diff --git a/ldap-user-manager/.env b/ldap-user-manager/.env
new file mode 100644
index 0000000..9df03d4
--- /dev/null
+++ b/ldap-user-manager/.env
@@ -0,0 +1,11 @@
+APP_IMAGE=traefik
+APP_VERSION=v2.6.1
+
+APP_PUBLIC_IP="127.0.0.1"
+APP_NETWORK=''
+
+APP_DOMAIN=dev
+APP_ADMIN_EMAIL=admin@dev
+
+TRAEFIK_CERTRESOLV=default
+TRAEFIK_CERTRESOLV_PROVIDER=''
diff --git a/ldap-user-manager/README.md b/ldap-user-manager/README.md
new file mode 100644
index 0000000..4aa7f71
--- /dev/null
+++ b/ldap-user-manager/README.md
@@ -0,0 +1,10 @@
+# OpenLDAP Server
+
+
+## Self-serve configuration
+
+## LUM configuration
+
+For lUM, an initial config step is required:
+
+https://lum.dev.box/setup/
diff --git a/ldap-user-manager/docker-compose.debug.yml b/ldap-user-manager/docker-compose.debug.yml
new file mode 100644
index 0000000..e78ffeb
--- /dev/null
+++ b/ldap-user-manager/docker-compose.debug.yml
@@ -0,0 +1,9 @@
+
+
+services:
+    manager:
+      environment:
+        - LDAP_DEBUG=true
+        - LDAP_VERBOSE_CONNECTION_LOGS=true
+        - SESSION_DEBUG=true
+        - SMTP_LOG_LEVEL=4
\ No newline at end of file
diff --git a/ldap-user-manager/docker-compose.traefik.yml b/ldap-user-manager/docker-compose.traefik.yml
new file mode 100644
index 0000000..4b29531
--- /dev/null
+++ b/ldap-user-manager/docker-compose.traefik.yml
@@ -0,0 +1,17 @@
+networks:
+  proxy:
+    external: true
+    name: ${APP_PROXY_NETWORK}
+
+services:
+
+  manager:
+  
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.lum.entrypoints: front-http,front-https
+      traefik.http.routers.lum.rule: Host(`lum.$APP_TOP_DOMAIN`)
+      traefik.http.routers.lum.service: lum
+      traefik.http.routers.lum.tls: "true"
+      traefik.http.routers.lum.tls.certresolver: $TRAEFIK_CERTRESOLV
+      traefik.http.services.lum.loadbalancer.server.port: '80'
diff --git a/openldap/docker-compose.lum.yml b/ldap-user-manager/docker-compose.yml
similarity index 54%
rename from openldap/docker-compose.lum.yml
rename to ldap-user-manager/docker-compose.yml
index 89a33c3..92d0712 100644
--- a/openldap/docker-compose.lum.yml
+++ b/ldap-user-manager/docker-compose.yml
@@ -1,18 +1,18 @@
-
+version: "3.9"
 
 networks:
-  proxy:
-    name: ${APP_PROXY_NETWORK}
+  ldap:
+    external: true
+    name: ${APP_LDAP_NETWORK}
 
 services:
 
   manager:
     image: wheelybird/ldap-user-manager:latest
-    restart: always
+    #restart: always
 
     networks:
-      proxy:
-      default:
+      ldap:
 
     environment:
       - "SERVER_HOSTNAME=lum.$APP_TOP_DOMAIN"
@@ -29,12 +29,3 @@ services:
       # MrJK Tweaking
       - "USERNAME_REGEX=^[a-z][a-zA-Z0-9._-]{2,32}$$"
 
-    labels:
-      traefik.enable: "true"
-      traefik.http.routers.lum.entrypoints: front-http,front-https
-      traefik.http.routers.lum.rule: Host(`lum.$APP_TOP_DOMAIN`)
-      traefik.http.routers.lum.service: lum
-      traefik.http.routers.lum.tls: "true"
-      traefik.http.routers.lum.tls.certresolver: $TRAEFIK_CERTRESOLV
-      traefik.http.services.lum.loadbalancer.server.port: '80'
-
diff --git a/traefik/init.sh b/traefik/init.sh
new file mode 100755
index 0000000..c0c8920
--- /dev/null
+++ b/traefik/init.sh
@@ -0,0 +1,60 @@
+#!/bin/bash
+
+install_mkcert ()
+{
+  local url=https://github.com/FiloSottile/mkcert/releases/download/v1.4.3/mkcert-v1.4.3-linux-amd64
+  local file=${url##*/}
+
+  if [[ -f mkcert ]]; then
+    MKCERT=$PWD/mkcert
+    return
+  fi
+  if command -v mkcert >&/dev/null; then
+    MKCERT=$(command -v mkcert)
+    return
+  fi
+
+  # Install mkcert in PWD
+  wget "$url"
+  mv "$file" mkcert
+  chmod +x mkcert
+}
+
+gen_certs ()
+{
+  install_mkcert
+  DOMAIN1="domain1.org"
+  DOMAIN2="domain2.org"
+  SUBDOMAINS=$( echo {infra,paas,apps,iaas,dev,cloud,lab,adm,sv,mgmt}.$DOMAIN1 {infra,paas,apps,iaas,dev,cloud,lab,adm,sv,mgmt}.$DOMAIN2 )
+  DOMAIN=$DOMAIN1
+
+  echo $MKCERT "$DOMAIN" "*.$DOMAIN" $SUBDOMAINS
+  (
+    cd config/
+    $MKCERT "$DOMAIN" "*.$DOMAIN" $SUBDOMAINS
+  )
+  echo "INFO: Certificates has bee generated."
+  tree config
+
+}
+
+gen_htpassword ()
+{
+  CONFIG="admin:admin"
+  local dst="./config/htpasswd"
+  set -x
+
+  while IFS=: read -r user pass; do
+    ! grep -sq "^$user:" $dst  >&/dev/null || continue
+    echo "Add: $user to $dst"
+    printf "$user:$(openssl passwd -apr1 $pass)\n" >> "$dst"
+  done <<< "$CONFIG"
+}
+
+main ()
+{
+  gen_certs
+  gen_htpassword
+}
+
+main