diff --git a/.gitignore b/.gitignore
index e688f52a2..9aa665f6a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,7 +10,7 @@ gradle/
 !/src/main/resources/application.yml
 src/main/java/page/clab/api/global/auth/application/DataLoader.java
 src/main/java/page/clab/api/auth/service/DataLoader.java
-/config
+/config/whitelist.json
 
 ### STS ###
 .apt_generated
@@ -42,3 +42,6 @@ out/
 
 ### VS Code ###
 .vscode/
+
+### Environments ###
+.env
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index 285837938..4270ce55f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,8 @@
-FROM openjdk:21
-EXPOSE 8080
-COPY build/libs/clab.jar /clab.jar
-ENTRYPOINT ["java", "-jar", "-Dspring.profiles.active=stage", "/clab.jar"]
+FROM jenkins/jenkins:2.440.3-lts-jdk21
+
+USER root
+
+RUN apt-get update && \
+    apt-get install -y docker.io
+
+USER jenkins
diff --git a/config/default b/config/default
new file mode 100644
index 000000000..ca0878c8a
--- /dev/null
+++ b/config/default
@@ -0,0 +1,24 @@
+server {
+    listen 80;
+    listen [::]:80;
+    server_name $DOMAIN_API;
+
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name $DOMAIN_API;
+
+    ssl_certificate /etc/letsencrypt/live/$DOMAIN_API/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/$DOMAIN_API/privkey.pem;
+
+    location / {
+        proxy_pass $BACKEND_URL;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
diff --git a/config/nginx.conf b/config/nginx.conf
new file mode 100644
index 000000000..987eef958
--- /dev/null
+++ b/config/nginx.conf
@@ -0,0 +1,70 @@
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+    keepalive_timeout  65;
+    #gzip  on;
+
+    server {
+        listen 80;
+        listen [::]:80;
+        server_name $DOMAIN $DOMAIN_OPS;
+
+        return 301 https://$host$request_uri;
+    }
+
+    server {
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+        server_name $DOMAIN;
+
+        ssl_certificate /etc/letsencrypt/live/$DOMAIN/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/$DOMAIN/privkey.pem;
+
+        root /var/www/html;
+        index index.html index.htm index.nginx-debian.html;
+
+        location / {
+            root $STATIC_CONTENT_PATH;
+            try_files $uri $uri/ /index.html;
+        }
+    }
+
+    server {
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+        server_name $DOMAIN_OPS;
+
+        ssl_certificate /etc/letsencrypt/live/$DOMAIN_OPS/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/$DOMAIN_OPS/privkey.pem;
+
+        location / {
+            proxy_pass http://jenkins:8080;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+}
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 000000000..b67640044
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,73 @@
+version: "3.8"
+
+services:
+    nginx:
+        image: nginx
+        container_name: nginx
+        ports:
+            - "${NGINX_PORT_80}:80"
+            - "${NGINX_PORT_443}:443"
+        volumes:
+            - "${NGINX_VOLUME_PATH}:/etc/nginx:rw"
+            - "${APP_VOLUME_PATH}:/app:rw"
+            - "${LETS_ENCRYPT_VOLUME_PATH}:/etc/letsencrypt:rw"
+        environment:
+            - STATIC_CONTENT_PATH=${STATIC_CONTENT_PATH}
+            - DOMAIN=${DOMAIN}
+            - DOMAIN_OPS=${DOMAIN_OPS}
+            - DOMAIN_API=${DOMAIN_API}
+        networks:
+            - network_name
+
+    jenkins:
+        build: .
+        container_name: jenkins
+        user: "1000:1000"
+        ports:
+            - "${JENKINS_PORT_50000}:50000"
+            - "${JENKINS_PORT_8080}:8080"
+        volumes:
+            - "${JENKINS_HOME_VOLUME_PATH}:/var/jenkins_home:rw"
+            - "/var/run/docker.sock:/var/run/docker.sock"
+        environment:
+            - DOCKER_HOST=unix:///var/run/docker.sock
+        networks:
+            - network_name
+
+    openjdk21:
+        image: openjdk:21-jdk
+        container_name: openjdk21
+        command: tail -f /dev/null
+        networks:
+            - network_name
+
+    redis:
+        image: redis
+        container_name: redis
+        ports:
+            - "${REDIS_PORT}:6379"
+        environment:
+            - REDIS_PASSWORD=${REDIS_PASSWORD}
+        volumes:
+            - "${REDIS_DATA_VOLUME_PATH}:/data"
+        networks:
+            - network_name
+
+    postgres:
+        image: postgres
+        container_name: postgresql
+        ports:
+            - "${POSTGRES_PORT}:5432"
+        environment:
+            - POSTGRES_USER=${POSTGRES_USER}
+            - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
+        volumes:
+            - "${POSTGRESQL_DATA_VOLUME_PATH}:/var/lib/postgresql/data"
+        networks:
+            - network_name
+
+networks:
+    network_name:
+        driver: bridge
+        external: false
+        name: ${NETWORK_NAME}