diff --git a/group_vars/all/geo.yml b/group_vars/all/geo.yml
index a70e3a1585d452338535079b5f80eb1f20a76ff2..e12fa1aa74df2916bff8123dccc2e81698da5246 100644
--- a/group_vars/all/geo.yml
+++ b/group_vars/all/geo.yml
@@ -1,5 +1,6 @@
 geo_acme_dns_challenge_ns: redirect.archlinux.org
 geo_domains:
   - geo.mirror.pkgbuild.com
-geo_health_check_paths:
-  geo.mirror.pkgbuild.com: /lastupdate
+geo_options:
+  geo.mirror.pkgbuild.com:
+    health_check_path: /lastupdate
diff --git a/roles/geo_dns/templates/geo.yml.j2 b/roles/geo_dns/templates/geo.yml.j2
index 485f62b27754910b79bdb082ef9778475c53a8ec..0b7049cd7a48d0725b73bca496026931ecd08b14 100644
--- a/roles/geo_dns/templates/geo.yml.j2
+++ b/roles/geo_dns/templates/geo.yml.j2
@@ -9,19 +9,19 @@ domains:
         - soa: {{ groups['geo_mirrors'] | first }}. root.archlinux.org. 2022042701 3600 1800 604800 3600
         {% for host in groups['geo_mirrors'] %}
         - ns:
-            ttl: 86400
+            ttl: {{ geo_options[domain]['ns_ttl'] | default(86400) }}
             content: {{ host }}
         {% endfor %}
         - lua:
             ttl: 300
             content: >
-              A "ifurlup('https://{{ domain }}{{ geo_health_check_paths[domain] | default('/') }}',
+              A "ifurlup('https://{{ domain }}{{ geo_options[domain]['health_check_path'] | default('/') }}',
               {'{{ groups['geo_mirrors'] | map('extract', hostvars, ['ipv4_address']) | join("', '") }}'},
               {selector='pickclosest', useragent='pdns on {{ inventory_hostname }}'})"
         - lua:
             ttl: 300
             content: >
-              AAAA "ifurlup('https://{{ domain }}{{ geo_health_check_paths[domain] | default('/') }}',
+              AAAA "ifurlup('https://{{ domain }}{{ geo_options[domain]['health_check_path'] | default('/') }}',
               {'{{ groups['geo_mirrors'] | map('extract', hostvars, ['ipv6_address']) | join("', '") }}'},
               {selector='pickclosest', useragent='pdns on {{ inventory_hostname }}'})"
       _acme-challenge.{{ domain }}:
diff --git a/tf-stage1/archlinux.tf b/tf-stage1/archlinux.tf
index 41bba840f55d656f83ff30b9a0bb20915552366f..06d7e16fc9fd68b1c20d159c043db172cd05d259 100644
--- a/tf-stage1/archlinux.tf
+++ b/tf-stage1/archlinux.tf
@@ -371,6 +371,9 @@ locals {
   #   - name (mandatory, specifies the subdomain to create in the above zone)
   #   - ttl (optional, the TTL of the NS records, defaults to 86400 if unset)
   #
+  # Note: If you use a custom TTL, also add it to geo_options[domain]['ns_ttl']
+  #       in Ansible (see the 'geo_options' variable in group_vars/all/geo.yml)
+  #
   geo_domains = {
     "geo.mirror.pkgbuild.com" = {
       zone_id = hetznerdns_zone.pkgbuild.id