diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml
index 08bfe84..78b3a54 100644
--- a/traefik/docker-compose.yml
+++ b/traefik/docker-compose.yml
@@ -1,5 +1,3 @@
-version: '3.5'
-
 networks:
   default:
     driver: bridge
@@ -90,7 +88,7 @@ services:
       - watchtower
     # Always restart also at boot unless manually stopped
     restart: unless-stopped
-    # The official v2 Traefik docker image
+    # The official v3 Traefik docker image
     image: traefik:3.0
     networks:
       default:
@@ -98,12 +96,12 @@ services:
       socket_proxy: null
     env_file: live.env
     container_name: "traefik"
-    # Enables the web UI and tells Traefik to listen to docker
     command:
-      # logging
-      - "--log.filePath=/logs/traefik.log"
-      - "--log.level=DEBUG"
-      # API and Dashboard
+      # logging settings
+      # - "--log.filePath=/logs/traefik.log"
+      # - "--log.format=json"
+      - "--log.level=ERROR"
+      # Enable API and Dashboard access
       #- "--api.insecure=true"
       - "--api=true"
       - "--api.dashboard=true"
@@ -117,10 +115,9 @@ services:
       # TS3 entrypoints
       - "--entrypoints.ts-udp.address=:9987/udp"
       - "--entrypoints.ts-tcp.address=:30033"
-      # OSP rtmp entrypoints
-      #- "--entrypoints.rtmp.address=:1935"
       # Use this CA server for testing
       # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
+      # production Lets encrypt settings
       - "--certificatesresolvers.myresolver.acme.email=${EMAIL}"
       - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
       - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
@@ -130,7 +127,7 @@ services:
     labels:
       # enable watchtower for traefik
       - "com.centurylinklabs.watchtower.enable=true"
-      # Dashboard stuff
+      # Dashboard basic auth and routing
       - "traefik.enable=true"
       - "traefik.http.routers.traefik-https.rule=Host(`traefik.${DOMAIN}`)"
       - "traefik.http.routers.traefik-https.entrypoints=websecure"
@@ -139,7 +136,7 @@ services:
       - "traefik.http.routers.traefik-https.tls=true"
       - "traefik.http.routers.traefik-https.tls.certresolver=myresolver"
       - "traefik.http.middlewares.auth.basicauth.users=${TRAEFIK_USER}:${TRAEFIK_PASSWORD_HASH}"
-      # http to https redirect
+      # http to https redirect for all incoming http requests
       - "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
       - "traefik.http.middlewares.https-redirect.redirectscheme.permanent=true"
       - "traefik.http.routers.http_catchall.rule=HostRegexp(`{any:.+}`)"
@@ -154,12 +151,21 @@ services:
       #- "8080:8080"
       # TS3 ports
       - "9987:9987/udp"
-      #- "10011:10011"
       - "30033:30033"
-      # OSP rtmp ports
-      #- "1935:1935"
     volumes:
       # For certificate
-      - "./volumes/letsencrypt/acme.json:/letsencrypt/acme.json"
+      - "./data/letsencrypt:/letsencrypt"
       # For logging
-      - "./volumes/logs/traefik.log:/logs/traefik.log"
+      - "./data/logs:/logs"
+      # Docker socket
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+
+  # Test container
+  whoami:
+      image: "traefik/whoami"
+      container_name: "simple-service"
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.routers.whoami.rule=Host(`whoami.${DOMAIN}`)"
+        - "traefik.http.routers.whoami.entrypoints=websecure"
+        - "traefik.http.routers.whoami.tls.certresolver=myresolver"