diff --git a/templates/compose/authelia.yaml.j2 b/templates/compose/authelia.yaml.j2
index 9d3eacd..90fa0e6 100644
--- a/templates/compose/authelia.yaml.j2
+++ b/templates/compose/authelia.yaml.j2
@@ -11,7 +11,7 @@ services:
       - PGID=1000
       - TZ=Asia/Singapore
     ports:
-      - 9091:9091
+      - 8888:9091
     volumes:
       - {{ docker_dir }}/authelia:/config
     restart: unless-stopped
diff --git a/templates/compose/gitea.yaml.j2 b/templates/compose/gitea.yaml.j2
index b77cd9f..315fdba 100644
--- a/templates/compose/gitea.yaml.j2
+++ b/templates/compose/gitea.yaml.j2
@@ -28,7 +28,7 @@ services:
     depends_on:
       - gitea-db
     ports:
-      - "3000:3000"
+      - "8885:3000"
     networks:
       - gitea
 
diff --git a/templates/compose/ntfy.yaml.j2 b/templates/compose/ntfy.yaml.j2
index 1cb1e6a..d685ea6 100644
--- a/templates/compose/ntfy.yaml.j2
+++ b/templates/compose/ntfy.yaml.j2
@@ -23,7 +23,7 @@ services:
       - {{ docker_dir }}/ntfy/user.db:/var/lib/ntfy/user.db
     restart: unless-stopped
     ports:
-      - '8911:80'
+      - '8894:80'
     healthcheck: # optional: remember to adapt the host:port to your environment
         test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:80/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
         interval: 60s
diff --git a/templates/conf/Caddyfile.j2 b/templates/conf/Caddyfile.j2
index 14c2a66..bc2e111 100755
--- a/templates/conf/Caddyfile.j2
+++ b/templates/conf/Caddyfile.j2
@@ -196,29 +196,18 @@
 		}
 	}
 
-	@t host t.{$HOSTNAME}
-	handle @t {
-		encode zstd gzip
-		reverse_proxy {
-			to {{ oracle1_private_ip }}:8889
-			to {{ oracle2_private_ip }}:8889
-			to {{ oracle3_private_ip }}:8889
-			to {{ oracle4_private_ip }}:8889
-			lb_policy ip_hash
-			lb_try_duration 5s
-			lb_try_interval 1s
-			fail_duration 30s
-			max_fails 3
-		}
+	@b host b.{$HOSTNAME}
+	handle @b {
+		reverse_proxy {{ oracle1_private_ip }}:8884
 		header {
-			Content-Security-Policy "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
 			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
 		}
 	}
 
-	@b host b.{$HOSTNAME}
-	handle @b {
-		reverse_proxy {{ oracle1_private_ip }}:8884
+	@git host git.{$HOSTNAME}
+	handle @git {
+		encode zstd gzip
+		reverse_proxy {{ oracle3_private_ip }}:8885
 		header {
 			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
 		}
@@ -252,6 +241,31 @@
 		}
 	}
 
+	@auth host auth.{$HOSTNAME}
+	handle @auth {
+		reverse_proxy {{ oracle4_private_ip }}:8888
+	}
+
+	@t host t.{$HOSTNAME}
+	handle @t {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8889
+			to {{ oracle2_private_ip }}:8889
+			to {{ oracle3_private_ip }}:8889
+			to {{ oracle4_private_ip }}:8889
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+		}
+		header {
+			Content-Security-Policy "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
 	@m host m.{$HOSTNAME}
 	handle @m {
 		encode zstd gzip
@@ -307,7 +321,7 @@
 		}
 	}
 	handle @f {
-		forward_auth {{ oracle4_private_ip }}:9091 {
+		forward_auth {{ oracle4_private_ip }}:8888 {
 			uri /api/verify?rd=https://auth.opnxng.com/
 			copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
 			#import trusted_proxy_list
@@ -320,9 +334,13 @@
 		}
 	}
 
-	@auth host auth.{$HOSTNAME}
-	handle @auth {
-		reverse_proxy {{ oracle4_private_ip }}:9091
+	@nt host nt.{$HOSTNAME}
+	handle @nt {
+		encode zstd gzip
+		reverse_proxy {{ oracle3_private_ip }}:8894
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
 	}
 
 	@v host v.{$HOSTNAME}
@@ -597,24 +615,6 @@
 		}
 	}
 
-	@git host git.{$HOSTNAME}
-	handle @git {
-		encode zstd gzip
-		reverse_proxy {{ oracle3_private_ip }}:3000
-		header {
-			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
-		}
-	}
-
-	@nt host nt.{$HOSTNAME}
-	handle @nt {
-		encode zstd gzip
-		reverse_proxy {{ oracle3_private_ip }}:8911
-		header {
-			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
-		}
-	}
-
 }
 
 # ----------------------------------------------------------------------------------------------------
@@ -663,6 +663,4 @@ i.r.{$HOSTNAME} {
 	handle {
 		abort
 	}
-}
-
-# ----------------------------------------------------------------------------------------------------
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/vars/services.yml b/vars/services.yml
index 058a8b1..7c0ac54 100644
--- a/vars/services.yml
+++ b/vars/services.yml
@@ -1,7 +1,16 @@
-compose:
+setup:
   oracle4:
     - caddy
 
+compose:
+  oracle4:
+    - authelia
+    - caddy
+  oracle3:
+    - ntfy
+    - gitea
+
+
 # ----------------------------------------------------------------------------------------------------
 
 deployed-compose: