diff --git a/.drone.yml b/.drone.yml
index 1a04823..5f70256 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,4 +1,85 @@
 ---
+kind: pipeline
+type: docker
+name: Lint the chart
+trigger:
+  event:
+    - push
+
+environment:
+  KIND_VERSION: v0.20.0
+  HELM_VERSION: v3.12.1
+  KUBECTL_VERSION: v1.28.3
+  CT_VERSION: 3.10.1
+
+steps:
+  # ---------------------------------------------------------------------
+  # -- Prepare dependencies
+  # ---------------------------------------------------------------------
+
+  - name: Download dependencies
+    image: ghcr.io/allanger/dumb-downloader:latest
+    commands:
+      - mkdir .bin
+      # -- Download kind
+      - dudo -l "https://kind.sigs.k8s.io/dl/{{ version }}/kind-{{ os }}-{{ arch }}" -d .bin/kind -p $KIND_VERSION
+      - chmod +x .bin/kind
+
+  - name: Check changed charts
+    image: quay.io/helmpack/chart-testing
+    volumes:
+      - name: dockersock
+        path: /var/run
+    commands:
+      - export KUBECONFIG=$PWD/kubeconfig
+      - git fetch origin
+      - |
+        if [[ -n "$(ct list-changed --chart-dirs . --target-branch main)" ]]; then
+          touch .changed
+        fi
+
+  - name: Lint changed charts
+    image: quay.io/helmpack/chart-testing
+    volumes:
+      - name: dockersock
+        path: /var/run
+    commands:
+      - git fetch origin
+      - |
+        if [ -e .changed ]; then
+        ct lint --target-branch main --validate-maintainers=false --chart-dirs .
+        fi
+
+  - name: Test changed charts
+    image: quay.io/helmpack/chart-testing
+    volumes:
+      - name: dockersock
+        path: /var/run
+    commands:
+      - export PATH=$PWD/.bin:$PATH
+      - apk update && apk add docker
+      - kind create cluster --config kind.yaml
+      - sed -i -E -e 's/localhost|0\.0\.0\.0/docker/g' ~/.kube/config
+      - kubectl get storageclass
+      - git fetch origin
+      - |
+        if [ -e .changed ]; then
+          ct install --target-branch main --chart-dirs .
+          ct install --target-branch main --chart-dirs . --upgrade
+        fi
+
+services:
+  - name: docker
+    image: docker:dind
+    privileged: true
+    volumes:
+      - name: dockersock
+        path: /var/run
+
+volumes:
+  - name: dockersock
+    temp: {}
+---
 # ----------------------------------------------
 # -- Build an image and push it to the registry
 # ----------------------------------------------
diff --git a/.woodpecker/.check-workflow.yml b/.woodpecker/.check-workflow.yml
new file mode 100644
index 0000000..8f32929
--- /dev/null
+++ b/.woodpecker/.check-workflow.yml
@@ -0,0 +1,7 @@
+---
+steps:
+  deps:
+    name: Download dependencies
+    image: alpine
+    commands:
+      - echo 1
diff --git a/.woodpecker/.fail.yml b/.woodpecker/.fail.yml
new file mode 100644
index 0000000..40f8f3a
--- /dev/null
+++ b/.woodpecker/.fail.yml
@@ -0,0 +1,2 @@
+steps: supersteps
+
diff --git a/.woodpecker/.test.yml b/.woodpecker/.test.yml
new file mode 100644
index 0000000..7de7e47
--- /dev/null
+++ b/.woodpecker/.test.yml
@@ -0,0 +1,82 @@
+---
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      partial: false
+steps:
+  deps:
+    name: Download dependencies
+    image: ghcr.io/allanger/dumb-downloader:latest
+    environment:
+      KIND_VERSION: v0.20.0
+      HELM_VERSION: v3.12.1
+      KUBECTL_VERSION: v1.28.3
+      CT_VERSION: 3.10.1
+    commands:
+      - mkdir .bin
+      # -- Download kind
+      - dudo -l "https://kind.sigs.k8s.io/dl/{{ version }}/kind-{{ os }}-{{ arch }}" -d .bin/kind -p $KIND_VERSION
+      - chmod +x .bin/kind
+
+  changed:
+    name: Check changed charts
+    image: quay.io/helmpack/chart-testing
+    commands:
+      - git fetch origin
+      - ls -la
+      - ct help
+      - ct lint --chart-dirs . --target-branch main --print-config --debug
+      - |
+        if [[ -n "$(ct list-changed --chart-dirs . --target-branch main)" ]]; then
+          touch .changed
+        fi
+
+  lint:
+    name: Lint charts
+    image: quay.io/helmpack/chart-testing
+    commands:
+      - git fetch origin
+      - |
+        if [ -e .changed ]; then
+          ct lint --target-branch main --validate-maintainers=false --chart-dirs .
+        fi
+
+  test:
+    name: Test charts
+    image: quay.io/helmpack/chart-testing
+    environment:
+      - DOCKER_HOST=tcp://docker:2375
+    commands:
+      - export PATH=$PWD/.bin:$PATH
+      - apk update && apk add docker curl bash
+      - curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | bash
+      - k3d cluster create test --api-port 16443 --k3s-arg="kubelet-args=\"--allowed-unsafe-sysctls=net.ipv4.ip_forward\""@all
+      - sed -i -E -e 's/localhost|0\.0\.0\.0/docker/g' ~/.kube/config
+      - kubectl get storageclass
+      - git fetch origin
+      - |
+        if [ -e .changed ]; then
+          ct install --target-branch main --chart-dirs .
+          ct install --target-branch main --chart-dirs . --upgrade
+        fi
+
+services:
+  docker:
+    image: docker:dind
+    commands:
+      - echo "1" >  /proc/sys/net/ipv4/ip_forward
+      - dockerd -H tcp://0.0.0.0:2375 --tls=false
+    privileged: true
+    ports:
+      - 2375
+      - 16443
+    backend_options:
+      kubernetes:
+        resources:
+          requests:
+            memory: 500Mi
+            cpu: 500m
+          limits:
+            memory: 1000Mi
+            cpu: 1000m
diff --git a/helm/Chart.yaml b/helm/Chart.yaml
index bb6862e..173aa8d 100644
--- a/helm/Chart.yaml
+++ b/helm/Chart.yaml
@@ -3,7 +3,7 @@ apiVersion: v2
 name: openvpn
 description: A Helm chart for deploying OpenVPN
 type: application
-version: 1.0.7
+version: 1.0.8
 appVersion: 2.6.5
 
 sources:
diff --git a/helm/templates/pvc.yaml b/helm/templates/pvc.yaml
index 495cd06..96c3dd7 100644
--- a/helm/templates/pvc.yaml
+++ b/helm/templates/pvc.yaml
@@ -5,7 +5,13 @@ metadata:
   labels:
     {{- include "openvpn-chart.labels" . | nindent 4 }}
 spec:
-  storageClassName: {{ .Values.storage.class }}
+  {{- if .Values.storage.class }}
+  {{- if (eq "-" .Values.storage.class) }}
+  storageClassName: ""
+  {{- else }}
+  storageClassName: "{{ .Values.storage.class }}"
+  {{- end }}
+  {{- end }}
   accessModes:
     - ReadWriteOnce
   resources:
diff --git a/helm/values.yaml b/helm/values.yaml
index 0798f1f..1b7d882 100644
--- a/helm/values.yaml
+++ b/helm/values.yaml
@@ -6,9 +6,8 @@ image:
   # -- TODO: Switch to proper versions
   # -------------------------------------------
   # tag: ""
-
-# ----------------------------- 
-# -- Open VPN configuration 
+# -----------------------------
+# -- Open VPN configuration
 # -----------------------------
 openvpn:
   proto: tcp
@@ -23,25 +22,22 @@ openvpn_admin:
 # -----------------------------
 # -- Easy RSA configuration
 # -----------------------------
-easyrsa: 
-  cn: . # -- EASYRSA_REQ_CN
-  country: . # -- EASYRSA_REQ_COUNTRY
-  province: . # -- EASYRSA_REQ_PROVINCE
-  city: . # -- EASYRSA_REQ_CITY
