diff --git a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml
index 728ca27..3971d73 100644
--- a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml
+++ b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml
@@ -229,7 +229,6 @@ jobs:
           options: |
             --inventory inventory/hosts.yml
             --limit ${{ matrix.host }}
-            --ask-become-pass
 
       - name: Gotify Notification
         uses: eikendev/gotify-action@master
diff --git a/host_vars/rinoa.yml b/host_vars/rinoa.yml
index c57ab13..1cc0934 100644
--- a/host_vars/rinoa.yml
+++ b/host_vars/rinoa.yml
@@ -1,4 +1,11 @@
 appdata_base_path: /home/charish/.docker/config/appdata
+ansible_become_password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  33393031336537653965343539636434613066326131653737396561653031336665633430353837
+  3166363261623634363162626161633831316539643339620a326538663930396335646631356335
+  39643539313531646566353034313734646432626462646530303762323939613833663237316631
+  3134383462306432630a626163356437336331356339353332613265366564323234613732626331
+  64333464306531303163376566393065643136633165373364373733323838616437
 secrets_path: rinoa-docker/env
 file_metadata:
   "mongodb/config/keyfile.j2":
@@ -12,4 +19,4 @@ file_metadata:
   "searxng/uwsgi.ini.j2":
     owner: "977"
     group: "977"
-    mode: "0644"
\ No newline at end of file
+    mode: "0644"
diff --git a/host_vars/rinoa_vault.yml b/host_vars/rinoa_vault.yml
deleted file mode 100644
index 490ad03..0000000
--- a/host_vars/rinoa_vault.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-64373031363133633233383737653165653034636261616166646130353564343466383933623333
-3064363737373635636232616334663362646138333666650a663461353938333065356431653466
-34616666633563303366343832303165626664613962636366653439376133313731653433646631
-6630663736303433650a363832366136626230353437663231663331363230313336636637383234
-34643964333835613566396465643731623265663063666164373262626330393139353238323839
-6236303734306233633863383664326463636666616331656665
diff --git a/tar-valon_config_deploy.yml b/tar-valon_config_deploy.yml
index 90c7800..89dbc9e 100644
--- a/tar-valon_config_deploy.yml
+++ b/tar-valon_config_deploy.yml
@@ -5,6 +5,8 @@
     - rikku
     - benedikta
   gather_facts: false
+  become: true
+  become_method: sudo
 
   vars:
     default_owner: "1000"
@@ -12,6 +14,11 @@
     default_mode: "0644"
 
   pre_tasks:
+    - name: Load host-specific vaulted variables if they exist
+      ansible.builtin.include_vars:
+        file: "host_vars/{{ inventory_hostname }}_vault.yml"
+      ignore_errors: true
+
     - name: Get remote user's UID and GID
       ansible.builtin.command: "id -u && id -g"
       register: remote_user_info