diff --git a/Dockerfile b/Dockerfile
index fda5a00..2e55f5f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,9 +8,15 @@ COPY mysql.cnf /etc/mysql/mariadb.conf.d/settings.cnf
 COPY maria-include.cnf /etc/mysql/conf.d/maria-include.cnf
 COPY custom.cnf /etc/mysql/mariadb.conf.d/custom.cnf
 RUN chown mysql:mysql /etc/mysql/mariadb.conf.d/custom.cnf
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint-new.sh /usr/local/bin/
 COPY healthcheck.sh /usr/local/bin/
 COPY automysqlbackup /etc/default
 COPY sudoers /etc/sudoers.d/mysudoers
 
-HEALTHCHECK CMD /usr/local/bin/healthcheck.sh
+HEALTHCHECK --interval=30s --start-period=30s --timeout=3s \
+  CMD /usr/local/bin/healthcheck.sh
+
+VOLUME /var/lib/automysqlbackup
+
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint-new.sh"]
+CMD ["mariadbd"]
diff --git a/README.md b/README.md
index de808a8..d260498 100644
--- a/README.md
+++ b/README.md
@@ -67,6 +67,7 @@ services:
       - SERVER_ID=3
       - READONLY=0
       - REPLICATE_DO_DB=aWordpressDatabase
+      - MARIADB_AUTO_UPGRADE=1
 ```
 
 Start the container:
@@ -253,3 +254,9 @@ If you want, you can use mariadb 10.4, 10.3, or 10.2 by changing this line in **
 ```yaml
   image: docker.asperti.com/paspo/mariadb-backup-slave:maria-10.1
 ```
+
+## Build the image locally
+
+```sh
+docker build -t mariadb-backup-slave:maria-10.3  --build-arg "MARIA_VERSION=10.3" .
+```
diff --git a/docker-entrypoint-new.sh b/docker-entrypoint-new.sh
new file mode 100755
index 0000000..a21e568
--- /dev/null
+++ b/docker-entrypoint-new.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+set -eo pipefail
+shopt -s nullglob
+
+source /usr/local/bin/docker-entrypoint.sh
+
+write_custom_config() {
+	SERVER_ID=${SERVER_ID:-33}
+	READONLY=${READONLY:-1}
+
+	cat >/etc/mysql/mariadb.conf.d/custom.cnf <<EOF
+[mysqld]
+server_id=${SERVER_ID}
+replicate-do-db=${REPLICATE_DO_DB}
+EOF
+
+	if [ "$READONLY" = "1" ] ; then
+		echo "read-only" >> /etc/mysql/mariadb.conf.d/custom.cnf
+	fi
+}
+
+start_cron() {
+	sudo cron -f &
+}
+
+chown_datadir() {
+	sudo chown -R mysql /var/lib/mysql
+}
+
+if ! _is_sourced; then
+	write_custom_config
+	chown_datadir
+	start_cron    
+	_main "$@"
+fi
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
deleted file mode 100755
index 04c485a..0000000
--- a/docker-entrypoint.sh
+++ /dev/null
@@ -1,345 +0,0 @@
-#!/bin/bash
-set -eo pipefail
-shopt -s nullglob
-
-# logging functions
-mysql_log() {
-	local type="$1"; shift
-	printf '%s [%s] [Entrypoint]: %s\n' "$(date --rfc-3339=seconds)" "$type" "$*"
-}
-mysql_note() {
-	mysql_log Note "$@"
-}
-mysql_warn() {
-	mysql_log Warn "$@" >&2
-}
-mysql_error() {
-	mysql_log ERROR "$@" >&2
-	exit 1
-}
-
-# usage: file_env VAR [DEFAULT]
-#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
-	local var="$1"
-	local fileVar="${var}_FILE"
-	local def="${2:-}"
-	if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
-		mysql_error "Both $var and $fileVar are set (but are exclusive)"
-	fi
-	local val="$def"
-	if [ "${!var:-}" ]; then
-		val="${!var}"
-	elif [ "${!fileVar:-}" ]; then
-		val="$(< "${!fileVar}")"
-	fi
-	export "$var"="$val"
-	unset "$fileVar"
-}
-
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
-	# https://unix.stackexchange.com/a/215279
-	[ "${#FUNCNAME[@]}" -ge 2 ] \
-		&& [ "${FUNCNAME[0]}" = '_is_sourced' ] \
-		&& [ "${FUNCNAME[1]}" = 'source' ]
-}
-
-# usage: docker_process_init_files [file [file [...]]]
