diff --git a/Makefile b/Makefile
index d8dcd900b7b6059a6d87df82535adc7ecf8cfd33..5aa2a33ee36173fddf01f37f827756d6f025cb3b 100644
--- a/Makefile
+++ b/Makefile
@@ -129,7 +129,7 @@ prepare_uninstall_dev_srv:
 	@echo "[Uninstalling nexus-server development environment in $(SERVER_BASEDIR)]"
 
 run_srv: check_prefix_var $(SERVER_BASEDIR)/bin/nexus-server
-	@cd $(SERVER_BASEDIR)/bin && NEXUS_CERTS_DIR=../certs ./nexus-server
+	@cd $(SERVER_BASEDIR)/bin && ./nexus-server
 
 #-------------------------------------------------------------------------
 # Server targets for prod environment
diff --git a/config/server/nexus.conf b/config/server/nexus.conf
new file mode 100644
index 0000000000000000000000000000000000000000..5f40ddfff76532e581ef0434dabded63d45a1564
--- /dev/null
+++ b/config/server/nexus.conf
@@ -0,0 +1,32 @@
+# Port the API listens to (must be > 1024 and < 65535)
+APIDefaultPort = 1077
+
+# Define the range of ports used by each VM for their spice server
+VMSpiceMinPort = 1100
+VMSpiceMaxPort = 65535
+
+# Log level
+# Supported levels: panic, fatal, error, warn, info, debug
+LogLevel = info
+
+# Absolute path to QEMU system binary
+QemuSystem = /usr/bin/qemu-system-x86_64
+
+# Absolute path to QEMU image binary
+QemuImg = /usr/bin/qemu-img
+
+# Absolute path to guestfish binary
+Guestfish = /usr/bin/guestfish
+
+# Directory where temporary files are created
+TmpDir = /tmp
+
+MaxUploadSize = 30G
+
+# We estimate that KVM allows for this amount of RAM saving in % (due to page sharing across VMs).
+# 30% seems to be a pretty conservative estimate.
+KsmRamSaving = 0.3
+
+# To prevent RAM saturation, we refuse running new VMs if more than
+# this amount of memory is being used (in %).
+RamUsageLimit = 0.85
diff --git a/config/server/systemd/nexus-server.service b/config/server/systemd/nexus-server.service
index 9b03f88345814a004a91668b2c13a54fb161096d..9f2148b39a6823ef33b16f9f683b142738185144 100644
--- a/config/server/systemd/nexus-server.service
+++ b/config/server/systemd/nexus-server.service
@@ -3,8 +3,6 @@ Description=nexus-server service
 After=network.target
 
 [Service]
-Environment="PATH=/usr/bin:$PATH"
-Environment="NEXUS_CERTS_DIR=_PREFIX_/nexus-server/certs"
 User=nexus
 Group=nexus
 UMask=0007
diff --git a/src/server/consts/consts.go b/src/server/consts/consts.go
index 804daca07e8fc1bbd940789f4839ac10a294bbdb..042a1bf27e23b265c2254038a69984d1fd950175 100644
--- a/src/server/consts/consts.go
+++ b/src/server/consts/consts.go
@@ -3,12 +3,8 @@ package consts
 const (
     DefaultLogLevel = "info"
 
-    ENV_NEXUS_CERTS_DIR = "NEXUS_CERTS_DIR"
-
     APIDefaultPort = 1077
-    APIPortMin     = 1025
-    APIPortMax     = 1099
-
+    
     VMSpiceMinPort = 1100
     VMSpiceMaxPort = 65535
 
diff --git a/src/server/nexus-server.go b/src/server/nexus-server.go
index 97cd7b95016d800b57b440f4fecac3613d78a990..f72a8b249fae4f816e990ca75437d30f70c48b7c 100644
--- a/src/server/nexus-server.go
+++ b/src/server/nexus-server.go
@@ -5,7 +5,6 @@ import (
     "fmt"
     "path"
     "flag"
-    "strconv"
     "strings"
     "nexus-server/vms"
     "nexus-server/exec"
@@ -49,9 +48,6 @@ func main() {
     }
 
     loglevelFlag := flag.String("l", consts.DefaultLogLevel, "Log level: debug, info, warn, error, fatal")
-    portMin := strconv.Itoa(consts.APIPortMin)
-    portMax := strconv.Itoa(consts.APIPortMax)
-    portFlag := flag.Int("p", consts.APIDefaultPort, "Port on which to listen to (between "+portMin+" and "+portMax+")")
     flag.Parse()
 
     loglevelStr := strings.ToLower(*loglevelFlag)
@@ -71,12 +67,6 @@ func main() {
             usage()
     }
 
-    port := *portFlag
-    if port < consts.APIPortMin || port > consts.APIPortMax {
-        fmt.Println("Invalid port number!")
-        usage()
-    }
-
     err := users.InitUsers()
     if err != nil {
         log.Fatal(err.Error())
@@ -95,5 +85,5 @@ func main() {
 
     cleaner.Start()
 
