diff --git a/nextcloud.yml b/nextcloud.yml
index 458773c..14f5785 100644
--- a/nextcloud.yml
+++ b/nextcloud.yml
@@ -60,6 +60,37 @@
         chdir: /home/docker/nextcloud.{{inventory_hostname}}
         creates: /home/docker/nextcloud.{{inventory_hostname}}/env
 
+    - name: /home/docker/nextcloud.{{inventory_hostname}}/fulldockerfile.sh (Download full Dockerfile)
+      blockinfile:
+        path: /home/docker/nextcloud.{{inventory_hostname}}/fulldockerfile.sh
+        create: yes
+        mode: 0550
+        owner: root
+        group: docker
+        marker: "# {mark} ANSIBLE MANAGED BLOCK"
+        block: |
+          cd /home/docker/nextcloud.{{inventory_hostname}}
+
+          wget https://github.com/nextcloud/docker/raw/master/.examples/dockerfiles/full/apache/Dockerfile -O Dockerfile
+          sed -i 's/^FROM nextcloud:apache/FROM nextcloud:production-apache/' Dockerfile
+          sed -i 's/^#       libreoffice/        libreoffice/' Dockerfile
+          wget https://github.com/nextcloud/docker/raw/master/.examples/dockerfiles/full/apache/supervisord.conf -O supervisord.conf
+        backup: yes
+        validate: /bin/bash -n %s
+      notify: run fulldockerfile.sh
+
+    - name: /home/docker/nextcloud.{{inventory_hostname}}/fulldockerfile.sh shebang
+      lineinfile:
+        path: /home/docker/nextcloud.{{inventory_hostname}}/fulldockerfile.sh
+        insertbefore: BOF
+        line: "#!/bin/bash -e"
+
+    - name: Gen initial passwords if not exists
+      ansible.builtin.shell: ./fulldockerfile.sh
+      args:
+        chdir: /home/docker/nextcloud.{{inventory_hostname}}
+        creates: /home/docker/nextcloud.{{inventory_hostname}}/Dockerfile
+
     - name: /home/docker/nextcloud.{{inventory_hostname}}/remoteip.conf (real IP logging and no Proxy IP)
       blockinfile:
         path: /home/docker/nextcloud.{{inventory_hostname}}/remoteip.conf
@@ -109,7 +140,9 @@
           version: '3.6'
           services:
             nextcloud.{{inventory_hostname}}:
-              image: nextcloud:production
+              build: 
+                context: .
+                dockerfile: Dockerfile
               security_opt:
                 - no-new-privileges:true
               restart: unless-stopped
@@ -339,10 +372,7 @@
         block: |
           cd /home/docker/nextcloud.{{inventory_hostname}} || continue
           # Update full Dockerfile
-          wget https://github.com/nextcloud/docker/raw/master/.examples/dockerfiles/full/apache/Dockerfile -O Dockerfile
-          sed -i 's/^FROM nextcloud:apache/FROM nextcloud:production-apache/' Dockerfile
-          sed -i 's/^#       libreoffice/        libreoffice/' Dockerfile
-          wget https://github.com/nextcloud/docker/raw/master/.examples/dockerfiles/full/apache/supervisord.conf -O supervisord.conf
+          /home/docker/nextcloud.{{inventory_hostname}}/fulldockerfile.sh
           # Nextcloud maintenance and app-update
           docker compose exec -T -u www-data nextcloud.{{inventory_hostname}} ./occ db:add-missing-columns
           docker compose exec -T -u www-data nextcloud.{{inventory_hostname}} ./occ db:add-missing-indices
@@ -378,6 +408,11 @@
         chdir: /home/docker/nextcloud.{{inventory_hostname}}
       notify: Restart nextcloud
 
+    - name: run fulldockerfile.sh
+      ansible.builtin.shell: ./fulldockerfile.sh
+      args:
+        chdir: /home/docker/nextcloud.{{inventory_hostname}}
+
     - name: run nextcloud.update
       ansible.builtin.shell: bash /usr/local/sbin/autoupdate.d/nextcloud.update