diff --git a/data/hooks/conf_regen/01-yunohost b/data/hooks/conf_regen/01-yunohost
index 0d4f4bcec..3583084a1 100755
--- a/data/hooks/conf_regen/01-yunohost
+++ b/data/hooks/conf_regen/01-yunohost
@@ -2,6 +2,8 @@
 
 set -e
 
+services_path="/etc/yunohost/services.yml"
+
 do_init_regen() {
   if [[ $EUID -ne 0 ]]; then
     echo "You must be root to run this script" 1>&2
@@ -16,22 +18,85 @@ do_init_regen() {
   [[ -f /etc/yunohost/current_host ]] \
     || echo "yunohost.org" > /etc/yunohost/current_host
 
-  # copy default firewall and services
-  # TODO: update them as needed with upgrades
+  # copy default services and firewall
+  [[ -f $services_path ]] \
+    || cp services.yml "$services_path"
   [[ -f /etc/yunohost/firewall.yml ]] \
     || cp firewall.yml /etc/yunohost/firewall.yml
-  [[ -f /etc/yunohost/services.yml ]] \
-    || cp services.yml /etc/yunohost/services.yml
 
   # allow users to access /media directory
   [[ -d /etc/skel/media ]] \
     || (mkdir -p /media && ln -s /media /etc/skel/media)
 }
 
+do_pre_regen() {
+  pending_dir=$1
+
+  cd /usr/share/yunohost/templates/yunohost
+
+  # update services.yml
+  if [[ -f $services_path ]]; then
+      tmp_services_path="${services_path}-tmp"
+      new_services_path="${services_path}-new"
+      sudo cp "$services_path" "$tmp_services_path"
+      _update_services "$new_services_path" || {
+        sudo mv "$tmp_services_path" "$services_path"
+        exit 1
+      }
+      if [[ -f $new_services_path ]]; then
+          # replace services.yml with new one
+          sudo mv "$new_services_path" "$services_path"
+          sudo mv "$tmp_services_path" "${services_path}-old"
+      else
+          sudo rm -f "$tmp_services_path"
+      fi
+  else
+      sudo cp services.yml /etc/yunohost/services.yml
+  fi
+}
+
+_update_services() {
+  sudo python2 - << EOF
+import yaml
+with open('services.yml') as f:
+    new_services = yaml.load(f)
+with open('/etc/yunohost/services.yml') as f:
+    services = yaml.load(f)
+updated = False
+for service, conf in new_services.items():
+    # remove service with empty conf
+    if not conf:
+        if service in services:
+            print("removing '{0}' from services".format(service))
+            del services[service]
+            updated = True
+    # add new service
+    elif not services.get(service, None):
+        print("adding '{0}' to services".format(service))
+        services[service] = conf
+        updated = True
+    # update service conf
+    else:
+        conffiles = services[service].pop('conffiles', {})
+        if services[service] != conf:
+            print("update '{0}' service".format(service))
+            services[service].update(conf)
+            updated = True
+        if conffiles:
+            services[service]['conffiles'] = conffiles
+if updated:
+    with open('/etc/yunohost/services.yml-new', 'w') as f:
+        yaml.safe_dump(services, f, default_flow_style=False)
+EOF
+}
+
 FORCE=$2
 
 case "$1" in
-  pre|post)
+  pre)
+    do_pre_regen $3
+    ;;
+  post)
     ;;
   init)
     do_init_regen
diff --git a/data/templates/yunohost/services.yml b/data/templates/yunohost/services.yml
index f8dc324d3..b4e63479b 100644
--- a/data/templates/yunohost/services.yml
+++ b/data/templates/yunohost/services.yml
@@ -15,8 +15,13 @@ postfix:
    log: [/var/log/mail.log,/var/log/mail.err]
 rmilter:
    status: systemctl status rmilter.socket
+   log: /var/log/mail.log
 rspamd:
    status: systemctl status rspamd.socket
+   log: /var/log/mail.log
+redis-server:
+   status: service
+   log: /var/log/redis/redis-server.log
 mysql:
    status: service
    log: [/var/log/mysql.log,/var/log/mysql.err]
@@ -39,9 +44,6 @@ yunohost-api:
    log: /var/log/yunohost/yunohost-api.log
 yunohost-firewall:
    status: service
-postgrey:
-   status: service
-   log: /var/log/mail.log
 nslcd:
    status: service
    log: /var/log/syslog
@@ -49,3 +51,6 @@ nsswitch:
    status: service
 udisks2:
    status: service
+amavis: null
+postgrey: null
+spamassassin: null