diff --git a/files/syslog.conf b/files/alpine/syslog.conf
similarity index 100%
rename from files/syslog.conf
rename to files/alpine/syslog.conf
diff --git a/files/update.sh b/files/alpine/update.sh
similarity index 100%
rename from files/update.sh
rename to files/alpine/update.sh
diff --git a/tasks/alpine.yml b/tasks/alpine.yml
new file mode 100644
index 0000000..a9bf8ae
--- /dev/null
+++ b/tasks/alpine.yml
@@ -0,0 +1,60 @@
+---
+- name: install basics
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- /sbin/apk add -U python3 dropbear openssh-client-default wget"
+
+- name: setup ssh
+  include: ssh.yml
+
+- name: enable dropbear
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- rc-update add dropbear" 
+
+- name: enable dropbear
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- rc-service dropbear restart"
+
+- name: install software
+  apk: name={{ alpine_software }} state=present update_cache=yes
+
+- name: deploy syslog config
+  copy:
+    src: alpine/syslog.conf
+    dest: /etc/conf.d/syslog
+    mode: 0644
+  notify:
+    - restart container
+
+- name: deploy update script
+  copy:
+    src: alpine/update.sh
+    dest: /etc/periodic/daily/update
+    mode: 0755
+    owner: root
+    group: root
+
+- name: deploy mail aliases
+  template:
+    src: aliases.j2
+    dest: /etc/aliases
+    mode: 0644
+    owner: root
+    group: root
+
+- name: deploy msmtprc
+  template:
+    src: msmtprc.j2
+    dest: /etc/msmtprc
+    mode: 0644
+    owner: root
+    group: root
+
+- name: symlink sendmail
+  file:
+    src: /usr/bin/msmtp
+    dest: /usr/sbin/sendmail
+    force: yes
+    state: link
diff --git a/tasks/archlinux.yml b/tasks/archlinux.yml
new file mode 100644
index 0000000..014e5e6
--- /dev/null
+++ b/tasks/archlinux.yml
@@ -0,0 +1,21 @@
+---
+- name: install basics
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- /usr/sbin/pacman -Syu --noconfirm python3 dropbear dropbear-scp wget"
+
+- name: setup ssh
+  include: ssh.yml
+
+- name: enable dropbear
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- systemctl enable dropbear" 
+
+- name: enable dropbear
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- systemctl restart dropbear"
+
+- name: install software
+  pacman: name={{ archlinux_software }} state=present update_cache=yes
diff --git a/tasks/main.yml b/tasks/main.yml
index 9c8a407..7c52f48 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -18,7 +18,7 @@
       mode: pull
       server: https://images.linuxcontainers.org
       protocol: simplestreams #lxd # if you get a 404, try setting protocol: simplestreams
-      alias: alpine/3.14/amd64
+      alias: "{{ container_image }}"
     devices: '{ "eth0": {"nictype":"bridged", "parent":"lxd","type":"nic","ipv4.address":"{{ ansible_host }}"} }'                                   # default to {}
     profiles: ["lxd"]
     wait_for_ipv4_addresses: true
@@ -26,55 +26,20 @@
   delegate_to: localhost
   connection: local
 
-- name: install basics
-  connection: local
-  delegate_to: localhost 
-  raw: "lxc exec {{ inventory_hostname }} -- /sbin/apk add -U python3 dropbear openssh-client-default wget"
+- name: setup alpine 
+  include: alpine.yml
+  when: '"alpine" in container_image'
 
-- name: setup /root/.ssh
-  connection: local
-  delegate_to: localhost
-  raw: "lxc exec {{ inventory_hostname }} -- mkdir -p /root/.ssh"
+- name: setup archlinux
+  include: archlinux.yml
+  when: '"archlinux" in container_image'
 
-- name: get authorized_keys
-  connection: local
-  delegate_to: localhost
-  raw: "lxc exec {{ inventory_hostname }} -- wget https://git.br0tkasten.de/br0tkasten/configs/raw/branch/master/dotfiles/authorized_keys -O /root/.ssh/authorized_keys" 
-
-- name: fix permissions
-  connection: local
-  delegate_to: localhost
-  raw: "lxc exec {{ inventory_hostname }} -- chmod 0600 /root/.ssh/authorized_keys"
-
-- name: enable dropbear
-  connection: local
-  delegate_to: localhost 
-  raw: "lxc exec {{ inventory_hostname }} -- rc-update add dropbear" 
-
-- name: enable dropbear
-  connection: local
-  delegate_to: localhost 
-  raw: "lxc exec {{ inventory_hostname }} -- rc-service dropbear restart"
-
-- name: install software
-  package: name={{ install_software }} state=present update_cache=yes
+- name: setup rockylinux
+  include: rockylinux.yml
+  when: '"rockylinux" in container_image'
 
 - name: deploy motd
   copy:
     src: motd
     dest: /etc/motd
     mode: 0644
-
-- name: deploy syslog config
-  copy:
-    src: syslog.conf
-    dest: /etc/conf.d/syslog
-    mode: 0644
-  notify:
-    - restart container
-
-- name: deploy update script
-  copy:
-    src: update.sh
-    dest: /etc/periodic/daily/update
-    mode: 0755
diff --git a/tasks/rockylinux.yml b/tasks/rockylinux.yml
new file mode 100644
index 0000000..e16eeca
--- /dev/null
+++ b/tasks/rockylinux.yml
@@ -0,0 +1,21 @@
+---
+- name: install basics
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- yum install -y python3 wget openssh-server"
+
+- name: setup ssh
+  include: ssh.yml
+
+- name: enable dropbear
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- systemctl enable sshd" 
+
+- name: enable dropbear
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- systemctl restart sshd"
+
+- name: install software
+  package: name={{ rockylinux_software }} state=present update_cache=yes
diff --git a/tasks/ssh.yml b/tasks/ssh.yml
new file mode 100644
index 0000000..8a636f7
--- /dev/null
+++ b/tasks/ssh.yml
@@ -0,0 +1,15 @@
+---
+- name: mkdir ~/.ssh
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- mkdir -p /root/.ssh" 
+
+- name: get authorized_keys
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- wget -O /root/.ssh/authorized_keys https://git.br0tkasten.de/br0tkasten/configs/raw/branch/master/dotfiles/authorized_keys" 
+
+- name: fix file permissions
+  connection: local
+  delegate_to: localhost 
+  raw: "lxc exec {{ inventory_hostname }} -- chmod 0600 /root/.ssh/authorized_keys"
diff --git a/templates/aliases.j2 b/templates/aliases.j2
new file mode 100644
index 0000000..73375ef
--- /dev/null
+++ b/templates/aliases.j2
@@ -0,0 +1,2 @@
+root: {{ mailto }}
+default: {{ mailto }}
diff --git a/templates/msmtprc.j2 b/templates/msmtprc.j2
new file mode 100644
index 0000000..8ffa419
--- /dev/null
+++ b/templates/msmtprc.j2
@@ -0,0 +1,11 @@
+defaults
+syslog on
+set_from_header on
+aliases /etc/aliases
+
+account {{ inventory_hostname_short }}
+host {{ mailrelay }}
+from {{ inventory_hostname_short }}@br0tkasten.de
+port {{ mailport }}
+
+account default : {{ inventory_hostname_short }}
diff --git a/vars/main.yml b/vars/main.yml
index ab1878f..f4d2ee3 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,9 +1,21 @@
 ---
-install_software:
+alpine_software:
   - git
   - bash
   - dropbear
   - python3
-    #  - openssh-server # enable when needed for scp
   - openssh-client-default
-  - openssh-client-common 
+  - openssh-client-common
+  - msmtp
+  - mailx
+
+archlinux_software:
+  - git
+  - bash
+  - dropbear
+
+rockylinux_software:
+  - git
+  - bash
+  - openssh-server
+  - python3