diff --git a/fstack/lib/checks.sh b/fstack/lib/checks.sh
index f27e3ab..dc19812 100644
--- a/fstack/lib/checks.sh
+++ b/fstack/lib/checks.sh
@@ -59,7 +59,8 @@ check_ports() {
   # Check if ss command exists
   if command -v ss &> /dev/null; then
     # Check every port we need if it's in use
-    for i in 25 53 80 143 389 587 993 8000; do
+#    for i in 25 53 80 143 389 587 993 8000; do
+    for i in 2344; do
       SS=`ss -tulwn | grep LISTEN | awk '{ print $5 }' | awk -F: '{ print $NF }' | grep "^$i$" | head -1`
       # If port 53 (dns) in use by system-resolvd (Ubuntu) then auto fix
       if [ "$SS" == 53 ]; then
diff --git a/fstack/lib/jitsi.sh b/fstack/lib/jitsi.sh
index bae3ba4..f2a2dac 100644
--- a/fstack/lib/jitsi.sh
+++ b/fstack/lib/jitsi.sh
@@ -25,8 +25,357 @@ config_jitsi() {
 tar zxvf fstack/files/jitsi/stable-* --strip-components 1 -C fstack/jitsi &> /dev/null
 [ $? -ne 0 ] && fail "Couldn't extract files/jitsi/stable* into fstack/jitsi"
 
-# Copy in our own docker-compose file
-cp fstack/files/jitsi/docker-compose.yml fstack/jitsi
+# Create docker compose file
+cat > fstack/jitsi/docker-compose.yml <<EOF
+version: '3.7'
+
+services:
+    # Frontend
+    web:
+        image: jitsi/web:${JITSI_IMAGE_VERSION:-stable-7882}
+        restart: ${RESTART_POLICY:-unless-stopped}
+        ports:
+          - '${HTTP_PORT}:80'
+          - '${HTTPS_PORT}:443'
+        volumes:
+            - ${CONFIG}/web:/config:Z
+            - ${CONFIG}/web/crontabs:/var/spool/cron/crontabs:Z
+            - ${CONFIG}/transcripts:/usr/share/jitsi-meet/transcripts:Z
+            - ./data/config/keys:/config/keys:Z
+        environment:
+            - VIRTUAL_PROTO=https
+            - VIRTUAL_PORT=443
+            - VIRTUAL_HOST=jitsi.$DOMAIN
+            - AMPLITUDE_ID
+            - ANALYTICS_SCRIPT_URLS
+            - ANALYTICS_WHITELISTED_EVENTS
+            - AUDIO_QUALITY_OPUS_BITRATE
+            - BRANDING_DATA_URL
+            - CALLSTATS_CUSTOM_SCRIPT_URL
+            - CALLSTATS_ID
+            - CALLSTATS_SECRET
+            - CHROME_EXTENSION_BANNER_JSON
+            - CONFCODE_URL
+            - CONFIG_EXTERNAL_CONNECT
+            - DEFAULT_LANGUAGE
+            - DEPLOYMENTINFO_ENVIRONMENT
+            - DEPLOYMENTINFO_ENVIRONMENT_TYPE
+            - DEPLOYMENTINFO_REGION
+            - DEPLOYMENTINFO_SHARD
+            - DEPLOYMENTINFO_USERREGION
+            - DESKTOP_SHARING_FRAMERATE_MIN
+            - DESKTOP_SHARING_FRAMERATE_MAX
+            - DIALIN_NUMBERS_URL
+            - DIALOUT_AUTH_URL
+            - DIALOUT_CODES_URL
+            - DISABLE_AUDIO_LEVELS
+            - DISABLE_DEEP_LINKING
+            - DISABLE_GRANT_MODERATOR
+            - DISABLE_HTTPS
+            - DISABLE_KICKOUT
+            - DISABLE_LOCAL_RECORDING
+            - DISABLE_POLLS
+            - DISABLE_PRIVATE_CHAT
+            - DISABLE_PROFILE
+            - DISABLE_REACTIONS
+            - DISABLE_REMOTE_VIDEO_MENU
+            - DROPBOX_APPKEY
+            - DROPBOX_REDIRECT_URI
+            - DYNAMIC_BRANDING_URL
+            - ENABLE_AUDIO_PROCESSING
+            - ENABLE_AUTH
+            - ENABLE_BREAKOUT_ROOMS
