diff --git a/.gitignore b/.gitignore
index 1748234..2e0d29d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,4 +4,8 @@
 /.env
 /socks
 /host.key
-/custom
\ No newline at end of file
+/custom
+/dist
+tools/
+/CHANGELOG.md
+/.chglog
\ No newline at end of file
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
new file mode 100644
index 0000000..f636386
--- /dev/null
+++ b/.goreleaser.yaml
@@ -0,0 +1,100 @@
+project_name: rebound
+before:
+  hooks:
+    - go mod tidy
+builds:
+  - id: rebound
+    env:
+      - CGO_ENABLED=0
+    ldflags:
+      - -s
+      - -w
+      - -X 'main.Version=${MKT_PROJECT_VERSION}'
+    gcflags:
+      - -trimpath="${PWD}"
+    asmflags:
+      - -trimpath="${PWD}"
+    goos:
+      - linux
+    goarch:
+      - amd64
+      - "386"
+    main: ./cmd/server
+archives:
+  - id: rebound
+    builds: ["rebound"]
+    name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ with .Arm }}v{{ . }}{{ end }}{{ with .Mips }}_{{ . }}{{ end }}{{ if not (eq .Amd64 "v1") }}{{ .Amd64 }}{{ end }}'
+    files:
+      - README.md
+checksum:
+  name_template: 'checksums.txt'
+snapshot:
+  name_template: "{{ .Version }}"
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - '^docs:'
+      - '^test:'
+nfpms:
+  - id: rebound
+    builds:
+      - "rebound"
+    package_name: rebound
+    homepage: https://forge.cadoles.com/wpetit/rebound
+    maintainer: William Petit <wpetit@cadoles.com>
+    description: |-
+      SSH tunneling for machines behind NATs.
+    license: AGPL-3.0
+    formats:
+      - apk
+      - deb
+      - rpm
+    contents:
+      # Deb
+      - src: misc/packaging/systemd/rebound.systemd.service
+        dst: /usr/lib/systemd/system/rebound.service
+        packager: deb
+      - src: misc/packaging/systemd/rebound.env
+        dst: /etc/rebound/environ
+        packager: deb
+
+      # RPM
+      - src: misc/packaging/systemd/rebound.systemd.service
+        dst: /usr/lib/systemd/system/rebound.service
+        packager: rpm    
+      - src: misc/packaging/systemd/rebound.env
+        dst: /etc/rebound/environ
+        packager: rpm
+
+      # APK
+      - src: misc/packaging/openrc/rebound.openrc.sh
+        dst: /etc/init.d/rebound
+        file_info:
+          mode: 0755
+        packager: apk
+      - src: misc/packaging/openrc/rebound.conf
+        dst: /etc/conf.d/rebound
+        file_info:
+          mode: 0755
+        packager: apk
+
+      # All
+      - dst: /var/lib/rebound
+        type: dir
+        file_info:
+          mode: 0700
+      - dst: /etc/rebound/custom
+        type: dir
+        file_info:
+          mode: 0700
+      - dst: /usr/share/rebound
+        type: dir
+        file_info:
+          mode: 0700
+      - dst: /var/log/rebound
+        type: dir
+        file_info:
+          mode: 0700
+    scripts:
+      postinstall: "misc/packaging/common/postinstall-rebound.sh"
diff --git a/Makefile b/Makefile
index 94ef220..b4760d2 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,15 @@
 SHELL := /bin/bash
 DOKKU_URL := dokku@dev.lookingfora.name:rebound
 
+GORELEASER_VERSION ?= v1.13.1
