diff --git a/host_vars/aur.archlinux.org/misc b/host_vars/aur.archlinux.org/misc
index 16b76890..4cbacf64 100644
--- a/host_vars/aur.archlinux.org/misc
+++ b/host_vars/aur.archlinux.org/misc
@@ -1,4 +1,5 @@
 filesystem: btrfs
 memcached_socket: "/run/memcached/aurweb.sock"
+sshd_enable_includes: true
 wireguard_address: 10.0.0.2
 wireguard_public_key: TPLeGQ7qU6ZNtcgDbEV0SSYScvK+XS5igcPdGSXo6UA=
diff --git a/playbooks/all-hosts-basic.yml b/playbooks/all-hosts-basic.yml
index 62d6c3a5..f40cfdac 100644
--- a/playbooks/all-hosts-basic.yml
+++ b/playbooks/all-hosts-basic.yml
@@ -5,8 +5,7 @@
     - { role: common }
     - { role: firewalld }
     - { role: wireguard }
-    # reconfiguring sshd may break the AUR on luna (unchecked)
-    # - { role: sshd, tags: ['sshd'] }
+    - { role: sshd }
     - { role: root_ssh }
     - { role: borg_client, tags: ["borg"], when: "'borg_clients' in group_names" }
     - { role: hardening }
diff --git a/playbooks/aur.archlinux.org.yml b/playbooks/aur.archlinux.org.yml
index bf869676..b5c60ea1 100644
--- a/playbooks/aur.archlinux.org.yml
+++ b/playbooks/aur.archlinux.org.yml
@@ -3,7 +3,7 @@
   remote_user: root
   roles:
     - { role: common }
-    - { role: sshd, sshd_enable_includes: true }
+    - { role: sshd }
     - { role: root_ssh }
     - { role: prometheus_exporters }
     - { role: promtail }