+            - ENABLE_CALENDAR
+            - ENABLE_COLIBRI_WEBSOCKET
+            - ENABLE_E2EPING
+            - ENABLE_FILE_RECORDING_SHARING
+            - ENABLE_GUESTS
+            - ENABLE_HSTS
+            - ENABLE_HTTP_REDIRECT
+            - ENABLE_IPV6
+            - ENABLE_LETSENCRYPT
+            - ENABLE_LIPSYNC
+            - ENABLE_NO_AUDIO_DETECTION
+            - ENABLE_NOISY_MIC_DETECTION
+            - ENABLE_OCTO
+            - ENABLE_OPUS_RED
+            - ENABLE_PREJOIN_PAGE
+            - ENABLE_P2P
+            - ENABLE_WELCOME_PAGE
+            - ENABLE_CLOSE_PAGE
+            - ENABLE_LIVESTREAMING
+            - ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT
+            - ENABLE_LOCAL_RECORDING_SELF_START
+            - ENABLE_RECORDING
+            - ENABLE_REMB
+            - ENABLE_REQUIRE_DISPLAY_NAME
+            - ENABLE_SERVICE_RECORDING
+            - ENABLE_SIMULCAST
+            - ENABLE_STATS_ID
+            - ENABLE_STEREO
+            - ENABLE_SUBDOMAINS
+            - ENABLE_TALK_WHILE_MUTED
+            - ENABLE_TCC
+            - ENABLE_TRANSCRIPTIONS
+            - ENABLE_XMPP_WEBSOCKET
+            - ENABLE_JAAS_COMPONENTS
+            - ENABLE_MULTI_STREAM
+            - ETHERPAD_PUBLIC_URL
+            - ETHERPAD_URL_BASE
+            - E2EPING_NUM_REQUESTS
+            - E2EPING_MAX_CONFERENCE_SIZE
+            - E2EPING_MAX_MESSAGE_PER_SECOND
+            - GOOGLE_ANALYTICS_ID
+            - GOOGLE_API_APP_CLIENT_ID
+            - HIDE_PREMEETING_BUTTONS
+            - HIDE_PREJOIN_DISPLAY_NAME
+            - HIDE_PREJOIN_EXTRA_BUTTONS
+            - INVITE_SERVICE_URL
+            - JICOFO_AUTH_USER
+            - LETSENCRYPT_DOMAIN
+            - LETSENCRYPT_EMAIL
+            - LETSENCRYPT_USE_STAGING
+            - MATOMO_ENDPOINT
+            - MATOMO_SITE_ID
+            - MICROSOFT_API_APP_CLIENT_ID
+            - NGINX_RESOLVER
+            - NGINX_WORKER_PROCESSES
+            - NGINX_WORKER_CONNECTIONS
+            - PEOPLE_SEARCH_URL
+            - PUBLIC_URL
+            - P2P_PREFERRED_CODEC
+            - RESOLUTION
+            - RESOLUTION_MIN
+            - RESOLUTION_WIDTH
+            - RESOLUTION_WIDTH_MIN
+            - START_AUDIO_MUTED
+            - START_AUDIO_ONLY
+            - START_BITRATE
+            - START_SILENT
+            - START_WITH_AUDIO_MUTED
+            - START_VIDEO_MUTED
+            - START_WITH_VIDEO_MUTED
+            - TESTING_CAP_SCREENSHARE_BITRATE
+            - TESTING_OCTO_PROBABILITY
+            - TOKEN_AUTH_URL
+            - TOOLBAR_BUTTONS
+            - TZ
+            - VIDEOQUALITY_BITRATE_H264_LOW
+            - VIDEOQUALITY_BITRATE_H264_STANDARD
+            - VIDEOQUALITY_BITRATE_H264_HIGH
+            - VIDEOQUALITY_BITRATE_VP8_LOW
+            - VIDEOQUALITY_BITRATE_VP8_STANDARD
+            - VIDEOQUALITY_BITRATE_VP8_HIGH
+            - VIDEOQUALITY_BITRATE_VP9_LOW
+            - VIDEOQUALITY_BITRATE_VP9_STANDARD
+            - VIDEOQUALITY_BITRATE_VP9_HIGH
+            - VIDEOQUALITY_ENFORCE_PREFERRED_CODEC
+            - VIDEOQUALITY_PREFERRED_CODEC
