diff --git a/docker-compose/homer/assets/mgmt.yml b/docker-compose/homer/assets/mgmt.yml
index dccf7beb..4b319722 100644
--- a/docker-compose/homer/assets/mgmt.yml
+++ b/docker-compose/homer/assets/mgmt.yml
@@ -46,7 +46,7 @@ services:
         url: "http://docker10.grote.lan:8081"
         target: "_blank"
         subtitle: "Reverse Proxy"
-      - name: "Unifi Controller"
+      - name: "Unifi Network Application"
         logo: "assets/icons/ubiquiti.png"
         url: "https://docker10.grote.lan:8443"
         target: "_blank"
diff --git a/docker-compose/unifi-controller/docker-compose.yml.j2 b/docker-compose/unifi-controller/docker-compose.yml.j2
deleted file mode 100644
index d0cd0a64..00000000
--- a/docker-compose/unifi-controller/docker-compose.yml.j2
+++ /dev/null
@@ -1,28 +0,0 @@
----
-version: "2.1"
-services:
-  unifi-controller:
-    image: ghcr.io/linuxserver/unifi-controller
-    container_name: unifi-controller
-    environment:
-      PUID: 1000
-      PGID: 1000
-    volumes:
-      - data:/config
-    ports:
-      - 3478:3478/udp #Unifi STUN port
-      - 10001:10001/udp #Required for AP discovery
-      - 8080:8080 #Required for device communication
-      - 8443:8443 #Unifi web admin port
-      - 1900:1900/udp #optional, Required for Make controller discoverable on L2 network option
-      - 8843:8843 #optional, Unifi guest portal HTTPS redirect port
-      - 8880:8880 #optional, Unifi guest portal HTTP redirect port
-      - 6789:6789 #optional, For mobile throughput test
-      - 5514:5514/udp #optional
-    restart: always
-    labels:
-      com.centurylinklabs.watchtower.enable: false
-      com.centurylinklabs.watchtower.monitor-only: true
-######## Volumes ########
-volumes:
-  data:
diff --git a/docker-compose/unifi-network-application/docker-compose.yml.j2 b/docker-compose/unifi-network-application/docker-compose.yml.j2
new file mode 100644
index 00000000..d90de470
--- /dev/null
+++ b/docker-compose/unifi-network-application/docker-compose.yml.j2
@@ -0,0 +1,64 @@
+---
+version: "2.1"
+services:
+  unifi-network-application:
+    image: lscr.io/linuxserver/unifi-network-application:latest
+    container_name: unifi-network-application
+    environment:
+      PUID: 1000
+      PGID: 1000
+      TZ: Etc/UTC
+      MONGO_USER: unifiuser
+      MONGO_PASS: {{ lookup('keepass', 'unifi-mongodb-pass', 'password') }}
+      MONGO_HOST: unifi-db
+      MONGO_PORT: 27017
+      MONGO_DBNAME: unifidb
+      MEM_LIMIT: 1024 #optional
+      MEM_STARTUP: 1024 #optional
+    volumes:
+      - unifi-data:/config
+    ports:
+      - 8443:8443
+      - 3478:3478/udp
+      - 10001:10001/udp
+      - 8080:8080
+      - 1900:1900/udp #optional
+      - 8843:8843 #optional
+      - 8880:8880 #optional
+      - 6789:6789 #optional
+      - 5514:5514/udp #optional
+    restart: always
+    labels:
+      com.centurylinklabs.watchtower.enable: false
+      com.centurylinklabs.watchtower.monitor-only: true
+      com.centurylinklabs.watchtower.depends-on: unifi-db
+    networks:
+      - mail-relay
+      - unifi-internal
+
+  unifi-db:
+    # Starte Container OHNE init-script
+    # IN Container
+    # 1. mongo
+    # 2. db.getSiblingDB("unifidb").createUser({user: "unifiuser", pwd: "GEHEIM", roles: [{role: "dbOwner", db: "unifidb"}, {role: "dbOwner", db: "unifidb_stat"}]});
+    # https://discourse.linuxserver.io/t/cant-connect-to-mongodb-for-unifi-network-application/8166
+    image: docker.io/mongo:4
+    container_name: unifi-db
+    volumes:
+      - db-data:/data/db
+    restart: always
+    labels:
+      com.centurylinklabs.watchtower.enable: true
+    networks:
+      - unifi-internal
+
+######## Volumes ########
+volumes:
+  db-data:
+  unifi-data:
+######## Networks ########
+networks:
+  mail-relay:
+    external: true
+  unifi-internal:
+    driver: bridge
diff --git a/host_vars/docker10.grote.lan.yml b/host_vars/docker10.grote.lan.yml
index 638164dd..df5d2e69 100644
--- a/host_vars/docker10.grote.lan.yml
+++ b/host_vars/docker10.grote.lan.yml
@@ -26,6 +26,9 @@ compose_dir_permissions: "755"
 compose_dest_basedir: "/docker"
 compose_src_basedir: "{{ inventory_dir }}/docker-compose"
 compose_files:
+  - name: registry
+    state: present
+    network: traefik
   - name: homer
     state: present
   - name: drone
@@ -35,7 +38,7 @@ compose_files:
     network: traefik
   - name: httpd
     state: present
-  - name: unifi-controller
+  - name: unifi-network-application
     state: present
   - name: miniflux
     state: present
@@ -50,13 +53,10 @@ compose_files:
     state: present
   - name: routeros-config-export
     state: present
-  - name: registry
-    state: present
-    network: traefik
   - name: mail-relay
     state: present
     network: mail-relay
-    
+
 ### oefenweb.ufw
 ufw_rules:
   - rule: allow
diff --git a/keepass_db.kdbx b/keepass_db.kdbx
index e89ffb65..d3116b1a 100644
Binary files a/keepass_db.kdbx and b/keepass_db.kdbx differ