+GORELEASER_ARGS ?= release --snapshot  --clean
+
+MKT_GITEA_RELEASE_ORG ?= wpetit
+MKT_GITEA_RELEASE_PROJECT ?= rebound
+MKT_GITEA_RELEASE_VERSION ?= $(MKT_PROJECT_VERSION)
+
+DEPLOY_TARGET ?= root@cadoles-rebound
+
 all: build
 
 watch: tools/modd/bin/modd
@@ -34,6 +43,25 @@ dokku-deploy:
 	$(if $(shell git config remote.dokku.url),, git remote add dokku $(DOKKU_URL))
 	git push -f dokku $(shell git rev-parse HEAD):refs/heads/master
 
+.PHONY: dist
+dist: .mktools
+	( set -o allexport && source .env && set +o allexport && VERSION=$(GORELEASER_VERSION) curl -sfL https://goreleaser.com/static/run | GORELEASER_CURRENT_TAG="$(MKT_PROJECT_VERSION)" bash /dev/stdin $(GORELEASER_ARGS) )
+
+.PHONY: release
+release: changelog
+	$(MAKE) MKT_GITEA_RELEASE_ATTACHMENTS="$$(find dist/* -type f -name '*.apk' -or -name '*.deb' -or -name '*.rpm' -or -name 'checksums.txt' -or -name 'CHANGELOG.md' | tr '\n' ' ')" mkt-gitea-release
+
+.PHONY: changelog
+changelog: .mktools
+	$(MAKE) MKT_GIT_CHGLOG_ARGS='--next-tag $(MKT_PROJECT_VERSION) --tag-filter-pattern $(MKT_PROJECT_VERSION_CHANNEL) --output CHANGELOG.md' mkt-changelog
+
+.PHONY: deploy
+deploy: dist
+	FILE=$$(find ./dist -name '*amd64.deb') \
+		&& ssh $(DEPLOY_TARGET) rm -f ~/rebound_*amd64.deb \
+		&& scp $${FILE} $(DEPLOY_TARGET):~/ \
+		&& ssh $(DEPLOY_TARGET) dpkg -i $$(basename $${FILE})
+
 .PHONY: mktools
 mktools:
 	rm -rf .mktools
diff --git a/misc/packaging/common/postinstall-rebound.sh b/misc/packaging/common/postinstall-rebound.sh
new file mode 100644
index 0000000..a8cdb6c
--- /dev/null
+++ b/misc/packaging/common/postinstall-rebound.sh
@@ -0,0 +1,75 @@
+#!/bin/sh
+
+use_systemctl="True"
+systemd_version=0
+if ! command -V systemctl >/dev/null 2>&1; then
+  use_systemctl="False"
+else
+  systemd_version=$(systemctl --version | head -1 | cut -d ' ' -f 2)
+fi
+
+service_name=rebound
+
+cleanup() {
+  if [ "${use_systemctl}" = "False" ]; then
+    rm -f /usr/lib/systemd/system/${service_name}.service
+  else
+    rm -f /etc/chkconfig/${service_name}
+    rm -f /etc/init.d/${service_name}
+  fi
+}
+
+cleanInstall() {
+  printf "\033[32m Post Install of an clean install\033[0m\n"
+  if [ "${use_systemctl}" = "False" ]; then
+    if command -V chkconfig >/dev/null 2>&1; then
+      chkconfig --add ${service_name}
+    fi
+
+    service ${service_name} restart || :
+  else
+    if [[ "${systemd_version}" -lt 231 ]]; then
+      printf "\033[31m systemd version %s is less then 231, fixing the service file \033[0m\n" "${systemd_version}"
+      sed -i "s/=+/=/g" /usr/lib/systemd/system/${service_name}.service
+    fi
+    printf "\033[32m Reload the service unit from disk\033[0m\n"
+    systemctl daemon-reload || :
+    printf "\033[32m Unmask the service\033[0m\n"
+    systemctl unmask ${service_name} || :
+    printf "\033[32m Set the preset flag for the service unit\033[0m\n"
+    systemctl preset ${service_name} || :
+    printf "\033[32m Set the enabled flag for the service unit\033[0m\n"
+    systemctl enable ${service_name} || :
+    systemctl restart ${service_name} || :
+  fi
+}
+
+upgrade() {
