diff --git a/doc/docker-compose.yml b/doc/docker-compose.yml
index 04ff2c8..8725763 100644
--- a/doc/docker-compose.yml
+++ b/doc/docker-compose.yml
@@ -1,23 +1,33 @@
+# Example of Docker Compose setup using Traefik reverse proxy
+
 version: '3'
 
 services:
-  # FIXME: adapt URL in conf
+  # RTMP to WebRTC server
   ovenmediaengine:
     image: airensoft/ovenmediaengine:0.10.7
     ports:
+      # WebRTC ICE
       - 10000-10005:10000-10005/udp
     volumes:
-      - ./ovenmediaengine/conf/Server.xml:/opt/ovenmediaengine/bin/origin_conf/Server.xml
+      - ./ovenmediaengine/conf/Server-docker.xml:/opt/ovenmediaengine/bin/origin_conf/Server.xml:ro
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.ovenmediaengine.rule=Host(`stream.example.com`) && PathPrefix(`/app/`)"
+      - "traefik.http.routers.ovenmediaengine.priority=101"
+      - "traefik.http.services.ovenmediaenfine.loadbalancer.server.port=3333"
 
-  # FIXME: relay RTMPS to RTMP, auth RTMP with ghostream and relay HTTPS to ghostream HTTP and ovenmediaengine websocket
+  # RTMP server that authenticate stream against ghostream
   rtmp_server:
     image: nginx:1.19.2
-    ports:
-      - 1935:1935
-      - 443:443
-      - 80:80
+    volumes:
+      - ./nginx/nginx-docker.conf:/etc/nginx/nginx.conf:ro
+    labels:
+      - "traefik.enable=true"
+      - "traefik.tcp.routers.rtmp.rule=Host(`stream.example.com`)"
+      - "traefik.tcp.services.rtmp.loadbalancer.server.port=1925"
 
-  # ghostream will serve a HTTP server on 8080
+  # Ghostream is the web frontend to OvenMediaEngine
   ghostream:
     build: ../
     environment:
@@ -27,3 +37,8 @@ services:
       - SITE_NAME="Ghostream"
       - SITE_HOSTNAME="localhost"
       - FAVICON="/favicon.ico"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.ghostream.rule=Host(`stream.example.com`)"
+      - "traefik.http.routers.ghostream.priority=100"
+      - "traefik.http.services.ghostream.loadbalancer.server.port=8080"
diff --git a/doc/nginx/modules-available/60-ghostream.conf b/doc/nginx/modules-available/60-ghostream.conf
index c4530fc..ae34515 100644
--- a/doc/nginx/modules-available/60-ghostream.conf
+++ b/doc/nginx/modules-available/60-ghostream.conf
@@ -30,7 +30,7 @@ rtmp {
             live on;
             record off;
             push rtmp://127.0.0.1:1915;
-            on_publish http://127.0.0.1:8080/app/auth;
+            on_publish http://127.0.0.1:8080/rtmp/auth;
         }
     }
 }
diff --git a/doc/nginx/nginx-docker.conf b/doc/nginx/nginx-docker.conf
new file mode 100644
index 0000000..23a5ac1
--- /dev/null
+++ b/doc/nginx/nginx-docker.conf
@@ -0,0 +1,28 @@
+# This file is part of Ghostream
+# Copyright (C) 2020 by Crans <roots@crans.org>
+# SPDX-License-Identifier: GPL-2.0-or-later
+
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+
+events {
+	worker_connections 768;
+}
+
+# Authenticate then stream RTMP
+# This RTMP server will be used when clients play directly RTMPS.
+# It also push RTMP stream to OvenMediaEngine to generate WebRTC stream.
+rtmp {
+    server {
+        listen 0.0.0.0:1925;
+
+        chunk_size 4096;
+        application app {
+            live on;
+            record off;
+            push rtmp://ovenmediaengine:1915;
+            on_publish http://ghostream:8080/rtmp/auth;
+        }
+    }
+}
diff --git a/doc/ovenmediaengine/conf/Server-docker.xml b/doc/ovenmediaengine/conf/Server-docker.xml
new file mode 100644
index 0000000..dcacbcf
--- /dev/null
+++ b/doc/ovenmediaengine/conf/Server-docker.xml
@@ -0,0 +1,75 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+
+<Server version="7">
+  <Name>OvenMediaEngine</Name>
+  <Type>origin</Type>
+  <IP>*</IP>
+
+  <Bind>
+    <Providers>
+      <RTMP>
+        <Port>1915</Port>
+      </RTMP>
+    </Providers>
+    <Publishers>
+      <WebRTC>
+        <Signalling>
+          <Port>3333</Port>
+        </Signalling>
+        <IceCandidates>
+          <IceCandidate>*:10000-10005/udp</IceCandidate>
+        </IceCandidates>
+      </WebRTC>
+    </Publishers>
+  </Bind>
+
+  <VirtualHosts>
+    <VirtualHost>
+      <Name>default</Name>
+      <Domain>
+        <Names>
+          <Name>*</Name>
+        </Names>
+      </Domain>
+      <Applications>
+        <Application>
+          <Name>app</Name>
+          <Type>live</Type>
+          <Encodes>
+            <Encode>
+              <Name>opus_only</Name>
+              <Audio>
+                <Codec>opus</Codec>
+                <Bitrate>128000</Bitrate>
+                <Samplerate>48000</Samplerate>
+                <Channel>2</Channel>
+              </Audio>
+              <Video>
+                <Bypass>true</Bypass>
+              </Video>
+            </Encode>
+          </Encodes>
+          <Streams>
+            <Stream>
+              <Name>${OriginStreamName}</Name>
+              <Profiles>
+                <Profile>opus_only</Profile>
+              </Profiles>
+            </Stream>
+          </Streams>
+          <Providers>
+            <RTMP>
+              <BlockDuplicateStreamName>true</BlockDuplicateStreamName>
+            </RTMP>
+          </Providers>
+          <Publishers>
+            <ThreadCount>2</ThreadCount>
+            <WebRTC>
+              <Timeout>30000</Timeout>
+            </WebRTC>
+          </Publishers>
+        </Application>
+      </Applications>
+    </VirtualHost>
+  </VirtualHosts>
+</Server>
diff --git a/ghostream/__init__.py b/ghostream/__init__.py
index 27a02f7..0fc774a 100644
--- a/ghostream/__init__.py
+++ b/ghostream/__init__.py
@@ -18,7 +18,7 @@ def viewer(path):
     return render_template('viewer.html', path=path)
 
 
-@app.route('/app/auth', methods=['POST'])
+@app.route('/rtmp/auth', methods=['POST'])
 def auth():
     """Authentication on stream start"""
     name = request.form.get('name')