diff --git a/beeper/etc/containers/systemd/aode/aode-relay.container b/beeper/etc/containers/systemd/aode/aode-relay.container
index 39c44f1..4011dda 100644
--- a/beeper/etc/containers/systemd/aode/aode-relay.container
+++ b/beeper/etc/containers/systemd/aode/aode-relay.container
@@ -1,15 +1,13 @@
 [Unit]
 Description=Aode ActivityPub Relay
-Requires=network-online.target
-After=network-online.target
 
 [Container]
-Image=registry.hub.docker.com/asonix/relay:latest
+Image=docker.io/asonix/relay:latest
 ContainerName=aode-relay
-EnvironmentFile=/var/containers/aode/.env.secrets
-EnvironmentFile=/var/containers/aode/.env
+EnvironmentFile=/etc/containers/systemd/aode/.env.secrets
+EnvironmentFile=/etc/containers/systemd/aode/.env
 PublishPort=127.0.0.1:19438:8080
-Volume=/var/containers/aode/relay:/db:Z
+Volume=/var/containers/aode/data:/db:Z
 
 [Service]
 Restart=always
diff --git a/beeper/etc/containers/systemd/ask-js/ask-js.container b/beeper/etc/containers/systemd/ask-js/ask-js.container
new file mode 100644
index 0000000..f1db162
--- /dev/null
+++ b/beeper/etc/containers/systemd/ask-js/ask-js.container
@@ -0,0 +1,19 @@
+[Unit]
+Description=Ask.JS
+After=postgresql.service
+Requires=postgresql.service
+
+[Container]
+Image=ghcr.io/ihateblueb/ask-js:dev
+ContainerName=ask-js
+Network=ask-js.network
+Network=postgresql.network
+PublishPort=127.0.0.1:20617:3579
+Volume=/var/containers/ask-js/config:/app/config:ro,Z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/ask-js/ask-js.network b/beeper/etc/containers/systemd/ask-js/ask-js.network
new file mode 100644
index 0000000..70cde7b
--- /dev/null
+++ b/beeper/etc/containers/systemd/ask-js/ask-js.network
@@ -0,0 +1,2 @@
+[Network]
+IPv6=true
diff --git a/beeper/etc/containers/systemd/caddy/caddy.container b/beeper/etc/containers/systemd/caddy/caddy.container
index 40a944f..0257690 100644
--- a/beeper/etc/containers/systemd/caddy/caddy.container
+++ b/beeper/etc/containers/systemd/caddy/caddy.container
@@ -1,7 +1,5 @@
 [Unit]
 Description=Caddy reverse proxy
-After=network-online.target
-Wants=network-online.target
 
 [Container]
 ContainerName=caddy
@@ -9,8 +7,8 @@ AddCapability=NET_ADMIN
 Image=ghcr.io/zenfyrdev/caddy:latest
 Network=host
 Volume=/etc/caddy:/etc/caddy:z
-Volume=/var/containers/caddy/caddy_config:/config:z
-Volume=/var/containers/caddy/caddy_data:/data:z
+Volume=/var/containers/caddy/config:/config:z
+Volume=/var/containers/caddy/data:/data:z
 Volume=/var/log/caddy:/var/log/caddy:z
 Volume=/var/www:/var/www:z
 
@@ -18,4 +16,4 @@ Volume=/var/www:/var/www:z
 Restart=always
 
 [Install]
-WantedBy=default.target
\ No newline at end of file
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/copyparty/copyparty.container b/beeper/etc/containers/systemd/copyparty/copyparty.container
new file mode 100644
index 0000000..7ec62bc
--- /dev/null
+++ b/beeper/etc/containers/systemd/copyparty/copyparty.container
@@ -0,0 +1,23 @@
+[Unit]
+Description=copyparty
+
+[Container]
+Image=docker.io/copyparty/ac:latest
+ContainerName=copyparty
+Environment=LD_PRELOAD=/usr/lib/libmimalloc-secure.so
+Environment=PYTHONUNBUFFERED=1
+HealthCmd=wget --spider -q 127.0.0.1:3923/?reset=/._
+HealthInterval=1m
+HealthTimeout=2s
+HealthRetries=5
+PublishPort=127.0.0.1:15084:3923
+UserNS=keep-id:uid=1000,gid=1000
+Volume=/var/containers/copyparty/config:/cfg:Z
+Volume=/mnt/ext/copyparty:/w:z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/dind/dind.container b/beeper/etc/containers/systemd/dind/dind.container
new file mode 100644
index 0000000..a7dabfb
--- /dev/null
+++ b/beeper/etc/containers/systemd/dind/dind.container
@@ -0,0 +1,25 @@
+[Unit]
+Description=Rootless Podman-in-Podman
+
+[Container]
+Image=quay.io/podman/stable
+ContainerName=dind
+AutoUpdate=registry
+SecurityLabelDisable=true
+Unmask=ALL
+AddDevice=/dev/fuse
+HealthCmd=podman info || exit 1
+HealthInterval=5s
+HealthTimeout=3s
+HealthRetries=5
+User=podman
+Volume=/var/containers/dind/data:/home/podman/.local/share/containers:Z
+Volume=/var/run/dind:/var/run/1000:z
+Exec=sh -c "podman system service --time=0 unix:///var/run/1000/docker.sock & PID=$!; while [ ! -S /var/run/1000/docker.sock ]; do sleep 0.1; kill -0 $PID 2>/dev/null || exit 1; done && chmod 0666 /var/run/1000/docker.sock && wait $PID"
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/ejabberd/ejabberd.container b/beeper/etc/containers/systemd/ejabberd/ejabberd.container
new file mode 100644
index 0000000..ebcd227
--- /dev/null
+++ b/beeper/etc/containers/systemd/ejabberd/ejabberd.container
@@ -0,0 +1,30 @@
+[Unit]
+Description=ejabberd
+Requires=postgresql.service
+After=postgresql.service
+
+[Container]
+Image=ghcr.io/processone/ejabberd:latest
+ContainerName=ejabberd
+Environment=CTL_ON_START=registered_users synth.download ; status
+EnvironmentFile=/etc/containers/systemd/ejabberd/.env
+Network=ejabberd.network
+Network=postgresql.network
+PublishPort=5222:5222
+PublishPort=5223:5223
+PublishPort=5269:5269
+PublishPort=5270:5270
+PublishPort=5280:5280
+PublishPort=5443:5443
+PublishPort=5478:5478
+Volume=/var/containers/ejabberd/config:/opt/ejabberd/conf:ro,Z
+Volume=/var/containers/ejabberd/files:/opt/ejabberd/upload:Z
+Volume=/var/containers/ejabberd/database:/opt/ejabberd/database:Z
+Volume=/etc/certs:/etc/letsencrypt/live:ro,z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/ejabberd/ejabberd.network b/beeper/etc/containers/systemd/ejabberd/ejabberd.network
new file mode 100644
index 0000000..70cde7b
--- /dev/null
+++ b/beeper/etc/containers/systemd/ejabberd/ejabberd.network
@@ -0,0 +1,2 @@
+[Network]
+IPv6=true
diff --git a/beeper/etc/containers/systemd/forgejo/forgejo-runner.container b/beeper/etc/containers/systemd/forgejo/forgejo-runner.container
new file mode 100644
index 0000000..51b0b95
--- /dev/null
+++ b/beeper/etc/containers/systemd/forgejo/forgejo-runner.container
@@ -0,0 +1,21 @@
+[Unit]
+Description=Forgejo Runner
+After=dind.service
+Requires=dind.service
+
+[Container]
+Image=data.forgejo.org/forgejo/runner:4.0.0
+ContainerName=forgejo-runner
+EnvironmentFile=/etc/containers/systemd/forgejo/.env.runner
+Network=forgejo.network
+User=1001:1001
+Exec=/bin/sh -c "sleep 5; forgejo-runner daemon"
+Volume=/var/containers/forgejo/runner/data:/data:Z
+Volume=/var/run/dind/docker.sock:/var/run/docker.sock:z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/forgejo/forgejo.container b/beeper/etc/containers/systemd/forgejo/forgejo.container
new file mode 100644
index 0000000..1c4aefc
--- /dev/null
+++ b/beeper/etc/containers/systemd/forgejo/forgejo.container
@@ -0,0 +1,22 @@
+[Unit]
+Description=Forgejo
+After=postgresql.service
+Requires=postgresql.service
+
+[Container]
+Image=codeberg.org/forgejo/forgejo:13
+ContainerName=forgejo
+EnvironmentFile=/etc/containers/systemd/forgejo/.env
+Network=forgejo.network
+Network=postgresql.network
+PublishPort=127.0.0.1:41807:3000
+PublishPort=10429:22
+Timezone=local
+Volume=/var/containers/forgejo/data:/data:Z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/forgejo/forgejo.network b/beeper/etc/containers/systemd/forgejo/forgejo.network
new file mode 100644
index 0000000..70cde7b
--- /dev/null
+++ b/beeper/etc/containers/systemd/forgejo/forgejo.network
@@ -0,0 +1,2 @@
+[Network]
+IPv6=true
diff --git a/beeper/etc/containers/systemd/freshrss/freshrss.container b/beeper/etc/containers/systemd/freshrss/freshrss.container
new file mode 100644
index 0000000..c07efdf
--- /dev/null
+++ b/beeper/etc/containers/systemd/freshrss/freshrss.container
@@ -0,0 +1,21 @@
+[Unit]
+Description=FreshRSS
+Requires=postgresql.service
+After=postgresql.service
+
+[Container]
+Image=docker.io/freshrss/freshrss:latest
+ContainerName=freshrss
+EnvironmentFile=/etc/containers/systemd/freshrss/.env.secrets
+Network=freshrss.network
+Network=postgresql.network
+PublishPort=127.0.0.1:27819:80
+Volume=/var/containers/freshrss/data:/var/www/FreshRSS/data:Z
+Volume=/var/containers/freshrss/extensions:/var/www/FreshRSS/extensions:Z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/freshrss/freshrss.network b/beeper/etc/containers/systemd/freshrss/freshrss.network
new file mode 100644
index 0000000..70cde7b
--- /dev/null
+++ b/beeper/etc/containers/systemd/freshrss/freshrss.network
@@ -0,0 +1,2 @@
+[Network]
+IPv6=true
diff --git a/beeper/etc/containers/systemd/i2pd/i2pd.container b/beeper/etc/containers/systemd/i2pd/i2pd.container
new file mode 100644
index 0000000..8194f82
--- /dev/null
+++ b/beeper/etc/containers/systemd/i2pd/i2pd.container
@@ -0,0 +1,16 @@
+[Unit]
+Description=I2PD Daemon
+
+[Container]
+Image=ghcr.io/purplei2p/i2pd:latest
+ContainerName=i2pd
+AutoUpdate=registry
+Network=host
+Volume=/var/containers/i2pd/data:/home/i2pd/data:Z,U
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container
index 13199d1..c501457 100644
--- a/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container
+++ b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.container
@@ -7,6 +7,7 @@ After=postgresql.service
 Image=iceshrimp.dev/iceshrimp/iceshrimp.net:dev
 ContainerName=iceshrimp
 Environment=ICESHRIMP_CONFIG_OVERRIDES=/app/config/configuration.ini
+Network=iceshrimp.network
 Network=postgresql.network
 PublishPort=127.0.0.1:24042:24042
 Volume=/var/containers/iceshrimp/data/media:/data/media:Z
diff --git a/beeper/etc/containers/systemd/iceshrimp/iceshrimp.network b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.network
new file mode 100644
index 0000000..70cde7b
--- /dev/null
+++ b/beeper/etc/containers/systemd/iceshrimp/iceshrimp.network
@@ -0,0 +1,2 @@
+[Network]
+IPv6=true
diff --git a/beeper/etc/containers/systemd/knot/knot.container b/beeper/etc/containers/systemd/knot/knot.container
new file mode 100644
index 0000000..9965224
--- /dev/null
+++ b/beeper/etc/containers/systemd/knot/knot.container
@@ -0,0 +1,19 @@
+[Unit]
+Description=Tangled Knot Server
+
+[Container]
+Image=ghcr.io/zenfyrdev/knot:latest
+ContainerName=knot
+EnvironmentFile=/etc/containers/systemd/knot/.env
+PublishPort=127.0.0.1:44131:5555
+PublishPort=20564:22
+Volume=/var/containers/knot/keys:/etc/ssh/keys:Z
+Volume=/var/containers/knot/repositories:/home/git/repositories:Z
+Volume=/var/containers/knot/data:/app:Z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/mailserver/mailserver.container b/beeper/etc/containers/systemd/mailserver/mailserver.container
new file mode 100644
index 0000000..486d8c0
--- /dev/null
+++ b/beeper/etc/containers/systemd/mailserver/mailserver.container
@@ -0,0 +1,32 @@
+[Unit]
+Description=mailserver
+
+[Container]
+Image=ghcr.io/docker-mailserver/docker-mailserver:edge
+ContainerName=mailserver
+EnvironmentFile=/etc/containers/systemd/mailserver/.env.secrets
+EnvironmentFile=/etc/containers/systemd/mailserver/.env
+AddCapability=NET_ADMIN
+HealthCmd=ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1
+HealthInterval=10s
+HealthTimeout=3s
+HealthRetries=0
+HostName=mx1.synth.download
+PublishPort=25:25
+PublishPort=143:143
+PublishPort=587:587
+PublishPort=993:993
+Timezone=local
+Volume=/var/containers/mailserver/data:/var/mail:Z
+Volume=/var/containers/mailserver/state:/var/mail-state:Z
+Volume=/var/containers/mailserver/logs:/var/log/mail:Z
+Volume=/var/containers/mailserver/config:/tmp/docker-mailserver:Z
+Volume=/etc/certs/wildcard_.synth.download.crt:/etc/letsencrypt/live/synth.download/fullchain.pem:ro,z
+Volume=/etc/certs/wildcard_.synth.download.key:/etc/letsencrypt/live/synth.download/privkey.pem:ro,z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container b/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container
index 704e83d..e5092be 100644
--- a/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container
+++ b/beeper/etc/containers/systemd/mastodon/mastodon-darkhttpd.container
@@ -1,10 +1,8 @@
 [Unit]
 Description=Mastodon DarkHTTPD Static Server
-After=network-online.target
-Wants=network-online.target
 
