diff --git a/sulu/sulu-builder/files/etc/sulu/sulu.sh b/sulu/sulu-builder/files/etc/sulu/sulu.sh
index 89d0ff722..d9b33d978 100644
--- a/sulu/sulu-builder/files/etc/sulu/sulu.sh
+++ b/sulu/sulu-builder/files/etc/sulu/sulu.sh
@@ -1,19 +1,19 @@
 #!/bin/sh
 
+# format using "shfmt"
+
 . /lib/functions.sh
 
 _RESTART_SERVICES="0"
 
 mkdir -p /tmp/sulu/
 
-function slog()
-{
-	echo "$*" |logger -t sulu.init -p debug
+function slog() {
+	echo "$*" | logger -t sulu.init -p debug
 }
 
-function _get_agent_id()
-{
-        local oui serial endpointid
+function _get_agent_id() {
+	local oui serial endpointid
 
 	endpointid="$(uci_get obuspa localagent EndpointID)"
 	if [ -z "${endpointid}" ]; then
@@ -21,14 +21,13 @@ function _get_agent_id()
 		serial="$(db -q get device.deviceinfo.SerialNumber)"
 		echo "${oui}-${serial//+/%2B}"
 	else
-		endpointid="$(echo "${endpointid/::/,}"|cut -d "," -f 2)"
+		endpointid="$(echo "${endpointid/::/,}" | cut -d "," -f 2)"
 		endpointid="${endpointid//+/%2B}"
 	fi
 }
 
-function _get_endpoint_id()
-{
-        local oui serial endpointid
+function _get_endpoint_id() {
+	local oui serial endpointid
 
 	endpointid="$(uci_get obuspa localagent EndpointID)"
 	if [ -z "${endpointid}" ]; then
@@ -40,109 +39,107 @@ function _get_endpoint_id()
 	fi
 }
 
-function _get_sulu_users()
-{
+function _get_sulu_users() {
 	echo "$(uci -q get sulu.global.user)"
 }
 
-function _get_sulu_root()
-{
+function _get_sulu_root() {
 	local root
 
 	root="$(uci -q get nginx._sulu_s.root)"
 	echo "${root:-/sulu}"
 }
 
-function _get_sulu_connection_config()
-{
+function _get_sulu_connection_config() {
 	local config
 
 	config="$(_get_sulu_root)/presets/connection-config.json"
 	echo "${config}"
 }
 
-function _get_sulu_session_mode()
-{
+function _get_sulu_session_mode() {
 	echo "$(uci -q get sulu.global.SessionMode)"
 }
 
-function _get_usp_upstream_port()
-{
+function _get_usp_upstream_port() {
 	local port
 
 	port="$(uci -q get mosquitto.sulu.port)"
 	echo "${port:-9009}"
 }
 
-function _get_sulu_acl_file()
-{
+function _get_sulu_acl_file() {
 	local file
 
 	file="$(uci -q get mosquitto.sulu.acl_file)"
 	echo "${file}"
 }
 
-function _get_sulu_http_port()
-{
+function _get_sulu_http_port() {
 	local port listen
 
 	listen="$(uci -q get nginx._sulu_http.listen)"
-	port="$(echo $listen|grep -Eo '[0-9]+'|head -n 1)"
+	port="$(echo $listen | grep -Eo '[0-9]+' | head -n 1)"
 
 	echo "${port:-8080}"
 }
 
-function update_nginx_template()
-{
+function update_nginx_template() {
 	local port
 
 	UCI_TEMPLATE="/etc/nginx/uci.conf.template"
 	port="$(_get_usp_upstream_port)"
-        if ! grep -q "upstream websocket { server 127.0.0.1:${port}; }" ${UCI_TEMPLATE}; then
+	if ! grep -q "upstream websocket { server 127.0.0.1:${port}; }" ${UCI_TEMPLATE}; then
 		sed -i "s/upstream websocket { server 127.0.0.1:[0-9]\+; }/upstream websocket { server 127.0.0.1:${var}; }/" ${UCI_TEMPLATE}
 		log "Restarting nginx"
 		ubus call uci commit '{"config":"nginx"}'
 	fi
 }
 
