diff --git a/bin/tls/Makefile b/bin/tls/Makefile
old mode 100644
new mode 100755
index a361fc2c..8dd5aa6a
--- a/bin/tls/Makefile
+++ b/bin/tls/Makefile
@@ -13,10 +13,10 @@ clean:
 	@find . -type f \( -name '*.pem' -o -name '*.csr' \) -not -name "ca*" -delete
 
 ca.pem:
-	$(DOCKER) ./createCert.sh
+	$(DOCKER) /bin/bash createCert.sh
 
 %.pem: %.json
-	$(DOCKER) ./createProfileCert.sh $(TYPE) $*
+	$(DOCKER) /bin/bash createProfileCert.sh $(TYPE) $*
 
 certs/%.pem:
 	mkdir -p $(CDIR)/certs
diff --git a/bin/tls/createCert.sh b/bin/tls/createCert.sh
index 60dbbafe..392e1a87 100755
--- a/bin/tls/createCert.sh
+++ b/bin/tls/createCert.sh
@@ -1,3 +1,2 @@
 #!/bin/bash
-
 cfssl gencert -initca ca-csr.json | cfssljson -bare ca -
diff --git a/bin/tls/createProfileCert.sh b/bin/tls/createProfileCert.sh
index 4d11f921..4278ee99 100755
--- a/bin/tls/createProfileCert.sh
+++ b/bin/tls/createProfileCert.sh
@@ -1,4 +1,2 @@
 #!/bin/bash
-
-cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json \
-    -profile=$1 $2.json | cfssljson -bare $2
+cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=$1 $2.json | cfssljson -bare $2
diff --git a/docker-compose.yml b/docker-compose.yml
old mode 100644
new mode 100755
index dfa1bf26..2fa73365
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -322,6 +322,12 @@ services:
     - ./services/symmetric/samples:/opt/symmetric/samples:ro
     - ./services/symmetric/bin:/root/bin:ro
     - ./services/symmetric/log4j.xml:/opt/symmetric/conf/log4j.xml:ro
+    environment:
+    - LOCATION_ID=2d04b22e-1cc3-46b4-96dd-2bee5bad9ffa
+    - DB_URL=jdbc:postgresql://postgres/localdiscovery
+    - DB_USER=localsymmetric
+    - DB_PASSWORD=symmetric
+    - REGISTRATION_URL=http://cloudSymmetric:31415/sync/cloud-f7e41e48-ec79-4c78-9db6-37c0c4f78326
     depends_on:
     - postgres
 
diff --git a/docs/k8s/cloud-development-values.yaml b/docs/k8s/cloud-development-values.yaml
index 36ca585a..71ea9662 100644
--- a/docs/k8s/cloud-development-values.yaml
+++ b/docs/k8s/cloud-development-values.yaml
@@ -70,7 +70,8 @@ cloudSymmetric:
   dbUser: cloudsymmetric
   dbPassword: symmetric
   dbRole: clouddiscoveryservice
-  cloudSymmetricHost: cloudsymmetric.cloud.svc.cluster.local
+  cloudSymmetricProtocol: http
+  cloudSymmetricPublicHost: cloudsymmetric.cloud.svc.cluster.local
   nodePassword: jtpmff6bfm9lm51vykn3hz8dor053833
   localNodes:
     - id: 2d04b22e-1cc3-46b4-96dd-2bee5bad9ffa
diff --git a/docs/k8s/local-development-values.yaml b/docs/k8s/local-development-values.yaml
index 0695b206..a220e09e 100644
--- a/docs/k8s/local-development-values.yaml
+++ b/docs/k8s/local-development-values.yaml
@@ -48,4 +48,5 @@ localSymmetric:
     dbUser: localsymmetric
     dbPassword: symmetric
     dbRole: localdiscoveryservice
-    cloudSymmetricHost: cloudsymmetric.cloud.svc.cluster.local
+    cloudSymmetricProtocol: http
+    cloudSymmetricPublicHost: cloudsymmetric.cloud.svc.cluster.local
diff --git a/docs/windowsClinic.md b/docs/windowsClinic.md
new file mode 100755
index 00000000..0894d113
--- /dev/null
+++ b/docs/windowsClinic.md
@@ -0,0 +1,94 @@
+# Running full clinic deployment on Windows
+
+### Requirements
+
+Setup was tested on Windows 10 Home & Pro Editions.
