diff --git a/deployment.sh b/deployment.sh
index 0938eb0..996db3d 100755
--- a/deployment.sh
+++ b/deployment.sh
@@ -738,21 +738,6 @@ fi
 [ -n "$EIFACE" ] || EIFACE=$INSTALL_DEV
 [ -n "$EADDR" ] || EADDR=$INSTALL_IP
 
-# needed as environment vars for ngcp-installer
-if "$PRO_EDITION" ; then
-  export CROLE
-  export ROLE
-  export IP1
-  export IP2
-  export EADDR
-  export EIFACE
-  export MCASTADDR
-  export DHCP
-else
-  export EIFACE
-  export DHCP
-fi
-
 if "$CE_EDITION" ; then
   case "$SP_VERSION" in
     # we do not have a local mirror for lenny, so disable it
@@ -1413,41 +1398,7 @@ get_installer_path() {
   fi
 }
 
-if "$NGCP_INSTALLER" ; then
-
-  if "$RETRIEVE_MGMT_CONFIG" ; then
-    password=sipwise
-    echo "Retrieving SSH keys from management server (using password ${password})"
-
-    mkdir -p "${TARGET}"/root/.ssh
-
-    wget --timeout=30 -O "${TARGET}"/root/.ssh/authorized_keys "${MANAGEMENT_IP}:3000/ssh/authorized_keys"
-    wget --timeout=30 -O "${TARGET}"/root/.ssh/id_rsa          "${MANAGEMENT_IP}:3000/ssh/id_rsa?password=${password}"
-    wget --timeout=30 -O "${TARGET}"/root/.ssh/id_rsa.pub      "${MANAGEMENT_IP}:3000/ssh/id_rsa_pub"
-    wget --timeout=30 -O "${TARGET}"/root/.ssh/known_hosts     "${MANAGEMENT_IP}:3000/ssh/known_hosts"
-
-    chmod 600 "${TARGET}"/root/.ssh/authorized_keys
-    chmod 600 "${TARGET}"/root/.ssh/id_rsa
-    chmod 644 "${TARGET}"/root/.ssh/id_rsa.pub
-    chmod 600 "${TARGET}"/root/.ssh/known_hosts
-
-    wget --timeout=30 -O "${TARGET}"/etc/ssh/ssh_host_dsa_key     "${MANAGEMENT_IP}:3000/ssh/host_dsa_key?password=${password}"
-    wget --timeout=30 -O "${TARGET}"/etc/ssh/ssh_host_dsa_key.pub "${MANAGEMENT_IP}:3000/ssh/host_dsa_key_pub"
-    wget --timeout=30 -O "${TARGET}"/etc/ssh/ssh_host_rsa_key     "${MANAGEMENT_IP}:3000/ssh/host_rsa_key?password=${password}"
-    wget --timeout=30 -O "${TARGET}"/etc/ssh/ssh_host_rsa_key.pub "${MANAGEMENT_IP}:3000/ssh/host_rsa_key_pub"
-
-    chmod 600 "${TARGET}"/etc/ssh/ssh_host_dsa_key
-    chmod 644 "${TARGET}"/etc/ssh/ssh_host_dsa_key.pub
-    chmod 600 "${TARGET}"/etc/ssh/ssh_host_rsa_key
-    chmod 644 "${TARGET}"/etc/ssh/ssh_host_rsa_key.pub
-  fi
-
-  # add sipwise user
-  adduser_sipwise
-
-  # set INSTALLER_PATH and INSTALLER depending on release/version
-  get_installer_path
-
+set_repos() {
   cat > $TARGET/etc/apt/sources.list << EOF
 # Please visit /etc/apt/sources.list.d/ instead.
 EOF
@@ -1459,17 +1410,17 @@ EOF
 deb ${MIRROR} ${DEBIAN_RELEASE} main contrib non-free
 EOF
 
-# drop this once Debian/jessie has security support
-if [ -n "$SEC_MIRROR" ] ; then
-  echo "deb ${SEC_MIRROR} ${DEBIAN_RELEASE}-security main contrib non-free" >> $TARGET/etc/apt/sources.list.d/debian.list
-else
-  echo  "Warning: security mirror variable SEC_MIRROR is unset, not enabling security repository for $DEBIAN_RELEASE"
-  logit "Warning: security mirror variable SEC_MIRROR is unset, not enabling security repository for $DEBIAN_RELEASE"
-fi
+  # drop this once Debian/jessie has security support
+  if [ -n "$SEC_MIRROR" ] ; then
+    echo "deb ${SEC_MIRROR} ${DEBIAN_RELEASE}-security main contrib non-free" \
+      >> $TARGET/etc/apt/sources.list.d/debian.list
+  else
+    echo  "Warning: security mirror variable SEC_MIRROR is unset, not enabling security repository for $DEBIAN_RELEASE"
+    logit "Warning: security mirror variable SEC_MIRROR is unset, not enabling security repository for $DEBIAN_RELEASE"
+  fi
 
 cat >> $TARGET/etc/apt/sources.list.d/debian.list << EOF
 deb ${MIRROR} ${DEBIAN_RELEASE}-updates main contrib non-free
-
 EOF
 
