diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index a6eb4e0..6ec5ef9 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -7,7 +7,7 @@
     update_cache: yes
     # One day
     cache_valid_time: 86400
-  become: true
+  become: yes
 - name: Install basic packages
   apt:
     name: "{{ packages }}"
@@ -15,7 +15,7 @@
     packages:
       - python-apt
       - vim
-  become: true
+  become: yes
 - name: Assure Cockpit user
   user:
     name: cockpit
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index fa29675..577027e 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -63,6 +63,11 @@
           common_name: "{{ website_url }}"
           privatekey_path: /etc/pki/cert/private/account.key
           email_address: "rehashedsalt@cock.li"
+      - name: Create well-known directory
+        file:
+          mode: "0644"
+          path: "/var/www/html/.well-known/acme-challenge"
+          state: directory
       - name: Create challenge for CSR
         acme_certificate:
           acme_directory: "https://acme-staging-v02.api.letsencrypt.org/directory"
@@ -87,4 +92,4 @@
           fullchain_dest: "/etc/pki/cert/crt/{{ website_url }}-fullchain.crt"
           chain_dest: "/etc/pki/cert/crt/{{ website_url }}-intermediate.crt"
           data: "{{ com_challenge }}"
-  become: true
+  become: yes