diff --git a/.drone.yml b/.drone.yml
new file mode 100644
index 0000000..b995a06
--- /dev/null
+++ b/.drone.yml
@@ -0,0 +1,91 @@
+kind: pipeline
+type: docker
+name: build
+
+steps:
+  - name: build
+    image: docker:dind
+    volumes:
+      - name: dockersock
+        path: /var/run
+    environment:
+      DOCKER_USERNAME:
+        from_secret: docker_username
+      DOCKER_PASSWORD:
+        from_secret: docker_password
+    commands:
+      - sleep 5 # give docker enough time to start
+      - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
+      - ./debian/12/build.sh
+      - ./debian/13/build.sh
+    when:
+      branch:
+      - master
+      event:
+      - push
+
+services:
+  - name: docker
+    image: docker:dind
+    privileged: true
+    volumes:
+      - name: dockersock
+        path: /var/run
+    command:
+    - dockerd-entrypoint.sh
+    - dockerd
+    - --host=unix:///var/run/docker.sock
+    - --mtu=1492
+
+volumes:
+  - name: dockersock
+    temp: {}
+
+trigger:
+  branch:
+    - master
+  event:
+    - push
+---
+kind: pipeline
+type: docker
+name: rebuild
+
+steps:
+  - name: rebuild
+    image: docker:dind
+    volumes:
+      - name: dockersock
+        path: /var/run
+    environment:
+      DOCKER_USERNAME:
+        from_secret: docker_username
+      DOCKER_PASSWORD:
+        from_secret: docker_password
+    commands:
+      - sleep 5 # give docker enough time to start
+      - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
+      - ./build/rebuild.sh
+
+services:
+  - name: docker
+    image: docker:dind
+    privileged: true
+    volumes:
+      - name: dockersock
+        path: /var/run
+    command:
+    - dockerd-entrypoint.sh
+    - dockerd
+    - --host=unix:///var/run/docker.sock
+    - --mtu=1492
+
+volumes:
+  - name: dockersock
+    temp: {}
+
+trigger:
+  event:
+    - cron
+  cron:
+    - rebuild
diff --git a/README.md b/README.md
index 1ac2cac..67e404f 100644
--- a/README.md
+++ b/README.md
@@ -7,8 +7,8 @@
 
 # Supported tags and respective `Dockerfile` links
 
--	[`4.6-bookworm`, `latest`](https://github.com/pommi/docker-powerdns/blob/master/debian/12/Dockerfile)
--	[`4.4-bullseye`](https://github.com/pommi/docker-powerdns/blob/master/debian/11/Dockerfile)
+-	[`4.6-bookworm`](https://git.nethuis.nl/pommi/docker-powerdns/src/branch/master/debian/12/Dockerfile)
+-	[`4.9-trixie`, `latest`](https://git.nethuis.nl/pommi/docker-powerdns/src/branch/master/debian/13/Dockerfile)
 
 # Usage
 
@@ -87,3 +87,15 @@ DS = example.tld. IN DS 280 13 1 0dead339b7dacebb6750c7d4e5c9c0f4c19843a9 ; ( SH
 DS = example.tld. IN DS 280 13 2 f340e93c42b3c2c6fa8ef76e044ad2f064c1cd7484e785bdfca0f51cd548c88d ; ( SHA256 digest )
 DS = example.tld. IN DS 280 13 4 a793c7e590a7701c7b39365f99655b865d11961c355a5eb59302282cf653aec8b051ddc9e36a9df0843cad29ca50149a ; ( SHA-384 digest )
 ```
+
+Set `SOA-EDIT` to `INCEPTION-INCREMENT` so that slaves get notified when a rollover has taken place:
+```
+$ docker exec -it powerdns pdnsutil set-meta example.tld SOA-EDIT INCEPTION-INCREMENT
+[bindbackend] Done parsing domains, 0 rejected, 1 new, 0 removed
+Set 'example.tld' meta SOA-EDIT = INCEPTION-INCREMENT
+
+$ docker exec -it powerdns pdnsutil get-meta example.tld
+[bindbackend] Done parsing domains, 0 rejected, 1 new, 0 removed
+Metadata for 'example.tld'
+SOA-EDIT = INCEPTION-INCREMENT
+```
diff --git a/build/rebuild.sh b/build/rebuild.sh
index 41a1af8..e05ade0 100755
--- a/build/rebuild.sh
+++ b/build/rebuild.sh
@@ -1,18 +1,20 @@
 #!/bin/sh
 
+set -x
+
 updates_available () {
     docker pull $1
-    if test "$(docker run -it --rm $1 /bin/sh -c 'apt -qqq update && apt -qq list --upgradable')" != ""; then
+    if test "$(docker run --rm $1 /bin/sh -c 'apt -qqq update && apt -qq list --upgradable')" != ""; then
         return 0
     else
         return 1
     fi
 }
 
-if updates_available pommib/powerdns:4.4-bullseye; then
-    ./debian/11/build.sh
-fi
-
 if updates_available pommib/powerdns:4.6-bookworm; then
     ./debian/12/build.sh
 fi
+
+if updates_available pommib/powerdns:4.9-trixie; then
+    ./debian/13/build.sh
+fi
diff --git a/debian/11/build.sh b/debian/11/build.sh
deleted file mode 100755
index c7a1f93..0000000
--- a/debian/11/build.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-
-set -x
-
-IMAGE=pommib/powerdns:4.4-bullseye
-docker pull $IMAGE
-docker pull debian:bullseye-slim
-docker build --no-cache -t $IMAGE ./debian/11/
-docker push $IMAGE
diff --git a/debian/12/Dockerfile b/debian/12/Dockerfile
index 57fe68b..9964bb9 100644
--- a/debian/12/Dockerfile
+++ b/debian/12/Dockerfile
@@ -1,15 +1,15 @@
 FROM debian:bookworm-slim
 
-RUN set -eux; \
-	apt-get update; \
-	apt-get upgrade -y; \
-	apt-get install -y --no-install-recommends \
+RUN set -eux && \
+	apt-get update && \
+	DEBIAN_FRONTEND=noninteractive apt-get upgrade -y && \
+	DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
 		pdns-server \
 		pdns-backend-bind \
 		sqlite3 \
 		bind9-dnsutils \
 		inotify-tools \
-	; \
+	&& \
 	rm -rf /var/lib/apt/lists/*
 
 ADD start.sh /
diff --git a/debian/12/build.sh b/debian/12/build.sh
index acb58d4..b87ecc0 100755
--- a/debian/12/build.sh
+++ b/debian/12/build.sh
@@ -1,12 +1,9 @@
 #!/bin/sh
 
-set -x
+set -ex
 
 IMAGE=pommib/powerdns:4.6-bookworm
 docker pull $IMAGE
 docker pull debian:bookworm-slim
 docker build --no-cache -t $IMAGE ./debian/12/
 docker push $IMAGE
-
-docker tag $IMAGE pommib/powerdns:latest
-docker push pommib/powerdns:latest
diff --git a/debian/12/start.sh b/debian/12/start.sh
index 060842c..e650da1 100755
--- a/debian/12/start.sh
+++ b/debian/12/start.sh
@@ -11,7 +11,7 @@ sed -i 's/^# bind-dnssec-db=/bind-dnssec-db=\/var\/lib\/powerdns\/bind-dnssec-db
 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no &
 
 # watch for zone changes
-inotifywait -mqre modify --exclude '\.git' --format '%w%f' "/var/lib/powerdns/zones/" |
+inotifywait -mqre modify --exclude '.*(\.git|.*\.swp)' --format '%w%f' "/var/lib/powerdns/zones/" |
     while read -r path; do
         zone=$(basename $path)
         echo [$0] A modification was detected in $path
diff --git a/debian/11/Dockerfile b/debian/13/Dockerfile
similarity index 55%
rename from debian/11/Dockerfile
rename to debian/13/Dockerfile
index 70beedd..4382fa3 100644
--- a/debian/11/Dockerfile
+++ b/debian/13/Dockerfile
@@ -1,15 +1,15 @@
-FROM debian:bullseye-slim
+FROM debian:trixie-slim
 
-RUN set -eux; \
-	apt-get update; \
-	apt-get upgrade -y; \
-	apt-get install -y --no-install-recommends \
+RUN set -eux && \
+	apt-get update && \
+	DEBIAN_FRONTEND=noninteractive apt-get upgrade -y && \
+	DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
 		pdns-server \
 		pdns-backend-bind \
 		sqlite3 \
 		bind9-dnsutils \
 		inotify-tools \
-	; \
+	&& \
 	rm -rf /var/lib/apt/lists/*
 
 ADD start.sh /
diff --git a/debian/13/build.sh b/debian/13/build.sh
new file mode 100755
index 0000000..7e162e9
--- /dev/null
+++ b/debian/13/build.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+set -ex
+
+IMAGE=pommib/powerdns:4.9-trixie
+docker pull $IMAGE
+docker pull debian:trixie-slim
+docker build --no-cache -t $IMAGE ./debian/13/
+docker push $IMAGE
+
+docker tag $IMAGE pommib/powerdns:latest
+docker push pommib/powerdns:latest
diff --git a/debian/11/start.sh b/debian/13/start.sh
similarity index 91%
rename from debian/11/start.sh
rename to debian/13/start.sh
index 060842c..e650da1 100755
--- a/debian/11/start.sh
+++ b/debian/13/start.sh
@@ -11,7 +11,7 @@ sed -i 's/^# bind-dnssec-db=/bind-dnssec-db=\/var\/lib\/powerdns\/bind-dnssec-db
 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no &
 
 # watch for zone changes
-inotifywait -mqre modify --exclude '\.git' --format '%w%f' "/var/lib/powerdns/zones/" |
+inotifywait -mqre modify --exclude '.*(\.git|.*\.swp)' --format '%w%f' "/var/lib/powerdns/zones/" |
     while read -r path; do
         zone=$(basename $path)
         echo [$0] A modification was detected in $path