-    router.New().Start(port)
+    router.New().Start(consts.APIDefaultPort)
 }
diff --git a/src/server/paths/paths.go b/src/server/paths/paths.go
index 472ccc27bb84e4b3de914d370c5f2c6b7c0e2ae8..cc84107ece7f66c5b5ce14dcb802266845278e9d 100644
--- a/src/server/paths/paths.go
+++ b/src/server/paths/paths.go
@@ -1,10 +1,8 @@
 package paths
 
 import (
-    "os"
     "path/filepath"
     "nexus-server/logger"
-    c "nexus-server/consts"
 )
 
 type Paths struct {
@@ -13,7 +11,7 @@ type Paths struct {
     DataDir string
     VMsDir string
     TemplatesDir string
-    NexusPkiDir string
+    CertsDir string
     TmpDir string
 }
 
@@ -25,16 +23,7 @@ func GetInstance() *Paths {
 }
 
 func Init() {
-    certsDirEnvVar, found := os.LookupEnv(c.ENV_NEXUS_CERTS_DIR)
-    if !found {
-        log.Error("Environment variable \""+c.ENV_NEXUS_CERTS_DIR+"\" must be set!")
-        log.Error("It defines the directory where server-cert.pem and server-key.pem reside.")
-        os.Exit(1)
-    }
-
-    certsDir, _ := filepath.Abs(certsDirEnvVar)
-    log.Info("Using certificates in ", certsDir)
-
+    certs := "../certs"
     config := "../config"
     data := "../data"
     paths = &Paths {
@@ -43,7 +32,7 @@ func Init() {
         DataDir: data,
         VMsDir: filepath.Join(data, "/vms"),
         TemplatesDir: filepath.Join(data, "/templates"),
-        NexusPkiDir: certsDirEnvVar,
+        CertsDir: certs,
         TmpDir: filepath.Join(data, "/tmp"),
     }
 }
diff --git a/src/server/router/router.go b/src/server/router/router.go
index 5941b102b860c04a83f56b7362fab83360a1f7e3..c67718f47812d32945c059587b4501c29e89d92e 100644
--- a/src/server/router/router.go
+++ b/src/server/router/router.go
@@ -107,8 +107,8 @@ func (router *Router)Start(port int) {
 
     // Starts server in a dedicated goroutine.
     go func() {
-        pkiDir := paths.GetInstance().NexusPkiDir
-        if err := router.echo.StartTLS(":"+strconv.Itoa(port), filepath.Join(pkiDir, "/server-cert.pem"), filepath.Join(pkiDir, "/server-key.pem")); err != nil {
+        certsDir := paths.GetInstance().CertsDir
+        if err := router.echo.StartTLS(":"+strconv.Itoa(port), filepath.Join(certsDir, "/server-cert.pem"), filepath.Join(certsDir, "/server-key.pem")); err != nil {
             if err != http.ErrServerClosed {
                 log.Fatal("Server error: "+err.Error())
             } else {
diff --git a/src/server/vms/vms.go b/src/server/vms/vms.go
index b77fa11519a4e001f3f625c70f01026a0012a5b9..00ea29319470014c5a2bcdf867ab19a2aa0c557a 100644
--- a/src/server/vms/vms.go
+++ b/src/server/vms/vms.go
@@ -51,6 +51,7 @@ func GetVMsInstance() *VMs {
 func InitVMs() error {
     vmsDir := paths.GetInstance().VMsDir
     vms = &VMs { m: make(map[string]*VM), dir: vmsDir, rwlock: new(sync.RWMutex), usedRAM: 0 }
+    vms.usedPorts[c.APIDefaultPort] = true
 
     errMsg := "Failed reading VMs directory: "
     dirs1, err := utils.GetSubDirs(vmsDir)
@@ -241,8 +242,8 @@ func (vms *VMs)StartVMWithCreds(vmID uuid.UUID, port int, checkPort bool, pwd st
 
     // Function that executes the VM in QEMU using the specified spice port and password.
     runQemuFn := func(vm *VM, port int, pwd, pwdFile string, endofExecFn endOfExecCallback) error {
-        pkiDir := paths.GetInstance().NexusPkiDir
-        cmd, err := exec.NewQemuSystem(vm.qgaSock, vm.v.Cpus, vm.v.Ram, string(vm.v.Nic), vm.v.UsbDevs, filepath.Join(vm.dir, vmDiskFile), port, pwdFile, pkiDir)
+        certsDir := paths.GetInstance().CertsDir
+        cmd, err := exec.NewQemuSystem(vm.qgaSock, vm.v.Cpus, vm.v.Ram, string(vm.v.Nic), vm.v.UsbDevs, filepath.Join(vm.dir, vmDiskFile), port, pwdFile, certsDir)
         if err != nil {
             log.Error(prefix+"filepath join error: "+err.Error())
             return err