diff --git a/.dockerignore b/.dockerignore
old mode 100755
new mode 100644
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..0bc042d
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,30 @@
+---
+version: 2
+updates:
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      time: "09:00"
+      timezone: "Europe/Berlin"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      time: "09:00"
+      timezone: "Europe/Berlin"
+
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      time: "09:00"
+      timezone: "Europe/Berlin"
+
+  - package-ecosystem: "pip"
+    directory: "/cvdupdate"
+    schedule:
+      interval: "weekly"
+      time: "09:00"
+      timezone: "Europe/Berlin"
diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml
new file mode 100644
index 0000000..1270a61
--- /dev/null
+++ b/.github/release-drafter.yml
@@ -0,0 +1,37 @@
+name-template: '$RESOLVED_VERSION'
+tag-template: '$RESOLVED_VERSION'
+categories:
+  - title: '๐Ÿš€ Features'
+    labels:
+      - 'feature'
+      - 'enhancement'
+  - title: '๐Ÿ› Bug Fixes'
+    labels:
+      - 'fix'
+      - 'bugfix'
+      - 'bug'
+  - title: '๐Ÿงน Maintenance'
+    labels:
+      - 'chore'
+      - 'dependencies'
+version-resolver:
+  major:
+    labels:
+      - 'feature'
+  minor:
+    labels:
+      - 'enhancement'
+  patch:
+    labels:
+      - 'fix'
+      - 'bugfix'
+      - 'bug'
+      - 'chore'
+      - 'dependencies'
+  default: patch
+template: |
+  ## Changes
+
+  $CHANGES
+
+  **Full Changelog**: https://github.com/$OWNER/$REPOSITORY/compare/$PREVIOUS_TAG...$RESOLVED_VERSION
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
new file mode 100644
index 0000000..e892486
--- /dev/null
+++ b/.github/workflows/ci.yaml
@@ -0,0 +1,42 @@
+name: ci
+
+on: 
+  pull_request:
+
+jobs:
+  docker-build:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Docker metadata action
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images:
+            cvdupdate-local
+          tags: |
+            type=raw,latest
+
+      - name: Build Dockerimage
+        id: docker_build
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          file: ./Dockerfile
+          labels: ${{ steps.meta.outputs.labels }}
+          outputs: type=docker,dest=/tmp/cvdupdate-local.tar
+          platforms: linux/amd64
+          push: false
+          tags: ${{ steps.meta.outputs.tags }}
+
+      - name: Run Dockerimage
+        run: |
+          docker load --input /tmp/cvdupdate-local.tar
+          docker run -d --net=host cvdupdate-local serve
+          sleep 30
+          curl --fail --silent --output /dev/null http://localhost:8000/main.cvd
diff --git a/.github/workflows/docker-release.yaml b/.github/workflows/docker-release.yaml
new file mode 100644
index 0000000..3bc7360
--- /dev/null
+++ b/.github/workflows/docker-release.yaml
@@ -0,0 +1,57 @@
+name: docker-release
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - '*'
+  schedule:
+    - cron:  '0 0 * * *'
+
+jobs:
+  docker-build-push:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+
+      - name: Docker metadata action
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ghcr.io/${{ github.repository_owner }}/cvdupdate
+          tags: |
+            type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
+            type=raw,value={{date 'YYYYMMDD-HHmmss' tz='Europe/Berlin'}},enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
+            type=ref,event=tag
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+ 
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          file: ./Dockerfile
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+
+      - name: Image digest
+        run: echo ${{ steps.docker_build.outputs.digest }}
diff --git a/.github/workflows/pypi.yaml b/.github/workflows/pypi.yaml
index b9854dd..ad09fd9 100644
--- a/.github/workflows/pypi.yaml
+++ b/.github/workflows/pypi.yaml
@@ -11,7 +11,7 @@ jobs:
     - uses: actions/checkout@master
 
     - name: Set up Python 3.7
-      uses: actions/setup-python@v1
+      uses: actions/setup-python@v4
       with:
         python-version: 3.7
 
