diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml
index f487f48..f94b077 100755
--- a/nextcloud/docker-compose.yml
+++ b/nextcloud/docker-compose.yml
@@ -4,7 +4,7 @@ services:
     container_name: nextcloud-aio-mastercontainer
     restart: always
     ports:
-      - "${AIO_PORT:-8081}:8080"
+      - "${AIO_PORT}:8080"
     volumes:
       - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
       - /var/run/docker.sock:/var/run/docker.sock:ro
@@ -15,8 +15,6 @@ services:
     networks:
       - nextcloud-aio
       - web
-    env_file:
-      - ../.env
 
 volumes:
   nextcloud_aio_mastercontainer:
@@ -25,3 +23,5 @@ networks:
   nextcloud-aio:
   web:
     external: true
+
+
diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml
index f1cef20..d3e8d71 100755
--- a/traefik/docker-compose.yml
+++ b/traefik/docker-compose.yml
@@ -10,7 +10,7 @@ services:
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock:ro
       - ${STORAGE_PATH}/traefik/certs:/certs:rw
-      - ${STORAGE_PATH}/traefik/dynamic:/dynamic:ro
+      - ./dynamic:/dynamic:ro
       - ${STORAGE_PATH}/traefik/letsencrypt:/letsencrypt
     networks:
       - web
@@ -44,6 +44,9 @@ services:
       - "--providers.file.directory=/dynamic"
       - "--providers.file.watch=true"
 
+    environment:
+      - DOMAIN=${DOMAIN}
+
 networks:
   web:
     external: true
diff --git a/traefik/dynamic/nextcloud.yml b/traefik/dynamic/nextcloud.yml
new file mode 100644
index 0000000..7780633
--- /dev/null
+++ b/traefik/dynamic/nextcloud.yml
@@ -0,0 +1,38 @@
+http:
+  routers:
+    nextcloud:
+      rule: 'Host(`nextcloud.{{ env "DOMAIN" }}`)'
+      entryPoints:
+        - websecure
+      service: nextcloud
+      middlewares:
+        - nextcloud-chain
+      tls:
+        certResolver: letsencrypt
+
+  services:
+    nextcloud:
+      loadBalancer:
+        servers:
+          - url: "http://nextcloud-aio-apache:11000"
+
+  middlewares:
+    nextcloud-secure-headers:
+      headers:
+        hostsProxyHeaders:
+          - X-Forwarded-Host
+        customRequestHeaders:
+          X-Forwarded-Proto: https
+        referrerPolicy: same-origin
+
+    nextcloud-dav:
+      redirectRegex:
+        regex: "^https://([^/]+)/.well-known/(card|cal)dav"
+        replacement: "https://${1}/remote.php/dav/"
+        permanent: true
+
+    nextcloud-chain:
+      chain:
+        middlewares:
+          - nextcloud-dav
+          - nextcloud-secure-headers
diff --git a/traefik/dynamic/tls.yaml b/traefik/dynamic/tls.yaml
new file mode 100644
index 0000000..091631f
--- /dev/null
+++ b/traefik/dynamic/tls.yaml
@@ -0,0 +1,4 @@
+tls:
+  certificates:
+    - certFile: /certs/local.crt
+      keyFile: /certs/local.key