-  org: . # -- EASYRSA_REQ_ORG
-  email: . # -- EASYRSA_REQ_EMAIL
-  ou: Community # -- EASYRSA_REQ_OU
-  algo: ec # -- EASYRSA_ALGO
-  digest: sha512 # -- EASYRSA_DIGEST 
-
+easyrsa:
+  cn: .  # --  EASYRSA_REQ_CN
+  country: .  # --  EASYRSA_REQ_COUNTRY
+  province: .  # --  EASYRSA_REQ_PROVINCE
+  city: .  # --  EASYRSA_REQ_CITY
+  org: .  # --  EASYRSA_REQ_ORG
+  email: .  # --  EASYRSA_REQ_EMAIL
+  ou: Community  # --  EASYRSA_REQ_OU
+  algo: ec  # --  EASYRSA_ALGO
+  digest: sha512  # --  EASYRSA_DIGEST
 replicaCount: 1
-
-
 imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
 storage:
-  class: local-path
+  class: ""
   size: 1Gi
 serviceAccount:
   # Specifies whether a service account should be created
@@ -51,36 +47,32 @@ serviceAccount:
   # The name of the service account to use.
   # If not set and create is true, a name is generated using the fullname template
   name: ""
-
 podAnnotations: {}
-
 podSecurityContext: {}
-  # fsGroup: 2000
+# fsGroup: 2000
 
 securityContext: {}
-  # capabilities:
-  #   drop:
-  #   - ALL
-  # readOnlyRootFilesystem: true
-  # runAsNonRoot: true
-  # runAsUser: 1000
+# capabilities:
+#   drop:
+#   - ALL
+# readOnlyRootFilesystem: true
+# runAsNonRoot: true
+# runAsUser: 1000
 
 service:
   type: ClusterIP
   port: 1194
   protocol: TCP
-
-
 resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  # limits:
-  #   cpu: 100m
-  #   memory: 128Mi
-  # requests:
-  #   cpu: 100m
+# We usually recommend not to specify default resources and to leave this as a conscious
+# choice for the user. This also increases chances charts run on environments with little
+# resources, such as Minikube. If you do want to specify resources, uncomment the following
+# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+# limits:
+#   cpu: 100m
+#   memory: 128Mi
+# requests:
+#   cpu: 100m
 #   memory: 128Mi
 
 autoscaling:
@@ -89,13 +81,9 @@ autoscaling:
   maxReplicas: 100
   targetCPUUtilizationPercentage: 80
   # targetMemoryUtilizationPercentage: 80
-
 nodeSelector: {}
-
 tolerations: []
-
 affinity: {}
-
 tests:
   enabled: false
-  cleanup: true
\ No newline at end of file
+  cleanup: true
diff --git a/kind.yaml b/kind.yaml
new file mode 100644
index 0000000..5fcc55f
--- /dev/null
+++ b/kind.yaml
@@ -0,0 +1,21 @@
+apiVersion: kind.x-k8s.io/v1alpha4
+kind: Cluster
+name: test
+networking:
+  apiServerAddress: "0.0.0.0"
+  apiServerPort: 16443
+kubeadmConfigPatches:
+  - |
+    kind: InitConfiguration
+    nodeRegistration:
+      kubeletExtraArgs:
+          allowed-unsafe-sysctls: net.ipv4.ip_forward
+nodes:
+  - role: control-plane
+    kubeadmConfigPatches:
+      - |
+        kind: ClusterConfiguration
+        apiServer:
+          certSANs:
+          - "docker"
+  - role: worker