diff --git a/inventories/chaosknoten/host_vars/zammad.yaml b/inventories/chaosknoten/host_vars/zammad.yaml
index 65ea352..88ad99c 100644
--- a/inventories/chaosknoten/host_vars/zammad.yaml
+++ b/inventories/chaosknoten/host_vars/zammad.yaml
@@ -1,5 +1,4 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/zammad/docker_compose/compose.yaml') }}"
-docker_compose__env_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/zammad/docker_compose/.env.j2') }}"
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/zammad/docker_compose/compose.yaml.j2') }}"
 docker_compose__configuration_files: [ ]
 
 certbot__version_spec: ""
diff --git a/resources/chaosknoten/zammad/docker_compose/.env.j2 b/resources/chaosknoten/zammad/docker_compose/.env.j2
deleted file mode 100644
index adeeb48..0000000
--- a/resources/chaosknoten/zammad/docker_compose/.env.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-POSTGRES_PASS={{ secret__zammad_db_password }}
-POSTGRES_VERSION=15-alpine
-REDIS_VERSION=7-alpine
-NGINX_SERVER_SCHEME=https
diff --git a/resources/chaosknoten/zammad/docker_compose/compose.yaml b/resources/chaosknoten/zammad/docker_compose/compose.yaml
deleted file mode 100644
index 66192da..0000000
--- a/resources/chaosknoten/zammad/docker_compose/compose.yaml
+++ /dev/null
@@ -1,149 +0,0 @@
----
-version: "3.8"
-
-# Taken from: https://github.com/zammad/zammad-docker-compose/blob/master/docker-compose.yml
-# Version: v14.1.1
-# Update from new tag by replacing all content.
-# Configuration should be done in the .env.j2.
-
-x-shared:
-  zammad-service: &zammad-service
-    environment: &zammad-environment
-      MEMCACHE_SERVERS: ${MEMCACHE_SERVERS:-zammad-memcached:11211}
-      POSTGRESQL_DB: ${POSTGRES_DB:-zammad_production}
-      POSTGRESQL_HOST: ${POSTGRES_HOST:-zammad-postgresql}
-      POSTGRESQL_USER: ${POSTGRES_USER:-zammad}
-      POSTGRESQL_PASS: ${POSTGRES_PASS:-zammad}
-      POSTGRESQL_PORT: ${POSTGRES_PORT:-5432}
-      POSTGRESQL_OPTIONS: ${POSTGRESQL_OPTIONS:-?pool=50}
-      POSTGRESQL_DB_CREATE:
-      REDIS_URL: ${REDIS_URL:-redis://zammad-redis:6379}
-      S3_URL:
-      # Backup settings
-      BACKUP_DIR: "${BACKUP_DIR:-/var/tmp/zammad}"
-      BACKUP_TIME: "${BACKUP_TIME:-03:00}"
-      HOLD_DAYS: "${HOLD_DAYS:-10}"
-      TZ: "${TZ:-Europe/Berlin}"
-      # Allow passing in these variables via .env:
-      AUTOWIZARD_JSON:
-      AUTOWIZARD_RELATIVE_PATH:
-      ELASTICSEARCH_ENABLED:
-      ELASTICSEARCH_SCHEMA:
-      ELASTICSEARCH_HOST:
-      ELASTICSEARCH_PORT:
-      ELASTICSEARCH_USER:
-      ELASTICSEARCH_PASS:
-      ELASTICSEARCH_NAMESPACE:
-      ELASTICSEARCH_REINDEX:
-      NGINX_PORT:
-      NGINX_CLIENT_MAX_BODY_SIZE:
-      NGINX_SERVER_NAME:
-      NGINX_SERVER_SCHEME:
-      RAILS_TRUSTED_PROXIES:
-      ZAMMAD_HTTP_TYPE:
-      ZAMMAD_FQDN:
-      ZAMMAD_WEB_CONCURRENCY:
-      ZAMMAD_PROCESS_SESSIONS_JOBS_WORKERS:
-      ZAMMAD_PROCESS_SCHEDULED_JOBS_WORKERS:
-      ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS:
-      # ZAMMAD_SESSION_JOBS_CONCURRENT is deprecated, please use ZAMMAD_PROCESS_SESSIONS_JOBS_WORKERS instead.