-#    ie: docker_process_init_files /always-initdb.d/*
-# process initializer files, based on file extensions
-docker_process_init_files() {
-	# mysql here for backwards compatibility "${mysql[@]}"
-	mysql=( docker_process_sql )
-
-	echo
-	local f
-	for f; do
-		case "$f" in
-			*.sh)     mysql_note "$0: running $f"; . "$f" ;;
-			*.sql)    mysql_note "$0: running $f"; docker_process_sql < "$f"; echo ;;
-			*.sql.gz) mysql_note "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
-			*)        mysql_warn "$0: ignoring $f" ;;
-		esac
-		echo
-	done
-}
-
-mysql_check_config() {
-	local toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" ) errors
-	if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then
-		mysql_error $'mysqld failed while attempting to check config\n\tcommand was: '"${toRun[*]}"$'\n\t'"$errors"
-	fi
-}
-
-# Fetch value from server config
-# We use mysqld --verbose --help instead of my_print_defaults because the
-# latter only show values present in config files, and not server defaults
-mysql_get_config() {
-	local conf="$1"; shift
-	"$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null \
-		| awk -v conf="$conf" '$1 == conf && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }'
-	# match "datadir      /some/path with/spaces in/it here" but not "--xyz=abc\n     datadir (xyz)"
-}
-
-# Do a temporary startup of the MySQL server, for init purposes
-docker_temp_server_start() {
-	"$@" --skip-networking --socket="${SOCKET}" &
-	mysql_note "Waiting for server startup"
-	local i
-	for i in {30..0}; do
-		# only use the root password if the database has already been initializaed
-		# so that it won't try to fill in a password file when it hasn't been set yet
-		extraArgs=()
-		if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
-			extraArgs+=( '--dont-use-mysql-root-password' )
-		fi
-		if docker_process_sql "${extraArgs[@]}" --database=mysql <<<'SELECT 1' &> /dev/null; then
-			break
-		fi
-		sleep 1
-	done
-	if [ "$i" = 0 ]; then
-		mysql_error "Unable to start server."
-	fi
-}
-
-# Stop the server. When using a local socket file mysqladmin will block until
-# the shutdown is complete.
-docker_temp_server_stop() {
-	if ! mysqladmin --defaults-extra-file=<( _mysql_passfile ) shutdown -uroot --socket="${SOCKET}"; then
-		mysql_error "Unable to shut down server."
-	fi
-}
-
-# Verify that the minimally required password settings are set for new databases.
-docker_verify_minimum_env() {
-	if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
-		mysql_error $'Database is uninitialized and password option is not specified\n\tYou need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD'
-	fi
-}
-
-# creates folders for the database
-# also ensures permission for user mysql of run as root
-docker_create_db_directories() {
-	local user; user="$(id -u)"
-
-	# TODO other directories that are used by default? like /var/lib/mysql-files
-	# see https://github.com/docker-library/mysql/issues/562
-	mkdir -p "$DATADIR"
-
-	if [ "$user" = "0" ]; then
-		# this will cause less disk access than `chown -R`
-		find "$DATADIR" \! -user mysql -exec chown mysql '{}' +
-	fi
-}
-
-# initializes the database directory
-docker_init_database_dir() {
-	mysql_note "Initializing database files"
-	installArgs=( --datadir="$DATADIR" --rpm )
-	if { mysql_install_db --help || :; } | grep -q -- '--auth-root-authentication-method'; then
-		# beginning in 10.4.3, install_db uses "socket" which only allows system user root to connect, switch back to "normal" to allow mysql root without a password
-		# see https://github.com/MariaDB/server/commit/b9f3f06857ac6f9105dc65caae19782f09b47fb3
-		# (this flag doesn't exist in 10.0 and below)
-		installArgs+=( --auth-root-authentication-method=normal )
-	fi
-	# "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here)
-	mysql_install_db "${installArgs[@]}" "${@:2}"
-	mysql_note "Database files initialized"
-}
-
-# Loads various settings that are used elsewhere in the script
-# This should be called after mysql_check_config, but before any other functions
-docker_setup_env() {
-	# Get config
-	declare -g DATADIR SOCKET
-	DATADIR="$(mysql_get_config 'datadir' "$@")"
-	SOCKET="$(mysql_get_config 'socket' "$@")"
-
-	# Initialize values that might be stored in a file
-	file_env 'MYSQL_ROOT_HOST' '%'
-	file_env 'MYSQL_DATABASE'
-	file_env 'MYSQL_USER'
-	file_env 'MYSQL_PASSWORD'
-	file_env 'MYSQL_ROOT_PASSWORD'
-
-	declare -g DATABASE_ALREADY_EXISTS
-	if [ -d "$DATADIR/mysql" ]; then
-		DATABASE_ALREADY_EXISTS='true'
-	fi
-}
-
-# Execute sql script, passed via stdin
-# usage: docker_process_sql [--dont-use-mysql-root-password] [mysql-cli-args]
-#    ie: docker_process_sql --database=mydb <<<'INSERT ...'