-function generate_sulu_conn_config()
-{
+function generate_sulu_conn_config() {
 	local users SCONFIG session
 
 	users="$(_get_sulu_users)"
 	session="$(_get_sulu_session_mode)"
 	SCONFIG="$(_get_sulu_connection_config)"
 
-	json_init;
-	json_add_string 'Current-connection' 'main';
-	json_add_object 'Connections';
-		json_add_object 'main';
-		json_add_string 'toId' "$(_get_endpoint_id)";
-		json_add_string 'port' "auto";
-		json_add_string 'path' "/wss";
+	json_init
+	json_add_string 'Current-connection' 'main'
+	json_add_object 'Connections'
+	{
+		json_add_object 'main'
+		{
+			json_add_string 'toId' "$(_get_endpoint_id)"
+			json_add_string 'port' "auto"
+			json_add_string 'path' "/wss"
 
-		if [ "${session}" = "Require" ]; then
-			json_add_boolean 'useSession' 1;
-		fi
+			if [ "${session}" = "Require" ]; then
+				json_add_boolean 'useSession' 1
+			fi
 
-		json_add_string 'protocol' 'autoWs';
-		json_add_object 'overrides';
-		for f in ${users}; do
-			json_add_object "${f}";
-			json_add_string 'fromId' "self::sulu-${f}";
-			json_add_string 'publishEndpoint' "/usp/$(_get_agent_id)/${f}/endpoint";
-			json_add_string 'subscribeEndpoint' "/usp/$(_get_agent_id)/${f}/controller";
-			json_close_object;
-		done
-		json_close_object;
-		json_close_object;
-	json_close_object;
+			json_add_string 'protocol' 'autoWs'
+			json_add_object 'overrides'
+			{
+				for user in ${users}; do
+					json_add_object "${user}"
+					{
+						json_add_string 'fromId' "self::sulu-${user}"
+						json_add_string 'publishEndpoint' "/usp/$(_get_agent_id)/${user}/endpoint"
+						json_add_string 'subscribeEndpoint' "/usp/$(_get_agent_id)/${user}/controller"
+						json_close_object
+					}
+				done
+				json_close_object
+			}
+			json_close_object
+		}
+		json_close_object
+	}
 
-	json_dump > ${SCONFIG}
+	json_dump >${SCONFIG}
 }
 
-function _remove_obuspa_config()
-{
+function _remove_obuspa_config() {
 	local restart session
 
 	restart=0
@@ -169,55 +166,54 @@ function _update_obuspa_config_rbac() {
 	session="$(_get_sulu_session_mode)"
 	restart=0
 
-	for f in ${users}; do
-		local sec
+	for user in ${users}; do
+		local section
 
 		# Add mqtt
-		sec="mqtt_sulu_${f}"
-		if ! uci_get obuspa ${sec} >/dev/null 2>&1; then
-			uci_add obuspa mqtt ${sec}
-			uci_set obuspa ${sec} BrokerAddress "127.0.0.1"
-			uci_set obuspa ${sec} BrokerPort "1883"
-			uci_set obuspa ${sec} TransportProtocol "TCP/IP"
+		section="mqtt_sulu_${user}"
+		if ! uci_get obuspa ${section} >/dev/null 2>&1; then
+			uci_add obuspa mqtt ${section}
+			uci_set obuspa ${section} BrokerAddress "127.0.0.1"
+			uci_set obuspa ${section} BrokerPort "1883"
+			uci_set obuspa ${section} TransportProtocol "TCP/IP"
 			restart=1
 		fi
 
 		# Add mtp
-		sec="mtp_sulu_${f}"
-		if ! uci_get obuspa ${sec} >/dev/null 2>&1; then
-			uci_add obuspa mtp ${sec}
-			uci_set obuspa ${sec} Protocol "MQTT"
-			uci_set obuspa ${sec} ResponseTopicConfigured "/usp/${agent}/${f}/endpoint"
-			uci_set obuspa ${sec} mqtt "mqtt_sulu_$f"
+		section="mtp_sulu_${user}"
+		if ! uci_get obuspa ${section} >/dev/null 2>&1; then
+			uci_add obuspa mtp ${section}
+			uci_set obuspa ${section} Protocol "MQTT"
+			uci_set obuspa ${section} ResponseTopicConfigured "/usp/${agent}/${user}/endpoint"
+			uci_set obuspa ${section} mqtt "mqtt_sulu_$user"
 			restart=1
 		fi
 
