diff --git a/Dockerfile b/Dockerfile
index ab02eece3..a2ca83afb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -13,18 +13,20 @@ RUN SYSTEM="docker" make release
 RUN cd crowdsec-v* && ./wizard.sh --docker-mode && cd -
 RUN cscli hub update && cscli collections install crowdsecurity/linux && cscli parsers install crowdsecurity/whitelists
 FROM alpine:latest
-RUN apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community tzdata yq
-COPY --from=build /etc/crowdsec /etc/crowdsec
-COPY --from=build /var/lib/crowdsec /var/lib/crowdsec
+RUN apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community tzdata yq && \
+  mkdir -p /staging/etc/crowdsec && \
+  mkdir -p /staging/var/lib/crowdsec
+COPY --from=build /etc/crowdsec /staging/etc/crowdsec
+COPY --from=build /var/lib/crowdsec /staging/var/lib/crowdsec
 COPY --from=build /usr/local/bin/crowdsec /usr/local/bin/crowdsec
 COPY --from=build /usr/local/bin/cscli /usr/local/bin/cscli
 COPY --from=build /go/src/crowdsec/docker/docker_start.sh /
-COPY --from=build /go/src/crowdsec/docker/config.yaml /etc/crowdsec/config.yaml
+COPY --from=build /go/src/crowdsec/docker/config.yaml /staging/etc/crowdsec/config.yaml
 #Due to the wizard using cp -n, we have to copy the config files directly from the source as -n does not exist in busybox cp
 #The files are here for reference, as users will need to mount a new version to be actually able to use notifications
-COPY --from=build /go/src/crowdsec/plugins/notifications/http/http.yaml /etc/crowdsec/notifications/http.yaml
-COPY --from=build /go/src/crowdsec/plugins/notifications/slack/slack.yaml /etc/crowdsec/notifications/slack.yaml
-COPY --from=build /go/src/crowdsec/plugins/notifications/splunk/splunk.yaml /etc/crowdsec/notifications/splunk.yaml
+COPY --from=build /go/src/crowdsec/plugins/notifications/http/http.yaml /staging/etc/crowdsec/notifications/http.yaml
+COPY --from=build /go/src/crowdsec/plugins/notifications/slack/slack.yaml /staging/etc/crowdsec/notifications/slack.yaml
+COPY --from=build /go/src/crowdsec/plugins/notifications/splunk/splunk.yaml /staging/etc/crowdsec/notifications/splunk.yaml
 COPY --from=build /usr/local/lib/crowdsec/plugins /usr/local/lib/crowdsec/plugins
 
 ENTRYPOINT /bin/sh docker_start.sh
diff --git a/docker/docker_start.sh b/docker/docker_start.sh
index 3eaab29a8..2e912430d 100755
--- a/docker/docker_start.sh
+++ b/docker/docker_start.sh
@@ -6,6 +6,18 @@ if [ "$CONFIG_FILE" != "" ]; then
     CS_CONFIG_FILE="$CONFIG_FILE"
 fi
 
+#Check & prestage databases
+if [ ! -e "/var/lib/data/GeoLite2-ASN.mmdb" ] && [ ! -e "/var/lib/data/GeoLite2-City.mmdb" ]; then
+    mkdir -p /var/lib/crowdsec/data
+    cp /staging/var/lib/crowdsec/data/*.mmdb /var/lib/crowdsec/data/
+fi
+
+#Check & prestage /etc/crowdsec
+if [ ! -e "/etc/crowdsec/local_api_credentials.yaml" ] && [ ! -e "/etc/crowdsec/config.yaml" ]; then
+    mkdir -p /etc/crowdsec
+    cp -r /staging/etc/* /etc/
+fi
+
 # regenerate local agent credentials (ignore if agent is disabled)
 if [ "$DISABLE_AGENT" == "" ] ; then
     echo "Regenerate local agent credentials"