diff --git a/Dockerfile b/Dockerfile
index 516c90a..230b984 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,11 +18,16 @@ RUN apt-get update && \
         mkdir -p /opt/${REPO_NAME} && \
         chown -R -v ${USER_NAME}. /opt/${REPO_NAME}
 
-USER ${USER_NAME}
 WORKDIR /home/${USER_NAME}
 ENV PATH="/home/${USER_NAME}/.local/bin:${PATH}"
 
 FROM base as builder
+RUN apt-get update && \
+        apt-get install -y ruby ruby-dev rubygems && \
+        apt-get autoremove && \
+        apt-get autoclean && \
+        gem install --no-document fpm
+USER ${USER_NAME}
 ARG PIP_REPO_URL="https://git.sudo.is/api/packages/ben/pypi"
 ARG PIP_REPO_NAME="gitea"
 WORKDIR /opt/${REPO_NAME}
@@ -34,6 +39,9 @@ RUN python3 -m pip install poetry --pre && \
         echo "repositories configured for poetry:" && \
         python3 -m poetry config repositories && \
         poetry self -V
+
+#         python3 -m poetry config cache-dir "/usr/local/virtualenvs" && \
+
 COPY --chown=${USER_NAME} .flake8 poetry.lock pyproject.toml /opt/${REPO_NAME}/
 
 # install dependencies with poetry and then freeze them in a file, so
@@ -56,10 +64,17 @@ RUN poetry run pytest && \
 # because this way we dont need to deal with permissions
 RUN poetry build --no-interaction
 
+COPY --chown=${USERNAME} deb /opt/${REPO_NAME}/deb/
+COPY --chown=${USERNAME} scripts/build/build-deb.sh /usr/local/bin/build-deb.sh
+RUN /usr/local/bin/build-deb.sh
+RUN dpkg -I dist/sudoisbot_*.deb && dpkg -c dist/sudoisbot_*.deb
+
+
 ENTRYPOINT ["poetry"]
 CMD ["build"]
 
 FROM base as final
+USER ${USER_NAME}
 COPY --chown=${USER_NAME} --from=builder /opt/${REPO_NAME}/requirements.txt /opt/${REPO_NAME}/
 RUN python3 -m pip install -r /opt/${REPO_NAME}/requirements.txt && \
         python3 -m pip cache purge && \
diff --git a/Jenkinsfile b/Jenkinsfile
index 150a6e6..5b70186 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -1,7 +1,7 @@
 @Library('shared-jenkins-pipelines') _
 
 // source:
-// https://git.sudo.is/ben/shared-jenkins-pipelines/src/branch/main/vars/pythondocker.groovy
+// https://git.sudo.is/ben/shared-jenkins-pipelines/src/branch/main/vars/poetry.groovy
 
 poetry(
     docker: true,
diff --git a/deb/after-install.sh b/deb/after-install.sh
new file mode 100644
index 0000000..890d49b
--- /dev/null
+++ b/deb/after-install.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+systemctl daemon-reload
+
+if `systemctl is-active --quiet sudoisbot@temp_pub`; then
+    echo -n "restarting temp_pub..."
+    service sudoisbot@temp_pub restart
+    echo "ok"
+fi
diff --git a/deb/etc/systemd/system/sudoisbot@.service b/deb/etc/systemd/system/sudoisbot@.service
new file mode 100644
index 0000000..be2f335
--- /dev/null
+++ b/deb/etc/systemd/system/sudoisbot@.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=sudoisbot
+After=syslog.target
+
+[Service]
+User=sudoisbot
+Group=sudoisbot
+WorkingDirectory=/var/lib/sudoisbot
+ExecStart=/usr/local/bin/sudoisbot %I
+Restart=on-failure
+RestartSec=6
+
+[Install]
+WantedBy=multi-user.target
diff --git a/scripts/build/build-deb.sh b/scripts/build/build-deb.sh
new file mode 100755
index 0000000..d90b361
--- /dev/null
+++ b/scripts/build/build-deb.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+set -e
+
+DEPS="-d python3.10"
+
+pypoetry_venv_path=$(poetry env info -p)
+version=$(poetry version -s)
+pwd=$(pwd)
+
+
+echo "pypoetry_venv_path: $pypoetry_venv_path"
+echo "version: $version"
+
+
+fpm \
+    -a all \
+    -t deb \
+    $DEPS \
+    -n ${REPO_NAME} \
+    -v ${version} \
+    --config-files /etc/systemd/system/sudoisbot@.service \
+    --after-install deb/after-install.sh \
+    -s dir \
+    $pypoetry_venv_path \
+    $pypoetry_venv_path=/usr/local/virtualenvs/${REPO_NAME} \
+    $(pwd)/deb/etc/systemd/system/=/etc/systemd/system/
+
+mv -v ${REPO_NAME}_*.deb dist/
diff --git a/scripts/build/docker-build.sh b/scripts/build/build-docker.sh
similarity index 100%
rename from scripts/build/docker-build.sh
rename to scripts/build/build-docker.sh