diff --git a/group_vars/all.yaml b/group_vars/all.yaml
index 85f5faf..72eda75 100644
--- a/group_vars/all.yaml
+++ b/group_vars/all.yaml
@@ -41,7 +41,7 @@ keycloak_address: keycloak.atlantishq.de
 
 keycloak_clients:
     python-flask-picture-factory:
-        party_secret : "HISTORY_PURGED_SECRETKG0j"
+        party_secret : "HISTORY_PURGED_SECRET"
         client_id: z_images
         client_secret: "HISTORY_PURGED_SECRET"
         redirect_uris:
diff --git a/roles/web1/tasks/main.yaml b/roles/web1/tasks/main.yaml
index af18bd0..3895a64 100644
--- a/roles/web1/tasks/main.yaml
+++ b/roles/web1/tasks/main.yaml
@@ -21,17 +21,6 @@
     line:  "            flow.redirect_uri = url_for('_oidc_callback', _external=True, _scheme='https')"
     backup: yes
 
-- name: Set owner in case git already exists and has bad ownership
-  file:
-    path: /var/www/{{ item }}/
-    owner: root
-    group: root
-    recurse: true
-  with_items:        
-    - python-flask-picture-factory
-    - simple-log-server
-    - soundlib-interface
-
 - name: Set mode /usr/local/lib/ (python libraries)
   file:
     path: /usr/local/lib/
@@ -42,12 +31,14 @@
   git:
     repo: https://github.com/FAUSheppy/{{ item }}.git
     dest: "/var/www/{{ item }}"
+  become: yes
+  become_user: www-data
   with_items:        
     - python-flask-picture-factory
     - simple-log-server
     - soundlib-interface
 
-- name: Reset Ownership to www-data
+- name: Ensure Ownership to www-data
   file:
     path: /var/www/{{ item }}/
     owner: www-data
@@ -104,13 +95,15 @@
   with_items:
     - simple-log-server
     - soundlib-interface
+    - python-flask-picture-factory
 
 - name: Template Systemd Units
   template:
     src: "waitress-systemd-unit.j2"
     dest: "/etc/systemd/system/{{ item.name }}.service"
   with_items:
-    - { name : "image-factory",      path : "/var/www/python-flask-picture-factory" }
+    - { name : "python-flask-picture-factory",
+                                     path : "/var/www/python-flask-picture-factory", external_oidc : true }
     - { name : "serien-ampel",       path : "/var/www/serien-ampel" }
     - { name : "simple-log-server",  path : "/var/www/simple-log-server", external_oidc : true }
     - { name : "soundlib-interface", path : "/var/www/soundlib-interface", external_oidc : true }
@@ -130,6 +123,7 @@
   with_items:
     - soundlib-interface
     - simple-log-server
+    - python-flask-picture-factory
 
 - name: Enable and Start Systemd Units
   systemd:
@@ -137,7 +131,7 @@
     enabled: yes
     state: started
   with_items:
-    - image-factory
+    - python-flask-picture-factory
     - serien-ampel
     - simple-log-server
     - soundlib-interface
diff --git a/vars/services.yaml b/vars/services.yaml
index 5528abf..5878846 100644
--- a/vars/services.yaml
+++ b/vars/services.yaml
@@ -1,5 +1,5 @@
 services:
-    image-factory:
+    python-flask-picture-factory:
         port: 5000
     serien-ampel:
         port: 5001