diff --git a/roles/papermerge/tasks/conf.yml b/roles/papermerge/tasks/conf.yml
index d0bc88a..9b06640 100644
--- a/roles/papermerge/tasks/conf.yml
+++ b/roles/papermerge/tasks/conf.yml
@@ -14,6 +14,7 @@
     dest: "{{ papermerge_root_dir }}/app/config/settings/production.py"
     group: "{{ papermerge_user }}"
     mode: 0640
+  notify: restart papermerge
   tags: ged
 
 - name: Iniialize or update the database
diff --git a/roles/papermerge/tasks/directories.yml b/roles/papermerge/tasks/directories.yml
index 7e9af5a..8b6a8a9 100644
--- a/roles/papermerge/tasks/directories.yml
+++ b/roles/papermerge/tasks/directories.yml
@@ -4,6 +4,7 @@
   file: path={{ item.dir }} state=directory owner={{ item.owner | default(omit) }} group={{ item.group | default(omit) }} mode={{ item.mode | default(omit) }}
   loop:
     - dir: "{{ papermerge_root_dir }}"
+      owner: "{{ papermerge_user }}"
       group: nginx
       mode: 750
     - dir: "{{ papermerge_root_dir }}/app"
diff --git a/roles/papermerge/tasks/install.yml b/roles/papermerge/tasks/install.yml
index fa0f10b..90dbec0 100644
--- a/roles/papermerge/tasks/install.yml
+++ b/roles/papermerge/tasks/install.yml
@@ -6,6 +6,8 @@
       - rh-python38-python-pip
       - rh-python38-python-setuptools
       - rh-python38-python-devel
+      - python-setuptools
+      - python-psycopg2
       - postgresql-devel
       - tesseract
       - tesseract-langpack-fra
@@ -54,8 +56,7 @@
       pip:
         requirements: "{{ papermerge_root_dir }}/app/requirements/base.txt"
         virtualenv: "{{ papermerge_root_dir }}/venv"
-        virtualenv_command: /opt/rh/rh-python38/root/usr/local/bin/virtualenv
-        virtualenv_python: /opt/rh/rh-python38/root/bin/python
+        virtualenv_command: /opt/rh/rh-python38/root/bin/python -m venv
       notify: restart papermerge
 
     - name: Install additional python modules
@@ -64,8 +65,7 @@
           - psycopg2-binary # building fails here, Python.h not found (??)
           - gunicorn
         virtualenv: "{{ papermerge_root_dir }}/venv"
-        virtualenv_command: /opt/rh/rh-python38/root/usr/local/bin/virtualenv
-        virtualenv_python: /opt/rh/rh-python38/root/bin/python
+        virtualenv_command: /opt/rh/rh-python38/root/usr/bin/python -m venv
       notify: restart papermerge
   tags: ged
 
@@ -114,3 +114,6 @@
     mode: 755
   tags: ged
 
+- name: Set permission on the queue dir
+  file: path={{ papermerge_root_dir }}/tmp/queue state=directory owner={{ papermerge_user }} group={{ papermerge_user }}
+  tags: ged
diff --git a/roles/papermerge/tasks/iptables.yml b/roles/papermerge/tasks/iptables.yml
index 614034a..8e36775 100644
--- a/roles/papermerge/tasks/iptables.yml
+++ b/roles/papermerge/tasks/iptables.yml
@@ -4,6 +4,6 @@
   iptables_raw:
     name: papermerge_port
     state: "{{ (papermerge_src_ip | length > 0) | ternary('present','absent') }}"
-    rules: "-A INPUT -m state --state NEW -p tcp --dport {{ papermerge_port }} -s {{ papermerge_src_ip | join(',') }} -j ACCEPT"
+    rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports {{ papermerge_port }},{{ papermerge_port | int + 1 }} -s {{ papermerge_src_ip | join(',') }} -j ACCEPT"
   tags: firewall,ged
 
diff --git a/roles/papermerge/templates/gunicorn.conf.py.j2 b/roles/papermerge/templates/gunicorn.conf.py.j2
index db6f781..ebb05ea 100644
--- a/roles/papermerge/templates/gunicorn.conf.py.j2
+++ b/roles/papermerge/templates/gunicorn.conf.py.j2
@@ -1,2 +1,2 @@
 workers = 2
-bind = ["127.0.0.1:{{ papermerge_port | int + 1 }}"]
+bind = ["0.0.0.0:{{ papermerge_port | int + 1 }}"]
diff --git a/roles/papermerge/templates/papermerge.conf.py.j2 b/roles/papermerge/templates/papermerge.conf.py.j2
index 434f7ce..b791ccb 100644
--- a/roles/papermerge/templates/papermerge.conf.py.j2
+++ b/roles/papermerge/templates/papermerge.conf.py.j2
@@ -9,6 +9,11 @@ IMPORTER_DIR = "{{ papermerge_root_dir }}/input"
 FILES_MIN_UNMODIFIED_DURATION = 10
 OCR_DEFAULT_LANGUAGE = "{{ papermerge_ocr_default_lang }}"
 LANGUAGE_FROM_AGENT = True
+LANGUAGES = [
+  ('de', 'Deutsch'),
+  ('en', 'English'),
+  ('fr', 'Français'),
+]
 TASK_QUEUE_DIR = "{{ papermerge_root_dir }}/tmp/queue"
 OCR_LANGUAGES = {
   "deu": "Deutsch",
diff --git a/roles/papermerge/templates/production.py.j2 b/roles/papermerge/templates/production.py.j2
index 78404f5..6a683fe 100644
--- a/roles/papermerge/templates/production.py.j2
+++ b/roles/papermerge/templates/production.py.j2
@@ -1,5 +1,5 @@
 from .base import *  # noqa
 DEBUG = False
-ALLOWED_HOSTS = ['127.0.0.1']
+ALLOWED_HOSTS = ['*']
 SECRET_KEY = "{{ papermerge_secret_key }}"
 
diff --git a/roles/pve/vars/main.yml b/roles/pve/vars/main.yml
index 3e86692..c250c87 100644
--- a/roles/pve/vars/main.yml
+++ b/roles/pve/vars/main.yml
@@ -4,3 +4,7 @@ iptables_manage: False
 
 # We most likely want to enable ip_forwarding
 net_ipv4_forward: True
+
+# root must be able to connect with ssh, and without DNS
+sshd_permit_root_login: True
+sshd_use_dns: False