diff --git a/.gitea/workflows/server-deploy.yml b/.gitea/workflows/server-deploy.yml
index 9fbfec6..05ba6cb 100644
--- a/.gitea/workflows/server-deploy.yml
+++ b/.gitea/workflows/server-deploy.yml
@@ -1,50 +1,51 @@
 name: Server Deploy
 
 on:
-  push:
-    branches:
-      - main
-    paths:
-      - "server/**"
-      - "web/**"
-      - "proto/**"
+    push:
+        branches:
+            - main
+        paths:
+            - "server/**"
+            - "web/**"
+            - "proto/**"
 
 jobs:
-  deploy:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
+    deploy:
+        runs-on: ubuntu-docker
+        container: node:26
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v4
 
-      - name: Log in to registry
-        run: |
-          echo "${{ secrets.REGISTRY_PASSWORD }}" | \
-            docker login ${{ vars.GITEA_HOST }} \
-              -u "${{ secrets.REGISTRY_USER }}" --password-stdin
+            - name: Log in to registry
+              run: |
+                  echo "${{ secrets.REGISTRY_PASSWORD }}" | \
+                    docker login ${{ vars.GITEA_HOST }} \
+                      -u "${{ secrets.REGISTRY_USER }}" --password-stdin
 
-      - name: Build and push server image
-        run: |
-          IMAGE="${{ vars.GITEA_HOST }}/${{ github.repository_owner }}/keymanager/server:latest"
-          docker build -t "$IMAGE" -f server/Dockerfile server/
-          docker push "$IMAGE"
+            - name: Build and push server image
+              run: |
+                  IMAGE="${{ vars.GITEA_HOST }}/${{ github.repository_owner }}/keymanager/server:latest"
+                  docker build -t "$IMAGE" -f server/Dockerfile server/
+                  docker push "$IMAGE"
 
-      - name: Build and push web image
-        run: |
-          IMAGE="${{ vars.GITEA_HOST }}/${{ github.repository_owner }}/keymanager/web:latest"
-          docker build \
-            --build-arg NEXT_PUBLIC_API_URL="https://${{ vars.GITEA_HOST }}" \
-            -t "$IMAGE" \
-            -f web/Dockerfile web/
-          docker push "$IMAGE"
+            - name: Build and push web image
+              run: |
+                  IMAGE="${{ vars.GITEA_HOST }}/${{ github.repository_owner }}/keymanager/web:latest"
+                  docker build \
+                    --build-arg NEXT_PUBLIC_API_URL="https://${{ vars.GITEA_HOST }}" \
+                    -t "$IMAGE" \
+                    -f web/Dockerfile web/
+                  docker push "$IMAGE"
 
-      - name: Deploy via SSH
-        uses: https://github.com/appleboy/ssh-action@v1
-        with:
-          host: ${{ secrets.DEPLOY_HOST }}
-          username: ${{ secrets.DEPLOY_USER }}
-          key: ${{ secrets.DEPLOY_SSH_KEY }}
-          script: |
-            cd /opt/keymanager
-            docker compose pull
-            docker compose up -d --remove-orphans
-            docker image prune -f
+            - name: Deploy via SSH
+              uses: https://github.com/appleboy/ssh-action@v1
+              with:
+                  host: ${{ secrets.DEPLOY_HOST }}
+                  username: ${{ secrets.DEPLOY_USER }}
+                  key: ${{ secrets.DEPLOY_SSH_KEY }}
+                  script: |
+                      cd /opt/keymanager
+                      docker compose pull
+                      docker compose up -d --remove-orphans
+                      docker image prune -f
diff --git a/agent/internal/grpc/client.go b/agent/internal/grpc/client.go
index e6ee16c..306e49b 100644
--- a/agent/internal/grpc/client.go
+++ b/agent/internal/grpc/client.go
@@ -3,6 +3,7 @@ package grpcclient
 import (
 	"context"
 	"crypto/tls"
+	"strings"
 	"time"
 
 	"github.com/mrhid6/keymanager/agent/internal/grpc/pb"
@@ -22,6 +23,9 @@ type Client struct {
 }
 
 func New(serverURL string, useTLS bool) (*Client, error) {
+	serverURL = strings.TrimPrefix(serverURL, "https://")
+	serverURL = strings.TrimPrefix(serverURL, "http://")
+
 	var dialOpts []grpc.DialOption
 
 	if useTLS {
diff --git a/server/internal/api/handlers.go b/server/internal/api/handlers.go
index 7ae0dad..9424f4a 100644
--- a/server/internal/api/handlers.go
+++ b/server/internal/api/handlers.go
@@ -66,11 +66,11 @@ func newServer(c *gin.Context) {
 	}
 	host := os.Getenv("PUBLIC_HOST")
 	if host == "" {
-		host = "keymanager.example.com"
+		host = "https://keymanager.example.com"
 	}
 
 	installCmd := fmt.Sprintf(
-		`curl -fsSL "https://%s/install?server_id=%s&token=%s" | bash`,
+		`curl -fsSL "%s/install?server_id=%s&token=%s" | bash`,
 		host, s.ServerID, token,
 	)
 
@@ -218,6 +218,8 @@ SERVER_ID="%s"
 TOKEN="%s"
 GITEA_HOST="%s"
 KM_HOST="%s"
+KM_HOST="${KM_HOST#https://}"
+KM_HOST="${KM_HOST#http://}"
 
 ARCH=$(uname -m)
 case "$ARCH" in
@@ -236,8 +238,9 @@ if [ -z "$LATEST" ]; then
 fi
 
 VERSION="${LATEST#agent/}"
-BINARY_URL="https://${GITEA_HOST}/mrhid6/keymanager/releases/download/${LATEST}/keymanager-agent-linux-${ARCH}"
-CHECKSUM_URL="https://${GITEA_HOST}/mrhid6/keymanager/releases/download/${LATEST}/checksums.txt"
+LATEST_ENCODED="${LATEST/\//%%2F}"
+BINARY_URL="https://${GITEA_HOST}/mrhid6/keymanager/releases/download/${LATEST_ENCODED}/keymanager-agent-linux-${ARCH}"
+CHECKSUM_URL="https://${GITEA_HOST}/mrhid6/keymanager/releases/download/${LATEST_ENCODED}/checksums.txt"
 
 echo "Installing keymanager-agent ${VERSION} (${ARCH})..."