 [Container]
-Image=registry.hub.docker.com/p3terx/darkhttpd
+Image=docker.io/p3terx/darkhttpd
 ContainerName=mastodon-darkhttpd
 Exec=/mastodon/public/system
 PublishPort=127.0.0.1:42261:80
diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-dfdb.container b/beeper/etc/containers/systemd/mastodon/mastodon-dfdb.container
index d6dde0a..c42aba7 100644
--- a/beeper/etc/containers/systemd/mastodon/mastodon-dfdb.container
+++ b/beeper/etc/containers/systemd/mastodon/mastodon-dfdb.container
@@ -14,7 +14,7 @@ HealthCmd=redis-cli ping
 HealthInterval=5s
 HealthRetries=20
 Network=mastodon.network
-Volume=/var/containers/mastodon/dragonfly:/data:z
+Volume=/var/containers/mastodon/dragonfly:/data:Z
 
 [Service]
 Restart=always
diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-ingress.container b/beeper/etc/containers/systemd/mastodon/mastodon-ingress.container
index ff84931..d0b81e5 100644
--- a/beeper/etc/containers/systemd/mastodon/mastodon-ingress.container
+++ b/beeper/etc/containers/systemd/mastodon/mastodon-ingress.container
@@ -6,8 +6,8 @@ After=postgresql.service mastodon-dfdb.service
 [Container]
 Image=ghcr.io/synth-download/mastodon-ingress:nightly
 ContainerName=mastodon-ingress
-EnvironmentFile=/var/containers/mastodon/.env.secrets
-EnvironmentFile=/var/containers/mastodon/.env
+EnvironmentFile=/etc/containers/systemd/mastodon/.env.secrets
+EnvironmentFile=/etc/containers/systemd/mastodon/.env
 Network=mastodon.network
 Network=postgresql.network
 
diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-sidekiq.container b/beeper/etc/containers/systemd/mastodon/mastodon-sidekiq.container
index cf3efb2..09fcb4f 100644
--- a/beeper/etc/containers/systemd/mastodon/mastodon-sidekiq.container
+++ b/beeper/etc/containers/systemd/mastodon/mastodon-sidekiq.container
@@ -6,8 +6,8 @@ After=postgresql.service mastodon-dfdb.service
 [Container]
 Image=ghcr.io/synth-download/mastodon:nightly
 ContainerName=mastodon-sidekiq
-EnvironmentFile=/var/containers/mastodon/.env.secrets
-EnvironmentFile=/var/containers/mastodon/.env
+EnvironmentFile=/etc/containers/systemd/mastodon/.env.secrets
+EnvironmentFile=/etc/containers/systemd/mastodon/.env
 Exec=bundle exec sidekiq
 HealthCmd=ps aux | grep '[s]idekiq 7' || false
 Network=mastodon.network
diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-streaming.container b/beeper/etc/containers/systemd/mastodon/mastodon-streaming.container
index a7be589..50a9b95 100644
--- a/beeper/etc/containers/systemd/mastodon/mastodon-streaming.container
+++ b/beeper/etc/containers/systemd/mastodon/mastodon-streaming.container
@@ -6,8 +6,8 @@ After=postgresql.service mastodon-dfdb.service
 [Container]
 Image=ghcr.io/synth-download/mastodon-streaming:nightly
 ContainerName=mastodon-streaming
-EnvironmentFile=/var/containers/mastodon/.env.secrets
-EnvironmentFile=/var/containers/mastodon/.env
+EnvironmentFile=/etc/containers/systemd/mastodon/.env.secrets
+EnvironmentFile=/etc/containers/systemd/mastodon/.env
 Exec=node ./streaming/index.js
 HealthCmd=curl -s --noproxy localhost localhost:4000/api/v1/streaming/health | grep -q 'OK' || exit 1
 Network=mastodon.network
diff --git a/beeper/etc/containers/systemd/mastodon/mastodon-web.container b/beeper/etc/containers/systemd/mastodon/mastodon-web.container
index 7a48881..a77598b 100644
--- a/beeper/etc/containers/systemd/mastodon/mastodon-web.container
+++ b/beeper/etc/containers/systemd/mastodon/mastodon-web.container
@@ -6,8 +6,8 @@ After=postgresql.service mastodon-dfdb.service
 [Container]
 Image=ghcr.io/synth-download/mastodon:nightly
 ContainerName=mastodon-web
-EnvironmentFile=/var/containers/mastodon/.env.secrets
-EnvironmentFile=/var/containers/mastodon/.env
+EnvironmentFile=/etc/containers/systemd/mastodon/.env.secrets
+EnvironmentFile=/etc/containers/systemd/mastodon/.env
 Exec=bundle exec puma -C config/puma.rb
 HealthCmd=curl -s --noproxy localhost localhost:3000/health | grep -q 'OK' || exit 1
 Network=mastodon.network
diff --git a/beeper/etc/containers/systemd/mastodon/mastodon.network b/beeper/etc/containers/systemd/mastodon/mastodon.network
index b245ebd..70cde7b 100644
--- a/beeper/etc/containers/systemd/mastodon/mastodon.network
+++ b/beeper/etc/containers/systemd/mastodon/mastodon.network
@@ -1,3 +1,2 @@
 [Network]
-NetworkName=mastodon
 IPv6=true
diff --git a/beeper/etc/containers/systemd/mollysocket/mollysocket.container b/beeper/etc/containers/systemd/mollysocket/mollysocket.container
new file mode 100644
index 0000000..9f08929
--- /dev/null
+++ b/beeper/etc/containers/systemd/mollysocket/mollysocket.container
@@ -0,0 +1,20 @@
+[Unit]
+Description=MollySocket
+
+[Container]
+Image=ghcr.io/mollyim/mollysocket:1.6-alpine
+ContainerName=mollysocket
+AutoUpdate=registry
+EnvironmentFile=/etc/containers/systemd/mollysocket/.env.secrets
+EnvironmentFile=/etc/containers/systemd/mollysocket/.env
+Exec=server
+PublishPort=127.0.0.1:19236:19236
+Volume=/var/containers/mollysocket/data:/data:Z
+WorkingDir=/data
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/pds/pds.container b/beeper/etc/containers/systemd/pds/pds.container
new file mode 100644
index 0000000..0bada32
--- /dev/null
+++ b/beeper/etc/containers/systemd/pds/pds.container
@@ -0,0 +1,17 @@
+[Unit]
+Description=ATProto Personal Data Server
+
+[Container]
+Image=ghcr.io/bluesky-social/pds:latest
+ContainerName=pds
+EnvironmentFile=/etc/containers/systemd/pds/.env.secrets
+EnvironmentFile=/etc/containers/systemd/pds/.env
+PublishPort=127.0.0.1:24318:3000
+Volume=/var/containers/pds/data:/pds:Z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/postgresql/postgresql.container b/beeper/etc/containers/systemd/postgresql/postgresql.container
index 066c8f7..c255a54 100644
--- a/beeper/etc/containers/systemd/postgresql/postgresql.container
+++ b/beeper/etc/containers/systemd/postgresql/postgresql.container
@@ -2,16 +2,16 @@
 Description=PostgreSQL Database
 
