diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..7be5faa
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,18 @@
+FROM haproxy:2.1
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+      ca-certificates \
+      curl \
+      lua-json \
+      lua-luaossl \
+ && apt-get clean
+ENV CONFIG_DIR=/usr/local/etc/haproxy/
+# lua http
+RUN curl https://raw.githubusercontent.com/haproxytech/haproxy-lua-http/master/http.lua > /http.lua
+# https://github.com/haproxytech/haproxy-lua-acme
+ADD acme.lua /acme.lua
+ADD config.lua /config.lua
+ADD haproxy.cfg $CONFIG_DIR/haproxy.cfg
+# check conf
+RUN haproxy -c -- $CONFIG_DIR/haproxy.cfg
+
diff --git a/haproxy.cfg b/haproxy.cfg
index 01b666b..5fe431e 100644
--- a/haproxy.cfg
+++ b/haproxy.cfg
@@ -1,5 +1,5 @@
 global
-    log /dev/log local0 debug
+    log stdout  format raw  local0 debug
     daemon
     lua-load config.lua
     lua-load acme.lua
@@ -13,7 +13,7 @@ defaults
     timeout server 10s
 
 listen http
-    bind *:5002
+    bind *:80
     http-request use-service lua.acme if { path_beg /.well-known/acme-challenge/  }
 
 listen acme
@@ -22,6 +22,5 @@ listen acme
 
 listen acme-ca
     bind 127.0.0.1:9012
-    # server ca acme-v02.api.letsencrypt.org:443 ssl verify none
-    server ca 127.0.0.1:4431 ssl verify none
+    server ca acme-v02.api.letsencrypt.org:443 ssl verify none
     http-request set-header Host acme-v02.api.letsencrypt.org