diff --git a/docker-compose/registry/docker-compose.yml.j2 b/docker-compose/registry/docker-compose.yml.j2
index a6e3096d..6dda59a6 100644
--- a/docker-compose/registry/docker-compose.yml.j2
+++ b/docker-compose/registry/docker-compose.yml.j2
@@ -91,9 +91,8 @@ services:
       timeout: 10s
       retries: 3
     labels:
-      traefik.http.routers.registry-ui.rule: Host(`registry.mgrote.net`)&&PathPrefix(`/ui`) # mache unter /ui erreichbar, damit wird demPfad dieser Prefix hinzugefügt, die Anwendung "hört" dort abrer nicht
-      traefik.http.routers.registry-ui.middlewares: registry-ui-strip-prefix,registry-ui-ipallowlist # also entferne den Prefix danach wieder
-      traefik.http.middlewares.registry-ui-strip-prefix.stripprefix.prefixes: /ui # hier ist die Middleware definiert
+      traefik.http.routers.registry-ui.rule: Host(`rui.mgrote.net`)
+      traefik.http.routers.registry-ui.middlewares: authelia,registry-ui-ipallowlist # also entferne den Prefix danach wieder
       traefik.enable: true
       traefik.http.routers.registry-ui.tls: true
       traefik.http.routers.registry-ui.tls.certresolver: resolver_letsencrypt
@@ -109,7 +108,6 @@ networks:
     external: true
   intern:
 
-
 ######## Volumes ########
 volumes:
   oci:
diff --git a/docker-compose/traefik/configuration.yml.j2 b/docker-compose/traefik/configuration.yml.j2
index 03ee4ea0..34b8085a 100644
--- a/docker-compose/traefik/configuration.yml.j2
+++ b/docker-compose/traefik/configuration.yml.j2
@@ -3,6 +3,8 @@
 
 server.address: "0.0.0.0:9091"
 
+theme: auto
+
 log:
   level: debug
 
@@ -19,6 +21,10 @@ access_control:
       policy: one_factor
       subject:
         - 'group:authelia_wiki'
+    - domain: rui.mgrote.net
+      policy: one_factor
+      subject:
+        - 'group:authelia_registry-ui'
 
 session:
   name: authelia_session
diff --git a/docker-compose/traefik/docker-compose.yml.j2 b/docker-compose/traefik/docker-compose.yml.j2
index 40ff6641..49a0000d 100644
--- a/docker-compose/traefik/docker-compose.yml.j2
+++ b/docker-compose/traefik/docker-compose.yml.j2
@@ -26,6 +26,8 @@ services:
       interval: 30s
       timeout: 10s
       retries: 3
+    depends_on:
+      - authelia
 
 ######## authelia ########
   authelia:
@@ -51,6 +53,7 @@ services:
       traefik.http.middlewares.authelia.forwardauth.authResponseHeaders: Remote-User,Remote-Groups,Remote-Name,Remote-Email
     depends_on:
       - authelia-redis
+      - authelia-db
     networks:
       - traefik
       - postfix
diff --git a/group_vars/blocky.yml b/group_vars/blocky.yml
index 585779dc..7eefd60a 100644
--- a/group_vars/blocky.yml
+++ b/group_vars/blocky.yml
@@ -90,6 +90,8 @@ blocky_custom_lookups: # optional
     ip: 192.168.2.40
   - name: s3.mgrote.net
     ip: 192.168.2.43
+  - name: rui.mgrote.net
+    ip: 192.168.2.43
 
 ### mgrote_munin_node
 # kann git.mgrote.net nicht auflösen, deshalb hiermit IP