diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..f10862a
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+/.env
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..57d574a
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,47 @@
+---
+version: "3"
+
+services:
+  nextcloud:
+    image: nextcloud:${NC_VERSION}
+    restart: unless-stopped
+    environment:
+      - MYSQL_HOST=db
+      - MYSQL_DATABASE=${NC_DATABASE_NAME}
+      - MYSQL_USER=${NC_DATABASE_USER}
+      - MYSQL_PASSWORD=${NC_DATABASE_PASS}
+    labels:
+      - traefik.enable=${TRAEFIK_ENABLED}
+      - traefik.docker.network=traefik
+      ### Section HTTP
+      - traefik.http.routers.http-${TRAEFIK_ROUTER}.entrypoints=http
+      # redirect to HTTPS only
+      - traefik.http.routers.http-${TRAEFIK_ROUTER}.middlewares=http-to-https
+      - traefik.http.routers.http-${TRAEFIK_ROUTER}.rule=Host(`${TRAEFIK_MATCHRULE}`)
+      ### Section HTTPS
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.entrypoints=https
+      # configure the exposed service
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.rule=Host(`${TRAEFIK_MATCHRULE}`)
+      # of course, enable TLS and it's certificate provider
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.tls=${TRAEFIK_TLSENABLED}
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.tls.certresolver=${TRAEFIK_CERTRESOLVER}
+      # specify a service so a custom port can be used
+      - traefik.http.services.${TRAEFIK_SERVICE}.loadbalancer.server.port=${TRAEFIK_SERVICE_PORT}
+    volumes:
+      - ./data/nextcloud:/var/www/html
+
+  db:
+    image: mariadb:${DB_VERSION}
+    restart: unless-stopped
+    environment:
+      - MYSQL_ROOT_PASSWORD=${DB_ROOT_PASS}
+      - MYSQL_DATABASE=${NC_DATABASE_NAME}
+      - MYSQL_USER=${NC_DATABASE_USER}
+      - MYSQL_PASSWORD=${NC_DATABASE_PASS}
+    volumes:
+      - ./data/mysql:/var/lib/mysql
+
+networks:
+  traefik:
+    external: true
+    name: ${TRAEFIK_NETWORK}
diff --git a/example.env b/example.env
new file mode 100644
index 0000000..eb464aa
--- /dev/null
+++ b/example.env
@@ -0,0 +1,18 @@
+# NextCloud environment
+NC_VERSION=22.2.6-apache
+NC_DATABASE_NAME=nextcloud
+NC_DATABASE_USER=nextcloud
+NC_DATABASE_PASS=changeme
+
+# MariaDB environment
+DB_VERSION=10.7.3
+DB_ROOT_PASS=Sup3rS3cr3tPassw0rd!
+
+# Træfik environment
+TRAEFIK_ENABLED=true
+TRAEFIK_CERTRESOLVER=letsencrypt
+TRAEFIK_MATCHRULE=cloud.domain.com
+TRAEFIK_ROUTER=cloud_domain_com
+TRAEFIK_SERVICE=cloud_domain_com
+TRAEFIK_SERVICE_PORT=80
+TRAEFIK_TLSENABLED=true