diff --git a/create_lxc.sh b/create_lxc.sh
index 6c6350b..316360a 100644
--- a/create_lxc.sh
+++ b/create_lxc.sh
@@ -1,36 +1,46 @@
 #!/bin/bash
 
-# This script wil create and fire up a standard debian buster lxc container on your proxmox pve.
-# The Script will look for the next free lxc number and take the next free and use it. So take
-# care that behind your last number is place for it. 
+# This script will create and fire up a standard debian buster lxc container on your Proxmox VE.
+# On a Proxmox cluster, the script will create the container on the local node, where it's executed.
+# The container ID will be automatically assigned by increasing (+1) the highest number of
+# existing LXC containers in your environment. If the assigned ID is already taken by a VM
+# or no containers exist yet, the script falls back to the ID 100.
 
-#### SOME VARIABLES TO ADJUST ####
+# Authors:
+# (C) 2021 Idea an concept by Christian Zengel <christian@sysops.de>
+# (C) 2021 Script design and prototype by Markus Helmke <helmke@cloudistboese.de>
+# (C) 2021 Script rework by Thorsten Spille <thorsten@spille-edv.de>
 
-# Storage with templates
-LXC_TMP="local"
 
-# Size and pool of rootfs / in GB
-SIZ_ROT="100"
-S_ROT_P="local-zfs"
+#### PLEASE ADJUST THE FOLLWING VARIABLES, BEFORE RUNNING THE SCRIPT ####
 
-# Size and pool of Filestorage in GB will mounted to /share
-SIZ_FIL="100"
-S_FIL_P="local-zfs"
+# The storage, where your container tmeplates are located (in most cases: local)
+LXC_TEMPLATE_STORAGE="local"
 
-#Weather or not (1 and 0) the container will createt as unpriviliged LXC
-LXC_UNP="1"
+# Define the size and storage location of the container's root filesystem
+LXC_ROOTFS_SIZE="100"
+LXC_ROOTFS_STORAGE="local-zfs"
 
-# Size of the RAM assigned to the LXC
+# Define the size, storage location and mountpoint of the container's shared filesystem (required for 'zmb_standalone' and 'zmb_member') 
+LXC_FILEFS_SIZE="100"
+LXC_FILEFS_STORAGE="local-zfs"
+LXC_FILEFS_MOUNTPOINT="tank"
+
+# Define whether the container will be created in unprivileged (1) or privileged (0) mode
+# For 'zmb_standalone', 'zmb_pdc', 'zmb_member' and 'mailpiler' the container needs to be created with 'unprivileged=0'
+LXC_UNPRIVILEGED="1"
+
+# Size of the RAM assigned to the container
 LXC_MEM="1024"
 
-# Size of the SWAP assigned to the LXC
-LXC_SWA="1024"
+# Size of the SWAP assigned to the container
+LXC_SWAP="1024"
 
-# The hostname (eq. zamba1 or mailpiler1)
-LXC_HOST="zamba"
+# The hostname (eg. zamba1 or mailpiler1)
+LXC_HOSTNAME="zamba"
 
-# The domainname (searchdomain /etc/resolf.conf & hosts)
-LXC_SDN="zmb.local"
+# The domain suffix (the domain name / search domain of th container, results to the FQDN 'LXC_HOTNAME.LXC_DOMAIN')
+LXC_DOMAIN="zmb.rocks"
 
 # IP-address and subnet
 LXC_IP="10.10.80.20/24"
@@ -38,49 +48,56 @@ LXC_IP="10.10.80.20/24"
 # Gateway
 LXC_GW="10.10.80.10"
 
-# DNS-server and here shoud be your AD-DC
+# DNS-server (should be your AD DC)
 LXC_DNS="10.10.80.10"
 
-# Networkbridge for this machine
-LXC_BRD="vmbr80"
+# Networkbridge for this container
+LXC_BRIDGE="vmbr80"
+
+# Optional VLAN number for this container
+LXC_VLAN=""
 
 # root password - take care to delete from this file
 LXC_PWD="MYPASSWD"
 
-LXC_KEY="ssh-rsa xxxxxxxx"
+LXC_AUTHORIZED_KEY="ssh-rsa xxxxxxxx"
 
 ############### Zamba-Server-Section ###############
 
 # Domain Entries to samba/smb.conf. Will be also uses for samba domain-provisioning when zmb-pdc will choosen.
-ZMB_REA="ZMB.LOCAL"
-ZMB_DOM="ZMB"
+ZMB_REALM="ZMB.ROCKS"
+ZMB_DOMAIN="ZMB"
 
