diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml
index 29aae0f..303d581 100644
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@@ -62,3 +62,10 @@ secret_nextcloud_db_pass: !vault |
           6538383936643664370a663737333861303132313031373234396562653464653838343836663530
           38396663633237383764613139346333636432613464356465663661653265323135363032633963
           3335626335353431616365313232346431313439653132303833
+secret_nextcloud_admin_pass: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          66303362626535386438633666376264313563323034343938363034353435306463613364366636
+          3633343332643062633265643838346465623362323866610a666237636461376166373938626538
+          62326334356339326330623336363038323431363266306265386635343432383764623437386462
+          3534643731333331320a393462323264666135666134336536633639613065363339333131653433
+          37653732313664356330356139646336353735613336326563366361383737653538
diff --git a/site.yml b/site.yml
index a974240..227c983 100755
--- a/site.yml
+++ b/site.yml
@@ -75,110 +75,106 @@
       become: yes
       tags: [ db, psql ]
   # Webservers
-
-# NOTE: This whole stanza has been commented out pending resolution of https://github.com/ansible/ansible/issues/71528
-# Currently, no release packages this fix. I NEED that fix out to work around this bug in 20.04
-
-#- hosts: web1.desu.ltd
-#  roles:
-#    - role: certbot
-#      vars:
-#        certbot_admin_email: rehashedsalt@cock.li
-#        certbot_create_if_missing: yes
-#        certbot_create_method: standalone
-#        certbot_create_standalone_stop_services:
-#          - apache2
-#        certbot_certs:
-#          - domains:
-#              - desu.ltd
-#              - git.desu.ltd
-#              - nc.desu.ltd
-#              - web1.desu.ltd
-#      become: yes
-#      tags: [ web, certbot ]
-#    - role: apache
-#      vars:
-#        apache_remove_default_vhost: yes
-#        apache_packages_state: latest
-#        apache_mods_enabled:
-#          - ssl.load
-#          - proxy.load
-#          - proxy_http.load
-#          - rewrite.load
-#        apache_vhosts:
-#          - servername: git.test.desu.ltd
-#            extra_parameters: |
-#              ProxyPreserveHost On
-#              ProxyRequests Off
-#              ProxyPass / http://127.0.0.1:3000/ nocanon retry=1
-#          - servername: nc.test.desu.ltd
-#            documentroot: /var/www/html/nextcloud
-#          - servername: test.desu.ltd
-#            documentroot: /var/www/html/desu.ltd
-#      become: yes
-#      tags: [ web, apache ]
-#    - role: php
-#      vars:
-#        php_memory_limit: 512M
-#        php_packages_extra:
-#          - libapache2-mod-php
-#          - php-zip # For Nextcloud
-#          - php-intl
-#          - php-imagick
-#          - php-redis
-#          - php-bcmath
-#          - php-gmp
-#          - php-pgsql # For general DB stuff
-#        # Nextcloud recommended opcache settings
-#        php_opcache_max_accelerated_files: 10000
-#        php_opcache_memory_consumption: 128
-#        php_opcache_revalidate_freq: 2
-#      become: yes
-#      tags: [ web, php ]
-#    - role: git
-#      vars:
-#        git_repos:
-#          - repo: https://git.9iron.club/salt/desultd
-#            dest: /var/www/html/desu.ltd
-#      become: yes
-#      tags: [ web, git ]
-#    - role: nextcloud
-#      vars:
-#        nextcloud_admin_user: admin
-#        nextcloud_admin_pass: foobar
-#        nextcloud_version: 19
-#        nextcloud_urls:
-#          - http://nc.test.desu.ltd:80
-#        nextcloud_config:
-#          system:
-#            trusted_domains:
-#              "{{ nextcloud_urls | map('urlsplit', 'hostname') | list }}"
-#        nextcloud_database:
-#          backend: pgsql
-#          name: nextcloud
-#          user: nextcloud
-#          pass: "{{ secret_nextcloud_db_pass }}"
-#          host: 192.168.122.169
-#          port: 5432
