diff --git a/slack/prod/tsys-base/files/root/.ssh/authorized_keys b/slack/prod/tsys-base/files/root/.ssh/authorized_keys
new file mode 100644
index 0000000..f536366
--- /dev/null
+++ b/slack/prod/tsys-base/files/root/.ssh/authorized_keys
@@ -0,0 +1,9 @@
+
+
+# GSA key
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1LqY098c3Hsjs0UkqbXyi/r+k3iDEFAXkUWKx0vvp/HboRaOFPc6+GqYuD4t3gPs38eKg/8fjyc1bVgDtF+tCz+gsp+qF9GaVXVCyCz5wJ3qICnoJLqEej17xBFZwGyFYuZXnGGyng8Hw1reRCN9v8eOLWyPXot7gfwnv+doT41T9kpvIP+vjsvjkyAlw50Yk+vWQDnhZtw8DeS8N/+eglqJ7DTZ8/77tPMeXZ/I+mQNcRa0CUDXC5OB7YRKto+i+mPCKCD/utA3BH7cDBvBvBi+jnkN7sR4Wi2Bi18JD2P/nLzx06h5Fv1YRE/hZ4bBLurEFF7FTqDKk0TebKhCV
+
+
+#TSYS service key
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGIzki6Xxyyih5HWMXR/uWLGgJprDGEBWC3JX8G7562zcx3eKDl0GKmZv4cl0AZZUwLATvpks8w2Bk6BL7cDvgUkmgpawHgGeRCjLi19/gG8t6M7k+U/rw6uu5SeaFXy5q22zkkE2TDTotWsoa6NE59Gc5/dNgQkYC0r1adD/J2+A6XgxoHdAEVX7gkFhBhXJKTkCYgatDzyE1IUoWLYAQpnMPcBUwK/i7qrcrVYqz0IS6p3MuYYS1+hr1MbMd5bX+Gm6PB6zf/CKhJkUFvaYS+QkVCMzQKrxNRuCs7ULyYvvi9EfxcCow06LuYvslMpEMIfJp8zKX9rhlvu9tuOkF librenms@toolbox
+
diff --git a/slack/prod/tsys-base/files/usr/local/share/ca-certificates/chain.cert.pem b/slack/prod/tsys-base/files/usr/local/share/ca-certificates/chain.cert.pem
new file mode 100644
index 0000000..5193eb4
--- /dev/null
+++ b/slack/prod/tsys-base/files/usr/local/share/ca-certificates/chain.cert.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIICNTCCAdygAwIBAgICEAAwCgYIKoZIzj0EAwIwbDELMAkGA1UEBhMCVVMxDjAM
+BgNVBAgMBVRleGFzMRcwFQYDVQQKDA5UdXJuTmV0U3lzdGVtczEdMBsGA1UECwwU
+Q2VydGlmaWNhdGUgU2VydmljZXMxFTATBgNVBAMMDFRTWVMgUm9vdCBDQTAeFw0x
+ODA1MjYwMTM1NTNaFw0yODA1MjMwMTM1NTNaMHQxCzAJBgNVBAYTAlVTMQ4wDAYD
+VQQIDAVUZXhhczEXMBUGA1UECgwOVHVybk5ldFN5c3RlbXMxHTAbBgNVBAsMFENl
+cnRpZmljYXRlIFNlcnZpY2VzMR0wGwYDVQQDDBRUU1lTIEludGVybWVkaWF0ZSBD
+QTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOvDEmYWB9j42XbS8vreHl6V7jx7
+eAw7uJGx80NwnUxDNsr+mTlSUMB3Z+7ppAG8q56AYaYCmJ0EeLquI4j48cyjZjBk
+MB0GA1UdDgQWBBS/2ufN7K3FSVsaRdOyVtRD0j+ZhzAfBgNVHSMEGDAWgBREJ92X
+kahcElWwHaNEYzJ6jbHU+TASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQE
+AwIBhjAKBggqhkjOPQQDAgNHADBEAiB0Szlopj/4m5Gh10GM3cJVIKSaIEhpbZn1
+e9DDh6boWwIgHmZUCaDV1F+3yAHC2Ua+bJPKkmcsmGWc956F76mj21E=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICMTCCAdigAwIBAgIJAP0coUv+FyQYMAoGCCqGSM49BAMCMGwxCzAJBgNVBAYT
+AlVTMQ4wDAYDVQQIDAVUZXhhczEXMBUGA1UECgwOVHVybk5ldFN5c3RlbXMxHTAb
+BgNVBAsMFENlcnRpZmljYXRlIFNlcnZpY2VzMRUwEwYDVQQDDAxUU1lTIFJvb3Qg
+Q0EwHhcNMTgwNTI2MDEzMjUzWhcNNDYwNjE3MDEzMjUzWjBsMQswCQYDVQQGEwJV
+UzEOMAwGA1UECAwFVGV4YXMxFzAVBgNVBAoMDlR1cm5OZXRTeXN0ZW1zMR0wGwYD
+VQQLDBRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEVMBMGA1UEAwwMVFNZUyBSb290IENB
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQwCbkoUzB2WRAP4JgXzBQ/0qrXKV
+LfSAzr6MH9Y8SsIIgE4YBd3ROiudAcUjIObbfJcgZTmjkDtig+hHRCwMa6NjMGEw
+HQYDVR0OBBYEFEQn3ZeRqFwSVbAdo0RjMnqNsdT5MB8GA1UdIwQYMBaAFEQn3ZeR
+qFwSVbAdo0RjMnqNsdT5MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGG
+MAoGCCqGSM49BAMCA0cAMEQCICw1tWHkvCwo6FJrmWqLlzrR3AsZaU0Fv7sL2GTE
+R06yAiBAsiGtwNTaN+L3wgyhMt+ybmNlrDpgqFJVzKrfbGbQCA==
+-----END CERTIFICATE-----
diff --git a/slack/prod/tsys-base/files/usr/local/share/ca-certificates/root.cert.pem b/slack/prod/tsys-base/files/usr/local/share/ca-certificates/root.cert.pem
new file mode 100644
index 0000000..ed81f11
--- /dev/null
+++ b/slack/prod/tsys-base/files/usr/local/share/ca-certificates/root.cert.pem
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICMTCCAdigAwIBAgIJAP0coUv+FyQYMAoGCCqGSM49BAMCMGwxCzAJBgNVBAYT
+AlVTMQ4wDAYDVQQIDAVUZXhhczEXMBUGA1UECgwOVHVybk5ldFN5c3RlbXMxHTAb
+BgNVBAsMFENlcnRpZmljYXRlIFNlcnZpY2VzMRUwEwYDVQQDDAxUU1lTIFJvb3Qg
+Q0EwHhcNMTgwNTI2MDEzMjUzWhcNNDYwNjE3MDEzMjUzWjBsMQswCQYDVQQGEwJV
+UzEOMAwGA1UECAwFVGV4YXMxFzAVBgNVBAoMDlR1cm5OZXRTeXN0ZW1zMR0wGwYD
+VQQLDBRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEVMBMGA1UEAwwMVFNZUyBSb290IENB
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQwCbkoUzB2WRAP4JgXzBQ/0qrXKV
+LfSAzr6MH9Y8SsIIgE4YBd3ROiudAcUjIObbfJcgZTmjkDtig+hHRCwMa6NjMGEw
+HQYDVR0OBBYEFEQn3ZeRqFwSVbAdo0RjMnqNsdT5MB8GA1UdIwQYMBaAFEQn3ZeR
+qFwSVbAdo0RjMnqNsdT5MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGG
+MAoGCCqGSM49BAMCA0cAMEQCICw1tWHkvCwo6FJrmWqLlzrR3AsZaU0Fv7sL2GTE
+R06yAiBAsiGtwNTaN+L3wgyhMt+ybmNlrDpgqFJVzKrfbGbQCA==
+-----END CERTIFICATE-----
diff --git a/slack/prod/tsys-base/scripts/postinstall b/slack/prod/tsys-base/scripts/postinstall
index f1d8450..c298dc6 100755
--- a/slack/prod/tsys-base/scripts/postinstall
+++ b/slack/prod/tsys-base/scripts/postinstall
@@ -17,7 +17,6 @@ fi
 
