diff --git a/dev.yml b/dev.yml
index 5cec9d18ae..4ac13a7712 100644
--- a/dev.yml
+++ b/dev.yml
@@ -15,8 +15,8 @@
     - { role: mailpit, tags: [mailpit, mailhog, mail] }
     - { role: php, tags: [php] }
     - { role: xdebug, tags: [php, xdebug] }
-    - { role: memcached, tags: [memcached], when: sites_using_memcached | count }
-    - { role: redis, tags: [redis], when: sites_using_redis | count }
+    - { role: memcached, tags: [memcached], when: sites_using_memcached | count > 0 }
+    - { role: redis, tags: [redis], when: sites_using_redis | count > 0 }
     - { role: nginx, tags: [nginx] }
     - { role: logrotate, tags: [logrotate] }
     - { role: composer, tags: [composer] }
diff --git a/requirements.txt b/requirements.txt
index 6ca4ad1de4..3d111fca09 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,2 +1 @@
 ansible>=2.10.0
-ansible-core<2.19.0
diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml
index 425a5c795f..6651ac5ec3 100644
--- a/roles/common/defaults/main.yml
+++ b/roles/common/defaults/main.yml
@@ -12,7 +12,7 @@ apt_packages_default:
   libnss-myhostname: "{{ apt_package_state }}"
   python3: "{{ apt_package_state }}"
   python3-software-properties: "{{ apt_package_state }}"
-  python3-mysqldb: "{{ apt_package_state }}"
+  python3-pymysql: "{{ apt_package_state }}"
   python3-pycurl: "{{ apt_package_state }}"
   unzip: "{{ apt_package_state }}"
 
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index b196902862..2cf255f0da 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -2,7 +2,7 @@
 - name: Validate wordpress_sites
   fail:
     msg: "{{ lookup('template', 'wordpress_sites.j2') }}"
-  when: wordpress_sites.keys() | difference(vault_wordpress_sites.keys()) | count
+  when: wordpress_sites.keys() | difference(vault_wordpress_sites.keys()) | count > 0
   tags: [wordpress]
 
 - name: Validate format of site_hosts
@@ -11,7 +11,7 @@
   loop: "{{ wordpress_sites | dict2items }}"
   loop_control:
     label: "{{ item.key }}"
-  when: item.value.site_hosts | rejectattr('canonical', 'defined') | list | count
+  when: item.value.site_hosts | rejectattr('canonical', 'defined') | list | count > 0
   tags: [letsencrypt, wordpress]
 
 - name: Import PHP version specific vars
@@ -29,7 +29,7 @@
 - name: Verify dict format for package component variables
   fail:
     msg: "{{ lookup('template', 'package_vars_wrong_format_msg.j2') }}"
-  when: package_vars_wrong_format | count
+  when: package_vars_wrong_format | count > 0
   vars:
     package_vars:
       apt_packages_default: "{{ apt_packages_default }}"
@@ -40,20 +40,20 @@
       php_extensions_custom: "{{ php_extensions_custom }}"
       sshd_packages_default: "{{ sshd_packages_default }}"
       sshd_packages_custom: "{{ sshd_packages_custom }}"
-    package_vars_wrong_format: "[{% for k,v in package_vars.items() | list if v | type_debug != 'dict' %}'{{ k }}',{% endfor %}]"
+    package_vars_wrong_format: "{{ package_vars | dict2items | rejectattr('value', 'mapping') | map(attribute='key') | list }}"
   tags: [memcached, php, sshd]
 
 - name: Verify dict format for package combined variables
   fail:
     msg: "{{ lookup('template', 'package_vars_wrong_format_msg.j2') }}"
-  when: package_vars_wrong_format | count
+  when: package_vars_wrong_format | count > 0
   vars:
     package_vars:
       apt_packages: "{{ apt_packages }}"
       memcached_packages: "{{ memcached_packages }}"
       php_extensions: "{{ php_extensions }}"
       sshd_packages: "{{ sshd_packages }}"
-    package_vars_wrong_format: "[{% for k,v in package_vars.items() | list if v | type_debug != 'dict' %}'{{ k }}',{% endfor %}]"
+    package_vars_wrong_format: "{{ package_vars | dict2items | rejectattr('value', 'mapping') | map(attribute='key') | list }}"
   tags: [memcached, php, sshd]
 
 - name: Validate Ubuntu version
diff --git a/roles/letsencrypt/tasks/nginx.yml b/roles/letsencrypt/tasks/nginx.yml
index 229f6ff4b2..20f40638cd 100644
--- a/roles/letsencrypt/tasks/nginx.yml
+++ b/roles/letsencrypt/tasks/nginx.yml
@@ -4,6 +4,7 @@
     src: acme-challenge-location.conf.j2
     dest: "{{ nginx_path }}/acme-challenge-location.conf"
     mode: '0644'
+  become: yes
 
