diff --git a/.env.sample b/.env.sample
index 4c89013..f053413 100644
--- a/.env.sample
+++ b/.env.sample
@@ -6,3 +6,9 @@ DOMAIN=lemmy.example.com
 #EXTRA_DOMAINS=', `www.lemmy.example.com`'
 
 LETS_ENCRYPT_ENV=production
+
+ADMIN_USERNAME=admin
+SECRET_ADMIN_PASSWORD_VERSION=v1
+SITE_NAME=LemmyCloud
+
+SLUR_FILTER='(fag(g|got|tard)?\b|cock\s?sucker(s|ing)?|ni((g{2,}|q)+|[gq]{2,})[e3r]+(s|z)?|mudslime?s?|kikes?|\bspi(c|k)s?\b|\bchinks?|gooks?|bitch(es|ing|y)?|whor(es?|ing)|\btr(a|@)nn?(y|ies?)|\b(b|re|r)tard(ed)?s?)'
diff --git a/compose.yml b/compose.yml
index a2c3805..384caee 100644
--- a/compose.yml
+++ b/compose.yml
@@ -3,23 +3,66 @@ version: "3.8"
 
 services:
   app:
-    image: nginx:1.20.0
-    networks:
-      - proxy
+    image: dessalines/lemmy:0.16.1
+    environment:
+      - RUST_LOG="warn,lemmy_server=info,lemmy_api=info,lemmy_api_common=info,lemmy_api_crud=info,lemmy_apub=info,lemmy_db_schema=info,lemmy_db_views=info,lemmy_db_views_actor=info,lemmy_db_views_moderator=info,lemmy_routes=info,lemmy_utils=info,lemmy_websocket=info"
+    volumes:
+      - ./lemmy.hjson:/config/config.hjson
+    depends_on:
+      - postgres
+      - pictrs
+    deploy:
+      restart_policy:
+        condition: on-failure
+      labels:
+        - "coop-cloud.${STACK_NAME}.version="
+
+  lemmy-ui:
+    image: dessalines/lemmy-ui:0.16.1
+    environment:
+      - LEMMY_INTERNAL_HOST=lemmy:8536
+      - LEMMY_EXTERNAL_HOST="${DOMAIN}"
+      - LEMMY_HTTPS=true
+    depends_on:
+      - app
     deploy:
       restart_policy:
         condition: on-failure
       labels:
         - "traefik.enable=true"
-        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
+        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=1235"
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        ## Redirect from EXTRA_DOMAINS to DOMAIN
-        #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
-        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
-        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
+        # Redirect from EXTRA_DOMAINS to DOMAIN
+        - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
         - "coop-cloud.${STACK_NAME}.version="
+
+  db:
+    image: postgres:12-alpine
+    environment:
+      - POSTGRES_USER=lemmy
+      - POSTGRES_PASSWORD=password
+      - POSTGRES_DB=lemmy
+    volumes:
+      - ./volumes/postgres:/var/lib/postgresql/data
+
+
+  pictrs:
+    image: asonix/pictrs:0.3.0-beta.12-r1
+    ports:
+      - "127.0.0.1:8537:8080"
+      - "127.0.0.1:6670:6669"
+    user: 991:991
+    volumes:
+      - ./volumes/pictrs:/mnt
+
+  web:
+    image: nginx:1.20.0
+    networks:
+      - proxy
     healthcheck:
       test: ["CMD", "curl", "-f", "http://localhost"]
       interval: 30s
diff --git a/config.hjson b/config.hjson
new file mode 100644
index 0000000..c2c1520
--- /dev/null
+++ b/config.hjson
@@ -0,0 +1,56 @@
+{
+  # for more info about the config, check out the documentation
+  # https://join-lemmy.org/docs/en/administration/configuration.html
+
+  setup: {
+    # username for the admin user
+    admin_username: "{{ env "ADMIN_USERNAME" }}"
+    # password for the admin user
+    admin_password: "{{ secret "admin_password" }}"
+    # name of the site (can be changed later)
+    site_name: "{{ env "SITE_NAME" }}"
+  }
+
+  # opentelemetry_url: "http://otel:4137"
+
+  # the domain name of your instance (eg "lemmy.ml")
+  hostname: "{{ env "DOMAIN" }}"
+  # address where lemmy should listen for incoming requests
+  bind: "0.0.0.0"
+  # port where lemmy should listen for incoming requests
+  port: 8536
+  # settings related to the postgresql database
+  # address where pictrs is available
+  pictrs_url: "http://pictrs:8080"
+  database: {
+    # name of the postgres database for lemmy
+    database: "lemmy"
+    # username to connect to postgres
+    user: "lemmy"
+    # password to connect to postgres
+    password: "password"
+    # host where postgres is running
+    host: "postgres"
+    # port where postgres can be accessed
+    port: 5432
+    # maximum number of active sql connections
+    pool_size: 5
+  }
+  slur_filter:
+    '''
+    {{ env "SLUR_FILTER" }}
+    '''
+#  # optional: email sending configuration
+#  email: {
+#    # hostname and port of the smtp server
+#    smtp_server: ""
+#    # login name for smtp server
+#    smtp_login: ""
+#    # password to login to the smtp server
+#    smtp_password: ""
+#    # address to send emails from, eg "noreply@your-instance.com"
+#    smtp_from_address: ""
+#    # whether or not smtp connections should use tls
+#    use_tls: true
+#  }
+}