diff --git a/README.md b/README.md
index baec327..bf3d487 100644
--- a/README.md
+++ b/README.md
@@ -22,3 +22,74 @@ Docker Log.
 
 --run-script-after=dockerlog
 
+custom log json can be set on nginx-conf.d/default.conf
+
+
+```bash
+log_format json_analytics escape=json '{'
+                    '"msec": "$msec", ' # request unixtime in seconds with a milliseconds resolution
+                    '"connection": "$connection", ' # connection serial number
+                    '"connection_requests": "$connection_requests", ' # number of requests made in connection
+                    '"pid": "$pid", ' # process pid
+                    '"request_id": "$request_id", ' # the unique request id
+                    '"request_length": "$request_length", ' # request length (including headers and body)
+                    '"remote_addr": "$remote_addr", ' # client IP
+                    '"remote_user": "$remote_user", ' # client HTTP username
+                    '"remote_port": "$remote_port", ' # client port
+                    '"time_local": "$time_local", '
+                    '"time_iso8601": "$time_iso8601", ' # local time in the ISO 8601 standard format
+                    '"request": "$request", ' # full path no arguments if the request
+                    '"request_uri": "$request_uri", ' # full path and arguments if the request
+                    '"args": "$args", ' # args
+                    '"status": "$status", ' # response status code
+                    '"body_bytes_sent": "$body_bytes_sent", ' # the number of body bytes exclude headers sent to a client
+                    '"bytes_sent": "$bytes_sent", ' # the number of bytes sent to a client
+                    '"http_referer": "$http_referer", ' # HTTP referer
+                    '"http_user_agent": "$http_user_agent", ' # user agent
+                    '"http_x_forwarded_for": "$http_x_forwarded_for", ' # http_x_forwarded_for
+                    '"http_host": "$http_host", ' # the request Host: header
+                    '"server_name": "$server_name", ' # the name of the vhost serving the request
+                    '"request_time": "$request_time", ' # request processing time in seconds with msec resolution
+                    '"upstream": "$upstream_addr", ' # upstream backend server for proxied requests
+                    '"upstream_connect_time": "$upstream_connect_time", ' # upstream handshake time incl. TLS
+                    '"upstream_header_time": "$upstream_header_time", ' # time spent receiving upstream headers
+                    '"upstream_response_time": "$upstream_response_time", ' # time spend receiving upstream body
+                    '"upstream_response_length": "$upstream_response_length", ' # upstream response length
+                    '"upstream_cache_status": "$upstream_cache_status", ' # cache HIT/MISS where applicable
+                    '"ssl_protocol": "$ssl_protocol", ' # TLS protocol
+                    '"ssl_cipher": "$ssl_cipher", ' # TLS cipher
+                    '"scheme": "$scheme", ' # http or https
+                    '"request_method": "$request_method", ' # request method
+                    '"server_protocol": "$server_protocol", ' # request protocol, like HTTP/1.1 or HTTP/2.0
+                    '"pipe": "$pipe", ' # "p" if request was pipelined, "." otherwise
+                    '"gzip_ratio": "$gzip_ratio", '
+                    '"http_cf_ray": "$http_cf_ray"'
+                    '}';
+
+access_log /var/log/nginx/access_json_analytics.log json_analytics;
+```
+
+promtail /etc/promtail/config.yml  
+
+```bash
+server:
+  http_listen_port: 9080
+  grpc_listen_port: 0
+
+positions:
+  filename: /tmp/positions.yaml
+
+clients:
+  - url: ${PROMTAIL_LOKISERVER_ADDRESS}/loki/api/v1/push
+
+scrape_configs:
+- job_name: nginx
+  static_configs:
+  - targets:
+      - localhost
+    labels:
+      job: nginx
+      host: wanreverseproxy
+      agent: promtail
+      __path__: /mnt/nginx-logs/access_json_analytics.log
+```
\ No newline at end of file
diff --git a/docker/docker-compose.yaml b/docker-compose.yaml
similarity index 65%
rename from docker/docker-compose.yaml
rename to docker-compose.yaml
index 1520c1b..a073bd2 100644
--- a/docker/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,7 +1,6 @@
-version: '3'
 services:
   nginx:
-    image: nginx-geoip:latest #https://git.limbosolutions.com/kb/nginx
+    image: git.limbosolutions.com/kb/nginx-geoip:latest
     volumes:
       - nginx-conf.d:/etc/nginx/conf.d
       - letsencrypt-conf:/etc/letsencrypt
@@ -13,10 +12,21 @@ services:
       #- 8080:8080
       - 2222:2222
     networks:
-      - public
+      - wan_reverse_proxy_public
       - private
     command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
     restart: unless-stopped
+  
+  certbot:
+    image: certbot/certbot
+    entrypoint: /bin/sh
+    command: -c "/scripts/refresh-certs"
+    volumes:
+      - letsencrypt-conf:/etc/letsencrypt
+      - certbot-www:/var/www/certbot
+      - certbot-scripts:/scripts
+    restart: unless-stopped
+
   promtail:
     image: grafana/promtail
     volumes:
@@ -27,20 +37,26 @@ services:
     command: -config.file=/etc/promtail/config.yml -config.expand-env=true
     networks:
       - private
+  
   duplicati:
     image: duplicati-mysqlclient:latest
+    command: /usr/bin/duplicati-server --webservice-port=8200 --webservice-interface=any --webservice-allowed-hostnames=*
+
     volumes:
       - duplicati_tmpdata:/data
       - nginx-conf.d:/bck/nginx-conf.d
       - letsencrypt-conf:/bck/letsencrypt-conf
       - certbot-www:/bck/certbot-www
       - duplicati_tmpdata:/bck/duplicati_tmpdata
-    #ports:
-    #  - 8205:8200
+      - certbot-scripts:/bck/certbot-scripts
+    ports:
+      - 8205:8200
     networks:
       - private
+      - wan_reverse_proxy_public
     restart: unless-stopped
 volumes:
+  certbot-scripts:
   nginx-conf.d:
   letsencrypt-conf:
   certbot-www:
@@ -49,6 +65,7 @@ volumes:
   nginx-log:
   promtail_etc:
 networks:
-  public:
+  wan_reverse_proxy_public:
+    external: true
   private:
   
