diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml
index 0fdd332..4133180 100644
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@@ -1,4 +1,15 @@
 # vim:ft=ansible:
+
+# For homebrew roles and such, mostly Ansible-related setup
 ansible_pull_repo: "https://git.9iron.club/salt/ansible"
 ansible_pull_commit: rewrite
 common_ansible_pubkey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfXVgMHeD2wtCAIVoDYQ+R19vKfhmR2FgUTkHhAzE2156fB/+IMB+6Qc4X3aFRIcUp+Ls8Vm8JQ3d0jvbcGQkgbAjRExQa71XGBmhxJCxzlCLBoQzBmTSnryL09LExoMynzVgrso8TQP92vZBGJFI/lLGAaop2l9pu+3cgM3sRaK+A11lcRCrS25C3hqPQhKC44zjzOt7sIoaG6RqG3CQ8jhE35bthQdBySOZVDgDKfjDyPuDzVxiKjsuNm4Ojzm0QW5gq6GkLOg2B8OSQ1TGQgBHQu4b8zsKBOUOdbZb0JLM8NdpH1cMntC0QBofy3DzqR/CFaSaBzUx+dnkBH0/pjBOrhHzzqZGOJayfC1igYki67HqzFV5IjhAVa+c4S9L/zbFk0+YZYdgMoKNlMU2LgzrSEastuXHD7NUy3fMP4BZbqg37SjQzFRXoUp5+ctVs9tCoy/qvvjT3UVGcn312eJrRRfWrYagU2nWKGyqbTOpsuOJ5OLlhopy6eP9+yRM= ansible"
+
+# For geerlingguy.apache
+apache_remove_default_vhost: yes
+apache_ssl_cipher_suite: AES256+EECDH:AES256+EDH
+apache_ssl_protocol: all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+
+# For geerlingguy.php
+## There is no circumstance in which I need PHP but DON'T need mod_php
+php_packages_extra: [ libapache2-mod-php ]
diff --git a/site.yml b/site.yml
index 51c09d7..db2aa69 100755
--- a/site.yml
+++ b/site.yml
@@ -11,12 +11,20 @@
   # Database servers
 - hosts: db1.test.desu.ltd
   roles:
-    - role: postgresql
+    - role: geerlingguy.postgresql
+      vars:
+        postgresql_hba_entries:
+          # Just allow all access on this block.
+          # When rolling out to our new env, I'll allow by particular IP alone
+          - { type: host, database: all, user: all, address: '192.168.0.0/16', auth_method: md5 }
+      become: yes
       tags: [ db, psql ]
   # Webservers
 - hosts: web1.test.desu.ltd
   roles:
-    - role: apache
+    - role: geerlingguy.apache
+      become: yes
       tags: [ web, apache ]
-    - role: php
+    - role: geerlingguy.php
+      become: yes
       tags: [ web, php ]