-# THE Domain-Admin and passwd for zamba-install
-ZMB_ADA="Administrator"
-ZMB_APW="MYPASSWORD"
+# The Domain-Admin and password for zamba installation
+ZMB_ADMIN_USER="Administrator"
+ZMB_ADMIN_PASS="MYPASSWORD"
+ZMB_DOMAIN_ADMINS_GROUP="domain admins"
+
+# Name of the Zamba Share
+ZMB_SHARE="share"
 
 ############### Mailpiler-Section ###############
 
-# The FQDN vor the Hostname. This must be exactly the same like the LXC_HOST / LXC_SDN at section above.
-PILER_DOM="piler.zmb.rocks"
-SMARTHOST="10.10.80.20"
-PILER_VER="1.3.10"
-SPHINX_VER="3.3.1"
-PHP_VER="7.4"
+# The FQDN vor the Hostname. This must be exactly the same like the LXC_HOSTNAME / LXC_DOMAIN at section above.
+PILER_FQDN="piler.zmb.rocks"
+PILER_SMARTHOST="10.10.80.20"
+PILER_VERSION="1.3.10"
+PILER_SPHINX_VERSION="3.3.1"
+PILER_PHP_VERSION="7.4"
 
 ############### Matrix-Section ###############
 
-# The FQDN vor the Hostname. This should be the same like the LXC_HOST / LXC_SDN at section above.
-MRX_DOM="matrix.zmb.rocks"
-ELE_DOM="element.zmb.rocks"
-ELE_VER="v1.7.21"
-JIT_DOM="meet.zmb.rocks"
+# The FQDN vor the Hostname. This should be the same like the LXC_HOSTNAME / LXC_DOMAIN at section above.
+MATRIX_FQDN="matrix.zmb.rocks"
+MATRIX_ELEMENT_FQDN="element.zmb.rocks"
+MATRIX_ELEMENT_VERSION="v1.7.24"
+MATRIX_JITSI_FQDN="meet.zmb.rocks"
 
 #################################
 
 # CHeck is the newest template available, else download it.
 
-DEB_LOC=$(pveam list $LXC_TMP | grep debian-10-standard | cut -d'_' -f2)
+DEB_LOC=$(pveam list $LXC_TEMPLATE_STORAGE | grep debian-10-standard | cut -d'_' -f2)
 
 DEB_REP=$(pveam available --section system | grep debian-10-standard | cut -d'_' -f2)
 
@@ -89,7 +106,7 @@ then
   echo "Newest Version of Debian 10 Standard $DEP_REP exists.";
 else
   echo "Will now download newest Debian 10 Standard $DEP_REP.";
-  pveam download $LXC_TMP debian-10-standard_$DEB_REP\_amd64.tar.gz
+  pveam download $LXC_TEMPLATE_STORAGE debian-10-standard_$DEB_REP\_amd64.tar.gz
 fi
 
 # Get next free LXC-number
@@ -105,10 +122,16 @@ fi
 echo "Will now create LXC Container $LXC_NBR!";
 
 # Create the container
-pct create $LXC_NBR -unprivileged $LXC_UNP $LXC_TMP:vztmpl/debian-10-standard_$DEB_REP\_amd64.tar.gz -rootfs $S_ROT_P:$SIZ_ROT;
+pct create $LXC_NBR -unprivileged $LXC_UNPRIVILEGED $LXC_TEMPLATE_STORAGE:vztmpl/debian-10-standard_$DEB_REP\_amd64.tar.gz -rootfs $LXC_ROOTFS_STORAGE:$LXC_ROOTFS_SIZE;
 sleep 2;
 
-pct set $LXC_NBR -memory $LXC_MEM -swap $LXC_SWA -hostname $LXC_HOST \-nameserver $LXC_DNS -searchdomain $LXC_SDN -onboot 1 -timezone Europe/Berlin -net0 name=eth0,bridge=$LXC_BRD,firewall=1,gw=$LXC_GW,ip=$LXC_IP,type=veth;
+if [[ $LXC_VLAN != "" ]];then
+  VLAN=",vlan=$LXC_VLAN"
+else
+ VLAN=""
+fi
+
+pct set $LXC_NBR -memory $LXC_MEM -swap $LXC_SWAP -hostname $LXC_HOSTNAME \-nameserver $LXC_DNS -searchdomain $LXC_DOMAIN -onboot 1 -timezone Europe/Berlin -net0 name=eth0,bridge=$LXC_BRIDGE,firewall=1,gw=$LXC_GW,ip=$LXC_IP,type=veth$VLAN;
 sleep 2;
 
