diff --git a/docker-compose.yml b/docker-compose.yml
index a2f4f1a..ebd3c54 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -4,11 +4,12 @@ services:
   wireguard:
     environment:
       # Change this to your host's public address
-      - WG_HOST=vpn.pukeko.xyz
+      - WG_HOST=secure.pukeko.xyz
       - WG_PORT=51820
-      # - WG_DEFAULT_ADDRESS=10.8.0.x
-      # - WG_DEFAULT_DNS=1.1.1.1
-      # - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24
+      - WG_DEFAULT_ADDRESS=10.8.0.x
+      - WG_DEFAULT_DNS=192.168.0.66
+#      - WG_ALLOWED_IPS=192.168.0.0/24
+      - WG_ALLOWED_IPS=0.0.0.0/0
     image: weejewel/wg-easy
     container_name: wireguard
     volumes:
@@ -23,6 +24,15 @@ services:
     sysctls:
       - net.ipv4.ip_forward=1
       - net.ipv4.conf.all.src_valid_mark=1
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.wireguard.entrypoints=websecure"
+      - "traefik.http.services.wireguard.loadbalancer.server.port=51821"
+      - "traefik.http.routers.wireguard.rule=Host(`secure.pukeko.xyz`)"
+      - "traefik.http.routers.wireguard.tls.certresolver=pukekoresolver"
+      - "traefik.http.routers.wireguard.middlewares=authelia@docker"
+    networks:
+      - network
 networks:
-  default:
-    name: gerbil_network
+  network:
+    driver: bridge