diff --git a/roles/itop/meta/main.yml b/roles/itop/meta/main.yml
index 7339de1..58217d1 100644
--- a/roles/itop/meta/main.yml
+++ b/roles/itop/meta/main.yml
@@ -2,6 +2,7 @@
 
 allow_duplicates: True
 dependencies:
+  - role: mkdir
   - role: httpd_php
   - role: mysql_server
     when: itop_db_server in [ 'localhost', '127.0.0.1' ]
diff --git a/roles/itop/tasks/filebeat.yml b/roles/itop/tasks/filebeat.yml
new file mode 100644
index 0000000..9964a67
--- /dev/null
+++ b/roles/itop/tasks/filebeat.yml
@@ -0,0 +1,5 @@
+---
+
+- name: Deploy filebeat configuration
+  template: src=filebeat.yml.j2 dest=/etc/filebeat/ansible_inputs.d/itop_{{ itop_id }}.yml
+  tags: itop,log
diff --git a/roles/itop/tasks/install.yml b/roles/itop/tasks/install.yml
index fb5b0c3..5d3485d 100644
--- a/roles/itop/tasks/install.yml
+++ b/roles/itop/tasks/install.yml
@@ -6,6 +6,7 @@
       - tar
       - mariadb
       - acl
+      - graphviz
   tags: itop
 
 - when: itop_install_mode != 'none'
diff --git a/roles/itop/tasks/main.yml b/roles/itop/tasks/main.yml
index 4d786df..c7060ce 100644
--- a/roles/itop/tasks/main.yml
+++ b/roles/itop/tasks/main.yml
@@ -11,4 +11,4 @@
   when: itop_install_mode == 'upgrade'
 - include: write_version.yml
 - include: cleanup.yml
-
+- include: filebeat.yml
diff --git a/roles/itop/templates/filebeat.yml.j2 b/roles/itop/templates/filebeat.yml.j2
new file mode 100644
index 0000000..97fe25e
--- /dev/null
+++ b/roles/itop/templates/filebeat.yml.j2
@@ -0,0 +1,6 @@
+---
+
+- type: log
+  enabled: True
+  paths:
+    - {{ itop_root_dir }}/web/log/setup.log
diff --git a/roles/itop/templates/httpd.conf.j2 b/roles/itop/templates/httpd.conf.j2
index 2b7f849..d46b27a 100644
--- a/roles/itop/templates/httpd.conf.j2
+++ b/roles/itop/templates/httpd.conf.j2
@@ -5,6 +5,10 @@ Alias /{{ itop_alias }} {{ itop_root_dir }}/web/
 {% endif %}
 
 RewriteEngine On
+# Upgrading DB schema can be very long, so makes sure httpd will wait for a response long enough
+<Proxy unix:/run/php-fpm/{{ itop_php_fpm_pool  | default('itop_' + itop_id | string) }}.sock|fcgi://localhost>
+  ProxySet timeout=1800
+</Proxy>
 <Directory {{ itop_root_dir }}/web/>
   AllowOverride All
   Options FollowSymLinks
diff --git a/roles/itop/templates/perms.sh.j2 b/roles/itop/templates/perms.sh.j2
index f999bc2..2762b69 100644
--- a/roles/itop/templates/perms.sh.j2
+++ b/roles/itop/templates/perms.sh.j2
@@ -1,8 +1,6 @@
 #!/bin/sh
 
 restorecon -R {{ itop_root_dir }}
-chown -R {{ itop_php_user }} {{ itop_root_dir }}/data
-chmod 700 {{ itop_root_dir }}/data
 {% for dir in ['data', 'conf', 'log', 'env-production', 'env-production-build', 'extensions'] %}
 setfacl -k -b -R {{ itop_root_dir }}/web/{{ dir }}
 chown -R {{ itop_php_user }} {{ itop_root_dir }}/web/{{ dir }}
diff --git a/roles/itop/templates/php.conf.j2 b/roles/itop/templates/php.conf.j2
index 4a39c73..b218822 100644
--- a/roles/itop/templates/php.conf.j2
+++ b/roles/itop/templates/php.conf.j2
@@ -27,9 +27,10 @@ php_admin_value[upload_tmp_dir] = {{ itop_root_dir }}/tmp
 php_admin_value[sys_temp_dir] = {{ itop_root_dir }}/tmp
 php_admin_value[post_max_size] = 21M
 php_admin_value[upload_max_filesize] = 20M
-php_admin_value[disable_functions] = system, show_source, symlink, dl, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd
+php_admin_value[disable_functions] = system, show_source, symlink, dl, shell_exec, passthru, phpinfo, escapeshellcmd
 php_admin_value[open_basedir] = {{ itop_root_dir }}
-php_admin_value[max_execution_time] = 900
+; DB schema upgrade can be very long
+php_admin_value[max_execution_time] = 1800
 php_admin_value[max_input_time] = 120
 php_admin_flag[allow_url_include] = off
 php_admin_flag[allow_url_fopen] = on