 PS3="Select the Server-Function: "
@@ -121,7 +144,7 @@ select opt in just_lxc zmb-standalone zmb-member zmb-pdc mailpiler matrix quit;
       # Set the root password and key
       echo -e "$LXC_PWD\n$LXC_PWD" | lxc-attach -n$LXC_NBR passwd;
       lxc-attach -n$LXC_NBR mkdir /root/.ssh;
-      echo -e "$LXC_KEY" | lxc-attach -n$LXC_NBR tee /root/.ssh/authorized_keys;
+      echo -e "$LXC_AUTHORIZED_KEY" | lxc-attach -n$LXC_NBR tee /root/.ssh/authorized_keys;
       lxc-attach -n$LXC_NBR service ssh restart;
       echo "Should be ready!"
       break
@@ -131,17 +154,17 @@ select opt in just_lxc zmb-standalone zmb-member zmb-pdc mailpiler matrix quit;
       ;;
     zmb-member)
       echo "Make some additions to LXC for AD-Member-Server!"
-      pct set $LXC_NBR -mp0 $S_FIL_P:$SIZ_FIL,mp=/tank
+      pct set $LXC_NBR -mp0 $LXC_FILEFS_STORAGE:$LXC_FILEFS_SIZE,mp=/$LXC_FILEFS_MOUNTPOINT
       sleep 2;
       lxc-start $LXC_NBR;
       sleep 5;
       # Set the root password and key
       echo -e "$LXC_PWD\n$LXC_PWD" | lxc-attach -n$LXC_NBR passwd;
       lxc-attach -n$LXC_NBR mkdir /root/.ssh;
-      echo -e "$LXC_KEY" | lxc-attach -n$LXC_NBR tee /root/.ssh/authorized_keys;
+      echo -e "$LXC_AUTHORIZED_KEY" | lxc-attach -n$LXC_NBR tee /root/.ssh/authorized_keys;
       lxc-attach -n$LXC_NBR service ssh restart;
       cp /root/zmb_mem.orig /root/zmb_mem.sh
-      sed -i "s|#ZMB_VAR|#ZMB_VAR\nZMB_REA='$ZMB_REA'\nZMB_DOM='$ZMB_DOM'\nZMB_ADA='$ZMB_ADA'\nZMB_APW='$ZMB_APW'|" /root/zmb_mem.sh
+      sed -i "s|#ZMB_VAR|#ZMB_VAR\nLXC_FILEFS_MOUNTPOINT='$LXC_FILEFS_MOUNTPOINT'\nZMB_SHARE='$ZMB_SHARE'\nZMB_REALM='$ZMB_REALM'\nZMB_DOMAIN='$ZMB_DOMAIN'\nZMB_ADMIN_USER='$ZMB_ADMIN_USER'\nZMB_ADMIN_PASS='$ZMB_ADMIN_PASS'\nZMB_DOMAIN_ADMINS_GROUP='$ZMB_DOMAIN_ADMINS_GROUP'|" /root/zmb_mem.sh
       pct push $LXC_NBR /root/zmb_mem.sh /root/zmb_mem.sh
       echo "Install zamba as AD-Member-Server!"
       lxc-attach -n$LXC_NBR bash /root/zmb_mem.sh
@@ -159,10 +182,10 @@ select opt in just_lxc zmb-standalone zmb-member zmb-pdc mailpiler matrix quit;
       # Set the root password and key
       echo -e "$LXC_PWD\n$LXC_PWD" | lxc-attach -n$LXC_NBR passwd;
       lxc-attach -n$LXC_NBR mkdir /root/.ssh;
-      echo -e "$LXC_KEY" | lxc-attach -n$LXC_NBR tee /root/.ssh/authorized_keys;
+      echo -e "$LXC_AUTHORIZED_KEY" | lxc-attach -n$LXC_NBR tee /root/.ssh/authorized_keys;
       lxc-attach -n$LXC_NBR service ssh restart;
       cp /root/mailpiler.orig /root/mailpiler.sh
-      sed -i "s|#PILER_VAR|#PILER_VAR\nPILER_DOM='$PILER_DOM'\nSMARTHOST='$SMARTHOST'\nPILER_VER='$PILER_VER'\nSPHINX_VER='$SPHINX_VER'\nPHP_VER='$PHP_VER'|" /root/mailpiler.sh
+      sed -i "s|#PILER_VAR|#PILER_VAR\nPILER_FQDN='$PILER_FQDN'\nPILER_SMARTHOST='$PILER_SMARTHOST'\nPILER_VERSION='$PILER_VERSION'\nPILER_SPHINX_VERSION='$PILER_SPHINX_VERSION'\nPILER_PHP_VERSION='$PILER_PHP_VERSION'|" /root/mailpiler.sh
       pct push $LXC_NBR /root/mailpiler.sh /root/mailpiler.sh
       echo "Install Mailpiler mailarchiv!"
       lxc-attach -n$LXC_NBR bash mailpiler.sh
@@ -175,10 +198,10 @@ select opt in just_lxc zmb-standalone zmb-member zmb-pdc mailpiler matrix quit;
       # Set the root password and key
       echo -e "$LXC_PWD\n$LXC_PWD" | lxc-attach -n$LXC_NBR passwd;
       lxc-attach -n$LXC_NBR mkdir /root/.ssh;
-      echo -e "$LXC_KEY" | lxc-attach -n$LXC_NBR tee /root/.ssh/authorized_keys;
+      echo -e "$LXC_AUTHORIZED_KEY" | lxc-attach -n$LXC_NBR tee /root/.ssh/authorized_keys;
       lxc-attach -n$LXC_NBR service ssh restart;
       cp /root/matrix.orig /root/matrix.sh
-      sed -i "s|#MATRIX_VAR|#Matrix_VAR\nMRX_DOM='$MRX_DOM'\nELE_DOM='$ELE_DOM'\nELE_VER='$ELE_VER'\nJIT_DOM='$JIT_DOM'|" /root/matrix.sh
+      sed -i "s|#MATRIX_VAR|#Matrix_VAR\nMATRIX_FQDN='$MATRIX_FQDN'\nMATRIX_ELEMENT_FQDN='$MATRIX_ELEMENT_FQDN'\nMATRIX_ELEMENT_VERSION='$MATRIX_ELEMENT_VERSION'\nMATRIX_JITSI_FQDN='$MATRIX_JITSI_FQDN'|" /root/matrix.sh
       pct push $LXC_NBR /root/matrix.sh /root/matrix.sh
       echo "Install Matrix Chatserver!"
       lxc-attach -n$LXC_NBR bash matrix.sh
diff --git a/mailpiler.orig b/mailpiler.orig
index f20ac8b..d03a8dc 100644
--- a/mailpiler.orig
+++ b/mailpiler.orig
@@ -12,11 +12,11 @@ echo "Ensure your Hostname is set to your Piler FQDN!"
 echo $HOSTNAME
 