+
+## 1. Initial setup.
+
+### Windows 10 Pro
+
+*   Install Git for Windows to be able to checkout the project.
+*   Install and setup Docker for Windows. Choose default options to use Linux Containers on Windows.
+*   Install Bonjour for Windows to get support for mDNS.
+    *   The easiest way to get latest Bonjour for Windows is to install iTunes. It is possible to extract Bonjour-only _\*.msi_ installer by unzipping iTunes installer file.
+*   Checkout IRYO WWM repo:
+    Before checkout, while configuring git you should disable auto conversion to CRLF line endings.
+
+        ```
+        git config --global core.autocrlf false
+        ```
+
+    You should checkout IRYO WWM to `C:\iryo\wwm` not to have to change default `IRYO_WWM_DIR` docker-compose file environment variable
+
+*   Go to Docker for Windows settings. In tab `Shared Drives` add the drive on which you checked out IRYO WWM repo to list of drives that can be available to Docker containers.
+
+### Windows 10 Home
+
+*   Download Docker Toolbox for Windows.
+*   Unless you have them already installed choose to install Virtual Box and Git for Windows.
+*   Run Docker Toolbox QuickStart Shell to create and setup docker machine.
+*   Install Bonjour for Windows to get support for mDNS.
+    *   The easiest way to get latest Bonjour for Windows is to install iTunes. It is possible to extract Bonjour-only _\*.msi_ installer by unzipping iTunes installer file.
+*   Checkout IRYO WWM repo:
+    Before checkout, while configuring git you should disable auto conversion to CRLF line endings.
+
+    ```
+    git config --global core.autocrlf false
+    ```
+
+*   Add IRYO WWM dir to shared folders for docker machine VM.
+    The easiest way to do it currently is to open Virtual Box GUI and add path to WWM dir to visible there docker machine VM. You should mount WWM dir under `/iryo` in the VM not to have to change default `IRYO_WWM_DIR` docker-compose file environment variable.
+
+## 2. Generate certificates and import root certificate to Windows root truststore.
+
+*   Set IRYO_WWM_DIR environment variable to the directory to which you checked out IRYO WWM repo. You can set it in Powershell following way
+    ```
+    $env:IRYO_WWM_DIR = "<PATH>"
+    ```
+*   Enter `docs/windowsClinic` directory in the admin-mode powershell.
+*   Run `generateAndImportCerts.ps1` script:
+
+```
+powershell -ExecutionPolicy ByPass -File .\generateAndImportCerts.ps1
+```
+
+## 3. Setup location, clinic on cloud and import certificates.
+
+1.  Setup location and clinic on cloud deployment that you intend to connect clinic to. Write down location ID and clinic ID.
+2.  Configure certificates for authSync, storageSync and batchStorageSync generated in previous step so they will be accepted as valid by `cloudAuth`.
+
+## 4. Set configuration values.
+
+1.  Edit `frontendConfig.json` to include correct `clinicId` and `locationId`.
+2.  Edit `.env` environment variables file for `docker-compose` it's included together with `docker-compose` in folders speciifc for Windows edition.
+    The .env files contain default values for test Windows clinic deployment that is connecting to stagingcloud deployment.
+    The values that are not filled in and has to be added before running the clinic are:
+    *   `CLOUDSYMMETRIC_BASIC_AUTH_USERNAME` and `CLOUDSYMMETRIC_BASIC_AUTH_PASSWORD`.
+        It needs to be set to correct username and password setup for `cloudSymmetric` server endpoints at the chosen cloud deployment.
+    *   `AUTH_STORAGE_ENCRYPTION_KEY`
+        It needs to be the same as at the chosen cloud deployment's `cloudAuth`. Otherwise `locatAuth` won't be able to decrypt received auth DB file.
+
+## 6. Start clinic
+
+While being in `docs/windowsClinic/home` (for Windows 10 Home) or `docs/windowsClinic/home` (for Windows 10 Pro) run in powershell:
+
+```
+docker-compose up -d
+```
+
+Now you should be able to access clinic web interface at `https://iryo.local`.
+
+## Known issues
+
+### Windows 10 Pro
+
+1.  Clinic site is not accessible from Microsoft Edge browser due to Microsoft Edge not being able to correctly resolve local domains.