 		# Add controller
-		sec="controller_sulu_${f}"
-		if ! uci_get obuspa ${sec} >/dev/null 2>&1; then
-			uci_add obuspa controller ${sec}
-			uci_set obuspa ${sec} EndpointID "self::sulu-${f}"
-			uci_set obuspa ${sec} Protocol "MQTT"
-			uci_set obuspa ${sec} Topic "/usp/${agent}/${f}/controller"
-			uci_set obuspa ${sec} mqtt "mqtt_sulu_$f"
-			uci_set obuspa ${sec} assigned_role_name "$f"
+		section="controller_sulu_${user}"
+		if ! uci_get obuspa ${section} >/dev/null 2>&1; then
+			uci_add obuspa controller ${section}
+			uci_set obuspa ${section} EndpointID "self::sulu-${user}"
+			uci_set obuspa ${section} Protocol "MQTT"
+			uci_set obuspa ${section} Topic "/usp/${agent}/${user}/controller"
+			uci_set obuspa ${section} mqtt "mqtt_sulu_$user"
+			uci_set obuspa ${section} assigned_role_name "$user"
 			restart=1
 		fi
 
-		obMode="$(uci_get obuspa ${sec} SessionMode)"
+		obMode="$(uci_get obuspa ${section} SessionMode)"
 		if [ "${session}" != "${obMode}" ]; then
-			uci_set obuspa ${sec} SessionMode "${session}"
+			uci_set obuspa ${section} SessionMode "${session}"
 			restart=1
 		fi
 	done
 	return "${restart}"
 }
 
-function _remove_sulu_sec()
-{
-	local sec
+function _remove_sulu_section() {
+	local section="$1"
 
-	if [[ "${1}" == *"_sulu_"* ]]; then
+	if [[ "${section}" == *"_sulu_"* ]]; then
 		uci_remove obuspa ${1}
 		return 1
 	fi
@@ -225,7 +221,7 @@ function _remove_sulu_sec()
 }
 
 function _create_acl() {
-        local agentid users restart
+	local agentid users restart
 	local ACL_FILE
 
 	restart="0"
@@ -242,13 +238,13 @@ function _create_acl() {
 
 	users="$(_get_sulu_users)"
 	agentid="$(_get_agent_id)"
-	for f in ${users}; do
-		if ! grep -q "user $f" ${ACL_FILE}; then
-			echo "user ${f}" >> ${ACL_FILE}
-			echo "topic read  /usp/${agentid}/${f}/controller/reply-to/#" >> ${ACL_FILE}
-			echo "topic write /usp/${agentid}/${f}/endpoint/#" >> ${ACL_FILE}
-			echo "topic read  /usp/${agentid}/${f}/controller/#" >> ${ACL_FILE}
-			echo "" >> ${ACL_FILE}
+	for user in ${users}; do
+		if ! grep -q "user $user" ${ACL_FILE}; then
+			echo "user ${user}" >>${ACL_FILE}
+			echo "topic read  /usp/${agentid}/${user}/controller/reply-to/#" >>${ACL_FILE}
+			echo "topic write /usp/${agentid}/${user}/endpoint/#" >>${ACL_FILE}
+			echo "topic read  /usp/${agentid}/${user}/controller/#" >>${ACL_FILE}
+			echo "" >>${ACL_FILE}
 			restart="1"
 		fi
 	done
@@ -259,17 +255,16 @@ function _create_acl() {
 	fi
 }
 
-function update_obuspa_config()
-{
+function update_obuspa_config() {
 	local restart
 
 	restart=0
 
 	uci_load obuspa
 	_remove_obuspa_config
-	restart="$(( restart + $? ))"
+	restart="$((restart + $?))"
 	_update_obuspa_config_rbac
-	restart="$(( restart + $? ))"
+	restart="$((restart + $?))"
 	uci_commit obuspa
 
 	if [ "${_RESTART_SERVICES}" -eq "1" -a "${restart}" -gt "0" ]; then
@@ -278,8 +273,7 @@ function update_obuspa_config()
 	fi
 }
 
-function configure_sulu()
-{
+function configure_sulu() {
 	local sys_cred restart
 
 	sys_cred="${1}"