 if 
-    [ "$HOSTNAME" != "$PILER_DOM" ]
+    [ "$HOSTNAME" != "$PILER_FQDN" ]
 then
-        echo "Hostname doesn't match Piler_Domain! Check install.sh, /etc/hosts, /etc/hostname." && exit
+        echo "Hostname doesn't match PILER_FQDNain! Check install.sh, /etc/hosts, /etc/hostname." && exit
 else
-        echo "Hostname matches PILER_DOMAIN, so starting installation."
+        echo "Hostname matches PILER_FQDNAIN, so starting installation."
 fi
 
 apt install -y gpg apt-transport-https lsb-release
@@ -28,7 +28,7 @@ apt update && apt full-upgrade -y
 
 apt install -y mc sysstat build-essential libwrap0-dev libpst-dev tnef libytnef0-dev unrtf catdoc libtre-dev tre-agrep poppler-utils libzip-dev unixodbc libpq5 software-properties-common libpoppler-dev openssl libssl-dev memcached telnet nginx mariadb-server default-libmysqlclient-dev python-mysqldb gcc libwrap0 libzip4 latex2rtf latex2html catdoc tnef libpq5 zipcmp zipmerge ziptool libsodium23
 
-apt update && apt install -y php$PHP_VER-{fpm,common,ldap,mysql,cli,opcache,phpdbg,gd,memcache,json,readline,zip}
+apt update && apt install -y php$PILER_PHP_VERSION-{fpm,common,ldap,mysql,cli,opcache,phpdbg,gd,memcache,json,readline,zip}
 
 apt purge -y postfix
 
@@ -45,30 +45,30 @@ EOF
 systemctl restart mariadb
 
 cd /tmp
-wget https://download.mailpiler.com/generic-local/sphinx-$SPHINX_VER-bin.tar.gz
-tar -xvzf sphinx-$SPHINX_VER-bin.tar.gz -C /
+wget https://download.mailpiler.com/generic-local/sphinx-$PILER_SPHINX_VERSION-bin.tar.gz
+tar -xvzf sphinx-$PILER_SPHINX_VERSION-bin.tar.gz -C /
 
 groupadd piler
 useradd -g piler -m -s /bin/bash -d /var/piler piler
 usermod -L piler
 chmod 755 /var/piler
 
