diff --git a/id.tjo.space/configure.sh b/id.tjo.space/configure.sh
index 3a992c4..fd5f7d3 100755
--- a/id.tjo.space/configure.sh
+++ b/id.tjo.space/configure.sh
@@ -21,40 +21,42 @@ else
 fi
 
 echo "=== Copy Configuration Files"
-rsync -a id.tjo.space/containers/ /etc/containers/systemd/
-rsync -a id.tjo.space/configs/ /etc/
+rsync -a id.tjo.space/root/ /
 systemctl daemon-reload
 
-echo "=== Read Secrets"
-age -d -i /etc/age/key.txt id.tjo.space/secrets.env.encrypted >id.tjo.space/secrets.env
-set -a && source id.tjo.space/secrets.env && set +a
-
 echo "=== Prepare srv directories"
 mkdir -p /srv/authentik/{media,certs,custom-templates}
 chown -R 1200:1200 /srv/authentik
 
 mkdir -p /srv/postgresql/data
 
-echo "=== Setup Caddy"
-systemctl restart caddy
+echo "=== Read Secrets"
+age -d -i /etc/age/key.txt id.tjo.space/secrets.env.encrypted >id.tjo.space/secrets.env
+set -a && source id.tjo.space/secrets.env && set +a
 
-echo "=== Setup Postgresql"
+echo "=== Prepare Configurations"
 mkdir -p /etc/postgresql
 cat <<EOF >/etc/postgresql/secrets.env
 POSTGRES_PASSWORD=${POSTGRESQL_PASSWORD}
 EOF
-systemctl restart postgresql
-
-echo "=== Setup Valkey"
-systemctl restart valkey
-
-echo "=== Setup Authentik Server"
 mkdir -p /etc/authentik
 cat <<EOF >/etc/authentik/secrets.env
 AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
 AUTHENTIK_EMAIL__PASSWORD=${AUTHENTIK_EMAIL__PASSWORD}
 AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRESQL_PASSWORD}
 EOF
+
+echo "=== Setup Caddy"
+systemctl restart caddy
+
+echo "=== Setup Postgresql"
+systemctl restart postgresql
+
+echo "=== Setup Valkey"
+systemctl restart valkey
+
+echo "=== Setup Authentik Server"
+
 systemctl restart authentik-server
 
