diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..82ca516
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,46 @@
+# Planeshift Application Configuration
+# Copy this file to .env and fill in your actual values
+
+# Application Secret Key (generate a secure random string)
+SECRET_KEY=your-secret-key-here
+
+# MongoDB Configuration
+MONGO_HOST=mongo
+MONGO_PORT=27017
+MONGO_DB=planeshift
+MONGO_USER=planeshift
+MONGO_PASS=your-mongodb-password
+
+# Foundry VTT Settings
+FOUNDRY_HOST=https://your-foundry-host.com
+FOUNDRY_USER=YourFoundryAPIUser
+FOUNDRY_PASS=your-foundry-password
+# FOUNDRY_ADMIN_PASS=your-foundry-admin-password
+# FOUNDRY_LOG_ENABLED=false
+
+# Authentication Providers
+# Comma-separated list of providers to try sequentially (discord,oidc)
+# Leave empty to disable authentication
+AUTH_PROVIDERS=
+
+# Discord Auth Settings (uncomment and fill if using Discord auth)
+# DISCORD_CLIENT_ID=your-discord-client-id
+# DISCORD_CLIENT_SECRET=your-discord-client-secret
+# DISCORD_GUILD_ID=your-discord-guild-id
+# DISCORD_ROLE_ID=your-discord-role-id
+# DISCORD_GM_ROLE_ID=your-discord-gm-role-id
+# DISCORD_ADMIN_ROLE_ID=your-discord-admin-role-id
+
+# OIDC Auth Settings (uncomment and fill if using OIDC auth)
+# OIDC_CLIENT_ID=your-oidc-client-id
+# OIDC_CLIENT_SECRET=your-oidc-client-secret
+# OIDC_EXTRA_SCOPES=your-oidc-extra-scopes
+# OIDC_USERNAME_ATTRIBUTE=preferred_username
+# OIDC_ROLE_CLAIM=roles
+# OIDC_GM_ROLE=gm
+# OIDC_ADMIN_ROLE=admin
+
+# MongoDB Init (uncomment if you need root user for MongoDB)
+# MONGO_INITDB_ROOT_USERNAME=planeshift_admin
+# MONGO_INITDB_ROOT_PASSWORD=your-mongodb-root-password
+MONGO_INITDB_DATABASE=planeshift
diff --git a/compose.yml b/compose.yml
new file mode 100644
index 0000000..5ffd0ac
--- /dev/null
+++ b/compose.yml
@@ -0,0 +1,56 @@
+services:
+  planeshift:
+    build: .
+    depends_on:
+      - mongo
+    ports:
+      - "3000:3000"
+    environment:
+      SECRET_KEY: ${SECRET_KEY}
+      MONGO_HOST: ${MONGO_HOST:-mongo}
+      MONGO_PORT: ${MONGO_PORT:-27017}
+      MONGO_DB: ${MONGO_DB:-planeshift}
+      MONGO_USER: ${MONGO_USER}
+      MONGO_PASS: ${MONGO_PASS}
+
+      # Foundry settings
+      FOUNDRY_HOST: ${FOUNDRY_HOST}
+      FOUNDRY_USER: ${FOUNDRY_USER}
+      FOUNDRY_PASS: ${FOUNDRY_PASS}
+      FOUNDRY_ADMIN_PASS: ${FOUNDRY_ADMIN_PASS:-}
+      FOUNDRY_LOG_ENABLED: ${FOUNDRY_LOG_ENABLED:-false}
+
+      # Authentication providers (csv list: discord,oidc)
+      AUTH_PROVIDERS: ${AUTH_PROVIDERS:-}
+
+      # Discord auth settings
+      DISCORD_CLIENT_ID: ${DISCORD_CLIENT_ID:-}
+      DISCORD_CLIENT_SECRET: ${DISCORD_CLIENT_SECRET:-}
+      DISCORD_GUILD_ID: ${DISCORD_GUILD_ID:-}
+      DISCORD_ROLE_ID: ${DISCORD_ROLE_ID:-}
+      DISCORD_GM_ROLE_ID: ${DISCORD_GM_ROLE_ID:-}
+      DISCORD_ADMIN_ROLE_ID: ${DISCORD_ADMIN_ROLE_ID:-}
+
+      # OIDC Auth settings
+      OIDC_CLIENT_ID: ${OIDC_CLIENT_ID:-}
+      OIDC_CLIENT_SECRET: ${OIDC_CLIENT_SECRET:-}
+      OIDC_EXTRA_SCOPES: ${OIDC_EXTRA_SCOPES:-}
