diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
index dbc8a3f..b3f307b 100644
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@@ -6,5 +6,18 @@ host_key_checking = False
 retry_files_enabled = False
 timeout = 30
 
+# fact gathering & caching
+gathering = smart
+fact_caching = jsonfile
+fact_caching_connection = /tmp/ansible_facts
+fact_caching_timeout = 86400
+
+# logging & output
+log_path = ./ansible.log
+stdout_callback = yaml
+
+# pyhton interpreter path
+interpreter_python = "{{ansible_python_interpreter}}" 
+
 [ssh_connection]
 ssh_args = -o ForwardAgent=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 11b8e0c..e746599 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -1,9 +1,15 @@
 ansible_python_interpreter: /usr/bin/python3
+
+# role
 devops_user: devops
 devops_public_key: "{{ lookup('file', lookup('env', 'HOME') + '/.ssh/linode.pub') }}"
+
+# app image
 app_image: "ghcr.io/tysker/cloud_devops_app:77ecd38"
 app_container_name: "cloud-devops-app"
 app_container_port: 5000
 app_public_port: 80
+
+# github account
 ghcr_username: "tysker"
 ghcr_token: "{{ lookup('env', 'GHCR_TOKEN') }}"
diff --git a/app/Dockerfile b/app/Dockerfile
index c804eeb..1c65245 100644
--- a/app/Dockerfile
+++ b/app/Dockerfile
@@ -22,6 +22,7 @@ COPY --from=builder /usr/local /usr/local
 
 # Copy application
 COPY src ./src
+COPY gunicorn.conf.py ./gunicorn.conf.py
 
 RUN chown -R appuser:appuser /app
 
@@ -30,9 +31,8 @@ USER appuser
 
 EXPOSE 5000
 
-HEALTHCHECK --interval=30s --timeout=5s --start-period=5s --retries=3 \
+HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
   CMD curl -f http://localhost:5000/health || exit 1
 
 # Production command using Gunicorn
-CMD ["gunicorn", "--chdir", "src", "app:app", "--bind", "0.0.0.0:5000"]
-
+CMD ["gunicorn", "--config", "/app/gunicorn.conf.py", "--chdir", "src", "app:app"]
diff --git a/app/gunicorn.conf.py b/app/gunicorn.conf.py
new file mode 100644
index 0000000..26e3ee8
--- /dev/null
+++ b/app/gunicorn.conf.py
@@ -0,0 +1,21 @@
+import os
+
+# Where to bind
+bind = os.getenv("GUNICORN_BIND", "0.0.0.0:5000")
+
+# Concurrency
+workers = int(os.getenv("GUNICORN_WORKERS", "2"))
+threads = int(os.getenv("GUNICORN_THREADS", "2"))
+
+# Timeouts / keepalive
+timeout = int(os.getenv("GUNICORN_TIMEOUT", "60"))
+keepalive = int(os.getenv("GUNICORN_KEEPALIVE", "5"))
+
+# Logging to container stdout/stderr
+accesslog = "-"
+errorlog = "-"
+loglevel = os.getenv("GUNICORN_LOGLEVEL", "info")
+
+# If behind a reverse proxy (nginx/traefik), this is often useful:
+# forwarded_allow_ips = "*"
+# proxy_protocol = False