diff --git a/.travis.yml b/.travis.yml
index 63f5cfc..4e577e6 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -4,7 +4,7 @@ language: generic
 
 env:
   OS: linux
-  IMAGE_VHOST_PROXY: vhost-proxy:test
+  IMAGE_NAME: vhost-proxy:test
   # Only use seconds here, so that these can be used with "sleep" as well
   PROJECT_INACTIVITY_TIMEOUT: 30s
   PROJECT_DANGLING_TIMEOUT: 60s
@@ -18,8 +18,8 @@ install:
   - sudo sudo curl -L https://raw.githubusercontent.com/docksal/docksal/${DOCKSAL_VERSION}/bin/fin -o /usr/local/bin/fin && sudo chmod +x /usr/local/bin/fin
   - fin version
   - fin update
-  - fin docker build -t ${IMAGE_VHOST_PROXY} .
-  - PROJECTS_ROOT=$TRAVIS_BUILD_DIR fin reset proxy
+  - fin docker build -t ${IMAGE_NAME} .
+  - PROJECTS_ROOT=$TRAVIS_BUILD_DIR IMAGE_VHOST_PROXY=$IMAGE_NAME fin reset proxy
   - fin sysinfo
 
 before_script:
diff --git a/Dockerfile b/Dockerfile
index 5634db3..7c110eb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,49 +1,46 @@
+# Sticking with alpine-3.4 as further versions do not have nginx-lua available
 FROM alpine:3.4
 
-RUN apk add --update --no-cache \
+RUN apk add --no-cache \
 	bash \
 	curl \
 	sudo \
 	supervisor \
-	openssl \
 	nginx-lua \
 	&& rm -rf /var/cache/apk/*
 
-ENV DOCKER_VERSION 1.12.3
+ENV DOCKER_VERSION 17.06.0-ce
 ENV DOCKER_GEN_VERSION 0.7.3
 
 # Install docker client binary from Github (if not mounting binary from host)
-RUN curl -sSL -O "https://get.docker.com/builds/$(uname -s)/$(uname -m)/docker-$DOCKER_VERSION.tgz" && \
-	tar zxf docker-$DOCKER_VERSION.tgz && mv docker/docker /usr/local/bin && rm -rf docker-$DOCKER_VERSION* && \
-	chmod +x /usr/local/bin/*
+RUN curl -sSL -O "https://download.docker.com/linux/static/stable/x86_64/docker-$DOCKER_VERSION.tgz" \
+	&& tar zxf docker-$DOCKER_VERSION.tgz && mv docker/docker /usr/local/bin && rm -rf docker-$DOCKER_VERSION*
 
 # Install docker-gen
 ENV DOCKER_GEN_TARFILE docker-gen-alpine-linux-amd64-$DOCKER_GEN_VERSION.tar.gz
-RUN curl -sSL https://github.com/jwilder/docker-gen/releases/download/$DOCKER_GEN_VERSION/$DOCKER_GEN_TARFILE -O && \
-	tar -C /usr/local/bin -xvzf $DOCKER_GEN_TARFILE && \
-	rm $DOCKER_GEN_TARFILE
+RUN curl -sSL https://github.com/jwilder/docker-gen/releases/download/$DOCKER_GEN_VERSION/$DOCKER_GEN_TARFILE -O \
+	&& tar -C /usr/local/bin -xvzf $DOCKER_GEN_TARFILE && rm $DOCKER_GEN_TARFILE
 
 RUN chown -R nginx:nginx /var/lib/nginx
 
-# Generate SSL certificate and key
-RUN openssl req -batch -nodes -newkey rsa:2048 -keyout /etc/nginx/server.key -out /tmp/server.csr && \
-    openssl x509 -req -days 365 -in /tmp/server.csr -signkey /etc/nginx/server.key -out /etc/nginx/server.crt; rm /tmp/server.csr
+# Generate a self-signed cert
+RUN apk add --no-cache openssl \
+	&& openssl req -batch -x509 -newkey rsa:4086 -days 3650 -nodes -sha256 \
+		-keyout /etc/nginx/server.key -out /etc/nginx/server.crt \
+	&& apk del openssl
 
-COPY conf/nginx.conf /etc/nginx/nginx.conf
+COPY conf/nginx/nginx.conf /etc/nginx/nginx.conf
+COPY conf/nginx/default.conf.tmpl /etc/nginx/default.conf.tmpl
+COPY conf/nginx/default_locations.conf /etc/nginx/default_locations.conf
 COPY conf/sudoers /etc/sudoers
-
-RUN chmod 0440 /etc/sudoers
-
-COPY conf/nginx.default.conf.tmpl /etc/nginx/default.conf.tmpl
-COPY conf/default_locations.conf /etc/nginx/default_locations.conf
-COPY conf/supervisord.conf /etc/supervisor.d/docker-gen.ini
-
+COPY conf/supervisord.conf /etc/supervisor.d/supervisord.ini
 COPY conf/crontab /var/spool/cron/crontabs/root
-COPY bin/proxyctl /usr/local/bin/proxyctl
-COPY bin/startup.sh /usr/local/bin/startup.sh
-
+COPY bin /usr/local/bin
 COPY www /var/www/proxy
 
+# Fix permissions
+RUN chmod 0440 /etc/sudoers
+
 # Disable INACTIVITY_TIMEOUT by default
 ENV PROJECT_INACTIVITY_TIMEOUT 0
 # Disable DANGLING_TIMEOUT by default
@@ -51,6 +48,6 @@ ENV PROJECT_DANGLING_TIMEOUT 0
 # Disable debug output by default
 ENV PROXY_DEBUG 0
 
-ENTRYPOINT ["/usr/local/bin/startup.sh"]
+ENTRYPOINT ["docker-entrypoint.sh"]
 
-CMD ["supervisord", "-n"]
+CMD ["supervisord"]
diff --git a/bin/docker-entrypoint.sh b/bin/docker-entrypoint.sh
new file mode 100755
index 0000000..afd2f83
--- /dev/null
+++ b/bin/docker-entrypoint.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+# Connect networks.
+/usr/local/bin/proxyctl networks
+
+# Service mode (run as root)
+if [[ "$1" == "supervisord" ]]; then
+	exec supervisord -c /etc/supervisord.conf
+# Command mode (run as docker user)
+else
+	exec "$@"
+fi
diff --git a/bin/proxyctl b/bin/proxyctl
index 8a5fdf7..c386b93 100755
--- a/bin/proxyctl
+++ b/bin/proxyctl
@@ -107,8 +107,9 @@ _stop ()
 		# Skip containers with empty values
 		[[ "$project_name" == "" ]] && continue
 
-		# See if there was any recent container activity (entries in container logs)
-		if [[ "$(/usr/local/bin/docker logs --tail 1 --since $PROJECT_INACTIVITY_TIMEOUT $container_id)" != "" ]]; then
+		# See if there was any recent container activity (entries in the container logs)
+		# docker log does honor stdout vs stderr outputs. We route everything to stdout to do the comparison (2>&1)
+		if [[ "$(/usr/local/bin/docker logs --tail 1 --since $PROJECT_INACTIVITY_TIMEOUT $container_id 2>&1)" != "" ]]; then
 			# Active
 			echo "Project: $project_name is active. Skipping."
 		else
diff --git a/bin/startup.sh b/bin/startup.sh
deleted file mode 100755
index 708285a..0000000
--- a/bin/startup.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Connect networks.
-/usr/local/bin/proxyctl networks
-
-# Start supervisor.
-exec "$@"
diff --git a/conf/nginx.default.conf.tmpl b/conf/nginx/default.conf.tmpl
similarity index 100%
rename from conf/nginx.default.conf.tmpl
rename to conf/nginx/default.conf.tmpl
diff --git a/conf/default_locations.conf b/conf/nginx/default_locations.conf
similarity index 100%
rename from conf/default_locations.conf
rename to conf/nginx/default_locations.conf
diff --git a/conf/nginx.conf b/conf/nginx/nginx.conf
similarity index 100%
rename from conf/nginx.conf
rename to conf/nginx/nginx.conf
diff --git a/conf/supervisord.conf b/conf/supervisord.conf
index 5cc87ee..fd60434 100644
--- a/conf/supervisord.conf
+++ b/conf/supervisord.conf
@@ -1,20 +1,44 @@
+[supervisord]
+nodaemon = true
+
+# ----------------------------------------------------------------------------------------------------
+# Optional stuff to make supervisord complain less about misc things not being configured
+logfile = /var/log/supervisord.log
+pidfile = /var/run/supervisord.pid
+
+[unix_http_server]
+file = /var/run/supervisord.sock
+chmod = 0700
+username = dummy
+password = dummy
+
+[supervisorctl]
+serverurl = unix:///var/run/supervisord.sock
+username = dummy
+password = dummy
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+# END: Optional stuff to make supervisord complain less about misc things not being configured
+# ----------------------------------------------------------------------------------------------------
+
 [program:docker-gen]
-command=docker-gen -watch -notify "proxyctl notify" -notify-output /etc/nginx/default.conf.tmpl /etc/nginx/conf.d/default.conf
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
+command = docker-gen -watch -notify "proxyctl notify" -notify-output /etc/nginx/default.conf.tmpl /etc/nginx/conf.d/default.conf
+stdout_logfile = /dev/stdout
+stdout_logfile_maxbytes = 0
+stderr_logfile = /dev/stderr
+stderr_logfile_maxbytes = 0
 
 [program:nginx]
-command=nginx
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
+command = nginx
+stdout_logfile = /dev/stdout
+stdout_logfile_maxbytes = 0
+stderr_logfile = /dev/stderr
+stderr_logfile_maxbytes = 0
 
 [program:crond]
-command=crond -f -d 2
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
+command = crond -f -d 2
+stdout_logfile = /dev/stdout
+stdout_logfile_maxbytes = 0
+stderr_logfile = /dev/stderr
+stderr_logfile_maxbytes = 0
diff --git a/tests/smoke-test.bats b/tests/smoke-test.bats
index 711b6af..be27420 100644
--- a/tests/smoke-test.bats
+++ b/tests/smoke-test.bats
@@ -16,11 +16,11 @@ teardown() {
 # Uncomment below, then comment skip in the test you want to debug. When done, reverse.
 #SKIP=1
 
-@test "Proxy container is up and using the \"${IMAGE_VHOST_PROXY}\" image" {
+@test "Proxy container is up and using the \"${IMAGE_NAME}\" image" {
 	[[ $SKIP == 1 ]] && skip
 
 	run fin docker ps --filter "name=docksal-vhost-proxy" --format "{{ .Image }}"
-	[[ $output =~ "${IMAGE_VHOST_PROXY}" ]]
+	[[ $output =~ "${IMAGE_NAME}" ]]
 }
 
 @test "Proxy returns 404 for a non-existing virtual-host" {
@@ -40,7 +40,7 @@ teardown() {
 	[[ $output =~ "robots.txt" ]]
 }
 
-@test "Proxy stopped project containers after \"${PROJECT_INACTIVITY_TIMEOUT}\" of inactivity" {
+@test "Proxy stops project containers after \"${PROJECT_INACTIVITY_TIMEOUT}\" of inactivity" {
 	[[ $SKIP == 1 ]] && skip
 
 	[[ "$PROJECT_DANGLING_TIMEOUT" == "0" ]] && \
@@ -56,7 +56,7 @@ teardown() {
 	[[ $(fin docker network ls -q --filter "name=drupal7_default" | wc -l) =~ "0" ]]
 }
 
-@test "Proxy can start an existing stopped project" {
+@test "Proxy starts an existing stopped project" {
 	[[ $SKIP == 1 ]] && skip
 
 	[[ "$PROJECT_DANGLING_TIMEOUT" == "0" ]] && \
@@ -66,7 +66,7 @@ teardown() {
 	[[ $output =~ "Waking up the daemons..." ]]
 }
 
-@test "Proxy started the project within 15 seconds" {
+@test "Proxy starts the project within 15 seconds" {
 	[[ $SKIP == 1 ]] && skip
 
 	[[ "$PROJECT_DANGLING_TIMEOUT" == "0" ]] && \
@@ -78,7 +78,7 @@ teardown() {
 	[[ $output =~ "robots.txt" ]]
 }
 
-@test "Proxy can start an existing stopped project by https" {
+@test "Proxy starts an existing stopped project via HTTPS" {
 	[[ $SKIP == 1 ]] && skip
 
 	[[ "$PROJECT_DANGLING_TIMEOUT" == "0" ]] && \
@@ -92,7 +92,7 @@ teardown() {
 	[[ $output =~ "Waking up the daemons..." ]]
 }
 
-@test "Proxy started the project by https within 15 seconds" {
+@test "Proxy starts the project via HTTPS within 15 seconds" {
 	[[ $SKIP == 1 ]] && skip
 
 	[[ "$PROJECT_DANGLING_TIMEOUT" == "0" ]] && \
@@ -104,7 +104,7 @@ teardown() {
 	[[ $output =~ "robots.txt" ]]
 }
 
-@test "Proxy cleaned up projects after \"${PROJECT_DANGLING_TIMEOUT}\" of inactivity" {
+@test "Proxy cleans up projects after \"${PROJECT_DANGLING_TIMEOUT}\" of inactivity" {
 	[[ $SKIP == 1 ]] && skip
 
 	[[ "$PROJECT_DANGLING_TIMEOUT" == "0" ]] && \
@@ -122,7 +122,7 @@ teardown() {
 	[[ ! -d "/projects/drupal7" ]]
 }
 
-@test "Proxy did not clean up permanent projects" {
+@test "Proxy does not clean up permanent projects" {
 	[[ $SKIP == 1 ]] && skip
 
 	[[ "$PROJECT_DANGLING_TIMEOUT" == "0" ]] && \