diff --git a/.drone.yml b/.drone.yml
index cae6c21..ac6b9ab 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -13,6 +13,8 @@ steps:
   environment:
     HCLOUD_TOKEN:
       from_secret: hcloud_token
+    SSH_PUBKEY:
+      from_secret: ssh_pubkey
   commands:
   - apk add -U openssh
   - wget -O- https://github.com/hetznercloud/cli/releases/latest/download/hcloud-linux-amd64.tar.gz | tar zx
@@ -23,7 +25,10 @@ steps:
   - IP="$(hcloud server ip "$SERVER_ID")"
   - until ping -c 1 "$IP"; do sleep 5; done
   - until ssh-keyscan "$IP" > /root/.ssh/known_hosts; do sleep 5; done
-  - echo "ssh root@$IP \"\$@\"" > ssh
-  - chmod +x ssh
-  - ./ssh 
-  - ./hcloud ssh-key delete drone
\ No newline at end of file
+  - scp install-arch.sh "root@${IP}:/root/install-arch.sh"
+  - echo "$SSH_PUBKEY" > authorized_keys
+  - scp authorized_keys "root@${IP}:/root/authorized_keys"
+  - ssh root@$IP /root/install-arch.sh
+  - ./hcloud server reset $SERVER_ID
+  - ./hcloud ssh-key delete drone
+  - until ping -c 1 "$IP"; do sleep 5; done
\ No newline at end of file
diff --git a/install-arch.sh b/install-arch.sh
new file mode 100644
index 0000000..0fcd6ec
--- /dev/null
+++ b/install-arch.sh
@@ -0,0 +1,45 @@
+#!/usr/bin/env bash
+set -e
+set -x
+
+bchroot() {
+   ./root.x86_64/usr/bin/arch-chroot root.x86_64 $@
+}
+
+rchroot() {
+   ./root.x86_64/usr/bin/arch-chroot root.x86_64/mnt $@
+}
+
+curl -o archlinux-bootstrap.tgz "https://ftp.fau.de/archlinux/iso/latest/archlinux-bootstrap-$(date '+%Y.%m.01')-x86_64.tar.gz"
+tar xzf archlinux-bootstrap.tgz
+
+mount --bind root.x86_64 root.x86_64
+echo 'Server = https://ftp.fau.de/archlinux/$repo/os/$arch' > /mnt/etc/pacman.d/mirrorlist
+
+bchroot pacman-key --init
+bchroot pacman-key --populate archlinux
+bchroot pacman --noconfirm -Sy gdisk
+echo -e "o\ny\nn\n\n\n+1M\nef02\nn\n\n\n\n\nw\ny" | bchroot gdisk /dev/sda
+echo y | bchroot mkfs.ext4 /dev/sda2
+bchroot mount /dev/sda2 /mnt
+bchroot pacstrap -G -M /mnt base grub linux linux-firmware openssh
+bchroot genfstab -U /mnt >> /mnt/etc/fstab
+
+rchroot mkinitcpio -p linux
+rchroot grub-install /dev/sda
+rchroot grub-mkconfig -o /boot/grub/grub.cfg
+
+IF_NAME="$(udevadm info -q all -p /sys/class/net/eth0 | grep ID_NET_NAME_SLOT | cut -d'=' -f2)"
+echo "[Match]\nName=${IF_NAME}\n\n[Network]\nDHCP=yes\n" > "root.x86_64/mnt/etc/systemd/network/${IF_NAME}.network"
+rchroot systemctl enable systemd-networkd
+rchroot systemctl enable systemd-resolved
+
+curl -s 'https://archlinux.org/mirrorlist/?country=DE&protocol=https&ip_version=4&use_mirror_status=on' | awk '/^#Server/{ $1 = "Server"; print $0}' > root.x86_64/mnt/etc/pacman.d/mirrorlist
+rchroot pacman-key --init
+rchroot pacman-key --populate archlinux
+
+rchroot systemctl enable sshd
+mkdir root.x86_64/mnt/root/.ssh
+cp authorized_keys root.x86_64/mnt/root/.ssh/
+
+bchroot umount /mnt
\ No newline at end of file