 [Container]
-Image=registry.hub.docker.com/groonga/pgroonga:latest-alpine-18
+Image=docker.io/groonga/pgroonga:latest-alpine-18
 ContainerName=postgresql
-EnvironmentFile=/var/containers/postgresql/.env
+EnvironmentFile=/etc/containers/systemd/postgresql/.env
 Network=postgresql.network
 HealthCmd=pg_isready -U postgres -d postgres
 HealthInterval=40s
 HealthTimeout=3s
 HealthRetries=20
 UserNS=keep-id:uid=999,gid=999
-Volume=/var/containers/postgresql/db:/var/lib/postgresql/data:Z
+Volume=/var/containers/postgresql/data:/var/lib/postgresql/data:Z
 Volume=/var/containers/postgresql/exp:/mnt/exp:Z
 
 [Service]
diff --git a/beeper/etc/containers/systemd/postgresql/postgresql.network b/beeper/etc/containers/systemd/postgresql/postgresql.network
index e4d4ea8..62fd4f6 100644
--- a/beeper/etc/containers/systemd/postgresql/postgresql.network
+++ b/beeper/etc/containers/systemd/postgresql/postgresql.network
@@ -1,2 +1,4 @@
 [Network]
-NetworkName=postgresql
\ No newline at end of file
+NetworkName=postgresql
+IPv6=true
+Internal=true
diff --git a/beeper/etc/containers/systemd/redlib/redlib.container b/beeper/etc/containers/systemd/redlib/redlib.container
new file mode 100644
index 0000000..74e37c0
--- /dev/null
+++ b/beeper/etc/containers/systemd/redlib/redlib.container
@@ -0,0 +1,19 @@
+[Unit]
+Description=Redlib
+
+[Container]
+Image=quay.io/redlib/redlib:latest
+ContainerName=redlib
+AutoUpdate=registry
+EnvironmentFile=/etc/containers/systemd/redlib/.env
+HealthCmd=wget --spider -q --tries=1 http://localhost:8080/settings
+HealthInterval=5m
+HealthTimeout=3s
+PublishPort=127.0.0.1:51617:8080
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container b/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container
new file mode 100644
index 0000000..c9914d5
--- /dev/null
+++ b/beeper/etc/containers/systemd/safetwitch/safetwitch-backend.container
@@ -0,0 +1,17 @@
+[Unit]
+Description=SafeTwitch Backend
+
+[Container]
+Image=codeberg.org/safetwitch/safetwitch-backend:latest
+ContainerName=safetwitch-backend
+AutoUpdate=registry
+Environment=PORT=7000
+Environment=URL=https://b.twitch.synth.download
+PublishPort=127.0.0.1:43072:7000
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container b/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container
new file mode 100644
index 0000000..122a1ab
--- /dev/null
+++ b/beeper/etc/containers/systemd/safetwitch/safetwitch-frontend.container
@@ -0,0 +1,22 @@
+[Unit]
+Description=SafeTwitch Frontend
+After=safetwitch-backend.service
+Requires=safetwitch-backend.service
+
+[Container]
+Image=codeberg.org/safetwitch/safetwitch:latest
+ContainerName=safetwitch-frontend
+AutoUpdate=registry
+Environment=SAFETWITCH_BACKEND_DOMAIN=b.twitch.synth.download
+Environment=SAFETWITCH_INSTANCE_DOMAIN=twitch.synth.download
+Environment=SAFETWITCH_HTTPS=true
+Environment=SAFETWITCH_DEFAULT_LOCALE=en
+Environment=SAFETWITCH_FALLBACK_LOCALE=en
+PublishPort=127.0.0.1:24682:8280
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/searxng/searxng-dfdb.container b/beeper/etc/containers/systemd/searxng/searxng-dfdb.container
new file mode 100644
index 0000000..3680359
--- /dev/null
+++ b/beeper/etc/containers/systemd/searxng/searxng-dfdb.container
@@ -0,0 +1,24 @@
+[Unit]
+Description=SearXNG Dragonfly DB
+
+[Container]
+Image=docker.dragonflydb.io/dragonflydb/dragonfly
+ContainerName=searxng-dfdb
+Environment=DFLY_snapshot_cron="* * * * *"
+Environment=DFLY_version_check=false
+Environment=DFLY_default_lua_flags=allow-undeclared-keys
+Environment=DFLY_dbfilename=dump.rdb
+Environment=DFLY_df_snapshot_format=false
+Environment=DFLY_dir=/data
+HealthCmd=redis-cli ping
+HealthInterval=5s
+HealthRetries=20
+Network=searxng.network
+Volume=/var/containers/searxng/dragonfly:/data:Z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/searxng/searxng.container b/beeper/etc/containers/systemd/searxng/searxng.container
new file mode 100644
index 0000000..2f7395a
--- /dev/null
+++ b/beeper/etc/containers/systemd/searxng/searxng.container
@@ -0,0 +1,20 @@
+[Unit]
+Description=SearXNG
+After=searxng-dfdb.service
+Requires=searxng-dfdb.service
+
+[Container]
+Image=docker.io/searxng/searxng:latest
+ContainerName=searxng
+AutoUpdate=registry
+PublishPort=127.0.0.1:48898:8080
+Network=searxng.network
+Volume=/var/containers/searxng/config:/etc/searxng:ro,Z
+Volume=/var/containers/searxng/cache:/var/cache/searxng
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/searxng/searxng.network b/beeper/etc/containers/systemd/searxng/searxng.network
new file mode 100644
index 0000000..70cde7b
--- /dev/null
+++ b/beeper/etc/containers/systemd/searxng/searxng.network
@@ -0,0 +1,2 @@
+[Network]
+IPv6=true
diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-activity.container b/beeper/etc/containers/systemd/sharkey/sharkey-activity.container
index c9aba25..54e8fe9 100644
--- a/beeper/etc/containers/systemd/sharkey/sharkey-activity.container
+++ b/beeper/etc/containers/systemd/sharkey/sharkey-activity.container
@@ -1,8 +1,7 @@
 [Unit]
 Description=Sharkey's ActivityPub Federation service
-After=postgresql.service sharkey-dfdb.service network-online.target
+After=postgresql.service sharkey-dfdb.service
 Requires=postgresql.service sharkey-dfdb.service
-Wants=network-online.target
 
