diff --git a/tasks/add_bouncer.yml b/tasks/add_bouncer.yml
index 5638d0a..7abde9f 100644
--- a/tasks/add_bouncer.yml
+++ b/tasks/add_bouncer.yml
@@ -1,18 +1,28 @@
 ---
-- name: Install bouncer (currently only firewall)
+- name: Install Debian family crowdsec bouncer (iptables)
   ansible.builtin.apt:
     name:
       - crowdsec-firewall-bouncer-iptables
   when:
     - ansible_os_family == "Debian"
 
-- name: Install crowdsec
+- name: Install RedHat family crowdsec bouncer (iptables)
+  ansible.builtin.dnf:
+    name:
+      - crowdsec-firewall-bouncer-iptables
+    state: present
+  when:
+    - ansible_os_family == "RedHat"
+    - ansible_distribution_major_version <= '7'
+
+- name: Install RedHat family crowdsec bouncer (nftables)
   ansible.builtin.dnf:
     name:
       - crowdsec-firewall-bouncer-nftables
     state: present
   when:
     - ansible_os_family == "RedHat"
+    - ansible_distribution_major_version > '7'
 
 # - name: Register new bouncer
 #   ansible.builtin.command: cscli bouncers add {{ inventory_hostname }} -o raw
diff --git a/templates/etc/crowdsec/config.yaml.j2 b/templates/etc/crowdsec/config.yaml.j2
index 330c2e3..bde9490 100644
--- a/templates/etc/crowdsec/config.yaml.j2
+++ b/templates/etc/crowdsec/config.yaml.j2
@@ -57,7 +57,7 @@ api:
 #      key_file: /etc/crowdsec/ssl/key.pem
 {% endif %}
 prometheus:
-  enabled: {{ crowdsec_prometheus.enabled }}
+  enabled: {{ crowdsec_prometheus.enabled | lower }}
   level: full
   listen_addr: 127.0.0.1
   listen_port: 6060