diff --git a/roles/k3s_agent/tasks/main.yml b/roles/k3s_agent/tasks/main.yml
index c1d13f7..baa4e85 100644
--- a/roles/k3s_agent/tasks/main.yml
+++ b/roles/k3s_agent/tasks/main.yml
@@ -41,28 +41,6 @@
         }) }}
       changed_when: true
 
-- name: Compute final agent arguments
-  ansible.builtin.set_fact:
-    _api_endpoint_in_agent_config: >-
-      {% if agent_config_yaml is defined and api_endpoint is defined and agent_config_yaml | regex_search('tls-san:.*' + api_endpoint | regex_escape(), ignorecase=True) %}
-      true
-      {% else %}
-      false
-      {% endif %}
-    _api_endpoint_in_agent_args: >-
-      {% if api_endpoint is defined and extra_agent_args | regex_search('--tls-san[=\s]+' + api_endpoint | regex_escape(), ignorecase=True) %}
-      true
-      {% else %}
-      false
-      {% endif %}
-
-- name: Add TLS SAN to agent arguments if needed
-  ansible.builtin.set_fact:
-    opt_tls_san: >-
-      {% if api_endpoint is defined and api_endpoint != ansible_hostname and _api_endpoint_in_agent_config | bool == false and _api_endpoint_in_agent_args | bool == false %}
-      --tls-san={{ api_endpoint }}
-      {% endif %}
-
 - name: Setup optional config file
   when: agent_config_yaml is defined
   block:
@@ -103,16 +81,18 @@
   with_items:
     - "K3S_TOKEN={{ token }}"
 
-- name: Copy K3s service file
+- name: Modify ExecStart in k3s-agent.service to include API endpoint and extra args
   register: k3s_agent_service
-  ansible.builtin.template:
-    src: "k3s-agent.service.j2"
-    dest: "{{ systemd_dir }}/k3s-agent.service"
-    owner: root
-    group: root
-    mode: "u=rw,g=r,o=r"
+  ansible.builtin.replace:
+    path: "{{ systemd_dir }}/k3s-agent.service"
+    regexp: '^ExecStart=\/usr\/local\/bin\/k3s \\\n\s*agent.*'
+    replace: |
+      ExecStart=/usr/local/bin/k3s \
+          agent \
+          --server https://{{ api_endpoint }}:{{ api_port }} \
+          {{ extra_agent_args }}
 
-- name: Enable and check K3s service
+- name: Enable and check K3s agent service
   ansible.builtin.systemd:
     name: k3s-agent
     daemon_reload: "{{ true if k3s_agent_service.changed else false }}"
diff --git a/roles/k3s_agent/templates/k3s-agent.service.j2 b/roles/k3s_agent/templates/k3s-agent.service.j2
deleted file mode 100644
index 5e77e5c..0000000
--- a/roles/k3s_agent/templates/k3s-agent.service.j2
+++ /dev/null
@@ -1,29 +0,0 @@
-[Unit]
-Description=Lightweight Kubernetes
-Documentation=https://k3s.io
-Wants=network-online.target
-After=network-online.target
-
-[Install]
-WantedBy=multi-user.target
-
-[Service]
-Type=notify
-EnvironmentFile=-/etc/default/%N
-EnvironmentFile=-/etc/sysconfig/%N
-EnvironmentFile=-/etc/systemd/system/k3s-agent.service.env
-KillMode=process
-Delegate=yes
-# Having non-zero Limit*s causes performance problems due to accounting overhead
-# in the kernel. We recommend using cgroups to do container-local accounting.
-LimitNOFILE=1048576
-LimitNPROC=infinity
-LimitCORE=infinity
-TasksMax=infinity
-TimeoutStartSec=0
-Restart=always
-RestartSec=5s
-ExecStartPre=/bin/sh -xc '! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service'
-ExecStartPre=-/sbin/modprobe br_netfilter
-ExecStartPre=-/sbin/modprobe overlay
-ExecStart=/usr/local/bin/k3s agent --data-dir {{ k3s_server_location }} --server https://{{ api_endpoint }}:{{ api_port }} {{ opt_tls_san }} {{ extra_agent_args }}