 unlink /etc/localtime
 ln -s /usr/share/zoneinfo/America/Chicago /etc/localtime
-apt -y install htop glances dstat ladvd snmpd ntp tcpdump autofs logwatch molly-guard etckeeper auditd rkhunter rsyslog ngrep screen
 
 MGMT_INT=$(netstat -rn|grep 0.0.0.0|head -n1|awk '{print $NF}')
 PFV_MGMT_IP=$(ifconfig $MGMT_INT|grep inet|grep 10.251 -c)
@@ -32,10 +31,45 @@ if [ $OVH_MGMT_IP -eq 1 ]; then
 fi
 
 #/usr/local/bin/up2date.sh
+
 #apt-get update
 #apt-get -y --purge autoremove
 #apt-get -y autoclean
 #apt-get -y upgrade
 #apt-get -y dist-upgrade
 
+
+#Step 1: Update the cache and apply all vendor patches
+echo "Running apt-get update"
+export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes update
+
+echo "Running apt-get dist-upgrade"
+export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes dist-upgrade
+
+echo "Running apt-get upgrade"
+export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes upgrade
+
+
+echo "Running apt-get purge"
+export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --purge autoremove --yes
+
+
+#Step 2: Cleanup default cruft
+echo "removing evil from the world, one nano install at a time"
+export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes --purge remove nano
+
+if [ $UBUNTU_SERVER -eq 0 ]; then
+sed -i "s/dns=dnsmasq/#dns=dnsmasq/" /etc/NetworkManager/NetworkManager.conf
+fi
+
+unlink /etc/resolv.conf
+ln -s /etc/tplab-resolv.conf /etc/resolv.conf
+
+#Step 3: The usual suspects
+export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes -o Dpkg::Options::="--force-confold" install snmpd sssd sssd-ad ncdu iftop nethogs screen open-vm-tools acct tshark tcpdump glances dstat htop sysdig sysstat rsync clamav logwatch zsh sl postfix molly-guard git mailutils ladvd etckeeper auditd rkhunter rsyslog ngrep ntp
+
+#Turn on process accounting
+echo "Turning on process accounting..."
+accton on
+
 slack tsys-$tsysSysLocation