diff --git a/roles/dokuwiki/files/userstyle.css b/roles/dokuwiki/files/userstyle.css
index 8109352..45b72cb 100644
--- a/roles/dokuwiki/files/userstyle.css
+++ b/roles/dokuwiki/files/userstyle.css
@@ -1,10 +1,3 @@
-a.interwiki,
-a.urlextern,
-a.windows {
-	padding-left: 0 !important;
-	background: none !important;
-}
-
 body {
 	font: unset;
 }
diff --git a/roles/dokuwiki/templates/dokuwiki.conf.j2 b/roles/dokuwiki/templates/dokuwiki.conf.j2
index b36a818..37a0572 100644
--- a/roles/dokuwiki/templates/dokuwiki.conf.j2
+++ b/roles/dokuwiki/templates/dokuwiki.conf.j2
@@ -1,8 +1,9 @@
 server {
-	listen 443 ssl http2;
-	listen [::]:443 ssl http2;
+	listen 443 ssl;
+	listen [::]:443 ssl;
 	server_name {{ dns_name }};
 
+	http2 on;
 	ssl_certificate /etc/letsencrypt/live/{{ dns_name }}/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/{{ dns_name }}/privkey.pem;
 
diff --git a/roles/nginx/files/reload-nginx.sh b/roles/nginx/files/reload-nginx.sh
new file mode 100644
index 0000000..e93198d
--- /dev/null
+++ b/roles/nginx/files/reload-nginx.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+service nginx reload
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
index fb5d0ba..2fb8a50 100644
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -29,6 +29,12 @@
     cmd: certbot certonly --non-interactive --agree-tos --register-unsafely-without-email --webroot --webroot-path /srv/http -d {{ dns_name }}
     creates: '/etc/letsencrypt/renewal/{{ dns_name }}.conf'
 
+- name: Install certificate renewal deployment hook
+  copy:
+    dest: /etc/letsencrypt/renewal-hooks/deploy/
+    src: reload-nginx.sh
+    mode: 0755
+
 - name: Enable certbot renewal
   cron:
     name: "certbot renew"