diff --git a/roles/bootstrap/handlers/main.yaml b/roles/bootstrap/handlers/main.yaml
index 95b9e149..50a92709 100644
--- a/roles/bootstrap/handlers/main.yaml
+++ b/roles/bootstrap/handlers/main.yaml
@@ -8,3 +8,7 @@
   ansible.builtin.service:
     name: sshd
     state: restarted
+- name: restart systemd-journald
+  ansible.builtin.service:
+    name: systemd-journald
+    state: restarted
diff --git a/roles/bootstrap/tasks/main.yaml b/roles/bootstrap/tasks/main.yaml
index 0fd36cde..f4c56d44 100644
--- a/roles/bootstrap/tasks/main.yaml
+++ b/roles/bootstrap/tasks/main.yaml
@@ -27,6 +27,10 @@
 - name: Install and configure certbot
   ansible.builtin.include_tasks: install_certbot.yaml
 
+## Setup systemd
+- name: Setup systemd journal rotation
+  ansible.builtin.include_tasks: setup_systemd_journal.yaml
+
 ## Setup Monitoring service
 - name: Configure monitoring service
   ansible.builtin.include_tasks: setup_monitor.yaml
diff --git a/roles/bootstrap/tasks/setup_systemd_journal.yaml b/roles/bootstrap/tasks/setup_systemd_journal.yaml
new file mode 100644
index 00000000..9ec7f890
--- /dev/null
+++ b/roles/bootstrap/tasks/setup_systemd_journal.yaml
@@ -0,0 +1,15 @@
+---
+- name: Setup systemd journal rotation
+  ansible.builtin.blockinfile:
+    path: /etc/systemd/journald.conf
+    block: |
+      [Journal]
+      SystemMaxUse=2G
+      SystemMaxFileSize=100M
+      MaxRetentionSec=90d
+      Compress=yes
+  notify: restart systemd-journald
+
+- name: Force immediate cleanup of old journals
+  ansible.builtin.command: journalctl --vacuum-time=90d
+  changed_when: true