diff --git a/.github/workflows/js.yml b/.github/workflows/js.yml
index 8dc0edc6..1c43a13b 100644
--- a/.github/workflows/js.yml
+++ b/.github/workflows/js.yml
@@ -16,8 +16,8 @@ jobs:
       - name: eslint
         run: |
           cd backend
-          npm install --package-lock=false --force --only=dev
-          npx eslint . --fix
+          yarn install --no-lockfile
+          yarn eslint . --fix
       - name: update
         run: |
           curl -L https://unpkg.com/xregexp/xregexp-all.js -o rootfs/nftd/xregexp-all.js
diff --git a/Dockerfile b/Dockerfile
index 9ad726d9..ede04157 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,12 +1,10 @@
 FROM --platform="$BUILDPLATFORM" alpine:3.17.2 as frontend
 COPY global   /build/global
 COPY frontend /build/frontend
-RUN apk upgrade --no-cache && \
-    apk add --no-cache ca-certificates tzdata \
-    nodejs yarn git build-base python3
 ARG NODE_ENV=production \
     NODE_OPTIONS=--openssl-legacy-provider
-RUN cd /build/frontend && \
+RUN apk add --no-cache ca-certificates nodejs yarn git python3 build-base && \
+    cd /build/frontend && \
     sed -i "s|\"0.0.0\"|\""$(cat ../global/.version)"\"|g" package.json && \
     yarn --no-lockfile install && \
     yarn --no-lockfile build
@@ -16,13 +14,11 @@ COPY security.txt /build/frontend/dist/.well-known/security.txt
 FROM --platform="$BUILDPLATFORM" alpine:3.17.2 as backend
 COPY backend /build/backend
 COPY global  /build/backend/global
-RUN apk upgrade --no-cache && \
-    apk add --no-cache ca-certificates tzdata \
-    nodejs-current yarn && \
-    wget https://gobinaries.com/tj/node-prune -O - | sh
 ARG NODE_ENV=production \
     TARGETARCH
-RUN cd /build/backend && \
+RUN apk add --no-cache ca-certificates nodejs-current yarn && \
+    wget https://gobinaries.com/tj/node-prune -O - | sh && \
+    cd /build/backend && \
     sed -i "s|\"0.0.0\"|\""$(cat global/.version)"\"|g" package.json && \
     if [ "$TARGETARCH" = "amd64" ]; then \
     npm_config_target_platform=linux npm_config_target_arch=x64 yarn install --no-lockfile; \
@@ -32,9 +28,9 @@ RUN cd /build/backend && \
     node-prune
 
 
-FROM zoeyvid/nginx-quic:87
-RUN apk upgrade --no-cache && \
-    apk add --no-cache ca-certificates tzdata \
+FROM zoeyvid/nginx-quic:95
+RUN apk add --no-cache \
+    ca-certificates tzdata \
     nodejs-current \
     openssl apache2-utils \
     coreutils grep jq curl \
@@ -49,7 +45,8 @@ COPY --from=backend  /build/backend       /app
 COPY --from=frontend /build/frontend/dist /app/frontend
 
 RUN ln -s /app/password-reset.js /usr/local/bin/password-reset.js && \
-    ln -s /app/sqlite-vaccum.js /usr/local/bin/sqlite-vaccum.js
+    ln -s /app/sqlite-vaccum.js /usr/local/bin/sqlite-vaccum.js && \
+    ln -s /app/index.js /usr/local/bin/index.js
 
 ENV NODE_ENV=production \
     DB_SQLITE_FILE=/data/database.sqlite
diff --git a/backend/doc/api.swagger.json b/backend/doc/api.swagger.json
index 657db5d3..c6eda485 100644
--- a/backend/doc/api.swagger.json
+++ b/backend/doc/api.swagger.json
@@ -6,7 +6,7 @@
 	},
 	"servers": [
 		{
-			"url": "http://127.0.0.1:81/api"
+			"url": "https://127.0.0.1:81/api"
 		}
 	],
 	"paths": {
diff --git a/backend/index.js b/backend/index.js
old mode 100644
new mode 100755
diff --git a/backend/package.json b/backend/package.json
index 6e8fc0cc..421439a0 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -16,8 +16,8 @@
     "express-fileupload": "1.4.0",
     "gravatar": "1.8.2",
     "jsonwebtoken": "9.0.0",
-    "knex": "10.6.1",
-    "liquidjs": "9.43.0",
+    "knex": "2.4.2",
+    "liquidjs": "10.7.0",
     "lodash": "4.17.21",
     "moment": "2.29.4",
     "mysql": "2.18.1",
diff --git a/backend/password-reset.js b/backend/password-reset.js
old mode 100644
new mode 100755
index 4ab8ad53..2c7cb893
--- a/backend/password-reset.js
+++ b/backend/password-reset.js
@@ -1,4 +1,4 @@
-#!/usr/bin/node
+#!/usr/bin/env node
 
 // based on: https://github.com/jlesage/docker-nginx-proxy-manager/blob/796734a3f9a87e0b1561b47fd418f82216359634/rootfs/opt/nginx-proxy-manager/bin/reset-password
 
diff --git a/backend/sqlite-vaccum.js b/backend/sqlite-vaccum.js
old mode 100644
new mode 100755
index 8dcab291..38682320
--- a/backend/sqlite-vaccum.js
+++ b/backend/sqlite-vaccum.js
@@ -1,4 +1,5 @@
-#!/usr/bin/node
+#!/usr/bin/env node
+
 const fs      = require('fs');
 const sqlite3 = require('sqlite3');
 
@@ -7,7 +8,7 @@ if (fs.existsSync(process.env.DB_SQLITE_FILE)) {
 		if (err) {
 			console.error(err.message);
 		} else {
-			db.run('VACUUM;', [], (err) => {
+			db.run('VACUUM; PRAGMA auto_vacuum = 1;', [], (err) => {
 				if (err) {
 					console.error(err.message);
 				}
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/dependencies.d/prepare b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/dependencies.d/prepare
deleted file mode 100644
index e69de29b..00000000
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/type b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/type
deleted file mode 100644
index 5883cff0..00000000
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/type
+++ /dev/null
@@ -1 +0,0 @@
-longrun
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/dependencies.d/prepare b/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/dependencies.d/prepare
deleted file mode 100644
index e69de29b..00000000
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/type b/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/type
deleted file mode 100644
index 5883cff0..00000000
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/type
+++ /dev/null
@@ -1 +0,0 @@
-longrun
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/dependencies.d/prepare b/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/dependencies.d/prepare
deleted file mode 100644
index e69de29b..00000000
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run
deleted file mode 100755
index 70ca0cb7..00000000
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/command/with-contenv bash
-# shellcheck shell=bash
-
-set -e
-
-echo "❯ Starting nginx ..."
-exec nginx
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/type b/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/type
deleted file mode 100644
index 5883cff0..00000000
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/type
+++ /dev/null
@@ -1 +0,0 @@
-longrun
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/dependencies.d/base b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/dependencies.d/base
deleted file mode 100644
index e69de29b..00000000
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/script.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/script.sh
deleted file mode 100755
index 5723ea7a..00000000
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/script.sh
+++ /dev/null
@@ -1,93 +0,0 @@
-#!/command/with-contenv bash
-# shellcheck shell=bash
-
-set -e
-
-DATA_PATH=/data
-
-# Ensure /data is mounted
-if [ ! -d "$DATA_PATH" ]; then
-	echo '--------------------------------------'
-	echo "ERROR: $DATA_PATH is not mounted! Check your docker configuration."
-	echo '--------------------------------------'
-	/run/s6/basedir/bin/halt
-	exit 1
-fi
-
-echo "❯ Checking folder structure ..."
-
-# Create required folders
-mkdir -p /tmp/nginx/body \
-	/run/nginx \
-	/var/log/nginx \
-	/data/nginx \
-	/data/custom_ssl \
-	/data/logs \
-	/data/access \
-	/data/nginx/default_host \
-	/data/nginx/default_www \
-	/data/nginx/proxy_host \
-	/data/nginx/redirection_host \
-	/data/nginx/stream \
-	/data/nginx/dead_host \
-	/data/nginx/temp \
-	/var/lib/nginx/cache/public \
-	/var/lib/nginx/cache/private \
-	/var/cache/nginx/proxy_temp \
-	/data/letsencrypt-acme-challenge
-
-touch /var/log/nginx/error.log && chmod 777 /var/log/nginx/error.log && chmod -R 777 /var/cache/nginx
-chown root /tmp/nginx
-
-# Dynamically generate resolvers file, if resolver is IPv6, enclose in `[]`
-# thanks @tfmm
-if [ "$DISABLE_IPV6" == "true" ] || [ "$DISABLE_IPV6" == "on" ] || [ "$DISABLE_IPV6" == "1" ] || [ "$DISABLE_IPV6" == "yes" ];
-then
-	echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) ipv6=off valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf
-else
-	echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf
-fi
-
-echo "Changing ownership of /data/logs to $(id -u):$(id -g)"
-chown -R "$(id -u):$(id -g)" /data/logs
-
-# Handle IPV6 settings
-/bin/handle-ipv6-setting /etc/nginx/conf.d
-/bin/handle-ipv6-setting /data/nginx
-
-# ref: https://github.com/linuxserver/docker-baseimage-alpine/blob/master/root/etc/cont-init.d/01-envfile
-
-# in s6, environmental variables are written as text files for s6 to monitor
-# search through full-path filenames for files ending in "__FILE"
-echo "❯ Secrets-init ..."
-for FILENAME in $(find /var/run/s6/container_environment/ | grep "__FILE$"); do
-	echo "[secret-init] Evaluating ${FILENAME##*/} ..."
-
-	# set SECRETFILE to the contents of the full-path textfile
-	SECRETFILE=$(cat "${FILENAME}")
-	# if SECRETFILE exists / is not null
-	if [[ -f "${SECRETFILE}" ]]; then
-		# strip the appended "__FILE" from environmental variable name ...
-		STRIPFILE=$(echo "${FILENAME}" | sed "s/__FILE//g")
-		# echo "[secret-init] Set STRIPFILE to ${STRIPFILE}"  # DEBUG - rm for prod!
-
-		# ... and set value to contents of secretfile
-		# since s6 uses text files, this is effectively "export ..."
-		printf $(cat "${SECRETFILE}") > "${STRIPFILE}"
-		# echo "[secret-init] Set ${STRIPFILE##*/} to $(cat ${STRIPFILE})"  # DEBUG - rm for prod!"
-		echo "[secret-init] Success! ${STRIPFILE##*/} set from ${FILENAME##*/}"
-
-	else
-		echo "[secret-init] cannot find secret in ${FILENAME}"
-	fi
-done
-
-echo
-echo "-------------------------------------
- _   _ ____  __  __
-| \ | |  _ \|  \/  |
-|  \| | |_) | |\/| |
-| |\  |  __/| |  | |
-|_| \_|_|   |_|  |_|
--------------------------------------
-"
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/type b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/type
deleted file mode 100644
index bdd22a18..00000000
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/type
+++ /dev/null
@@ -1 +0,0 @@
-oneshot
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/up b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/up
deleted file mode 100644
index b58eed6b..00000000
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/up
+++ /dev/null
@@ -1,2 +0,0 @@
-# shellcheck shell=bash
-/etc/s6-overlay/s6-rc.d/prepare/script.sh
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/backend b/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/backend
deleted file mode 100644
index e69de29b..00000000
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/frontend b/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/frontend
deleted file mode 100644
index e69de29b..00000000
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/nginx b/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/nginx
deleted file mode 100644
index e69de29b..00000000
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/prepare b/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/prepare
deleted file mode 100644
index e69de29b..00000000
diff --git a/rootfs/bin/certbot-cleaner.sh b/rootfs/bin/certbot-cleaner.sh
old mode 100644
new mode 100755
diff --git a/rootfs/bin/start.sh b/rootfs/bin/start.sh
index a74f9879..72baa834 100755
--- a/rootfs/bin/start.sh
+++ b/rootfs/bin/start.sh
@@ -1,5 +1,12 @@
 #!/bin/sh
 
+if [ ! -d /data ]; then
+	echo '--------------------------------------'
+	echo "ERROR: \"/data\" is not mounted! Check your compose file!."
+	echo '--------------------------------------'
+    sleep inf || exit 1
+fi
+
 if [ "$PHP81" = true ] || [ "$PHP82" = true ]; then
     apk add --no-cache fcgi
 fi
@@ -142,7 +149,7 @@ if [ -n "$(ls -A /data/ssl 2> /dev/null)" ]; then
     mv -v /data/ssl/* /data/tls || sleep inf
 fi
 
-if [ -n "$CLEAN" ]; then
+if [ -z "$CLEAN" ]; then
     export CLEAN=true
 fi
 
@@ -169,19 +176,18 @@ if [ "$CLEAN" = true ]; then
             /data/nginx/error.log || sleep inf
 fi
 
-if [ -n "$FULLCLEAN" ]; then
+if [ -f "$DB_SQLITE_FILE" ]; then
+    sqlite-vaccum.js || exit 1
+fi
+
+if [ -z "$FULLCLEAN" ]; then
     export FULLCLEAN=false
 fi
 
 if [ "$FULLCLEAN" = true ]; then
     if [ "$PHP81" != true ] && [ "$PHP82" != true ]; then
         rm -vrf /data/php
-    fi
-    
-    if [ -f "$DB_SQLITE_FILE" ]; then
-        sqlite-vaccum.js || exit 1
-    fi
-    
+    fi    
     certbot-cleaner.sh
 fi
 
@@ -392,7 +398,7 @@ while (nginx -t > /dev/null 2>&1 && if [ "$PHP81" = true ]; then PHP_INI_SCAN_DI
     nginx || exit 1 &
     if [ "$PHP81" = "true" ]; then PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FOR || exit 1; fi &
     if [ "$PHP82" = "true" ]; then PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FOR || exit 1; fi &
-    node --abort_on_uncaught_exception --max_old_space_size=250 index.js || exit 1 &
+    index.js || exit 1 &
     wait
 done