diff --git a/tasks/main.yml b/tasks/main.yml
index 3ba2494..5ad3822 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -6,4 +6,5 @@
   include_tasks: install.yml
 
 - name: php | create fpm pools
-  include_tasks: fpm_pools.yml
\ No newline at end of file
+  include_tasks: fpm_pools.yml
+  when: php_pools is defined and php_pools | length > 0
\ No newline at end of file
diff --git a/tasks/requirements.yml b/tasks/requirements.yml
index ef6d0ac..3f47675 100644
--- a/tasks/requirements.yml
+++ b/tasks/requirements.yml
@@ -11,16 +11,33 @@
       - lsb-release
       - ca-certificates
       - curl
+      - gnupg
     state: present
 
-- name: php | add sury key
-  ansible.builtin.apt_key:
+- name: php | ensure apt keyring directory exists
+  ansible.builtin.file:
+    path: /usr/share/keyrings
+    state: directory
+    mode: '0755'
+
+- name: php | download Sury PHP GPG key (ASCII)
+  ansible.builtin.get_url:
     url: https://packages.sury.org/php/apt.gpg
-    keyring: /etc/apt/trusted.gpg.d/php.gpg
-    state: present
+    dest: /usr/share/keyrings/sury-php-archive-keyring.asc
+    mode: '0644'
 
-- name: php | add sury repository
+- name: php | dearmor Sury PHP GPG key
+  ansible.builtin.command:
+    cmd: gpg --dearmor -o /usr/share/keyrings/sury-php-archive-keyring.gpg /usr/share/keyrings/sury-php-archive-keyring.asc
+  args:
+    creates: /usr/share/keyrings/sury-php-archive-keyring.gpg
+
+- name: php | add Sury PHP APT repository (signed-by)
   ansible.builtin.apt_repository:
-    repo: deb https://packages.sury.org/php/ {{ ansible_distribution_release }} main
+    repo: "deb [signed-by=/usr/share/keyrings/sury-php-archive-keyring.gpg] https://packages.sury.org/php/ {{ ansible_distribution_release }} main"
     state: present
     filename: php-sury
+
+- name: php | apt update cache after adding repo
+  ansible.builtin.apt:
+    update_cache: yes
diff --git a/templates/pool.conf.j2 b/templates/pool.conf.j2
index 0c23dd3..c103e6c 100644
--- a/templates/pool.conf.j2
+++ b/templates/pool.conf.j2
@@ -41,4 +41,23 @@ php_admin_value[error_log]           = {{ item.0.error_log_path | default('/var/
 php_admin_value[error_reporting]     = {{ item.0.admin_value_error_reporting | default('E_ALL & ~E_NOTICE') }}
 php_admin_value[memory_limit]        = {{ item.0.admin_value_memory_limit | default('64M') }}
 php_admin_value[upload_max_filesize] = {{ item.0.admin_value_upload_max_filesize | default('16M') }}
-php_admin_value[post_max_size]       = {{ item.0.admin_value_post_max_size | default('16M') }}
\ No newline at end of file
+php_admin_value[post_max_size]       = {{ item.0.admin_value_post_max_size | default('16M') }}
+php_admin_value[max_execution_time]  = {{ item.0.admin_value_max_execution_time | default('30') }}
+php_admin_value[max_input_time]      = {{ item.0.admin_value_max_input_time | default('60') }}
+php_admin_value[date.timezone]       = {{ item.0.admin_value_date_timezone | default('Europe/Paris') }}
+
+;; OPCACHE SETTINGS
+php_admin_value[opcache.enable]                 = {{ item.0.admin_value_opcache_enable | default('0') }}
+php_admin_value[opcache.enable_cli]             = {{ item.0.admin_value_opcache_enable_cli | default('0') }}
+php_admin_value[opcache.enable_file_override]   = {{ item.0.admin_value_opcache_enable_file_override | default('1') }}
+php_admin_value[opcache.validate_timestamps]    = {{ item.0.admin_value_opcache_validate_timestamps | default('1') }}
+php_admin_value[opcache.interned_strings_buffer]= {{ item.0.admin_value_opcache_interned_strings_buffer | default('8') }}
+php_admin_value[opcache.max_accelerated_files]  = {{ item.0.admin_value_opcache_max_accelerated_files | default('10000') }}
+php_admin_value[opcache.memory_consumption]     = {{ item.0.admin_value_opcache_memory_consumption | default('128') }}
+php_admin_value[opcache.save_comments]          = {{ item.0.admin_value_opcache_save_comments | default('1') }}
+php_admin_value[opcache.revalidate_freq]        = {{ item.0.admin_value_opcache_revalidate_freq | default('1') }}
+php_admin_value[opcache.error_log]              = {{ item.0.admin_value_opcache_error_log | default('syslog') }}
+php_admin_value[opcache.fast_shutdown]          = {{ item.0.admin_value_opcache_fast_shutdown | default('1') }}
+php_admin_value[opcache.max_wasted_percentage]  = {{ item.0.admin_value_opcache_max_wasted_percentage | default('5') }}
+php_admin_value[opcache.save_comments]          = {{ item.0.admin_value_opcache_save_comments | default('1') }}
+php_admin_value[opcache.use_cwd]                = {{ item.0.admin_value_opcache_use_cwd | default('1') }}
\ No newline at end of file