diff --git a/roles/cni_plugins/defaults/main.yml b/roles/cni_plugins/defaults/main.yml
index 3995219..8595b3c 100644
--- a/roles/cni_plugins/defaults/main.yml
+++ b/roles/cni_plugins/defaults/main.yml
@@ -1,11 +1,11 @@
 ---
 
 # Version of the CNI plugins to install
-cni_version: 1.3.0
+cni_version: 1.4.0
 # Archive where the pre compiled bin archive will be downloaded
 cni_archive_url: https://github.com/containernetworking/plugins/releases/download/v{{ cni_version }}/cni-plugins-linux-amd64-v{{ cni_version }}.tgz
 # Expected checksum of the archive
-cni_archive_sha256: 754a71ed60a4bd08726c3af705a7d55ee3df03122b12e389fdba4bea35d7dd7e
+cni_archive_sha256: c2485ddb3ffc176578ae30ae58137f0b88e50f7c7f2af7d53a569276b2949a33
 
 # Where the plugins will be installed (binaries will be extracted in a /bin sub-directory)
 cni_root_dir: /opt/cni
diff --git a/roles/coturn/tasks/main.yml b/roles/coturn/tasks/main.yml
index b5b48ce..2165420 100644
--- a/roles/coturn/tasks/main.yml
+++ b/roles/coturn/tasks/main.yml
@@ -109,7 +109,7 @@
   tags: turn
 
 - name: List long term users
-  shell: turnadmin --list | grep -vP '^0:\s+:\s+(log file opened|SQLite connection)' | cut -d'[' -f1
+  shell: turnadmin --list | grep -vP '^0:\s+\(\d+\):\s+INFO:' | cut -d'[' -f1
   register: turn_lt_existing_users
   changed_when: False
   tags: turn
diff --git a/roles/jitsi/tasks/install.yml b/roles/jitsi/tasks/install.yml
index 389e097..ed50349 100644
--- a/roles/jitsi/tasks/install.yml
+++ b/roles/jitsi/tasks/install.yml
@@ -63,6 +63,8 @@
     repo: "{{ jitsi_jicofo_git_url }}"
     dest: "{{ jitsi_root_dir }}/src/jicofo"
     force: True
+    depth: 1
+    single_branch: True
   become_user: "{{ jitsi_user }}"
   register: jitsi_jicofo_git
   tags: jitsi
@@ -98,6 +100,8 @@
     repo: "{{ jitsi_jigasi_git_url }}"
     dest: "{{ jitsi_root_dir }}/src/jigasi"
     force: True
+    depth: 1
+    single_branch: True
   become_user: "{{ jitsi_user }}"
   register: jitsi_jigasi_git
   tags: jitsi
@@ -154,6 +158,8 @@
     repo: "{{ jitsi_meet_git_url }}"
     dest: "{{ jitsi_root_dir }}/src/meet"
     force: True
+    depth: 1
+    single_branch: True
   register: jitsi_meet_git
   become_user: "{{ jitsi_user }}"
   tags: jitsi
diff --git a/roles/jitsi_jibri/tasks/install.yml b/roles/jitsi_jibri/tasks/install.yml
index 11f7fbe..ff28244 100644
--- a/roles/jitsi_jibri/tasks/install.yml
+++ b/roles/jitsi_jibri/tasks/install.yml
@@ -49,6 +49,8 @@
     repo: "{{ jitsi_jibri_git_url }}"
     dest: "{{ jitsi_root_dir }}/src/jibri"
     force: True
+    depth: 1
+    single_branch: True
   become_user: "{{ jitsi_jibri_user }}"
   register: jitsi_jibri_git
   tags: jitsi
diff --git a/roles/jitsi_videobridge/tasks/install.yml b/roles/jitsi_videobridge/tasks/install.yml
index 6a6ce69..1fe303a 100644
--- a/roles/jitsi_videobridge/tasks/install.yml
+++ b/roles/jitsi_videobridge/tasks/install.yml
@@ -39,6 +39,8 @@
     repo: "{{ jitsi_videobridge_git_url }}"
     dest: "{{ jitsi_root_dir }}/src/videobridge"
     force: True
+    depth: 1
+    single_branch: True
   become_user: "{{ jitsi_user }}"
   register: jitsi_videobridge_git
   tags: jitsi
diff --git a/roles/kimai/defaults/main.yml b/roles/kimai/defaults/main.yml
index 22d9a0a..b9bf390 100644
--- a/roles/kimai/defaults/main.yml
+++ b/roles/kimai/defaults/main.yml
@@ -5,12 +5,12 @@
 # You can set it to a number or a simple string (no special chars)
 kimai_id: 1
 # Kimai version to deploy
-kimai_version: '2.4.1'
+kimai_version: '2.5.0'
 
 # URL of the archive
 kimai_archive_url: https://github.com/kevinpapst/kimai2/archive/refs/tags/{{ kimai_version }}.tar.gz
 # Expected sha256 of the archive
-kimai_archive_sha256: 3e41e2b95bcb9e855989060fd9bf598424c5e58e9f152a61f3900565cb5b5d81
+kimai_archive_sha256: a58926145bc84e38e294af4aa9b4cf3549574ad2fc4f3bca4d47b9bae8448d7a
 
 # Directory where kimai will be installed
 kimai_root_dir: /opt/kimai_{{ kimai_id }}
diff --git a/roles/matrix_element/defaults/main.yml b/roles/matrix_element/defaults/main.yml
index 6530699..d4707f5 100644
--- a/roles/matrix_element/defaults/main.yml
+++ b/roles/matrix_element/defaults/main.yml
@@ -5,8 +5,8 @@
 element_id: element
 
 # Version to deploy, and expected sha256
-element_version: 1.11.50
-element_archive_sha256: 1946854314417de208ef05e4e7ff095fd4dbda033e9f15d69d8b10f1f0c7bbfa
+element_version: 1.11.51
+element_archive_sha256: 8566c53b22e6a63a2876d76d52a1cd6e3f121ce1404e0d187b54c09656226128
 
 # Where to install element
 element_root_dir: /opt/matrix/element
diff --git a/roles/matrix_synapse/defaults/main.yml b/roles/matrix_synapse/defaults/main.yml
index 286f5a4..dc94622 100644
--- a/roles/matrix_synapse/defaults/main.yml
+++ b/roles/matrix_synapse/defaults/main.yml
@@ -1,7 +1,7 @@
 ---
 
 # Synapse version to deploy
-synapse_version: '1.96.1'
+synapse_version: '1.97.0'
 
 # Should ansible handle Synapse upgrades ? If false, only initial install will be done
 synapse_manage_upgrade: True
diff --git a/roles/metabase/defaults/main.yml b/roles/metabase/defaults/main.yml
index 7e5bbac..cac65bc 100644
--- a/roles/metabase/defaults/main.yml
+++ b/roles/metabase/defaults/main.yml
@@ -1,15 +1,15 @@
 ---
 
 # Version to deploy
-metabase_version: 0.47.8
+metabase_version: 0.47.9
 # URL to fetch the jar
 metabase_jar_url: https://downloads.metabase.com/v{{ metabase_version }}/metabase.jar
 # Expected sha256 of the jar
-metabase_jar_sha256: ba0183ca831202fa0a66d8b7c67c4642c7a80d5ae84460646b0b7f17b99ae0ae
+metabase_jar_sha256: 0a106531ab658d4f2242a83358fcf2c66179faa266e1780adee83b6727660a0f
 # When building from source
 metabase_archive_url: https://github.com/metabase/metabase/archive/refs/tags/v{{ metabase_version }}.tar.gz
 # Expected sha256 of the archive
-metabase_archive_sha256: e540d2df2db96b18df61243a58bd4ca8fedfc845b31b7fb7a030a60cf9ed20f1
+metabase_archive_sha256: 56f96ebbb88c5d3af1f802e3b59fe2399c1350c7cb967b70522b353347a8763b
 # Should ansible handle upgrades ? If set to false, only the initial install (and the config) will be handled
 metabase_manage_upgrade: True
 
diff --git a/roles/vault_bin/defaults/main.yml b/roles/vault_bin/defaults/main.yml
index 440eb89..34e98cd 100644
--- a/roles/vault_bin/defaults/main.yml
+++ b/roles/vault_bin/defaults/main.yml
@@ -1,7 +1,7 @@
 # Version of Vault to install
-vault_version: 1.15.2
+vault_version: 1.15.4
 # URL of the archive
 vault_archive_url: https://releases.hashicorp.com/vault/{{ vault_version }}/vault_{{ vault_version }}_linux_amd64.zip
 # Expected sha256 of the archive
-vault_archive_sha256: 5a0820943bc212713ba57a5136b5ec96dd1a6fc5a1c61666407d996027b2e694
+vault_archive_sha256: f42f550713e87cceef2f29a4e2b754491697475e3d26c0c5616314e40edd8e1b
 
diff --git a/roles/zabbix_server/files/scripts/cert_expire.sh b/roles/zabbix_server/files/scripts/cert_expire.sh
new file mode 100644
index 0000000..effb223
--- /dev/null
+++ b/roles/zabbix_server/files/scripts/cert_expire.sh
@@ -0,0 +1,12 @@
+#/bin/sh
+
+set -euo pipefail
+
+# Validate host:port
+if ! echo $1 | grep -qP '^(((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3})|(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])):\d{1,5}$'; then
+  echo "Invalid host:port"
+  exit 1
+fi
+
+echo $((($(echo -n | openssl s_client -connect $1 2>/dev/null | openssl x509 -noout -enddate  | sed "s/.*=\(.*\)/\1/" | xargs -I __ date -d "__" +%s) - $(date +%s))/86400))
+