diff --git a/sentry/tasks/main.yml b/sentry/tasks/main.yml
index 3706b4bbe3171c61af51b2b2c3328015b7b788de..89b2b0d518b7b78c504d8552ae0c8ec1a8304c5d 100644
--- a/sentry/tasks/main.yml
+++ b/sentry/tasks/main.yml
@@ -15,6 +15,8 @@
       - libldap2-dev
       - libssl-dev
       - python-ldap
+      - libxmlsec1-dev
+      - pkg-config
     state: present
   tags:
     - sentry
@@ -106,7 +108,7 @@
 
 - name: ensure the user may login
   lineinfile:
-    dest: /etc/postgresql/9.6/main/pg_hba.conf
+    dest: /etc/postgresql/11/main/pg_hba.conf
     # yamllint disable-line rule:line-length
     insertafter: "host    all             all             127.0.0.1/32            md5"
     # yamllint disable-line rule:line-length
@@ -124,14 +126,13 @@
 
 - name: ensure we have a virtualenv and all the packages  # noqa 403
   pip:
-    name: "{{item}}"
+    name:
+      - sentry
+      - sentry-ldap-auth
+      - sentry-plugins
     virtualenv: "{{sentry_root_dir}}"
     virtualenv_python: python2
     state: latest
-  with_items:
-    - sentry
-    - sentry-ldap-auth
-    - sentry-plugins
   notify:
     - upgrade sentry database
     - restart sentry
@@ -149,10 +150,34 @@
     - webservices
     - monitoring
 
+- name: ensure sentry has a config dir
+  file:
+    path: "{{sentry_root_dir}}/.sentry"
+    state: directory
+    owner: sentry
+    group: sentry
+    mode: '0640'
+  tags:
+    - sentry
+    - webservices
+    - monitoring
+
+- name: ensure one can see that conf dir
+  file:
+    src: "{{sentry_root_dir}}/.sentry"
+    dest: "{{sentry_root_dir}}/conf"
+    state: link
+    owner: sentry
+    group: sentry
+  tags:
+    - sentry
+    - webservices
+    - monitoring
+
 - name: ensure sentry is configured
   template:
     src: "{{item}}.j2"
-    dest: "{{sentry_root_dir}}"
+    dest: "{{sentry_root_dir}}/.sentry/{{item}}"
     owner: root
     group: "{{sentry_group}}"
     mode: '0640'