diff --git a/proxy/nginx/conf.d/wakapi.conf b/proxy/nginx/conf.d/wakapi.conf
new file mode 100644
index 0000000..5960f2c
--- /dev/null
+++ b/proxy/nginx/conf.d/wakapi.conf
@@ -0,0 +1,32 @@
+# HTTP configuration
+# -- Redirect all HTTP requests to HTTPS port
+server {
+	listen 80; # HTTP port
+	server_name wakapi.systemsobscure.net;
+	location / {
+		return 301 https://$host$request_uri; # Variable is a placeholder for all requests to the server name
+	}
+}
+
+# HTTPS configuration 
+
+server {
+	listen 443 ssl;
+	server_name wakapi.systemsobscure.net;
+
+	# SSL configuration
+	ssl_certificate /etc/letsencrypt/live/systemsobscure.net/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/systemsobscure.net/privkey.pem;
+
+	# Security headers
+  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+    
+	# Proxy Configuration
+  location / {
+		proxy_pass http://wakapi:3000; # Docker network address
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+  }
+}
diff --git a/services/wakapi/docker-compose.yml b/services/wakapi/docker-compose.yml
new file mode 100644
index 0000000..ffa7ad2
--- /dev/null
+++ b/services/wakapi/docker-compose.yml
@@ -0,0 +1,13 @@
+services:
+  wakapi:
+    image: ghcr.io/muety/wakapi:latest
+    init: true
+    ports:
+      - 8004:3000
+    restart: unless-stopped
+    volumes:
+      - /mnt/storagebox_alpha/wakapi/data:/data # bind mount, no need to add named vol
+
+networks:
+  web:
+    external: true