diff --git a/bundles/left4dead2/files/setup b/bundles/left4dead2/files/setup
index 2de093e..f9cb7cd 100644
--- a/bundles/left4dead2/files/setup
+++ b/bundles/left4dead2/files/setup
@@ -9,7 +9,9 @@ dpkg --add-architecture i386
 apt update
 DEBIAN_FRONTEND=noninteractive apt install -y libc6:i386 lib32z1
 
-function steam() { sudo -Hiu steam "$@"; }
+function steam() {
+    setpriv --reuid=steam --regid=steam --init-groups "$@"
+}
 
 # -- STEAM -- #
 
@@ -21,8 +23,10 @@ test -f /opt/l4d2/steam/steamcmd.sh || \
 
 # fix for: /opt/l4d2/.steam/sdk32/steamclient.so: cannot open shared object file: No such file or directory
 steam mkdir -p /opt/l4d2/steam/.steam # needs to be in steam users home dir
-test -f /opt/l4d2/steam/.steam/sdk32/steamclient.so || \
-  steam ln -s /opt/l4d2/steam/linux32 /opt/l4d2/steam/.steam/sdk32
+readlink /opt/l4d2/steam/.steam/sdk32 | grep -q ^/opt/l4d2/steam/linux32$ || \
+  steam ln -sf /opt/l4d2/steam/linux32 /opt/l4d2/steam/.steam/sdk32
+readlink /opt/l4d2/steam/.steam/sdk64 | grep -q ^/opt/l4d2/steam/linux64$ || \
+  steam ln -sf /opt/l4d2/steam/linux64 /opt/l4d2/steam/.steam/sdk64
 
 # -- INSTALL -- #
 
@@ -57,7 +61,6 @@ steam mkdir -p /opt/l4d2/overlays/pve
 # server config
 steam mkdir -p /opt/l4d2/overlays/pve/left4dead2/cfg
 steam cat <<'EOF' > /opt/l4d2/overlays/pve/left4dead2/cfg/server.cfg
-hostname "CKNs Server"
 motd_enabled 0
 
 sv_steamgroup "38347879"
@@ -81,4 +84,5 @@ test -f /opt/l4d2/overlays/pve/left4dead2/addons/698857882.vpk || \
 
 # -- SERVERS -- #
 
+#steam rm -rf /opt/l4d2/servers
 steam mkdir -p /opt/l4d2/servers
\ No newline at end of file
diff --git a/bundles/left4dead2/files/start b/bundles/left4dead2/files/start
index cf937f0..cda44d4 100644
--- a/bundles/left4dead2/files/start
+++ b/bundles/left4dead2/files/start
@@ -6,7 +6,9 @@ name=$1
 overlay=$2
 port=$3
 
-function steam() { sudo -Hiu steam "$@"; }
+function steam() {
+    setpriv --reuid=steam --regid=steam --init-groups "$@"
+}
 
 mountpoint -q "/opt/l4d2/servers/$name/merged" && umount "/opt/l4d2/servers/$name/merged"
 steam rm -rf "/opt/l4d2/servers/$name"
@@ -21,4 +23,4 @@ mount -t overlay overlay \
   -o "lowerdir=/opt/l4d2/overlays/$overlay:/opt/l4d2/installation,upperdir=/opt/l4d2/servers/$name/upper,workdir=/opt/l4d2/servers/$name/work" \
   "/opt/l4d2/servers/$name/merged"
 
-steam "/opt/l4d2/servers/$name/merged/srcds_run" -game left4dead2 -ip 0.0.0.0 -port "$port" +hostname "Crone $name" +map c1m1_hotel
\ No newline at end of file
+steam "/opt/l4d2/servers/$name/merged/srcds_run" -norestart -pidfile "/opt/l4d2/servers/$name/pid" -game left4dead2 -ip 0.0.0.0 -port "$port" +hostname "Crone $name" +map c1m1_hotel
\ No newline at end of file
diff --git a/bundles/left4dead2/items.py b/bundles/left4dead2/items.py
index e69de29..47910d6 100644
--- a/bundles/left4dead2/items.py
+++ b/bundles/left4dead2/items.py
@@ -0,0 +1,31 @@
+files = {
+    '/opt/l4d2/setup': {
+        'mode': '755',
+    },
+    '/opt/l4d2/start': {
+        'mode': '755',
+    },
+}
+
+svc_systemd = {
+    'left4dead2-initialize.service': {
+        'enabled': True,
+        'running': None,
+        'needs': {
+            'file:/usr/local/lib/systemd/system/left4dead2-initialize.service',
+        },
+    },
+}
+
+for server_name in node.metadata.get('left4dead2').keys():
+    svc_systemd[f'left4dead2-{server_name}.service'] = {
+        'enabled': True,
+        'running': None,
+        'tags': {
+            'left4dead2-servers',
+        },
+        'needs': {
+            'svc_systemd:left4dead2-initialize.service',
+            f'file:/usr/local/lib/systemd/system/left4dead2-{server_name}.service',
+        }
+    }
diff --git a/bundles/left4dead2/metadata.py b/bundles/left4dead2/metadata.py
index 1565d47..38597fb 100644
--- a/bundles/left4dead2/metadata.py
+++ b/bundles/left4dead2/metadata.py
@@ -1,3 +1,6 @@
+from re import match
+
+
 defaults = {
     'apt': {
         'packages': {
@@ -6,12 +9,85 @@ defaults = {
             'unzip': {},
         },
     },
-    'left4dead2': {
-        'servers': {},
-    },
+    'left4dead2': {},
     'nftables': {
         'input': {
             'udp dport { 27005, 27020 } accept',
         },
     },
+    'systemd': {
+        'units': {
+            'left4dead2-initialize.service': {
+                'Unit': {
+                    'Description': 'initialize left4dead2',
+                    'After': 'network-online.target',
+                },
+                'Service': {
+                    'Type': 'oneshot',
+                    'RemainAfterExit': 'yes',
+                    'ExecStart': '/opt/l4d2/setup',
+                    'StandardOutput': 'journal',
+                    'StandardError': 'journal',
+                },
+                'Install': {
+                    'WantedBy': {'multi-user.target'},
+                },
+            },
+        },
+    },
 }
+
+
+@metadata_reactor.provides(
+    'systemd/units',
+)
+def server_units(metadata):
+    units = {}
+
+    for name, config in metadata.get('left4dead2').items():
+        assert match(r'^[A-z0-9-_-]+$', name)
+        assert config["overlay"] in {'pve'}
+        assert 27000 <= config["port"] <= 27100
+
+        units[f'left4dead2-{name}.service'] = {
+            'Unit': {
+                'Description': f'left4dead2 server {name}',
+                'After': {'left4dead2-initialize.service'},
+                'Requires': {'left4dead2-initialize.service'},
+            },
+            'Service': {
+                'Type': 'simple',
+                'ExecStart': f'/opt/l4d2/start {name} {config["overlay"]} {config["port"]}',
+                'Restart': 'on-failure',
+                'StandardOutput': 'journal',
+                'StandardError': 'journal',
+                'KillMode': 'control-group',
+                'KillSignal': 'SIGINT',
+                'TimeoutStopSec': '10s',
+                'Environment': 'HOME=/opt/l4d2/steam',
+            },
+            'Install': {
+                'WantedBy': {'multi-user.target'},
+            },
+        }
+
+    return {
+        'systemd': {
+            'units': units,
+        },
+    }
+
+
+@metadata_reactor.provides(
+    'nftables/input',
+)
+def nftables(metadata):
+    ports = sorted(str(config["port"]) for config in metadata.get('left4dead2', {}).values())
+
+    return {
+        'nftables': {
+            'input': {
+                f'ip protocol {{ tcp, udp }} th dport {{ {", ".join(ports)} }} accept'
+            },
+        },
+    }
diff --git a/nodes/ovh.secondary.py b/nodes/ovh.secondary.py
index 3f45f89..22b56c0 100644
--- a/nodes/ovh.secondary.py
+++ b/nodes/ovh.secondary.py
@@ -7,7 +7,7 @@
     ],
     'bundles': [
         'wireguard',
-        #'left4dead2',
+        'left4dead2',
     ],
     'metadata': {
         'id': 'd5080b1a-b310-48be-bd5a-02cfcecf0c90',
@@ -26,6 +26,12 @@
                 },
             },
         },
+        'left4dead2': {
+            'server1': {
+                'overlay': 'pve',
+                'port': 27015,
+            },
+        },
         'bind': {
             'master_node': 'htz.mails',
             'hostname': 'secondary.resolver.name',
@@ -47,22 +53,5 @@
                 },
             },
         },
-        'nftables': {
-            'input': {
-                'tcp dport 27015 accept',
-                'udp dport { 27005, 27015, 27020 } accept',
-            },
-        },
-
-        'left4dead2': {
-            'pve': {
-                'server_one': {
-                    'port': 27015,
-                },
-                'server_one': {
-                    'port': 27015,
-                },
-            },
-        },
     },
 }