diff --git a/handlers.yml b/handlers.yml
index 4afcd7f..52f426a 100644
--- a/handlers.yml
+++ b/handlers.yml
@@ -1,7 +1,7 @@
 - name: enable transip-client timer
+  become: true
   systemd:
     daemon-reload: yes
     name: transip-client.timer
     state: restarted
     enabled: true
-    scope: user
diff --git a/tasks.yml b/tasks.yml
index e90048d..712421c 100644
--- a/tasks.yml
+++ b/tasks.yml
@@ -40,12 +40,8 @@
     dest: '{{ app_dir }}/.env'
     mode: 0600
 
-- name: create systemd user directory
-  file:
-    path: '{{ systemd_dir }}'
-    state: 'directory'
-
 - name: copy systemd templates
+  become: true
   template:
     src: '{{ item.src }}'
     dest: '{{ item.dest }}'
diff --git a/templates/env.j2 b/templates/env.j2
index 98350a4..239522c 100644
--- a/templates/env.j2
+++ b/templates/env.j2
@@ -1,4 +1,4 @@
-DOMAINS="{{ app_domains | join(':') }}"
+DOMAINS="{{ app_domains | join(' ') }}"
 SENTRY_DSN="{{ sentry_dsn }}"
 LOGIN="{{ login }}"
 PRIVATE_KEY_PATH="{{ private_key_dir }}/{{ private_key_name }}"
diff --git a/templates/service.j2 b/templates/service.j2
index af4efe9..c763826 100644
--- a/templates/service.j2
+++ b/templates/service.j2
@@ -1,10 +1,11 @@
-# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
+# {{ ansible_managed }}
 #
 
 [Unit]
 Description=Transip-client service
 
 [Service]
+User=sonny
 EnvironmentFile={{ app_dir }}/.env
 WorkingDirectory={{ app_dir }}
 ExecStart={{ app_dir }}/env/bin/transip-listen
diff --git a/vars/main.yml b/vars/main.yml
index 50974ba..f07f8c9 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,9 +1,13 @@
-app_url: 'https://git.fudiggity.nl/sonny/transip_client.git'
+app_url: 'https://forgejo.fudiggity.nl/sonny/transip-client-ansible'
 app_user: 'sonny'
 app_branch: '0.5.1'
 app_dir: '{{ ansible_env.HOME }}/apps/transip_client'
 app_domains:
   - fudiggity.nl
+  - rss.fudiggity.nl
+  - forgejo.fudiggity.nl
+  - woodpecker.fudiggity.nl
+  - glitchtip.fudiggity.nl
 
 app_token: !vault |
   $ANSIBLE_VAULT;1.1;AES256
@@ -45,17 +49,18 @@ app_token: !vault |
   65663466653337383334313435366338313537636239333738663330353631643833623231383363
   3638
 
-systemd_dir: '{{ ansible_env.HOME }}/.config/systemd/user'
+systemd_dir: '/etc/systemd/system'
 
 sentry_dsn: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  61373236373662333134383264616666666433363766666166633730306332613138386339626561
-  3765636535666163363066313238353832336334623361630a306539646639383233323236646462
-  62306161396438386639383262343962366366376137336634663564343132656364393461336432
-  3766396162386463610a643836306232373262306532663337303331373338393833376364666633
-  30373037643266623165353439373661333734303466616462353464396233613165643034393664
-  35393536636238653338393163373966356636653362343039366230636364363233376336383331
-  636663383661346534613533653133376534
+          $ANSIBLE_VAULT;1.1;AES256
+          31343037356138353164323938343333393966323432616535303737626335356165353661323963
+          3837653265346261653538386336393237356437343737620a376235616536376137353362633938
+          66316630356134336161636132333331396164346362626466393839366237656436393562616530
+          3131636466356531650a643135383132373738666362623139396662663136353565313233663563
+          32316138646134633830613336336531643636313535326162336163626164303734353636636463
+          61316330326635326332326231333464653563396630343831396339656462656434653633633533
+          30326665353835646632396339353562646234393063333861303431353634626636613135303133
+          30393465386164303432
 
 private_key_dir: '{{ ansible_env.HOME }}/.ssh'
 private_key_name: 'transip-client.key'