diff --git a/.env.sample b/.env.sample
index d510689..91289fd 100644
--- a/.env.sample
+++ b/.env.sample
@@ -4,3 +4,18 @@ DOMAIN=workadventure.example.com
 ## Domain aliases
 #EXTRA_DOMAINS=', `www.workadventure.example.com`'
 LETS_ENCRYPT_ENV=production
+
+DEBUG_MODE=true
+JITSI_URL=meet.jit.si
+# If your Jitsi environment has authentication set up, you MUST set JITSI_PRIVATE_MODE to "true" and you MUST pass a SECRET_JITSI_KEY to generate the JWT secret
+JITSI_PRIVATE_MODE=false
+JITSI_ISS=
+SECRET_JITSI_KEY=
+
+# URL of the TURN server (needed to "punch a hole" through some networks for P2P connections)
+TURN_SERVER=
+TURN_USER=
+TURN_PASSWORD=
+
+# The URL used by default, in the form: "/_/global/map/url.json"
+START_ROOM_URL=/_/global/maps.workadventu.re/Floor0/floor0.json
diff --git a/README.md b/README.md
index 9250c7c..5154995 100644
--- a/README.md
+++ b/README.md
@@ -3,14 +3,14 @@
 A collaborative web application (virtual office) presented as a 16-bit RPG video game • https://github.com/thecodingmachine/workadventure
 
 <!-- metadata -->
-* **Category**:
-* **Status**: 
-* **Image**: [`workadventure`](https://hub.docker.com/r/workadventure/workadventure)
-* **Healthcheck**: 
-* **Backups**: 
-* **Email**: 
-* **Tests**: 
-* **SSO**: 
+* **Category**: Apps
+* **Status**: ❹💣
+* **Image**: [`thecodingmachine/workadventure*`](https://hub.docker.com/r/thecodingmachine/)
+* **Healthcheck**: No
+* **Backups**: No
+* **Email**: No
+* **Tests**: No
+* **SSO**: No
 <!-- endmetadata -->
 
 ## Basic usage
diff --git a/abra.sh b/abra.sh
new file mode 100644
index 0000000..17d3f3e
--- /dev/null
+++ b/abra.sh
@@ -0,0 +1 @@
+export CERTDUMPER_POST_VERSION=v1
diff --git a/certdumper_post.sh b/certdumper_post.sh
new file mode 100644
index 0000000..2277179
--- /dev/null
+++ b/certdumper_post.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+cd /output || exit
+
+# shellcheck disable=SC2010
+ls | grep -v private | grep -v "$DOMAIN" | xargs -r rm -r
diff --git a/compose.yml b/compose.yml
index 662a96c..9d83d6d 100644
--- a/compose.yml
+++ b/compose.yml
@@ -1,31 +1,70 @@
----
 version: "3.8"
-
 services:
   app:
-    image: nginx:1.19.2
+    image: thecodingmachine/workadventure-front:v1.3.0
     networks:
       - proxy
+    environment:
+      DEBUG_MODE: "$DEBUG_MODE"
+      JITSI_URL: $JITSI_URL
+      JITSI_PRIVATE_MODE: "$JITSI_PRIVATE_MODE"
+      API_URL: "pusher.${DOMAIN}"
+      TURN_SERVER: "${TURN_SERVER}"
+      TURN_USER: "${TURN_USER}"
+      TURN_PASSWORD: "${TURN_PASSWORD}"
+      START_ROOM_URL: "${START_ROOM_URL}"
     deploy:
       restart_policy:
         condition: on-failure
       labels:
         - "traefik.enable=true"
-        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
-        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
-        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
-        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        ## Redirect from EXTRA_DOMAINS to DOMAIN
-        #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
-        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
-        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost"]
-      interval: 30s
-      timeout: 10s
-      retries: 10
-      start_period: 1m
-
+        - "traefik.http.services.${STACK_NAME}-app.loadbalancer.server.port=80"
+        - "traefik.http.routers.${STACK_NAME}-app.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
+        - "traefik.http.routers.${STACK_NAME}-app.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}-app.tls.certresolver=${LETS_ENCRYPT_ENV}"
+        - coop-cloud.${STACK_NAME}.app.version=master-ffce89aa
+  pusher:
+    image: thecodingmachine/workadventure-pusher:master
+    command: yarn run runprod
+    networks:
+      - proxy
+    environment:
+      SECRET_JITSI_KEY: "$SECRET_JITSI_KEY"
+      SECRET_KEY: yourSecretKey
+      API_URL: back:50051
+      JITSI_URL: $JITSI_URL
+      JITSI_ISS: $JITSI_ISS
+    deploy:
+      restart_policy:
+        condition: on-failure
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.services.${STACK_NAME}-pusher.loadbalancer.server.port=8080"
+        - "traefik.http.routers.${STACK_NAME}-pusher.rule=Host(`pusher.${DOMAIN}`)"
+        - "traefik.http.routers.${STACK_NAME}-pusher.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}-pusher.tls.certresolver=${LETS_ENCRYPT_ENV}"
+        - coop-cloud.${STACK_NAME}.pusher.version=master-b64e57f5
+  back:
+    image: thecodingmachine/workadventure-back:v1.3.0
+    command: yarn run runprod
+    networks:
+      - proxy
+    environment:
+      SECRET_JITSI_KEY: "$SECRET_JITSI_KEY"
+      ADMIN_API_TOKEN: "$ADMIN_API_TOKEN"
+      ADMIN_API_URL: "$ADMIN_API_URL"
+      JITSI_URL: $JITSI_URL
+      JITSI_ISS: $JITSI_ISS
+    deploy:
+      restart_policy:
+        condition: on-failure
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.services.${STACK_NAME}-back.loadbalancer.server.port=8080"
+        - "traefik.http.routers.${STACK_NAME}-back.rule=Host(`api.${DOMAIN}`)"
+        - "traefik.http.routers.${STACK_NAME}-back.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}-back.tls.certresolver=${LETS_ENCRYPT_ENV}"
+        - coop-cloud.${STACK_NAME}.back.version=master-bfadc487
 networks:
   proxy:
     external: true