+      OIDC_USERNAME_ATTRIBUTE: ${OIDC_USERNAME_ATTRIBUTE:-}
+      OIDC_ROLE_CLAIM: ${OIDC_ROLE_CLAIM:-}
+      OIDC_GM_ROLE: ${OIDC_GM_ROLE:-}
+      OIDC_ADMIN_ROLE: ${OIDC_ADMIN_ROLE:-}
+
+  mongo:
+    image: mongo:8.0.15-noble
+    volumes:
+      - mongo-data:/data/db
+      - ./mongo-init.sh:/docker-entrypoint-initdb.d/mongo-init.sh:ro
+    environment:
+      MONGO_INITDB_ROOT_USERNAME: ${MONGO_INITDB_ROOT_USERNAME:-}
+      MONGO_INITDB_ROOT_PASSWORD: ${MONGO_INITDB_ROOT_PASSWORD:-}
+      MONGO_INITDB_DATABASE: ${MONGO_INITDB_DATABASE:-planeshift}
+      MONGO_USER: ${MONGO_USER}
+      MONGO_PASS: ${MONGO_PASS}
+
+volumes:
+  mongo-data:
diff --git a/docker-compose.yml b/docker-compose.yml
deleted file mode 100644
index df923e4..0000000
--- a/docker-compose.yml
+++ /dev/null
@@ -1,53 +0,0 @@
-services:
-  planeshift:
-    container_name: planeshift
-    image: ghcr.io/cclloyd/planeshift:latest
-    ports:
-      - "3000:3000"
-    environment:
-      SECRET_KEY: 'CHANGEME'
-      MONGO_HOST: 'mongo'
-      # MONGO_PORT: '27017'
-      # MONGO_DB: 'planeshift'
-      # MONGO_USER: 'planeshift'
-      MONGO_PASS: 'CHANGEME'
-
-      # Foundry settings
-      FOUNDRY_HOST: 'https://dnd.example.com'
-      # FOUNDRY_USER: 'APIUser'
-      FOUNDRY_PASS: 'CHANGEME'
-      # FOUNDRY_ADMIN_PASS: '' # Optional.  Gives additional control over restarting and managing the game.
-      # FOUNDRY_LOG_ENABLED: 'false'
-
-      # AUTH_PROVIDERS: 'discord,oidc' # csv list of providers to try sequentially.  If blank, authentication is disabled.
-
-      # Discord auth settings
-      # DISCORD_CLIENT_ID: 'CHANGEME'
-      # DISCORD_CLIENT_SECRET: 'CHANGEME'
-      # DISCORD_GUILD_ID: '' # (If omitted, anyone with a discord account can authenticate)
-      # DISCORD_ROLE_ID: '' # (If omitted, anyone in the specified discord server can authenticate)
-      # DISCORD_GM_ROLE_ID: '' # (If omitted, all users will be considered GMs)
-      # DISCORD_ADMIN_ROLE_ID: '' (If omitted, all users will be considered admins in the API, bypassing all permission restrictions.)
-
-      # OIDC Auth settings
-      # OIDC_CLIENT_ID: ''
-      # OIDC_CLIENT_SECRET: ''
-      # OIDC_EXTRA_SCOPES: ''
-      # OIDC_USERNAME_ATTRIBUTE: ''
-      # OIDC_ROLE_CLAIM: ''
-      # OIDC_GM_ROLE: ''
-      # OIDC_ADMIN_ROLE: ''
-
-#  mongo:
-#    container_name: mongo
-#    image: mongo
-#    ports:
-#      - "27017:27017"
-#    volumes:
-#      - mongo-data:/data/db
-#    environment:
-#      MONGO_INITDB_ROOT_USERNAME: 'planeshift'
-#      MONGO_INITDB_ROOT_PASSWORD: 'CHANGEME'
-
-#volumes:
-#  mongo-data:
diff --git a/mongo-init.sh b/mongo-init.sh
new file mode 100644
index 0000000..8c55889
--- /dev/null
+++ b/mongo-init.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+set -e
+
+# Create MongoDB user with credentials from environment variables
+mongosh <<EOF
+use ${MONGO_INITDB_DATABASE}
+db.createUser({
+  user: "${MONGO_USER}",
+  pwd: "${MONGO_PASS}",
+  roles: [
+    { role: "dbOwner", db: "${MONGO_INITDB_DATABASE}" }
+  ]
+});
+EOF