diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 672299f3d..bfc7af5b6 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -21,7 +21,7 @@ run-unit-tests:
     - echo "tester:password" | chpasswd
     - cp -r . /home/tester/plinth
     - chown -R tester:tester /home/tester/plinth
-    - su -c "cd ~/plinth; python3 -m flake8 plinth" tester
+    - su -c "cd ~/plinth; python3 -m flake8 --exclude actions/domainname-change,actions/dynamicdns,actions/hostname-change,actions/networks plinth actions/*" tester
     - su -c "cd ~/plinth; py.test-3 --cov=plinth --cov-report=html --cov-report=term" tester
     - cp -r /home/tester/plinth/htmlcov test-coverage-report
 
diff --git a/actions/deluge b/actions/deluge
index 3b3ab122d..ee7e6bf7b 100755
--- a/actions/deluge
+++ b/actions/deluge
@@ -20,11 +20,8 @@ Configuration helper for BitTorrent web client.
 """
 
 import argparse
-import os
 import subprocess
 
-from plinth import action_utils
-
 SYSTEMD_SERVICE_PATH = '/etc/systemd/system/deluge-web.service'
 SYSTEMD_SERVICE = '''
 #
@@ -44,7 +41,7 @@ Group=debian-deluged
 
 [Install]
 WantedBy=multi-user.target
-'''
+'''  # noqa: E501
 
 
 def parse_arguments():
diff --git a/actions/diaspora b/actions/diaspora
index ee464f645..0a915c9b2 100755
--- a/actions/diaspora
+++ b/actions/diaspora
@@ -37,11 +37,14 @@ def parse_arguments():
     subparsers.add_parser(
         'pre-install',
         help='Preseed debconf values before packages are installed.')
-
-    subparsers.add_parser('enable-user-registrations', help='Allow users to' \
-                          'sign up to this diaspora* pod without an invitation.')
-    subparsers.add_parser('disable-user-registrations', help='Allow only, ' \
-                          'users with an invitation to register to this diaspora* pod')
+    subparsers.add_parser(
+        'enable-user-registrations',
+        help='Allow users to sign up to this diaspora* pod without an '
+        'invitation.')
+    subparsers.add_parser(
+        'disable-user-registrations',
+        help='Allow only users with an invitation to register to this '
+        'diaspora* pod')
     subparsers.add_parser('start-diaspora', help='Start diaspora* service')
     subparsers.add_parser(
         'disable-ssl', help="Disable SSL on the diaspora* application server")
diff --git a/actions/ejabberd b/actions/ejabberd
index 78f505ff9..4276cd19c 100755
--- a/actions/ejabberd
+++ b/actions/ejabberd
@@ -31,8 +31,6 @@ from distutils.version import LooseVersion as LV
 import ruamel.yaml
 
 from plinth import action_utils
-from plinth.modules import config
-from plinth.modules.letsencrypt import LIVE_DIRECTORY as LE_LIVE_DIRECTORY
 
 EJABBERD_CONFIG = '/etc/ejabberd/ejabberd.yml'
 EJABBERD_BACKUP = '/var/log/ejabberd/ejabberd.dump'
diff --git a/actions/letsencrypt b/actions/letsencrypt
index 4d4975aac..7509d9ac7 100755
--- a/actions/letsencrypt
+++ b/actions/letsencrypt
@@ -56,8 +56,9 @@ def parse_arguments():
     setup_parser = subparsers.add_parser(
         'setup', help='Run any setup/upgrade activities.')
     setup_parser.add_argument(
-        '--old-version', type=int, required=True, help=
-        'Version number being upgraded from or None if setting up first time.')
+        '--old-version', type=int, required=True,
+        help='Version number being upgraded from or None if setting up first '
+        'time.')
 
     subparsers.add_parser('get-status',
                           help='Return the status of configured domains.')
@@ -273,8 +274,8 @@ def subcommand_obtain(arguments):
 def _remove_old_hooks():
     """Remove old style renewal hooks from individual configuration files.
 
-    This has been replaced with global hooks by adding script files in directory
-    /etc/letsencrypt/renewal-hooks/{pre,post,deploy}/.
+    This has been replaced with global hooks by adding script files in
+    directory /etc/letsencrypt/renewal-hooks/{pre,post,deploy}/.
 