   # support testing rc releases without providing an according installer package ahead
@@ -1481,10 +1432,6 @@ EOF
 
 # Sipwise repositories
 deb [arch=amd64] http://${SIPWISE_REPO_HOST}/autobuild/release/release-${AUTOBUILD_RELEASE} release-${AUTOBUILD_RELEASE} main
-
-# Sipwise ${DEBIAN_RELEASE} backports
-deb [arch=amd64] http://${SIPWISE_REPO_HOST}/${DEBIAN_RELEASE}-backports/ ${DEBIAN_RELEASE}-backports main
-
 EOF
   elif [ -n "$MRBUILD_RELEASE" ] ; then
     echo "Running installer with sources.list for $DEBIAN_RELEASE + mr release-$MRBUILD_RELEASE"
@@ -1494,74 +1441,102 @@ EOF
 # Sipwise repository
 deb [arch=amd64] http://${SIPWISE_REPO_HOST}/sppro/${MRBUILD_RELEASE}/ ${DEBIAN_RELEASE} main
 #deb-src http://${SIPWISE_REPO_HOST}/sppro/${MRBUILD_RELEASE}/ ${DEBIAN_RELEASE} main
-
 EOF
     else # CE
       cat >> $TARGET/etc/apt/sources.list.d/sipwise.list << EOF
 # Sipwise repository
 deb [arch=amd64] http://${SIPWISE_REPO_HOST}/spce/${MRBUILD_RELEASE}/ ${DEBIAN_RELEASE} main
 #deb-src http://${SIPWISE_REPO_HOST}/spce/${MRBUILD_RELEASE}/ ${DEBIAN_RELEASE} main
-
 EOF
     fi
+  fi # $MRBUILD_RELEASE
+}
 
-    cat >> $TARGET/etc/apt/sources.list.d/sipwise.list << EOF
-# Sipwise $DEBIAN_RELEASE backports
-deb [arch=amd64] http://${SIPWISE_REPO_HOST}/${DEBIAN_RELEASE}-backports/ ${DEBIAN_RELEASE}-backports main
-#deb-src http://${SIPWISE_REPO_HOST}/${DEBIAN_RELEASE}-backports/ ${DEBIAN_RELEASE}-backports main
+gen_installer_config () {
+  if "$PRO_EDITION" ; then
+    cat > ${TARGET}/usr/share/ngcp-installer/config_deploy.inc << EOF
+HNAME="${ROLE}"
+CROLE="${CROLE}"
+IP1="${IP1}"
+IP2="${IP2}"
+EIFACE="${EIFACE}"
+EADDR="${EADDR}"
+MCASTADDR="${MCASTADDR}"
+EOF
+  fi
 
+  cat >> ${TARGET}/usr/share/ngcp-installer/config_deploy.inc << EOF
+FORCE=yes
+SKIP_SOURCES_LIST="${SKIP_SOURCES_LIST}"
+ADJUST_FOR_LOW_PERFORMANCE="${ADJUST_FOR_LOW_PERFORMANCE}"
+ENABLE_VM_SERVICES="${ENABLE_VM_SERVICES}"
+SIPWISE_REPO_HOST="${SIPWISE_REPO_HOST}"
+SIPWISE_REPO_TRANSPORT="${SIPWISE_REPO_TRANSPORT}"
 EOF
-  fi # $MRBUILD_RELEASE
+fi
+}
+
+if "$NGCP_INSTALLER" ; then
 
+  if "$RETRIEVE_MGMT_CONFIG" ; then
+    password=sipwise
+    echo "Retrieving SSH keys from management server (using password ${password})"
+
+    mkdir -p "${TARGET}"/root/.ssh
+
+    wget --timeout=30 -O "${TARGET}"/root/.ssh/authorized_keys "${MANAGEMENT_IP}:3000/ssh/authorized_keys"
+    wget --timeout=30 -O "${TARGET}"/root/.ssh/id_rsa          "${MANAGEMENT_IP}:3000/ssh/id_rsa?password=${password}"
+    wget --timeout=30 -O "${TARGET}"/root/.ssh/id_rsa.pub      "${MANAGEMENT_IP}:3000/ssh/id_rsa_pub"
+    wget --timeout=30 -O "${TARGET}"/root/.ssh/known_hosts     "${MANAGEMENT_IP}:3000/ssh/known_hosts"
+
+    chmod 600 "${TARGET}"/root/.ssh/authorized_keys
+    chmod 600 "${TARGET}"/root/.ssh/id_rsa
+    chmod 644 "${TARGET}"/root/.ssh/id_rsa.pub
+    chmod 600 "${TARGET}"/root/.ssh/known_hosts
+
+    wget --timeout=30 -O "${TARGET}"/etc/ssh/ssh_host_dsa_key     "${MANAGEMENT_IP}:3000/ssh/host_dsa_key?password=${password}"
+    wget --timeout=30 -O "${TARGET}"/etc/ssh/ssh_host_dsa_key.pub "${MANAGEMENT_IP}:3000/ssh/host_dsa_key_pub"
+    wget --timeout=30 -O "${TARGET}"/etc/ssh/ssh_host_rsa_key     "${MANAGEMENT_IP}:3000/ssh/host_rsa_key?password=${password}"
+    wget --timeout=30 -O "${TARGET}"/etc/ssh/ssh_host_rsa_key.pub "${MANAGEMENT_IP}:3000/ssh/host_rsa_key_pub"
+
+    chmod 600 "${TARGET}"/etc/ssh/ssh_host_dsa_key
+    chmod 644 "${TARGET}"/etc/ssh/ssh_host_dsa_key.pub
+    chmod 600 "${TARGET}"/etc/ssh/ssh_host_rsa_key
+    chmod 644 "${TARGET}"/etc/ssh/ssh_host_rsa_key.pub
+  fi
+
+  # add sipwise user
+  adduser_sipwise
+
+  # set INSTALLER_PATH and INSTALLER depending on release/version
+  get_installer_path
+
+  # generate debian/sipwise repos
+  set_repos
 