-wget https://bitbucket.org/jsuto/piler/downloads/piler-$PILER_VER.tar.gz
-tar -xvzf piler-$PILER_VER.tar.gz
-cd piler-$PILER_VER/
+wget https://bitbucket.org/jsuto/piler/downloads/piler-$PILER_VERSION.tar.gz
+tar -xvzf piler-$PILER_VERSION.tar.gz
+cd piler-$PILER_VERSION/
 ./configure --localstatedir=/var --with-database=mysql --enable-tcpwrappers --enable-memcached
 make
 make install
 ldconfig
 
 cp util/postinstall.sh util/postinstall.sh.bak
-sed -i "s/   SMARTHOST=.*/   SMARTHOST="\"$SMARTHOST\""/" util/postinstall.sh
+sed -i "s/   PILER_SMARTHOST=.*/   PILER_SMARTHOST="\"$PILER_SMARTHOST\""/" util/postinstall.sh
 sed -i 's/   WWWGROUP=.*/   WWWGROUP="www-data"/' util/postinstall.sh
 
 make postinstall
 
 cp /usr/local/etc/piler/piler.conf /usr/local/etc/piler/piler.conf.bak
-sed -i "s/hostid=.*/hostid=$PILER_DOM/" /usr/local/etc/piler/piler.conf
+sed -i "s/hostid=.*/hostid=$PILER_FQDN/" /usr/local/etc/piler/piler.conf
 sed -i "s/update_counters_to_memcached=.*/update_counters_to_memcached=1/" /usr/local/etc/piler/piler.conf
 
 su piler -c "indexer --all --config /usr/local/etc/piler/sphinx.conf"
@@ -80,14 +80,14 @@ update-rc.d rc.piler defaults
 update-rc.d rc.searchd defaults
 
 mkdir -p /etc/nginx/ssl
-openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/nginx/ssl/piler.key -out /etc/nginx/ssl/piler.crt -subj "/CN=$PILER_DOM" -addext "subjectAltName=DNS:$PILER_DOM"
+openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/nginx/ssl/piler.key -out /etc/nginx/ssl/piler.crt -subj "/CN=$PILER_FQDN" -addext "subjectAltName=DNS:$PILER_FQDN"
 
 cd /etc/nginx/sites-available
-cp /tmp/piler-$PILER_VER/contrib/webserver/piler-nginx.conf /etc/nginx/sites-available/
+cp /tmp/piler-$PILER_VERSION/contrib/webserver/piler-nginx.conf /etc/nginx/sites-available/
 ln -s /etc/nginx/sites-available/piler-nginx.conf /etc/nginx/sites-enabled/piler-nginx.conf
 
-sed -i "s|PILER_HOST|$PILER_DOM|g" /etc/nginx/sites-available/piler-nginx.conf
-sed -i "s|/var/run/php/php7.4-fpm.sock|/var/run/php/php$PHP_VER-fpm.sock|g" /etc/nginx/sites-available/piler-nginx.conf
+sed -i "s|PILER_HOST|$PILER_FQDN|g" /etc/nginx/sites-available/piler-nginx.conf
+sed -i "s|/var/run/php/php7.4-fpm.sock|/var/run/php/php$PILER_PHP_VERSION-fpm.sock|g" /etc/nginx/sites-available/piler-nginx.conf
 
 sed -i "/server_name.*/a \\
         listen 443 ssl http2;\n\n\
@@ -106,19 +106,19 @@ sed -i "/server_name.*/a \\
 sed -i "/^server {.*/i\
 server {\n\
         listen 80;\n\
-        server_name $PILER_DOM;\n\
+        server_name $PILER_FQDN;\n\
         server_tokens off;\n\
         # HTTP to HTTPS redirect.\n\
-        return 301 https://$PILER_DOM;\n\
+        return 301 https://$PILER_FQDN;\n\
 }" /etc/nginx/sites-available/piler-nginx.conf
 
 cp /usr/local/etc/piler/config-site.php /usr/local/etc/piler/config-site.php.bak
-sed -i "s|\$config\['SITE_URL'\] = .*|\$config\['SITE_URL'\] = 'https://$PILER_DOM/';|" /usr/local/etc/piler/config-site.php
+sed -i "s|\$config\['SITE_URL'\] = .*|\$config\['SITE_URL'\] = 'https://$PILER_FQDN/';|" /usr/local/etc/piler/config-site.php
 cat >> /usr/local/etc/piler/config-site.php <<EOF
 