 echo "=== Setup Authentik Worker"
diff --git a/id.tjo.space/docker-compose.yml b/id.tjo.space/docker-compose.yml
deleted file mode 100644
index e7c99cb..0000000
--- a/id.tjo.space/docker-compose.yml
+++ /dev/null
@@ -1,90 +0,0 @@
----
-
-services:
-  postgresql:
-    image: docker.io/library/postgres:16-alpine
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
-      start_period: 20s
-      interval: 30s
-      retries: 5
-      timeout: 5s
-    volumes:
-      - database:/var/lib/postgresql/data
-    environment:
-      POSTGRES_PASSWORD: ${PG_PASS:?database password required}
-      POSTGRES_USER: ${PG_USER:-authentik}
-      POSTGRES_DB: ${PG_DB:-authentik}
-    env_file:
-      - .env
-  redis:
-    image: docker.io/library/redis:alpine
-    command: --save 60 1 --loglevel warning
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
-      start_period: 20s
-      interval: 30s
-      retries: 5
-      timeout: 3s
-    volumes:
-      - redis:/data
-  server:
-    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.1}
-    restart: unless-stopped
-    command: server
-    environment:
-      AUTHENTIK_REDIS__HOST: redis
-      AUTHENTIK_POSTGRESQL__HOST: postgresql
-      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
-      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
-      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
-    volumes:
-      - ./media:/media
-      - ./custom-templates:/templates
-    env_file:
-      - .env
-    ports:
-      - "${COMPOSE_PORT_HTTP:-9000}:9000"
-      - "${COMPOSE_PORT_HTTPS:-9443}:9443"
-    depends_on:
-      postgresql:
-        condition: service_healthy
-      redis:
-        condition: service_healthy
-  worker:
-    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.1}
-    restart: unless-stopped
-    command: worker
-    environment:
-      AUTHENTIK_REDIS__HOST: redis
-      AUTHENTIK_POSTGRESQL__HOST: postgresql
-      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
-      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
-      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
-    # `user: root` and the docker socket volume are optional.
-    # See more for the docker socket integration here:
-    # https://goauthentik.io/docs/outposts/integrations/docker
-    # Removing `user: root` also prevents the worker from fixing the permissions
-    # on the mounted folders, so when removing this make sure the folders have the correct UID/GID
-    # (1000:1000 by default)
-    user: root
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-      - ./media:/media
-      - ./certs:/certs
-      - ./custom-templates:/templates
-    env_file:
-      - .env
-    depends_on:
-      postgresql:
-        condition: service_healthy
-      redis:
-        condition: service_healthy
-
-volumes:
-  database:
-    driver: local
-  redis:
-    driver: local
diff --git a/id.tjo.space/configs/authentik/authentik.env b/id.tjo.space/root/etc/authentik/authentik.env
similarity index 100%
rename from id.tjo.space/configs/authentik/authentik.env
rename to id.tjo.space/root/etc/authentik/authentik.env
diff --git a/id.tjo.space/configs/caddy/Caddyfile b/id.tjo.space/root/etc/caddy/Caddyfile
similarity index 100%
rename from id.tjo.space/configs/caddy/Caddyfile
rename to id.tjo.space/root/etc/caddy/Caddyfile
diff --git a/id.tjo.space/containers/authentik-server.container b/id.tjo.space/root/etc/containers/systemd/authentik-server.container
similarity index 100%
rename from id.tjo.space/containers/authentik-server.container
rename to id.tjo.space/root/etc/containers/systemd/authentik-server.container
diff --git a/id.tjo.space/containers/authentik-worker.container b/id.tjo.space/root/etc/containers/systemd/authentik-worker.container
similarity index 100%
rename from id.tjo.space/containers/authentik-worker.container
rename to id.tjo.space/root/etc/containers/systemd/authentik-worker.container
diff --git a/id.tjo.space/containers/caddy.container b/id.tjo.space/root/etc/containers/systemd/caddy.container
similarity index 100%
rename from id.tjo.space/containers/caddy.container
rename to id.tjo.space/root/etc/containers/systemd/caddy.container
diff --git a/id.tjo.space/containers/main.network b/id.tjo.space/root/etc/containers/systemd/main.network
similarity index 100%
rename from id.tjo.space/containers/main.network
rename to id.tjo.space/root/etc/containers/systemd/main.network
diff --git a/id.tjo.space/containers/postgresql.container b/id.tjo.space/root/etc/containers/systemd/postgresql.container
similarity index 100%
rename from id.tjo.space/containers/postgresql.container
rename to id.tjo.space/root/etc/containers/systemd/postgresql.container
diff --git a/id.tjo.space/containers/valkey.container b/id.tjo.space/root/etc/containers/systemd/valkey.container
similarity index 100%
rename from id.tjo.space/containers/valkey.container
rename to id.tjo.space/root/etc/containers/systemd/valkey.container
diff --git a/id.tjo.space/root/etc/postgresql/postgresql.env b/id.tjo.space/root/etc/postgresql/postgresql.env
new file mode 100644
index 0000000..ef52eb1
--- /dev/null
+++ b/id.tjo.space/root/etc/postgresql/postgresql.env
@@ -0,0 +1,2 @@
+POSTGRES_USER=id.tjo.space
+POSTGRES_DB=id.tjo.space
diff --git a/id.tjo.space/root/etc/systemd/system/postgresql-backup.service b/id.tjo.space/root/etc/systemd/system/postgresql-backup.service
new file mode 100644
index 0000000..5a2d84d
--- /dev/null
+++ b/id.tjo.space/root/etc/systemd/system/postgresql-backup.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Backup PostgreSQL databases
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/postgresql-backup.sh
+EnvironmentFile=/etc/postgresql/secrets.env
+EnvironmentFile=/etc/postgresql/postgresql.env
+Environment=BACKUP_DIR=/srv/postgresql/backups
diff --git a/id.tjo.space/root/etc/systemd/system/postgresql-backup.timer b/id.tjo.space/root/etc/systemd/system/postgresql-backup.timer
new file mode 100644
index 0000000..bf5a449
--- /dev/null
+++ b/id.tjo.space/root/etc/systemd/system/postgresql-backup.timer
@@ -0,0 +1,11 @@
+[Unit]
+Description=Backup PostgreSQL databases daily
+
+[Timer]
+OnCalendar=daily
+AccuracySec=1h
+Persistent=true
+RandomizedDelaySec=100min
+
+[Install]
+WantedBy=timers.target
diff --git a/id.tjo.space/root/etc/tmpfiles.d/postgresql-backup.conf b/id.tjo.space/root/etc/tmpfiles.d/postgresql-backup.conf
new file mode 100644
index 0000000..1651cc6
--- /dev/null
+++ b/id.tjo.space/root/etc/tmpfiles.d/postgresql-backup.conf
@@ -0,0 +1 @@
+d /srv/postgresql/backups 0750 root root 10d -
diff --git a/id.tjo.space/root/usr/local/bin/postgresql-backup.sh b/id.tjo.space/root/usr/local/bin/postgresql-backup.sh
new file mode 100755
index 0000000..06eeb77
--- /dev/null
+++ b/id.tjo.space/root/usr/local/bin/postgresql-backup.sh
@@ -0,0 +1,35 @@
+#!/usr/bin/env bash
+
+[ -z "${POSTGRES_USER}" ] && { echo "=> POSTGRES_USER cannot be empty" && exit 1; }
+[ -z "${POSTGRES_PASSWORD}" ] && { echo "=> POSTGRES_PASSWORD cannot be empty" && exit 1; }
+[ -z "${GZIP_LEVEL}" ] && { GZIP_LEVEL=6; }
+
+DATE=$(date +%Y%m%d%H%M)
+echo "=> Backup started at $(date "+%Y-%m-%d %H:%M:%S")"
+
+export PGHOST=${POSTGRES_HOST}
+export PGPORT=${POSTGRES_PORT}
+export PGUSER=${POSTGRES_USER}
+export PGPASSWORD=${POSTGRES_PASSWORD}
+
+DATABASES=${POSTGRES_DATABASE:-${POSTGRES_DB:-$(psql "${POSTGRES_SSL_OPTS}" -t -c "SELECT datname FROM pg_database;")}}
+
+for db in ${DATABASES}; do
+  if [[ "$db" != "template1" ]] &&
+    [[ "$db" != "template0" ]]; then
+
+    echo "==> Dumping database: $db"
+
+    FILENAME=${BACKUP_DIR}/$DATE.$db.sql
+
+    if pg_dump ${POSTGRESDUMP_OPTS} "${db}" >"${FILENAME}"; then
+      if [ -z "${USE_PLAIN_SQL}" ]; then
+        echo "==> Compressing $db with LEVEL $GZIP_LEVEL"
+        gzip "-$GZIP_LEVEL" -f "$FILENAME"
+      fi
+    else
+      rm -rf "$FILENAME"
+    fi
+  fi
+done
+echo "=> Backup process finished at $(date "+%Y-%m-%d %H:%M:%S")"