diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz
index faed1ed..13cfcfd 100644
Binary files a/headless.apkovl.tar.gz and b/headless.apkovl.tar.gz differ
diff --git a/overlay/etc/local.d/headless.start b/overlay/etc/local.d/headless.start
index b68e546..847d3f7 100755
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@@ -5,6 +5,43 @@
 
 VERSION="0.7"
 
+
+_apk() {
+	local cmd="$1"
+	local pkg="$2"
+
+	case $cmd in
+		add) # install only if not already present
+			if ! apk info | grep -wq "${pkg}"; then
+				apk add "$pkg" && printf "${pkg} " >> /tmp/.trash/installed
+			fi
+		;;
+		del) # delete only if previously installed
+			if grep -wq "$pkg" /tmp/.trash/installed; then
+				apk del "$pkg" && sed -i 's/\b'"${pkg}"'\b//' /tmp/.trash/installed
+			fi
+		;;
+		*)
+			echo "only add/del: wrong usage"; exit
+		;;
+	esac
+}
+
+_preserve() {
+	[ -f "$1" ] && cp "$1" "${1}.orig"
+}
+
+_restore() {
+	if [ -f "${1}.orig" ]; then
+		mv -- "${1}.orig" "${1}"
+	else
+		rm -rf "${1}"
+	fi
+}
+
+##### End of part to be dupplicated into post-cleanup (do not alter!)
+
+
 # Redirect stdout and errors to console as rc.local does not log anything
 exec 1>/dev/console 2>&1
 
@@ -22,12 +59,14 @@ rc-service seedrng start
 ## Setup Network interfaces
 if [ -f "${ovlpath}/wpa_supplicant.conf" ]; then
 	logger -st ${0##*/} "Wifi setup found !"
-	apk add wpa_supplicant
+	_apk add wpa_supplicant
+	_preserve "/etc/wpa_supplicant/wpa_supplicant.conf"
 	install -m600 "${ovlpath}/wpa_supplicant.conf" /etc/wpa_supplicant/wpa_supplicant.conf
 else
 	logger -st ${0##*/} "Wifi setup not found !"
 fi
 
+_preserve "/etc/network/interfaces"
 if ! install -m644 "${ovlpath}/interfaces" /etc/network/interfaces; then
 	# set default interfaces if not specified by interface file on boot storage
 	logger -st ${0##*/} "No interfaces file supplied, building default interfaces..."
@@ -77,18 +116,21 @@ fi
 echo "Using following network interfaces:"
 cat /etc/network/interfaces
 
+_preserve "/etc/hostname"
 echo "alpine-headless" > /etc/hostname
 hostname -F /etc/hostname
 
-grep -q "wlan" /etc/network/interfaces && [ -f /etc/wpa_supplicant/wpa_supplicant.conf ] && rc-service wpa_supplicant start
+grep -q "wlan" /etc/network/interfaces && \
+	[ -f /etc/wpa_supplicant/wpa_supplicant.conf ] && \
+		rc-service wpa_supplicant start
 rc-service networking start
 
 
 ## Setup temporary SSH server (root login, no password)
-## we use some bundled or optionaly provided keys to avoid generation at startup and save time
-apk add openssh
-cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
-cp /etc/conf.d/sshd /etc/conf.d/sshd.orig
+## We use some bundled (or optionaly provided) keys to avoid generation at startup and save time
+_apk add openssh
+_preserve "/etc/ssh/sshd_config"
+_preserve "/etc/conf.d/sshd"
 
 cat <<-EOF >> /etc/ssh/sshd_config
 	AuthenticationMethods none
@@ -100,26 +142,27 @@ cat <<-EOF >> /etc/ssh/sshd_config
 # Banner file
 warn=""
 grep -q "${ovlpath}.*[[:space:]]ro[[:space:],]" /proc/mounts; RO=$?
-[ "$RO" -eq "0" ] && warn="(remount partition read-write!)"
+[ "$RO" -eq "0" ] && warn="(remount partition rw!)"
 
 cat <<-EOF > /tmp/.trash/banner
 
 	Alpine Linux headless bootstrap v$VERSION by macmpi
 
-You may want to delete/rename overlay before next reboot ${warn}:
+You may want to delete/rename .apkovl file before reboot ${warn}:
 $ovl
 (can be done automatically with unattended script - see sample snippet)
 
+
 	EOF
 
 # Bundled temporary keys are moved in RAM /tmp so they won't be stored
-# within permanent config later (new ones will then be generated)
+# within permanent config later (new ones will then be generated at reboot)
 KEYGEN_STANCE="sshd_disable_keygen=yes"
 mv /etc/ssh/ssh_host_*_key* /tmp/.trash/.
 
 # Inject optional custom keys (those might be stored)
 if install -m600 "${ovlpath}"/ssh_host_*_key* /etc/ssh/; then
-	# check for empty key within injected ones: generate new keys if found
+	# check for empty key within injected ones: if found, generate new keys
 	if find /etc/ssh/ -maxdepth 1 -type f -name 'ssh_host_*_key*' -empty | grep -q .; then
 		rm /etc/ssh/ssh_host_*_key*
 		KEYGEN_STANCE=""
@@ -141,16 +184,19 @@ rc-service sshd start
 
 ## Prep for final post-cleanup
 ## clears any installed packages and settings
-cat <<-EOF > /tmp/.trash/post-cleanup
-	#!/bin/sh
+# copy begininng of this file to keep functions
+sed -n '/^#* End .*alter!)$/q;p' /etc/local.d/headless.start > /tmp/.trash/post-cleanup
+
+cat <<-EOF >> /tmp/.trash/post-cleanup
+
 	logger -st ${0##*/} "Cleaning-up..."
-	mv /etc/ssh/sshd_config.orig /etc/ssh/sshd_config
-	mv /etc/conf.d/sshd.orig /etc/conf.d/sshd
-	apk del openssh
-	apk del wpa_supplicant
-	rm -rf /etc/wpa_supplicant
-	rm /etc/network/interfaces
-	rm /etc/hostname
+	_restore "/etc/ssh/sshd_config"
+	_restore "/etc/conf.d/sshd"
+	_apk del openssh
+	_restore "/etc/wpa_supplicant/wpa_supplicant.conf"
+	_apk del wpa_supplicant
+	_restore "/etc/network/interfaces"
+	_restore "/etc/hostname"
 	rm /etc/modules-load.d/g_ether.conf
 	rm /etc/modprobe.d/g_ether.conf
 	rc-update del local default