diff --git a/conf.d/excalidraw.conf b/conf.d/excalidraw.conf
new file mode 100644
index 0000000..d07051f
--- /dev/null
+++ b/conf.d/excalidraw.conf
@@ -0,0 +1,21 @@
+server {
+    listen 80;
+    server_name excalidraw.psi.ch;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name excalidraw.psi.ch;
+
+    ssl_certificate /etc/nginx/certs/excalidraw.psi.ch.crt;
+    ssl_certificate_key /etc/nginx/private/excalidraw.psi.ch.key;
+
+    location / {
+        proxy_pass http://excalidraw:80;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 26f8707..bde5b23 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -6,14 +6,16 @@ services:
       - "80:80"
       - "443:443"
     volumes:
-      - /etc/pki/tls/certs/excalidraw.psi.ch.crt:/etc/nginx/certs/cert.crt:ro
-      - /etc/pki/tls/private/excalidraw.psi.ch.key:/etc/nginx/certs/cert.key:ro
+      - /etc/pki/tls/certs:/etc/nginx/certs:ro
+      - /etc/pki/tls/private:/etc/nginx/private:ro
       - /etc/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
-    depends_on:
-      - excalidraw
-
+      - /etc/nginx/conf.d:/etc/nginx/conf.d:ro
+    network:
+      - public
+      - backend
+  
   excalidraw:
     image: excalidraw/excalidraw:latest
     container_name: excalidraw
-    ports:
-      - "5000:80"
+    network:
+      - backend
diff --git a/nginx.conf b/nginx.conf
index 27f143f..ba1d7ac 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -19,26 +19,4 @@ http {
     sendfile        on;
     keepalive_timeout  65;
     include /etc/nginx/conf.d/*.conf;
-
-    server {
-        listen 80;
-        server_name excalidraw.psi.ch;
-        return 301 https://$host$request_uri;
-    }
-
-    server {
-        listen 443 ssl;
-        server_name excalidraw.psi.ch;
-
-        ssl_certificate /etc/nginx/certs/cert.crt;
-        ssl_certificate_key /etc/nginx/certs/cert.key;
-
-        location / {
-            proxy_pass http://excalidraw:80;
-            proxy_set_header Host $host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-Forwarded-Proto $scheme;
-        }
-    }
 }