+            - XMPP_AUTH_DOMAIN
+            - XMPP_BOSH_URL_BASE
+            - XMPP_DOMAIN
+            - XMPP_GUEST_DOMAIN
+            - XMPP_MUC_DOMAIN
+            - XMPP_RECORDER_DOMAIN
+            - XMPP_PORT
+        networks:
+          fstack:
+            ipv4_address: 172.99.0.25
+
+    # XMPP server
+    prosody:
+        image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable-7882}
+        restart: ${RESTART_POLICY:-unless-stopped}
+        expose:
+            - '${XMPP_PORT:-5222}'
+            - '5347'
+            - '5280'
+        volumes:
+            - ${CONFIG}/prosody/config:/config:Z
+            - ${CONFIG}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
+        environment:
+            - AUTH_TYPE
+            - DISABLE_POLLS
+            - ENABLE_AUTH
+            - ENABLE_AV_MODERATION
+            - ENABLE_BREAKOUT_ROOMS
+            - ENABLE_END_CONFERENCE
+            - ENABLE_GUESTS
+            - ENABLE_IPV6
+            - ENABLE_LOBBY
+            - ENABLE_RECORDING
+            - ENABLE_XMPP_WEBSOCKET
+            - ENABLE_JAAS_COMPONENTS
+            - GC_TYPE
+            - GC_INC_TH
+            - GC_INC_SPEED
+            - GC_INC_STEP_SIZE
+            - GC_GEN_MIN_TH
+            - GC_GEN_MAX_TH
+            - GLOBAL_CONFIG
+            - GLOBAL_MODULES
+            - JIBRI_RECORDER_USER
+            - JIBRI_RECORDER_PASSWORD
+            - JIBRI_XMPP_USER
+            - JIBRI_XMPP_PASSWORD
+            - JICOFO_AUTH_USER
+            - JICOFO_AUTH_PASSWORD
+            - JICOFO_COMPONENT_SECRET
+            - JIGASI_XMPP_USER
+            - JIGASI_XMPP_PASSWORD
+            - JVB_AUTH_USER
+            - JVB_AUTH_PASSWORD
+            - JWT_APP_ID
+            - JWT_APP_SECRET
+            - JWT_ACCEPTED_ISSUERS
+            - JWT_ACCEPTED_AUDIENCES
+            - JWT_ASAP_KEYSERVER
+            - JWT_ALLOW_EMPTY
+            - JWT_AUTH_TYPE
+            - JWT_ENABLE_DOMAIN_VERIFICATION
+            - JWT_TOKEN_AUTH_MODULE
+            - MATRIX_UVS_URL
+            - MATRIX_UVS_ISSUER
+            - MATRIX_UVS_AUTH_TOKEN
+            - MATRIX_UVS_SYNC_POWER_LEVELS
+            - LOG_LEVEL
+            - LDAP_AUTH_METHOD
+            - LDAP_BASE
+            - LDAP_BINDDN
+            - LDAP_BINDPW
+            - LDAP_FILTER
+            - LDAP_VERSION
+            - LDAP_TLS_CIPHERS
+            - LDAP_TLS_CHECK_PEER
+            - LDAP_TLS_CACERT_FILE
+            - LDAP_TLS_CACERT_DIR
+            - LDAP_START_TLS
+            - LDAP_URL
+            - LDAP_USE_TLS
+            - MAX_PARTICIPANTS
+            - PROSODY_RESERVATION_ENABLED
+            - PROSODY_RESERVATION_REST_BASE_URL
+            - PUBLIC_URL
+            - TURN_CREDENTIALS
+            - TURN_HOST
+            - TURNS_HOST
+            - TURN_PORT
+            - TURNS_PORT
+            - TZ
+            - XMPP_DOMAIN
+            - XMPP_AUTH_DOMAIN
+            - XMPP_GUEST_DOMAIN
+            - XMPP_MUC_DOMAIN
+            - XMPP_INTERNAL_MUC_DOMAIN
+            - XMPP_MODULES
+            - XMPP_MUC_MODULES
+            - XMPP_MUC_CONFIGURATION
+            - XMPP_INTERNAL_MUC_MODULES
+            - XMPP_RECORDER_DOMAIN
+            - XMPP_PORT
+        networks:
+          fstack:
+            ipv4_address: 172.99.0.26
+            aliases:
+              - xmpp.meet.jitsi
+              - xmpp.northendnetwork.com
+
+    # Focus component
+    jicofo:
+        image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable-7882}
+        restart: ${RESTART_POLICY:-unless-stopped}
+        volumes:
+            - ${CONFIG}/jicofo:/config:Z
+        environment:
+            - AUTH_TYPE
+            - BRIDGE_AVG_PARTICIPANT_STRESS
+            - BRIDGE_STRESS_THRESHOLD
+            - ENABLE_AUTH
+            - ENABLE_AUTO_OWNER
+            - ENABLE_CODEC_VP8
+            - ENABLE_CODEC_VP9
+            - ENABLE_CODEC_H264
+            - ENABLE_OCTO
+            - ENABLE_RECORDING
+            - ENABLE_SCTP
+            - ENABLE_AUTO_LOGIN
+            - JICOFO_AUTH_USER
+            - JICOFO_AUTH_PASSWORD
+            - JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS
+            - JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT
+            - JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT
+            - JICOFO_ENABLE_HEALTH_CHECKS
+            - JICOFO_SHORT_ID
+            - JIBRI_BREWERY_MUC
+            - JIBRI_REQUEST_RETRIES
+            - JIBRI_PENDING_TIMEOUT
+            - JIGASI_BREWERY_MUC
+            - JIGASI_SIP_URI
+            - JVB_BREWERY_MUC
+            - MAX_BRIDGE_PARTICIPANTS
+            - OCTO_BRIDGE_SELECTION_STRATEGY
+            - SENTRY_DSN="${JICOFO_SENTRY_DSN:-0}"
+            - SENTRY_ENVIRONMENT
+            - SENTRY_RELEASE
+            - TZ
+            - XMPP_DOMAIN
+            - XMPP_AUTH_DOMAIN
+            - XMPP_INTERNAL_MUC_DOMAIN
+            - XMPP_MUC_DOMAIN
+            - XMPP_RECORDER_DOMAIN
+            - XMPP_SERVER
+            - XMPP_PORT
+        depends_on:
+            - prosody
+        networks:
+          fstack:
+            ipv4_address: 172.99.0.27
+
+    # Video bridge
+    jvb:
+        image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable-7882}
+        restart: ${RESTART_POLICY:-unless-stopped}
+        ports:
+            - '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp'
+            - '127.0.0.1:${JVB_COLIBRI_PORT:-9090}:9090'
+        volumes:
+            - ${CONFIG}/jvb:/config:Z
+        environment:
+            - DOCKER_HOST_ADDRESS
+            - ENABLE_COLIBRI_WEBSOCKET
+            - ENABLE_OCTO
+            - ENABLE_MULTI_STREAM
+            - JVB_ADVERTISE_IPS
+            - JVB_ADVERTISE_PRIVATE_CANDIDATES
+            - JVB_AUTH_USER
+            - JVB_AUTH_PASSWORD
+            - JVB_BREWERY_MUC
+            - JVB_DISABLE_STUN
+            - JVB_PORT
+            - JVB_MUC_NICKNAME
+            - JVB_STUN_SERVERS
+            - JVB_OCTO_BIND_ADDRESS
+            - JVB_OCTO_REGION
+            - JVB_OCTO_RELAY_ID
+            - JVB_WS_DOMAIN
+            - JVB_WS_SERVER_ID
+            - PUBLIC_URL
+            - SENTRY_DSN="${JVB_SENTRY_DSN:-0}"
+            - SENTRY_ENVIRONMENT
+            - SENTRY_RELEASE
+            - COLIBRI_REST_ENABLED
+            - SHUTDOWN_REST_ENABLED
+            - TZ
+            - XMPP_AUTH_DOMAIN
+            - XMPP_INTERNAL_MUC_DOMAIN
+            - XMPP_SERVER
+            - XMPP_PORT
+        depends_on:
+            - prosody
+        networks:
+          fstack:
+            ipv4_address: 172.99.0.28
+EOF
 
 # Create Jitsi .env file
 cat > fstack/jitsi/.env <<EOF
@@ -267,10 +616,10 @@ start_jitsi() {
 
   if [ $DEBUG ]; then
     # Start fstack/jitsi with output to console for debug
-    docker-compose -f fstack/jitsi/docker-compose.yml -p jitsi up
+    cd fstack/jitsi && docker-compose -f docker-compose.yml -p jitsi up
     [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/jitsi"
   else
-    docker-compose -f fstack/jitsi/docker-compose.yml -p jitsi up -d &> /dev/null
+    cd fstack/jitsi && docker-compose -f docker-compose.yml -p jitsi up -d &> /dev/null
 
     # Keep trying jitsi port 443 to make sure it's up
     # before we proceed
@@ -281,7 +630,7 @@ start_jitsi() {
         break
       else
         if [ "$RETRY" == 1 ]; then
-          docker-compose -f fstack/jitsi/docker-compose.yml -p jitsi down &> /dev/null
+          cd fstack/jitsi && docker-compose -f docker-compose.yml -p jitsi down &> /dev/null
           kill -9 $SPINPID &> /dev/null
           fail "There was a problem starting service fstack/jitsi\nCheck the output of 'docker logs jitsi' or turn on\ndebug with -d"
         fi
diff --git a/fstack/lib/listmonk.sh b/fstack/lib/listmonk.sh
new file mode 100644
index 0000000..1af42d3
--- /dev/null
+++ b/fstack/lib/listmonk.sh
@@ -0,0 +1,105 @@
+#!/bin/bash
+#
+# Federated Computer Control Postgresql Service
+
+PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+config_listmonk() {
+  echo -ne "\n* Configuring fstack/listmonk container.."
+  spin &
+  SPINPID=$!
+
+  if [ ! -d "fstack/listmonk" ]; then
+    mkdir -p fstack/listmonk/static
+  fi
+
+  DOMAIN_ARRAY=(${DOMAIN//./ })
+  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
+  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
+
+cat > fstack/listmonk/docker-compose.yml <<EOF
+version: "3.7"
+
+services:
+  listmonk:
+    image: listmonk/listmonk:latest
+    container_name: listmonk
+    hostname: listmonk.$DOMAIN
+    domainname: $DOMAIN
+    restart: always
+    command: [sh, -c, "yes | ./listmonk --install --config config.toml && ./listmonk --config config.toml"]
+    networks:
+      fstack:
+        ipv4_address: 172.99.0.39
+    environment:
+      - VIRTUAL_PROTO=http
+      - VIRTUAL_PORT=9000
+      - VIRTUAL_HOST=listmonk.$DOMAIN
+      - TZ=Etc/UTC
+    volumes:
+      - ./data/listmonk/config.toml:/listmonk/config.toml
+      - ./data/listmonk/static:/listmonk/static
+
+networks:
+  fstack:
+    external: true
+EOF
+
+cat > fstack/listmonk/data/listmonk/config.toml <<EOF
+[app]
+address = "0.0.0.0:9000"
+admin_username = "admin"
+admin_password = "$ADMINPASS"
+
+# Database.
+[db]
+host = "postgresql.$DOMAIN"
+port = 5432
+user = "listmonk"
+password = "$ADMINPASS"
+database = "listmonk"
+ssl_mode = "disable"
+max_open = 25
+max_idle = 25
+max_lifetime = "300s"
+EOF
+ 
+kill -9 $SPINPID &> /dev/null
+echo -ne "done."
+}
+
+start_listmonk() {
+  # Start fstack/listmonk with output to /dev/null
+  echo -ne "\n* Starting fstack/listmonk service.."
+  spin &
+  SPINPID=$!
+
+  if [ $DEBUG ]; then
+    # Start fstack/listmonk with output to console for debug
+    docker-compose -f fstack/listmonk/docker-compose.yml -p listmonk up --build
+    [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/listmonk"
+  else
+    docker-compose -f fstack/listmonk/docker-compose.yml -p listmonk up --build -d &> /dev/null
+
+    # Keep trying listmonk port 9000 to make sure it's up
+    # before we proceed
+    RETRY="30"
+    while [ $RETRY -gt 0 ]; do
+      nc -z 172.99.0.39 9000 &> /dev/null
+      if [ $? -eq 0 ]; then
+        break
+      else
+        if [ "$RETRY" == 1 ]; then
+          docker-compose -f fstack/listmonk/docker-compose.yml -p listmonk down &> /dev/null
+          kill -9 $SPINPID &> /dev/null
+          fail "There was a problem starting service fstack/listmonk\nCheck the output of 'docker logs listmonk' or turn on\ndebug with -d"
+        fi
+        ((RETRY--))
+        sleep 7
+      fi
+    done
+  fi
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done."
+}
diff --git a/fstack/lib/nextcloud.sh b/fstack/lib/nextcloud.sh
index 73e84d7..152c007 100644
--- a/fstack/lib/nextcloud.sh
+++ b/fstack/lib/nextcloud.sh
@@ -24,24 +24,6 @@ cat > fstack/nextcloud/docker-compose.yml <<EOF
 version: '3.7'
 
 services:
-  nextcloud_db:
-    image: mariadb:latest
-    container_name: nextcloud_db
-    hostname: nextcloud-db.$DOMAIN
-    domainname: $DOMAIN
-    restart: always
-    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
-    networks:
-      fstack:
-        ipv4_address: 172.99.0.19
-    volumes:
-      - ./data/var/lib/mysql:/var/lib/mysql
-    environment:
-      - MYSQL_ROOT_PASSWORD=$ADMINPASS
-      - MYSQL_PASSWORD=$ADMINPASS
-      - MYSQL_DATABASE=nextcloud
-      - MYSQL_USER=nextcloud
-
   nextcloud:
     image: nextcloud:latest
     container_name: nextcloud
@@ -72,12 +54,10 @@ services:
       - PHP_UPLOAD_LIMIT=2048M
       - NEXTCLOUD_ADMIN_USER=nextcloud
       - NEXTCLOUD_ADMIN_PASSWORD=$ADMINPASS
-      - MYSQL_PASSWORD=$ADMINPASS
-      - MYSQL_DATABASE=nextcloud
-      - MYSQL_USER=nextcloud
-      - MYSQL_HOST=nextcloud_db
-    links:
-      - nextcloud_db
+      - POSTGRES_HOST=postgresql.$DOMAIN
+      - POSTGRES_DB=nextcloud
+      - POSTGRES_USER=nextcloud
+      - POSTGRES_PASSWORD=$ADMINPASS
 
 networks:
   fstack:
diff --git a/fstack/lib/postgresql.sh b/fstack/lib/postgresql.sh
new file mode 100644
index 0000000..61f0117
--- /dev/null
+++ b/fstack/lib/postgresql.sh
@@ -0,0 +1,108 @@
+#!/bin/bash
+#
+# Federated Computer Control Postgresql Service
+
+PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+config_postgresql() {
+  echo -ne "\n* Configuring fstack/postgresql container.."
+  spin &
+  SPINPID=$!
