diff --git a/roles/forgejo/tasks/unix.yml b/roles/forgejo/tasks/unix.yml
index 8afc4a4..295f173 100644
--- a/roles/forgejo/tasks/unix.yml
+++ b/roles/forgejo/tasks/unix.yml
@@ -46,8 +46,8 @@
 
 - name: Set sudoer permissions to git user
   become: true
-  ansible.builtin.copy:
-    content: 'git ALL=(root) NOPASSWD:/usr/bin/systemctl'
+  ansible.builtin.template:
+    src: sudoers.d/git.j2
     dest: /etc/sudoers.d/git
     owner: root
     group: root
diff --git a/roles/forgejo/templates/sudoers.d/git.j2 b/roles/forgejo/templates/sudoers.d/git.j2
new file mode 100644
index 0000000..b3f0efe
--- /dev/null
+++ b/roles/forgejo/templates/sudoers.d/git.j2
@@ -0,0 +1,2 @@
+git ALL=(root) NOPASSWD:/usr/bin/systemctl stop forgejo.service
+git ALL=(root) NOPASSWD:/usr/bin/systemctl restart forgejo.service