diff --git a/forgejo.yml b/forgejo.yml
index 7982548..351a162 100644
--- a/forgejo.yml
+++ b/forgejo.yml
@@ -2,10 +2,15 @@
 - hosts: webservers
   roles:
     - role: forgejo
-      postgresql_password: "{{ postgresql_users.forgejo }}"
+      root_url: https://git.comfycamp.space
+      domain: git.comfycamp.space
+      db_password: "{{ postgresql_users.forgejo }}"
+      smtp_addr: comfycamp.space
+      smtp_user: forgejo@comfycamp.space
       smtp_password: "{{ mail_users['forgejo@comfycamp.space'] }}"
       oauth2_jwt_secret: "{{ forgejo_oauth2_jwt_secret }}"
       internal_token: "{{ forgejo_internal_token }}"
       secret_key: "{{ forgejo_secret_key }}"
       lfs_jwt_secret: "{{ forgejo_lfs_jwt_secret }}"
+      minio_access_key_id: uTJp8KfKSETa1uYMZnSM
       minio_secret_access_key: "{{ forgejo_minio_secret_access_key }}"
diff --git a/roles/forgejo/meta/argument_specs.yml b/roles/forgejo/meta/argument_specs.yml
index 9b2b543..8830a6f 100644
--- a/roles/forgejo/meta/argument_specs.yml
+++ b/roles/forgejo/meta/argument_specs.yml
@@ -2,24 +2,90 @@
 argument_specs:
   main:
     options:
-      postgresql_password:
-        type: "str"
+      user_uid:
+        type: int
+      user_gid:
+        type: int
+      tag:
+        type: str
+      root_url:
+        type: str
         required: true
+      domain:
+        type: str
+        required: true
+      http_port:
+        type: int
+      start_ssh_server:
+        type: bool
+      ssh_port:
+        type: int
+      ssh_listen_port:
+        type: int
+      repositories_root:
+        type: str
+      run_user:
+        type: str
+      work_path:
+        type: str
+      db_type:
+        type: str
+      db_host:
+        type: str
+      db_name:
+        type: str
+      db_user:
+        type: str
+      db_password:
+        type: str
+      log_level:
+        type: str
+      log_root_path:
+        type: str
+      smtp_enabled:
+        type: bool
+      smtp_addr:
+        type: str
+      smtp_port:
+        type: int
+      smtp_user:
+        type: str
       smtp_password:
-        type: "str"
-        required: true
-      oauth2_jwt_secret:
-        type: "str"
-        required: true
+        type: str
+      install_lock:
+        type: bool
       internal_token:
-        type: "str"
+        type: str
         required: true
       secret_key:
-        type: "str"
+        type: str
         required: true
+      oauth2_jwt_secret:
+        type: str
+        required: true
+      lfs_start_server:
+        type: bool
       lfs_jwt_secret:
-        type: "str"
-        required: true
+        type: str
+      storage_type:
+        type: str
+      minio_endpoint:
+        type: str
+      minio_access_key_id:
+        type: str
       minio_secret_access_key:
-        type: "str"
-        required: true
+        type: str
+      minio_bucket:
+        type: str
+      cache_adapter:
+        type: str
+      cache_host:
+        type: str
+      disable_registration:
+        type: bool
+      show_registration_button:
+        type: bool
+      cookie_name:
+        type: str
+      cookie_secure:
+        type: bool
diff --git a/roles/forgejo/tasks/main.yml b/roles/forgejo/tasks/main.yml
index 231311f..ed90b8d 100644
--- a/roles/forgejo/tasks/main.yml
+++ b/roles/forgejo/tasks/main.yml
@@ -28,12 +28,12 @@
   become: true
   community.docker.docker_container:
     name: forgejo
-    image: codeberg.org/forgejo/forgejo:8.0.3
+    image: codeberg.org/forgejo/forgejo:{{ tag }}
     env:
-      USER_UID: "1000"
-      USER_GID: "1000"
-      FORGEJO_WORK_DIR: "/data"
-      FORGEJO_CUSTOM: "/data/custom"
+      USER_UID: "{{ user_uid | string }}"
+      USER_GID: "{{ user_gid | string }}"
+      FORGEJO_WORK_DIR: "{{ work_path }}"
+      FORGEJO_CUSTOM: "{{ work_path }}/custom"
     networks:
       - name: postgresql
       - name: forgejo
@@ -44,6 +44,6 @@
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
     ports:
-      - "8022:8022"
+      - "{{ ssh_listen_port }}:{{ ssh_listen_port }}"
     recreate: "{{ appini.changed }}"
     restart_policy: unless-stopped
diff --git a/roles/forgejo/templates/app.ini.j2 b/roles/forgejo/templates/app.ini.j2
index e8629dc..f8f0cee 100644
--- a/roles/forgejo/templates/app.ini.j2
+++ b/roles/forgejo/templates/app.ini.j2
@@ -1,62 +1,64 @@
 [DEFAULT]
 RUN_MODE=prod
-RUN_USER=forgejo
-WORK_PATH=/data
+RUN_USER={{ run_user }}
+WORK_PATH={{ work_path }}
 
