diff --git a/docker-compose.https.yml b/docker-compose.https.yml
index cf0ca3a..3f01cdd 100644
--- a/docker-compose.https.yml
+++ b/docker-compose.https.yml
@@ -3,14 +3,12 @@ services:
   https_proxy:
     image: valian/docker-nginx-auto-ssl
     restart: unless-stopped
-    ports:
-      - 80:80
-      - 443:443
     volumes:
       - ssl_data:/etc/resty-auto-ssl
+      - ./mod/https/site.conf:/etc/nginx/conf.d/bbb-docker.conf
     environment:
       ALLOWED_DOMAINS: ${DOMAIN}
-      SITES: ${DOMAIN}=10.7.7.1:8080
+    network_mode: host
 
 volumes:
   ssl_data:
diff --git a/mod/https/site.conf b/mod/https/site.conf
new file mode 100644
index 0000000..a144563
--- /dev/null
+++ b/mod/https/site.conf
@@ -0,0 +1,28 @@
+map $http_upgrade $connection_upgrade {
+  default upgrade;
+  '' close;
+}
+map $remote_addr $endpoint_addr {
+    "~:"    [::1];
+    default    127.0.0.1;
+}
+
+server {
+  listen 443 ssl http2 default_server;
+  listen [::]:443 ssl http2 default_server;
+  server_name _;
+
+  include resty-server-https.conf;
+
+  location / {
+    proxy_http_version 1.1;
+    proxy_pass http://$endpoint_addr:8080;
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection $connection_upgrade;
+    proxy_cache_bypass $http_upgrade;
+  }
+}