diff --git a/install.sh b/install.sh
index b2e5cb5..ef70ee9 100644
--- a/install.sh
+++ b/install.sh
@@ -8,7 +8,13 @@ if [ -f $run_directory/.disabled ]; then
 fi
 
 echo "Copying Systemd units and drop-ins to system directory..."
-# TODO
+sudo cp $run_directory/webssh.service /etc/systemd/system/
+sudo cp $run_directory/etc-letsencrypt.mount /etc/systemd/system/
+if [ ! -d /etc/systemd/system/nginx.service.d ]; then # TODO
+  mkdir /etc/systemd/system/nginx.service.d
+fi
+sudo cp $run_directory/start-lighttpd.conf /etc/systemd/system/nginx.service.d/
+sudo cp $run_directory/wait-for-dns.conf /etc/systemd/system/nginx.service.d/
 
 echo "Setting up lighttpd..."
 sudo cp $run_directory/lighttpd-webssh.conf /etc/lighttpd/conf-available/99-webssh.conf
@@ -16,9 +22,11 @@ sudo rm /etc/lighttpd/conf-enabled/*
 sudo ln -s /etc/lighttpd/conf-available/10-proxy.conf /etc/lighttpd/conf-enabled/
 sudo ln -s /etc/lighttpd/conf-available/10-ssl.conf /etc/lighttpd/conf-enabled/
 sudo ln -s /etc/lighttpd/conf-available/99-webssh.conf /etc/lighttpd/conf-enabled/
-if not server.pem; then # TODO
+if [ ! -f /etc/lighttpd/server.pem ]; then # TODO
   echo "Creating an SSL certificate for lighttpd:"
-  create it # TODO
+  openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/lighttpd/server.pem -keyout \
+  /etc/lighttpd/server.pem -subj "/C=/ST=/L=/O=/OU=/CN=" # is it the right way?
+  #chmod o+r /etc/lighttpd/server.pem # needed?
 fi
 
 echo "Reloading Systemd..."