diff --git a/.env.example b/.env.example
index 3a4146beb658635bcc8310a19b38a2f83b20d6bd..5fd859b352f20e8202e815ed711204e278391e2c 100644
--- a/.env.example
+++ b/.env.example
@@ -4,7 +4,7 @@ COMPOSE_FILE=docker-compose.yml:docker-compose.local.yml
 
 # Server
 DOMAIN=localhost
-SHARED_STORAGE_PATH=./nextcloud-shared-storage
+SHARED_STORAGE_PATH=/mnt/shared_storage/nextcloud
 
 # mail
 SMTP_SECURE=tls
@@ -30,6 +30,8 @@ NEXTCLOUD_DOCKER_IMG=registry.gitlab.e.foundation/e/infra/ecloud/nextcloud/slim:
 NEXTCLOUD_ADMIN_USER=admin
 NEXTCLOUD_ADMIN_PASSWORD=@dm1n
 NEXTCLOUD_TRUSTED_DOMAINS=nginx
+TRUSTED_PROXIES=
+OVERWRITEPROTOCOL=
 SENTRY_DSN=
 SENTRY_PUBLIC_DSN=
 
diff --git a/.gitignore b/.gitignore
index d6588b0eb1266a2c365264c0ca12c307894d9025..986991d23b03ef968e843f16de2e9ae5008eec70 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,4 @@
 .idea
 files
+.env
+troubleshoot/
diff --git a/README.md b/README.md
index 327e5bc726aa9ec3b97ebc393b400f925940b8d4..630ea2f7ab724ac6ef169f98caaa7675cf28035b 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,6 @@ By default, the `slim` Murena Workspace is configured.
 `slim` Murena Workspace
 ```
 cp .env.example .env
-mkdir -p nextcloud-shared-storage/{config,data}
 docker compose up --build -d
 ```
 
diff --git a/config/nginx/templates/default.conf.template b/config/nginx/templates/default.conf.template
index a48e4ae696fe727f8fcbf4c087117612513c30ba..fe2b6cf7cc6f982340cf7a25c271929debf85022 100644
--- a/config/nginx/templates/default.conf.template
+++ b/config/nginx/templates/default.conf.template
@@ -4,6 +4,9 @@ map $arg_v $asset_immutable {
     default ", immutable";
 }
 
+# use docker DNS resolver with limited cache value for nc update or scaling
+resolver 127.0.0.11 valid=5s;
+
 upstream php-handler {
     server ${NEXTCLOUD_ADDR};
 }
diff --git a/docker-compose.local.yml b/docker-compose.local.yml
index 1b121a54390ed7e1ddf899acbb74499324d949bb..cc75125451f951dca1eee394a93b7a18bbb08687 100644
--- a/docker-compose.local.yml
+++ b/docker-compose.local.yml
@@ -13,6 +13,8 @@ services:
       interval: 10s
       timeout: 5s
       retries: 5
+    networks:
+      - worker-network
 
   redis:
     image: redis:7.4-alpine
@@ -22,10 +24,14 @@ services:
       interval: 10s
       timeout: 5s
       retries: 5
+    networks:
+      - worker-network
 
   syslog:
     image: jumanjiman/rsyslog
     restart: unless-stopped
+    networks:
+      - worker-network
 
   nextcloud:
     build:
@@ -53,5 +59,15 @@ services:
     depends_on:
       - nextcloud
 
-volumes:
+volumes: !override
   db:
+  nextcloud-config:
+  nextcloud-data:
+
+networks:
+  proxy-network:
+    external: false
+    name: proxy-network
+  worker-network:
+    external: false
+    name: worker-network
diff --git a/docker-compose.yml b/docker-compose.yml
index 8fc391527c5fa4d162203b915de4e2ef7c6e933b..5c0b2444871bb25ae3377399829472b7317b2f8c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -10,6 +10,8 @@ services:
       - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER}
       - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD}
       - NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_TRUSTED_DOMAINS}
+      - TRUSTED_PROXIES=${TRUSTED_PROXIES}
+      - OVERWRITEPROTOCOL=${OVERWRITEPROTOCOL}
       - SMTP_SECURE=${SMTP_SECURE}
       - SMTP_PORT=${SMTP_PORT}
       - SMTP_NAME=${SMTP_NAME}
@@ -23,6 +25,9 @@ services:
     volumes:
       - nextcloud-config:/var/www/html/config
       - nextcloud-data:/var/www/html/data
+    networks:
+      - worker-network
+    hostname: ${DB_USER}-nextcloud
     deploy:
       placement:
         constraints:
@@ -34,6 +39,8 @@ services:
     volumes:
       - nextcloud-config:/var/www/html/config
       - nextcloud-data:/var/www/html/data
+    networks:
+      - worker-network
     deploy:
       placement:
         constraints:
@@ -42,24 +49,29 @@ services:
   nginx:
     image: ${NGINX_DOCKER_IMG}
     environment:
-      NEXTCLOUD_ADDR: ${NEXTCLOUD_ADDR:-nextcloud:9000}
+      NEXTCLOUD_ADDR: ${DB_USER}-nextcloud:9000
       DOMAIN: ${DOMAIN}
     volumes:
       - nextcloud-data:/var/www/html/data
+    networks:
+      - proxy-network
+      - worker-network
     deploy:
       placement:
         constraints:
           - node.role == worker
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.${COMPOSE_PROJECT_NAME:-nextcloud}.rule=Host(`${DOMAIN}`)
-      - traefik.http.routers.${COMPOSE_PROJECT_NAME:-nextcloud}.entrypoints=websecure
-      - traefik.http.routers.${COMPOSE_PROJECT_NAME:-nextcloud}.tls.certresolver=letsencrypt
-      - traefik.http.routers.${COMPOSE_PROJECT_NAME:-nextcloud}-http.rule=Host(`${DOMAIN}`)
-      - traefik.http.routers.${COMPOSE_PROJECT_NAME:-nextcloud}-http.entrypoints=web
-      - traefik.http.routers.${COMPOSE_PROJECT_NAME:-nextcloud}-http.middlewares=https-redirect
-      - traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
-      - traefik.http.services.${COMPOSE_PROJECT_NAME:-nextcloud}.loadbalancer.server.port=80
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.routers.${DB_USER}-nextcloud.rule=Host(`${DOMAIN}`)"
+        - "traefik.http.services.${DB_USER}-nextcloud.loadbalancer.server.port=80"
+
+networks:
+  proxy-network:
+    external: true
+    name: proxy-network
+  worker-network:
+    external: true
+    name: worker-network
 
 volumes:
   nextcloud-config: