diff --git a/ansible/certbot.yml b/ansible/certbot.yml
new file mode 100644
index 00000000..8edb79cb
--- /dev/null
+++ b/ansible/certbot.yml
@@ -0,0 +1,27 @@
+---
+- name: Check if the file already exists
+  stat:
+    path: /etc/letsencrypt/live/{{ hostname }}
+  register: stat_result
+
+- name: certbot
+  block:
+    - name: stop firewall
+      ansible.builtin.service:
+        name: firewalld
+        state: stopped
+
+    - name: Create letsencrypt certificate
+      shell: certonly --standalone -d {{ hostname }} --staple-ocsp -m test@{{ hostname }} --agree-tos
+      args:
+        creates: /etc/letsencrypt/live/{{ hostname }}
+
+    - name: chmod letsencrypt certificate
+      shell: chmod 755 /etc/letsencrypt/{live, archive}
+
+    - name: start firewall
+      ansible.builtin.service:
+        name: firewalld
+        state: started
+
+  when: not stat_result.stat.exists
diff --git a/ansible/grub.yml b/ansible/grub.yml
new file mode 100644
index 00000000..bbb2ed65
--- /dev/null
+++ b/ansible/grub.yml
@@ -0,0 +1,22 @@
+---
+
+- name: Check if cgroupv1 is configured
+  shell: grep -c 'systemd.unified_cgroup_hierarchy=0' /proc/cmdline
+  register: cgroup_status
+  ignore_errors: true
+
+- name: Disable cgroupv2
+  shell: grubby --update-kernel=ALL --args=\"systemd.unified_cgroup_hierarchy=0\"
+  when: cgroup_status.stdout == "0"
+
+- name: reboot
+  shell: sleep 2 && shutdown -r now "Ansible updates triggered"
+  async: 1
+  poll: 0
+  ignore_errors: true
+  when: cgroup_status.stdout == "0"
+
+- name: waiting for server to come back
+  local_action: wait_for host={{ansible_fqdn}} state=started timeout=600 delay=15
+  when: cgroup_status.stdout == "0"
+
diff --git a/ansible/packages.yml b/ansible/packages.yml
index ad9eb053..580691c8 100644
--- a/ansible/packages.yml
+++ b/ansible/packages.yml
@@ -1,10 +1,11 @@
 ---
 - name: Install list of required packages
   package: name={{ item }} state=installed
   with_items:
+    - grubby
     - git
     - tig
     - tmux
     - docker
     - docker-compose
     - certbot
diff --git a/ansible/setup.yml b/ansible/setup.yml
index fc4fbdb0..95ef768f 100755
--- a/ansible/setup.yml
+++ b/ansible/setup.yml
@@ -1,135 +1,111 @@
 #!/usr/bin/ansible-playbook
 - name: Setup kolab deployment on fedora server
   hosts: "{{ hostname }}"
   remote_user: root
   tasks:
+    - import_tasks: grub.yml
+
     - name: Set hostname
       ansible.builtin.hostname:
         name: "{{ hostname }}"
 
     - import_tasks: packages.yml
 
     - name: Setup user kolab
       ansible.builtin.user:
         name: kolab
         shell: /bin/bash
         groups: wheel, audio, docker
         append: yes
 
     - name: sudo without password
       ansible.builtin.lineinfile:
         path: /etc/sudoers
         state: present
         regexp: '^%wheel\s'
         line: '%wheel ALL=(ALL) NOPASSWD: ALL'
 
     - name: Start service docker, if not started
       ansible.builtin.service:
         name: docker
         state: started
 
-    # Certbot
-    - name: Check if the file already exists
-      stat:
-        path: /etc/letsencrypt/live/{{ hostname }}
-      register: stat_result
-
-    - name: certbot
-      block:
-        - name: stop firewall
-          ansible.builtin.service:
-            name: firewalld
-            state: stopped
-
-        - name: Create letsencrypt certificate
-          shell: certonly --standalone -d {{ hostname }} --staple-ocsp -m test@{{ hostname }} --agree-tos
-          args:
-            creates: /etc/letsencrypt/live/{{ hostname }}
-
-        - name: chmod letsencrypt certificate
-          shell: chmod 755 /etc/letsencrypt/{live, archive}
-
-        - name: start firewall
-          ansible.builtin.service:
-            name: firewalld
-            state: started
-
-      when: not stat_result.stat.exists
+    - import_tasks: certbot.yml
 
     - name: get kolab git repo
       become: true
       become_user: kolab
       git:
         repo: https://git.kolab.org/source/kolab.git
         dest: /home/kolab/kolab
         version: "{{ git_branch }}"
         force: yes
 
     - name: "kolab env.local"
       vars:
         host: "{{ hostname }}"
         openexchangerates_api_key: "{{ openexchangerates_api_key }}"
         firebase_api_key: "{{ firebase_api_key }}"
         public_ip: "{{ public_ip }}"
       ansible.builtin.template:
         src: env.local
         dest: /home/kolab/kolab/src/env.local
         owner: kolab
         group: kolab
         mode: '0766'
 
     - name: Permit receiving mail
       firewalld:
         port: 25/tcp
         permanent: yes
         state: enabled
         zone: FedoraServer
 
     - name: Permit http traffic
       firewalld:
         port: 80/tcp
         permanent: yes
         state: enabled
         zone: FedoraServer
 
     - name: Permit https traffic
       firewalld:
         port: 443/tcp
         permanent: yes
         state: enabled
         zone: FedoraServer
 
     - name: Permit TCP trafic for coturn
       firewalld:
         port: 3478/tcp
         permanent: yes
         state: enabled
         zone: FedoraServer
 
     - name: Permit TCP trafic for coturn
       firewalld:
         port: 5349/tcp
         permanent: yes
         state: enabled
         zone: FedoraServer
 
     - name: Permit UDP trafic for coturn
       firewalld:
         port: 3478/udp
         permanent: yes
         state: enabled
         zone: FedoraServer
 
     - name: Permit UDP trafic for coturn
       firewalld:
         port: 5349/udp
         permanent: yes
         state: enabled
         zone: FedoraServer
 
     - name: Run bin/deploy
       become: true
       become_user: kolab
       ansible.builtin.command: bin/deploy.sh
       args:
         chdir: /home/kolab/kolab