diff --git a/templates/vhost.conf.j2 b/templates/vhost.conf.j2
index a44570b..0edb502 100644
--- a/templates/vhost.conf.j2
+++ b/templates/vhost.conf.j2
@@ -28,7 +28,7 @@
   ServerName {{ item.vhostname }}
   ServerAdmin {{ item.serveradmin|default("webmaster@" + item.vhostname ) }}
 {% if item.server_aliases is defined %}
-    ServerAlias {% for alias in item.server_aliases %}{{ alias }} {% endfor %}
+  ServerAlias {% for alias in item.server_aliases %}{{ alias }} {% endfor %}
 {% endif %}
 
 {% if item.aliases is defined %}{% for alias in item.aliases %}
@@ -54,18 +54,19 @@
 {% endif %}
 
     AllowOverride All
-  </Directory>{% endif %}
+  </Directory>
+{% endif %}
 
 {% if item.directories is defined %}{% for directory in item.directories %}
   <Directory "{{ directory.path }}">
 {% if directory.options is defined %}
     Options {% for option in directory.options %}{{ option }} {% endfor %}
 {% endif %}
-
-  AllowOverride {{ directory.allow_override | default("All") }}
-  Require {{ directory.require | default("all granted") }}
-  {{ directory.custom_code | default("") }}
-  </Directory>{% endfor %}{% endif %}
+    AllowOverride {{ directory.allow_override | default("All") }}
+    Require {{ directory.require | default("all granted") }}
+    {{ directory.custom_code | default("") }}
+  </Directory>
+{% endfor %}{% endif %}
 
 {% if item.directoriesmatches is defined %}{% for directorymatch in item.directoriesmatches %}
   <DirectoryMatch "{{ directorymatch.path }}">
@@ -73,10 +74,11 @@
     Options {% for option in directorymatch.options %}{{ option }} {% endfor %}
 {% endif %}
 
-  AllowOverride {{ directorymatch.allow_override | default("All") }}
-  Require {{ directorymatch.require | default("all granted") }}
+    AllowOverride {{ directorymatch.allow_override | default("All") }}
+    Require {{ directorymatch.require | default("all granted") }}
   {{ directorymatch.custom_code | default("") }}
-  </DirectoryMatch>{% endfor %}{% endif %}
+  </DirectoryMatch>
+{% endfor %}{% endif %}
 
   ## Logging
   ErrorLog "/var/log/apache2/{{ item.vhostname }}_error_ssl.log"
@@ -88,7 +90,6 @@
   ## Rewrite rules
   RewriteEngine On
 
-
   ## SSL directives
   SSLEngine on
   SSLCertificateFile      "/etc/letsencrypt/live/{{ item.vhostname }}/fullchain.pem"
@@ -99,14 +100,14 @@
 {% if item.ldap is defined %}
   ## LDAP authentication
   <Location />
-      AuthType Basic
-      AuthName "Enter credentials"
-      AuthBasicProvider ldap
-      AuthLDAPGroupAttribute member
-      AuthLDAPSubGroupClass group
-      AuthLDAPGroupAttributeIsDN On
-      AuthLDAPURL {{ item.ldap.url }} #ldap://ldap.koti.site/ou=People,ou=Users,dc=koti,dc=site?uid
-      Require {{ item.ldap.require }} #valid-user
+    AuthType Basic
+    AuthName "Enter credentials"
+    AuthBasicProvider ldap
+    AuthLDAPGroupAttribute member
+    AuthLDAPSubGroupClass group
+    AuthLDAPGroupAttributeIsDN On
+    AuthLDAPURL {{ item.ldap.url }} #ldap://ldap.koti.site/ou=People,ou=Users,dc=koti,dc=site?uid
+    Require {{ item.ldap.require }} #valid-user
   </Location>
 {% endif %}
 
@@ -121,7 +122,7 @@
 
 {% if item.custom_code is defined %}
   ## Custom fragment
-{{ item.custom_code }}
+  {{ item.custom_code }}
   ## End of custom fragment
 {% endif %}
 </VirtualHost>