diff --git a/docker-compose.yml b/docker-compose.yml
index 8eb15bd..9c98c0d 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -757,7 +757,45 @@ services:
     restart: unless-stopped
     profiles:
       - base
-        
+
+  traefik:
+    image: "traefik:v2.5"
+    container_name: traefik
+    command:
+      - --api.insecure=true
+      - --providers.docker=true
+      - --providers.docker.exposedbydefault=false
+      - --entrypoints.http.address=:80
+      - --entrypoints.https.address=:443
+      - --certificatesresolvers.myresolver.acme.email=${EMAIL_ADMIN}
+      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
+      - --certificatesresolvers.myresolver.acme.dnsChallenge.provider=ovh
+      - --configFile=/etc/traefik/traefik.toml
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ${DOCKER_STORAGE_PATH}/traefik/acme.json:/letsencrypt/acme.json
+      - ${DOCKER_STORAGE_PATH}/traefik/traefik.toml:/etc/traefik/traefik.toml
+    networks:
+      - public
+
+  ghost:
+    image: "ghost:latest"
+    container_name: ghost
+    environment:
+      - url=http://blog.kucharczyk.xyz
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.ghost.rule=Host(`blog.kucharczyk.xyz`)"
+      - "traefik.http.routers.ghost.entrypoints=https"
+      - "traefik.http.routers.ghost.tls.certresolver=myresolver"
+    volumes:
+      - ${DOCKER_STORAGE_PATH}/ghost/content:/var/lib/ghost/content
+    networks:
+      - public
+      
 
 networks:
   loki: