diff --git a/README.md b/README.md
index dede610..0a3b2aa 100644
--- a/README.md
+++ b/README.md
@@ -21,3 +21,11 @@ Should probably start creating a seperate cert for each subdomain.
 ### Git server
 
 GitLab? Gitea?
+
+### Firewall
+
+Seems to be a little annoying with all the docker stuff
+
+### Mastodon
+
+Fix cache filling up so much space: cronjob to remove them?
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index ede437c..6e1b051 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -1,3 +1,10 @@
+- name: APT upgrade
+  apt:
+    autoremove: true
+    upgrade: yes
+    state: latest
+    update_cache: yes
+    cache_valid_time: 86400 # One day
 - name: Create /data directory
   file:
     path: /data
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 39ecb5a..dfef31a 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -6,14 +6,17 @@
       - gnupg
       - lsb-release
       - python3-pip
-    state: latest
-    update_cache: true
 - name: Add Docker APT key
   apt_key:
     url: https://download.docker.com/linux/ubuntu/gpg
 - name: Add Docker repository
   apt_repository:
     repo: "deb https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
+  register: apt_repository
+- name: Update APT cache
+  apt:
+    update_cache: true
+  when: apt_repository.changed
 - name: Install Docker packages
   apt:
     pkg:
@@ -21,8 +24,6 @@
       - docker-ce-cli
       - containerd.io
       - docker-compose-plugin
-    state: latest
-    update_cache: true
 - name: Install Docker modules for Python
   pip:
     name:
diff --git a/roles/ssh/meta/main.yml b/roles/ssh/meta/main.yml
new file mode 100644
index 0000000..9711b33
--- /dev/null
+++ b/roles/ssh/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+  - role: common