diff --git a/docker-compose.yml b/docker-compose.yml
index 1d48132..3927e1b 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,8 +1,6 @@
-version: '3.8'
-
 services:
   pixelbrew:
-    build: . # Das Image wird beim Start aus dem lokalen Dockerfile gebaut
+    build: .
     container_name: pixelbrew
     restart: unless-stopped
     env_file:
@@ -11,10 +9,22 @@ services:
       - NODE_ENV=production
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.pixelbrew.rule=Host(`${DOMAIN}`)"
-      - "traefik.http.routers.pixelbrew.entrypoints=websecure"
-      - "traefik.http.routers.pixelbrew.tls=true"
+      
+      # 1. Router für HTTP (Port 80), der nur auf HTTPS umleitet
+      - "traefik.http.routers.pixelbrew-http.rule=Host(`${DOMAIN}`, `www.${DOMAIN}`)"
+      - "traefik.http.routers.pixelbrew-http.entrypoints=web"
+      - "traefik.http.routers.pixelbrew-http.middlewares=https-redirect@file" # Name des Redirect-Middlewares
+
+      # 2. Router für HTTPS (Port 443), der den Traffic zur Anwendung leitet
+      - "traefik.http.routers.pixelbrew-secure.rule=Host(`${DOMAIN}`, `www.${DOMAIN}`)"
+      - "traefik.http.routers.pixelbrew-secure.entrypoints=websecure"
+      - "traefik.http.routers.pixelbrew-secure.tls=true"
+      - "traefik.http.routers.pixelbrew-secure.tls.certresolver=letsencrypt" # <-- DAS IST WICHTIG!
+
+      # 3. Service-Definition, die auf den App-Port zeigt
       - "traefik.http.services.pixelbrew.loadbalancer.server.port=3000"
+      - "traefik.http.routers.pixelbrew-secure.service=pixelbrew" # Verknüpfung mit dem Service
+
     networks:
       - traefik
     expose:
@@ -22,4 +32,4 @@ services:
 
 networks:
   traefik:
-    external: true
+    external: true
\ No newline at end of file