diff --git a/contrib/docker/docker-compose.dev.yaml b/contrib/docker/docker-compose.dev.yaml
new file mode 100644
index 00000000..0fd43983
--- /dev/null
+++ b/contrib/docker/docker-compose.dev.yaml
@@ -0,0 +1,62 @@
+version: "3.3"
+services:
+  front-dev:
+    build:
+      context: ../..
+      dockerfile: front/Dockerfile
+    #image: thecodingmachine/workadventure-front:master
+    environment:
+      LIVE_RELOAD: "true"
+      NODE_ENV: "develop"
+      DEBUG_MODE: "$DEBUG_MODE"
+      JITSI_URL: "$JITSI_URL"
+      JITSI_PRIVATE_MODE: "$JITSI_PRIVATE_MODE"
+      PUSHER_URL: "https://pusher.dev.${DOMAIN}"
+      ICON_URL: "https://icon.${DOMAIN}"
+      API_URL: "pusher.dev.${DOMAIN}"
+      STUN_SERVER: "${STUN_SERVER}"
+      TURN_SERVER: "${TURN_SERVER}"
+      TURN_USER: "${TURN_USER}"
+      TURN_PASSWORD: "${TURN_PASSWORD}"
+      START_ROOM_URL: "${START_ROOM_URL}"
+      MAX_PER_GROUP: "$MAX_PER_GROUP"
+      MAX_USERNAME_LENGTH: "$MAX_USERNAME_LENGTH"
+      FALLBACK_LOCALE: "${DEFAULT_LOCALE}"
+    ports:
+      - "127.0.0.1:8011:80"
+    restart: unless-stopped
+
+  pusher-dev:
+    build:
+      context: ../..
+      dockerfile: pusher/Dockerfile
+    #image: thecodingmachine/workadventure-pusher:master
+    command: yarn run runprod
+    environment:
+      SECRET_JITSI_KEY: "$SECRET_JITSI_KEY"
+      SECRET_KEY: yourSecretKey
+      API_URL: back-dev:50051
+      JITSI_URL: $JITSI_URL
+      JITSI_ISS: $JITSI_ISS
+      FRONT_URL: https://play.dev.${DOMAIN}
+    ports:
+      - "127.0.0.1:8012:8080"
+    restart: unless-stopped
+
+  back-dev:
+    build:
+      context: ../..
+      dockerfile: back/Dockerfile
+    #image: thecodingmachine/workadventure-back:master
+    command: yarn run runprod
+    environment:
+      NODE_ENV: develop
+      SECRET_JITSI_KEY: "$SECRET_JITSI_KEY"
+      ADMIN_API_TOKEN: "$ADMIN_API_TOKEN"
+      ADMIN_API_URL: "$ADMIN_API_URL"
+      JITSI_URL: $JITSI_URL
+      JITSI_ISS: $JITSI_ISS
+      TURN_STATIC_AUTH_SECRET: "$TURN_STATIC_AUTH_SECRET"
+    ports:
+      - "127.0.0.1:8013:8080"
+    restart: unless-stopped
diff --git a/contrib/docker/docker-compose.yaml b/contrib/docker/docker-compose.yaml
index 2e6f3e7e..e9495393 100644
--- a/contrib/docker/docker-compose.yaml
+++ b/contrib/docker/docker-compose.yaml
@@ -1,45 +1,29 @@
 version: "3.3"
 services:
-  reverse-proxy:
-    image: traefik:v2.3
-    command:
-      - --log.level=WARN
-      - --providers.docker
-      - --entryPoints.web.address=:80
-    ports:
-      - "127.0.0.1:8000:80"
-    depends_on:
-      - pusher
-      - front
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-    restart: unless-stopped
-
-
   front:
     build:
       context: ../..
       dockerfile: front/Dockerfile
     #image: thecodingmachine/workadventure-front:master
     environment:
-      NODE_ENV: production
+      #LIVE_RELOAD: "true"
+      NODE_ENV: "production"
       DEBUG_MODE: "$DEBUG_MODE"
-      JITSI_URL: $JITSI_URL
+      JITSI_URL: "$JITSI_URL"
       JITSI_PRIVATE_MODE: "$JITSI_PRIVATE_MODE"
-      PUSHER_URL: https://pusher.${DOMAIN}
-      ICON_URL: https://icon.${DOMAIN}
-      API_URL: pusher.${DOMAIN}
+      PUSHER_URL: "https://pusher.${DOMAIN}"
+      ICON_URL: "https://icon.${DOMAIN}"
+      API_URL: "pusher.${DOMAIN}"
       STUN_SERVER: "${STUN_SERVER}"
       TURN_SERVER: "${TURN_SERVER}"
       TURN_USER: "${TURN_USER}"
       TURN_PASSWORD: "${TURN_PASSWORD}"
       START_ROOM_URL: "${START_ROOM_URL}"
+      MAX_PER_GROUP: "$MAX_PER_GROUP"
+      MAX_USERNAME_LENGTH: "$MAX_USERNAME_LENGTH"
       FALLBACK_LOCALE: "${DEFAULT_LOCALE}"
-    labels:
-      - "traefik.http.routers.front.rule=Host(`play.${DOMAIN}`)"
-      - "traefik.http.routers.front.entryPoints=web"
-      - "traefik.http.routers.front.service=front"
-      - "traefik.http.services.front.loadbalancer.server.port=80"
+    ports:
+      - "127.0.0.1:8001:80"
     restart: unless-stopped
 
