diff --git a/Makefile b/Makefile
index 62d3782..d512ac7 100644
--- a/Makefile
+++ b/Makefile
@@ -25,4 +25,7 @@ ssh:
 traefik:
 	ansible-playbook playbooks/traefik.yml -i inventory/hosts.yml
 
+kms:
+	ansible-playbook playbooks/kms.yml -i inventory/hosts.yml
+
 .PHONY: run
diff --git a/playbooks/all.yml b/playbooks/all.yml
index 10ca1f7..53c3313 100644
--- a/playbooks/all.yml
+++ b/playbooks/all.yml
@@ -6,3 +6,6 @@
     - syncthing
     - pizzeria
     - gitea
+    - radicale
+    - mastodon
+    - kms
\ No newline at end of file
diff --git a/roles/gitea/files/app.ini b/roles/gitea/files/app.ini
deleted file mode 100644
index 1d6d748..0000000
--- a/roles/gitea/files/app.ini
+++ /dev/null
@@ -1,100 +0,0 @@
-APP_NAME = Gitea: Git with a cup of tea
-RUN_MODE = prod
-RUN_USER = git
-
-[repository]
-ROOT = /data/git/repositories
-
-[repository.local]
-LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
-
-[repository.upload]
-TEMP_PATH = /data/gitea/uploads
-
-[server]
-APP_DATA_PATH    = /data/gitea
-DOMAIN           = localhost
-SSH_DOMAIN       = localhost
-HTTP_PORT        = 3000
-ROOT_URL         = {{ gitea.root_url }}
-DISABLE_SSH      = false
-SSH_PORT         = 22
-SSH_LISTEN_PORT  = 22
-LFS_START_SERVER = true
-LFS_JWT_SECRET   = {{ gitea.lfs_jwt_secret }}
-OFFLINE_MODE     = false
-
-[database]
-PATH     = /data/gitea/gitea.db
-DB_TYPE  = sqlite3
-HOST     = localhost:3306
-NAME     = gitea
-USER     = root
-PASSWD   = 
-LOG_SQL  = false
-SCHEMA   = 
-SSL_MODE = disable
-CHARSET  = utf8
-
-[indexer]
-ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
-
-[session]
-PROVIDER_CONFIG = /data/gitea/sessions
-PROVIDER        = file
-
-[picture]
-AVATAR_UPLOAD_PATH            = /data/gitea/avatars
-REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
-DISABLE_GRAVATAR              = false
-ENABLE_FEDERATED_AVATAR       = true
-
-[attachment]
-PATH = /data/gitea/attachments
-
-[log]
-MODE      = console
-LEVEL     = info
-ROUTER    = console
-ROOT_PATH = /data/gitea/log
-
-[security]
-INSTALL_LOCK                  = true
-SECRET_KEY                    = 
-REVERSE_PROXY_LIMIT           = 1
-REVERSE_PROXY_TRUSTED_PROXIES = *
-INTERNAL_TOKEN                = {{ gitea.internal_token }}
-PASSWORD_HASH_ALGO            = pbkdf2
-
-[service]
-DISABLE_REGISTRATION              = true
-REQUIRE_SIGNIN_VIEW               = false
-REGISTER_EMAIL_CONFIRM            = false
-ENABLE_NOTIFY_MAIL                = true
-ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
-ENABLE_CAPTCHA                    = false
-DEFAULT_KEEP_EMAIL_PRIVATE        = false
-DEFAULT_ALLOW_CREATE_ORGANIZATION = true
-DEFAULT_ENABLE_TIMETRACKING       = true
-NO_REPLY_ADDRESS                  = noreply.localhost
-
-[lfs]
-PATH = /data/git/lfs
-
-[mailer]
-ENABLED = true
-HOST    = {{ gitea.mailer_host }}
-FROM    = {{ gitea.mailer_from }}
-USER    = 
-PASSWD  = 
-
-[openid]
-ENABLE_OPENID_SIGNIN = true
-ENABLE_OPENID_SIGNUP = true
-
-[repository.pull-request]
-DEFAULT_MERGE_STYLE = merge
-
-[repository.signing]
-DEFAULT_TRUST_MODEL = committer
-
diff --git a/roles/gitea/tasks/main.yml b/roles/gitea/tasks/main.yml
index 24ee294..172f258 100644
--- a/roles/gitea/tasks/main.yml
+++ b/roles/gitea/tasks/main.yml
@@ -20,7 +20,7 @@
     group: 1000
 - name: Copy app.ini
   template:
-    src: "{{ role_path }}/files/app.ini"
+    src: "{{ role_path }}/templates/app.ini"
     dest: /apps/gitea/conf/app.ini
   register: config
 - name: Start the Docker Compose