diff --git a/roles/nginx/handlers/main.yml b/roles/nginx/handlers/main.yml
index f7639fd..c4b5db1 100644
--- a/roles/nginx/handlers/main.yml
+++ b/roles/nginx/handlers/main.yml
@@ -1,6 +1,6 @@
 ---
 
-- name: restart nginx
-  service:
+- name: Restart nginx
+  ansible.builtin.service:
     name: nginx
     state: restarted
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
index 7a6bae7..abbd46a 100644
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -1,21 +1,22 @@
 ---
 
-- name: install nginx package
-  package:
+- name: Install nginx package
+  ansible.builtin.package:
     name: nginx-full
     state: present
 
-- name: create dhparam
-  shell: /usr/bin/openssl dhparam -out /etc/nginx/dhparam.pem 2048
-  args:
+- name: Create dhparam
+  ansible.builtin.command:
+    cmd: /usr/bin/openssl dhparam -out /etc/nginx/dhparam.pem 2048
     creates: /etc/nginx/dhparam.pem
 
-- name: put configuration files
-  template:
+- name: Put configuration files
+  ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
+    mode: 0644
   notify:
-    - restart nginx
+    - Restart nginx
   loop:
     - {src: nginx.conf.j2, dest: /etc/nginx/nginx.conf}
     - {src: nginx.ssl.conf.j2, dest: /etc/nginx/nginx.ssl.conf}
@@ -23,20 +24,21 @@
     - {src: proxy_params.j2, dest: /etc/nginx/proxy_params}
     - {src: default.j2, dest: /etc/nginx/sites-available/default}
 
-- name: create base dir
-  file:
+- name: Create base dir
+  ansible.builtin.file:
     path: /srv/http
     owner: root
     group: www-data
     mode: 'u+rwx,g+rs,o-rwx'
     state: directory
 
-- name: create letsencrypt dir
-  file:
+- name: Create letsencrypt dir
+  ansible.builtin.file:
     path: /srv/http/common/letsencrypt
     owner: root
     group: www-data
     mode: 'u+rwx,g+rs,o-rwx'
     state: directory
 
-- include_tasks: vhosts.yml
+- name: Include vhosts
+  ansible.builtin.include_tasks: vhosts.yml
diff --git a/roles/nginx/tasks/vhosts.yml b/roles/nginx/tasks/vhosts.yml
index 47c0c1b..f6201b6 100644
--- a/roles/nginx/tasks/vhosts.yml
+++ b/roles/nginx/tasks/vhosts.yml
@@ -1,20 +1,21 @@
 ---
 
-- name: symlink vhosts
-  file:
+- name: Symlink vhosts
+  ansible.builtin.file:
     src: "/etc/nginx/sites-available/{{ item }}.conf"
     dest: "/etc/nginx/sites-enabled/{{ item }}.conf"
     force: true
     follow: false
     state: link
   notify:
-    - restart nginx
+    - Restart nginx
   loop: "{{ web_hostname }}"
 
-- name: install vhosts
-  template:
+- name: Install vhosts
+  ansible.builtin.template:
     src: "vhosts/{{ item }}.conf.j2"
     dest: "/etc/nginx/sites-available/{{ item }}.conf"
+    mode: 0644
   notify:
-    - restart nginx
+    - Restart nginx
   loop: "{{ web_hostname }}"
diff --git a/roles/nut_client/handlers/main.yml b/roles/nut_client/handlers/main.yml
index fec7b4c..1d55f1f 100644
--- a/roles/nut_client/handlers/main.yml
+++ b/roles/nut_client/handlers/main.yml
@@ -1,6 +1,6 @@
 ---
 
-- name: restart nut-client
-  service:
+- name: Restart nut-client
+  ansible.builtin.service:
     name: nut-client
     state: restarted
diff --git a/roles/nut_client/tasks/main.yml b/roles/nut_client/tasks/main.yml
index 7a41096..e2db942 100644
--- a/roles/nut_client/tasks/main.yml
+++ b/roles/nut_client/tasks/main.yml
@@ -1,21 +1,21 @@
 ---
 
-- name: install nut client
-  package:
+- name: Rnstall nut client
+  ansible.builtin.package:
     name: nut-client
     state: present
 
-- name: upsmon.conf file
-  template:
+- name: Upsmon.conf file
+  ansible.builtin.template:
     src: upsmon.conf.j2
     dest: /etc/nut/upsmon.conf
     mode: '0640'
-  notify: restart nut-client
+  notify: Restart nut-client
 
-- name: nut.conf file
-  copy:
+- name: Nut.conf file
+  ansible.builtin.copy:
     src: files/nut.conf
     dest: /etc/nut/nut.conf
     mode: '0640'
   when: inventory_hostname not in groups['nut_server']
-  notify: restart nut-client
+  notify: Restart nut-client
diff --git a/roles/nut_server/handlers/main.yml b/roles/nut_server/handlers/main.yml
index 9c62cf9..4af1233 100644
--- a/roles/nut_server/handlers/main.yml
+++ b/roles/nut_server/handlers/main.yml
@@ -1,14 +1,16 @@
 ---
 
-- name: restart nut-server
-  service:
+- name: Restart nut-server
+  ansible.builtin.service:
     name: nut-server
     state: restarted
 
-- name: udev
-  command: "udevadm control --reload-rules && udevadm trigger"
+- name: Udev
+  ansible.builtin.command:
+    cmd: "udevadm control --reload-rules && udevadm trigger"
+  changed_when: false
 
