diff --git a/README.md b/README.md
index c0acd1a..077bf7c 100644
--- a/README.md
+++ b/README.md
@@ -12,4 +12,14 @@
 - Telegram (maybe only possible to download)
 - Oh my zsh?
 - Cool neovim setup
-- syncthing
+- syncthing config
+- strawberry
+
+Would like Ansible Vault to check in keypair for syncthing.
+However, then I would need a password to unlock the vault.
+As it is publicly available, password needs to be long and strong.
+I can just put it in my keepass, but can be annoying to copy every time.
+Therefore, I could make this available using Secret Service and write a script to fetch it.
+However, keepass cannot run secret service as Ubuntu already runs one.
+But if I disable that, my SSH agent does not work anymore.
+As an intermediate solution, I can just put the password in keepass...
diff --git a/playbooks/setup.yml b/playbooks/system.yml
similarity index 100%
rename from playbooks/setup.yml
rename to playbooks/system.yml
diff --git a/roles/system/tasks/main.yml b/roles/system/tasks/main.yml
index ce6bcf6..e03a8cb 100644
--- a/roles/system/tasks/main.yml
+++ b/roles/system/tasks/main.yml
@@ -23,6 +23,7 @@
       - nextcloud-desktop
       - tree
       - wireshark
+      - syncthing
 - name: Install .gitconfig
   template:
     src: "{{ role_path }}/templates/.gitconfig.j2"
@@ -31,3 +32,7 @@
   template:
     src: "{{ role_path }}/templates/Xresources.j2"
     dest: ~/.config/regolith2/Xresources
+- name: Install keepassxc.ini
+  template:
+    src: "{{ role_path }}/templates/keepassxc.ini.j2"
+    dest: ~/.config/keepassxc/keepassxc.ini
diff --git a/roles/system/templates/keepassxc.ini.j2 b/roles/system/templates/keepassxc.ini.j2
new file mode 100644
index 0000000..b3da15f
--- /dev/null
+++ b/roles/system/templates/keepassxc.ini.j2
@@ -0,0 +1,32 @@
+[General]
+ConfigVersion=1
+
+[Browser]
+CustomProxyLocation=
+Enabled=true
+
+[FdoSecrets]
+Enabled=false
+
+[GUI]
+MinimizeOnClose=true
+MinimizeOnStartup=true
+ShowTrayIcon=true
+TrayIconAppearance=colorful
+
+[KeeShare]
+Active="<?xml version=\"1.0\"?>\n<KeeShare xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n  <Active/>\n</KeeShare>\n"
+Foreign="<?xml version=\"1.0\"?>\n<KeeShare xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n  <Foreign/>\n</KeeShare>\n"
+Own="<?xml version=\"1.0\"?>\n<KeeShare xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n  <PrivateKey/>\n  <PublicKey/>\n</KeeShare>\n"
+QuietSuccess=true
+
+[PasswordGenerator]
+AdditionalChars=
+AdvancedMode=false
+ExcludedChars=
+Length=40
+SpecialChars=false
+UpperCase=true
+
+[SSHAgent]
+Enabled=true