diff --git a/.env b/.env
new file mode 100644
index 0000000..21e213b
--- /dev/null
+++ b/.env
@@ -0,0 +1,10 @@
+APP_NAME=myserver
+APP_DOMAIN=example.com
+ACME_EMAIL=myemail@example.com
+
+# with above settings, you can visit traefik dashboard at:
+# https://traefik.example.com
+#
+# The v2ray proxy is at:
+# https://myserver.example.com/CLIENT_WSPATH
+# The CLIENT_WSPATH is specified in the Dockfile. Its default value is "allproducts".
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index 1f47bf2..d01346a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,6 @@
 # https://www.atlassian.com/git/tutorials/saving-changes/gitignore
 
-.env
+#.env
 .idea
 deploy.sh
 
diff --git a/README.md b/README.md
index a193cc0..9ee552f 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@
   - CLIENT_ID (default ad806487-2d26-4636-98b6-ab85cc8521f7)
   - CLIENT_ALTERID (default 64)
   - CLIENT_WSPATH (default /ws)
-  - VER (default 4.19.1)
+  - VER (default 4.23.1)
 - don't need custom domain and ssl certificate
 - only cost 1 pods
 
diff --git a/docker-build.sh b/docker-build.sh
index 7f7d735..693a938 100644
--- a/docker-build.sh
+++ b/docker-build.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+set -ex
 
 TAG="4.23"
 docker build -t alphacodinghub/v2ray-nginx:$TAG .
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..667d7ce
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,67 @@
+version: '3.7'
+
+services:
+  ################################################
+  ####        Traefik Proxy Setup           #####
+  ###############################################
+  traefik:
+    image: traefik:v2.2
+    restart: always
+    container_name: traefik
+    ports:
+      - '80:80' # <== http
+      - '443:443' # <== https
+    command:
+      #### Traefik CLI commands to configure Traefik! ####
+      ## API Settings - https://docs.traefik.io/operations/api/, endpoints - https://docs.traefik.io/operations/api/#endpoints ##
+      - --api.insecure=false # <== DisEnabling insecure api. Default is ture.
+      - --api.dashboard=true # <== Enabling the dashboard to view services, middlewares, routers, etc...
+      - --api.debug=true # <== Enabling additional endpoints for debugging and profiling
+      ## Log Settings (options: ERROR, DEBUG, PANIC, FATAL, WARN, INFO) - https://docs.traefik.io/observability/logs/ ##
+      - --log.level=WARN # <== Setting the level of the logs from traefik
+      ## Provider Settings - https://docs.traefik.io/providers/docker/#provider-configuration ##
+      - --providers.docker=true # <== Enabling docker as the provider for traefik
+      - --providers.docker.exposedbydefault=false # <== Don't expose every container to traefik, only expose enabled ones
+      - --providers.docker.network=web # <== Operate on the docker network named web on frontend
+      ## Entrypoints Settings - https://docs.traefik.io/routing/entrypoints/#configuration ##
+      - --entrypoints.web.address=:80 # <== Defining an entrypoint for port :80 named web
+      - --entrypoints.web-secured.address=:443 # <== Defining an entrypoint for https on port :443 named web-secured
+      ## Certificate Settings (Let's Encrypt) -  https://docs.traefik.io/https/acme/#configuration-examples ##
+      - --certificatesresolvers.mytlschallenge.acme.tlschallenge=true # <== Enable TLS-ALPN-01 to generate and renew ACME certs
+      - --certificatesresolvers.mytlschallenge.acme.email=${ACME_EMAIL} # <== Setting email for certs
+      - --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json # <== Defining acme file to store cert information
+    volumes:
+      - ./config/traefik/letsencrypt:/letsencrypt # <== Volume for certs (TLS)
+      - /var/run/docker.sock:/var/run/docker.sock # <== Volume for docker admin
+    labels:
+      #### Labels define the behavior and rules of the traefik proxy for this container ####
+      traefik.enable: true # <== Enable traefik on itself to view dashboard and assign subdomain to view it
+
+      #redirecting ALL HTTP to HTTPS
+      traefik.http.routers.http_catchall.rule: hostregexp(`{host:.*}`)
+      traefik.http.routers.http_catchall.entryPoints: web
+      traefik.http.routers.http_catchall.middlewares: redirect_https # <== apply redirect_https middleware which is defined in the below
+
+      #dashboard
+      traefik.http.routers.traefik.rule: Host(`traefik.${APP_DOMAIN}`) # <== Setting the domain for the dashboard
+      traefik.http.routers.traefik.entryPoints: web-secured
+      traefik.http.routers.traefik.tls: true
+      traefik.http.routers.traefik.tls.certresolver: mytlschallenge
+      traefik.http.routers.traefik.service: api@internal
+
+      #to define middlewares
+      traefik.http.middlewares.redirect_https.redirectscheme.scheme: https # <== define a https redirection middleware
+
+  ################################################
+  ####     v2ray server container      #####
+  ##############################################
+  v2ray:
+    image: alphacodinghub/v2ray-nginx
+    container_name: v2ray
+    restart: always
+    labels:
+      #### Labels define the behavior and rules of the traefik proxy for this container ####
+      traefik.enable: true # <== Enable traefik to proxy this container
+      traefik.http.routers.v2ray.rule: Host(`$(APP_NAME).${APP_DOMAIN}`) # <== Your Domain Name for the https rule
+      traefik.http.routers.v2ray.entrypoints: web-secured # <== Defining entrypoint for https, **ref: line 31
+      traefik.http.routers.v2ray.tls.certresolver: mytlschallenge # <== Defining certsresolvers for https
diff --git a/v2ray-compose-template.yml b/v2ray-compose-template.yml
deleted file mode 100644
index a6dcc1a..0000000
--- a/v2ray-compose-template.yml
+++ /dev/null
@@ -1,23 +0,0 @@
-version: '3.7'
-
-services:
-  ################################################
-  ####     v2ray server container      #####
-  ##############################################
-  achanchor-v2ray:
-    image: alphacodinghub/v2ray-nginx
-    container_name: achanchor-v2ray
-    restart: always
-    networks:
-      - web
-    labels:
-      #### Labels define the behavior and rules of the traefik proxy for this container ####
-      traefik.enable: true # <== Enable traefik to proxy this container
-      traefik.http.routers.achanchor-v2ray.rule: Host(`achanchor.${APP_DOMAIN}`) # <== Your Domain Name for the https rule
-      traefik.http.routers.achanchor-v2ray.entrypoints: web-secured # <== Defining entrypoint for https, **ref: line 31
-      traefik.http.routers.achanchor-v2ray.tls.certresolver: mytlschallenge # <== Defining certsresolvers for https
-
-# networks and volumes
-networks:
-  web:
-    external: true