diff --git a/ansible/roles/base/tasks/freebsd.yaml b/ansible/roles/base/tasks/freebsd.yaml
index aad9b32..71383e0 100644
--- a/ansible/roles/base/tasks/freebsd.yaml
+++ b/ansible/roles/base/tasks/freebsd.yaml
@@ -39,18 +39,6 @@
   command: cap_mkdb /etc/login.conf
   when: login_config.changed
 
-- name: Enable periodic scrub
-  community.general.sysrc:
-    name: daily_scrub_zfs_enable
-    value: "YES"
-    path: /etc/periodic.conf.local
-
-- name: Set scrub interval
-  community.general.sysrc:
-    name: daily_scrub_zfs_default_threshold
-    value: "7"
-    path: /etc/periodic.conf.local
-
 - name: Install loader.conf
   copy:
     src: "{{loader_conf}}"
@@ -134,3 +122,29 @@
       value: 65
     - name: net.inet6.ip6.hlim
       value: 65
+
+- name: Log periodic output instead of getting it as mail
+  blockinfile:
+    path: "/etc/periodic.conf.local"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK log"
+    # create: true
+    mode: 0644
+    owner: root
+    group: wheel
+    block: |
+      daily_output=/var/log/daily.log
+      weekly_output=/var/log/weekly.log
+      monthly_output=/var/log/monthly.log
+
+- name: Enable periodic zfs scrub
+  when: install_zfs
+  blockinfile:
+    path: "/etc/periodic.conf.local"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK zfs"
+    # create: true
+    mode: 0644
+    owner: root
+    group: wheel
+    block: |
+      daily_scrub_zfs_enable="YES"
+      daily_scrub_zfs_default_threshold="7"
diff --git a/ansible/roles/jail/files/fstab_bastion b/ansible/roles/jail/files/fstab_bastion
index dcc33c6..476a86e 100644
--- a/ansible/roles/jail/files/fstab_bastion
+++ b/ansible/roles/jail/files/fstab_bastion
@@ -1,4 +1,4 @@
 tmpfs /jail/bastion/tmp tmpfs rw,mode=777 0 0
 tmpfs /jail/bastion/var/run tmpfs rw,mode=755 0 0
 
-/jail/certificate/usr/local/etc/letsencrypt/archive/stuff.fizz.buzz       /jail/bastion/stuff.fizz.buzz     nullfs    ro,noexec     0      0
+/jail/certificate/usr/local/etc/letsencrypt       /jail/bastion/letsencrypt     nullfs    ro,noexec     0      0
diff --git a/ansible/roles/jail_bastion/files/nginx.conf b/ansible/roles/jail_bastion/files/nginx.conf
index 0a63994..f4670ad 100644
--- a/ansible/roles/jail_bastion/files/nginx.conf
+++ b/ansible/roles/jail_bastion/files/nginx.conf
@@ -36,8 +36,8 @@ http {
 
         include conf.d/tls_settings.include;
         # RSA
-        ssl_certificate /stuff.fizz.buzz/fullchain1.pem;
-        ssl_certificate_key /stuff.fizz.buzz/privkey1.pem;
+        ssl_certificate /letsencrypt/live/stuff.fizz.buzz/fullchain.pem;
+        ssl_certificate_key /letsencrypt/live/stuff.fizz.buzz/privkey.pem;
 
         # Nginx by default only allows file uploads up to 1M in size
         client_max_body_size 50M;
diff --git a/ansible/roles/jail_bastion/tasks/freebsd.yaml b/ansible/roles/jail_bastion/tasks/freebsd.yaml
index 5ca8860..f344263 100644
--- a/ansible/roles/jail_bastion/tasks/freebsd.yaml
+++ b/ansible/roles/jail_bastion/tasks/freebsd.yaml
@@ -17,7 +17,7 @@
     owner: root
     group: wheel
   loop:
-    - /stuff.fizz.buzz
+    - /letsencrypt
     - /etc/rc.conf.d
     - /usr/local/etc/nginx/conf.d