 // CUSTOM
-\$config['PROVIDED_BY'] = '$PILER_DOM';
-\$config['SUPPORT_LINK'] = 'https://$PILER_DOM';
+\$config['PROVIDED_BY'] = '$PILER_FQDN';
+\$config['SUPPORT_LINK'] = 'https://$PILER_FQDN';
 \$config['COMPATIBILITY'] = '';
 
 // fancy features.
@@ -137,13 +137,13 @@ cat >> /usr/local/etc/piler/config-site.php <<EOF
 //\$config['RESTORE_OVER_IMAP'] = 1;
 //\$config['IMAP_RESTORE_FOLDER_INBOX'] = 'INBOX';
 //\$config['IMAP_RESTORE_FOLDER_SENT'] = 'Sent';
-//\$config['IMAP_HOST'] = '$SMARTHOST';
+//\$config['IMAP_HOST'] = '$PILER_SMARTHOST';
 //\$config['IMAP_PORT'] =  993;
 //\$config['IMAP_SSL'] = true;
 
 // authentication against an ldap directory (disabled by default)
 //\$config['ENABLE_LDAP_AUTH'] = 1;
-//\$config['LDAP_HOST'] = '$SMARTHOST';
+//\$config['LDAP_HOST'] = '$PILER_SMARTHOST';
 //\$config['LDAP_PORT'] = 389;
 //\$config['LDAP_HELPER_DN'] = 'cn=administrator,cn=users,dc=mydomain,dc=local';
 //\$config['LDAP_HELPER_PASSWORD'] = 'myxxxxpasswd';
@@ -154,7 +154,7 @@ cat >> /usr/local/etc/piler/config-site.php <<EOF
 
 // authentication against an Uninvention based ldap directory 
 //\$config['ENABLE_LDAP_AUTH'] = 1;
-//\$config['LDAP_HOST'] = '$SMARTHOST';
+//\$config['LDAP_HOST'] = '$PILER_SMARTHOST';
 //\$config['LDAP_PORT'] = 7389;
 //\$config['LDAP_HELPER_DN'] = 'uid=ldap-search-user,cn=users,dc=mydomain,dc=local';
 //\$config['LDAP_HELPER_PASSWORD'] = 'myxxxxpasswd';
@@ -168,7 +168,7 @@ cat >> /usr/local/etc/piler/config-site.php <<EOF
 
 // special settings.
 \$config['MEMCACHED_ENABLED'] = 1;
-\$config['SPHINX_STRICT_SCHEMA'] = 1; // required for Sphinx $SPHINX_VER, see https://bitbucket.org/jsuto/piler/issues/1085/sphinx-331.
+\$config['SPHINX_STRICT_SCHEMA'] = 1; // required for Sphinx $PILER_SPHINX_VERSION, see https://bitbucket.org/jsuto/piler/issues/1085/sphinx-331.
 EOF
 
 nginx -t && systemctl restart nginx
diff --git a/matrix.orig b/matrix.orig
index 2df2a1d..54219cc 100644
--- a/matrix.orig
+++ b/matrix.orig
@@ -21,9 +21,9 @@ systemctl enable matrix-synapse
 ss -tulpen
 
 mkdir /etc/nginx/ssl
-openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/nginx/ssl/matrix.key -out /etc/nginx/ssl/matrix.crt -subj "/CN=$MRX_DOM" -addext "subjectAltName=DNS:$MRX_DOM"
+openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/nginx/ssl/matrix.key -out /etc/nginx/ssl/matrix.crt -subj "/CN=$MATRIX_FQDN" -addext "subjectAltName=DNS:$MATRIX_FQDN"
 
-cat > /etc/nginx/sites-available/$MRX_DOM <<EOF
+cat > /etc/nginx/sites-available/$MATRIX_FQDN <<EOF
 # Virtual Host configuration for example.com
 #
 # You can move that to a different file under sites-available/ and symlink that
@@ -32,15 +32,15 @@ cat > /etc/nginx/sites-available/$MRX_DOM <<EOF
 server {
     listen 80;
     listen [::]:80;
-    server_name $MRX_DOM;
+    server_name $MATRIX_FQDN;
 
-    return 301 https://$MRX_DOM;
+    return 301 https://$MATRIX_FQDN;
 }
 
 server {
     listen 443 ssl;
     listen [::]:443 ssl;
-    server_name $MRX_DOM;
+    server_name $MATRIX_FQDN;
 
     ssl on;
     ssl_certificate /etc/nginx/ssl/matrix.crt;
@@ -55,14 +55,14 @@ server {
 server {
     listen 8448 ssl;
     listen [::]:8448 ssl;
-    server_name $MRX_DOM;
+    server_name $MATRIX_FQDN;
 
     ssl on;
     ssl_certificate /etc/nginx/ssl/matrix.crt;
     ssl_certificate_key /etc/nginx/ssl/matrix.key;
 
