diff --git a/.gitignore b/.gitignore
index 6a544c3..b3fdcbd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,4 @@ playbook.retry
 *.log
 .idea/
 venv/
+/ansible.cfg
diff --git a/Makefile b/Makefile
index 4c47f67..812dfbe 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,10 @@
-init: create_venv install_pre_commit install_ansible_galaxy_modules
+init: create_ansible_cfg create_venv install_pre_commit install_ansible_galaxy_modules
+
+.ONESHELL:
+create_ansible_cfg:
+	read -rp "Enter remote username: " REMOTE_USER
+	cp ansible.cfg.sample ansible.cfg
+	sed -i "s/REMOTE_USER/$$REMOTE_USER/g" ansible.cfg
 
 create_venv:
 	python3 -m venv venv
@@ -9,4 +15,4 @@ install_pre_commit:
 	venv/bin/pre-commit install
 
 install_ansible_galaxy_modules:
-	venv/bin/ansible-galaxy collection install community.general
\ No newline at end of file
+	venv/bin/ansible-galaxy collection install community.general
diff --git a/ansible.cfg b/ansible.cfg
deleted file mode 100644
index d69e51f..0000000
--- a/ansible.cfg
+++ /dev/null
@@ -1,3 +0,0 @@
-[defaults]
-remote_user = root
-inventory = datacoop_hosts
diff --git a/ansible.cfg.sample b/ansible.cfg.sample
new file mode 100644
index 0000000..3a0dcd2
--- /dev/null
+++ b/ansible.cfg.sample
@@ -0,0 +1,4 @@
+[defaults]
+remote_user = REMOTE_USER
+inventory = datacoop_hosts
+use_persistent_connections = True
diff --git a/deploy.sh b/deploy.sh
index 5777829..7f9ac10 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -8,7 +8,7 @@ usage () {
     } >&2
 }
 
-BASE_CMD="ansible-playbook playbook.yml --ask-vault-pass"
+BASE_CMD="ansible-playbook playbook.yml --ask-become-pass --ask-vault-pass"
 
 if [ "$1" = "--vagrant" ]; then
     BASE_CMD="$BASE_CMD --verbose --inventory=vagrant_host"
diff --git a/roles/docker/tasks/services/gitea.yml b/roles/docker/tasks/services/gitea.yml
index e0234b8..95f65e2 100644
--- a/roles/docker/tasks/services/gitea.yml
+++ b/roles/docker/tasks/services/gitea.yml
@@ -29,8 +29,6 @@
       GITEA__mailer__FROM: "noreply@{{ services.gitea.domain }}"
       GITEA__mailer__MAILER_TYPE: "smtp"
       GITEA__mailer__HOST: "{{ smtp_host }}:{{ smtp_port }}"
-      GITEA__mailer__USER: "noop"
-      GITEA__mailer__PASSWD: "noop"
       GITEA__security__LOGIN_REMEMBER_DAYS: "60"
       GITEA__security__PASSWORD_COMPLEXITY: "off"
       GITEA__security__MIN_PASSWORD_LENGTH: "8"
diff --git a/roles/docker/tasks/services/restic_backup.yml b/roles/docker/tasks/services/restic_backup.yml
index b193a2f..e32a228 100644
--- a/roles/docker/tasks/services/restic_backup.yml
+++ b/roles/docker/tasks/services/restic_backup.yml
@@ -5,7 +5,7 @@
     path: "{{ services.restic.volume_folder }}/ssh"
     owner: root
     group: root
-    mode: '0700'
+    mode: '0755'
     state: directory
 
 - name: Copy private SSH key
diff --git a/roles/ubuntu_base/tasks/users.yml b/roles/ubuntu_base/tasks/users.yml
index 8ef07b6..1a3f6fb 100644
--- a/roles/ubuntu_base/tasks/users.yml
+++ b/roles/ubuntu_base/tasks/users.yml
@@ -15,9 +15,3 @@
     key: "{{ item.ssh_keys | join('\n') }}"
     exclusive: true
   loop: "{{ users | default([]) }}"
-
-- name: "Add ssh authorized_keys to root user"
-  ansible.posix.authorized_key:
-    user: "root"
-    key: "{{ users | default([]) | map(attribute='ssh_keys') | flatten | join('\n') }}"
-    exclusive: true