diff --git a/.woodpecker/build.yml b/.woodpecker/build.yml
new file mode 100644
index 0000000..e561610
--- /dev/null
+++ b/.woodpecker/build.yml
@@ -0,0 +1,28 @@
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      depth: 1
+      lfs: false
+      recursive: false
+
+pipeline:
+  build:
+    image: woodpeckerci/plugin-docker-buildx
+    secrets: [docker_username, docker_password]
+    settings:
+      repo: snowd4zzle/deliciousium
+      registry: docker.io
+      dockerfile: Dockerfile
+      tags: latest
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+
+  deploy:
+    image: docker:24.0.2-cli-alpine3.18
+    commands:
+      - docker stack deploy -c service.yml deliciousium --prune
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..0f61288
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,14 @@
+FROM debian:12-slim
+
+WORKDIR /app
+COPY . .
+
+RUN apt-get -y update && apt-get install -y hugo && hugo
+
+
+FROM busybox
+
+COPY --from=0 /app/public /app
+
+WORKDIR /app
+CMD ["busybox", "httpd", "-f", "-v", "-p", "3000"]
diff --git a/service.yml b/service.yml
new file mode 100644
index 0000000..5526c42
--- /dev/null
+++ b/service.yml
@@ -0,0 +1,48 @@
+version: "3.9"
+
+services:
+  serene-docs:
+    image: snowd4zzle/deliciousium
+    environment:
+      USER_UID: 1100
+      USER_GID: 1100
+    security_opt:
+      - no-new-privileges:true
+    networks:
+      - public_lb
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+
+    deploy:
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.routers.delic.rule=Host(`deliciousium.com`)"
+        - "traefik.http.routers.delic.entrypoints=websecure"
+        - "traefik.http.routers.delic.tls=true"
+        - "traefik.http.routers.delic.tls.certresolver=default"
+        - "traefik.http.services.delic-web.loadbalancer.server.port=3000"
+        - "traefik.http.services.delic-web.loadbalancer.server.scheme=http"
+        - "traefik.http.routers.delic.service=delic-web"
+        - "traefik.docker.network=public_lb"
+        - "traefik.http.middlewares.delic-ratelimit.ratelimit.average=50"
+        - "traefik.http.middlewares.delic-ratelimit.ratelimit.burst=10"
+        - "traefik.http.routers.delic.middlewares=delic-ratelimit"
+      mode: replicated
+      replicas: 1
+      restart_policy:
+        condition: on-failure
+        max_attempts: 3
+      update_config:
+        parallelism: 1
+        delay: 5s
+        order: stop-first
+
+    logging:
+      options:
+        max-size: "10m"
+        max-file: "3"
+
+networks:
+  public_lb:
+    external: true
+    name: public_lb