diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..d01a39d
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,28 @@
+FROM alpine:latest as builder
+WORKDIR /app
+COPY . ./
+# This is where one could build the application code as well.
+
+
+FROM alpine:latest as tailscale
+WORKDIR /app
+COPY . ./
+ENV TSFILE=tailscale_1.24.2_amd64.tgz
+RUN wget https://pkgs.tailscale.com/stable/${TSFILE} && tar xzf ${TSFILE} --strip-components=1
+COPY . ./
+
+
+# https://docs.docker.com/develop/develop-images/multistage-build/#use-multi-stage-builds
+FROM alpine:latest
+RUN apk update && apk add --no-cache ca-certificates iptables ip6tables nginx
+
+# Copy binary to production image
+COPY --from=builder /app/start.sh /app/start.sh
+COPY --from=tailscale /app/tailscaled /app/tailscaled
+COPY --from=tailscale /app/tailscale /app/tailscale
+RUN mkdir -p /var/run/tailscale /var/cache/tailscale /var/lib/tailscale
+COPY nginx.conf   /etc/nginx/http.d/nginx.conf
+
+# Run on container startup.
+EXPOSE 8080
+CMD ["/app/start.sh"]
diff --git a/fly.toml b/fly.toml
new file mode 100644
index 0000000..d3869e6
--- /dev/null
+++ b/fly.toml
@@ -0,0 +1,40 @@
+# fly.toml file generated for white-wave-7409 on 2022-05-02T16:24:11-03:00
+
+app = "white-wave-7409"
+
+kill_signal = "SIGINT"
+kill_timeout = 5
+processes = []
+
+[deploy]
+  strategy = "rolling"
+
+[env]
+
+[experimental]
+  allowed_public_ports = [8080]
+  auto_rollback = true
+
+[[services]]
+  internal_port = 8080
+  protocol = "tcp"
+
+  [services.concurrency]
+    hard_limit = 25
+    soft_limit = 20
+    type = "connections"
+
+  [[services.ports]]
+    force_https = true
+    handlers = ["http"]
+    port = 80
+
+  [[services.ports]]
+    handlers = ["tls", "http"]
+    port = "443"
+
+  [[services.tcp_checks]]
+    grace_period = "1s"
+    interval = "15s"
+    restart_limit = 0
+    timeout = "2s"
diff --git a/nginx.conf b/nginx.conf
new file mode 100644
index 0000000..37c8129
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,23 @@
+server {
+  listen 8080;
+  listen [::]:8080;
+
+  server_name home.ralsina.me;
+
+  location / {
+      proxy_pass http://pinky.ralsina.github.beta.tailscale.net:8080;
+      proxy_set_header X-Forwarded-Host $http_host;
+  }
+}
+
+server {
+  listen 8080;
+  listen [::]:8080;
+
+  server_name git.ralsina.me;
+
+  location / {
+      proxy_pass http://pinky.ralsina.github.beta.tailscale.net:3000;
+      proxy_set_header X-Forwarded-Host $http_host;
+  }
+}
diff --git a/start.sh b/start.sh
new file mode 100755
index 0000000..95f56d6
--- /dev/null
+++ b/start.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+/app/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/var/run/tailscale/tailscaled.sock &
+/app/tailscale up --authkey=${TAILSCALE_AUTHKEY} --hostname=reverseproxy
+/usr/sbin/nginx -c /etc/nginx/nginx.conf -g 'daemon off;'