diff --git a/README.md b/README.md
index f551df5c..154b61db 100644
--- a/README.md
+++ b/README.md
@@ -60,7 +60,7 @@ Run the `setup` playbook:
 ```bash
 cd ~/.local/share/linux-setup-playbook
 
-./run.sh main.yml
+./run.sh playbooks/default.yml
 ```
 
 The [run.sh](run.sh) script is a tiny wrapper for the `ansible-playbook` command. By default it uses
@@ -75,10 +75,10 @@ mode and so on.
 Example:
 
 ```bash
-./run.sh main.yml --list-tasks
-./run.sh main.yml -t backup -t spotify
-./run.sh main.yml -t packages -t restic
-./run.sh main.yml -t spotify --diff -C
+./run.sh playbooks/default.yml --list-tasks
+./run.sh playbooks/default.yml -t packages
+./run.sh playbooks/default.yml -t packages --diff --check
+./run.sh playbooks/default.yml -t git -t chrome
 ```
 
 ## Thanks
diff --git a/config.flaudisio.yml b/config.flaudisio.yml
index bc214a43..0e0a78bb 100644
--- a/config.flaudisio.yml
+++ b/config.flaudisio.yml
@@ -99,7 +99,6 @@ packages_apt_install:
   - printer-driver-cups-pdf
   - rename
   - sqlite3
-  - transmission-qt
   - unar
   - unrar
   - unzip
diff --git a/playbooks/common.yml b/playbooks/common.yml
index 86eef9dc..87259ec7 100644
--- a/playbooks/common.yml
+++ b/playbooks/common.yml
@@ -55,8 +55,6 @@
     # IDEs & development tools
     - role: vscode
       tags: vscode
-    - role: q
-      tags: q
 
     # Misc. applications
     - role: discord
diff --git a/main.yml b/playbooks/default.yml
similarity index 91%
rename from main.yml
rename to playbooks/default.yml
index 36292c46..473e2df5 100644
--- a/main.yml
+++ b/playbooks/default.yml
@@ -11,13 +11,11 @@
       tags: packages
     - role: git
       tags: git
+    - role: mise
+      tags: mise
     - role: chrome
       tags: chrome
     - role: geerlingguy.docker
       tags: docker
-    - role: mise
-      tags: mise
-    - role: bat
-      tags: bat
     - role: vscode
       tags: vscode
diff --git a/roles/local/chrome/defaults/main.yml b/roles/local/chrome/defaults/main.yml
index c9e33903..f8bdf9a5 100644
--- a/roles/local/chrome/defaults/main.yml
+++ b/roles/local/chrome/defaults/main.yml
@@ -1,2 +1,4 @@
 ---
 chrome_package_url: https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
+
+chrome_set_as_default_browser: false
diff --git a/roles/local/chrome/tasks/main.yml b/roles/local/chrome/tasks/main.yml
index 3cbf8b14..0d5c6db6 100644
--- a/roles/local/chrome/tasks/main.yml
+++ b/roles/local/chrome/tasks/main.yml
@@ -9,3 +9,15 @@
     deb: "{{ chrome_package_url }}"
     state: present
   when: "'google-chrome-stable' not in ansible_facts.packages"
+
+- name: Set Chrome as default browser in Alternatives
+  community.general.alternatives:
+    name: "{{ item }}"
+    link: /usr/bin/{{ item }}
+    path: /usr/bin/google-chrome-stable
+    priority: 100
+    state: selected
+  loop:
+    - gnome-www-browser
+    - x-www-browser
+  when: chrome_set_as_default_browser | bool
diff --git a/roles/local/git/defaults/main.yml b/roles/local/git/defaults/main.yml
index fc11eab6..25cc69d0 100644
--- a/roles/local/git/defaults/main.yml
+++ b/roles/local/git/defaults/main.yml
@@ -6,13 +6,12 @@ git_extra_packages:
   - qgit
   - tig
 
