diff --git a/compose.yml b/compose.yml
index 4aaf10d..535ef3a 100644
--- a/compose.yml
+++ b/compose.yml
@@ -1,72 +1,109 @@
 services:
-  flodpodmaster:
+  flod-pod-master:
     image: git.send.nrw/sendnrw/flod-pod:latest
-    container_name: ipblock-master
+    container_name: flod-pod-master
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.flodpodmaster.rule=Host(`flod-proxy.send.nrw`)
+      - traefik.http.services.flodpodmaster.loadbalancer.server.port=8080
+      - traefik.http.routers.flodpodmaster.entrypoints=websecure
+      - traefik.http.routers.flodpodmaster.tls=true
+      - traefik.http.routers.flodpodmaster.tls.certresolver=letsencrypt
+      - traefik.http.middlewares.flodpodmaster0-redirect.redirectscheme.scheme=https
+      - traefik.http.middlewares.flodpodmaster0-redirect.redirectscheme.permanent=true
+      - traefik.http.routers.flodpodmaster0.rule=Host(`flod-proxy.send.nrw`)
+      - traefik.http.routers.flodpodmaster0.entrypoints=web
+      - traefik.http.routers.flodpodmaster0.middlewares=flodpodmaster0-redirect
+      - traefik.protocol=http
     depends_on:
-      - redis
+      - flod-redis
     networks:
-      - flod_nw
+      - traefik-net
     environment:
       # Beispiel – mehrere Listen in einer Kategorie „spam“
       BLOCKLIST_MODE: master
-      REDIS_ADDR: redis:6379
+      REDIS_ADDR: flod-redis:6379
       HASH_NAME: bl:flodpod
       MASTER_URL: https://flod-proxy.send.nrw
     #ports:
       #- "8080:8080"   # <host>:<container>
     restart: unless-stopped
-  api:
+  flod-master:
     image: git.send.nrw/sendnrw/flod:latest
-    container_name: ipblock-api
+    container_name: flod-master
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.flodmaster.rule=Host(`flod.send.nrw`)
+      - traefik.http.services.flodmaster.loadbalancer.server.port=8080
+      - traefik.http.routers.flodmaster.entrypoints=websecure
+      - traefik.http.routers.flodmaster.tls=true
+      - traefik.http.routers.flodmaster.tls.certresolver=letsencrypt
+      - traefik.http.middlewares.flodmaster0-redirect.redirectscheme.scheme=https
+      - traefik.http.middlewares.flodmaster0-redirect.redirectscheme.permanent=true
+      - traefik.http.routers.flodmaster0.rule=Host(`flod.send.nrw`)
+      - traefik.http.routers.flodmaster0.entrypoints=web
+      - traefik.http.routers.flodmaster0.middlewares=flodmaster0-redirect
+      - traefik.protocol=http
     networks:
-      - flod_nw
+      - traefik-net
     depends_on:
-      - redis
-      - importer
+      - flod-redis
+      - flod-importer
     environment:
       # Redis-Adresse schon per Docker-Netzwerk korrekt:
-      REDIS_ADDR: redis:6379
+      REDIS_ADDR: flod-redis:6379
       ROLE: worker
       TTL_HOURS: "720"
+      FLOD_IMPORT_URL: "http://flod-importer:8080"
     #ports:
       #- "8080:8080"   # <host>:<container>
     restart: unless-stopped
 
-  importer:
+  flod-importer:
     image: git.send.nrw/sendnrw/flod-ipv64-parser:latest
-    container_name: ipblock-importer
+    container_name: flod-importer
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.flodimporter.rule=Host(`flod-import.send.nrw`)
+      - traefik.http.services.flodimporter.loadbalancer.server.port=8080
+      - traefik.http.routers.flodimporter.entrypoints=websecure
+      - traefik.http.routers.flodimporter.tls=true
+      - traefik.http.routers.flodimporter.tls.certresolver=letsencrypt
+      - traefik.http.middlewares.flodimporter0-redirect.redirectscheme.scheme=https
+      - traefik.http.middlewares.flodimporter0-redirect.redirectscheme.permanent=true
+      - traefik.http.routers.flodimporter0.rule=Host(`flod-import.send.nrw`)
+      - traefik.http.routers.flodimporter0.entrypoints=web
+      - traefik.http.routers.flodimporter0.middlewares=flodimporter0-redirect
+      - traefik.protocol=http
+    environment:
+      SERVEONLY: "1"
+      DELAY: ""
+      OUTDIR: ""
+      LIST: ""
+      LISTEN: ":8080"
+      PREFIX: "http://flod-importer:8080"
     networks:
-      - flod_nw
+      - traefik-net
     restart: unless-stopped
     volumes:
       - importer-lists:/lists
 
-  redis:
+  flod-redis:
     image: redis:7-alpine
-    container_name: ipblock-redis
+    container_name: flod-redis
     ports:
       - "6379:6379"
     networks:
-      - flod_nw
+      - traefik-net
     command: ["redis-server", "/usr/local/etc/redis/redis.conf"]
     volumes:
       - redis-data:/data   # falls du doch Persistence willst
       - /home/groot/flod/redis.conf:/usr/local/etc/redis/redis.conf:ro
     restart: unless-stopped
-  
-  newt:
-    image: fosrl/newt
-    container_name: newt
-    networks:
-      - flod_nw
-    restart: unless-stopped
-    environment:
-      - PANGOLIN_ENDPOINT=
-      - NEWT_ID=
-      - NEWT_SECRET=
 
 networks:
-  flod_nw:
+  traefik-net:
+    external: true
 
 volumes:
   redis-data:
diff --git a/main.go b/main.go
index 8356409..52da4b8 100644
--- a/main.go
+++ b/main.go
@@ -179,7 +179,7 @@ func fetchAndSave(client *http.Client, t target, outDir string) error {
 // Import-Logik
 func importBlocklists() error {
 	client := &http.Client{Timeout: 60 * time.Second}
-	t := target{Name: "Catalog", URL: "http://importer:8080/lists.json"}
+	t := target{Name: "Catalog", URL: os.Getenv("FLOD_IMPORT_URL") + "/lists.json"}
 	if err := os.MkdirAll("./lists/", 0o755); err != nil {
 		fmt.Println("creating output dir", err)
 	}