\ No newline at end of file
diff --git a/docker/nginx/rootfs/etc/nginx/conf.d/default.conf b/docker/nginx/rootfs/etc/nginx/conf.d/default.conf
deleted file mode 100644
index 1d34a9f..0000000
--- a/docker/nginx/rootfs/etc/nginx/conf.d/default.conf
+++ /dev/null
@@ -1,42 +0,0 @@
-log_format json_analytics escape=json '{'
-                    '"msec": "$msec", ' # request unixtime in seconds with a milliseconds resolution
-                    '"connection": "$connection", ' # connection serial number
-                    '"connection_requests": "$connection_requests", ' # number of requests made in connection
-                    '"pid": "$pid", ' # process pid
-                    '"request_id": "$request_id", ' # the unique request id
-                    '"request_length": "$request_length", ' # request length (including headers and body)
-                    '"remote_addr": "$remote_addr", ' # client IP
-                    '"remote_user": "$remote_user", ' # client HTTP username
-                    '"remote_port": "$remote_port", ' # client port
-                    '"time_local": "$time_local", '
-                    '"time_iso8601": "$time_iso8601", ' # local time in the ISO 8601 standard format
-                    '"request": "$request", ' # full path no arguments if the request
-                    '"request_uri": "$request_uri", ' # full path and arguments if the request
-                    '"args": "$args", ' # args
-                    '"status": "$status", ' # response status code
-                    '"body_bytes_sent": "$body_bytes_sent", ' # the number of body bytes exclude headers sent to a client
-                    '"bytes_sent": "$bytes_sent", ' # the number of bytes sent to a client
-                    '"http_referer": "$http_referer", ' # HTTP referer
-                    '"http_user_agent": "$http_user_agent", ' # user agent
-                    '"http_x_forwarded_for": "$http_x_forwarded_for", ' # http_x_forwarded_for
-                    '"http_host": "$http_host", ' # the request Host: header
-                    '"server_name": "$server_name", ' # the name of the vhost serving the request
-                    '"request_time": "$request_time", ' # request processing time in seconds with msec resolution
-                    '"upstream": "$upstream_addr", ' # upstream backend server for proxied requests
-                    '"upstream_connect_time": "$upstream_connect_time", ' # upstream handshake time incl. TLS
-                    '"upstream_header_time": "$upstream_header_time", ' # time spent receiving upstream headers
-                    '"upstream_response_time": "$upstream_response_time", ' # time spend receiving upstream body
-                    '"upstream_response_length": "$upstream_response_length", ' # upstream response length
-                    '"upstream_cache_status": "$upstream_cache_status", ' # cache HIT/MISS where applicable
-                    '"ssl_protocol": "$ssl_protocol", ' # TLS protocol
-                    '"ssl_cipher": "$ssl_cipher", ' # TLS cipher
-                    '"scheme": "$scheme", ' # http or https
-                    '"request_method": "$request_method", ' # request method
-                    '"server_protocol": "$server_protocol", ' # request protocol, like HTTP/1.1 or HTTP/2.0
-                    '"pipe": "$pipe", ' # "p" if request was pipelined, "." otherwise
-                    '"gzip_ratio": "$gzip_ratio", '
-                    '"http_cf_ray": "$http_cf_ray"'
-                    '}';
-
-access_log /var/log/nginx/access_json_analytics.log json_analytics;
-
diff --git a/limbosolutions.com.code-workspace b/limbosolutions.com.code-workspace
new file mode 100644
index 0000000..e2d3ea6
--- /dev/null
+++ b/limbosolutions.com.code-workspace
@@ -0,0 +1,15 @@
+{
+	"folders": [
+		{
+			"path": "."
+		},
+		{
+			"path": "../../../mnt/nginx-conf.d",
+			"name": "volumes/nginx-conf.d"
+		},
+		{
+			"path": "../../../mnt/certbot-scripts"
+		}
+	],
+	"settings": {}
+}
\ No newline at end of file