-git_open_version: 3.1.0
+git_open_version: 41ebfceb
 
-git_open_dl_url: https://raw.githubusercontent.com/paulirish/git-open/v{{ git_open_version }}/git-open
+git_open_dl_url: https://raw.githubusercontent.com/paulirish/git-open/{{ git_open_version }}/git-open
 
 git_open_bin_path: /usr/local/bin/git-open
 
-# Example:
 # git_config: |
 #   [user]
 #     name = Example User
diff --git a/roles/local/mise/defaults/main.yml b/roles/local/mise/defaults/main.yml
index dedf9315..6f71a84c 100644
--- a/roles/local/mise/defaults/main.yml
+++ b/roles/local/mise/defaults/main.yml
@@ -1,7 +1,7 @@
 ---
 # Ref: https://mise.jdx.dev/installing-mise.html#github-releases
 
-mise_version: 2025.12.0
+mise_version: 2026.5.7
 
 mise_bin_dl_arch: "{{ 'arm64' if ansible_facts.architecture == 'aarch64' else 'x64' }}"
 
diff --git a/roles/local/packages/defaults/main.yml b/roles/local/packages/defaults/main.yml
index 9750bb51..9ad668a2 100644
--- a/roles/local/packages/defaults/main.yml
+++ b/roles/local/packages/defaults/main.yml
@@ -6,6 +6,13 @@ packages_apt_remove: []
 packages_apt_purge: true
 packages_apt_autoremove: false
 
+# packages_apt_pin_versions:
+#   - package: alloy
+#     version: 1.16.1
+#   - package: nginx
+#     version: 1.24.0-*
+packages_apt_pin_versions: []
+
 # Snap
 
 packages_snap_remove_snapd: false
diff --git a/roles/local/packages/tasks/apt.yml b/roles/local/packages/tasks/apt.yml
index c3dcf514..097f5b04 100644
--- a/roles/local/packages/tasks/apt.yml
+++ b/roles/local/packages/tasks/apt.yml
@@ -24,3 +24,19 @@
     purge: "{{ packages_apt_purge }}"
   when: packages_apt_autoremove | bool
   tags: packages:apt:autoremove
+
+- name: Configure version pinnings
+  ansible.builtin.template:
+    src: apt/version-pinning.j2
+    dest: /etc/apt/preferences.d/ansible-version-pinning
+    owner: root
+    group: root
+    mode: "0644"
+    lstrip_blocks: true
+  when: packages_apt_pin_versions | length > 0
+
+- name: Ensure version pinning configuration is absent
+  ansible.builtin.file:
+    path: /etc/apt/preferences.d/ansible-version-pinning
+    state: absent
+  when: packages_apt_pin_versions | length == 0
diff --git a/roles/local/packages/templates/apt/version-pinning.j2 b/roles/local/packages/templates/apt/version-pinning.j2
new file mode 100644
index 00000000..b416773f
--- /dev/null
+++ b/roles/local/packages/templates/apt/version-pinning.j2
@@ -0,0 +1,7 @@
+{% for item in packages_apt_pin_versions %}
+Package: {{ item.package }}
+Pin: version {{ item.version }}
+Pin-Priority: 700
+{# Empty line for better readability #}
+
+{% endfor %}
diff --git a/roles/local/q/defaults/main.yml b/roles/local/q/defaults/main.yml
deleted file mode 100644
index 9e8ea1d5..00000000
--- a/roles/local/q/defaults/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-q_version: 3.1.6
-
-q_package_url: >-
-  https://github.com/harelba/q/releases/download/v{{ q_version }}/q-text-as-data-{{ q_version }}-1.{{ ansible_facts.architecture }}.deb
diff --git a/roles/local/q/tasks/main.yml b/roles/local/q/tasks/main.yml
deleted file mode 100644
index 31d1644f..00000000
--- a/roles/local/q/tasks/main.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- name: Gather package facts
-  ansible.builtin.package_facts:
-    manager: auto
-  when: ansible_facts.packages is not defined
-
-- name: Install package
-  ansible.builtin.apt:
-    deb: "{{ q_package_url }}"
-    state: present
-  when: q_version not in ansible_facts.packages["q-text-as-data"] | default([]) | map(attribute="version")
diff --git a/roles/local/rclone/defaults/main.yml b/roles/local/rclone/defaults/main.yml
index 492f3dba..839dd2bd 100644
--- a/roles/local/rclone/defaults/main.yml
+++ b/roles/local/rclone/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-rclone_version: 1.73.1
+rclone_version: 1.74.1
 
