diff --git a/.env.sample b/.env.sample
new file mode 100644
index 0000000..c03bebc
--- /dev/null
+++ b/.env.sample
@@ -0,0 +1,5 @@
+TAG=
+APIPORT=
+BASEDIR=
+EXTRANET=
+INTRANET=
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..cf073d9
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+files/
+.env
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..f61c930
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,34 @@
+# https://docs.docker.com/compose/compose-file/compose-file-v3/
+---
+version: "3.9"
+services:
+  caddy:
+    image: caddy:${TAG:-alpine}
+    container_name: caddy
+    env_file: .env
+    restart: unless-stopped
+    deploy:
+      replicas: 1                         # in swarm set min 2
+      placement:
+        max_replicas_per_node: 1
+      update_config:
+        parallelism: 1
+        delay: 10s
+    ports:
+      - 80:80
+      - 443:443
+      - ${APIPORT:-2019}:2019
+    volumes:
+      - ${BASEDIR:-./files}/conf:/etc/caddy/
+      - ${BASEDIR:-./files}/data/:/data
+    networks:
+      - frontend
+      - backend
+
+networks:
+  frontend:
+    name: ${EXTRANET:-frontend}
+    external: true
+  backend:
+    name: ${INTRANET:-backend}
+    external: true
\ No newline at end of file
diff --git a/files/conf/Caddyfile b/files/conf/Caddyfile
new file mode 100644
index 0000000..3d85f45
--- /dev/null
+++ b/files/conf/Caddyfile
@@ -0,0 +1,2 @@
+import snippets/*
+import pages/*
\ No newline at end of file
diff --git a/files/conf/pages/example.com b/files/conf/pages/example.com
new file mode 100644
index 0000000..45d442d
--- /dev/null
+++ b/files/conf/pages/example.com
@@ -0,0 +1,4 @@
+http://example.com {
+    import auth "*"
+    respond "example.com here!"
+}
\ No newline at end of file
diff --git a/files/conf/snippets/auth b/files/conf/snippets/auth
new file mode 100644
index 0000000..1f10cc6
--- /dev/null
+++ b/files/conf/snippets/auth
@@ -0,0 +1,12 @@
+## generate pass hash (debian):
+# sudo apt install apache2-utils 
+# htpasswd -bnBC 10 "" password | tr -d ':'
+
+# user:     test
+# password: password
+
+(auth) {
+    basicauth {args.0} {
+        test $2y$10$XSrHHXUlQZeRumAc9nl7QevDzKv9H5TXVtb6nxr0Gmrk6VogHWRVK
+    }
+}
\ No newline at end of file