+
+  if [ ! -d "fstack/postgresql" ]; then
+    mkdir -p fstack/postgresql/data/var/lib/postgresql fstack/postgresql/data/docker-entrypoint-initdb.d
+    cp fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/fullchain1.pem fstack/postgresql/data/var/lib/postgresql/server.crt
+    cp fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/privkey1.pem fstack/postgresql/data/var/lib/postgresql/server.key
+    chown 999 fstack/postgresql/data/var/lib/postgresql/server.*
+    chmod 600 fstack/postgresql/data/var/lib/postgresql/server.*
+  fi
+
+  DOMAIN_ARRAY=(${DOMAIN//./ })
+  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
+  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
+
+cat > fstack/postgresql/docker-compose.yml <<EOF
+version: "3.7"
+
+services:
+  postgresql:
+    image: postgres:14
+    container_name: postgresql
+    hostname: postgresql.$DOMAIN
+    domainname: $DOMAIN
+    restart: always
+    networks:
+      fstack:
+        ipv4_address: 172.99.0.40
+    volumes:
+      - ./data/var/lib/postgresql/server.crt:/var/lib/postgresql/server.crt
+      - ./data/var/lib/postgresql/server.key:/var/lib/postgresql/server.key
+      - ./data/var/lib/postgresql/data:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_DB=nextcloud
+      - POSTGRES_USER=nextcloud
+      - POSTGRES_PASSWORD=$ADMINPASS
+    command: >
+      -c ssl=on
+      -c ssl_cert_file=/var/lib/postgresql/server.crt
+      -c ssl_key_file=/var/lib/postgresql/server.key
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U nextcloud"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+
+networks:
+  fstack:
+    external: true
+EOF
+
+# cat postgresql/data/docker-entrypoint-initdb.d/init.sql
+cat > fstack/postgresql/data/docker-entrypoint-initdb.d/init.sql <<EOF
+CREATE USER vaultwarden WITH PASSWORD '$ADMINPASS';
+CREATE DATABASE vaultwarden;
+GRANT ALL PRIVILEGES ON DATABASE vaultwarden TO vaultwarden;
+CREATE USER listmonk WITH PASSWORD '$ADMINPASS';
+CREATE DATABASE listmonk;
+GRANT ALL PRIVILEGES ON DATABASE listmonk TO listmonk;
+EOF
+ 
+kill -9 $SPINPID &> /dev/null
+echo -ne "done."
+}
+
+start_postgresql() {
+  # Start fstack/postgresql with output to /dev/null
+  echo -ne "\n* Starting fstack/postgresql service.."
+  spin &
+  SPINPID=$!
+
+  if [ $DEBUG ]; then
+    # Start fstack/postgresql with output to console for debug
+    docker-compose -f fstack/postgresql/docker-compose.yml -p postgresql up --build
+    [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/postgresql"
+  else
+    docker-compose -f fstack/postgresql/docker-compose.yml -p postgresql up --build -d &> /dev/null
+
+    # Keep trying postgresql port 5432 to make sure it's up
+    # before we proceed
+    RETRY="30"
+    while [ $RETRY -gt 0 ]; do
+      nc -z 172.99.0.40 5432 &> /dev/null
+      if [ $? -eq 0 ]; then
+        break
+      else
+        if [ "$RETRY" == 1 ]; then
+          docker-compose -f fstack/postgresql/docker-compose.yml -p postgresql down &> /dev/null
+          kill -9 $SPINPID &> /dev/null
+          fail "There was a problem starting service fstack/postgresql\nCheck the output of 'docker logs postgresql' or turn on\ndebug with -d"
+        fi
+        ((RETRY--))
+        sleep 7
+      fi
+    done
+  fi
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done."
+}
diff --git a/fstack/lib/vaultwarden.sh b/fstack/lib/vaultwarden.sh
new file mode 100644
index 0000000..d4db57b
--- /dev/null
+++ b/fstack/lib/vaultwarden.sh
@@ -0,0 +1,88 @@
+#!/bin/bash
+#
+# Federated Computer Control Postgresql Service
+
+PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+config_vaultwarden() {
+  echo -ne "\n* Configuring fstack/vaultwarden container.."
+  spin &
+  SPINPID=$!