+
+### Windows 10 Home
+
+1.  Clinic site is not accessible from Microsoft Edge browser.
+2.  `locaNats` often does not start on the first try. When `docker-compose up` is called once again it finally works. The issue needs to be investigated.
+3.  `localDiscovery` often does not start on the first try due to `postgres` not being online yet. Waiting script needs to be implemented.
+4.  `localPrometheus` container is forced to run as root as on default it's run as user `nobody` and cannot access data volume.
+5.  `localPrometheus` expression browser is not easily accessible at the moment.
diff --git a/docs/windowsClinic/Dockerfile.traefik b/docs/windowsClinic/Dockerfile.traefik
new file mode 100755
index 00000000..a190f395
--- /dev/null
+++ b/docs/windowsClinic/Dockerfile.traefik
@@ -0,0 +1,4 @@
+FROM traefik:1.4-alpine
+
+ADD ../../bin/tls/certs /usr/local/share/ca-certificates/
+RUN update-ca-certificates
diff --git a/docs/windowsClinic/frontendConfig.json b/docs/windowsClinic/frontendConfig.json
new file mode 100755
index 00000000..09f0d604
--- /dev/null
+++ b/docs/windowsClinic/frontendConfig.json
@@ -0,0 +1,12 @@
+{
+    "locale": "en",
+    "baseUrl": "https://iryo.local",
+    "apiUrl": "https://iryo.local/api/v1",
+    "clinicId": "c14b34ce-c855-40e6-99fd-87c360546714",
+    "locationId": "499d7014-7318-4b8d-8388-092a7d81fcee",
+    "babyMaxAge": 1,
+    "childMaxAge": 7,
+    "waitlistId": "22afd921-0630-49f4-89a8-d1ad7639ee83",
+    "advancedRoleIDs": ["338fae76-9859-4803-8441-c5c441319cfd", "d91ff466-125b-4250-9dde-bbc282489430", "3720198b-74ed-40de-a45e-8756f22e67d2"],
+    “readOnlyKeys”: [“readOnlyKeys”, “baseUrl”, “apiUrl”, “clinicId”, “locationId”, “babyMaxAge”, “childMaxAge”]
+}
diff --git a/docs/windowsClinic/generateAndImportCerts.ps1 b/docs/windowsClinic/generateAndImportCerts.ps1
new file mode 100755
index 00000000..65ac2328
--- /dev/null
+++ b/docs/windowsClinic/generateAndImportCerts.ps1
@@ -0,0 +1,49 @@
+Write-Output "Generating certificate for local CA..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl /bin/bash createCert.sh
+
+Write-Output "Generating certificate for localMinio..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh server localMinio
+
+Write-Output "Generating certificate for localNats..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh server localNats
+
+Write-Output "Generating certificate for localStatusReporter..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh server localStatusReporter
+
+Write-Output "Generating certificate for postgres..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh server postgres
+
+Write-Output "Generating certificate for localAuth..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh peer localAuth
+
+Write-Output "Generating certificate for traefik..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh peer traefik
+
+Write-Output "Generating certificate for localStorage..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh peer localStorage
+
+Write-Output "Generating certificate for waitlist..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh peer waitlist
+
+Write-Output "Generating certificate for storageSync..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh peer storageSync
+
+Write-Output "Generating certificate for localDiscovery..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh peer localDiscovery
+
+Write-Output "Generating certificate for localAuthSync..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh client localAuthSync
+
+Write-Output "Generating certificate for localNatsStreaming..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh peer localNatsStreaming
+
+Write-Output "Generating certificate for localPrometheus..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh peer localPrometheus
+
+Write-Output "Generating certificate for batchStorageSync..."
+docker run --rm -it -v ${env:IRYO_WWM_DIR}/bin/tls:/certs --entrypoint='' -w /certs cfssl/cfssl  /bin/bash createProfileCert.sh peer batchStorageSync
+
+md ${env:IRYO_WWM_DIR}/bin/tls/certs/ -Force
+cp ${env:IRYO_WWM_DIR}/bin/tls/*.pem ${env:IRYO_WWM_DIR}/bin/tls/certs/
+
+Import-Certificate -Filepath ${env:IRYO_WWM_DIR}/bin/tls/ca.pem -CertStoreLocation cert:\CurrentUser\Root
diff --git a/docs/windowsClinic/home/.env b/docs/windowsClinic/home/.env
new file mode 100644
index 00000000..6df870c4
--- /dev/null
+++ b/docs/windowsClinic/home/.env
@@ -0,0 +1,25 @@
+COMPOSE_CONVERT_WINDOWS_PATHS=1
+IRYO_WWM_DIR=/iryo
+IRYO_TAG=v0.4.2
+CLINIC_ID=c14b34ce-c855-40e6-99fd-87c360546714
+LOCATION_ID=499d7014-7318-4b8d-8388-092a7d81fcee
+CLOUD_AUTH_HOST=cloud.stg.iryo.io/api/v1
+CLOUD_STORAGE_HOST=cloud.stg.iryo.io/api/v1
+SYMMETRIC_REGISTRATION_URL=https://cloudsymmetric.stg.iryo.io/sync/cloud-f7e41e48-ec79-4c78-9db6-37c0c4f78326
+LOCAL_POSTGRES_USER=root
+LOCAL_POSTGRES_PASSWORD=root
+LOCAL_DISCOVERY_DB_USERNAME=localdiscovery
+LOCAL_DISCOVERY_DB_PASSWORD=localdiscovery
+LOCAL_SYMMETRIC_DB_USERNAME=localsymmetric
+LOCAL_SYMMETRIC_DB_PASSWORD=symmetric
+WAITLIST_ENCRYPTION_KEY=6fgt+cQUwUHbhzEalXkFv3ESMNMti1mdJxP6hFVjZGQ=
+LOCAL_STORAGE_ENCRYPTION_KEY=6fgt+cQUwUHbhzEalXkFv3ESMNMti1mdJxP6hFVjZGQ=
+LOCAL_STORAGE_S3_SECRET=localminio
+LOCAL_NATS_SECRET=secret
+LOCAL_MINIO_ACCESS_KEY=local
+LOCAL_MINIO_SECRET_KEY=localminio
+AUTH_STORAGE_ENCRYPTION_KEY=
+CLOUD_SYMMETRIC_BASIC_AUTH_ENABLED=true
+CLOUD_SYMMETRIC_BASIC_AUTH_USERNAME=
+CLOUD_SYMMETRIC_BASIC_AUTH_PASSWORD=
+AUTH_STORAGE_ENCRYPTION_KEY=
diff --git a/docs/windowsClinic/home/docker-compose.yml b/docs/windowsClinic/home/docker-compose.yml
new file mode 100755
index 00000000..3d5fef4e
--- /dev/null
+++ b/docs/windowsClinic/home/docker-compose.yml
@@ -0,0 +1,227 @@
+version: "3"
+services:
+  traefik:
+    build:
+      context: .
+      dockerfile: Dockerfile.traefik
+    image: traefik:1.4-alpine
+    command:
+    - --configfile=/etc/traefik.toml
+    - --debug
+    volumes:
+    - ${IRYO_WWM_DIR}/docs/windowsClinic/traefik.toml:/etc/traefik.toml
+    - ${IRYO_WWM_DIR}/bin/tls:/certs
+    - /var/run/docker.sock:/var/run/docker.sock
+    ports:
+    - 80:80
+    - 443:443
+    - 8080:8080
+
+  localFrontend:
+    image: iryo/localfrontend:${IRYO_TAG}
+    volumes:
+    - ${IRYO_WWM_DIR}/docs/windowsClinic/frontendConfig.json:${IRYO_WWM_DIR}/config.json:ro
+
+  localAuth:
+    image: iryo/localauth:${IRYO_TAG}
+    command:
+    - ./localAuth
+    volumes:
+    - /mnt/sda1/data/localAuth:/data
+    - ${IRYO_WWM_DIR}/bin/tls:/certs:ro
+    - ${IRYO_WWM_DIR}/bin/tls/ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - ${IRYO_WWM_DIR}/cmd/localAuth/serviceCertsAndPaths.yml:/serviceCertsAndPaths.yml:ro
+    environment:
+    - DOMAIN_TYPE=clinic
+    - DOMAIN_ID=${CLINIC_ID}
+    - KEY_PATH=/certs/localAuth-key.pem
+    - CERT_PATH=/certs/localAuth.pem
+    - AUTH_SYNC_KEY_PATH=/certs/localAuthSync-key.pem
+    - AUTH_SYNC_CERT_PATH=/certs/localAuthSync.pem
+    - STORAGE_ENCRYPTION_KEY=${AUTH_STORAGE_ENCRYPTION_KEY}
+    - CLOUD_AUTH_HOST=${CLOUD_AUTH_HOST}
+    - BOLT_DB_FILEPATH=/data/auth.db
+
+  localStorage:
+    image: iryo/localstorage:${IRYO_TAG}
+    command:
+    - ./localStorage
+    volumes:
+    - ${IRYO_WWM_DIR}/bin/tls:/certs:ro
+    - ${IRYO_WWM_DIR}/bin/tls/ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    environment:
+    - DOMAIN_TYPE=clinic
+    - DOMAIN_ID=${CLINIC_ID}
+    - KEY_PATH=/certs/localStorage-key.pem
+    - CERT_PATH=/certs/localStorage.pem
+    - S3_SECRET=${LOCAL_STORAGE_S3_SECRET}
+    - STORAGE_ENCRYPTION_KEY=${STORAGE_ENCRYPTION_KEY}
+    - NATS_SECRET=${LOCAL_NATS_SECRET}
+
+  localMinio:
+    image: minio/minio
+    command:
+    - server
+    - /data
+    environment:
+    - MINIO_ACCESS_KEY=${LOCAL_MINIO_ACCESS_KEY}
+    - MINIO_SECRET_KEY=${LOCAL_MINIO_SECRET_KEY}
+    ports:
+    - 9000:9000
+    volumes:
+    - ${IRYO_WWM_DIR}/bin/tls/localMinio-key.pem:/root/.minio/certs/private.key
+    - ${IRYO_WWM_DIR}/bin/tls/localMinio.pem:/root/.minio/certs/public.crt
+    - /mnt/sda1/data/localMinio:/data
+
+  localNats:
+    image: nats-streaming
+    ports:
+    - 4242:4242
+    - 8282:8282
+    command:
+    - --stan_config=/etc/nats/config.conf
+    volumes:
+    - ${IRYO_WWM_DIR}/services/localNats/config.conf:/etc/nats/config.conf:ro
+    - ${IRYO_WWM_DIR}/bin/tls:/certs:ro
+    - ${IRYO_WWM_DIR}/bin/tls/ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - /mnt/sda1/data/localNats:/data
+
+  storageSync:
+    image: iryo/storagesync:${IRYO_TAG}
+    command:
+    - ./storageSync
+    volumes:
+    - ${IRYO_WWM_DIR}/bin/tls:/certs:ro
+    - ${IRYO_WWM_DIR}/bin/tls/ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    environment:
+    - KEY_PATH=/certs/storageSync-key.pem
+    - CERT_PATH=/certs/storageSync.pem
+    - NATS_SECRET=${LOCAL_NATS_SECRET}
+    - CLOUD_STORAGE_HOST=${CLOUD_STORAGE_HOST}
+
+  localPrometheus:
+    image: prom/prometheus
+    command:
+    - --config.file=/etc/prometheus/config.yml
+    - --storage.tsdb.path=/data
+    user: root:root
+    volumes:
+    - ${IRYO_WWM_DIR}/services/localPrometheus/config.yml:/etc/prometheus/config.yml:ro
+    - ${IRYO_WWM_DIR}/services/localPrometheus/rules.yml:/etc/prometheus/rules.yml:ro
+    - ${IRYO_WWM_DIR}/bin/tls:/certs:ro
+    - ${IRYO_WWM_DIR}/bin/tls/ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - /mnt/sda1/data/localPrometheus:/data:rw
+
+  natsStreamingExporter:
+    image: registry.gitlab.com/civist/nats-streaming-exporter
+    command:
+    - /nats-streaming-exporter
+    - -nats-uri=http://localNats:8282/
+    ports:
+    - 9275:9275
+
+  batchStorageSync:
+    image: iryo/batchstoragesync:${IRYO_TAG}
+    command:
+    - ./batchStorageSync
+    volumes:
+    - ${IRYO_WWM_DIR}/bin/tls:/certs:ro
+    - ${IRYO_WWM_DIR}/bin/tls/ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - /mnt/sda1/data/batchStorageSync:/data
+    environment:
+    - KEY_PATH=/certs/batchStorageSync-key.pem
+    - CERT_PATH=/certs/batchStorageSync.pem
+    - BOLT_DB_FILEPATH=/batchStorageSync.db
+    - CLOUD_STORAGE_HOST=${CLOUD_STORAGE_HOST}
+
+  localPrometheusPushGateway:
+    image: prom/pushgateway
+
+  waitlist:
+    image: iryo/waitlist:${IRYO_TAG}
+    command:
+    - ./waitlist
+    volumes:
+    - ${IRYO_WWM_DIR}/bin/tls:/certs:ro
+    - ${IRYO_WWM_DIR}/bin/tls/ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - /mnt/sda1/data/waitlist:/data
+    environment:
+    - DOMAIN_TYPE=clinic
+    - DOMAIN_ID=${CLINIC_ID}
+    - KEY_PATH=/certs/waitlist-key.pem
+    - CERT_PATH=/certs/waitlist.pem
+    - STORAGE_ENCRYPTION_KEY=${WAITLIST_ENCRYPTION_KEY}
+    - BOLT_DB_FILEPATH=/data/waitlist.db
+
+  localStatusReporter:
+    image: iryo/localstatusreporter:${IRYO_TAG}
+    command:
+    - ./localStatusReporter
+    volumes:
+    - ${IRYO_WWM_DIR}/bin/tls:/certs:ro
+    - ${IRYO_WWM_DIR}/bin/tls/ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - ${IRYO_WWM_DIR}/docs/windowsClinic/statusReporterComponents.yml:/components.yml:ro
+    environment:
+    - DOMAIN_TYPE=clinic
+    - DOMAIN_ID=${CLINIC_ID}
+    - KEY_PATH=/certs/localStatusReporter-key.pem
+    - CERT_PATH=/certs/localStatusReporter.pem
+
+  postgres:
+    build:
+      context: ../../
+      dockerfile: services/postgres/Dockerfile
+    volumes:
+    - ${IRYO_WWM_DIR}/services/postgres:/docker-entrypoint-initdb.d
+    - ${IRYO_WWM_DIR}/bin/tls:/certs:ro
+    ports:
+    - 5432:5432
+    environment:
+    - POSTGRES_USER=${LOCAL_POSTGRES_USER}
+    - POSTGRES_PASSWORD=${LOCAL_POSTGRES_PASSWORD}
+
+  localDiscovery:
+    image: iryo/localdiscovery:${IRYO_TAG}
+    command:
+    - ./localDiscovery
+    volumes:
+    - /mnt/sda1/data/localDiscovery:/var/data
+    - ${IRYO_WWM_DIR}/bin/tls:/certs:ro
+    - ${IRYO_WWM_DIR}/bin/tls/ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    environment:
+    - DOMAIN_TYPE=clinic
+    - DOMAIN_ID=${CLINIC_ID}
+    - KEY_PATH=/certs/localDiscovery-key.pem
+    - CERT_PATH=/certs/localDiscovery.pem
+    - DB_USERNAME=${LOCAL_DISCOVERY_DB_USERNAME}
+    - DB_PASSWORD=${LOCAL_DISCOVERY_DB_PASSWORD}
+    depends_on:
+    - postgres
+
+  localSymmetric:
+    image: iryo/symmetric
+    command:
+    - bash
+    - /opt/symmetric/local/local.sh
+    volumes:
+    - ${IRYO_WWM_DIR}/services/symmetric/engines:/opt/symmetric/enginesTemplates:ro
+    - ${IRYO_WWM_DIR}/services/symmetric/samples:/opt/symmetric/samples:ro
