diff --git a/.github/docker/entrypoint.sh b/.github/docker/entrypoint.sh
index 27e146303..d3b891de6 100644
--- a/.github/docker/entrypoint.sh
+++ b/.github/docker/entrypoint.sh
@@ -2,10 +2,30 @@
 
 #mkdir -p /var/log/supervisord/ /var/log/php8/ \
 
-cd /var/www/html
+## check for .env file and generate app keys if missing
+if [ -f /pelican-data/.env ]; then
+  echo "external vars exist."
+  rm -rf /var/www/html/.env
+else
+  echo "external vars don't exist."
+  rm -rf /var/www/html/.env
+  touch /pelican-data/.env
 
-#chmod -R 775 storage/* bootstrap/cache/
-#chown -R caddy:caddy .
+  ## manually generate a key because key generate --force fails
+  if [ -z $APP_KEY ]; then
+     echo -e "Generating key."
+     APP_KEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
+     echo -e "Generated app key: $APP_KEY"
+     echo -e "APP_KEY=$APP_KEY" > /pelican-data/.env
+  else
+    echo -e "APP_KEY exists in environment, using that."
+    echo -e "APP_KEY=$APP_KEY" > /pelican-data/.env
+  fi
+fi
+
+ln -s /pelican-data/.env /var/www/html/
+
+touch /pelican-data/database.sqlite
 
 if ! grep -q "APP_KEY=" .env || grep -q "APP_KEY=$" .env; then
   echo "Generating APP_KEY..."
@@ -22,5 +42,8 @@ php artisan migrate --force
 echo -e "Starting cron jobs."
 crond -L /var/log/crond -l 5
 
+#chmod -R 755 storage/* bootstrap/cache/
+chown -R www-data:www-data .
+
 echo -e "Starting supervisord."
 exec "$@"
diff --git a/better.Dockerfile b/better.Dockerfile
index 53a45d306..57d388812 100644
--- a/better.Dockerfile
+++ b/better.Dockerfile
@@ -1,62 +1,54 @@
 # Pelican Production Dockerfile
 
 FROM node:20-alpine AS yarn
-WORKDIR /app
-
 #FROM --platform=$TARGETOS/$TARGETARCH node:20-alpine AS yarn
 
+WORKDIR /build
+
 COPY . ./
 
-RUN --mount=type=cache,target=/root/.yarn YARN_CACHE_FOLDER=/root/.yarn yarn install --frozen-lockfile && yarn run build:production
+RUN yarn install --frozen-lockfile && yarn run build:production
 
 FROM php:8.3-fpm-alpine
 # FROM --platform=$TARGETOS/$TARGETARCH php:8.3-fpm-alpine
 
 COPY --from=composer:latest /usr/bin/composer /usr/local/bin/composer
 
-# Set working directory
 WORKDIR /var/www/html
 
 # Install dependencies
 RUN apk update && apk add --no-cache \
-    libpng-dev \
-    libjpeg-turbo-dev \
-    freetype-dev \
-    libzip-dev \
-    icu-dev \
-    zip \
-    unzip \
-    caddy \
-    #&& docker-php-ext-configure zip \
-    #&& docker-php-ext-configure gd --with-freetype --with-jpeg \
+    libpng-dev libjpeg-turbo-dev freetype-dev libzip-dev icu-dev \
+    zip unzip curl \
+    caddy ca-certificates supervisor \
     && docker-php-ext-install bcmath gd intl zip opcache pcntl posix
 
-# ca-certificates dcron curl git supervisor tar libxml2-dev
-
 # Copy the Caddyfile to the container
 COPY Caddyfile /etc/caddy/Caddyfile
 
 # Copy the application code to the container
 COPY . .
 
-COPY --from=yarn /app/public/assets ./public/assets
+COPY --from=yarn /build/public/assets ./public/assets
 
 RUN cp .env.docker .env
 
 RUN composer install --no-dev --optimize-autoloader
 
 # Set file permissions
-RUN chown -R www-data:www-data /var/www/html \
-    && chmod -R 755 /var/www/html/storage \
+RUN chmod -R 755 /var/www/html/storage \
     && chmod -R 755 /var/www/html/bootstrap/cache
 
-#RUN rm /usr/local/etc/php-fpm.conf \
-#    && echo "* * * * * /usr/local/bin/php /app/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root \
-#    && mkdir -p /var/run/php
+#echo "* * * * * /usr/local/bin/php /build/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root
 
-EXPOSE 80
+HEALTHCHECK --interval=5m --timeout=10s --start-period=5s --retries=3 \
+  CMD curl -f http://localhost/up || exit 1
+
+EXPOSE 80:2019
 EXPOSE 443
 
+VOLUME /pelican-data
+
 # Start PHP-FPM
 CMD ["sh", "-c", "php-fpm & caddy run --config /etc/caddy/Caddyfile --adapter caddyfile"]
 
diff --git a/compose.yml b/compose.yml
new file mode 100644
index 000000000..12ae387ad
--- /dev/null
+++ b/compose.yml
@@ -0,0 +1,54 @@
+x-common:
+  panel:
+    &panel-environment
+    APP_URL: "https://localhost"
+    # A list of valid timezones can be found here: http://php.net/manual/en/timezones.php
+    APP_TIMEZONE: "UTC"
+    APP_SERVICE_AUTHOR: "pelican@example.com"
+    # Uncomment the line below and set to a non-empty value if you want to use Let's Encrypt
+    # to generate an SSL certificate for the Panel.
+    ADMIN_EMAIL: "pelican@example.com"
+  mail:
+    &mail-environment
+    MAIL_DRIVER: "log"
+    # MAIL_HOST: ""
+    # MAIL_PORT: ""
+    # MAIL_FROM: ""
+    # MAIL_USERNAME: ""
+    # MAIL_PASSWORD: ""
+    # MAIL_ENCRYPTION: ""
+
+#
+# ------------------------------------------------------------------------------------------
+# DANGER ZONE BELOW
+#
+# The remainder of this file likely does not need to be changed. Please only make modifications
+# below if you understand what you are doing.
+#
+
+services:
+  panel:
+    image: panel
+    restart: always
+    ports:
+      - "80:2019"
+      - "443:443"
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+    volumes:
+      - pelican-data:/pelican-data
+    environment:
+      <<: [*panel-environment, *mail-environment]
+#      APP_ENV: "production"
+#      APP_DEBUG: "false"
+#      APP_ENVIRONMENT_ONLY: "false"
+#      SESSION_DRIVER: "file"
+
+volumes:
+  pelican-data:
+
+networks:
+  default:
+    ipam:
+      config:
+        - subnet: 172.20.0.0/16