diff --git a/Dockerfile b/Dockerfile
index 6cc92cf..68baed4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -63,16 +63,16 @@ FROM alpine:3
 ENV UID=1000
 ENV GID=1000
 
+RUN \
+    apk update --no-cache && \
+    apk add --no-cache --virtual \
+        openssl \
+        zlib \
+        lua5.3-libs \
+        pcre2
+
 COPY --from=builder /haproxy/haproxy /haproxy
+COPY docker-entrypoint.sh /docker-entrypoint.sh
 
-ENTRYPOINT \
-    (\
-        grep -qE '^haproxy:x:'"${UID}"':haproxy$' /etc/group || addgroup -g "${GID}" haproxy\
-    ) && \
-    (\
-        grep -qE '^haproxy:x:'"${UID}"':'"${GID}"':.*$' /etc/passwd || adduser -D -u "${UID}" -G haproxy haproxy \
-    ) && \
-    chmod 700 /etc/haproxy && chown haproxy:haproxy /etc/haproxy
-
-CMD su haproxy -c "/haproxy -f /haproxy"
+ENTRYPOINT /docker-entrypoint.sh
 
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 9a886f0..985bed4 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -13,6 +13,10 @@ services:
         tag: haproxy 
     restart: unless-stopped
     ports:
-      - 8443:8443
+      - ${EXTERNAL_IP}:${PORT_PLAIN}:80
+      - ${EXTERNAL_IP}:${PORT_TLS}:443
+      - ${STATS_IP}:${PORT_STATS}:8404
     volumes:
       - ${HAPROXY_CONFIG_FILE_PATH}:/etc/haproxy/haproxy.cfg:ro
+      - ${HAPROXY_CERTS_PATH}:/etc/ssl/certs:ro
+
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
new file mode 100755
index 0000000..8d23af3
--- /dev/null
+++ b/docker-entrypoint.sh
@@ -0,0 +1,22 @@
+#!/bin/ash
+set -e
+
+if ! grep -qE '^haproxy:x:'"${UID}"':haproxy$' /etc/group ; then
+    addgroup -g "${GID}" haproxy
+fi
+
+if ! grep -qE '^haproxy:x:'"${UID}"':'"${GID}"':.*$' /etc/passwd ; then
+    adduser -D -u "${UID}" -G haproxy haproxy
+fi
+
+mkdir -vp \
+    /etc/haproxy \
+    /var/run/haproxy
+
+chmod 700 /etc/haproxy
+
+chown haproxy:haproxy \
+        /etc/haproxy \
+        /var/run/haproxy
+
+su haproxy -c '/haproxy -f /etc/haproxy/haproxy.cfg'
diff --git a/env.dist b/env.dist
index 9d1f860..0470f49 100644
--- a/env.dist
+++ b/env.dist
@@ -1,3 +1,9 @@
+EXTERNAL_IP=127.0.0.1
 HAPROXY_REPO='https://scm.f1x.online/mirrors/haproxy.git'
 HAPROXY_VERSION=
 HAPROXY_CONFIG_FILE_PATH=/path/to/haproxy.conf
+HAPROXY_CERTS_PATH=/path/to/certs
+PORT_STATS=8404
+PORT_PLAIN=80
+PORT_TLS=443
+STATS_IP=127.0.0.1