diff --git a/.justfile b/.justfile
index ed7e387..b37ae07 100644
--- a/.justfile
+++ b/.justfile
@@ -9,6 +9,8 @@ export ANSIBLE_DISPLAY_ARGS_TO_STDOUT := if env('CI', '') == 'true' { 'false' }
 play +ARGS:
   uv run ansible-playbook {{ ARGS }}
 
+deploy-services: (play "./playbooks/docker/services.yaml")
+
 ansible +ARGS:
   uv run ansible {{ ARGS }}
 
@@ -21,5 +23,8 @@ encrypt +ARGS:
 encrypt-var NAME +CONTENT='':
   uv run ansible-vault encrypt_string {{ if CONTENT != "" {"--name"} else {"--stdin-name"} }} {{ NAME }} {{ CONTENT }}
 
+decrypt-var FILE NAME:
+  uv run ansible localhost -m ansible.builtin.debug -e "@{{ FILE }}" -a var="{{ NAME }}"
+
 decrypt +ARGS:
   uv run ansible-vault edit {{ ARGS }}
diff --git a/files/docker/rss/docker-stack.yaml b/files/docker/rss/docker-stack.yaml
index 94801a8..8217cd6 100644
--- a/files/docker/rss/docker-stack.yaml
+++ b/files/docker/rss/docker-stack.yaml
@@ -1,7 +1,8 @@
 networks:
-  reverse-proxy:
+  reverse_proxy:
     external: true
   miniflux:
+    driver: overlay
 
 volumes:
   linkding_data:
@@ -11,16 +12,16 @@ services:
   miniflux:
     image: miniflux/miniflux:latest
     restart: unless-stopped
-    depends_on:
-      - miniflux_db
     networks:
       - miniflux
-      - reverse-proxy
+      - reverse_proxy
     environment:
-      DATABASE_URL: postgres://${MF_DB_USER}:${MF_DB_PASS}@miniflux_db/miniflux?sslmode=disable
+      DATABASE_URL: "user='${MF_DB_USER}' password='${MF_DB_PASS}' dbname=miniflux host=miniflux_db sslmode=disable"
       RUN_MIGRATIONS: 1
       BASE_URL: https://rss.alecodes.page
 
+      LOG_LEVEL: debug
+
       OIDC_ENABLED: 1
       DISABLE_LOCAL_AUTH: 1
       OAUTH2_USER_CREATION: 1
@@ -40,18 +41,18 @@ services:
       placement:
         constraints:
           - node.labels.services_kind==${SERVICE_KIND:-common}
-      labels:
-        - traefik.enable=true
-        - traefik.http.routers.freshrss.rule=Host(`rss.alecodes.page`)
-        - traefik.http.services.freshrss.loadbalancer.server.port=8080
+      # labels:
+        # - traefik.enable=true
+        # - traefik.http.routers.miniflux.rule=Host(`rss.alecodes.page`)
+        # - traefik.http.services.miniflux.loadbalancer.server.port=8080
 
   miniflux_db:
-    image: postgres:15
+    image: postgres:latest
     networks:
       - miniflux
     environment:
       - POSTGRES_USER=${MF_DB_USER}
-      - POSTGRES_PASSWORD=${MF_DB_PASS}
+      - POSTGRES_PASSWORD='${MF_DB_PASS}'
       - POSTGRES_DB=miniflux
     volumes:
       - miniflux_db:/var/lib/postgresql/data
@@ -69,12 +70,26 @@ services:
       placement:
         constraints:
           - node.labels.services_kind==${SERVICE_KIND:-common}
+  adminer:
+    image: adminer
+    restart: always
+    networks:
+        - reverse_proxy
+        - miniflux
+    deploy:
+      placement:
+        constraints:
+          - node.labels.services_kind==${SERVICE_KIND:-common}
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.miniflux.rule=Host(`rss.alecodes.page`)
+        - traefik.http.services.miniflux.loadbalancer.server.port=8080
 
