diff --git a/docker-compose.saved.yml b/docker-compose.saved.yml
new file mode 100644
index 0000000..43d2ae8
--- /dev/null
+++ b/docker-compose.saved.yml
@@ -0,0 +1,102 @@
+services:
+  frontend:
+    container_name: ca-lose-frontend
+    hostname: lose-verkaufen
+    build: ./frontend
+    depends_on:
+      - backend
+    networks:
+      ca-lose-internal:
+        ipv4_address: 172.25.0.2
+    restart: unless-stopped
+
+  backend:
+    container_name: ca-lose-backend
+    hostname: backend
+    build: ./backend
+    environment:
+      NODE_ENV: production
+      DB_HOST: ca-lose-mysql
+      DB_USER: root
+      DB_PASSWORD: ${DB_PASSWORD}
+      DB_NAME: ca_lose
+    depends_on:
+      - database
+    networks:
+      ca-lose-internal:
+        ipv4_address: 172.25.0.3
+    restart: unless-stopped
+
+  database:
+    container_name: ca-lose-mysql
+    hostname: database
+    image: mysql:8.0
+    restart: unless-stopped
+    environment:
+      MYSQL_ROOT_PASSWORD: ${DB_PASSWORD}
+      MYSQL_DATABASE: ca_lose
+      TZ: Europe/Berlin
+    volumes:
+      - ../docker/volumes/ca-lose_mysql:/var/lib/mysql
+      - ./mysql-timezone.cnf:/etc/mysql/conf.d/timezone.cnf:ro
+    networks:
+      ca-lose-internal:
+        ipv4_address: 172.25.0.4
+
+  # DNS Server für Hostname-Auflösung innerhalb des VPN
+  dnsmasq:
+    container_name: ca-lose-dns
+    image: andyshinn/dnsmasq:latest
+    restart: unless-stopped
+    cap_add:
+      - NET_ADMIN
+    command: >
+      --no-daemon
+      --log-queries
+      --address=/lose-verkaufen/172.25.0.2
+      --address=/frontend/172.25.0.2
+      --address=/backend/172.25.0.3
+      --address=/database/172.25.0.4
+      --address=/wireguard/172.25.0.6
+    networks:
+      ca-lose-internal:
+        ipv4_address: 172.25.0.5
+
+  # WireGuard VPN mit Web-UI (wg-easy)
+  wireguard:
+    image: ghcr.io/wg-easy/wg-easy:latest
+    container_name: ca-lose-wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    environment:
+      LANG: de
+      WG_HOST: dus3.the1s.de
+      WG_PORT: "51830"
+      WG_DEFAULT_DNS: "172.25.0.5"
+      WG_ALLOWED_IPS: 172.25.0.0/24
+      PORT: "80" # Web-UI Port
+      PASSWORD_HASH: ${WIREGUARD_PASSWORD_HASH}
+    volumes:
+      - ../docker/volumes/ca-lose-wireguard:/etc/wireguard
+      - /lib/modules:/lib/modules:ro
+    ports:
+      - "51830:51830/udp"
+    #  - "51831:80/tcp" # only for short configuration access - remove in production - external: 51831 internal: 80
+    sysctls:
+      - net.ipv4.ip_forward=1
+      - net.ipv4.conf.all.src_valid_mark=1
+    restart: unless-stopped
+    depends_on:
+      - dnsmasq
+    networks:
+      ca-lose-internal:
+        ipv4_address: 172.25.0.6
+
+networks:
+  ca-lose-internal:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.25.0.0/24
+          gateway: 172.25.0.1
diff --git a/docker-compose.yml b/docker-compose.yml
index 43d2ae8..6e78238 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -64,7 +64,7 @@ services:
 
   # WireGuard VPN mit Web-UI (wg-easy)
   wireguard:
-    image: ghcr.io/wg-easy/wg-easy:latest
+    build: ./wg-easy-ca-lose
     container_name: ca-lose-wireguard
     cap_add:
       - NET_ADMIN