-#    ie: docker_process_sql --dont-use-mysql-root-password --database=mydb <my-file.sql
-docker_process_sql() {
-	passfileArgs=()
-	if [ '--dont-use-mysql-root-password' = "$1" ]; then
-		passfileArgs+=( "$1" )
-		shift
-	fi
-	# args sent in can override this db, since they will be later in the command
-	if [ -n "$MYSQL_DATABASE" ]; then
-		set -- --database="$MYSQL_DATABASE" "$@"
-	fi
-
-	mysql --defaults-file=<( _mysql_passfile "${passfileArgs[@]}") --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" "$@"
-}
-
-# Initializes database with timezone info and root password, plus optional extra db/user
-docker_setup_db() {
-	# Load timezone info into database
-	if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then
-		# sed is for https://bugs.mysql.com/bug.php?id=20545
-		mysql_tzinfo_to_sql /usr/share/zoneinfo \
-			| sed 's/Local time zone must be set--see zic manual page/FCTY/' \
-			| docker_process_sql --dont-use-mysql-root-password --database=mysql
-			# tell docker_process_sql to not use MYSQL_ROOT_PASSWORD since it is not set yet
-	fi
-	# Generate random root password
-	if [ -n "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
-		export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)"
-		mysql_note "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD"
-	fi
-	# Sets root password and creates root users for non-localhost hosts
-	local rootCreate=
-	# default root to listen for connections from anywhere
-	if [ -n "$MYSQL_ROOT_HOST" ] && [ "$MYSQL_ROOT_HOST" != 'localhost' ]; then
-		# no, we don't care if read finds a terminating character in this heredoc
-		# https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151
-		read -r -d '' rootCreate <<-EOSQL || true
-			CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ;
-			GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ;
-		EOSQL
-	fi
-
-	# tell docker_process_sql to not use MYSQL_ROOT_PASSWORD since it is just now being set
-	docker_process_sql --dont-use-mysql-root-password --database=mysql <<-EOSQL
-		-- What's done in this file shouldn't be replicated
-		--  or products like mysql-fabric won't work
-		SET @@SESSION.SQL_LOG_BIN=0;
-
-		DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost') ;
-		SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ;
-		-- 10.1: https://github.com/MariaDB/server/blob/d925aec1c10cebf6c34825a7de50afe4e630aff4/scripts/mysql_secure_installation.sh#L347-L365
-		-- 10.5: https://github.com/MariaDB/server/blob/00c3a28820c67c37ebbca72691f4897b57f2eed5/scripts/mysql_secure_installation.sh#L351-L369
-		DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%' ;
-
-		GRANT ALL ON *.* TO 'root'@'localhost' WITH GRANT OPTION ;
-		FLUSH PRIVILEGES ;
-		${rootCreate}
-		DROP DATABASE IF EXISTS test ;
-	EOSQL
-
-	# Creates a custom database and user if specified
-	if [ -n "$MYSQL_DATABASE" ]; then
-		mysql_note "Creating database ${MYSQL_DATABASE}"
-		docker_process_sql --database=mysql <<<"CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;"
-	fi
-
-	if [ -n "$MYSQL_USER" ] && [ -n "$MYSQL_PASSWORD" ]; then
-		mysql_note "Creating user ${MYSQL_USER}"
-		docker_process_sql --database=mysql <<<"CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;"
-
-		if [ -n "$MYSQL_DATABASE" ]; then
-			mysql_note "Giving user ${MYSQL_USER} access to schema ${MYSQL_DATABASE}"
-			docker_process_sql --database=mysql <<<"GRANT ALL ON \`$MYSQL_DATABASE\`.* TO '$MYSQL_USER'@'%' ;"
-		fi
-
-		docker_process_sql --database=mysql <<<"FLUSH PRIVILEGES ;"
-	fi
-}
-
-_mysql_passfile() {
-	# echo the password to the "file" the client uses
-	# the client command will use process substitution to create a file on the fly
-	# ie: --defaults-file=<( _mysql_passfile )
-	if [ '--dont-use-mysql-root-password' != "$1" ] && [ -n "$MYSQL_ROOT_PASSWORD" ]; then
-		cat <<-EOF
-			[client]
-			password="${MYSQL_ROOT_PASSWORD}"
-		EOF
-	fi
-}
-
-# check arguments for an option that would cause mysqld to stop
-# return true if there is one
-_mysql_want_help() {
-	local arg
-	for arg; do
-		case "$arg" in
-			-'?'|--help|--print-defaults|-V|--version)
-				return 0
-				;;
-		esac
-	done
-	return 1
-}
-
-_main() {
-	# if command starts with an option, prepend mysqld
-	if [ "${1:0:1}" = '-' ]; then
-		set -- mysqld "$@"
-	fi
-
-	# skip setup if they aren't running mysqld or want an option that stops mysqld
-	if [ "$1" = 'mysqld' ] && ! _mysql_want_help "$@"; then
-		mysql_note "Entrypoint script for MySQL Server ${MYSQL_VERSION} started."
-
-		mysql_check_config "$@"
-		# Load various environment variables
-		docker_setup_env "$@"
-		docker_create_db_directories
-
-		# If container is started as root user, restart as dedicated mysql user
-		if [ "$(id -u)" = "0" ]; then
-			mysql_note "Switching to dedicated user 'mysql'"
-			exec gosu mysql "$BASH_SOURCE" "$@"
-		fi
-
-		# there's no database, so it needs to be initialized
-		if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
-			docker_verify_minimum_env
-			docker_init_database_dir "$@"
-
-			mysql_note "Starting temporary server"
-			docker_temp_server_start "$@"
-			mysql_note "Temporary server started."
-
-			docker_setup_db
-			docker_process_init_files /docker-entrypoint-initdb.d/*
-
-			mysql_note "Stopping temporary server"
-			docker_temp_server_stop
-			mysql_note "Temporary server stopped"
-
-			echo
-			mysql_note "MySQL init process done. Ready for start up."
-			echo
-		fi
-	fi
-	exec "$@"
-}
-
-# If we are sourced from elsewhere, don't perform any further actions
-if ! _is_sourced; then
-	SERVER_ID=${SERVER_ID:-33}
-	READONLY=${READONLY:-1}
-
-	cat >/etc/mysql/mariadb.conf.d/custom.cnf <<EOF
-[mysqld]
-server_id=${SERVER_ID}
-replicate-do-db=${REPLICATE_DO_DB}
-EOF
-
-	if [ "$READONLY" = "1" ] ; then
-		echo "read-only" >> /etc/mysql/mariadb.conf.d/custom.cnf
-	fi
-	
-  sudo cron -f &
-	_main "$@"
-fi
diff --git a/healthcheck.sh b/healthcheck.sh
index 14823f4..7de28be 100755
--- a/healthcheck.sh
+++ b/healthcheck.sh
@@ -1,8 +1,17 @@
 #!/bin/bash
 
+# slave not configured
+RES=$(mysql -uroot -p"$MYSQL_ROOT_PASSWORD" -e 'SHOW SLAVE STATUS\G')
+if [ "a$RES" = "a" ]; then
+    exit 0
+fi
+
+# slave ok
 RES=$(mysql -uroot -p"$MYSQL_ROOT_PASSWORD" -e 'SHOW SLAVE STATUS\G' | egrep '(Slave_IO_Running|Slave_SQL_Running):' | awk -F: '{print $2}' | tr '\n' ',')
 if [ "$RES" = " Yes, Yes," ]; then
     exit 0
 fi
+
+# slave not ok
 exit 1
     
\ No newline at end of file
diff --git a/sudoers b/sudoers
index d63834f..1f58033 100644
--- a/sudoers
+++ b/sudoers
@@ -1,3 +1,3 @@
 mysql ALL = (ALL) NOPASSWD: /usr/sbin/service cron start
 mysql ALL = (ALL) NOPASSWD: /usr/sbin/cron
-
+mysql ALL = (ALL) NOPASSWD: /usr/bin/chown