diff --git a/.yamllint b/.yamllint
index 2b66581..480dc91 100644
--- a/.yamllint
+++ b/.yamllint
@@ -7,9 +7,13 @@ rules:
     allowed-values: ['true', 'false', 'yes', 'no']
   comments:
     min-spaces-from-content: 1
+  comments-indentation: false
   braces:
     min-spaces-inside: 0
     max-spaces-inside: 1
+  octal-values:
+    forbid-implicit-octal: true
+    forbid-explicit-octal: true
 
 # ignore: |
 #   .cache
diff --git a/README.md b/README.md
index c11becf..9e6c109 100644
--- a/README.md
+++ b/README.md
@@ -67,6 +67,7 @@ make deploy-tag netdata # or other tag
 
 * Remove old remote host identification
 
+<!-- markdownlint-disable line-length -->
 ```sh
 ssh-keygen -R mayurifag.ru ; ssh-keygen -R $(host mayurifag.ru | awk '/has address/ {print $4}')
 ```
@@ -80,6 +81,8 @@ vi inventories/my-provision/group_vars/sample.yml # add key here in section
 keepassxc # Make new ssh agent entry
 ```
 
+<!-- markdownlint-enable line-length -->
+
 * Make new ssh config section. You need to change it after deploy.
 
 ```sh
@@ -101,10 +104,12 @@ Host mayurifag-prod
 
 ## Applications List
 
+<!-- markdownlint-disable line-length -->
+
 | Name                    | Default endpoint                             | App. Port   |
 | ----------------------- | -------------------------------------------- | ----------- |
 | 3proxy                  | <socks5://mayurifag.local:1080> or 3128      | 1080/3128   |
-| Blocky                  | [DNS] -> <ip>:53                             | 53          |
+| Blocky                  | [DNS] -> ip:53                               | 53          |
 | Dockovpn                | <http://dockovpn.mayurifag.local>            | 1194/8080   |
 | Hemmelig                | <http://secret.mayurifag.local>              | 3000        |
 | mayurifag.github.io     | <http://mayurifag.local>                     | 8005        |
@@ -118,6 +123,8 @@ Host mayurifag-prod
 | Whattocommit            | <http://commit.mayurifag.local>              | 8080        |
 | Wireguard-Easy          | <http://wg.mayurifag.local>                  | 58172       |
 
+<!-- markdownlint-enable line-length -->
+
 ## TODO
 
 ### Work is not in progress
@@ -145,7 +152,7 @@ need to deploy my services once again.
 * [ ] ~~Uptime Kuma~~
 * [x] Blocky DNS
 * [ ] ~~Add systemd services - do I need them or I'm fine~~
-* [ ] Migrate to dashboard which is easy maintainable: https://gethomepage.dev/latest/
+* [ ] Migrate to dashboard which is easy maintainable: <https://gethomepage.dev>
   * [ ] Should have docker labels services configuration and use authelia or
     other auth cookies/etc. - documented
 * [ ] Add Authentik / Remove baseauth
diff --git a/roles/navidrome/tasks/main.yml b/roles/navidrome/tasks/main.yml
index 2ed8ac3..ae9cad1 100644
--- a/roles/navidrome/tasks/main.yml
+++ b/roles/navidrome/tasks/main.yml
@@ -10,7 +10,7 @@
     state: directory
     owner: www-data
     group: www-data
-    mode: 0775
+    mode: "0775"
   with_items:
     - "{{ navidrome_data_directory }}/"
 
diff --git a/roles/server_general_preparations/tasks/main.yml b/roles/server_general_preparations/tasks/main.yml
index f9e6d1c..9b77311 100644
--- a/roles/server_general_preparations/tasks/main.yml
+++ b/roles/server_general_preparations/tasks/main.yml
@@ -22,13 +22,13 @@
   ansible.builtin.copy:
     content: 'APT::Install-Recommends "0";'
     dest: /etc/apt/apt.conf.d/00norecommends
-    mode: '0644'
+    mode: "0644"
 
 - name: Disable suggested packages
   ansible.builtin.copy:
     content: 'APT::Install-Suggests "0";'
     dest: /etc/apt/apt.conf.d/01nosuggests
-    mode: '0644'
+    mode: "0644"
 
 - name: Update apt-cache
   ansible.builtin.apt:
@@ -60,17 +60,17 @@
     autoclean: yes
 
 - name: Ensure the locale en_US.UTF-8 exists
-  ansible.builtin.locale_gen:
+  community.general.locale_gen:
     name: en_US.UTF-8
     state: present
 
 - name: Ensure the locale ru_RU.UTF-8 exists
-  ansible.builtin.locale_gen:
+  community.general.locale_gen:
     name: ru_RU.UTF-8
     state: present
 
 - name: Set en_US.UTF-8 as default locale
-  command: localectl set-locale LANG=en_US.UTF-8
+  ansible.builtin.command: localectl set-locale LANG=en_US.UTF-8
 
 - name: Ensure NTP service is running and enabled
   ansible.builtin.systemd:
@@ -84,7 +84,7 @@
   register: reboot_required_file
 
 - name: Reboot the box if kernel updated
-  reboot:
+  ansible.builtin.reboot:
     msg: "Reboot initiated by Ansible for kernel updates"
     connect_timeout: 5
     reboot_timeout: 300
diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml
index 070a7af..0877d75 100644
--- a/roles/users/tasks/main.yml
+++ b/roles/users/tasks/main.yml
@@ -30,7 +30,7 @@
 - name: Create user .ssh directory
   ansible.builtin.file:
     path: "~{{ admin_username }}/.ssh"
-    mode: 0700
+    mode: "0700"
     state: directory
     owner: "{{ admin_username }}"
 
@@ -39,7 +39,7 @@
     src: "templates/authorized_keys.j2"
     dest: "~{{ admin_username }}/.ssh/authorized_keys"
     owner: "{{ admin_username }}"
-    mode: 0400
+    mode: "0400"
 
 - name: Apply bash settings for admin user
   ansible.builtin.template:
@@ -47,7 +47,7 @@
     dest: "/home/{{ admin_username }}/.bash_aliases"
     owner: "{{ admin_username }}"
     group: "{{ admin_username }}"
-    mode: 0644
+    mode: "0644"
 
 - name: Apply bash settings for root user
   ansible.builtin.template:
@@ -55,4 +55,4 @@
     dest: "/root/.bash_aliases"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"