diff --git a/.github/workflows/release-drafter.yaml b/.github/workflows/release-drafter.yaml
new file mode 100644
index 0000000..267d6f0
--- /dev/null
+++ b/.github/workflows/release-drafter.yaml
@@ -0,0 +1,22 @@
+name: Release Drafter
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    types: [opened, reopened, synchronize]
+
+permissions:
+  contents: read
+
+jobs:
+  update_release_draft:
+    permissions:
+      contents: write
+      pull-requests: write
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: release-drafter/release-drafter@v5
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.gitignore b/.gitignore
old mode 100755
new mode 100644
diff --git a/Dockerfile b/Dockerfile
index 07937c6..8aa6cb1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,24 @@
-FROM python:3-slim
-RUN apt-get -y update \
-    && apt-get -y --no-install-recommends install cron gosu \
-    && rm -rf /var/lib/apt/lists/*
-COPY . /dist
-RUN pip install --no-cache-dir /dist
-ENTRYPOINT [ "/dist/scripts/docker-entrypoint.sh" ]
\ No newline at end of file
+FROM python:3.12.0b1-slim
+
+WORKDIR /cvdupdate
+
+RUN apt-get -y update && \
+    apt-get -y --no-install-recommends install cron sudo && \
+    apt-get -y clean && \
+    rm -rf /var/lib/apt/lists/* && \
+    useradd --no-create-home --home-dir /cvdupdate --uid 1000 cvdupdate && \
+    echo '30 */4 * * * /usr/local/bin/cvdupdate update > /proc/1/fd/1 2>&1' >> /etc/cron.d/cvdupdate && \
+    echo '@reboot /usr/local/bin/cvdupdate update >/proc/1/fd/1 2>/proc/1/fd/2' >> /etc/cron.d/cvdupdate && \
+    crontab -u cvdupdate /etc/cron.d/cvdupdate && \
+    echo "cvdupdate\tALL=(ALL:ALL) NOPASSWD: /usr/sbin/cron" >> /etc/sudoers
+
+COPY . .
+
+RUN pip install --no-cache-dir . && \
+    chown cvdupdate:cvdupdate -R /cvdupdate
+
+USER cvdupdate:cvdupdate
+
+RUN cvd update
+
+ENTRYPOINT [ "./scripts/docker-entrypoint.sh" ]
diff --git a/README.md b/README.md
index b020bd5..bd7997b 100644
--- a/README.md
+++ b/README.md
@@ -295,34 +295,12 @@ Run image, that will automaticly update databases in folder `/srv/cvdupdate` and
 
 ```bash
 docker run -d \
-  -v /srv/cvdupdate:/cvdupdate/database \
-  -v /var/log/cvdupdate:/cvdupdate/logs \
+  -v /srv/cvdupdate:/cvdupdate/.cvdupdate/database \
+  -v /var/log/cvdupdate:/cvdupdate/.cvdupdate/logs \
   cvdupdate:latest
 ```
 
-Run image, that will automaticly update databases in folder `/srv/cvdupdate`, write logs to `/var/log/cvdupdate` and set owner of files to user with ID 1000
-
-```bash
-docker run -d \
-  -v /srv/cvdupdate:/cvdupdate/database \
-  -v /var/log/cvdupdate:/cvdupdate/logs \
-  -e USER_ID=1000 \
-  cvdupdate:latest
-```
-
-Default update interval is `30 */4 * * *` (see [Cron Example](#cron-example))
-
-You may pass custom update interval in environment variable `CRON`
-
-For example - update every day in 00:00
-
-```bash
-docker run -d \
-  -v /srv/cvdupdate:/cvdupdate/database \
-  -v /var/log/cvdupdate:/cvdupdate/logs \
-  -e CRON='0 0 * * *' \
-  cvdupdate:latest
-  ```
+Update interval is `30 */4 * * *` (see [Cron Example](#cron-example))
 
 ## Contribute
 
diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh
index 544224d..6a9b026 100755
--- a/scripts/docker-entrypoint.sh
+++ b/scripts/docker-entrypoint.sh
@@ -1,41 +1,18 @@
 #!/bin/bash
-USER_ID="${USER_ID:-0}"
+#
+# cvdupdate & cron entrypoint
+#
+
+set -e
+
 SCRIPT_PATH=$(readlink -f "$0")
-echo "ClamAV Private Database Mirror Updater Cron ${SCRIPT_PATH}"
-if [ "${USER_ID}" -ne "0" ]; then
-    echo "Creating user with ID ${USER_ID}"
-    useradd --create-home --home-dir /cvdupdate --uid "${USER_ID}" cvdupdate
-    chown -R "${USER_ID}" /cvdupdate
-    gosu cvdupdate cvdupdate config set --logdir /cvdupdate/logs
-    gosu cvdupdate cvdupdate config set --dbdir /cvdupdate/database
-else
-    mkdir -p /cvdupdate/{logs,database}
-    cvdupdate config set --logdir /cvdupdate/logs
-    cvdupdate config set --dbdir /cvdupdate/database
-fi
 
-if [ $# -eq 0 ]; then
-    set -e
+if [ $# -eq 0  ]; then
+    echo "ClamAV Private Database Mirror Updater Cron ${SCRIPT_PATH}"
 
-    echo "Adding crontab entry"
-    if [ "${USER_ID}" -ne "0" ]; then
-        crontab -l | {
-            cat
-            echo "${CRON:-"30 */4 * * *"} /usr/sbin/gosu cvdupdate /usr/local/bin/cvdupdate update >/proc/1/fd/1 2>/proc/1/fd/2"
-            echo "@reboot /usr/sbin/gosu cvdupdate /usr/local/bin/cvdupdate update >/proc/1/fd/1 2>/proc/1/fd/2"
-        } | crontab -
-    else
-        crontab -l | {
-            cat
-            echo "${CRON:-"30 */4 * * *"} /usr/local/bin/cvdupdate update >/proc/1/fd/1 2>/proc/1/fd/2"
-            echo "@reboot /usr/local/bin/cvdupdate update >/proc/1/fd/1 2>/proc/1/fd/2"
-        } | crontab -
-    fi
-    cron -f
+    sudo cron -f
 else
-    if [ "${USER_ID}" -ne "0" ]; then
-        exec gosu cvdupdate "$@"
-    else
-        exec "$@"
-    fi
+    echo "ClamAV Private Database Mirror Updater "$@" ${SCRIPT_PATH}"
+
+    cvdupdate "$@"
 fi