diff --git a/.gitignore b/.gitignore
index 4643609d..2d150342 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+docker/swag.env
 client/locales
 .vercel
 .DS_Store
diff --git a/docker/config/nginx.conf b/docker/config/nginx.conf
new file mode 100644
index 00000000..f6980259
--- /dev/null
+++ b/docker/config/nginx.conf
@@ -0,0 +1,44 @@
+map $http_upgrade $connection_upgrade {
+    default upgrade;
+    '' close;
+}
+
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    server_name _;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl http2 default_server;
+    listen [::]:443 ssl http2 default_server;
+
+    # enable subfolder method reverse proxy confs
+    include /config/nginx/proxy-confs/*.subfolder.conf;
+
+    # all ssl related config moved to ssl.conf
+    include /config/nginx/ssl.conf;
+
+    # server
+    location ~ ^/(socket\.io) {
+        proxy_pass http://127.0.0.1:11000;
+        #
+        proxy_http_version 1.1;
+        proxy_redirect off;
+        proxy_request_buffering off;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $connection_upgrade;
+        proxy_read_timeout 86400;
+        proxy_set_header Referer $http_referer;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_max_temp_file_size 2048m;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:11000;
+    }
+}
diff --git a/docker/swag.env.example b/docker/swag.env.example
new file mode 100644
index 00000000..f5e265db
--- /dev/null
+++ b/docker/swag.env.example
@@ -0,0 +1,3 @@
+URL=
+
+TZ=Asia/Shanghai
diff --git a/docker/swag.yml b/docker/swag.yml
new file mode 100644
index 00000000..69316106
--- /dev/null
+++ b/docker/swag.yml
@@ -0,0 +1,18 @@
+version: "3.3"
+
+services:
+  swag:
+    image: lscr.io/linuxserver/swag:latest
+    container_name: swag
+    cap_add:
+      - NET_ADMIN
+    env_file:
+      - swag.env
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - VALIDATION=http
+    volumes:
+      - ./config/nginx.conf:/config/nginx/site-confs/default.conf:ro
+    restart: unless-stopped
+    network_mode: "host"