     # If you don't wanna serve a site, comment this out
-    root /var/www/$MRX_DOM;
+    root /var/www/$MATRIX_FQDN;
     index index.html index.htm;
 
     location / {
@@ -72,9 +72,9 @@ server {
 }
 
 EOF
-ln -s /etc/nginx/sites-available/$MRX_DOM /etc/nginx/sites-enabled/$MRX_DOM
+ln -s /etc/nginx/sites-available/$MATRIX_FQDN /etc/nginx/sites-enabled/$MATRIX_FQDN
 
-cat > /etc/nginx/sites-available/$ELE_DOM <<EOF
+cat > /etc/nginx/sites-available/$MATRIX_ELEMENT_FQDN <<EOF
 # Virtual Host configuration for example.com
 #
 # You can move that to a different file under sites-available/ and symlink that
@@ -83,45 +83,45 @@ cat > /etc/nginx/sites-available/$ELE_DOM <<EOF
 server {
     listen 80;
     listen [::]:80;
-    server_name $ELE_DOM;
-    return 301 https://$ELE_DOM;
+    server_name $MATRIX_ELEMENT_FQDN;
+    return 301 https://$MATRIX_ELEMENT_FQDN;
 }
 
 server {
     listen 443 ssl;
     listen [::]:443 ssl;
-    server_name $ELE_DOM;
+    server_name $MATRIX_ELEMENT_FQDN;
 
     ssl on;
     ssl_certificate /etc/nginx/ssl/matrix.crt;
     ssl_certificate_key /etc/nginx/ssl/matrix.key;
 
     # If you don't wanna serve a site, comment this out
-    root /var/www/$ELE_DOM/element;
+    root /var/www/$MATRIX_ELEMENT_FQDN/element;
     index index.html index.htm;
 } 
 
 EOF
 
-ln -s /etc/nginx/sites-available/$ELE_DOM /etc/nginx/sites-enabled/$ELE_DOM
+ln -s /etc/nginx/sites-available/$MATRIX_ELEMENT_FQDN /etc/nginx/sites-enabled/$MATRIX_ELEMENT_FQDN
 
 systemctl restart nginx
 
-mkdir /var/www/$ELE_DOM
-cd /var/www/$ELE_DOM
+mkdir /var/www/$MATRIX_ELEMENT_FQDN
+cd /var/www/$MATRIX_ELEMENT_FQDN
 wget https://packages.riot.im/element-release-key.asc
 gpg --import element-release-key.asc
 
-wget https://github.com/vector-im/element-web/releases/download/$ELE_VER/element-$ELE_VER.tar.gz
-wget https://github.com/vector-im/element-web/releases/download/$ELE_VER/element-$ELE_VER.tar.gz.asc
-gpg --verify element-$ELE_VER.tar.gz.asc
+wget https://github.com/vector-im/element-web/releases/download/$MATRIX_ELEMENT_VERSION/element-$MATRIX_ELEMENT_VERSION.tar.gz
+wget https://github.com/vector-im/element-web/releases/download/$MATRIX_ELEMENT_VERSION/element-$MATRIX_ELEMENT_VERSION.tar.gz.asc
+gpg --verify element-$MATRIX_ELEMENT_VERSION.tar.gz.asc
 
-tar -xzvf element-$ELE_VER.tar.gz
-ln -s element-$ELE_VER element
+tar -xzvf element-$MATRIX_ELEMENT_VERSION.tar.gz
+ln -s element-$MATRIX_ELEMENT_VERSION element
 chown www-data:www-data -R element
 cp ./element/config.sample.json ./element/config.json
-sed -i "s|https://matrix-client.matrix.org|https://$MRX_DOM|" ./element/config.json
-sed -i "s|\"server_name\": \"matrix.org\"|\"server_name\": \"$MRX_DOM\"|" ./element/config.json
+sed -i "s|https://matrix-client.matrix.org|https://$MATRIX_FQDN|" ./element/config.json
+sed -i "s|\"server_name\": \"matrix.org\"|\"server_name\": \"$MATRIX_FQDN\"|" ./element/config.json
 
 su postgres <<EOF
 psql -c "CREATE USER $ELE_DBUSER WITH PASSWORD '$ELE_DBPASS';"
@@ -131,7 +131,7 @@ EOF
 
