diff --git a/traefik/config.yaml b/traefik/config.yaml
new file mode 100644
index 0000000..b18057a
--- /dev/null
+++ b/traefik/config.yaml
@@ -0,0 +1,12 @@
+# Self-signed Certificates for Debian / Ubuntu: 
+# apt install ssl-cert
+
+tls:
+#  certificates:
+#    - certFile: /etc/ssl/certs/ssl-cert-snakeoil.pem
+#      keyFile: /etc/ssl/private/ssl-cert-snakeoil.key
+  stores:
+    default:
+      defaultCertificate:
+        certFile: /etc/ssl/certs/ssl-cert-snakeoil.pem
+        keyFile: /etc/ssl/private/ssl-cert-snakeoil.key
diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml
new file mode 100644
index 0000000..e2036d3
--- /dev/null
+++ b/traefik/docker-compose.yml
@@ -0,0 +1,44 @@
+services:
+
+  traefik:
+    image: "traefik:latest"
+    container_name: "traefik"
+    networks:
+      - proxy
+    restart: always
+    environment:
+      - TFK_ADMIN_USER=admin
+      - TFK_ADMIN_PWD=admin
+#    command:
+#      - --log.level=DEBUG
+ #     - --log.format=json
+#      - --api.dashboard=true
+#      - --accessLog=true
+#      - --providers.docker=true
+#      - --providers.docker.exposedbydefault=false # makes it a requirement to have a traefik.enable=true
+    ports:
+      - 80:80
+      - 443:443
+      - 8080:8080
+    volumes:
+      - ./traefik.yaml:/traefik.yaml
+      - ./config.yaml:/config.yaml
+      - /etc/ssl/certs/ssl-cert-snakeoil.pem:/etc/ssl/certs/ssl-cert-snakeoil.pem:ro       # Debian/Ubuntu: Paket ssl-cert installieren!
+      - /etc/ssl/private/ssl-cert-snakeoil.key:/etc/ssl/private/ssl-cert-snakeoil.key:ro
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+
+#  whoami:
+#    image: "traefik/whoami"
+#    container_name: "simple-service"
+#    networks:
+#      - proxy
+#    labels:
+#      - "traefik.enable=false"
+#      - "traefik.http.routers.whoami.rule=Host(`alb-it-01`)"
+#      - "traefik.http.routers.whoami.entrypoints=ssl"
+#      - "traefik.http.services.whoami.loadbalancer.server.port=443"
+#      - "traefik.http.services.whoami.loadbalancer.server.scheme=https"
+
+networks:
+  proxy:
+    name: proxy
diff --git a/traefik/tls.yml b/traefik/tls.yml
new file mode 100644
index 0000000..829ba14
--- /dev/null
+++ b/traefik/tls.yml
@@ -0,0 +1,11 @@
+tls:
+  stores:
+    default:
+      defaultCertificate:
+        certFile: ./cert/cer.crt
+        keyFile: ./cert/key.key
+  certificates:
+    - certFile: ./cert/cer.crt
+      keyFile: ./cert/key.key
+      stores:
+        -default
diff --git a/traefik/traefik.yaml b/traefik/traefik.yaml
new file mode 100644
index 0000000..c12699a
--- /dev/null
+++ b/traefik/traefik.yaml
@@ -0,0 +1,36 @@
+# Globales...
+log:
+  level: "DEBUG"
+
+api:
+  insecure: true
+  dashboard: true
+
+providers:
+  docker:
+    exposedByDefault: false
+    network: "proxy"
+  file:
+    filename: /config.yaml
+ 
+ServersTransport:
+  insecureSkipVerify: true
+tcpServersTransport:
+  tls:  # erlaube self-signed ssl im backend
+    insecureSkipVerify: true
+
+# Definiere entrypoints
+entryPoints:
+  web:
+    address: ":80"
+    http:
+      redirections:
+        entrypoint:
+          to: "ssl"
+          scheme: "https"
+
+  ssl:
+    address: ":443"
+    http:
+      tls: true
+