   linkding:
     image: sissbruecker/linkding:latest
     restart: unless-stopped
     networks:
-        - reverse-proxy
+        - reverse_proxy
     volumes:
       - linkding_data:/etc/linkding/data"
     environment:
diff --git a/files/docker/rss/env.yaml b/files/docker/rss/env.yaml
deleted file mode 100644
index 8adade9..0000000
--- a/files/docker/rss/env.yaml
+++ /dev/null
@@ -1,55 +0,0 @@
-SERVICE_KIND: common
-MF_OIDC_CLIENT_ID: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  64373465396361306338353037613339383136643235633433396436313265343565343335386439
-  6364653962636630393031326266626631353163656364620a366663306633623163306631323836
-  31666165343039613838656236333232336631373139626230633266306134613665366135363763
-  6239303930306435390a326263653938343931323962343935323136386633376437666231333163
-  62623366393664643136393638323665313263383934646565366331663163653862386635333562
-  63396636646663326637333563303734313336653038323334646164306336393562313030353063
-  61643537393062336438623762633331666562303335393434666437336636613935626435363631
-  33386337336365353733
-MF_OIDC_CLIENT_SECRET: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  31666165626661336330303635343437313563343234383966383862653735643734633130626631
-  3335656237326535333132666432646563386131303636350a626534653338343236313636623234
-  34323364333834376334383431323434643634363336363333306634383232393132316662333134
-  6266653032646635380a313633363439613637303636316436383030636132356233306661323734
-  35663535373663373364616130333334613366616432616162323961666136383236353466373831
-  61386464313533643464323762333639316631393364393062666566666233623364376334376139
-  31366363376564353135646134396666373166386461376162656231323335396539323533643734
-  39306533333436363361
-MF_DB_USER: miniflux
-MF_DB_PASS: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  34646261613038636238336165356531383461326435376662613865613030396364326438396531
-  3833303736653266653134326132386433303131356136630a623732303863646337326563383939
-  34653961306431626565393933323863346262386666333432373135623130376530663930646561
-  6166316462336162660a366562316333383264336133353434326165363165353138336162316461
-  31643962306561396632396663363565386666393531313064353633633138333838616666333438
-  62396465636436353136393939633638326435646161313561373038636364626562373561616663
-  36613061663764636466386637356533623131303762303436393532633035323162623063643231
-  38356364613530393766363636663637373735306664376166613934633561653466393065653535
-  30646634333863353332376166663836653331393462336337306566346565626133343065376534
-  30356633323139653332366234643034613465323139663764613938333165626137663138626661
-  323164373034316262646265326565303638
-LD_OIDC_CLIENT_ID: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  32386332636132656536326132666138336230393965333637336234656663393531366266653037
-  6365386466343938303532353361626335346335353965660a313132623532343063393565393136
-  62363735373661333539396531663338343637363836666635626562363761613738303231636637
-  3431356534326662320a663130363739643538643031643534613835363737666662303138313737
-  32366361313137306334323965333066656164393830656334303038356461363530303731653161
-  33633832626335376263616430306565633664626163396430376239353838313364386364353037
-  64323765653835343263353739353938373133363464326566346162343536353437623261643139
-  36383363636464613138
-LD_OIDC_CLIENT_SECRET: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  33343032383063343035316333613033646538643564386337396336623134656333393962386262
-  3936383566346433623766306666363165323562353561330a613333656264626337396666666136
-  35343638326334343539616462646338643066303138616162623964383363393361366563653737
-  6539333565313438300a653733613535643264386532333830343264626665363234653834343036
-  66393935653363633837363534383365303166313061306532613366656132663264306530666133
-  37306462336534393436373836656137663566623031646165376262633535383462373663363166
-  31366234373764373031373161653736383336613336646631333562333864663639653263333762
-  61343031656664636431