diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 0000000..5b69240
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,66 @@
+version: '3'
+services:
+  reverse-proxy:
+    image: traefik:v2.2
+    command:
+      # Try to enable this if something isn't working. Chances are, Traefik will tell you why
+      # Be careful on production as it exposes the traffic you might not want to expose
+      # --log.level=DEBUG
+      # --api.dashboard=true
+      # --api.insecure=true
+
+      --entrypoints.http.address=:80
+      --entrypoints.https.address=:443
+      --providers.docker=true
+      --api=false
+      --certificatesresolvers.letsencrypt.acme.httpchallenge=true
+      --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http
+      --certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL}
+      --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
+    restart: always
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ${DATA_DIR}/letsencrypt:/letsencrypt
+  drone-server:
+    image: drone/drone:1
+    container_name: server
+    restart: always
+    ports:
+      - 8000:80
+    volumes:
+      - ${DATA_DIR}/drone-server:/data
+    environment:
+      DRONE_GITEA_SERVER: ${DRONE_GITEA_SERVER}
+      DRONE_GITHUB_CLIENT_ID: ${DRONE_GITEA_CLIENT_ID}
+      DRONE_GITHUB_CLIENT_SECRET: ${DRONE_GITEA_CLIENT_SECRET}
+      DRONE_RPC_SECRET: ${DRONE_RPC_SECRET}
+      DRONE_SERVER_HOST: ${DRONE_SERVER_HOST}
+      DRONE_SERVER_PROTO: ${DRONE_SERVER_PROTO}
+      DRONE_USER_FILTER: ${DRONE_USER}
+      DRONE_USER_CREATE: username:${DRONE_USER},admin:true
+  labels:
+    - "traefik.http.routers.https.rule=Host(`${DRONE_SERVER_HOST}`)"
+    - "traefik.http.routers.http.rule=Host(`${DRONE_SERVER_HOST}`)"
+    - "traefik.http.routers.https.entrypoints=https"
+    - "traefik.http.routers.http.entrypoints=http"
+    - "traefik.http.routers.https.tls=true"
+    - "traefik.http.routers.https.tls.certresolver=letsencrypt"
+  drone-runner:
+    image: drone/drone-runner-docker:1
+    ports:
+      - 3000:3000
+    restart: always
+    container_name: runner
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      DRONE_RPC_PROTO: ${DRONE_SERVER_PROTO}
+      DRONE_RPC_HOST: drone-server
+      DRONE_RPC_SECRET: ${DRONE_RPC_SECRET}
+      DRONE_RUNNER_CAPACITY: 2
+      DRONE_RUNNER_NAME: ${DRONE_RUNNER_NAME}
+      DRONE_UI_USERNAME: ${DRONE_UI_USERNAME}
+      DRONE_UI_PASSWORD: ${DRONE_UI_PASSWORD}
diff --git a/env.example b/env.example
new file mode 100644
index 0000000..63f9ba7
--- /dev/null
+++ b/env.example
@@ -0,0 +1,16 @@
+DRONE_GITEA_SERVER=https://git.wownero.com
+DRONE_GITEA_CLIENT_ID=xxx
+DRONE_GITEA_CLIENT_SECRET=xxx
+DRONE_RPC_SECRET=xxx
+DRONE_SERVER_PROTO=http
+DRONE_SERVER_HOST=ci.wownero.com
+DRONE_REGISTRATION_CLOSED=false
+DRONE_USER=xxxx
+
+DRONE_RUNNER_CAPACITY=2
+DRONE_RUNNER_NAME=xxxxx
+DRONE_UI_USERNAME=xxx
+DRONE_UI_PASSWORD=xxx
+
+ACME_EMAIL=xxx@yyy.zzz
+DATA_DIR=/tmp
diff --git a/setup.sh b/setup.sh
new file mode 100644
index 0000000..524d679
--- /dev/null
+++ b/setup.sh
@@ -0,0 +1,14 @@
+# Docker install
+
+set -x
+
+apt-get remove docker docker-engine docker.io containerd runc -y
+apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
+apt-key fingerprint 0EBFCD88
+add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
+apt-get update
+apt-get install docker-ce docker-ce-cli containerd.io docker-compose -y
+systemctl enable docker
+systemctl start docker
+usermod -aG docker ${USER}