diff --git a/servers/apoc/docker-compose.d/custom/keycloak/Dockerfile b/servers/apoc/docker-compose.d/custom/keycloak/Dockerfile
new file mode 100644
index 0000000..9c27975
--- /dev/null
+++ b/servers/apoc/docker-compose.d/custom/keycloak/Dockerfile
@@ -0,0 +1,13 @@
+FROM quay.io/keycloak/keycloak:latest as builder
+
+ENV KC_DB=postgres
+
+WORKDIR /opt/keycloak
+RUN /opt/keycloak/bin/kc.sh build
+
+FROM quay.io/keycloak/keycloak:latest
+COPY --from=builder /opt/keycloak/ /opt/keycloak/
+
+ENV KC_DB=postgres
+
+ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
\ No newline at end of file
diff --git a/servers/apoc/docker-compose.d/custom/nginx/conf.d/keycloak.conf b/servers/apoc/docker-compose.d/custom/nginx/conf.d/keycloak.conf
index 76faeae..1ddcdd1 100644
--- a/servers/apoc/docker-compose.d/custom/nginx/conf.d/keycloak.conf
+++ b/servers/apoc/docker-compose.d/custom/nginx/conf.d/keycloak.conf
@@ -7,7 +7,7 @@ server {
     real_ip_recursive on;
 
     location / {
-        proxy_pass http://keycloak;
+        proxy_pass http://keycloak$request_uri;
 
         proxy_redirect off;
         proxy_set_header Host $host;
@@ -17,4 +17,4 @@ server {
         proxy_set_header X-Forwarded-Port 443;
     }
 
-};
+}
diff --git a/servers/apoc/docker-compose.d/custom/nginx/conf.d/woodpecker.conf b/servers/apoc/docker-compose.d/custom/nginx/conf.d/woodpecker.conf
new file mode 100644
index 0000000..310b451
--- /dev/null
+++ b/servers/apoc/docker-compose.d/custom/nginx/conf.d/woodpecker.conf
@@ -0,0 +1,8 @@
+server {
+    listen 80;
+    server_name ci.ixvd.net;
+
+    location / {
+        proxy_pass http://woodpecker:8000$request_uri;
+    }
+}
\ No newline at end of file
diff --git a/servers/apoc/docker-compose.d/docker-compose.dms.yml b/servers/apoc/docker-compose.d/docker-compose.dms.yml
index afeceb7..8d20a76 100644
--- a/servers/apoc/docker-compose.d/docker-compose.dms.yml
+++ b/servers/apoc/docker-compose.d/docker-compose.dms.yml
@@ -6,7 +6,7 @@ services:
     container_name: mailserver
     # Provide the FQDN of your mail server here (Your DNS MX record should point to this value)
     hostname: mail.ixvd.net
-    env_file: ../../env/mailserver.env
+    env_file: /etc/ixvd/secrets/env/mailserver.env
     # More information about the mail-server ports:
     # https://docker-mailserver.github.io/docker-mailserver/latest/config/security/understanding-the-ports/
     # To avoid conflicts with yaml base-60 float, DO NOT remove the quotation marks.
diff --git a/servers/apoc/docker-compose.d/docker-compose.keycloak.yml b/servers/apoc/docker-compose.d/docker-compose.keycloak.yml
index 2db8ded..cf9e624 100644
--- a/servers/apoc/docker-compose.d/docker-compose.keycloak.yml
+++ b/servers/apoc/docker-compose.d/docker-compose.keycloak.yml
@@ -23,6 +23,7 @@ services:
 
   kcdb:
     image: postgres:16
+    privileged: true
     environment:
       POSTGRES_USER: keycloak
       POSTGRES_PASSWORD: keycloak
diff --git a/servers/apoc/docker-compose.d/docker-compose.woodpecker.yml b/servers/apoc/docker-compose.d/docker-compose.woodpecker.yml
new file mode 100644
index 0000000..ab1252b
--- /dev/null
+++ b/servers/apoc/docker-compose.d/docker-compose.woodpecker.yml
@@ -0,0 +1,34 @@
+version: '2.2'
+services:
+  woodpecker:
+    image: woodpeckerci/woodpecker-server:latest
+    env_file:
+      - /etc/ixvd/secrets/env/woodpecker/server.env
+      - /etc/ixvd/secrets/env/woodpecker/agent.env
+    environment:
+      WOODPECKER_OPEN: 'true'
+      WOODPECKER_HOST: https://ci.ixvd.net
+      WOODPECKER_ADMIN: raine
+      WOODPECKER_GITEA: 'true'
+      WOODPECKER_GITEA_URL: https://git.ixvd.net
+    volumes:
+      - /srv/woodpecker/data:/var/lib/woodpecker
+    networks:
+      - proxy
+      - internal
+      
+  woodpecker-agent:
+    image: woodpeckerci/woodpecker-agent
+    command: agent
+    depends_on:
+      - woodpecker
+    env_file:
+      - /etc/ixvd/secrets/env/woodpecker/agent.env
+    environment:
+      WOODPECKER_SERVER: woodpecker-server:9000
+      WOODPECKER_MAX_WORKFLOWS: 10
+    volumes:
+      - /srv/woodpecker/other/runner:/etc/woodpecker
+      - /var/run/docker.sock:/var/run/docker.sock
+    networks:
+      - internal
diff --git a/servers/apoc/docker-compose.d/docker-compose.yml b/servers/apoc/docker-compose.d/docker-compose.yml
index f5cf8c7..816e390 100644
--- a/servers/apoc/docker-compose.d/docker-compose.yml
+++ b/servers/apoc/docker-compose.d/docker-compose.yml
@@ -7,7 +7,7 @@ services:
     build: custom/nginx
     environment:
       CERTBOT_EMAIL: "webmaster@ixvd.net"
-      CERTBOT_DOMAINS: "apoc.ixvd.net,mail.ixvd.net,git.ixvd.net,my.ixvd.net"
+      # CERTBOT_DOMAINS: "apoc.ixvd.net,mail.ixvd.net,git.ixvd.net,my.ixvd.net,ci.ixvd.net"
     volumes:
       - /srv/certbot/data:/etc/letsencrypt
       - /srv/certbot/other/www:/var/www/certbot
diff --git a/servers/apoc/setup.d/20-woodpecker.sh b/servers/apoc/setup.d/20-woodpecker.sh
new file mode 100644
index 0000000..8771daf
--- /dev/null
+++ b/servers/apoc/setup.d/20-woodpecker.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+mkdir -p /srv/woodpecker/data