diff --git a/jenkins/docker-compose/jenkins/docker-compose.yaml b/jenkins/docker-compose/jenkins/docker-compose.yaml
new file mode 100644
index 0000000..210368a
--- /dev/null
+++ b/jenkins/docker-compose/jenkins/docker-compose.yaml
@@ -0,0 +1,11 @@
+services:
+  jenkins:
+    image: jenkins/jenkins:lts
+    ports:
+      - "8080:8080"
+    volumes:
+      - jenkins_home:/var/jenkins_home
+  ssh-agent:
+    image: jenkins/ssh-agent
+volumes:
+  jenkins_home:
diff --git a/jenkins/docker/Dockerfile b/jenkins/docker/Dockerfile
new file mode 100644
index 0000000..e69de29
diff --git a/keycloak/docker-compose/keycloak/.env b/keycloak/docker-compose/keycloak/.env
index f1343df..e07be30 100644
--- a/keycloak/docker-compose/keycloak/.env
+++ b/keycloak/docker-compose/keycloak/.env
@@ -1,8 +1 @@
-KEYCLOAK_REALM=magnolia
-KEYCLOAK_CLIENT_ID_AUTHOR=author.ucsintranet
-KEYCLOAK_CLIENT_ID_PUBLIC=ucsintranet
-KEYCLOAK_AUTH_URL=http://keycloak.ucsintranet.at:5070/
-KEYCLOAK_SSL_REQUIRED=external
-KEYCLOAK_CREDENTIALS_SECRET_AUTHOR=jS60AKrWTE9j38FPzs5nu3tpkWCQ1rs4
-KEYCLOAK_CREDENTIALS_SECRET_PUBLIC=XSeCqIY5Uw9km6FBoFG75vav61sUIGz7
-KC_HOSTNAME=keycloak.ucsintranet.at
+KC_HOSTNAME=keycloak.rschneider.hu
diff --git a/keycloak/docker-compose/keycloak/docker-compose.yaml b/keycloak/docker-compose/keycloak/docker-compose.yaml
index 8bb3c72..2e0902e 100644
--- a/keycloak/docker-compose/keycloak/docker-compose.yaml
+++ b/keycloak/docker-compose/keycloak/docker-compose.yaml
@@ -5,7 +5,6 @@ services:
     image: quay.io/keycloak/keycloak:24.0.4
     volumes:
       - ./services/keycloak/themes:/opt/keycloak/themes
-#      - ./services/keycloak/data/import:/opt/keycloak/data/import
     environment:
       KC_DB: mariadb
       KC_DB_URL: jdbc:mariadb://keycloak-db:3306/keycloak
@@ -20,14 +19,14 @@ services:
       KC_METRICS_ENABLED: "true"
       KC_HEALTH_ENABLED: "true"
       KEYCLOAK_ADMIN: "admin"
-      KEYCLOAK_ADMIN_PASSWORD: "admin"
+      KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
 
 #    command: start-dev --import-realm
     #    command: start-dev
     depends_on:
       - keycloak-db
     ports:
-      - 4103:8080
+      - 4107:8080
     networks:
       - keycloak-network
 
diff --git a/ldap/docker-compose/ldap/docker-compose.yaml b/ldap/docker-compose/ldap/docker-compose.yaml
index 0e4adc3..fa38857 100644
--- a/ldap/docker-compose/ldap/docker-compose.yaml
+++ b/ldap/docker-compose/ldap/docker-compose.yaml
@@ -15,15 +15,15 @@ services:
         - LDAP_ORGANISATION=rschneider
         - LDAP_DOMAIN=rschneider.hu
         - LDAP_ADMIN_USERNAME=admin
-        - LDAP_ADMIN_PASSWORD=admin_pass
-        - LDAP_CONFIG_PASSWORD=config_pass
+        - LDAP_ADMIN_PASSWORD=${LDAP_ADMIN_PASSWORD}
+        - LDAP_CONFIG_PASSWORD=${LDAP_CONFIG_PASSWORD}
         - "LDAP_BASE_DN=dc=rschneider,dc=hu"
 #        - LDAP_TLS_CRT_FILENAME=server.crt
 #        - LDAP_TLS_KEY_FILENAME=server.key
 #        - LDAP_TLS_CA_CRT_FILENAME=alibnr.com.ca.crt
         - LDAP_READONLY_USER=true
         - LDAP_READONLY_USER_USERNAME=user-ro
-        - LDAP_READONLY_USER_PASSWORD=ro_pass
+        - LDAP_READONLY_USER_PASSWORD=${LDAP_RO_PASSWORD}
     networks:
       - openldap
 
diff --git a/nexus/docker-compose/docker-compose.yaml b/nexus/docker-compose/docker-compose.yaml
index bee915f..f875cec 100644
--- a/nexus/docker-compose/docker-compose.yaml
+++ b/nexus/docker-compose/docker-compose.yaml
@@ -6,7 +6,8 @@ services:
     volumes:
       - "nexus-data:/sonatype-work"
     ports:
-      - "8081:8081"
-      - "8085:8085"
+      - "4108:8081"
+      - "4109:8085"
+      - "4110:8085"
 volumes:
   nexus-data: {}
diff --git a/readme.md b/readme.md
index 4c7e623..f277293 100644
--- a/readme.md
+++ b/readme.md
@@ -4,12 +4,17 @@
 
 router redirects port range 4100-4200 to the infra server
 
-| port | service  | description    |
-|------|----------|----------------|
-| 4100 | gitea    | web            |
-| 4101 | gitea    | ssh            |
-| 4102 | xwiki    | web            |
-| 4103 | keycloak | web            |
-| 4104 | ldap     | web            |
-| 4105 | ldap     | ldap/slapd     |
-| 4106 | ldap     | ldap/slapd/ssl |
+| port | service     | description     |
+|------|-------------|-----------------|
+| 4100 | gitea       | web             |
+| 4101 | gitea       | ssh             |
+| 4102 | xwiki       | web             |
+| 4103 | keycloak    | web             |
+| 4104 | ldap        | web /phpldap    |
+| 4105 | ldap        | ldap/slapd      |
+| 4106 | ldap        | ldap/slapd/ssl  |
+| 4107 | keycloak    | keycloak web    |
+| 4108 | nexus       | admin web       |
+| 4109 | nexus       | admin web       |
+| 4110 | nexus       | docker registry |
+| 4111 | vaultwarden | web             |
diff --git a/vaultwarden/docker-compose/vaultwarden/docker-compose.yaml b/vaultwarden/docker-compose/vaultwarden/docker-compose.yaml
new file mode 100644
index 0000000..f8adf63
--- /dev/null
+++ b/vaultwarden/docker-compose/vaultwarden/docker-compose.yaml
@@ -0,0 +1,12 @@
+services:
+  vaultwarden:
+    image: vaultwarden/server:latest
+    container_name: vaultwarden
+    restart: always
+    environment:
+      # DOMAIN: "https://vaultwarden.example.com"  # required when using a reverse proxy; your domain; vaultwarden needs to know it's https to work properly with attachments
+      SIGNUPS_ALLOWED: "true" # Deactivate this with "false" after you have created your account so that no strangers can register
+    volumes:
+      - ./vw-data:/data # the path before the : can be changed
+    ports:
+      - 4111:80 # you can replace the 11001 with your preferred port