-- name: restart nut-driver
-  service:
+- name: Restart nut-driver
+  ansible.builtin.service:
     name: nut-driver
     state: restarted
diff --git a/roles/nut_server/tasks/main.yml b/roles/nut_server/tasks/main.yml
index 5c55105..2418a59 100644
--- a/roles/nut_server/tasks/main.yml
+++ b/roles/nut_server/tasks/main.yml
@@ -1,42 +1,43 @@
 ---
 
-- name: install nut server
-  package:
+- name: Install nut server
+  ansible.builtin.package:
     name: nut-server
     state: present
 
-- name: udev conf file for nut
-  copy:
+- name: Udev conf file for nut
+  ansible.builtin.copy:
     src: files/90-nut-ups.rules
     dest: /etc/udev/rules.d/90-nut-ups.rules
+    mode: 0644
   notify:
-    - udev
-    - restart nut-driver
+    - Udev
+    - Restart nut-driver
 
-- name: nut.conf file
-  copy:
+- name: Nut.conf file
+  ansible.builtin.copy:
     src: files/nut.conf
     dest: /etc/nut/nut.conf
     mode: '0640'
-  notify: restart nut-server
+  notify: Restart nut-server
 
-- name: ups.conf file
-  copy:
+- name: Ups.conf file
+  ansible.builtin.copy:
     src: files/ups.conf
     dest: /etc/nut/ups.conf
     mode: '0640'
-  notify: restart nut-server
+  notify: Restart nut-server
 
-- name: upsd.conf file
-  copy:
+- name: Upsd.conf file
+  ansible.builtin.copy:
     src: files/upsd.conf
     dest: /etc/nut/upsd.conf
     mode: '0640'
-  notify: restart nut-server
+  notify: Restart nut-server
 
-- name: upsd.users file
-  template:
+- name: Upsd.users file
+  ansible.builtin.template:
     src: upsd.users.j2
     dest: /etc/nut/upsd.users
     mode: '0640'
-  notify: restart nut-server
+  notify: Restart nut-server
diff --git a/roles/opendkim/handlers/main.yml b/roles/opendkim/handlers/main.yml
index c6d6c34..0557393 100644
--- a/roles/opendkim/handlers/main.yml
+++ b/roles/opendkim/handlers/main.yml
@@ -1,6 +1,6 @@
 ---
 
-- name: restart opendkim
-  service:
+- name: Restart opendkim
+  ansible.builtin.service:
     name: opendkim
     state: restarted
diff --git a/roles/opendkim/tasks/main.yml b/roles/opendkim/tasks/main.yml
index 38cb08a..3b712d3 100644
--- a/roles/opendkim/tasks/main.yml
+++ b/roles/opendkim/tasks/main.yml
@@ -1,33 +1,36 @@
 ---
 
-- name: install opendkim
-  package:
+- name: Install opendkim
+  ansible.builtin.package:
     name: "{{ item }}"
     state: present
   loop:
     - opendkim
     - opendkim-tools
 
-- name: main configuration files
-  template:
+- name: Main configuration files
+  ansible.builtin.template:
     src: opendkim.conf
     dest: /etc/opendkim.conf
+    mode: 0644
   notify:
-    - restart opendkim
+    - Restart opendkim
 
-- name: dkim directory
-  file:
+- name: Dkim directory
+  ansible.builtin.file:
     path: /etc/dkim
     state: directory
+    mode: 0755
 
-- name: secondary configuration files
-  copy:
+- name: Secondary configuration files
+  ansible.builtin.copy:
     src: "./files/dkim/{{ item }}"
     dest: "/etc/dkim/{{ item }}"
+    mode: 0644
   loop:
     - KeyTable
     - PeerList
     - SigningTable
     - TrustedHosts
   notify:
-    - restart opendkim
+    - Restart opendkim
diff --git a/roles/opendmarc/handlers/main.yml b/roles/opendmarc/handlers/main.yml
index 9d985d2..089e58e 100644
--- a/roles/opendmarc/handlers/main.yml
+++ b/roles/opendmarc/handlers/main.yml
@@ -1,6 +1,6 @@
 ---
 
-- name: restart opendmarc
-  service:
+- name: Restart opendmarc
+  ansible.builtin.service:
     name: opendmarc
     state: restarted
diff --git a/roles/opendmarc/tasks/main.yml b/roles/opendmarc/tasks/main.yml
index 3a58e4c..c9f91bc 100644
--- a/roles/opendmarc/tasks/main.yml
+++ b/roles/opendmarc/tasks/main.yml
@@ -1,27 +1,30 @@
 ---
 
-- name: install opendmarc
-  package:
+- name: Install opendmarc
+  ansible.builtin.package:
     name: opendmarc
     state: present
 
-- name: opendmarc config file
-  copy:
+- name: Opendmarc config file
+  ansible.builtin.copy:
     src: ./files/opendmarc.conf
     dest: /etc/opendmarc.conf
+    mode: 0644
   notify:
     - restart opendmarc
 
-- name: dmarc directory
-  file:
+- name: Dmarc directory
+  ansible.builtin.file:
     path: /etc/dmarc
     state: directory
+    mode: 0755
 
-- name: secondary configuration files
-  copy:
+- name: Secondary configuration files
+  ansible.builtin.copy:
     src: "./files/dmarc/{{ item }}"
     dest: "/etc/dmarc/{{ item }}"
+    mode: 0644
   loop:
     - IgnoreHosts
   notify:
-    - restart opendmarc
+    - Restart opendmarc