diff --git a/config/ansible/tasks/servers/juicefs.yml b/config/ansible/tasks/servers/juicefs.yml
index d38d1c9..7ab8821 100644
--- a/config/ansible/tasks/servers/juicefs.yml
+++ b/config/ansible/tasks/servers/juicefs.yml
@@ -1,3 +1,4 @@
+---
 - name: Check if JuiceFS is already installed
   ansible.builtin.command: which juicefs
   register: juicefs_check
@@ -7,7 +8,7 @@
 - name: Install JuiceFS using the automatic installer
   ansible.builtin.shell: curl -sSL https://d.juicefs.com/install | sh -
   args:
-    warn: false  # Suppress warnings about using shell/curl
+    warn: false # Suppress warnings about using shell/curl
   register: juicefs_installation
   when: juicefs_check.rc != 0
   become: true
@@ -22,20 +23,21 @@
   ansible.builtin.file:
     path: /mnt/object_storage
     state: directory
-    mode: '0755'
+    mode: "0755"
   become: true
 
 - name: Create cache directory
   ansible.builtin.file:
     path: /var/jfsCache
     state: directory
-    mode: '0755'
+    mode: "0755"
   become: true
 
 - name: Set JuiceFS facts
   ansible.builtin.set_fact:
     hetzner_access_key: "{{ lookup('community.general.onepassword', 'mfk2qgnaplgtk6xmfc3r6w6neq', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='AWS_ACCESS_KEY_ID') }}"
-    hetzner_secret_key: "{{ lookup('community.general.onepassword', 'mfk2qgnaplgtk6xmfc3r6w6neq', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='AWS_SECRET_ACCESS_KEY') }}"
+    hetzner_secret_key: "{{ lookup('community.general.onepassword', 'mfk2qgnaplgtk6xmfc3r6w6neq', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='AWS_SECRET_ACCESS_KEY')
+      }}"
     redis_password: "{{ lookup('community.general.onepassword', '4cioblm633bdkl6put35lk6ql4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='password') }}"
 
 - name: Include JuiceFS Redis tasks
@@ -47,7 +49,7 @@
     dest: /etc/systemd/system/juicefs.service
     owner: root
     group: root
-    mode: '0644'
+    mode: "0644"
   become: true
 
 - name: Reload systemd daemon
diff --git a/config/ansible/tasks/servers/services/seafile/seafile.yml b/config/ansible/tasks/servers/services/seafile/seafile.yml
index 8b77af1..473613e 100644
--- a/config/ansible/tasks/servers/services/seafile/seafile.yml
+++ b/config/ansible/tasks/servers/services/seafile/seafile.yml
@@ -21,19 +21,27 @@
 
         # Database settings
         seafile_mysql_db_host: "db"
-        seafile_mysql_root_password: "{{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='MYSQL_ROOT_PASSWORD') }}"
+        seafile_mysql_root_password: >
+          {{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4',
+              vault='j7nmhqlsjmp2r6umly5t75hzb4', field='MYSQL_ROOT_PASSWORD') }}
         seafile_mysql_db_user: "seafile"
-        seafile_mysql_db_password: "{{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='MYSQL_PASSWORD') }}"
+        seafile_mysql_db_password: >
+          {{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4',
+            vault='j7nmhqlsjmp2r6umly5t75hzb4', field='MYSQL_PASSWORD') }}
 
         # Server settings
         time_zone: "Europe/Amsterdam"
-        jwt_private_key: "{{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='jwt_private_key') }}"
+        jwt_private_key: >
+          {{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4',
+            vault='j7nmhqlsjmp2r6umly5t75hzb4', field='jwt_private_key') }}
         seafile_server_hostname: "sf.mvl.sh"
         seafile_server_protocol: "https"
 
         # Admin credentials
         seafile_admin_email: "menno@vleeuwen.me"
-        seafile_admin_password: "{{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='password') }}"
+        seafile_admin_password: >
+          {{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4',
+            vault='j7nmhqlsjmp2r6umly5t75hzb4', field='password') }}
 
     - name: Create Seafile directories
       ansible.builtin.file:
diff --git a/config/ansible/tasks/workstations/firefox-apt.yml b/config/ansible/tasks/workstations/firefox-apt.yml
index d50fad4..4b0a61b 100644
--- a/config/ansible/tasks/workstations/firefox-apt.yml
+++ b/config/ansible/tasks/workstations/firefox-apt.yml
@@ -11,14 +11,14 @@
       ansible.builtin.file:
         path: /etc/apt/keyrings
         state: directory
-        mode: '0755'
+        mode: "0755"
       become: true
 
     - name: Import Mozilla APT repo signing key
       ansible.builtin.get_url:
         url: https://packages.mozilla.org/apt/repo-signing-key.gpg
         dest: /etc/apt/keyrings/packages.mozilla.org.asc
-        mode: '0644'
+        mode: "0644"
       become: true
 
     - name: Add Mozilla APT repository
@@ -26,6 +26,7 @@
         path: /etc/apt/sources.list.d/mozilla.list
         line: "deb [signed-by=/etc/apt/keyrings/packages.mozilla.org.asc] https://packages.mozilla.org/apt mozilla main"
         create: true
+        mode: "0644"
       become: true
 
     - name: Set Firefox package priority
@@ -39,7 +40,7 @@
           Package: firefox*
           Pin: release o=Ubuntu
           Pin-Priority: -1
-        mode: '0644'
+        mode: "0644"
       become: true
 
     - name: Update apt cache