diff --git a/mkosi.default b/mkosi.conf
similarity index 70%
rename from mkosi.default
rename to mkosi.conf
index 1628df1..e37d443 100644
--- a/mkosi.default
+++ b/mkosi.conf
@@ -4,12 +4,10 @@ Autologin = yes
 [Output]
 Format = directory
 Hostname = servnest.test
+CacheDirectory = ../mkosi.cache/
+OutputDirectory = /var/lib/machines
 
 [Content]
-RemoveFiles = /.git,/.gitignore,/mkosi.*,/*.md
-Cache = ../mkosi.cache/
-ExtraTree = ./
-BasePackages = yes
 WithDocs = yes
 WithNetwork = yes
 Packages =
diff --git a/etc/apt/sources.list b/mkosi.extra/etc/apt/sources.list
similarity index 100%
rename from etc/apt/sources.list
rename to mkosi.extra/etc/apt/sources.list
diff --git a/etc/hosts b/mkosi.extra/etc/hosts
similarity index 100%
rename from etc/hosts
rename to mkosi.extra/etc/hosts
diff --git a/etc/knot/knot-primary.conf b/mkosi.extra/etc/knot/knot-primary.conf
similarity index 100%
rename from etc/knot/knot-primary.conf
rename to mkosi.extra/etc/knot/knot-primary.conf
diff --git a/etc/knot/knot-secondary.conf b/mkosi.extra/etc/knot/knot-secondary.conf
similarity index 100%
rename from etc/knot/knot-secondary.conf
rename to mkosi.extra/etc/knot/knot-secondary.conf
diff --git a/etc/pacman.d/mirrorlist b/mkosi.extra/etc/pacman.d/mirrorlist
similarity index 100%
rename from etc/pacman.d/mirrorlist
rename to mkosi.extra/etc/pacman.d/mirrorlist
diff --git a/etc/php.ini-development b/mkosi.extra/etc/php.ini-development
similarity index 100%
rename from etc/php.ini-development
rename to mkosi.extra/etc/php.ini-development
diff --git a/etc/php.ini-production b/mkosi.extra/etc/php.ini-production
similarity index 100%
rename from etc/php.ini-production
rename to mkosi.extra/etc/php.ini-production
diff --git a/etc/resolv.conf b/mkosi.extra/etc/resolv.conf
similarity index 100%
rename from etc/resolv.conf
rename to mkosi.extra/etc/resolv.conf
diff --git a/etc/ssh/sshd_config b/mkosi.extra/etc/ssh/sshd_config
similarity index 100%
rename from etc/ssh/sshd_config
rename to mkosi.extra/etc/ssh/sshd_config
diff --git a/etc/systemd/resolved.conf.d/dot.conf b/mkosi.extra/etc/systemd/resolved.conf.d/dot.conf
similarity index 100%
rename from etc/systemd/resolved.conf.d/dot.conf
rename to mkosi.extra/etc/systemd/resolved.conf.d/dot.conf
diff --git a/etc/tmpfiles.d/servnest.conf b/mkosi.extra/etc/tmpfiles.d/servnest.conf
similarity index 100%
rename from etc/tmpfiles.d/servnest.conf
rename to mkosi.extra/etc/tmpfiles.d/servnest.conf
diff --git a/install/apache.sh b/mkosi.extra/install/apache.sh
similarity index 98%
rename from install/apache.sh
rename to mkosi.extra/install/apache.sh
index 38e751c..24655ee 100644
--- a/install/apache.sh
+++ b/mkosi.extra/install/apache.sh
@@ -22,8 +22,6 @@ if [[ $OS = "arch" ]]; then
 
 	mkdir -p /srv/servnest/ht/usr/lib
 	ln /usr/lib/libc.so.6 /srv/servnest/ht/usr/lib/libc.so.6
-
-	systemctl enable httpd
 fi
 