-      ZAMMAD_SESSION_JOBS_CONCURRENT:
-      # Variables used by ngingx-proxy container for reverse proxy creations
-      # for docs refer to https://github.com/nginx-proxy/nginx-proxy
-      VIRTUAL_HOST:
-      VIRTUAL_PORT:
-      # Variables used by acme-companion for retrieval of LetsEncrypt certificate
-      # for docs refer to https://github.com/nginx-proxy/acme-companion
-      LETSENCRYPT_HOST:
-      LETSENCRYPT_EMAIL:
-
-    image: ${IMAGE_REPO:-ghcr.io/zammad/zammad}:${VERSION:-6.5.2}
-    restart: ${RESTART:-always}
-    volumes:
-      - zammad-storage:/opt/zammad/storage
-    depends_on:
-      - zammad-memcached
-      - zammad-postgresql
-      - zammad-redis
-
-services:
-  zammad-backup:
-    <<: *zammad-service
-    command: ["zammad-backup"]
-    volumes:
-      - zammad-backup:/var/tmp/zammad
-      - zammad-storage:/opt/zammad/storage:ro
-    user: 0:0
-
-  zammad-elasticsearch:
-    image: elasticsearch:${ELASTICSEARCH_VERSION:-8.19.4}
-    restart: ${RESTART:-always}
-    volumes:
-      - elasticsearch-data:/usr/share/elasticsearch/data
-    environment:
-      discovery.type: single-node
-      xpack.security.enabled: 'false'
-      ES_JAVA_OPTS: ${ELASTICSEARCH_JAVA_OPTS:--Xms1g -Xmx1g}
-
-  zammad-init:
-    <<: *zammad-service
-    command: ["zammad-init"]
-    depends_on:
-      - zammad-postgresql
-    restart: on-failure
-    user: 0:0
-
-  zammad-memcached:
-    command: memcached -m 256M
-    image: memcached:${MEMCACHE_VERSION:-1.6.39-alpine}
-    restart: ${RESTART:-always}
-
-  zammad-nginx:
-    <<: *zammad-service
-    command: ["zammad-nginx"]
-    expose:
-      - "${NGINX_PORT:-8080}"
-    ports:
-      - "${NGINX_EXPOSE_PORT:-8080}:${NGINX_PORT:-8080}"
-    depends_on:
-      - zammad-railsserver
-
-  zammad-postgresql:
-    environment:
-      POSTGRES_DB: ${POSTGRES_DB:-zammad_production}
-      POSTGRES_USER: ${POSTGRES_USER:-zammad}
-      POSTGRES_PASSWORD: ${POSTGRES_PASS:-zammad}
-    image: postgres:${POSTGRES_VERSION:-17.6-alpine}
-    restart: ${RESTART:-always}
-    volumes:
-      - postgresql-data:/var/lib/postgresql/data
-
-  zammad-railsserver:
-    <<: *zammad-service
-    command: ["zammad-railsserver"]
-
-  zammad-redis:
-    image: redis:${REDIS_VERSION:-7.4.5-alpine}
-    restart: ${RESTART:-always}
-    volumes:
-      - redis-data:/data
-
-  zammad-scheduler:
-    <<: *zammad-service
-    command: ["zammad-scheduler"]
-
-  zammad-websocket:
-    <<: *zammad-service
-    command: ["zammad-websocket"]
-
-volumes:
-  elasticsearch-data:
-    driver: local
-  postgresql-data:
-    driver: local
-  redis-data:
-    driver: local
-  zammad-backup:
-    driver: local
-  zammad-storage:
-    driver: local
diff --git a/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2 b/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2
new file mode 100644
index 0000000..ab1ed85
--- /dev/null
+++ b/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2
@@ -0,0 +1,162 @@
+---
+{#
+https://github.com/zammad/zammad-docker-compose
+Docker Compose does not allow defining variables in the compose file (only in .env files), so we use Jinja variables instead
+see https://github.com/zammad/zammad-docker-compose/blob/master/.env
+#}
+{%- set ELASTICSEARCH_VERSION = "8.19.4" | quote -%}
+{%- set IMAGE_REPO = "ghcr.io/zammad/zammad" | quote -%}
+{%- set MEMCACHE_SERVERS = "zammad-memcached:11211" | quote -%}
+{%- set MEMCACHE_VERSION = "1.6-alpine" | quote -%}
