diff --git a/.ansible-lint b/.ansible-lint
index 70a52f7..4b84402 100644
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -8,6 +8,8 @@ skip_list:
   - fqcn-builtins  # It would probably be good to enforce this, but it's a lot
   - risky-file-permissions  # It would probably also good to enforce this if someone wants to look at them
   - schema  # This is a stricter form of schema per https://github.com/ansible/schemas.  might also be good if someone has motivation?
+warn_list:
+  - yaml[truthy]
 use_default_rules: true
 verbosity: 1
 mock_modules:
diff --git a/playbooks/microk8s-cloud.yaml b/playbooks/microk8s-cloud.yaml
index 6b5a205..a903a3f 100644
--- a/playbooks/microk8s-cloud.yaml
+++ b/playbooks/microk8s-cloud.yaml
@@ -1,4 +1,7 @@
 - hosts: all
+  name: Microk8s setup
+  roles:
+    - use-docker-mirror
   tasks:
     - name: snapd is installed
       apt:
@@ -21,6 +24,37 @@
     - name: reset ssh connection to apply permissions from new group
       meta: reset_connection
 
+    - name: microk8s status
+      command:
+        cmd: microk8s status
+
+    - name: Create docker.io certs dir
+      when:
+        - docker_mirror is defined
+      file:
+        path: /var/snap/microk8s/current/args/certs.d/docker.io
+        state: directory
+        owner: root
+        group: microk8s
+        mode: '0770'
+
+    - name: Render microk8s registry mirror template
+      when:
+        - docker_mirror is defined
+      template:
+        src: hosts.j2
+        dest: /var/snap/microk8s/current/args/certs.d/docker.io/hosts.toml
+        group: microk8s
+      vars:
+        mirror_location: "{{ docker_mirror }}"
+        server: https://docker.io
+
+    - name: Check docker.io hosts.toml
+      when:
+        - docker_mirror is defined
+      command:
+        cmd: cat /var/snap/microk8s/current/args/certs.d/docker.io/hosts.toml
+
     - name: microk8s is started
       command:
         cmd: microk8s start