diff --git a/README.md b/README.md
index a5e51c6..78c823b 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,18 @@
-ansible_linux_setup
+# ansible_linux_setup
+
+## Linux server setup
+
+### `provision.yml`
+
+- Set `hosts` to `all`
+- Set `target_system` to `linux`
+
+## Mac setup
+
+### `provision.yml`
+
+- Set `hosts` to `127.0.0.1`
+- Set `connection` to `local`
+- Set `default_user` to Mac user
+- Set `default_user_group` to Mac user's group
+- Set `ansible_become_pass` to users password for sudo
diff --git a/ansible-requirements.txt b/ansible-requirements.txt
new file mode 100644
index 0000000..06c91c3
--- /dev/null
+++ b/ansible-requirements.txt
@@ -0,0 +1,2 @@
+pipx inject ansible passlib
+pipx inject ansible docker
diff --git a/group_vars/all/python.yml b/group_vars/all/python.yml
index d2b0509..75adb0c 100644
--- a/group_vars/all/python.yml
+++ b/group_vars/all/python.yml
@@ -2,3 +2,4 @@ install_pyenv_python: true
 pyenv_python_version: 3.9.1
 pipx_packages:
   - awscli
+  - ansible
diff --git a/requirements.yml b/requirements.yml
index 7911227..1e7faf1 100644
--- a/requirements.yml
+++ b/requirements.yml
@@ -1,14 +1,20 @@
 ---
+# roles
 # linux
-- src: jnv.debian-backports
-- src: jnv.unattended-upgrades
-- src: nickjj.docker
-- src: nickjj.fail2ban
+roles:
+  - src: jnv.debian-backports
+  - src: jnv.unattended-upgrades
+  - src: nickjj.docker
+  - src: nickjj.fail2ban
 
-# mac
-- src: elliotweiser.osx-command-line-tools
-- src: geerlingguy.homebrew
+  # mac
+  - src: elliotweiser.osx-command-line-tools
+  - src: geerlingguy.homebrew
 
-# misc
-- src: fubarhouse.golang
-...
+  # misc
+  - src: fubarhouse.golang
+
+# collections
+# linux
+collections:
+  - community.docker
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 2bf7f88..0fa41b9 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -6,7 +6,7 @@
       include_role:
         name: nickjj.docker
 
-    - name: Ensure group "docker" exists
+    - name: Ensure group "docker" existcs
       group:
         name: docker
         state: present
@@ -32,3 +32,19 @@
         owner: root
         group: root
         mode: u=rw,g=r,o=r
+
+- name: Run a demo Nginx container
+  tags: [docker]
+  block:
+    - name: Install Docker Python SDK
+      pip:
+        name: docker
+
+    - name: Run nginxdemos/nginx-hello
+      community.docker.docker_container:
+        name: nginx-hello
+        image: nginxdemos/nginx-hello
+        state: started
+        restart: yes
+        ports:
+          - 8080:8080
diff --git a/roles/python/tasks/main.yml b/roles/python/tasks/main.yml
index c0c78d4..8a9198d 100644
--- a/roles/python/tasks/main.yml
+++ b/roles/python/tasks/main.yml
@@ -22,7 +22,7 @@
         creates: "{{ default_user_home }}/.local/bin/pipx"
 
     - name: Install pipx packages
-      shell: "{{ default_user_home }}/.local/bin/pipx install {{ item }} --force"
+      shell: "{{ default_user_home }}/.local/bin/pipx install {{ item }} --force --include-deps"
       loop: "{{ pipx_packages }}"
 
     - name: Install Poetry
diff --git a/roles/shell/tasks/main.yml b/roles/shell/tasks/main.yml
index bd5e7e4..a97fbe2 100644
--- a/roles/shell/tasks/main.yml
+++ b/roles/shell/tasks/main.yml
@@ -36,7 +36,6 @@
             suffix: .tmp
           register: temp_install_dir
           changed_when: false
-          tags: always
 
         - name: Download oh-my-zsh
           get_url: