diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 454c90a..aefbcd1 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -9,6 +9,7 @@ include:
   - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/master/sast-cis-benchmark.yml
 
 stages:
+  - lint
   - build
   - test
   - push
diff --git a/Dockerfile b/Dockerfile
index 9e3a068..1ddc448 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,12 +2,14 @@ ARG ARCHITECTURE
 #######################################################################################################################
 # Nexe packaging of binary
 #######################################################################################################################
-FROM lansible/nexe:master-${ARCHITECTURE} as builder
+FROM lansible/nexe:4.0.0-beta.3-${ARCHITECTURE} as builder
 
-ENV VERSION=dev
+ENV VERSION=1.9.0
 
 # Add unprivileged user
 RUN echo "zigbee2mqtt:x:1000:1000:zigbee2mqtt:/:" > /etc_passwd
+# Add to dailout as secondary group (20)
+RUN echo "dailout:x:20:zigbee2mqtt" > /etc_group
 
 # eudev: needed for udevadm binary
 RUN apk --no-cache add \
@@ -41,6 +43,7 @@ LABEL org.label-schema.description="Zigbee2MQTT as single binary in a scratch co
 
 # Copy the unprivileged user
 COPY --from=builder /etc_passwd /etc/passwd
+COPY --from=builder /etc_group /etc/group
 
 # Serialport is using the udevadm binary
 COPY --from=builder /bin/udevadm /bin/udevadm
diff --git a/README.MD b/README.MD
index 8083948..e1949de 100644
--- a/README.MD
+++ b/README.MD
@@ -1,4 +1,4 @@
-# Zigbee2MQTT
+# Zigbee2MQTT from scratch!
 [![Build Status](https://cloud.drone.io/api/badges/LANsible/docker-zigbee2mqtt/status.svg)](https://cloud.drone.io/LANsible/docker-zigbee2mqtt)
 [![Docker Pulls](https://img.shields.io/docker/pulls/lansible/zigbee2mqtt.svg)](https://hub.docker.com/r/lansible/zigbee2mqtt)
 [![Docker Version](https://images.microbadger.com/badges/version/lansible/zigbee2mqtt:latest.svg)](https://microbadger.com/images/lansible/zigbee2mqtt:latest)
@@ -8,6 +8,8 @@
 
 It does not work on Kubernetes with a configmap since it tries to create the database.db, state.json etc in the directory where the config is mounted.
 This container allows this setup to work flawlessly!
+Also it is super small since Zigbee2Mqtt is build as a single binary and put into a FROM scratch container.
+The container run as user 1000 with primary group 1000 and dailout(20) as secondary group for tty access.
 
 ## Test container with docker-compose
 
@@ -18,18 +20,21 @@ docker-compose up
 
 ### Building the container locally
 
-You could build the container locally to add plugins. It works like this:
+You could build the container locally like this:
 
 ```bash
 docker build . \
-      --build-arg VERSION=1.4.0 \
-      --tag lansible/zigbee2mqtt:1.4.0
+      --build-arg ARCHITECTURE=amd64 \
+      --tag lansible/zigbee2mqtt:dev-amd64
 ```
 The arguments are:
 
 | Build argument | Description                                    | Example                 |
 |----------------|------------------------------------------------|-------------------------|
-| `VERSION`      | Version of Zigbee2MQTT                         | `1.4.0`                 |
+| `ARCHITECTURE` | For what architecture to build the container   | `arm64`                 |
+
+Available architectures are what `lansible/nexe` supports:
+https://hub.docker.com/r/lansible/nexe/tags
 
 ## Credits
 
diff --git a/entrypoint.sh b/entrypoint.sh
deleted file mode 100644
index cf08d19..0000000
--- a/entrypoint.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-
-# Create aliases to busybox
-alias basename="/bin/busybox basename"
-alias ln="/bin/busybox ln"
-
-# Create symlinks when config mounted, else exit
-if [ ! -d "/data" ]; then
-  echo "No /data found, please data volume to container"
-  exit 1
-fi
-
-if [ -d "/config" ]; then
-  # For each config file create a symlink
-  for file in /config/*; do
-    filename=$(basename "$file")
-    # Create symlink when it does not exist yet
-    if [ ! -L "/data/$filename" ]; then
-      echo "Creating symlink from /config/$filename to /data/$filename"
-      ln -sf "/config/$filename" "/data/$filename"
-    fi
-  done
-else
-  # Print warning when no config was found, could be intentional
-  echo "No /config found, no symlink will be created"
-fi
-
-# Start docker CMD
-exec "$@"
diff --git a/examples/kubernetes/deployment.yml b/examples/kubernetes/statefulset.yml
similarity index 100%
rename from examples/kubernetes/deployment.yml
rename to examples/kubernetes/statefulset.yml