diff --git a/defaults/main.yml b/defaults/main.yml
index 8044b35..b0488a4 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -5,4 +5,4 @@ keycloak_postgresql_password: keycloak
 keycloak_initial_admin_name: keycloak
 keycloak_initial_admin_password: keycloak
 keycloak_http_host: 127.0.0.1
-keycloak_version: 26.1.0
\ No newline at end of file
+keycloak_version: 26.2.4
diff --git a/tasks/main.yml b/tasks/main.yml
index 200504c..f38dca0 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -74,6 +74,15 @@
 #    mode: "0770"
     recurse: yes
 
+- name: link /opt/keycloak-version to /opt/keycloak/current
+  file:
+    state: link
+    owner: keycloak
+    group: keycloak
+    mode: '0770'
+    src: /opt/keycloak/keycloak-{{ keycloak_version }}
+    dest: /opt/keycloak/current
+
 - name: link /opt/keycloak/data to /opt/keycloak/keycloak-version/data
   file:
     state: link
diff --git a/templates/keycloak.service.j2 b/templates/keycloak.service.j2
index b506e64..d572684 100644
--- a/templates/keycloak.service.j2
+++ b/templates/keycloak.service.j2
@@ -6,28 +6,27 @@ Wants=network-online.target systemd-networkd-wait-online.service
 [Service]
 User=keycloak
 Group=keycloak
-ExecStart=/opt/keycloak/keycloak-{{ keycloak_version }}/bin/kc.sh start
-WorkingDirectory=/opt/keycloak/keycloak-{{ keycloak_version }}
+ExecStart=/opt/keycloak/current/bin/kc.sh start
+WorkingDirectory=/opt/keycloak/current
 ReadWritePaths=/opt/keycloak/keycloak-{{ keycloak_version }}/conf
 ReadWritePaths=/opt/keycloak/keycloak-{{ keycloak_version }}/data
 ReadWritePaths=/opt/keycloak/keycloak-{{ keycloak_version }}/lib/quarkus
 SuccessExitStatus=0 143
-
 TimeoutStartSec=600
 TimeoutStopSec=600
 Environment="KC_HTTP_HOST={{ keycloak_http_host }}"
-Environment="KC_HOSTNAME=https://{{ inventory_hostname }}"
+Environment="KC_HTTP_ENABLED=true"
+Environment="KC_HOSTNAME={{ inventory_hostname }}"
 Environment="KC_DB=postgres"
 Environment="KC_DB_USERNAME={{ keycloak_postgresql_username }}"
 Environment="KC_DB_PASSWORD={{ keycloak_postgresql_password }}"
 Environment="KC_DB_URL_DATABASE={{ keycloak_postgresql_database }}"
 Environment="KC_DB_URL_HOST=localhost"
-#Environment="KC_HTTP_RELATIVE_PATH=auth"
-Environment="KC_HTTP_ENABLED=true"
-Environment="KC_PROXY_HEADERS=forwarded"
 Environment="KEYCLOAK_ADMIN={{ keycloak_initial_admin_name }}"
 Environment="KEYCLOAK_ADMIN_PASSWORD={{ keycloak_initial_admin_password }}"
-Environment="KC_PROXY_TRUSTED_ADDRESSES=127.0.0.0/8"
+Environment="KC_PROXY=edge"
+Environment="KC_PROXY_HEADERS=xforwarded"
+Environment="KC_PROXY_TRUSTED_ADDRESSES=127.0.0.1"
 
 # Hardening options
 CapabilityBoundingSet=