+{%- set POSTGRES_DB = "zammad_production" | quote -%}
+{%- set POSTGRES_HOST = "zammad-postgresql" | quote -%}
+{%- set POSTGRES_USER = "zammad" | quote -%}
+{%- set POSTGRES_PASS = secret__zammad_db_password | quote -%}
+{%- set POSTGRES_PORT = "5432" | quote -%}
+{%- set POSTGRES_VERSION = "15-alpine" | quote -%}
+{%- set REDIS_URL = "redis://zammad-redis:6379" | quote -%}
+{%- set REDIS_VERSION = "7-alpine" | quote -%}
+{%- set RESTART = "always" | quote -%}
+{%- set VERSION = "6" | quote -%}
+x-shared:
+  zammad-service: &zammad-service
+    environment: &zammad-environment
+      MEMCACHE_SERVERS: {{ MEMCACHE_SERVERS }}
+      POSTGRESQL_DB: {{ POSTGRES_DB }}
+      POSTGRESQL_HOST: {{ POSTGRES_HOST }}
+      POSTGRESQL_USER: {{ POSTGRES_USER }}
+      POSTGRESQL_PASS: {{ POSTGRES_PASS }}
+      POSTGRESQL_PORT: {{ POSTGRES_PORT }}
+      REDIS_URL: {{ REDIS_URL }}
+      # Allow passing in these variables via .env:
+      AUTOWIZARD_JSON:
+      AUTOWIZARD_RELATIVE_PATH:
+      ELASTICSEARCH_ENABLED:
+      ELASTICSEARCH_HOST:
+      ELASTICSEARCH_PORT:
+      ELASTICSEARCH_SCHEMA:
+      ELASTICSEARCH_NAMESPACE:
+      ELASTICSEARCH_REINDEX:
+      ELASTICSEARCH_SSL_VERIFY:
+      NGINX_PORT:
+      NGINX_SERVER_NAME:
+      NGINX_SERVER_SCHEME: https
+      POSTGRESQL_DB_CREATE:
+      POSTGRESQL_OPTIONS:
+      RAILS_TRUSTED_PROXIES:
+      ZAMMAD_WEB_CONCURRENCY:
+      ZAMMAD_SESSION_JOBS:
+      ZAMMAD_PROCESS_SCHEDULED:
+      ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS:
+    image: {{ IMAGE_REPO }}:{{ VERSION }}
+    restart: {{ RESTART }}
+    volumes:
+      - zammad-storage:/opt/zammad/storage
+      - zammad-var:/opt/zammad/var
+    depends_on:
+      - zammad-memcached
+      - zammad-postgresql
+      - zammad-redis
+
+services:
+
+  zammad-backup:
+    command: ["zammad-backup"]
+    depends_on:
+      - zammad-railsserver
+      - zammad-postgresql
+    entrypoint: /usr/local/bin/backup.sh
+    environment:
+      <<: *zammad-environment
+      BACKUP_TIME: "03:00"
+      HOLD_DAYS: "10"
+      TZ: Europe/Berlin
+    image: postgres:{{ POSTGRES_VERSION }}
+    restart: {{ RESTART }}
+    volumes:
+      - zammad-backup:/var/tmp/zammad
+      - zammad-storage:/opt/zammad/storage:ro
+      - zammad-var:/opt/zammad/var:ro
+      - ./scripts/backup.sh:/usr/local/bin/backup.sh:ro
+
+  zammad-elasticsearch:
+    image: elasticsearch:{{ ELASTICSEARCH_VERSION }}
+    restart: {{ RESTART }}
+    volumes:
+      - elasticsearch-data:/usr/share/elasticsearch/data
+    environment:
+      discovery.type: single-node
+      xpack.security.enabled: 'false'
+      ES_JAVA_OPTS: ${ELASTICSEARCH_JAVA_OPTS:--Xms1g -Xmx1g}
+
+  zammad-init:
+    <<: *zammad-service
+    command: ["zammad-init"]
+    depends_on:
+      - zammad-postgresql
+    restart: on-failure
+    user: 0:0
+    volumes:
+      - zammad-storage:/opt/zammad/storage
+      - zammad-var:/opt/zammad/var
+
+  zammad-memcached:
+    command: memcached -m 256M
+    image: memcached:{{ MEMCACHE_VERSION }}
+    restart: {{ RESTART }}
+
+  zammad-nginx:
+    <<: *zammad-service
+    command: ["zammad-nginx"]
+    expose:
+      - "8080"
+    ports:
+      - "8080:8080"
+    depends_on:
+      - zammad-railsserver
+    volumes:
+      - zammad-var:/opt/zammad/var:ro # required for the zammad-ready check file
+
+  zammad-postgresql:
+    environment:
+      POSTGRES_DB: {{ POSTGRES_DB }}
+      POSTGRES_USER: {{ POSTGRES_USER }}
+      POSTGRES_PASSWORD: {{ POSTGRES_PASS }}
