clone URL |
+| `gitea_ssh_port` | `2222` | SSH port displayed in clone URL. |
+| `gitea_ssh_listen` | `0.0.0.0` | Listen address for the built-in SSH server. |
+
+
+
+### Look and feel
+| variable name | default value | description |
+| ------------- | ------------- | ----------- |
 | `gitea_disable_gravatar` | `true` | Do you want to disable Gravatar ? (privacy and so on) (true/false) |
 | `gitea_disable_registration` | `false` | Do you want to disable user registration? (true/false) |
 | `gitea_register_email_confirm` | `false` | Enable this to ask for mail confirmation of registration. Requires `gitea_mailer_enabled` to be enabled. |
@@ -87,8 +124,6 @@ Here is a deeper insight into the variables of this gitea role. For the exact fu
 | `gitea_enable_captcha` | `true` | Do you want to enable captcha's ? (true/false)|
 | `gitea_enable_notify_mail` | `false` | Enable this to send e-mail to watchers of a repository when something happens, like creating issues (true/false) |
 | `gitea_auto_watch_new_repos` | `true` | Enable this to let all organisation users watch new repos when they are created (true/false) |
-| `gitea_themes` | `gitea,arc-green` | List of enabled themes |
-| `gitea_theme_default` | `gitea` | Default theme |
 
 
 ### Security
@@ -97,27 +132,15 @@ Here is a deeper insight into the variables of this gitea role. For the exact fu
 | `gitea_secret_key` | `''` | Global secret key. Will be autogenerated if not defined. Should be unique. |
 | `gitea_internal_token` | `''` | Internal API token. Will be autogenerated if not defined. Should be unique. |
 | `gitea_disable_git_hooks` | `true` | Set to false to enable users with git hook privilege to create custom git hooks. Can be dangerous. |
-| `gitea_user_repo_limit` | `-1` | Limit how many repos a user can have *(`-1` for unlimited)* |
 | `gitea_lfs_secret` | `''` | < JWT secret for remote LFS usage. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined |
 | `gitea_oauth2_jwt_secret` | `''` | Oauth2 JWT secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined. |
 
 
 ### HTTP configuration
 
-* `gitea_http_domain`: HTTP domain (displayed in your clone URLs, just the domain like git.foo.fr)
-* `gitea_root_url`: Root URL used to access your web app (full URL)
-* `gitea_protocol`: Listening protocol (http/https)
-* `gitea_http_listen`: Bind address
-* `gitea_http_port`: Bind port (redirect from `80` will be activated if value is `443` - Default: `3000`)
-* `gitea_disable_http_git`: Disable the use of Git over HTTP ? (true/false)
-* `gitea_http_letsencrypt_mail` Enable Let`s Encrypt if a email address is given
 
 ### SSH configuration
 
-* `gitea_ssh_listen`: Bind address for the SSH server
-* `gitea_ssh_domain`: SSH domain (displayed in your clone URLs)
-* `gitea_start_ssh`: Do you want to start a built-in SSH server ? (true/false)
-* `gitea_ssh_port`: SSH bind port
 
 ### Database configuration
 
diff --git a/defaults/main.yml b/defaults/main.yml
index cca4933..372bea9 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,21 +1,53 @@
 ---
 # gitea version
-gitea_version: "1.13.4"
+gitea_version: '1.13.4'
 gitea_version_check: true
 gitea_dl_url: "https://github.com/go-gitea/gitea/releases/download/v{{ gitea_version }}/gitea-{{ gitea_version }}-linux-{{ gitea_arch }}"
-gitea_gpg_key: "7C9E68152594688862D62AF62D9AE806EC1592E2"
-gitea_gpg_server: "hkp://keyserver.ubuntu.com:80"
+gitea_gpg_key: '7C9E68152594688862D62AF62D9AE806EC1592E2'
+gitea_gpg_server: 'hkp://keyserver.ubuntu.com:80'
 
 # gitea in the linux world
-gitea_user: "gitea"
-gitea_group: "gitea"
-gitea_home: "/var/lib/gitea"
-gitea_shell: "/bin/false"
+gitea_group: 'gitea'
+gitea_home: '/var/lib/gitea'
+gitea_shell: '/bin/false'
+
+# Overall (DEFAULT)
+# -> https://docs.gitea.io/en-us/config-cheat-sheet/#overall-default
+gitea_app_name: 'Gitea'
+gitea_user: 'gitea'
+gitea_run_mode: 'prod'
+
+# Repository (repository)
+# -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository
+gitea_repository_root: "{{ gitea_home }}/repos"
+gitea_force_private: false
+gitea_user_repo_limit: '-1'
+gitea_disable_http_git: false
+gitea_default_branch: 'main'
+gitea_repository_extra_config: ''
+
+# UI (ui)
+# -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui
+gitea_show_user_email: false
+gitea_theme_default: 'gitea'
+gitea_themes: 'gitea,arc-green'
+gitea_ui_extra_config: ''
+
+# Server (server)
+# -> https://docs.gitea.io/en-us/config-cheat-sheet/#server-server
+gitea_protocol: 'http'
+gitea_http_domain: 'localhost'
+gitea_root_url: 'http://localhost:3000'
+gitea_http_listen: '127.0.0.1'
+gitea_http_port: '3000'
+# gitea_http_letsencrypt_mail: 'mail@example.com'
+gitea_start_ssh: true
+gitea_ssh_domain: "{{ gitea_http_domain }}"
+gitea_ssh_port: 2222
+gitea_ssh_listen: 0.0.0.0
+
 
