diff --git a/contrib/deb/generate.sh b/contrib/deb/generate.sh
index f8d3430..4ed86a2 100755
--- a/contrib/deb/generate.sh
+++ b/contrib/deb/generate.sh
@@ -72,6 +72,8 @@ EOF
 cat > /tmp/$PKGNAME/debian/postinst << EOF
 #!/bin/sh
 
+id -u alfis &>/dev/null || useradd --system alfis || echo "Failed to create user 'alfis' - please create it manually and reinstall"
+
 if ! getent group alfis 2>&1 > /dev/null; then
   groupadd --system --force alfis || echo "Failed to create group 'alfis' - please create it manually and reinstall"
 fi
@@ -125,4 +127,4 @@ ar -r $PKGFILE \
   /tmp/$PKGNAME/control.tar.gz \
   /tmp/$PKGNAME/data.tar.gz
 
-rm -rf /tmp/$PKGNAME
\ No newline at end of file
+rm -rf /tmp/$PKGNAME
diff --git a/contrib/systemd/alfis.service b/contrib/systemd/alfis.service
index bb7f663..a5851ee 100644
--- a/contrib/systemd/alfis.service
+++ b/contrib/systemd/alfis.service
@@ -6,11 +6,12 @@ After=network.target
 After=alfis-default-config.service
 
 [Service]
+User=alfis
 Group=alfis
 ProtectHome=true
 ProtectSystem=true
 SyslogIdentifier=alfis
-CapabilityBoundingSet=CAP_NET_ADMIN
+CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
 WorkingDirectory=/var/lib/alfis
 ExecStart=/usr/bin/alfis -n -c /etc/alfis.conf
 ExecReload=/bin/kill -HUP $MAINPID
@@ -18,4 +19,4 @@ Restart=always
 TimeoutStopSec=5
 
 [Install]
-WantedBy=multi-user.target
\ No newline at end of file
+WantedBy=multi-user.target