 [Container]
 ContainerName=sharkey-activity
@@ -12,9 +11,9 @@ Environment=MISSKEY_CONFIG_DIR=/sharkey/.config
 Environment=MK_ONLY_SERVER=1
 Environment=MK_DISABLE_CLUSTERING=1
 Environment=MK_NO_DAEMONS=1
-EnvironmentFile=/var/containers/sharkey/.env.secrets
-Network=postgresql.network
+EnvironmentFile=/etc/containers/systemd/sharkey/.env.secrets
 Network=sharkey.network
+Network=postgresql.network
 PublishPort=127.0.0.1:47815:3002
 Volume=/var/containers/sharkey/files:/sharkey/files:z
 Volume=/var/containers/sharkey/activity:/sharkey/.config:z
diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-api.container b/beeper/etc/containers/systemd/sharkey/sharkey-api.container
index a161876..ec3c4bd 100644
--- a/beeper/etc/containers/systemd/sharkey/sharkey-api.container
+++ b/beeper/etc/containers/systemd/sharkey/sharkey-api.container
@@ -1,8 +1,7 @@
 [Unit]
 Description=Sharkey's API and Web service
-After=postgresql.service sharkey-dfdb.service network-online.target
+After=postgresql.service sharkey-dfdb.service
 Requires=postgresql.service sharkey-dfdb.service
-Wants=network-online.target
 
 [Container]
 ContainerName=sharkey-api
@@ -11,9 +10,9 @@ Environment=MISSKEY_CONFIG_YML=*.yml
 Environment=MISSKEY_CONFIG_DIR=/sharkey/.config
 Environment=MK_ONLY_SERVER=1
 Environment=MK_DISABLE_CLUSTERING=1
-EnvironmentFile=/var/containers/sharkey/.env.secrets
-Network=postgresql.network
+EnvironmentFile=/etc/containers/systemd/sharkey/.env.secrets
 Network=sharkey.network
+Network=postgresql.network
 PublishPort=127.0.0.1:60628:3001
 Volume=/var/containers/sharkey/files:/sharkey/files:z
 Volume=/var/containers/sharkey/api:/sharkey/.config:z
diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-dfdb.container b/beeper/etc/containers/systemd/sharkey/sharkey-dfdb.container
index b58ef87..935e9dc 100644
--- a/beeper/etc/containers/systemd/sharkey/sharkey-dfdb.container
+++ b/beeper/etc/containers/systemd/sharkey/sharkey-dfdb.container
@@ -14,7 +14,7 @@ HealthCmd=redis-cli ping
 HealthInterval=5s
 HealthRetries=20
 Network=sharkey.network
-Volume=/var/containers/sharkey/dfdb:/data:z
+Volume=/var/containers/sharkey/dfdb:/data:Z
 
 [Service]
 Restart=always
diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-media.container b/beeper/etc/containers/systemd/sharkey/sharkey-media.container
index 40949f0..fac7232 100644
--- a/beeper/etc/containers/systemd/sharkey/sharkey-media.container
+++ b/beeper/etc/containers/systemd/sharkey/sharkey-media.container
@@ -1,8 +1,7 @@
 [Unit]
 Description=Sharkey's Media service
-After=postgresql.service sharkey-dfdb.service network-online.target
+After=postgresql.service sharkey-dfdb.service
 Requires=postgresql.service sharkey-dfdb.service
-Wants=network-online.target
 
 [Container]
 ContainerName=sharkey-media
@@ -12,9 +11,9 @@ Environment=MISSKEY_CONFIG_DIR=/sharkey/.config
 Environment=MK_ONLY_SERVER=1
 Environment=MK_DISABLE_CLUSTERING=1
 Environment=MK_NO_DAEMONS=1
-EnvironmentFile=/var/containers/sharkey/.env.secrets
-Network=postgresql.network
+EnvironmentFile=/etc/containers/systemd/sharkey/.env.secrets
 Network=sharkey.network
+Network=postgresql.network
 PublishPort=127.0.0.1:57378:3003
 Volume=/var/containers/sharkey/files:/sharkey/files:z
 Volume=/var/containers/sharkey/media:/sharkey/.config:z
@@ -25,4 +24,4 @@ Restart=always
 RestartSec=10s
 