 [database]
-DB_TYPE=postgres
-HOST=postgresql:5432
-NAME=forgejo
-USER=forgejo
-PASSWD={{ postgresql_password }}
+DB_TYPE={{ db_type }}
+HOST={{ db_host }}
+NAME={{ db_name }}
+USER={{ db_user }}
+PASSWD={{ db_password }}
 
 [storage]
-STORAGE_TYPE=minio
-MINIO_ENDPOINT=minio:9000
+STORAGE_TYPE={{ storage_type }}
+MINIO_ENDPOINT={{ minio_endpoint }}
 MINIO_ACCESS_KEY_ID={{ minio_access_key_id }}
 MINIO_SECRET_ACCESS_KEY={{ minio_secret_access_key }}
-MINIO_BUCKET=forgejo
+MINIO_BUCKET={{ minio_bucket }}
 
 [log]
-LEVEL=warn
-ROOT_PATH=/data/log
+LEVEL={{ log_level }}
+ROOT_PATH={{ log_root_path }}
 
 [mailer]
-ENABLED=true
-SMTP_ADDR=comfycamp.space
-SMTP_PORT=587
-USER=forgejo@comfycamp.space
+ENABLED={{ smtp_enabled | string }}
+SMTP_ADDR={{ smtp_addr }}
+SMTP_PORT={{ smtp_port | string }}
+USER={{ smtp_user }}
 PASSWD={{ smtp_password }}
 
 [oauth2]
 JWT_SECRET={{ oauth2_jwt_secret }}
 
 [repository]
-ROOT=/data/repositories
+ROOT={{ repositories_root }}
 
 [security]
-INSTALL_LOCK=true
+INSTALL_LOCK={{ install_lock | string }}
 INTERNAL_TOKEN={{ internal_token }}
 SECRET_KEY={{ secret_key }}
 
 [server]
-DOMAIN=git.comfycamp.space
-ROOT_URL=https://git.comfycamp.space
-HTTP_PORT=3000
+DOMAIN={{ domain }}
+ROOT_URL={{ root_url }}
+HTTP_PORT={{ http_port | string }}
+
+LFS_START_SERVER={{ lfs_start_server | string }}
 LFS_JWT_SECRET={{ lfs_jwt_secret }}
-LFS_START_SERVER=true
-START_SSH_SERVER=true
-SSH_PORT=8022
-SSH_LISTEN_PORT=8022
+
+START_SSH_SERVER={{ start_ssh_server | string }}
+SSH_PORT={{ ssh_port | string }}
+SSH_LISTEN_PORT={{ ssh_listen_port | string }}
 
 [session]
-COOKIE_NAME=session
-COOKIE_SECURE=true
+COOKIE_NAME={{ cookie_name }}
+COOKIE_SECURE={{ cookie_secure | string }}
 
 [service]
-DISABLE_REGISTRATION=true
-SHOW_REGISTRATION_BUTTON=false
+DISABLE_REGISTRATION={{ disable_registration | string }}
+SHOW_REGISTRATION_BUTTON={{ show_registration_button | string }}
 
 [cache]
-ADAPTER=redis
-HOST=redis://redis-forgejo:6379/0?pool_size=100&idle_timeout=180s
+ADAPTER={{ cache_adapter }}
+HOST={{ cache_host }}
diff --git a/roles/forgejo/vars/main.yml b/roles/forgejo/vars/main.yml
index 55262c6..7afc790 100644
--- a/roles/forgejo/vars/main.yml
+++ b/roles/forgejo/vars/main.yml
@@ -1 +1,55 @@
-minio_access_key_id: uTJp8KfKSETa1uYMZnSM
+user_uid: 1000
+user_gid: 1000
+
+tag: 9.0.1
+
+root_url: ""
+domain: ""
+http_port: 3000
+
+install_lock: true
+secret_key: ""
+internal_token: ""
+oauth2_jwt_secret: ""
+
+start_ssh_server: true
+ssh_port: 8022
+ssh_listen_port: 8022
+
+run_user: forgejo
+work_path: /data
+
+repositories_root: /data/repositories
+
+db_type: postgres
+db_host: postgresql:5432
+db_name: forgejo
+db_user: forgejo
+db_password: ""
+
+log_level: warn
+log_root_path: /data/log
+
+smtp_enabled: true
+smtp_addr: ""
+smtp_port: 587
+smtp_user: ""
+smtp_password: ""
+
+cache_adapter: redis
+cache_host: redis://redis-forgejo:6379/0?pool_size=100&idle_timeout=180s
+
+lfs_start_server: true
+lfs_jwt_secret: ""
+
+storage_type: minio
+minio_endpoint: minio:9000
+minio_access_key_id: ""
+minio_secret_access_key: ""
+minio_bucket: forgejo
+
+cookie_name: session
+cookie_secure: true
+
+disable_registration: true
+show_registration_button: false