 if [[ $OS = "debian" ]]; then
diff --git a/install/apache/errors.conf b/mkosi.extra/install/apache/errors.conf
similarity index 100%
rename from install/apache/errors.conf
rename to mkosi.extra/install/apache/errors.conf
diff --git a/install/apache/httpd.conf b/mkosi.extra/install/apache/httpd.conf
similarity index 100%
rename from install/apache/httpd.conf
rename to mkosi.extra/install/apache/httpd.conf
diff --git a/install/apache/types b/mkosi.extra/install/apache/types
similarity index 100%
rename from install/apache/types
rename to mkosi.extra/install/apache/types
diff --git a/install/certbot-deploy-hook.sh b/mkosi.extra/install/certbot-deploy-hook.sh
similarity index 100%
rename from install/certbot-deploy-hook.sh
rename to mkosi.extra/install/certbot-deploy-hook.sh
diff --git a/install/certbot.ini b/mkosi.extra/install/certbot.ini
similarity index 100%
rename from install/certbot.ini
rename to mkosi.extra/install/certbot.ini
diff --git a/install/certbot.sh b/mkosi.extra/install/certbot.sh
similarity index 100%
rename from install/certbot.sh
rename to mkosi.extra/install/certbot.sh
diff --git a/install/cronie b/mkosi.extra/install/cronie
similarity index 100%
rename from install/cronie
rename to mkosi.extra/install/cronie
diff --git a/install/http-messages/400.html b/mkosi.extra/install/http-messages/400.html
similarity index 100%
rename from install/http-messages/400.html
rename to mkosi.extra/install/http-messages/400.html
diff --git a/install/http-messages/403.html b/mkosi.extra/install/http-messages/403.html
similarity index 100%
rename from install/http-messages/403.html
rename to mkosi.extra/install/http-messages/403.html
diff --git a/install/http-messages/404.en.html b/mkosi.extra/install/http-messages/404.en.html
similarity index 100%
rename from install/http-messages/404.en.html
rename to mkosi.extra/install/http-messages/404.en.html
diff --git a/install/http-messages/404.fr.html b/mkosi.extra/install/http-messages/404.fr.html
similarity index 100%
rename from install/http-messages/404.fr.html
rename to mkosi.extra/install/http-messages/404.fr.html
diff --git a/install/http-messages/405.html b/mkosi.extra/install/http-messages/405.html
similarity index 100%
rename from install/http-messages/405.html
rename to mkosi.extra/install/http-messages/405.html
diff --git a/install/http-messages/410.html b/mkosi.extra/install/http-messages/410.html
similarity index 100%
rename from install/http-messages/410.html
rename to mkosi.extra/install/http-messages/410.html
diff --git a/install/http-messages/418.html b/mkosi.extra/install/http-messages/418.html
similarity index 100%
rename from install/http-messages/418.html
rename to mkosi.extra/install/http-messages/418.html
diff --git a/install/http-messages/500.en.html b/mkosi.extra/install/http-messages/500.en.html
similarity index 100%
rename from install/http-messages/500.en.html
rename to mkosi.extra/install/http-messages/500.en.html
diff --git a/install/http-messages/500.fr.html b/mkosi.extra/install/http-messages/500.fr.html
similarity index 100%
rename from install/http-messages/500.fr.html
rename to mkosi.extra/install/http-messages/500.fr.html
diff --git a/install/http-messages/502.html b/mkosi.extra/install/http-messages/502.html
similarity index 100%
rename from install/http-messages/502.html
rename to mkosi.extra/install/http-messages/502.html
diff --git a/install/http-messages/503.en.html b/mkosi.extra/install/http-messages/503.en.html
similarity index 100%
rename from install/http-messages/503.en.html
rename to mkosi.extra/install/http-messages/503.en.html
diff --git a/install/http-messages/503.fr.html b/mkosi.extra/install/http-messages/503.fr.html
similarity index 100%
rename from install/http-messages/503.fr.html
rename to mkosi.extra/install/http-messages/503.fr.html
diff --git a/install/http-messages/504.html b/mkosi.extra/install/http-messages/504.html
similarity index 100%
rename from install/http-messages/504.html
rename to mkosi.extra/install/http-messages/504.html
diff --git a/install/http-messages/security.txt b/mkosi.extra/install/http-messages/security.txt
similarity index 100%
rename from install/http-messages/security.txt
rename to mkosi.extra/install/http-messages/security.txt
diff --git a/install/http-messages/unsecure.en.html b/mkosi.extra/install/http-messages/unsecure.en.html
similarity index 100%
rename from install/http-messages/unsecure.en.html
rename to mkosi.extra/install/http-messages/unsecure.en.html
diff --git a/install/http-messages/unsecure.fr.html b/mkosi.extra/install/http-messages/unsecure.fr.html
similarity index 100%
rename from install/http-messages/unsecure.fr.html
rename to mkosi.extra/install/http-messages/unsecure.fr.html
diff --git a/install/install.sh b/mkosi.extra/install/install.sh
similarity index 100%
rename from install/install.sh
rename to mkosi.extra/install/install.sh
diff --git a/install/knot.conf b/mkosi.extra/install/knot.conf
similarity index 93%
rename from install/knot.conf
rename to mkosi.extra/install/knot.conf
index 874e280..c4d854f 100644
--- a/install/knot.conf
+++ b/mkosi.extra/install/knot.conf
@@ -17,6 +17,8 @@ policy:
     algorithm: "ed25519"
     nsec3: "on"
     nsec3-iterations: 10
+    delete-delay: 60d
+    dnskey-management: "incremental"
 