 [Install]
-WantedBy=default.target
\ No newline at end of file
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/sharkey/sharkey-worker.container b/beeper/etc/containers/systemd/sharkey/sharkey-worker.container
index 83f908c..f9e90e6 100644
--- a/beeper/etc/containers/systemd/sharkey/sharkey-worker.container
+++ b/beeper/etc/containers/systemd/sharkey/sharkey-worker.container
@@ -1,8 +1,7 @@
 [Unit]
 Description=Sharkey's Worker service
-After=postgresql.service sharkey-dfdb.service network-online.target
+After=postgresql.service sharkey-dfdb.service
 Requires=postgresql.service sharkey-dfdb.service
-Wants=network-online.target
 
 [Container]
 ContainerName=sharkey-worker
@@ -10,9 +9,9 @@ Image=registry.activitypub.software/transfem-org/sharkey:develop
 Environment=MISSKEY_CONFIG_YML=*.yml
 Environment=MISSKEY_CONFIG_DIR=/sharkey/.config
 Environment=MK_ONLY_QUEUE=1
-EnvironmentFile=/var/containers/sharkey/.env.secrets
-Network=postgresql.network
+EnvironmentFile=/etc/containers/systemd/sharkey/.env.secrets
 Network=sharkey.network
+Network=postgresql.network
 Volume=/var/containers/sharkey/files:/sharkey/files:z
 Volume=/var/containers/sharkey/worker:/sharkey/.config:z
 Volume=/var/containers/sharkey/default.yml:/sharkey/.config/default.yml:ro,z
diff --git a/beeper/etc/containers/systemd/sharkey/sharkey.network b/beeper/etc/containers/systemd/sharkey/sharkey.network
index e8b6107..70cde7b 100644
--- a/beeper/etc/containers/systemd/sharkey/sharkey.network
+++ b/beeper/etc/containers/systemd/sharkey/sharkey.network
@@ -1,3 +1,2 @@
 [Network]
-NetworkName=sharkey
 IPv6=true
diff --git a/beeper/etc/containers/systemd/spindle/spindle.container b/beeper/etc/containers/systemd/spindle/spindle.container
new file mode 100644
index 0000000..28fb601
--- /dev/null
+++ b/beeper/etc/containers/systemd/spindle/spindle.container
@@ -0,0 +1,18 @@
+[Unit]
+Description=Tangled Spindle Server
+
+[Container]
+Image=ghcr.io/zenfyrdev/spindle:latest
+ContainerName=spindle
+EnvironmentFile=/etc/containers/systemd/spindle/.env
+PublishPort=127.0.0.1:40653:6555
+Volume=/var/containers/spindle/logs:/var/log/spindle:Z
+Volume=/var/containers/spindle/data:/app:Z
+Volume=/var/run/dind/docker.sock:/var/run/docker.sock:z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/tor/tor.container b/beeper/etc/containers/systemd/tor/tor.container
new file mode 100644
index 0000000..beb09cf
--- /dev/null
+++ b/beeper/etc/containers/systemd/tor/tor.container
@@ -0,0 +1,17 @@
+[Unit]
+Description=Tor Daemon
+
+[Container]
+Image=docker.io/dockurr/tor
+ContainerName=tor
+AutoUpdate=registry
+Network=host
+Volume=/var/containers/tor/config:/etc/tor:ro,Z
+Volume=/var/containers/tor/data:/var/lib/tor:Z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container b/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container
new file mode 100644
index 0000000..3e79931
--- /dev/null
+++ b/beeper/etc/containers/systemd/vaultwarden/vaultwarden.container
@@ -0,0 +1,16 @@
+[Unit]
+Description=Vaultwarden
+
+[Container]
+Image=vaultwarden/server:latest
+ContainerName=vaultwarden
+EnvironmentFile=/etc/containers/systemd/vaultwarden/.env
+PublishPort=127.0.0.1:60838:80
+Volume=/var/containers/vaultwarden/data:/data:Z
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container b/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container
index 3e94994..465ba79 100644
--- a/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container
+++ b/beeper/etc/containers/systemd/xpost/xpost-zenfyr.container
@@ -3,7 +3,7 @@ Description=zenfyr's XPost
 
 [Container]
 Image=ghcr.io/zenfyrdev/xpost:latest
-EnvironmentFile=/var/containers/zenfyr-xpost/.env
+EnvironmentFile=/etc/containers/systemd/xpost/zenfyr.env
 Volume=/var/containers/zenfyr-xpost/data:/app/data:Z,U
 
 [Service]
diff --git a/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container b/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container
index 5dab345..43255ce 100644
--- a/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container
+++ b/beeper/etc/containers/systemd/yggdrasil/yggdrasil.container
@@ -1,7 +1,5 @@
 [Unit]
 Description=Yggdrasil Network Stack Daemon
-After=network-online.target
-Wants=network-online.target
 
