diff --git a/data/Dockerfiles/phpfpm/docker-entrypoint.sh b/data/Dockerfiles/phpfpm/docker-entrypoint.sh
index 223c6fe8..3288a9d0 100755
--- a/data/Dockerfiles/phpfpm/docker-entrypoint.sh
+++ b/data/Dockerfiles/phpfpm/docker-entrypoint.sh
@@ -20,20 +20,7 @@ until [[ $(${REDIS_CMDLINE} PING) == "PONG" ]]; do
   sleep 2
 done
 
-if [[ "${MASTER}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
-  echo "We are master, preparing..."
-# Set a default release format
-if [[ -z $(${REDIS_CMDLINE} --raw GET Q_RELEASE_FORMAT) ]]; then
-  ${REDIS_CMDLINE} --raw SET Q_RELEASE_FORMAT raw
-fi
-
-# Set max age of q items - if unset
-if [[ -z $(${REDIS_CMDLINE} --raw GET Q_MAX_AGE) ]]; then
-  ${REDIS_CMDLINE} --raw SET Q_MAX_AGE 365
-fi
-
-# Check mysql_upgrade
-
+# Check mysql_upgrade (master and slave)
 CONTAINER_ID=
 until [[ ! -z "${CONTAINER_ID}" ]] && [[ "${CONTAINER_ID}" =~ ^[[:alnum:]]*$ ]]; do
   CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" 2> /dev/null | jq -rc "select( .name | tostring | contains(\"mysql-mailcow\")) | .id" 2> /dev/null)
@@ -69,7 +56,7 @@ until [[ ${SQL_UPGRADE_STATUS} == 'success' ]]; do
   fi
 done
 
-# doing post-installation stuff, if SQL was upgraded
+# doing post-installation stuff, if SQL was upgraded (master and slave)
 if [ ${SQL_CHANGED} -eq 1 ]; then
   POSTFIX=($(curl --silent --insecure https://dockerapi/containers/json | jq -r '.[] | {name: .Config.Labels["com.docker.compose.service"], id: .Id}' | jq -rc 'select( .name | tostring | contains("postfix-mailcow")) | .id' | tr "\n" " "))
   if [[ -z ${POSTFIX} ]]; then
@@ -82,7 +69,7 @@ if [ ${SQL_CHANGED} -eq 1 ]; then
   fi
 fi
 
-# Check mysql tz import
+# Check mysql tz import (master and slave)
 TZ_CHECK=$(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT CONVERT_TZ('2019-11-02 23:33:00','Europe/Berlin','UTC') AS time;" -BN 2> /dev/null)
 if [[ -z ${TZ_CHECK} ]] || [[ "${TZ_CHECK}" == "NULL" ]]; then
   SQL_FULL_TZINFO_IMPORT_RETURN=$(curl --silent --insecure -XPOST https://dockerapi/containers/${CONTAINER_ID}/exec -d '{"cmd":"system", "task":"mysql_tzinfo_to_sql"}' --silent -H 'Content-type: application/json')
@@ -90,59 +77,71 @@ if [[ -z ${TZ_CHECK} ]] || [[ "${TZ_CHECK}" == "NULL" ]]; then
   echo ${SQL_FULL_TZINFO_IMPORT_RETURN}
 fi
 
-# Trigger db init
-echo "Running DB init..."
-php -c /usr/local/etc/php -f /web/inc/init_db.inc.php
+if [[ "${MASTER}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
+  echo "We are master, preparing..."
+  # Set a default release format
+  if [[ -z $(${REDIS_CMDLINE} --raw GET Q_RELEASE_FORMAT) ]]; then
+    ${REDIS_CMDLINE} --raw SET Q_RELEASE_FORMAT raw
+  fi
 
-# Recreating domain map
-echo "Rebuilding domain map in Redis..."
-declare -a DOMAIN_ARR
-  ${REDIS_CMDLINE} DEL DOMAIN_MAP > /dev/null
-while read line
-do
-  DOMAIN_ARR+=("$line")
-done < <(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT domain FROM domain" -Bs)
-while read line
-do
-  DOMAIN_ARR+=("$line")
-done < <(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT alias_domain FROM alias_domain" -Bs)
+  # Set max age of q items - if unset
+  if [[ -z $(${REDIS_CMDLINE} --raw GET Q_MAX_AGE) ]]; then
+    ${REDIS_CMDLINE} --raw SET Q_MAX_AGE 365
+  fi
 
-if [[ ! -z ${DOMAIN_ARR} ]]; then
-for domain in "${DOMAIN_ARR[@]}"; do
-  ${REDIS_CMDLINE} HSET DOMAIN_MAP ${domain} 1 > /dev/null
-done
-fi
+  # Trigger db init
+  echo "Running DB init..."
+  php -c /usr/local/etc/php -f /web/inc/init_db.inc.php
 
-# Set API options if env vars are not empty
-if [[ ${API_ALLOW_FROM} != "invalid" ]] && [[ ! -z ${API_ALLOW_FROM} ]]; then
-  IFS=',' read -r -a API_ALLOW_FROM_ARR <<< "${API_ALLOW_FROM}"
-  declare -a VALIDATED_API_ALLOW_FROM_ARR
-  REGEX_IP6='^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}$'
-  REGEX_IP4='^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'
-  for IP in "${API_ALLOW_FROM_ARR[@]}"; do
-    if [[ ${IP} =~ ${REGEX_IP6} ]] || [[ ${IP} =~ ${REGEX_IP4} ]]; then
-      VALIDATED_API_ALLOW_FROM_ARR+=("${IP}")
-    fi
+  # Recreating domain map
+  echo "Rebuilding domain map in Redis..."
+  declare -a DOMAIN_ARR
+    ${REDIS_CMDLINE} DEL DOMAIN_MAP > /dev/null
+  while read line
+  do
+    DOMAIN_ARR+=("$line")
+  done < <(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT domain FROM domain" -Bs)
+  while read line
+  do
+    DOMAIN_ARR+=("$line")
+  done < <(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT alias_domain FROM alias_domain" -Bs)
+
+  if [[ ! -z ${DOMAIN_ARR} ]]; then
+  for domain in "${DOMAIN_ARR[@]}"; do
+    ${REDIS_CMDLINE} HSET DOMAIN_MAP ${domain} 1 > /dev/null
   done
-  VALIDATED_IPS=$(array_by_comma ${VALIDATED_API_ALLOW_FROM_ARR[*]})
-  if [[ ! -z ${VALIDATED_IPS} ]]; then
-    if [[ ${API_KEY} != "invalid" ]] && [[ ! -z ${API_KEY} ]]; then
-      mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF
+  fi
+
+  # Set API options if env vars are not empty
+  if [[ ${API_ALLOW_FROM} != "invalid" ]] && [[ ! -z ${API_ALLOW_FROM} ]]; then
+    IFS=',' read -r -a API_ALLOW_FROM_ARR <<< "${API_ALLOW_FROM}"
+    declare -a VALIDATED_API_ALLOW_FROM_ARR
+    REGEX_IP6='^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}$'
+    REGEX_IP4='^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'
+    for IP in "${API_ALLOW_FROM_ARR[@]}"; do
+      if [[ ${IP} =~ ${REGEX_IP6} ]] || [[ ${IP} =~ ${REGEX_IP4} ]]; then
+        VALIDATED_API_ALLOW_FROM_ARR+=("${IP}")
+      fi
+    done
+    VALIDATED_IPS=$(array_by_comma ${VALIDATED_API_ALLOW_FROM_ARR[*]})
+    if [[ ! -z ${VALIDATED_IPS} ]]; then
+      if [[ ${API_KEY} != "invalid" ]] && [[ ! -z ${API_KEY} ]]; then
+        mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF
 DELETE FROM api WHERE access = 'rw';
 INSERT INTO api (api_key, active, allow_from, access) VALUES ("${API_KEY}", "1", "${VALIDATED_IPS}", "rw");
 EOF
-    fi
-    if [[ ${API_KEY_READ_ONLY} != "invalid" ]] && [[ ! -z ${API_KEY_READ_ONLY} ]]; then
-      mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF
+      fi
+      if [[ ${API_KEY_READ_ONLY} != "invalid" ]] && [[ ! -z ${API_KEY_READ_ONLY} ]]; then
+        mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF
 DELETE FROM api WHERE access = 'ro';
 INSERT INTO api (api_key, active, allow_from, access) VALUES ("${API_KEY_READ_ONLY}", "1", "${VALIDATED_IPS}", "ro");
 EOF
+      fi
     fi
   fi
-fi
 
-# Create events
-mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF
+  # Create events (master only, STATUS for event on slave will be SLAVESIDE_DISABLED)
+  mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF
 DROP EVENT IF EXISTS clean_spamalias;
 DELIMITER //
 CREATE EVENT clean_spamalias
diff --git a/docker-compose.yml b/docker-compose.yml
index ad758427..f9cdc2c7 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -102,7 +102,7 @@ services:
             - rspamd
 
     php-fpm-mailcow:
-      image: mailcow/phpfpm:1.62
+      image: mailcow/phpfpm:1.63
       command: "php-fpm -d date.timezone=${TZ} -d expose_php=0"
       depends_on:
         - redis-mailcow