diff --git a/swarm/stack/caddy/caddy-1.yaml b/swarm/stack/caddy/caddy-1.yaml
new file mode 100644
index 0000000..9fe5c22
--- /dev/null
+++ b/swarm/stack/caddy/caddy-1.yaml
@@ -0,0 +1,40 @@
+configs:
+  caddy-basic-content:
+    file: ./Caddyfile
+    labels:
+      caddy:
+
+services:
+  caddy:
+    image: lucaslorentz/caddy-docker-proxy:ci-alpine
+    #image: ghcr.io/serfriz/caddy-crowdsec:latest
+    #image: caddy-crowdsec
+    #image: git.netgrimoire.com/traveler/caddy-crowdsec
+    ports:
+      - 8900:80
+      - 443:443
+    environment:
+      - CADDY_INGRESS_NETWORKS=netgrimoire
+    networks:
+      - netgrimoire
+      - vpn
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /export/Docker/caddy/Caddyfile:/etc/caddy/Caddyfile
+      - /export/Docker/caddy:/data
+      #- /export/Docker/caddy/logs:/var/log/caddy # Mount logs for CrowdSec
+
+    deploy:
+      placement:
+        constraints:
+          - node.hostname == znas
+    
+    # restart: unless-stopped
+
+networks:
+  netgrimoire:
+    external: true   
+  vpn:
+    external: true 
+
+
diff --git a/swarm/stack/caddy/caddy.yaml b/swarm/stack/caddy/caddy.yaml
index 9fe5c22..d4d82b1 100644
--- a/swarm/stack/caddy/caddy.yaml
+++ b/swarm/stack/caddy/caddy.yaml
@@ -6,35 +6,53 @@ configs:
 
 services:
   caddy:
-    image: lucaslorentz/caddy-docker-proxy:ci-alpine
-    #image: ghcr.io/serfriz/caddy-crowdsec:latest
-    #image: caddy-crowdsec
-    #image: git.netgrimoire.com/traveler/caddy-crowdsec
+    image: ghcr.io/serfriz/caddy-crowdsec-geoip-ratelimit-security-dockerproxy:latest
     ports:
       - 8900:80
       - 443:443
     environment:
       - CADDY_INGRESS_NETWORKS=netgrimoire
+      - CADDY_DOCKER_EVENT_THROTTLE_INTERVAL=2000   # Prevents non-deterministic reload with CrowdSec module
+      - CROWDSEC_API_KEY=${CROWDSEC_API_KEY}
     networks:
       - netgrimoire
       - vpn
+      - crowdsec_net
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
       - /export/Docker/caddy/Caddyfile:/etc/caddy/Caddyfile
       - /export/Docker/caddy:/data
-      #- /export/Docker/caddy/logs:/var/log/caddy # Mount logs for CrowdSec
-
+      - caddy-logs:/var/log/caddy
     deploy:
       placement:
         constraints:
           - node.hostname == znas
-    
-    # restart: unless-stopped
+
+  crowdsec:
+    image: crowdsecurity/crowdsec
+    restart: unless-stopped
+    environment:
+      COLLECTIONS: "crowdsecurity/caddy crowdsecurity/http-cve crowdsecurity/whitelist-good-actors"
+      BOUNCER_KEY_CADDY: ${CROWDSEC_API_KEY}   # Pre-registers the Caddy bouncer automatically
+    volumes:
+      - crowdsec-db:/var/lib/crowdsec/data
+      - ./crowdsec/acquis.yaml:/etc/crowdsec/acquis.yaml
+      - caddy-logs:/var/log/caddy:ro
+    networks:
+      - crowdsec_net
+    deploy:
+      placement:
+        constraints:
+          - node.hostname == znas
+
+volumes:
+  caddy-logs:
+  crowdsec-db:
 
 networks:
   netgrimoire:
-    external: true   
+    external: true
   vpn:
-    external: true 
-
-
+    external: true
+  crowdsec_net:
+    driver: overlay   # Swarm overlay network
\ No newline at end of file