 [Container]
 Image=ghcr.io/yggdrasil-network/yggstack:trunk
@@ -9,7 +7,7 @@ ContainerName=yggdrasil
 AutoUpdate=registry
 Exec=-useconffile /etc/yggdrasil/yggdrasil.conf -remote-tcp 22:22 -remote-tcp 80:80 -remote-udp 80:80
 Network=host
-Volume=/var/containers/yggdrasil:/etc/yggdrasil:ro,Z
+Volume=/var/containers/yggdrasil/config:/etc/yggdrasil:ro,Z
 
 [Service]
 Restart=always
diff --git a/beeper/etc/containers/systemd/zitadel/zitadel.container b/beeper/etc/containers/systemd/zitadel/zitadel.container
new file mode 100644
index 0000000..a3c8073
--- /dev/null
+++ b/beeper/etc/containers/systemd/zitadel/zitadel.container
@@ -0,0 +1,20 @@
+[Unit]
+Description=Zitadel
+Requires=postgresql.service
+After=postgresql.service
+
+[Container]
+Image=ghcr.io/zitadel/zitadel:latest
+ContainerName=zitadel
+EnvironmentFile=/etc/containers/systemd/zitadel/.env
+Network=zitadel.network
+Network=postgresql.network
+PublishPort=127.0.0.1:19241:8080
+Exec=start-from-init --masterkeyFromEnv --tlsMode external
+
+[Service]
+Restart=always
+RestartSec=10s
+
+[Install]
+WantedBy=default.target
diff --git a/beeper/etc/containers/systemd/zitadel/zitadel.network b/beeper/etc/containers/systemd/zitadel/zitadel.network
new file mode 100644
index 0000000..70cde7b
--- /dev/null
+++ b/beeper/etc/containers/systemd/zitadel/zitadel.network
@@ -0,0 +1,2 @@
+[Network]
+IPv6=true
diff --git a/beeper/etc/sysctl.d/99-vm-zram-parameters.conf b/beeper/etc/sysctl.d/99-vm-zram-parameters.conf
new file mode 100644
index 0000000..0c63445
--- /dev/null
+++ b/beeper/etc/sysctl.d/99-vm-zram-parameters.conf
@@ -0,0 +1,4 @@
+vm.swappiness = 180
+vm.watermark_boost_factor = 0
+vm.watermark_scale_factor = 125
+vm.page-cluster = 0
\ No newline at end of file
diff --git a/beeper/etc/systemd/resolved.conf b/beeper/etc/systemd/resolved.conf
new file mode 100644
index 0000000..a18fcc0
--- /dev/null
+++ b/beeper/etc/systemd/resolved.conf
@@ -0,0 +1,5 @@
+[Resolve]
+DNS=5.78.43.29#dns.vixen.computer 2a01:4ff:1f0:cebe::1#dns.vixen.computer
+FallbackDNS=1.1.1.1#one.one.one.one 2606:4700:4700::1111#one.one.one.one
+DNSOverTLS=yes
+DNSSEC=allow-downgrade
diff --git a/beeper/etc/systemd/system/mastodon-maintenance.service b/beeper/etc/systemd/system/mastodon-maintenance.service
new file mode 100644
index 0000000..092cfa5
--- /dev/null
+++ b/beeper/etc/systemd/system/mastodon-maintenance.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Mastodon Maintenance Service
+Requires=mastodon-web.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=no
+ExecStart=/usr/bin/podman exec mastodon-web tootctl statuses remove --days 90
+#ExecStart=/usr/bin/podman exec mastodon-web tootctl accounts cull
diff --git a/beeper/etc/systemd/system/mastodon-maintenance.timer b/beeper/etc/systemd/system/mastodon-maintenance.timer
new file mode 100644
index 0000000..2626c3f
--- /dev/null
+++ b/beeper/etc/systemd/system/mastodon-maintenance.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=Mastodon monthly maintenance
+
+[Timer]
+OnCalendar=monthly
+Persistent=true
+
+[Install]
+WantedBy=timers.target
diff --git a/beeper/etc/systemd/zram-generator.conf b/beeper/etc/systemd/zram-generator.conf
new file mode 100644
index 0000000..d5d553f
--- /dev/null
+++ b/beeper/etc/systemd/zram-generator.conf
@@ -0,0 +1,3 @@
+[zram0]
+zram-size = ram
+compression-algorithm = zstd(level=3)
diff --git a/beeper/var/containers/ask-js/.gitkeep b/beeper/var/containers/ask-js/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/beeper/var/containers/copyparty/.gitkeep b/beeper/var/containers/copyparty/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/beeper/var/containers/forgejo/.gitkeep b/beeper/var/containers/forgejo/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/beeper/var/containers/i2pd/.gitkeep b/beeper/var/containers/i2pd/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/beeper/var/containers/knot/.gitkeep b/beeper/var/containers/knot/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/beeper/var/containers/mollysocket/.gitkeep b/beeper/var/containers/mollysocket/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/beeper/var/containers/pds/.gitkeep b/beeper/var/containers/pds/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/beeper/var/containers/redlib/.gitkeep b/beeper/var/containers/redlib/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/beeper/var/containers/searxng/.gitkeep b/beeper/var/containers/searxng/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/beeper/var/containers/tor/.gitkeep b/beeper/var/containers/tor/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/beeper/var/containers/vaultwarden/.gitkeep b/beeper/var/containers/vaultwarden/.gitkeep
new file mode 100644
index 0000000..e69de29