diff --git a/playbooks/dns.yml b/playbooks/dns.yml
old mode 100644
new mode 100755
index 4ceef0d..36e7b1a
--- a/playbooks/dns.yml
+++ b/playbooks/dns.yml
@@ -1,6 +1,7 @@
+#!/usr/bin/ansible-playbook
 ---
 - name: Manage DNS Internal Master Server.
-  hosts: dns-master-internal
+  hosts: kichererbse.freifunk-mwu.de
 
   roles:
   - service-nginx
@@ -11,7 +12,7 @@
   - pdns-admin
 
   vars:
-    mysql_root_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=password') }}"
+    mysql_root_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
     mysql_databases:
       - name: "pdns-admin"
         encoding: "utf8"
@@ -19,24 +20,25 @@
     mysql_users:
       - name: "pdns-admin"
         host: "localhost"
-        password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=password') }}"
+        password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
         priv: "pdns-admin.*:ALL"
     mysql_max_binlog_size: "100M"
     mysql_expire_logs_days: "10"
+    mysql_bind_address: "127.0.0.1"
 
     pdns_install_repo: "{{ pdns_auth_powerdns_repo_41 }}"
 
     pdns_mysql_databases_credentials:
       gmysql:
         priv_user: root
-        priv_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=password') }}"
+        priv_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
         priv_host:
           - "localhost"
 
     pdns_config:
       allow-axfr-ips: "{% for host in groups['ffmwu-gateways'] %}{{ loopback_net_ipv4 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }},{{ loopback_net_ipv6 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }}{% if not loop.last %},{% endif %}{% endfor %}"
       api: "yes"
-      api-key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_apikey subkey=api-key') }}"
+      api-key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_apikey') }}"
       default-soa-name: "{{ inventory_hostname }}"
       default-soa-mail: "admin.freifunk-mwu.de"
       local-port: "53"
@@ -49,24 +51,24 @@
       webserver: "yes"
       webserver-address: "127.0.0.1"
       webserver-allow-from: "0.0.0.0/0,::/0"
-      webserver-password: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_webserver subkey=password') }}"
+      webserver-password: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_webserver') }}"
 
     pdns_backends:
       gmysql:
         host: "127.0.0.1"
         user: "powerdns"
-        password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_powerdns subkey=password') }}"
+        password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_powerdns subkey=secret') }}"
         dbname: "powerdns"
 
     pdns_admin_global_config:
-      secret_key: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=password') }}"
+      secret_key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdnsadmin_secretkey') }}"
       login_title: "Freifunk MWU DNS Management"
       log_level: "INFO"
       log_file: "pdns-admin.log"
 
     pdns_admin_database_config:
       sqla_db_user: "pdns-admin"
-      sqla_db_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=password') }}"
+      sqla_db_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
       sqla_db_host: "127.0.0.1"
       sqla_db_name: "pdns-admin"
       sqlalchemy_track_modifications: True