 cd /
 sed -i "s|#registration_shared_secret: <PRIVATE STRING>|registration_shared_secret: \"$MRX_PKE\"|" /etc/matrix-synapse/homeserver.yaml
-sed -i "s|#public_baseurl: https://example.com/|public_baseurl: https://$MRX_DOM/|" /etc/matrix-synapse/homeserver.yaml
+sed -i "s|#public_baseurl: https://example.com/|public_baseurl: https://$MATRIX_FQDN/|" /etc/matrix-synapse/homeserver.yaml
 sed -i "s|#enable_registration: false|enable_registration: true|" /etc/matrix-synapse/homeserver.yaml
 sed -i "s|name: sqlite3|name: psycopg2|" /etc/matrix-synapse/homeserver.yaml
 sed -i "s|database: /var/lib/matrix-synapse/homeserver.db|database: $ELE_DBNAME\n    user: $ELE_DBUSER\n    password: $ELE_DBPASS\n    host: 127.0.0.1\n    cp_min: 5\n    cp_max: 10|" /etc/matrix-synapse/homeserver.yaml
diff --git a/zmb_mem.orig b/zmb_mem.orig
index 92036c6..f8355e1 100644
--- a/zmb_mem.orig
+++ b/zmb_mem.orig
@@ -10,22 +10,22 @@ echo -ne '\n' | apt install -y acl dnsutils mc samba winbind libpam-winbind libn
 mv /etc/krb5.conf /etc/krb5.conf.bak
 cat > /etc/krb5.conf <<EOF
 [libdefaults]
-	default_realm = $ZMB_REA
+	default_realm = $ZMB_REALM
     ticket_lifetime = 600
 	dns_lookup_realm = true
 	dns_lookup_kdc = true
 	renew_lifetime = 7d
 EOF
 
-echo -e "$ZMB_APW" | kinit -V $ZMB_ADA
+echo -e "$ZMB_ADMIN_PASS" | kinit -V $ZMB_ADMIN_USER
 klist
 
 mv /etc/samba/smb.conf /etc/samba/smb.conf.bak
 cat > /etc/samba/smb.conf <<EOF
 [global]
-	workgroup = $ZMB_DOM
+	workgroup = $ZMB_DOMAIN
 	security = ADS
-	realm = $ZMB_REA
+	realm = $ZMB_REALM
 	server string = %h server
 
 	vfs objects = acl_xattr shadow_copy2
@@ -67,9 +67,9 @@ cat > /etc/samba/smb.conf <<EOF
 	shadow: snapprefix = ^zfs-auto-snap_\(frequent\)\{0,1\}\(hourly\)\{0,1\}\(daily\)\{0,1\}\(monthly\)\{0,1\}
 	shadow: delimiter = -20
 
-[share]
+[$ZMB_SHARE]
 	comment = Main Share
-	path = /tank/share
+	path = /$LXC_FILEFS_MOUNTPOINT/$ZMB_SHARE
 	read only = No
 	create mask = 0660
 	directory mask = 0770
@@ -81,7 +81,7 @@ EOF
 
 systemctl restart smbd
 
-echo -e "$ZMB_APW" | net ads join -U $ZMB_ADA createcomputer=Computers
+echo -e "$ZMB_ADMIN_PASS" | net ads join -U $ZMB_ADMIN_USER createcomputer=Computers
 sed -i "s|files systemd|files systemd winbind|g" /etc/nsswitch.conf
 sed -i "s|#WINBINDD_OPTS=|WINBINDD_OPTS=|" /etc/default/winbind
 echo -e "session optional        pam_mkhomedir.so skel=/etc/skel umask=077" >> /etc/pam.d/common-session
@@ -90,11 +90,13 @@ systemctl restart winbind nmbd
 wbinfo -u
 wbinfo -g
 
-mkdir /tank/share
-chown 'administrator':'domain users' /tank/share
+mkdir /$LXC_FILEFS_MOUNTPOINT/$ZMB_SHARE
 
-setfacl -Rm u:administrator:rwx,g::-,o::- /tank/share
-setfacl -Rdm u:administrator:rwx,g::-,o::- /tank/share
+# originally 'domain users' was set, added variable for domain admins group, samba wiki recommends separate group e.g. 'unix admins'
+chown "$ZMB_ADMIN_USER":"$ZMB_DOMAIN_ADMINS_GROUP" /$LXC_FILEFS_MOUNTPOINT/$ZMB_SHARE
+
+setfacl -Rm u:$ZMB_ADMIN_USER:rwx,g::-,o::- /$LXC_FILEFS_MOUNTPOINT/$ZMB_SHARE
+setfacl -Rdm u:$ZMB_ADMIN_USER:rwx,g::-,o::- /$LXC_FILEFS_MOUNTPOINT/$ZMB_SHARE
 
 systemctl restart smbd nmbd winbind