diff --git a/dotfiles.yml b/dotfiles.yml
index d4e4d72..4429c97 100644
--- a/dotfiles.yml
+++ b/dotfiles.yml
@@ -1,62 +1,17 @@
 ---
-- name: Sanity checks
-  hosts: all
-  tags: always
-  gather_facts: yes
-  tasks:
-    - name: Check theme name
-      fail:
-        msg: Variable 'theme' needs to be 'nord' or 'onedark'
-      when:
-        - theme != 'nord'
-        - theme != 'onedark'
-
-    - name: Check clipboard manager name
-      fail:
-        msg: Variable 'clipboard' needs to be 'clipman' or 'cliphist'
-      when:
-        - clipboard != 'clipman'
-        - clipboard != 'cliphist'
-
-    - name: Check notification daemon name
-      fail:
-        msg: Variable 'notification' needs to be 'dunst', 'mako' or 'fnott'
-      when:
-        - notification != 'dunst'
-        - notification != 'mako'
-        - notification != 'fnott'
-
-    # Wait for file-based configuration of fuzzel
-    - name: Check application launcher name
-      fail:
-        msg: Variable 'launcher' needs to be 'fuzzel', 'wofi' or 'rofi'
-      when:
-        - launcher != 'fuzzel'
-        - launcher != 'wofi'
-        - launcher != 'rofi'
-
-    - name: Check the number of terminal emulators
-      fail:
-        msg: Need at least 2 terminal emulators
-      when: ( terminal | length() ) < 2
-
-    - name: Check current user
-      fail:
-        msg: This playbook should not be run as 'root'
-      when: ansible_real_user_id == 0
-
-    - name: Ensure ~/.config and ~/.local/share exist
-      file:
-        path: '{{ item }}'
-        state: directory
-      loop:
-        - ~/.config
-        - ~/.local/share
-
 - name: Deploy dotfiles
   hosts: all
+  gather_facts: yes
   vars_files:
     - 'palette/{{ theme }}.yml'
+  pre_tasks:
+    - name: Check defined variables
+      import_tasks: tasks/check_variables.yml
+      tags: always
+
+    - name: Check other facts
+      import_tasks: tasks/check_other.yml
+      tags: always
   tasks:
     # 'always' tag is needed to run the playbook with custom tags passed to
     # the included roles
diff --git a/group_vars/all/custom.yml b/group_vars/all/custom.yml
index 355b82f..08cd973 100644
--- a/group_vars/all/custom.yml
+++ b/group_vars/all/custom.yml
@@ -10,6 +10,7 @@ launcher: rofi
 default_browser: qutebrowser
 clipboard: clipman
 notification: dunst
+multiplexer: zellij
 # Use 'dropbear-dbclient' if True, otherwise use 'openssh-client'
 dropbear_ssh_client: False
 # List of terminal emulators, in precedence order
diff --git a/playbooks/packages.yml b/playbooks/packages.yml
index 1ac44c8..018fce6 100644
--- a/playbooks/packages.yml
+++ b/playbooks/packages.yml
@@ -63,14 +63,14 @@
           yarn:
             name: '@mermaid-js/mermaid-cli'
             global: yes
-            state: present
+            state: latest
 
         - name: Install antora
           tags: antora
           yarn:
             name: '{{ item }}'
             global: yes
-            state: present
+            state: latest
           loop:
             - '@antora/cli'
             - '@antora/site-generator'
diff --git a/roles/multiplexer/tasks/main.yml b/roles/multiplexer/tasks/main.yml
index a6f9cba..a866e2c 100644
--- a/roles/multiplexer/tasks/main.yml
+++ b/roles/multiplexer/tasks/main.yml
@@ -17,7 +17,7 @@
         update: no
         repo: https://github.com/tmux-plugins/tpm.git
         dest: ~/.config/tmux/plugins/tpm
-  tags: [ never, tmux ]
+  when: multiplexer == 'tmux'
 
 - block:
     - name: zellij | Create config directory
@@ -30,4 +30,4 @@
         src: config.j2
         dest: ~/.config/zellij/config.yaml
         force: yes
-  tags: zellij
+  when: multiplexer == 'zellij'
diff --git a/roles/scripts/files/libexec/wayland/launch_mpd b/roles/scripts/files/libexec/wayland/launch_mpd
index 9350832..1a3a294 100755
--- a/roles/scripts/files/libexec/wayland/launch_mpd
+++ b/roles/scripts/files/libexec/wayland/launch_mpd
@@ -3,6 +3,11 @@
 # Terminate already running mpd instance
 mpd --kill 1>/dev/null 2>&1
 
+# OPTION 1:
 # Set real-time scheduling and relaunch
-# (assure the user has permission to set rtprio=40 and rttime=unlimited)
-prlimit --rtprio=40 --rttime=unlimited mpd
+# Not POSIX compatible, but ash support this ulimit syntax
+# ulimit -HS -r 40 && exec mpd --no-daemon
+
+# OPTION 2:
+# Launch normally (realtime privilege is set in /etc/security/limits.conf)
+exec mpd --no-daemon
diff --git a/roles/shells/tasks/main.yml b/roles/shells/tasks/main.yml
index e4cfd03..d38ccad 100644
--- a/roles/shells/tasks/main.yml
+++ b/roles/shells/tasks/main.yml
@@ -11,12 +11,18 @@
         dest: ~/.config/fish/
         recursive: yes
 