+    image: postgres:{{ POSTGRES_VERSION }}
+    restart: {{ RESTART }}
+    volumes:
+      - postgresql-data:/var/lib/postgresql/data
+
+  zammad-railsserver:
+    <<: *zammad-service
+    command: ["zammad-railsserver"]
+
+  zammad-redis:
+    image: redis:{{ REDIS_VERSION }}
+    restart: {{ RESTART }}
+    volumes:
+      - redis-data:/data
+
+  zammad-scheduler:
+    <<: *zammad-service
+    command: ["zammad-scheduler"]
+    volumes:
+      - /ansible_docker_compose/zammad-scheduler-database.yml:/opt/zammad/config/database.yml # workaround for connection pool issue
+
+  zammad-websocket:
+    <<: *zammad-service
+    command: ["zammad-websocket"]
+
+volumes:
+  elasticsearch-data:
+    driver: local
+  postgresql-data:
+    driver: local
+  redis-data:
+    driver: local
+  zammad-backup:
+    driver: local
+  zammad-storage:
+    driver: local
+  zammad-var:
+    driver: local
diff --git a/roles/docker_compose/README.md b/roles/docker_compose/README.md
index d3204ec..d407a62 100644
--- a/roles/docker_compose/README.md
+++ b/roles/docker_compose/README.md
@@ -1,8 +1,8 @@
 # Role `docker_compose`
 
 A role for deploying a Docker-Compose-based application.
-It deploys the given Compose file, an optional `.env` file, as well as configuration files to the specified hosts and makes sure all services are up-to-date and running.
-The Compose file gets deployed to `/ansible_docker_compose/compose.yaml`, the `.env` file to `/ansible_docker_compose/.env` and the configuration files get deployed into the `/ansible_docker_compose/configs/` directory.
+It deploys the given Compose file as well as configuration files to the specified hosts and makes sure all services are up-to-date and running.
+The Compose file gets deployed to `/ansible_docker_compose/compose.yaml` and the configuration files get deployed into the `/ansible_docker_compose/configs/` directory.
 A use case for the deployment of the additional configuration files is Composes top-level element `configs` in conjunction with the `configs` option for services.
 
 ## Supported Distributions
diff --git a/roles/docker_compose/meta/argument_specs.yaml b/roles/docker_compose/meta/argument_specs.yaml
index c588ba0..81ce504 100644
--- a/roles/docker_compose/meta/argument_specs.yaml
+++ b/roles/docker_compose/meta/argument_specs.yaml
@@ -7,12 +7,6 @@ argument_specs:
           `/ansible_docker_compose/compose.yaml`.
         type: str
         required: true
-      docker_compose__env_file_content:
-        description: >-
-          The content of the .env file at
-          `/ansible_docker_compose/.env`.
-        type: str
-        required: false
       docker_compose__configuration_files:
         description: >-
           A list of configuration files to be deployed in the
diff --git a/roles/docker_compose/tasks/main.yaml b/roles/docker_compose/tasks/main.yaml
index 7b01304..af7f717 100644
--- a/roles/docker_compose/tasks/main.yaml
+++ b/roles/docker_compose/tasks/main.yaml
@@ -17,17 +17,6 @@
   become: true
   notify: docker compose down
 
-- name: deploy the .env file
-  ansible.builtin.copy:
-    content: "{{ docker_compose__env_file_content }}"
-    dest: /ansible_docker_compose/.env
-    mode: "0644"
-    owner: root
-    group: root
-  become: true
-  when: docker_compose__env_file_content is defined
-  notify: docker compose down
-
 - name: make sure the `/ansible_docker_compose/configs` directory exists
   ansible.builtin.file:
     path: /ansible_docker_compose/configs