diff --git a/roles/freeradius/tasks/main.yml b/roles/freeradius/tasks/main.yml
index f86bb04..be0338b 100644
--- a/roles/freeradius/tasks/main.yml
+++ b/roles/freeradius/tasks/main.yml
@@ -35,16 +35,20 @@
   notify: restart radiusd
 
 - name: ensure unused modules are disabled
-  file:
-    name=/etc/raddb/mods-enabled/{{ item }}
-    state=absent
-  with_items: '{{ radiusd_disable_modules }}'
+  command:
+    rm -vf
+    {% for mod in radiusd_disable_modules %}
+    /etc/raddb/mods-enabled/{{ mod }}
+    {% endfor %}
+    removes=/etc/raddb/mods-enabled/{{ radiusd_disable_modules[-1] }}
   notify: restart radiusd
 - name: ensure unused sites are disabled
-  file:
-    name=/etc/raddb/sites-enabled/{{ item }}
-    state=absent
-  with_items: '{{ radiusd_disable_sites }}'
+  command:
+    rm -vf
+    {% for site in radiusd_disable_sites %}
+    /etc/raddb/sites-enabled/{{ site }}
+    {% endfor %}
+    removes=/etc/raddb/sites-enabled/{{ radiusd_disable_sites[-1] }}
   notify: restart radiusd
 
 - name: ensure server certificate is installed
@@ -67,10 +71,12 @@
     openssl dhparam -out /etc/raddb/certs/dhparam {{ radiusd_dhparm_size }}
     creates=/etc/raddb/certs/dhparam
 - name: ensure example certificates are removed
-  file:
-    path=/etc/raddb/certs/{{ item }}
-    state=absent
-  with_items: '{{ radiusd_example_cert_files }}'
+  command:
+    rm -vf
+    {% for file in radiusd_example_cert_files %}
+    /etc/raddb/certs/{{ file }}
+    {% endfor %}
+    removes=/etc/raddb/certs/{{ radiusd_example_cert_files[-1] }}
 
 - name: ensure freeradius clients are configured
   template: