diff --git a/bin/docker-entrypoint.sh b/bin/docker-entrypoint.sh
index 1a225df..1a6e60c 100755
--- a/bin/docker-entrypoint.sh
+++ b/bin/docker-entrypoint.sh
@@ -2,18 +2,18 @@
 
 set -eo pipefail
 
-base_path='/var/www/passbolt'
-gpg_private_key="$base_path/config/gpg/serverkey_private.asc"
-gpg_public_key="$base_path/config/gpg/serverkey.asc"
+gpg_private_key="${PASSBOLT_GPG_SERVER_KEY_PRIVATE:-/var/www/passbolt/config/gpg/serverkey_private.asc}"
+gpg_public_key="${PASSBOLT_GPG_SERVER_KEY_PUBLIC:-/var/www/passbolt/config/gpg/serverkey.asc}"
+
 ssl_key='/etc/ssl/certs/certificate.key'
 ssl_cert='/etc/ssl/certs/certificate.crt'
 
 gpg_gen_key() {
-  key_email="${KEY_EMAIL:-passbolt@yourdomain.com}"
-  key_name="${KEY_NAME:-Passbolt default user}"
-  key_length="${KEY_LENGTH:-2048}"
-  subkey_length="${SUBKEY_LENGTH:-2048}"
-  expiration="${KEY_EXPIRATION:-0}"
+  key_email="${PASSBOLT_KEY_EMAIL:-passbolt@yourdomain.com}"
+  key_name="${PASSBOLT_KEY_NAME:-Passbolt default user}"
+  key_length="${PASSBOLT_KEY_LENGTH:-2048}"
+  subkey_length="${PASSBOLT_SUBKEY_LENGTH:-2048}"
+  expiration="${PASSBOLT_KEY_EXPIRATION:-0}"
 
   su -m -c "gpg --batch --gen-key <<EOF
     Key-Type: 1
@@ -39,7 +39,7 @@ gpg_import_key() {
 
 gen_ssl_cert() {
   openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
-    -subj "/C=FR/ST=Denial/L=Springfield/O=Dis/CN=www.passbolt.local" \
+    -subj '/C=FR/ST=Denial/L=Springfield/O=Dis/CN=www.passbolt.local' \
     -keyout $ssl_key -out $ssl_cert
 }
 
@@ -53,8 +53,8 @@ install() {
     -p"$DATASOURCES_DEFAULT_PASSWORD" |wc -l)
 
   if [ "$tables" -eq 0 ]; then
-    su -c "cp /var/www/passbolt/config/app.default.php /var/www/passbolt/config/app.php" -s /bin/sh www-data
-    su -c "/var/www/passbolt/bin/cake passbolt install --no-admin --force" -s /bin/sh www-data
+    su -c 'cp /var/www/passbolt/config/app.default.php /var/www/passbolt/config/app.php' -s /bin/sh www-data
+    su -c '/var/www/passbolt/bin/cake passbolt install --no-admin --force' -s /bin/sh www-data
   else
     echo "Enjoy! ☮"
   fi
@@ -82,20 +82,20 @@ if [ -z "$DATASOURCES_DEFAULT_HOST" ] \
   exit 1
 fi
 
-if [ ! -f $gpg_private_key ] && [ ! -L $gpg_private_key ] || \
-   [ ! -f $gpg_public_key ] && [ ! -L $gpg_public_key ]; then
+if [ ! -f "$gpg_private_key" ] && [ ! -L "$gpg_private_key" ] || \
+   [ ! -f "$gpg_public_key" ] && [ ! -L "$gpg_public_key" ]; then
   gpg_gen_key
   gpg_import_key
 else
   gpg_import_key
 fi
 
-if [ ! -f $ssl_key ] && [ ! -L $ssl_key ] && \
-   [ ! -f $ssl_cert ] && [ ! -L $ssl_cert ]; then
+if [ ! -f "$ssl_key" ] && [ ! -L "$ssl_key" ] && \
+   [ ! -f "$ssl_cert" ] && [ ! -L "$ssl_cert" ]; then
   gen_ssl_cert
 fi
 
-gpg_auto_fingerprint=$(su -c "gpg --with-fingerprint $gpg_public_key | grep fingerprint | awk '{for(i=4;i<=NF;++i)printf \$i}'" -ls /bin/sh www-data)
+gpg_auto_fingerprint="$(su -c "gpg --with-fingerprint $gpg_public_key | grep fingerprint | awk '{for(i=4;i<=NF;++i)printf \$i}'" -ls /bin/sh www-data)"
 export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint
 install
 email_cron_job