diff --git a/angie.conf b/angie.conf
index 484e42f..470a8fd 100644
--- a/angie.conf
+++ b/angie.conf
@@ -1,27 +1,40 @@
-resolver 8.8.8.8 ipv6=off; # требуется для директивы 'acme_client'
-acme_client dended https://acme-v02.api.letsencrypt.org/directory;
+user  angie;
+worker_processes  auto;
+worker_rlimit_nofile 65536;
 
-server {
-      listen 80;
-      return 301 https://$host$request_uri;
+error_log  /var/log/angie/error.log notice;
+pid        /run/angie/angie.pid;
+
+events {
+    worker_connections  65536;
 }
 
-server {
-      server_name n8n.dended.ru;
-      acme dended;
+http {
+    include       /etc/angie/mime.types;
+    default_type  application/octet-stream;
 
-      location / {
-        proxy_pass http://n8n:5678;
-	proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "upgrade";
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-      }
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
 
-      listen 443 ssl;
-      ssl_certificate $acme_cert_dended;
-      ssl_certificate_key $acme_cert_key_dended;
+    log_format extended '$remote_addr - $remote_user [$time_local] "$request" '
+                        '$status $body_bytes_sent "$http_referer" rt="$request_time" '
+                        '"$http_user_agent" "$http_x_forwarded_for" '
+                        'h="$host" sn="$server_name" ru="$request_uri" u="$uri" '
+                        'ucs="$upstream_cache_status" ua="$upstream_addr" us="$upstream_status" '
+                        'uct="$upstream_connect_time" urt="$upstream_response_time"';
+
+    access_log  /var/log/angie/access.log  main;
+
+    sendfile        on;
+
+    keepalive_timeout  65;
+
+    gzip  on;
+
+    include /etc/angie/http.d/*.conf;
+}
+
+stream {
+    include /etc/angie/stream.d/*.conf;
 }
diff --git a/docker-compose.yml b/docker-compose.yml
index b0d1cca..25ed95e 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -21,7 +21,9 @@ services:
       - "80:80"
       - "443:443"
     volumes:
-      - ./angie.conf:/etc/angie/http.d/default.conf:ro
+      - ./angie.conf:/etc/angie/angie.conf:ro
+      - ./http.conf:/etc/angie/http.d/default.conf:ro
+      - ./stream.conf:/etc/angie/stream.d/default.conf:ro
       - ./acme:/var/lib/angie/acme
     networks:
       - n8n_network
diff --git a/http.conf b/http.conf
new file mode 100644
index 0000000..62b5c7a
--- /dev/null
+++ b/http.conf
@@ -0,0 +1,28 @@
+resolver 8.8.8.8 ipv6=off; # требуется для директивы 'acme_client'
+acme_client dended https://acme-v02.api.letsencrypt.org/directory;
+
+server {
+      listen 80;
+      return 301 https://$host$request_uri;
+}
+
+server {
+      server_name n8n.dended.ru;
+      acme dended;
+
+      location / {
+        proxy_pass http://n8n:5678;
+	proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+      }
+
+      listen 8443 ssl;
+      ssl_certificate $acme_cert_dended;
+      ssl_certificate_key $acme_cert_key_dended;
+}
+
diff --git a/stream.conf b/stream.conf
new file mode 100644
index 0000000..20a716d
--- /dev/null
+++ b/stream.conf
@@ -0,0 +1,20 @@
+map $ssl_preread_server_name $upstream {
+    dended.ddns.net ocserv_backend;
+    n8n.dended.ru n8n_backend;
+    default n8n_backend;
+}
+
+upstream ocserv_backend {
+    server 172.17.0.1:4443;
+}
+
+upstream n8n_backend {
+    server 127.0.0.1:8443;
+}
+
+server {
+    listen 443;
+    ssl_preread on;
+    proxy_pass $upstream;
+}
+