+  printf "\033[32m Post Install of an upgrade\033[0m\n"
+  systemctl daemon-reload || :
+  systemctl restart ${service_name} || :
+}
+
+# Step 2, check if this is a clean install or an upgrade
+action="$1"
+if [ "$1" = "configure" ] && [ -z "$2" ]; then
+  action="install"
+elif [ "$1" = "configure" ] && [ -n "$2" ]; then
+  action="upgrade"
+fi
+
+case "$action" in
+"1" | "install")
+  cleanInstall
+  ;;
+"2" | "upgrade")
+  printf "\033[32m Post Install of an upgrade\033[0m\n"
+  upgrade
+  ;;
+*)
+  printf "\033[32m Alpine\033[0m"
+  cleanInstall
+  ;;
+esac
+
+cleanup
diff --git a/misc/packaging/openrc/rebound.conf b/misc/packaging/openrc/rebound.conf
new file mode 100644
index 0000000..ed7004a
--- /dev/null
+++ b/misc/packaging/openrc/rebound.conf
@@ -0,0 +1,6 @@
+export REBOUND_ADDRESS=:2222
+export REBOUND_HTTP_CUSTOM_DIR=/etc/rebound/custom
+export REBOUND_SSH_PUBLIC_HOST=rebound
+export REBOUND_SSH_PUBLIC_PORT=2222
+export REBOUND_SSH_SOCK_DIR=/var/lib/rebound/socks
+export REBOUND_SSH_HOST_KEY=/etc/rebound/host.key
\ No newline at end of file
diff --git a/misc/packaging/openrc/rebound.openrc.sh b/misc/packaging/openrc/rebound.openrc.sh
new file mode 100644
index 0000000..202549c
--- /dev/null
+++ b/misc/packaging/openrc/rebound.openrc.sh
@@ -0,0 +1,11 @@
+#!/sbin/openrc-run
+  
+command="/usr/bin/rebound"
+command_args=""
+supervisor=supervise-daemon
+output_log="/var/log/rebound.log"
+error_log="$output_log"
+
+depend() {
+    need net
+}
\ No newline at end of file
diff --git a/misc/packaging/systemd/rebound.env b/misc/packaging/systemd/rebound.env
new file mode 100644
index 0000000..c50b24d
--- /dev/null
+++ b/misc/packaging/systemd/rebound.env
@@ -0,0 +1,6 @@
+REBOUND_ADDRESS=:8080
+REBOUND_HTTP_CUSTOM_DIR=/var/lib/rebound/custom
+REBOUND_SSH_PUBLIC_HOST=rebound
+REBOUND_SSH_PUBLIC_PORT=8080
+REBOUND_SSH_SOCK_DIR=/var/lib/rebound/socks
+REBOUND_SSH_HOST_KEY=/var/lib/rebound/host.key
\ No newline at end of file
diff --git a/misc/packaging/systemd/rebound.systemd.service b/misc/packaging/systemd/rebound.systemd.service
new file mode 100644
index 0000000..e5ac0f3
--- /dev/null
+++ b/misc/packaging/systemd/rebound.systemd.service
@@ -0,0 +1,35 @@
+[Unit]
+Description=rebound service
+After=network.target
+
+[Service]
+Type=simple
+Restart=on-failure
+EnvironmentFile=/etc/rebound/environ
+ExecStart=/usr/bin/rebound
+EnvironmentFile=/etc/rebound/environ
+NoNewPrivileges=yes
+PrivateTmp=yes
+PrivateDevices=yes
+PrivateUsers=yes
+DynamicUser=yes
+StateDirectory=rebound
+DevicePolicy=closed
+ProtectSystem=true
+ProtectHome=read-only
+ProtectKernelLogs=yes
+ProtectProc=invisible
+ProtectClock=yes
+ProtectControlGroups=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+MemoryDenyWriteExecute=yes
+LockPersonality=yes
+CapabilityBoundingSet=~CAP_SETUID CAP_SETGID CAP_SETPCAP CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_CHOWN CAP_FSETID CAP_SETFCAP CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH  CAP_FOWNER CAP_IPC_OWNER CAP_NET_ADMIN CAP_WAKE_ALARM CAP_SYS_TTY_CONFIG 
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file