diff --git a/Makefile b/Makefile
index 493533d..efac198 100644
--- a/Makefile
+++ b/Makefile
@@ -57,7 +57,7 @@ tofu-dns:
 all:
 	$(MAKE) tofu-dns
 	@printf "\n=====\n\n"
-	ansible-playbook ./playbooks/stop-and-backup-unused.yml -t $(TAGS)
+	ansible-playbook ./playbooks/stop-and-backup-unused.yml
 	ansible-playbook ./playbooks/serguzim.net.yml -t $(TAGS)
 	$(MAKE) visualize
 
diff --git a/playbooks/serguzim.net.yml b/playbooks/serguzim.net.yml
index 8015e7a..b634eae 100644
--- a/playbooks/serguzim.net.yml
+++ b/playbooks/serguzim.net.yml
@@ -29,21 +29,13 @@
         loop_var: services_item
 
     - name: Reload caddy on caddy tag
-      ansible.builtin.include_tasks:
+      ansible.builtin.import_tasks:
         file: tasks/reload-caddy.yml
-        apply:
-          tags: caddy
       tags:
         - caddy
         - never
 
     - name: Stop unused services
-      ansible.builtin.include_tasks:
+      ansible.builtin.import_tasks:
         file: tasks/stop-unused.yml
-        apply:
-          tags:
-            - cleanup
-            - always
-      tags:
-        - cleanup
-        - always
+      tags: always
diff --git a/services.auto.tfvars b/services.auto.tfvars
index 0388654..8d14f4d 100644
--- a/services.auto.tfvars
+++ b/services.auto.tfvars
@@ -364,7 +364,12 @@ services = {
       type = "hook"
     }]
     monitoring = {
+      url = "starttls://mail.serguzim.me:587"
       group = "3-services"
+      conditions = [
+        "[CONNECTED] == true",
+        "[CERTIFICATE_EXPIRATION] > 48h"
+      ]
     }
     ports = [
       {
@@ -737,7 +742,7 @@ services = {
   },
 
   "vikunja" = {
-    host = "node001"
+    host = "node003"
     dns = [{
       domain = "todo.serguzim.me"
     }]