 # look and feel
-gitea_app_name: "Gitea"
-gitea_repository_root: "{{ gitea_home }}/repos"
-gitea_show_user_email: false
 gitea_disable_gravatar: true
 gitea_disable_registration: false
 gitea_register_email_confirm: false
@@ -26,25 +58,15 @@ gitea_require_signin: true
 gitea_enable_captcha: true
 gitea_enable_notify_mail: false
 gitea_auto_watch_new_repos: true
-gitea_themes: gitea,arc-green
-gitea_theme_default: gitea
 
 # security
 gitea_secret_key: ''
 gitea_internal_token: ''
 gitea_disable_git_hooks: true
-gitea_user_repo_limit: -1
 gitea_lfs_jwt_secret: ''
 gitea_oauth2_jwt_secret: ''
 
-gitea_http_domain: localhost
 
-gitea_root_url: http://localhost:3000
-gitea_protocol: http
-gitea_http_listen: 127.0.0.1
-gitea_http_port: 3000
-# gitea_http_letsencrypt_mail:  - required
-gitea_disable_http_git: false
 
 
 gitea_lfs_server_enabled: false
@@ -59,12 +81,7 @@ gitea_db_password: lel
 gitea_db_ssl: disable
 gitea_db_path: "{{ gitea_home }}/data/gitea.db"
 
-gitea_ssh_listen: 0.0.0.0
-gitea_ssh_domain: localhost
-gitea_start_ssh: true
-gitea_ssh_port: 2222
 
-gitea_force_private: false
 
 gitea_mailer_enabled: false
 gitea_mailer_skip_verify: false
diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2
index 8d7e1ee..d6510da 100644
--- a/templates/gitea.ini.j2
+++ b/templates/gitea.ini.j2
@@ -5,36 +5,32 @@
 ; undefined variables will use the default value from gitea.
 ; Cheat Sheet: https://docs.gitea.io/en-us/config-cheat-sheet/
 ;
-; App name that shows on every page title
+; -> https://docs.gitea.io/en-us/config-cheat-sheet/#overall-default
 APP_NAME = {{ gitea_app_name }}
-; Change it if you run locally
 RUN_USER = {{ gitea_user }}
-; Either "dev", "prod" or "test", default is "dev"
-RUN_MODE = prod
-
+RUN_MODE = {{ gitea_run_mode }}
+;
+; -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository
 [repository]
 ROOT                = {{ gitea_repository_root }}
-; Force every new repository to be private
 FORCE_PRIVATE       = {{ gitea_force_private | ternary('true', 'false') }}
-; Global limit of repositories per user, applied at creation time. -1 means no limit
 MAX_CREATION_LIMIT  = {{ gitea_user_repo_limit }}
-; Mirror sync queue length, increase if mirror syncing starts hanging
-MIRROR_QUEUE_LENGTH = 1000
-; Disable the ability to interact with repositories using the HTTP protocol
 DISABLE_HTTP_GIT    = {{ gitea_disable_http_git | ternary('true', 'false') }}
-
+DEFAULT_BRANCH      = {{ gitea_default_branch }}
+{{ gitea_repository_extra_config }}
+;
+; -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui
 [ui]
-; Whether the email of the user should be shown in the Explore Users page
 SHOW_USER_EMAIL = {{ gitea_show_user_email | ternary('true', 'false') }}
-THEMES          = {{ gitea_themes }}
 DEFAULT_THEME   = {{ gitea_theme_default }}
-
+THEMES          = {{ gitea_themes }}
+{{ gitea_ui_extra_config }}
+;
+; -> https://docs.gitea.io/en-us/config-cheat-sheet/#server-server
 [server]
-; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'.
 PROTOCOL         = {{ gitea_protocol }}
 DOMAIN           = {{ gitea_http_domain }}
 ROOT_URL         = {{ gitea_root_url }}
-; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
 HTTP_ADDR             = {{ gitea_http_listen }}
 HTTP_PORT             = {{ gitea_http_port }}
 {% if gitea_http_port == 443 %}
@@ -45,10 +41,10 @@ ENABLE_LETSENCRYPT    = true
 LETSENCRYPT_ACCEPTTOS = true
 LETSENCRYPT_EMAIL     = {{ gitea_http_letsencrypt_mail }}
 {% endif %}
-; Disable SSH feature when not available
-DISABLE_SSH      = false
-; Whether to use the builtin SSH server or not.
 START_SSH_SERVER = {{ gitea_start_ssh | ternary('true', 'false') }}
+
+
+
 ; Domain name to be exposed in clone URL
 SSH_DOMAIN       = {{ gitea_ssh_domain }}
 ; The network interface the builtin SSH server should listen on