diff --git a/defaults/main.yml b/defaults/main.yml
index e9c2283..9cc9f38 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -38,7 +38,7 @@ matrix_lvm_enabled: False
 matrix_base_dir: "/opt/matrix"
 matrix_conf_dir: "{{ matrix_base_dir }}/config"
 matrix_data_dir: "{{ matrix_base_dir }}/data"
-matrix_log_dir: "{{ matrix_base_dir }}/logs"
+matrix_log_dir: "{{ matrix_base_dir }}/log"
 
 matrix_log_file_level: INFO
 matrix_log_console_level: ERROR
@@ -47,6 +47,16 @@ matrix_log_synapse_sql_level: INFO
 matrix_log_ldap_level: INFO
 matrix_log_ldap_auth_level: INFO
 
+matrix_logrotate_enabled: False
+matrix_logrotate_config:
+  - log: "{{ matrix_log_dir }}/homeserver.log"
+    options:
+      - weekly
+      - rotate 4
+      - maxsize 250K
+      - compress
+      - shred
+
 matrix_server_url: example.com
 matrix_client_url: https://matrix.example.com
 
diff --git a/tasks/install.yml b/tasks/install.yml
index fee19d0..496a768 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -65,6 +65,13 @@
         dest: "/etc/systemd/system/matrix.service"
       notify: __matrix_restart
 
+    - name: Copy logrotate config
+      template:
+        src: "etc/logrotate.d/config.j2"
+        dest: "/etc/logrotate.d/matrix"
+      loop: "{{ matrix_logrotate_config }}"
+      when: matrix_logrotate_enabled
+
     - name: Open ports in iptables
       iptables_raw:
         name: "{{ item.name }}"
@@ -72,7 +79,7 @@
         state: "{{ item.state }}"
         weight: "{{ item.weight | default(omit) }}"
         table: "{{ item.table | default(omit) }}"
-      with_items: "{{ matrix_open_ports }}"
+      loop: "{{ matrix_open_ports }}"
       loop_control:
         label: "{{ item.name }}"
       when: matrix_iptables_enabled
diff --git a/tasks/nginx.yml b/tasks/nginx.yml
index b889b70..33fa5f6 100644
--- a/tasks/nginx.yml
+++ b/tasks/nginx.yml
@@ -5,7 +5,7 @@
         src: "{{ item.src }}"
         dest: "{{ item.dest }}"
         mode: "{{ item.mode }}"
-      with_items:
+      loop:
         - { src: "{{ matrix_tls_key_source }}", dest: '/etc/pki/tls/private/{{ matrix_nginx_tls_key_file }}', mode: '0600' }
         - { src: "{{ matrix_tls_cert_source }}", dest: '/etc/pki/tls/certs/{{ matrix_nginx_tls_cert_file }}', mode: '0750' }
       loop_control:
diff --git a/tasks/tls.yml b/tasks/tls.yml
index 3ec00c9..941b88d 100644
--- a/tasks/tls.yml
+++ b/tasks/tls.yml
@@ -7,7 +7,7 @@
         owner: "{{ matrix_user }}"
         group: "{{ matrix_group }}"
         recurse: True
-      with_items:
+      loop:
         - "{{ matrix_tls_dhparam_path | dirname }}"
         - "{{ matrix_tls_cert_path | dirname }}"
         - "{{ matrix_tls_key_path | dirname }}"
@@ -20,7 +20,7 @@
         src: "{{ item.src }}"
         dest: "{{ item.dest }}"
         mode: "{{ item.mode }}"
-      with_items:
+      loop:
         - { src: "{{ matrix_tls_key_source }}", dest: '{{ matrix_tls_key_path }}', mode: '0600' }
         - { src: "{{ matrix_tls_cert_source }}", dest: '{{ matrix_tls_cert_path }}', mode: '0650' }
       loop_control:
diff --git a/templates/etc/logrotate.d/config.j2 b/templates/etc/logrotate.d/config.j2
new file mode 100644
index 0000000..5e0ede0
--- /dev/null
+++ b/templates/etc/logrotate.d/config.j2
@@ -0,0 +1,10 @@
+#jinja2: lstrip_blocks: True
+# {{ ansible_managed }}
+{{ item.log }} {
+  {% for option in item.options %}
+  {{ option }}
+  {% endfor %}
+  postrotate
+    /usr/bin/pkill -HUP rsyslogd
+  endscript
+}
diff --git a/templates/etc/systemd/system/matrix.service.j2 b/templates/etc/systemd/system/matrix.service.j2
index 53612f7..20952d6 100644
--- a/templates/etc/systemd/system/matrix.service.j2
+++ b/templates/etc/systemd/system/matrix.service.j2
@@ -1,5 +1,5 @@
 #jinja2: lstrip_blocks: True
-## {{ ansible_managed }}
+# {{ ansible_managed }}
 [Unit]
 Description=Synapse Matrix homeserver