-#      become: yes
-#      tags: [ web, nextcloud ]
-#    - role: gitea
-#      vars:
-#        # Look and feel
-#        gitea_app_name: "Git Desu"
-#        # Core config
-#        gitea_db_type: postgres
-#        gitea_db_host: 192.168.122.169:5432
-#        gitea_db_name: gitea
-#        gitea_db_user: gitea
-#        gitea_db_password: "{{ secret_gitea_db_pass }}"
-#        gitea_http_domain: git.test.desu.ltd
-#        gitea_oauth2_enabled: no
-#        gitea_root_url: http://git.test.desu.ltd
-#        gitea_shell: "/bin/bash"
-#        gitea_ssh_domain: git.test.desu.ltd
-#        gitea_ssh_port: 22
-#        gitea_start_ssh: no
-#        gitea_user: git
-#      become: yes
-#      tags: [ web, gitea ]
+- hosts: web1.desu.ltd
+  roles:
+    - role: apache
+      vars:
+        apache_remove_default_vhost: yes
+        apache_packages_state: latest
+        apache_mods_enabled:
+          - ssl.load
+          - proxy.load
+          - proxy_http.load
+          - rewrite.load
+        apache_vhosts:
+          - servername: git.test.desu.ltd
+            extra_parameters: |
+              ProxyPreserveHost On
+              ProxyRequests Off
+              ProxyPass / http://127.0.0.1:3000/ nocanon retry=1
+          - servername: nc.test.desu.ltd
+            documentroot: /var/www/html/nextcloud
+          - servername: test.desu.ltd
+            documentroot: /var/www/html/desu.ltd
+      become: yes
+      tags: [ web, apache ]
+    - role: certbot
+      vars:
+        certbot_admin_email: rehashedsalt@cock.li
+        certbot_create_if_missing: yes
+        certbot_create_method: standalone
+        certbot_create_standalone_stop_services:
+          - apache2
+        certbot_certs:
+          - domains:
+              - desu.ltd
+              - git.desu.ltd
+              - nc.desu.ltd
+              - web1.desu.ltd
+      become: yes
+      tags: [ web, certbot ]
+    - role: php
+      vars:
+        php_memory_limit: 512M
+        php_packages_extra:
+          - libapache2-mod-php
+          - php-zip # For Nextcloud
+          - php-intl
+          - php-imagick
+          - php-redis
+          - php-bcmath
+          - php-gmp
+          - php-pgsql # For general DB stuff
+        # Nextcloud recommended opcache settings
+        php_opcache_max_accelerated_files: 10000
+        php_opcache_memory_consumption: 128
+        php_opcache_revalidate_freq: 2
+      become: yes
+      tags: [ web, php ]
+    - role: git
+      vars:
+        git_repos:
+          - repo: https://git.9iron.club/salt/desultd
+            dest: /var/www/html/desu.ltd
+      become: yes
+      tags: [ web, git ]
+    - role: nextcloud
+      vars:
+        nextcloud_admin_user: admin
+        nextcloud_admin_pass: "{{ secret_nextcloud_admin_pass }}"
+        nextcloud_version: 19
+        nextcloud_urls:
+          - http://nc.test.desu.ltd:80
+        nextcloud_config:
+          system:
+            trusted_domains:
+              "{{ nextcloud_urls | map('urlsplit', 'hostname') | list }}"
+        nextcloud_database:
+          backend: pgsql
+          name: nextcloud
+          user: nextcloud
+          pass: "{{ secret_nextcloud_db_pass }}"
+          host: 192.168.122.169
+          port: 5432
+      become: yes
+      tags: [ web, nextcloud ]
+    - role: gitea
+      vars:
+        # Look and feel
+        gitea_app_name: "Git Desu"
+        # Core config
+        gitea_db_type: postgres
+        gitea_db_host: 192.168.122.169:5432
+        gitea_db_name: gitea
+        gitea_db_user: gitea
+        gitea_db_password: "{{ secret_gitea_db_pass }}"
+        gitea_http_domain: git.test.desu.ltd
+        gitea_oauth2_enabled: no
+        gitea_root_url: http://git.test.desu.ltd
+        gitea_shell: "/bin/bash"
+        gitea_ssh_domain: git.test.desu.ltd
+        gitea_ssh_port: 22
+        gitea_start_ssh: no
+        gitea_user: git
+      become: yes
+      tags: [ web, gitea ]