diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..2cea8d8
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,56 @@
+version: "3.8"
+
+services:
+  traefik:
+    image: traefik:latest
+    command:
+      - "--api.dashboard=true"
+      - "--providers.docker=true"
+      - "--entrypoints.http.address=:80"
+      - "--entrypoints.https.address=:443"
+      - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
+      - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http"
+      - "--certificatesresolvers.letsencrypt.acme.email=you@example.com"
+      - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - "./letsencrypt:/letsencrypt"
+    labels:
+      - "traefik.enable=true"
+
+  webapp:
+    image: your-image-name:latest
+    expose:
+      - "3000"
+    labels:
+      - "traefik.enable=true"
+
+      # HTTP Router
+      - "traefik.http.routers.http-webapp.rule=Host(`planpostai.com`) || Host(`www.planpostai.com`)"
+      - "traefik.http.routers.http-webapp.entrypoints=http"
+      - "traefik.http.routers.http-webapp.middlewares=redirect-to-https"
+
+      # HTTPS Router
+      - "traefik.http.routers.https-webapp.rule=Host(`planpostai.com`) || Host(`www.planpostai.com`)"
+      - "traefik.http.routers.https-webapp.entrypoints=https"
+      - "traefik.http.routers.https-webapp.tls=true"
+      - "traefik.http.routers.https-webapp.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.https-webapp.middlewares=redirect-to-www,gzip"
+      - "traefik.http.routers.https-webapp.service=webapp-service"
+
+      # Redirect HTTP → HTTPS
+      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
+
+      # Redirect non-www to www
+      - "traefik.http.middlewares.redirect-to-www.redirectregex.regex=^https?://(?:www\\.)?(.+)"
+      - "traefik.http.middlewares.redirect-to-www.redirectregex.replacement=https://www.$${1}"
+      - "traefik.http.middlewares.redirect-to-www.redirectregex.permanent=true"
+
+      # Enable GZIP
+      - "traefik.http.middlewares.gzip.compress=true"
+
+      # Service Definition
+      - "traefik.http.services.webapp-service.loadbalancer.server.port=3000"
diff --git a/letsencrypt/acme.json b/letsencrypt/acme.json
new file mode 100644
index 0000000..e69de29