 - name: Get list of hosts in current Nginx conf
   shell: |
@@ -24,10 +25,11 @@
   register: challenge_site_confs
   when:
     - site_uses_letsencrypt
-    - missing_hosts | count
+    - missing_hosts | count > 0
   loop: "{{ wordpress_sites | dict2items }}"
   loop_control:
     label: "{{ item.key }}"
+  become: yes
 
 - name: Enable Nginx sites
   file:
@@ -37,10 +39,11 @@
   register: challenge_sites_enabled
   when:
     - site_uses_letsencrypt
-    - missing_hosts | count
+    - missing_hosts | count > 0
   loop: "{{ wordpress_sites | dict2items }}"
   loop_control:
     label: "{{ item.key }}"
+  become: yes
   notify: disable temporary challenge sites
 
 - import_tasks: "{{ playbook_dir }}/roles/common/tasks/reload_nginx.yml"
diff --git a/roles/mariadb/tasks/main.yml b/roles/mariadb/tasks/main.yml
index 723bf0e2da..1c1f978503 100644
--- a/roles/mariadb/tasks/main.yml
+++ b/roles/mariadb/tasks/main.yml
@@ -57,7 +57,9 @@
       host: "{{ item }}"
       password: "{{ mysql_root_password }}"
       check_implicit_admin: yes
+      column_case_sensitive: no
       state: present
+      login_unix_socket: /var/run/mysqld/mysqld.sock
     no_log: true
     loop:
       - "{{ inventory_hostname }}"
@@ -67,9 +69,10 @@
 
   - name: Delete anonymous MySQL server users
     mysql_user:
-      user: ""
+      name: ""
       host: "{{ item }}"
       state: absent
+      column_case_sensitive: no
     no_log: true
     loop:
       - localhost
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
index 12686d5334..631476b466 100644
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -24,6 +24,8 @@
     path: "{{ nginx_path }}/{{ item }}"
     state: directory
     mode: '0755'
+    owner: root
+    group: root
   loop:
     - sites-available
     - sites-enabled
diff --git a/roles/sshd/templates/ssh_config.j2 b/roles/sshd/templates/ssh_config.j2
index 488b188e96..03910f3e07 100644
--- a/roles/sshd/templates/ssh_config.j2
+++ b/roles/sshd/templates/ssh_config.j2
@@ -17,7 +17,7 @@ Host *
   KexAlgorithms {{ (ssh_kex_algorithms_default | default(sshd_kex_algorithms_default) + ssh_kex_algorithms_extra | default(sshd_kex_algorithms_extra)) | join(',') }}
   MACs {{ (ssh_macs_default | default(sshd_macs_default) + ssh_macs_extra | default(sshd_macs_extra)) | join(',') }}
   PasswordAuthentication {{ ssh_password_authentication | default(sshd_password_authentication) | ternary('yes', 'no') }}
-  {% if ssh_send_env | count %}
+  {% if ssh_send_env | count > 0 %}
     SendEnv {{ ssh_send_env | join(' ') }}
   {% endif -%}
   StrictHostKeyChecking {{ ssh_strict_host_key_checking }}
diff --git a/roles/sshd/templates/sshd_config.j2 b/roles/sshd/templates/sshd_config.j2
index 47af53e470..d4371fd4b2 100644
--- a/roles/sshd/templates/sshd_config.j2
+++ b/roles/sshd/templates/sshd_config.j2
@@ -13,7 +13,7 @@ ListenAddress {{ address }}
 
 Protocol {{ sshd_protocol }}
 
-{% if sshd_accept_env | count %}
+{% if sshd_accept_env | count > 0 %}
   AcceptEnv {{ sshd_accept_env | join(' ') }}
 {% endif -%}
 AllowAgentForwarding {{ sshd_allow_agent_forwarding | ternary('yes', 'no') }}
diff --git a/roles/wordpress-install/tasks/main.yml b/roles/wordpress-install/tasks/main.yml
index 6119154b47..9f1f7beaec 100644
--- a/roles/wordpress-install/tasks/main.yml
+++ b/roles/wordpress-install/tasks/main.yml
@@ -65,6 +65,8 @@
   args:
     chdir: "{{ www_root }}/{{ item.item.key }}/{{ item.item.value.current_path | default('current') }}/"
   loop: "{{ wp_install.results }}"
+  loop_control:
+    label: "{{ item.item.key }}"
   when: item is changed
 