     """
     for file_path in glob.glob(RENEWAL_DIRECTORY + '*.conf'):
diff --git a/actions/matrixsynapse b/actions/matrixsynapse
index 1215c5a7a..de667ec1e 100755
--- a/actions/matrixsynapse
+++ b/actions/matrixsynapse
@@ -24,9 +24,7 @@ import argparse
 import yaml
 
 from plinth import action_utils
-from plinth.modules import letsencrypt
-from plinth.modules.matrixsynapse import (CONFIG_FILE_PATH,
-                                          get_configured_domain_name)
+from plinth.modules.matrixsynapse import CONFIG_FILE_PATH
 
 
 def parse_arguments():
diff --git a/actions/monkeysphere b/actions/monkeysphere
index 7b4586cab..c09c50514 100755
--- a/actions/monkeysphere
+++ b/actions/monkeysphere
@@ -129,8 +129,8 @@ def get_https_keys(fingerprint_hash):
     # Read from FreedomBox configured domains with proper SSL certs.
     path = "/files/etc/apache2/sites-available//" \
         "directive[. = 'Use'][arg[1] = 'FreedomBoxTLSSiteMacro']"
-    key_file = "/files/etc/apache2//Macro[arg[1] = 'FreedomBoxTLSSiteMacro']//"\
-        "VirtualHost/directive[. = 'GnuTLSKeyFile']/arg"
+    key_file = ("/files/etc/apache2//Macro[arg[1] = 'FreedomBoxTLSSiteMacro'])"
+                "//VirtualHost/directive[. = 'GnuTLSKeyFile']/arg")
     key_file = aug.get(key_file)
     for match in aug.match(path):
         domain = aug.get(match + '/arg[2]')
diff --git a/actions/openvpn b/actions/openvpn
index aca5435c3..720d5cc8d 100755
--- a/actions/openvpn
+++ b/actions/openvpn
@@ -237,7 +237,6 @@ def _setup_firewall():
         except subprocess.CalledProcessError:
             return True  # Safer
 
-
     # XXX: Due to https://bugs.debian.org/919517 when tun+ interface is added,
     # firewalld is unable to handle it in nftables backend causing firewalld to
     # break while applying rules. This makes the entire system unreachable.
diff --git a/actions/packages b/actions/packages
index b0072cbf3..887e70162 100755
--- a/actions/packages
+++ b/actions/packages
@@ -153,7 +153,8 @@ def subcommand_filter_conffile_packages(arguments):
       - Read /var/lib/dpkg/status file to read hashes as provided by currently
         installed version of a package.
 
-      - Read each configuration file for the package from disk and compute hashes.
+      - Read each configuration file for the package from disk and compute
+        hashes.
 
       - If the hashes match, package has no configuration file that got
         modified. There will be no conffile prompt.
@@ -179,8 +180,9 @@ def subcommand_filter_conffile_packages(arguments):
 
     downloaded_files = _download_packages(packages)
 
-    new_package_hashes, new_versions = _get_conffile_hashes_from_downloaded_files(
-        packages, downloaded_files, status_hashes, mismatched_hashes)
+    new_package_hashes, new_versions = \
+        _get_conffile_hashes_from_downloaded_files(
+            packages, downloaded_files, status_hashes, mismatched_hashes)
 
     packages_info = {}
     for package in packages:
@@ -356,7 +358,8 @@ def _get_conffile_hashes_from_downloaded_files(
         try:
             package_name, hashes, new_version = \
                 _get_conffile_hashes_from_downloaded_file(
-                packages, downloaded_file, status_hashes, mismatched_hashes)
+                    packages, downloaded_file, status_hashes,
+                    mismatched_hashes)
         except (LookupError, apt_pkg.Error, ValueError):
             continue
 
diff --git a/actions/service b/actions/service
index be8df78ea..ee7a55a8e 100755
--- a/actions/service
+++ b/actions/service
@@ -100,15 +100,21 @@ def subcommand_is_running(arguments):
 