   set_deploy_status "ngcp-installer"
 
-  # install and execute ngcp-installer
+  # install ngcp-installer
   logit "ngcp-installer: $INSTALLER"
-  INSTALLER_OPTS="TRUNK_VERSION=$TRUNK_VERSION SKIP_SOURCES_LIST=$SKIP_SOURCES_LIST ADJUST_FOR_LOW_PERFORMANCE=$ADJUST_FOR_LOW_PERFORMANCE "
-  INSTALLER_OPTS+="ENABLE_VM_SERVICES=$ENABLE_VM_SERVICES "
-  if $PRO_EDITION && ! $LINUX_HA3 ; then # HA v2
-    echo "$INSTALLER_OPTS ngcp-installer $ROLE $CROLE $IP1 $IP2 $EADDR $EIFACE" > /tmp/ngcp-installer-cmdline.log
-    cat << EOT | grml-chroot $TARGET /bin/bash
+  cat << EOT | grml-chroot $TARGET /bin/bash
 wget ${INSTALLER_PATH}/${INSTALLER}
 dpkg -i $INSTALLER
-$INSTALLER_OPTS ngcp-installer \$ROLE \$CROLE \$IP1 \$IP2 \$EADDR \$EIFACE 2>&1 | tee -a /tmp/ngcp-installer-debug.log
-RC=\${PIPESTATUS[0]}
-if [ \$RC -ne 0 ] ; then
-  echo "Fatal error while running ngcp-installer:" >&2
-  tail -10 /tmp/ngcp-installer.log
-  exit \$RC
-fi
 EOT
 
-  elif $PRO_EDITION && $LINUX_HA3 ; then # HA v3
-    echo "$INSTALLER_OPTS ngcp-installer $ROLE $IP1 $IP2 $EADDR $EIFACE $MCASTADDR" > /tmp/ngcp-installer-cmdline.log
-    cat << EOT | grml-chroot $TARGET /bin/bash
-wget ${INSTALLER_PATH}/${INSTALLER}
-dpkg -i $INSTALLER
-$INSTALLER_OPTS ngcp-installer \$ROLE \$IP1 \$IP2 \$EADDR \$EIFACE \$MCASTADDR 2>&1 | tee -a /tmp/ngcp-installer-debug.log
-RC=\${PIPESTATUS[0]}
-if [ \$RC -ne 0 ] ; then
-  echo "Fatal error while running ngcp-installer (HA v3):" >&2
-  tail -10 /tmp/ngcp-installer.log
-  exit \$RC
-fi
-EOT
+  # set installer configs
+  gen_installer_config
 
-  else # spce
-    echo "$INSTALLER_OPTS ngcp-installer" > /tmp/ngcp-installer-cmdline.log
-    cat << EOT | grml-chroot $TARGET /bin/bash
-wget ${INSTALLER_PATH}/${INSTALLER}
-dpkg -i $INSTALLER
-echo y | $INSTALLER_OPTS ngcp-installer 2>&1 | tee -a /tmp/ngcp-installer-debug.log
-RC=\${PIPESTATUS[1]}
+  # execute ngcp-installer
+  echo "ngcp-installer" > /tmp/ngcp-installer-cmdline.log
+  cat << EOT | grml-chroot $TARGET /bin/bash
+$INSTALLER_OPTS ngcp-installer 2>&1 | tee -a /tmp/ngcp-installer-debug.log
+RC=\${PIPESTATUS[0]}
 if [ \$RC -ne 0 ] ; then
   echo "Fatal error while running ngcp-installer:" >&2
   tail -10 /tmp/ngcp-installer.log
   exit \$RC
 fi
 EOT
-  fi
 
   # baby, something went wrong!
   if [ $? -eq 0 ] ; then