diff --git a/README.md b/README.md
index bd0ac85..14c1209 100644
--- a/README.md
+++ b/README.md
@@ -24,6 +24,6 @@ Ansible configuration repository for my homelab.
    `static_ip` host var set to the desired static IP address
 8. Comment out `ansible_ssh_user` in `group_vars/all/vars.yml`, as this
    overwrites the one set in the hosts file
-9. Run `ansible-playbook -i initial-hosts.ini first_run.yml`. This command will
+9. Run `ansible-playbook -i inventory/initial_hosts.ini first_run.yml`. This command will
    hang at the `restart networking` step; at this point you can Ctrl-C.
 
diff --git a/ansible.cfg b/ansible.cfg
index 387d99f..28cb5ff 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,4 +1,4 @@
 [defaults]
 vault_password_file = .ansible-password
-inventory = hosts.ini
+inventory = inventory/local.ini
 roles_path = roles
diff --git a/initial-hosts.ini b/inventory/initial_hosts.ini
similarity index 100%
rename from initial-hosts.ini
rename to inventory/initial_hosts.ini
diff --git a/plays/nas.yml b/plays/nas.yml
index 549a52c..468ac7a 100644
--- a/plays/nas.yml
+++ b/plays/nas.yml
@@ -70,12 +70,12 @@
     - restic-rest
   tags: restic-rest
 
-- name: Install Lander
-  hosts: nas
-  become: yes
-  roles:
-    - lander
-  tags: lander
+# - name: Install Lander
+#   hosts: nas
+#   become: yes
+#   roles:
+#     - lander
+#   tags: lander
 
 - hosts: nas
   become: yes
diff --git a/plays/web.yml b/plays/web.yml
index da6bc2c..878a01a 100644
--- a/plays/web.yml
+++ b/plays/web.yml
@@ -1,9 +1,9 @@
 
-- hosts: web
-  become: yes
-  roles:
-    - lander-web
-  tags: lander
+# - hosts: web
+#   become: yes
+#   roles:
+#     - lander-web
+#   tags: lander
 
 - hosts: web
   become: yes
@@ -83,8 +83,8 @@
     - webdav-web
   tags: webdav
 
-# - hosts: web
-#   become: yes
-#   roles:
-#     - otter-web
-#   tags: otter
+- hosts: web
+  become: yes
+  roles:
+    - otter-web
+  tags: otter
diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index 8ec3e10..fd487b4 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -18,7 +18,7 @@
     append: true
     create_home: yes
     shell: /bin/bash
-    password: "{{ vault_debian_pass | password_hash('sha512') }}"
+    password: "{{ debian_pass | password_hash('sha512') }}"
     update_password: on_create
 
 - name: Create SSH directory.
diff --git a/roles/otter/files/otter.service b/roles/otter/files/otter.service
index e9e43fb..97e93dc 100644
--- a/roles/otter/files/otter.service
+++ b/roles/otter/files/otter.service
@@ -1,13 +1,13 @@
 [Unit]
 Description=Gpodder.net API implementation
-After=docker.service
-Requires=docker.service
+After=network.target network-online.target
 
 [Service]
 Type=exec
-WorkingDirectory=/etc/otter
-ExecStart=/usr/bin/docker compose up
-ExecStop=/usr/bin/docker compose down
+User=otter
+Group=otter
+ExecStart=/usr/local/bin/otter serve -c /etc/otter/otter.toml
+Restart=always
 
 [Install]
 WantedBy=multi-user.target
diff --git a/roles/otter/files/otter.toml b/roles/otter/files/otter.toml
new file mode 100644
index 0000000..de90880
--- /dev/null
+++ b/roles/otter/files/otter.toml
@@ -0,0 +1,7 @@
+data_dir = "/mnt/data1/otter/data"
+log_level = "debug"
+
+[net]
+type = "tcp"
+domain = "0.0.0.0"
+port = 8017
diff --git a/roles/otter/tasks/main.yml b/roles/otter/tasks/main.yml
index 997da11..b7c3dbd 100644
--- a/roles/otter/tasks/main.yml
+++ b/roles/otter/tasks/main.yml
@@ -1,4 +1,27 @@
 ---
+- name: Ensure binary is present
+  ansible.builtin.get_url:
+    url: 'https://git.rustybever.be/api/packages/Chewing_Bever/generic/otter/0.2.1/otter-linux-arm64'
+    dest: '/usr/local/bin/otter'
+    owner: 'root'
+    group: 'root'
+    mode: '755'
+
+- name: Ensure system group exists
+  ansible.builtin.group:
+    name: 'otter'
+    gid: 204
+    system: true
+    state: present
+
+- name: Ensure system user exists
+  ansible.builtin.user:
+    name: 'otter'
+    group: 'otter'
+    uid: 204
+    system: true
+    create_home: false
+
 - name: Ensure data directory is present
   ansible.builtin.file:
     path: '/mnt/data1/otter'
@@ -18,8 +41,8 @@
     path: "/mnt/data1/otter/{{ item }}"
     state: directory
     mode: '0755'
-    owner: '82'
-    group: '82'
+    owner: '204'
+    group: '204'
   loop:
     - 'data'
 
@@ -29,10 +52,19 @@
     state: directory
     mode: '0755'
 
-- name: Ensure compose file is present
+# - name: Ensure compose file is present
+#   ansible.builtin.copy:
+#     src: 'compose.yml'
+#     dest: '/etc/otter/compose.yml'
+#     mode: '0644'
+#     owner: 'root'
+#     group: 'root'
+#   notify: 'restart otter'
+
+- name: Ensure config file is present
   ansible.builtin.copy:
-    src: 'compose.yml'
-    dest: '/etc/otter/compose.yml'
+    src: 'otter.toml'
+    dest: '/etc/otter/otter.toml'
     mode: '0644'
     owner: 'root'
     group: 'root'