diff --git a/umami/Caddyfile b/umami/Caddyfile
new file mode 100644
index 0000000..4ceeb58
--- /dev/null
+++ b/umami/Caddyfile
@@ -0,0 +1,17 @@
+analytics.teknologiumum.com {
+  reverse_proxy 127.0.0.1:23120
+
+  header {
+    server "Teknologi Umum"
+    ?Permissions-Policy interest-cohort=()
+    ?strict-transport-security "max-age=604800; includeSubDomains"
+    ?x-content-type-options nosniff
+    ?x-frame-options DENY
+    ?referrer-policy no-referrer-when-downgrade
+    ?content-security-policy "default-src 'none'; font-src 'self'; script-src 'self' blob:; manifest-src 'self'; media-src 'self' data: blob: about:; style-src 'self' 'unsafe-inline'; base-uri 'none'; img-src 'self' data:; form-action 'self'; frame-ancestors 'none'; connect-src 'self'; worker-src blob:;"
+    ?vary Origin
+    ?x-xss-protection "1; mode=block"
+  }
+
+  tls opensource@teknologiumum.com
+}
diff --git a/umami/docker-compose.yml b/umami/docker-compose.yml
new file mode 100644
index 0000000..d8ba608
--- /dev/null
+++ b/umami/docker-compose.yml
@@ -0,0 +1,60 @@
+services:
+  umami:
+    image: ghcr.io/umami-software/umami:postgresql-latest
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
+    ports:
+      - "23120:3000"
+    environment:
+      DATABASE_URL:
+      DATABASE_TYPE: postgresql
+      APP_SECRET:
+      DISABLE_BOT_CHECK: 1
+      DISABLE_UPDATES: 1
+      DISABLE_TELEMETRY: 1
+      REMOVE_TRAILING_SLASH: 1
+    depends_on:
+      db:
+        condition: service_healthy
+    deploy:
+      restart_policy:
+        condition: unless-stopped
+        delay: 30s
+        window: 120s
+    healthcheck:
+      test: ["CMD-SHELL", "curl http://localhost:3000/api/heartbeat"]
+      interval: 30s
+      timeout: 20s
+      retries: 5
+    logging:
+      driver: local
+      options:
+        max-size: 10M
+        max-file: 3
+  db:
+    image: postgres:16-alpine
+    environment:
+      POSTGRES_DB:
+      POSTGRES_USER:
+      POSTGRES_PASSWORD:
+    volumes:
+      - umami-db-data:/var/lib/postgresql/data
+    deploy:
+      restart_policy:
+        condition: unless-stopped
+        delay: 30s
+        window: 120s
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
+      interval: 30s
+      timeout: 20s
+      retries: 5
+    logging:
+      driver: local
+      options:
+        max-size: 10M
+        max-file: 3
+
+volumes:
+  umami-db-data:
+    external: true
diff --git a/umami/setup.sh b/umami/setup.sh
new file mode 100755
index 0000000..264cff8
--- /dev/null
+++ b/umami/setup.sh
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+docker volume create umami-db-data