 
 def subcommand_list(_):
-    """Get list of plinth-managed services with their status (running or not)"""
+    """Get list of plinth-managed services with their status.
+
+    Status may be either running or not.
+
+    """
     managed_services = _get_managed_services()
     services = dict.fromkeys(managed_services, {'running': False})
 
     output = subprocess.check_output(['systemctl', 'list-units'])
     for line in output.decode().strip().split('\n'):
-        if line.startswith('UNIT'): continue
+        if line.startswith('UNIT'):
+            continue
         # Stop parsing on empty line after the service list
-        if not len(line): break
+        if not len(line):
+            break
 
         try:
             unit, load, active, sub = line.split()[:4]
diff --git a/actions/ssh b/actions/ssh
index c6bad6b32..8c3c0c8eb 100755
--- a/actions/ssh
+++ b/actions/ssh
@@ -70,7 +70,7 @@ def get_user_homedir(username):
     """Return the home dir of a user by looking up in password database."""
     try:
         return pwd.getpwnam(username).pw_dir
-    except KeyError as exception:
+    except KeyError:
         print('Username not found')
         sys.exit(1)
 
diff --git a/actions/storage b/actions/storage
index 648f94657..d156220a4 100755
--- a/actions/storage
+++ b/actions/storage
@@ -92,7 +92,7 @@ def _resize_partition(device, requested_partition, free_space):
     ]
     try:
         subprocess.run(command, check=True)
-    except subprocess.CalledProcessError as exception:
+    except subprocess.CalledProcessError:
         try:
             subprocess.run(fallback_command, check=True)
         except subprocess.CalledProcessError as exception:
@@ -182,9 +182,9 @@ def _get_partition_device(device, partition_number):
 
 def _get_root_device_and_partition_number(device):
     """Return the parent device and number of partition separately."""
-    match = re.match('(.+[a-zA-Z]\d+)p(\d+)$', device)
+    match = re.match(r'(.+[a-zA-Z]\d+)p(\d+)$', device)
     if not match:
-        match = re.match('(.+[a-zA-Z])(\d+)$', device)
+        match = re.match(r'(.+[a-zA-Z])(\d+)$', device)
         if not match:
             print('Invalid device, must be a partition', file=sys.stderr)
             sys.exit(1)
diff --git a/actions/tor b/actions/tor
index 96ec812a0..a49bda867 100755
--- a/actions/tor
+++ b/actions/tor
@@ -48,8 +48,9 @@ def parse_arguments():
     setup_parser = subparsers.add_parser('setup',
                                          help='Setup Tor configuration')
     setup_parser.add_argument(
-        '--old-version', type=int, required=True, help=
-        'Version number being upgraded from or None if setting up first time.')
+        '--old-version', type=int, required=True,
+        help='Version number being upgraded from or None if setting up first '
+        'time.')
 
     subparsers.add_parser('get-status', help='Get Tor status in JSON format')
 
diff --git a/actions/upgrades b/actions/upgrades
index db808a51f..14b1df60c 100755
--- a/actions/upgrades
+++ b/actions/upgrades
@@ -30,7 +30,8 @@ from plinth import action_utils
 
 AUTO_CONF_FILE = '/etc/apt/apt.conf.d/20auto-upgrades'
 LOG_FILE = '/var/log/unattended-upgrades/unattended-upgrades.log'
-BUSTER_BACKPORTS_RELEASE_FILE_URL = 'https://deb.debian.org/debian/dists/buster-backports/Release'
+BUSTER_BACKPORTS_RELEASE_FILE_URL = \
+    'https://deb.debian.org/debian/dists/buster-backports/Release'
 
 
 def parse_arguments():
diff --git a/actions/users b/actions/users
index 12555e52c..b253b54d8 100755
--- a/actions/users
+++ b/actions/users
@@ -290,7 +290,7 @@ def get_user_groups(username):
         groups_part = output.split(' ')[2]
         groups = groups_part.split('=')[1]
         group_names = [
-            user.strip('()') for user in re.findall('\(.*?\)', groups)
+            user.strip('()') for user in re.findall(r'\(.*?\)', groups)
         ]
         group_names.remove('users')
         return group_names