 rclone_package_arch: "{{ 'arm64' if ansible_facts.architecture == 'aarch64' else 'amd64' }}"
 
diff --git a/roles/local/restic/tasks/main.yml b/roles/local/restic/tasks/main.yml
index 5c3fb99b..5b7086f2 100644
--- a/roles/local/restic/tasks/main.yml
+++ b/roles/local/restic/tasks/main.yml
@@ -44,7 +44,7 @@
     group: "{{ restic_bin_group }}"
     mode: "{{ restic_bin_mode }}"
 
-- name: Configure non-root user capabilities on binary file
+- name: Set binary file capabilities
   community.general.capabilities:
     path: "{{ restic_bin_path }}"
     capability: cap_dac_read_search=+ep
diff --git a/roles/local/resticprofile/defaults/main.yml b/roles/local/resticprofile/defaults/main.yml
index fda9058e..29a238fc 100644
--- a/roles/local/resticprofile/defaults/main.yml
+++ b/roles/local/resticprofile/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-resticprofile_version: 0.32.0
+resticprofile_version: 0.33.1
 
 resticprofile_dl_arch: "{{ 'arm64' if ansible_facts.architecture == 'aarch64' else 'amd64' }}"
 
diff --git a/roles/local/resticprofile/tasks/main.yml b/roles/local/resticprofile/tasks/main.yml
index 3f74152b..860a7435 100644
--- a/roles/local/resticprofile/tasks/main.yml
+++ b/roles/local/resticprofile/tasks/main.yml
@@ -12,7 +12,7 @@
     src: "{{ resticprofile_dl_url }}"
     dest: "{{ resticprofile_bin_path | dirname }}"
     include:
-      - resticprofile  # Extract only the binary
+      - resticprofile
     owner: root
     group: root
     mode: "0755"
diff --git a/templates/resticprofile/excludes.txt.j2 b/templates/resticprofile/excludes.txt.j2
index e46527fa..c73e080d 100644
--- a/templates/resticprofile/excludes.txt.j2
+++ b/templates/resticprofile/excludes.txt.j2
@@ -116,6 +116,7 @@ restic-ignored/
 /home/*/.local/share/GitKrakenCLI
 /home/*/.local/share/helm
 /home/*/.local/share/mise
+/home/*/.local/share/org.gnome.SoundRecorder
 /home/*/.local/share/Trash
 /home/*/.local/share/uv
 /home/*/.local/share/virtualenv
diff --git a/templates/resticprofile/includes.txt.j2 b/templates/resticprofile/includes.txt.j2
index c7cddf56..2c45203d 100644
--- a/templates/resticprofile/includes.txt.j2
+++ b/templates/resticprofile/includes.txt.j2
@@ -4,3 +4,7 @@
 /home
 /root
 /usr/local/bin
+
+{% for dir in __rp_extra_backup_dirs | default([]) %}
+{{ dir }}
+{% endfor %}
diff --git a/templates/resticprofile/profiles.yaml.j2 b/templates/resticprofile/profiles.yaml.j2
index 15623adc..c5a43162 100644
--- a/templates/resticprofile/profiles.yaml.j2
+++ b/templates/resticprofile/profiles.yaml.j2
@@ -13,7 +13,6 @@ global:
   schedule-defaults:
     ignore-on-battery-less-than: 30
     lock-wait: 15m
-    log: {{ resticprofile_log_dir }}/{{ '{{ .Profile.Name }}' }}.log
 
 .base:
   lock: /tmp/resticprofile.{{ '{{ .Profile.Name }}' }}.lock
@@ -75,6 +74,9 @@ global:
 
 default:
   inherit: {{ __rp_default_profile }}
+  {% if __rp_prometheus_save_to_file | default("") != "" %}
+  prometheus-save-to-file: {{ __rp_prometheus_save_to_file }}
+  {% endif %}
 
 main:
   inherit: .base