 template:
   - id: "servnest"
diff --git a/install/knot.sh b/mkosi.extra/install/knot.sh
similarity index 81%
rename from install/knot.sh
rename to mkosi.extra/install/knot.sh
index d33fdd2..41d6c9d 100644
--- a/install/knot.sh
+++ b/mkosi.extra/install/knot.sh
@@ -1,9 +1,9 @@
 #!/usr/bin/bash
 
-sudo -u $knot mkdir -p /var/lib/knot/confdb/
+mkdir -p /var/lib/knot/confdb/
 
 # Load configuration in Knot database
-sudo -u $knot knotc conf-import /install/knot.conf
+knotc conf-import /install/knot.conf
 
 # We need servnest to be allowed to configure Knot
 usermod -aG $knot $servnest # Add user $servnest to group $knot
diff --git a/install/nginx.sh b/mkosi.extra/install/nginx.sh
similarity index 100%
rename from install/nginx.sh
rename to mkosi.extra/install/nginx.sh
diff --git a/install/nginx/inc/apache-proxy.conf b/mkosi.extra/install/nginx/inc/apache-proxy.conf
similarity index 100%
rename from install/nginx/inc/apache-proxy.conf
rename to mkosi.extra/install/nginx/inc/apache-proxy.conf
diff --git a/install/nginx/inc/fastcgi.conf b/mkosi.extra/install/nginx/inc/fastcgi.conf
similarity index 100%
rename from install/nginx/inc/fastcgi.conf
rename to mkosi.extra/install/nginx/inc/fastcgi.conf
diff --git a/install/nginx/inc/messages.conf b/mkosi.extra/install/nginx/inc/messages.conf
similarity index 100%
rename from install/nginx/inc/messages.conf
rename to mkosi.extra/install/nginx/inc/messages.conf
diff --git a/install/nginx/inc/serve-static.conf b/mkosi.extra/install/nginx/inc/serve-static.conf
similarity index 100%
rename from install/nginx/inc/serve-static.conf
rename to mkosi.extra/install/nginx/inc/serve-static.conf
diff --git a/install/nginx/inc/types.conf b/mkosi.extra/install/nginx/inc/types.conf
similarity index 100%
rename from install/nginx/inc/types.conf
rename to mkosi.extra/install/nginx/inc/types.conf
diff --git a/install/nginx/nginx.conf b/mkosi.extra/install/nginx/nginx.conf
similarity index 100%
rename from install/nginx/nginx.conf
rename to mkosi.extra/install/nginx/nginx.conf
diff --git a/install/nginx/sites/dns.conf b/mkosi.extra/install/nginx/sites/dns.conf
similarity index 100%
rename from install/nginx/sites/dns.conf
rename to mkosi.extra/install/nginx/sites/dns.conf
diff --git a/install/nginx/sites/interface.conf b/mkosi.extra/install/nginx/sites/interface.conf
similarity index 100%
rename from install/nginx/sites/interface.conf
rename to mkosi.extra/install/nginx/sites/interface.conf
diff --git a/install/nginx/sites/no-tls.conf b/mkosi.extra/install/nginx/sites/no-tls.conf
similarity index 100%
rename from install/nginx/sites/no-tls.conf
rename to mkosi.extra/install/nginx/sites/no-tls.conf