+
+  if [ ! -d "fstack/vaultwarden" ]; then
+    mkdir -p fstack/vaultwarden/data/data
+  fi
+
+  DOMAIN_ARRAY=(${DOMAIN//./ })
+  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
+  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
+
+cat > fstack/vaultwarden/docker-compose.yml <<EOF
+version: '3.7'
+
+services:
+  vaultwarden:
+    image: vaultwarden/server:latest
+    container_name: vaultwarden
+    hostname: vaultwarden.$DOMAIN
+    domainname: $DOMAIN
+    restart: always
+    networks:
+      fstack:
+        ipv4_address: 172.99.0.33
+    environment:
+      - VAULTWARDEN_DATABASE_URL=vaultwarden://vaultwarden:$ADMINPASS@vaultwarden.$DOMAIN/vaultwarden
+      - "DATABASE_URL=vaultwarden://vaultwarden:$ADMINPASS@vaultwarden.$DOMAIN/vaultwarden"
+      - VIRTUAL_PROTO=http
+      - VIRTUAL_PORT=80
+      - VIRTUAL_HOST=vaultwarden.$DOMAIN
+      - WEBSOCKET_ENABLED=true
+      - ADMIN_TOKEN=$ADMINPASS
+      # - SIGNUPS_ALLOWED=false
+    volumes:
+      - ./data/data:/data
+
+networks:
+  fstack:
+    external: true
+EOF
+ 
+kill -9 $SPINPID &> /dev/null
+echo -ne "done."
+}
+
+start_vaultwarden() {
+  # Start fstack/vaultwarden with output to /dev/null
+  echo -ne "\n* Starting fstack/vaultwarden service.."
+  spin &
+  SPINPID=$!
+
+  if [ $DEBUG ]; then
+    # Start fstack/vaultwarden with output to console for debug
+    docker-compose -f fstack/vaultwarden/docker-compose.yml -p vaultwarden up --build
+    [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/vaultwarden"
+  else
+    docker-compose -f fstack/vaultwarden/docker-compose.yml -p vaultwarden up --build -d &> /dev/null
+
+    # Keep trying vaultwarden port 80 to make sure it's up
+    # before we proceed
+    RETRY="30"
+    while [ $RETRY -gt 0 ]; do
+      nc -z 172.99.0.33 80 &> /dev/null
+      if [ $? -eq 0 ]; then
+        break
+      else
+        if [ "$RETRY" == 1 ]; then
+          docker-compose -f fstack/vaultwarden/docker-compose.yml -p vaultwarden down &> /dev/null
+          kill -9 $SPINPID &> /dev/null
+          fail "There was a problem starting service fstack/vaultwarden\nCheck the output of 'docker logs vaultwarden' or turn on\ndebug with -d"
+        fi
+        ((RETRY--))
+        sleep 7
+      fi
+    done
+  fi
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done."
+}
diff --git a/install-federated.sh b/install-federated.sh
index 9c1c143..6a0bdb5 100755
--- a/install-federated.sh
+++ b/install-federated.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/bash -x
 #
 # Federated installation script
 
@@ -85,7 +85,9 @@ check_ports
 config_network
 
 # Configure and start each federated service
-for i in dns ldap mail collabora nextcloud matrix jitsi panel proxy; do
+#for i in dns ldap mail collabora nextcloud matrix jitsi panel proxy; do
+#for i in ldap mail collabora nextcloud matrix jitsi panel proxy; do
+for i in nextcloud; do
 	config_$i
 	start_$i
 done
diff --git a/start.sh b/start.sh
index f9eee70..2f0caec 100755
--- a/start.sh
+++ b/start.sh
@@ -8,12 +8,12 @@ usage() {
 }
 startservice() {
   echo "* Starting $SERVICE.."
-  docker-compose -f fstack/$SERVICE/docker-compose.yml -p $SERVICE up -d
+  cd fstack/$SERVICE && docker-compose -f docker-compose.yml -p $SERVICE up -d
 }
 startservice_all() {
   for i in dns ldap mail collabora nextcloud matrix jitsi panel proxy; do
     echo "* Starting $i.."
-    docker-compose -f fstack/$i/docker-compose.yml -p $i up -d
+    cd fstack/$i && docker-compose -f docker-compose.yml -p $i up -d
   done
 }