diff --git a/.env.example b/.env.example
index 673662d..02acd83 100644
--- a/.env.example
+++ b/.env.example
@@ -1,13 +1,18 @@
 # Service name
 #
 SERVICE_NAME=freeipa
-IP_ADDRESS=10.10.10.68
-EXTERNAL_PORT=8443
+
+# FreeIPA hostname
+#
+FREEIPA_HOST=dss1.test.local
+
+FREEIPA_PASS=
 
 # Docker image
 #
-#DOCKER_IMAGE_FREEIPA=vasyakrg/freeipa
-DOCKER_IMAGE_FREEIPA=freeipa/freeipa-server
+#add LETSENCRYPT generator
+DOCKER_IMAGE_FREEIPA=vasyakrg/freeipa
+#DOCKER_IMAGE_FREEIPA=freeipa/freeipa-server
 DOCKER_IMAGE_BACKUP=vasyakrg/backup
 
 # Container name
@@ -15,6 +20,9 @@ DOCKER_IMAGE_BACKUP=vasyakrg/backup
 CONTAINER_NAME_FREEIPA=server
 CONTAINER_NAME_BACKUP=backup
 
+USE_LETSENCRYPT_CERTS=yes
+LETSENCRYPT_EMAIL=test@gmail.com
+
 # Backup settings
 #
 BACKUP_DIR=/srv/backup
@@ -26,20 +34,10 @@ S3_HOST_BASE=
 S3_BACKET=
 S3_PATH=
 
-# FreeIPA IP
-#
-IPA_SERVER_IP=
-
 # DNS settings
 #
 #DNS_SERVER=8.8.8.8
 #DNS_SEARCH=
 
-# FreeIPA hostname
-#
-FREEIPA_HOST=dss1.test.local
-FREEIPA_REALM=TEST.LOCAL
-
-FREEIPA_PASS=
-
 SERVICE_DATA=/srv/services/freeipa/data
+WEBPROXY_DATA=/srv/services/data/webproxy
diff --git a/docker-compose.yml b/docker-compose.yml
index 8f018fb..e13c138 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -4,6 +4,8 @@ services:
   # backup:
   #   image: ${DOCKER_IMAGE_BACKUP}
   #   container_name: ${SERVICE_NAME}_${CONTAINER_NAME_BACKUP}
+  #   depends_on:
+  #     - freeipa
   #   command: freeipa backup --service freeipa_${FREEIPA_HOST} --data /data --cert /data/cert --storage S3://${S3_PATH} --container ${SERVICE_NAME}_${CONTAINER_NAME_FREEIPA}
   #   volumes:
   #     - /var/run/docker.sock:/var/run/docker.sock
@@ -22,20 +24,19 @@ services:
   #   tmpfs:
   #     - /tmp
   #   networks:
-  #     - freeipa
+  #     - ${SERVICE_NAME}
 
   freeipa:
     image: ${DOCKER_IMAGE_FREEIPA}
     container_name: ${SERVICE_NAME}_${CONTAINER_NAME_FREEIPA}
     volumes:
     - ${SERVICE_DATA}:/data
-    # - ${WEBPROXY_DATA}/certs/${FREEIPA_HOST}:/data/cert:Z
+    - ${WEBPROXY_DATA}/certs/${FREEIPA_HOST}:/data/cert:Z
     - /sys/fs/cgroup:/sys/fs/cgroup:ro
     tmpfs:
     - /run
     - /tmp
     ports:
-    - ${IP_ADDRESS}:${EXTERNAL_PORT}:443
     - "389:389"
     - "636:636"
     - "88:88"
@@ -47,18 +48,18 @@ services:
     - "9443:9443"
     - "9444:9444"
     - "9445:9445"
+    expose:
+    - 80
+    - 443
     environment:
     - FREEIPA_HOST=${FREEIPA_HOST}
     - IPA_SERVER_IP=${IPA_SERVER_IP}
-    # - IPA_SERVER_INSTALL_OPTS=-U -r {FREEIPA_OPTS}
     - VIRTUAL_PROTO=https
     - VIRTUAL_PORT=443
     - VIRTUAL_HOST=${FREEIPA_HOST}
-    # - PASSWORD=${FREEIPA_PASS}
-    # - HTTPS_METHOD=noredirect
-    # - USE_LETSENCRYPT_CERTS=${USE_LETSENCRYPT_CERTS}
-    # - LETSENCRYPT_HOST=${FREEIPA_HOST}
-    # - LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL}
+    - USE_LETSENCRYPT_CERTS=${USE_LETSENCRYPT_CERTS}
+    - LETSENCRYPT_HOST=${FREEIPA_HOST}
+    - LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL}
     hostname: ${FREEIPA_HOST}
     restart: always
     sysctls:
@@ -68,8 +69,12 @@ services:
     cap_add:
       - SYS_TIME
     networks:
-    - freeipa
+    - ${SERVICE_NAME}
+    - ${WEBPROXY_NETWORK}
 
 networks:
   freeipa:
     name: ${SERVICE_NAME}
+  webproxy:
+    external:
+      name: ${WEBPROXY_NETWORK}