diff --git a/install/nginx/sites/onion.conf b/mkosi.extra/install/nginx/sites/onion.conf
similarity index 100%
rename from install/nginx/sites/onion.conf
rename to mkosi.extra/install/nginx/sites/onion.conf
diff --git a/install/nginx/sites/sftpgo-auth.conf b/mkosi.extra/install/nginx/sites/sftpgo-auth.conf
similarity index 100%
rename from install/nginx/sites/sftpgo-auth.conf
rename to mkosi.extra/install/nginx/sites/sftpgo-auth.conf
diff --git a/install/nginx/sites/subdomain.conf b/mkosi.extra/install/nginx/sites/subdomain.conf
similarity index 100%
rename from install/nginx/sites/subdomain.conf
rename to mkosi.extra/install/nginx/sites/subdomain.conf
diff --git a/install/nginx/sites/subpath.conf b/mkosi.extra/install/nginx/sites/subpath.conf
similarity index 100%
rename from install/nginx/sites/subpath.conf
rename to mkosi.extra/install/nginx/sites/subpath.conf
diff --git a/install/php-fpm.conf b/mkosi.extra/install/php-fpm.conf
similarity index 100%
rename from install/php-fpm.conf
rename to mkosi.extra/install/php-fpm.conf
diff --git a/install/php-fpm.service.override.conf b/mkosi.extra/install/php-fpm.service.override.conf
similarity index 100%
rename from install/php-fpm.service.override.conf
rename to mkosi.extra/install/php-fpm.service.override.conf
diff --git a/install/php.ini b/mkosi.extra/install/php.ini
similarity index 85%
rename from install/php.ini
rename to mkosi.extra/install/php.ini
index a2c0293..378fb09 100644
--- a/install/php.ini
+++ b/mkosi.extra/install/php.ini
@@ -1,6 +1,7 @@
 error_log = syslog
 
 extension = pdo_sqlite
+extension = sqlite3
 extension = gettext
 # Only required for the check.php script
 extension = curl
@@ -8,4 +9,3 @@ extension = curl
 # Optional
 expose_php = Off
 zend_extension = opcache
-opcache.jit_buffer_size = 32M
diff --git a/install/php.sh b/mkosi.extra/install/php.sh
similarity index 100%
rename from install/php.sh
rename to mkosi.extra/install/php.sh
diff --git a/install/servnest.sh b/mkosi.extra/install/servnest.sh
similarity index 100%
rename from install/servnest.sh
rename to mkosi.extra/install/servnest.sh
diff --git a/install/sftpgo.openrc b/mkosi.extra/install/sftpgo.openrc
similarity index 100%
rename from install/sftpgo.openrc
rename to mkosi.extra/install/sftpgo.openrc
diff --git a/install/sftpgo.service b/mkosi.extra/install/sftpgo.service
similarity index 100%
rename from install/sftpgo.service
rename to mkosi.extra/install/sftpgo.service
diff --git a/install/sftpgo.sh b/mkosi.extra/install/sftpgo.sh
similarity index 97%
rename from install/sftpgo.sh
rename to mkosi.extra/install/sftpgo.sh
index a2b23ff..bff02d9 100644
--- a/install/sftpgo.sh
+++ b/mkosi.extra/install/sftpgo.sh
@@ -22,7 +22,6 @@ chmod u=r,g=,o= /etc/sftpgo/ed25519
 