 - name: Update WP Multisite Home URL
diff --git a/roles/wordpress-setup/tasks/database.yml b/roles/wordpress-setup/tasks/database.yml
index 4fed3d97c1..f238b977a3 100644
--- a/roles/wordpress-setup/tasks/database.yml
+++ b/roles/wordpress-setup/tasks/database.yml
@@ -23,6 +23,7 @@
       login_host: "{{ site_env.db_host }}"
       login_user: "{{ mysql_root_user }}"
       login_password: "{{ mysql_root_password }}"
+      column_case_sensitive: no
     no_log: true
     loop: "{{ wordpress_sites | dict2items }}"
     loop_control:
diff --git a/roles/wordpress-setup/tasks/nginx-includes.yml b/roles/wordpress-setup/tasks/nginx-includes.yml
index 135eb77614..703915c720 100644
--- a/roles/wordpress-setup/tasks/nginx-includes.yml
+++ b/roles/wordpress-setup/tasks/nginx-includes.yml
@@ -31,7 +31,7 @@
                     map('regex_replace', nginx_includes_pattern, '\\2') |
                     map('dirname') | unique | list | sort
                  }}"
-    when: nginx_includes_templates.files | count
+    when: nginx_includes_templates.files | count > 0
 
   - name: Template files out to includes.d
     template:
diff --git a/roles/wordpress-setup/tasks/nginx.yml b/roles/wordpress-setup/tasks/nginx.yml
index 9f81d32c23..fd75640863 100644
--- a/roles/wordpress-setup/tasks/nginx.yml
+++ b/roles/wordpress-setup/tasks/nginx.yml
@@ -30,6 +30,7 @@
     mode: '0644'
   loop: "{{ nginx_sites_confs }}"
   when: item.enabled | default(true)
+  become: yes
   notify: reload nginx
   tags: nginx-sites
 
@@ -39,6 +40,7 @@
     state: absent
   when: not(item.enabled | default(true))
   loop: "{{ nginx_sites_confs }}"
+  become: yes
   notify: reload nginx
   tags: nginx-sites
 
@@ -48,8 +50,9 @@
     src: "{{ nginx_path }}/sites-available/{{ item.src | basename | regex_replace('.j2$', '') }}"
     state: link
     force: yes
-  when: item.enabled | default(true)
   loop: "{{ nginx_sites_confs }}"
+  when: item.enabled | default(true)
+  become: yes
   notify: reload nginx
   tags: nginx-sites
 
@@ -58,6 +61,7 @@
     src: "{{ playbook_dir }}/roles/letsencrypt/templates/acme-challenge-location.conf.j2"
     dest: "{{ nginx_path }}/acme-challenge-location.conf"
     mode: '0644'
+  become: yes
   notify: reload nginx
 
 - name: Create WordPress configuration for Nginx
@@ -69,6 +73,7 @@
   loop_control:
     label: "{{ item.key }}"
   notify: reload nginx
+  become: yes
   tags: nginx-includes
 
 - name: Enable WordPress site
@@ -81,4 +86,5 @@
   loop: "{{ wordpress_sites | dict2items }}"
   loop_control:
     label: "{{ item.key }}"
+  become: yes
   notify: reload nginx
diff --git a/roles/wordpress-setup/templates/wordpress-site.conf.j2 b/roles/wordpress-setup/templates/wordpress-site.conf.j2
index c792f77ef5..385e1e4e8a 100644
--- a/roles/wordpress-setup/templates/wordpress-site.conf.j2
+++ b/roles/wordpress-setup/templates/wordpress-site.conf.j2
@@ -287,7 +287,7 @@ server {
 {% endblock -%}
 
 {%- block redirects_domains %}
-{% if site_hosts_redirects | default([]) | count %}
+{% if site_hosts_redirects | default([]) | count > 0 %}
 # Redirect some domains
 {% endif %}
 {% for host in item.value.site_hosts if host.redirects | default([]) %}
diff --git a/server.yml b/server.yml
index d30eb2f88b..47da811172 100644
--- a/server.yml
+++ b/server.yml
@@ -24,11 +24,11 @@
     - { role: mariadb, tags: [mariadb] }
     - { role: ssmtp, tags: [ssmtp, mail] }
     - { role: php, tags: [php] }
-    - { role: memcached, tags: [memcached], when: sites_using_memcached | count }
-    - { role: redis, tags: [redis], when: sites_using_redis | count }
+    - { role: memcached, tags: [memcached], when: sites_using_memcached | count > 0 }
+    - { role: redis, tags: [redis], when: sites_using_redis | count > 0 }
     - { role: nginx, tags: [nginx] }
     - { role: logrotate, tags: [logrotate] }
     - { role: composer, tags: [composer] }
     - { role: wp-cli, tags: [wp-cli] }
-    - { role: letsencrypt, tags: [letsencrypt], when: sites_using_letsencrypt | count }
+    - { role: letsencrypt, tags: [letsencrypt], when: sites_using_letsencrypt | count > 0 }
     - { role: wordpress-setup, tags: [wordpress, wordpress-setup, letsencrypt] }