diff --git a/Dockerfile b/Dockerfile
index 5415e1a..08e87e7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,27 +1,36 @@
-FROM ubuntu
+FROM debian:jessie
+
 MAINTAINER "Patrick O'Doherty <p@trickod.com>"
 
 EXPOSE 9001
-ENV VERSION 0.2.5.10
+ENV DEBIAN_FRONTEND noninteractive
 
+ADD apt-pinning /etc/apt/preferences.d/pinning
+RUN echo 'deb http://deb.torproject.org/torproject.org jessie main' > /etc/apt/sources.list.d/tor.list && \
+    gpg --keyserver keys.gnupg.net --recv 886DDD89 && \
+    gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -
 RUN apt-get update && apt-get install -y \
-   build-essential \
-   curl \
-   libevent-dev \
-   libssl-dev
+    deb.torproject.org-keyring \
+    obfsproxy \
+    openssl \
+    tor
 
-RUN curl https://dist.torproject.org/tor-${VERSION}.tar.gz | tar xz -C /tmp
+# tor-arm does not work in Docker container:
+# _curses.error: setupterm: could not find terminal
+# Install outside of the Docker container if required.
 
-RUN cd /tmp/tor-${VERSION} && ./configure
-RUN cd /tmp/tor-${VERSION} && make
-RUN cd /tmp/tor-${VERSION} && make install
+WORKDIR /var/lib/tor
 
 ADD ./torrc /etc/torrc
 # Allow you to upgrade your relay without having to regenerate keys
-VOLUME /.tor
+VOLUME /var/lib/tor
 
+VOLUME /.tor
+# Legacy … can be removed when all users have updated and run the new container once.
 
 # Generate a random nickname for the relay
 RUN echo "Nickname docker$(head -c 16 /dev/urandom  | sha1sum | cut -c1-10)" >> /etc/torrc
+ADD bootstrap.sh /usr/bin/
+RUN chmod +x /usr/bin/bootstrap.sh
 
-CMD /usr/local/bin/tor -f /etc/torrc
+CMD /usr/bin/bootstrap.sh
diff --git a/apt-pinning b/apt-pinning
new file mode 100644
index 0000000..b5cf308
--- /dev/null
+++ b/apt-pinning
@@ -0,0 +1,3 @@
+Package: *
+Pin: origin "deb.torproject.org"
+Pin-Priority: 800
diff --git a/bootstrap.sh b/bootstrap.sh
new file mode 100644
index 0000000..ca71b79
--- /dev/null
+++ b/bootstrap.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+if [ -d "/root/.tor" ]; then
+    echo "Clean up legacy stuff."
+    mv /root/.tor/* /var/lib/tor
+    rmdir "/root/.tor"
+fi
+
+chown root:root /var/lib/tor -R
+chmod a=,u=rwX /var/lib/tor -R
+
+/usr/bin/tor -f /etc/torrc
diff --git a/torrc b/torrc
index a0dffb9..2ea06c2 100644
--- a/torrc
+++ b/torrc
@@ -1,4 +1,6 @@
 Log notice stdout
 ExitPolicy reject *:*
+# User debian-tor
+DataDirectory /var/lib/tor
 ORPort 9001