diff --git a/authelia.yaml b/authelia.yaml
new file mode 100644
index 0000000..c15bcc5
--- /dev/null
+++ b/authelia.yaml
@@ -0,0 +1,75 @@
+version: "3.8"
+
+services:
+  authelia:
+    image: authelia/authelia:latest
+    container_name: authelia
+    hostname: authelia
+   # user: "1001:998"
+    networks:
+      - netgrimoire
+    environment:
+      - PUID=1001
+      - PGID=998
+      - TZ=America/Chicago
+    volumes:
+      - /DockerVol/authelia/config:/config
+      - /DockerVol/authelia/secrets:/secrets
+    ports:
+      # Optional: usually you do NOT need to publish this if only Caddy talks to it
+      # - "9091:9091"
+      - target: 9091
+        published: 9091
+        protocol: tcp
+        mode: ingress
+    deploy:
+      replicas: 1
+      placement:
+        constraints:
+          - node.hostname == nas
+      labels:
+        # Caddy - Authelia portal URL
+        - caddy=login.wasted-bandwidth.net
+        - caddy.reverse_proxy={{upstreams 9091}}
+
+        # Homepage
+        - homepage.group=Auth
+        - homepage.name=Authelia
+        - homepage.icon=authelia.png
+        - homepage.href=https://login.wasted-bandwidth.net
+        - homepage.description=SSO / Forward-Auth (wasted-bandwidth.net)
+
+        # Uptime Kuma
+        - kuma.authelia.http.name="Authelia"
+        - kuma.authelia.http.url=http://authelia:9091
+
+    restart: unless-stopped
+    depends_on:
+      - redis
+
+  redis:
+    image: redis:7-alpine
+    container_name: authelia-redis
+    hostname: authelia-redis
+    #user: "1001:998"
+    networks:
+      - netgrimoire
+    environment:
+      - TZ=America/Chicago
+      - PUID=1001
+      - PGID=998
+    command: >
+      sh -c "redis-server --appendonly yes --dir /data"
+    volumes:
+      - /DockerVol/authelia/redis:/data
+    deploy:
+      replicas: 1
+      placement:
+        constraints:
+          - node.hostname == nas
+ 
+    restart: unless-stopped
+
+networks:
+  netgrimoire:
+    external: true