 # For systemd
 cp /install/sftpgo.service /etc/systemd/system/
-systemctl enable sftpgo
 
 # Allow listening on privileged ports
 setcap 'cap_net_bind_service=+ep' /usr/local/bin/sftpgo
diff --git a/install/sftpgo.toml b/mkosi.extra/install/sftpgo.toml
similarity index 100%
rename from install/sftpgo.toml
rename to mkosi.extra/install/sftpgo.toml
diff --git a/install/sudo.sh b/mkosi.extra/install/sudo.sh
similarity index 100%
rename from install/sudo.sh
rename to mkosi.extra/install/sudo.sh
diff --git a/install/sudoers b/mkosi.extra/install/sudoers
similarity index 100%
rename from install/sudoers
rename to mkosi.extra/install/sudoers
diff --git a/install/tor.service.override.conf b/mkosi.extra/install/tor.service.override.conf
similarity index 100%
rename from install/tor.service.override.conf
rename to mkosi.extra/install/tor.service.override.conf
diff --git a/install/tor.sh b/mkosi.extra/install/tor.sh
similarity index 100%
rename from install/tor.sh
rename to mkosi.extra/install/tor.sh
diff --git a/install/torrc b/mkosi.extra/install/torrc
similarity index 100%
rename from install/torrc
rename to mkosi.extra/install/torrc
diff --git a/root/.ssh/.gitkeep b/mkosi.extra/root/.ssh/.gitkeep
similarity index 100%
rename from root/.ssh/.gitkeep
rename to mkosi.extra/root/.ssh/.gitkeep
diff --git a/mkosi.extra/root/.ssh/authorized_keys b/mkosi.extra/root/.ssh/authorized_keys
new file mode 100644
index 0000000..fc1b42a
--- /dev/null
+++ b/mkosi.extra/root/.ssh/authorized_keys
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFkueXNjIEZVGbR1kLlDKrbRjKIvXaqbVHMVpGqH3L0/ miraty@Cerise
diff --git a/root/sftpgo.sh b/mkosi.extra/root/sftpgo.sh
similarity index 100%
rename from root/sftpgo.sh
rename to mkosi.extra/root/sftpgo.sh
diff --git a/mkosi.extra/srv/servnest/core b/mkosi.extra/srv/servnest/core
new file mode 160000
index 0000000..63554b4
--- /dev/null
+++ b/mkosi.extra/srv/servnest/core
@@ -0,0 +1 @@
+Subproject commit 63554b4908a088f5da0dc3a5806415cfa7b88701
diff --git a/srv/servnest/reg/servnest.test.zone b/mkosi.extra/srv/servnest/reg/servnest.test.zone
similarity index 100%
rename from srv/servnest/reg/servnest.test.zone
rename to mkosi.extra/srv/servnest/reg/servnest.test.zone
diff --git a/srv/servnest/reg/test.servnest.test.zone b/mkosi.extra/srv/servnest/reg/test.servnest.test.zone
similarity index 100%
rename from srv/servnest/reg/test.servnest.test.zone
rename to mkosi.extra/srv/servnest/reg/test.servnest.test.zone
diff --git a/usr/lib/tmpfiles.d/php-fpm.conf b/mkosi.extra/usr/lib/tmpfiles.d/php-fpm.conf
similarity index 100%
rename from usr/lib/tmpfiles.d/php-fpm.conf
rename to mkosi.extra/usr/lib/tmpfiles.d/php-fpm.conf
diff --git a/usr/local/bin/.gitkeep b/mkosi.extra/usr/local/bin/.gitkeep
similarity index 100%
rename from usr/local/bin/.gitkeep
rename to mkosi.extra/usr/local/bin/.gitkeep
diff --git a/var/log/php/.gitkeep b/mkosi.extra/var/log/php/.gitkeep
similarity index 100%
rename from var/log/php/.gitkeep
rename to mkosi.extra/var/log/php/.gitkeep
diff --git a/mkosi.finalize b/mkosi.finalize
new file mode 100755
index 0000000..bd4c109
--- /dev/null
+++ b/mkosi.finalize
@@ -0,0 +1,21 @@
+#!/usr/bin/bash
+
+if [ "$container" != "mkosi" ]; then
+	exec mkosi-chroot "$SCRIPT" "$@"
+fi
+
+set -euo pipefail
+
+source /etc/os-release
+export OS=$ID
+
+if [[ $OS = "arch" ]]; then
+	systemctl enable sshd
+	systemctl enable knot
+	systemctl enable nginx
+	systemctl enable httpd
+	systemctl enable tor
+	systemctl enable php-fpm
+fi
+
+systemctl enable sftpgo
diff --git a/mkosi.postinst b/mkosi.postinst
index b5f3022..54db930 100755
--- a/mkosi.postinst
+++ b/mkosi.postinst
@@ -1,4 +1,9 @@
 #!/usr/bin/bash
+
+if [ "$container" != "mkosi" ]; then
+	exec mkosi-chroot "$SCRIPT" "$@"
+fi
+
 set -euo pipefail
 
 source /etc/os-release
@@ -14,15 +19,12 @@ chown $sftpgo: /usr/local/bin/sftpgo
 chmod u=rx,g=,o= /usr/local/bin/sftpgo
 
 if [[ $OS = "arch" ]]; then
-	systemctl enable sshd
-	systemctl enable knot
-	systemctl enable nginx
-	systemctl enable tor
-	systemctl enable php-fpm
-
 	pacman-key --init
 	pacman-key --populate
 fi
 
 # Enable testing option
 sed -i 's/local_only_check = false/local_only_check = true/' /srv/servnest/core/config.ini
+
+chmod    u=rwX,g=rX,o=rX /        /etc
+chmod -R u=rwX,g=rX,o=rX /etc/php
diff --git a/mkosi.default.d/arch/mkosi.default b/mkosi.presets/sn-arch.conf
similarity index 73%
rename from mkosi.default.d/arch/mkosi.default
rename to mkosi.presets/sn-arch.conf
index ee6f79f..4bb8c24 100644
--- a/mkosi.default.d/arch/mkosi.default
+++ b/mkosi.presets/sn-arch.conf
@@ -3,11 +3,12 @@ Distribution = arch
 
 
 
-[Output]
-Output = /var/lib/machines/servnest-arch
 
 [Content]
 Packages =
+	systemd
+	pacman
+	archlinux-keyring
 	apache
 	nginx-mod-headers-more
 	certbot-nginx
@@ -16,5 +17,8 @@ Packages =
 	go
 	openssh
 	iputils
+	gettext
 	which
 	sshpass
+	sed
+	coreutils
diff --git a/mkosi.default.d/debian/mkosi.default b/mkosi.presets/sn-debian.conf
similarity index 86%
rename from mkosi.default.d/debian/mkosi.default
rename to mkosi.presets/sn-debian.conf
index 9383183..c707997 100644
--- a/mkosi.default.d/debian/mkosi.default
+++ b/mkosi.presets/sn-debian.conf
@@ -3,11 +3,9 @@ Distribution = debian
 Release = testing
 Mirror = https://deb.debian.org/debian
 
-[Output]
-Output = /var/lib/machines/servnest-debian
-
 [Content]
 Packages =
+	dbus
 	apt-transport-tor
 	apache2
 	libnginx-mod-http-headers-more-filter
diff --git a/srv/servnest/core b/srv/servnest/core
deleted file mode 160000
index 25b1d30..0000000
--- a/srv/servnest/core
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 25b1d30cbebef6bde5bb26b4de92ef78a29924a6