   pusher:
@@ -55,11 +39,8 @@ services:
       JITSI_URL: $JITSI_URL
       JITSI_ISS: $JITSI_ISS
       FRONT_URL: https://play.${DOMAIN}
-    labels:
-      - "traefik.http.routers.pusher.rule=Host(`pusher.${DOMAIN}`)"
-      - "traefik.http.routers.pusher.entryPoints=web"
-      - "traefik.http.routers.pusher.service=pusher"
-      - "traefik.http.services.pusher.loadbalancer.server.port=8080"
+    ports:
+      - "127.0.0.1:8002:8080"
     restart: unless-stopped
 
   back:
@@ -76,17 +57,7 @@ services:
       JITSI_URL: $JITSI_URL
       JITSI_ISS: $JITSI_ISS
       TURN_STATIC_AUTH_SECRET: "$TURN_STATIC_AUTH_SECRET"
-    labels:
-      - "traefik.http.routers.back.rule=Host(`api.${DOMAIN}`)"
-      - "traefik.http.routers.back.entryPoints=web"
-      - "traefik.http.routers.back.service=back"
-      - "traefik.http.services.back.loadbalancer.server.port=8080"
+    ports:
+      - "127.0.0.1:8003:8080"
     restart: unless-stopped
 
-  icon:
-    image: matthiasluedtke/iconserver:v3.13.0
-    labels:
-      - "traefik.http.routers.icon.rule=Host(`icon.${DOMAIN}`)"
-      - "traefik.http.routers.icon.entryPoints=web"
-      - "traefik.http.routers.icon.service=icon"
-      - "traefik.http.services.icon.loadbalancer.server.port=8080"
diff --git a/contrib/nginx.conf b/contrib/nginx.conf
new file mode 100644
index 00000000..eb17bbcb
--- /dev/null
+++ b/contrib/nginx.conf
@@ -0,0 +1,42 @@
+# vim: syntax=conf
+
+map $http_host $krautworld_upstream {
+	hostnames;
+	default			http://127.0.0.1:8000;
+
+	icon.kraut.world	http://127.0.0.1:7999;
+
+	play.kraut.world	http://127.0.0.1:8001;
+	pusher.kraut.world	http://127.0.0.1:8002;
+	api.kraut.world		http://127.0.0.1:8003;
+	maps.kraut.world	http://127.0.0.1:8004;
+
+	play.dev.kraut.world	http://127.0.0.1:8011;
+	pusher.dev.kraut.world	http://127.0.0.1:8012;
+	api.dev.kraut.world	http://127.0.0.1:8013;
+	maps.dev.kraut.world	http://127.0.0.1:8014;
+}
+
+server {
+	listen			127.0.0.1:8443 ssl http2;
+	listen			[::1]:8443 ssl http2;
+	server_name		.kraut.world .dev.kraut.world;
+
+	ssl_certificate		/var/lib/dehydrated/certs/play.kraut.world/fullchain.pem;
+	ssl_certificate_key	/var/lib/dehydrated/certs/play.kraut.world/privkey.pem;
+
+	set $HSTS_header	"max-age=16000000";
+
+	location / {
+		proxy_pass	$krautworld_upstream;
+
+		proxy_http_version	1.1;
+		proxy_set_header        Host                    $host;
+		proxy_set_header        X-Forwarded-Proto       $scheme;
+		proxy_set_header	X-Real-IP		$remote_addr;
+		proxy_set_header        X-Forwarded-For         $proxy_add_x_forwarded_for;
+		proxy_set_header	Upgrade			$http_upgrade;
+		proxy_set_header	Connection		$connection_upgrade;
+		proxy_pass_header	Set-Cookie;
+	}
+}
diff --git a/contrib/systemd/workadventure-icon.service b/contrib/systemd/workadventure-icon.service
new file mode 100644
index 00000000..43d556e3
--- /dev/null
+++ b/contrib/systemd/workadventure-icon.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Workadventure icon service
+Requires=docker.service
+After=docker.service
+
+[Service]
+ExecStart=/usr/bin/docker run --rm -p "127.0.0.1:7999:8080" --name icon matthiasluedtke/iconserver:v3.13.0
+ExecStopPost=/usr/bin/docker rm -f icon
+
+[Install]
+WantedBy=multi-user.target