+    - name: fish | Create conf.d directory
+      file:
+        path: ~/.config/fish/conf.d
+        state: directory
+
     - name: fish | Copy config templates
       template:
         src: '{{ item }}.j2'
         dest: '~/.config/fish/conf.d/{{ item }}.fish'
         force: yes
       loop:
+        - aliases
         - colors
         - env
 
diff --git a/roles/shells/files/fish/conf.d/aliases.fish b/roles/shells/templates/aliases.j2
similarity index 88%
rename from roles/shells/files/fish/conf.d/aliases.fish
rename to roles/shells/templates/aliases.j2
index 5017b78..3829688 100644
--- a/roles/shells/files/fish/conf.d/aliases.fish
+++ b/roles/shells/templates/aliases.j2
@@ -4,15 +4,17 @@ abbr p pulsemixer
 alias cp='cp -vir'
 alias mv='mv -vi'
 alias rm='rm -vr'
-alias mkdir='mkdir -pv'
+alias mkdir='mkdir -vp'
 # alias ls='exa -lF --icons --sort=type'
 # alias la='exa -laF --icons --sort=type'
 # alias lt='exa --tree'
+{% if multiplexer == 'tmux' %}
 abbr tmux 'TERM=screen-256color command tmux'
+{% endif %}
 
 # neovim
 abbr v nvim
-abbr vi 'fzf --prompt "Edit files: " | xargs nvim'
+abbr vi 'fzf --prompt "Edit files: " | xargs -r nvim'
 
 # emacs
 alias doom='$HOME/.config/emacs/bin/doom'
diff --git a/roles/shells/templates/config.j2 b/roles/shells/templates/config.j2
index f7d4d28..6fbc1a1 100644
--- a/roles/shells/templates/config.j2
+++ b/roles/shells/templates/config.j2
@@ -22,14 +22,15 @@ end
 # vi key bindings
 fish_vi_key_bindings
 
-# fzf
+# fzf key bindings
 status is-interactive; and fzf_key_bindings
 
 # gpg-agent
 set -gx GPG_TTY (tty)
 {% if not dropbear_ssh_client %}
-# also replace ssh-agent
-gpg-connect-agent /bye >/dev/null
+# gpg-agent normally starts on demand but ssh command doesn't trigger it
+# As such manually start it on login
+status is-login; and gpg-connect-agent /bye >/dev/null
 gpg-connect-agent updatestartuptty /bye >/dev/null
 if test -z "$SSH_AUTH_SOCK"
   set -gx SSH_AUTH_SOCK (gpgconf --list-dirs agent-ssh-socket)
diff --git a/roles/waybar/files/modules/media.sh b/roles/waybar/files/modules/media.sh
index 5428cac..284eb0b 100755
--- a/roles/waybar/files/modules/media.sh
+++ b/roles/waybar/files/modules/media.sh
@@ -5,7 +5,7 @@ DIRECTORY="/run/media/$USER"
 if [ -d "$DIRECTORY" ]; then
     dir_list=$(find "$DIRECTORY" -type d -maxdepth 1 | tail -n +2)
     if [ -n "$dir_list" ]; then
-        # Loop through everything, in case we unmount manually (not using
+        # Loop through everything, in case we unmounted manually (not using
         # udisks) and left stale directories behind
         final_result=0
         for dir in ${dir_list}; do
diff --git a/tasks/check_other.yml b/tasks/check_other.yml
new file mode 100644
index 0000000..b6ea4ea
--- /dev/null
+++ b/tasks/check_other.yml
@@ -0,0 +1,21 @@
+---
+- name: Check current user ID
+  fail:
+    msg: This playbook should not be run as 'root'
+  when: ansible_real_user_id == 0
+
+- name: Check 0700 permission on $HOME directory
+  file:
+    path: '{{ ansible_user_dir }}'
+    state: directory
+    owner: '{{ ansible_user_id }}'
+    group: '{{ ansible_user_id }}'
+    mode: 0700
+
+- name: Check whether ~/.config and ~/.local/share exist
+  file:
+    path: '{{ item }}'
+    state: directory
+  loop:
+    - ~/.config
+    - ~/.local/share
diff --git a/tasks/check_variables.yml b/tasks/check_variables.yml
new file mode 100644
index 0000000..f78ef3c
--- /dev/null
+++ b/tasks/check_variables.yml
@@ -0,0 +1,43 @@
+---
+- name: Check theme name
+  fail:
+    msg: Variable 'theme' needs to be 'nord' or 'onedark'
+  when:
+    - theme != 'nord'
+    - theme != 'onedark'
+
+- name: Check clipboard manager name
+  fail:
+    msg: Variable 'clipboard' needs to be 'clipman' or 'cliphist'
+  when:
+    - clipboard != 'clipman'
+    - clipboard != 'cliphist'
+
+- name: Check notification daemon name
+  fail:
+    msg: Variable 'notification' needs to be 'dunst', 'mako' or 'fnott'
+  when:
+    - notification != 'dunst'
+    - notification != 'mako'
+    - notification != 'fnott'
+
+- name: Check multiplexer name
+  fail:
+    msg: Variable 'multiplexer' needs to be 'zellij' or 'tmux'
+  when:
+    - multiplexer != 'zellij'
+    - multiplexer != 'tmux'
+
+# Wait for file-based configuration of fuzzel
+- name: Check application launcher name
+  fail:
+    msg: Variable 'launcher' needs to be 'fuzzel', 'wofi' or 'rofi'
+  when:
+    - launcher != 'fuzzel'
+    - launcher != 'wofi'
+    - launcher != 'rofi'
+
+- name: Check the number of terminal emulators
+  fail:
+    msg: Need at least 2 terminal emulators
+  when: ( terminal | length() ) < 2