+    - ${IRYO_WWM_DIR}/services/symmetric/bin:/opt/symmetric/local:ro
+    environment:
+    - LOCATION_ID=${LOCATION_ID}
+    - DB_URL=jdbc:postgresql://postgres/localdiscovery
+    - DB_USERNAME=${LOCAL_SYMMETRIC_DB_USERNAME}
+    - DB_PASSWORD=${LOCAL_SYMMETRIC_DB_PASSWORD}
+    - REGISTRATION_URL=${SYMMETRIC_REGISTRATION_URL}
+    - CLOUD_SYMMETRIC_BASIC_AUTH_ENABLED=${CLOUD_SYMMETRIC_BASIC_AUTH_ENABLED}
+    - CLOUD_SYMMETRIC_BASIC_AUTH_USERNAME=${CLOUD_SYMMETRIC_BASIC_AUTH_USERNAME}
+    - CLOUD_SYMMETRIC_BASIC_AUTH_PASSWORD=${CLOUD_SYMMETRIC_BASIC_AUTH_PASSWORD}
+    depends_on:
+    - postgres
+
+  avahi:
+    image: iryo/avahi
+    network_mode: host
+    environment:
+    - AVAHI_HOST=iryo
+    - AVAHI_DOMAIN=local
diff --git a/docs/windowsClinic/pro/.env b/docs/windowsClinic/pro/.env
new file mode 100644
index 00000000..a62dee45
--- /dev/null
+++ b/docs/windowsClinic/pro/.env
@@ -0,0 +1,24 @@
+COMPOSE_CONVERT_WINDOWS_PATHS=1
+IRYO_WWM_DIR=C:\iryo\wwm
+IRYO_TAG=v0.4.2
+CLINIC_ID=c14b34ce-c855-40e6-99fd-87c360546714
+LOCATION_ID=499d7014-7318-4b8d-8388-092a7d81fcee
+CLOUD_AUTH_HOST=cloud.stg.iryo.io/api/v1
+CLOUD_STORAGE_HOST=cloud.stg.iryo.io/api/v1
+SYMMETRIC_REGISTRATION_URL=https://cloudsymmetric.stg.iryo.io/sync/cloud-f7e41e48-ec79-4c78-9db6-37c0c4f78326
+LOCAL_POSTGRES_USER=root
+LOCAL_POSTGRES_PASSWORD=root
+LOCAL_DISCOVERY_DB_USERNAME=localdiscovery
+LOCAL_DISCOVERY_DB_PASSWORD=localdiscovery
+LOCAL_SYMMETRIC_DB_USERNAME=localsymmetric
+LOCAL_SYMMETRIC_DB_PASSWORD=symmetric
+WAITLIST_ENCRYPTION_KEY=6fgt+cQUwUHbhzEalXkFv3ESMNMti1mdJxP6hFVjZGQ=
+LOCAL_STORAGE_ENCRYPTION_KEY=6fgt+cQUwUHbhzEalXkFv3ESMNMti1mdJxP6hFVjZGQ=
+LOCAL_STORAGE_S3_SECRET=localminio
+LOCAL_NATS_SECRET=secret
+LOCAL_MINIO_ACCESS_KEY=local
+LOCAL_MINIO_SECRET_KEY=localminio
+CLOUD_SYMMETRIC_BASIC_AUTH_ENABLED=true
+CLOUD_SYMMETRIC_BASIC_AUTH_USERNAME=
+CLOUD_SYMMETRIC_BASIC_AUTH_PASSWORD=
+AUTH_STORAGE_ENCRYPTION_KEY=
diff --git a/docs/windowsClinic/pro/docker-compose.yml b/docs/windowsClinic/pro/docker-compose.yml
new file mode 100755
index 00000000..c59d10ca
--- /dev/null
+++ b/docs/windowsClinic/pro/docker-compose.yml
@@ -0,0 +1,227 @@
+version: "3.6"
+services:
+  traefik:
+    build:
+      context: ..\
+      dockerfile: Dockerfile.traefik
+    image: traefik:1.4-alpine
+    command:
+    - --configfile=/etc/traefik.toml
+    - --debug
+    volumes:
+    - ${IRYO_WWM_DIR}\docs\windowsClinic\traefik.toml:/etc/traefik.toml
+    - ${IRYO_WWM_DIR}\bin\tls:/certs
+    - /var/run/docker.sock:/var/run/docker.sock
+    ports:
+    - 80:80
+    - 443:443
+    - 8080:8080
+
+  localFrontend:
+    image: iryo/localfrontend:${IRYO_TAG}
+    volumes:
+    - ${IRYO_WWM_DIR}\docs\windowsClinic\frontendConfig.json:/iryo/config.json:ro
+
+  localAuth:
+    image: iryo/localauth:${IRYO_TAG}
+    command:
+    - ./localAuth
+    volumes:
+    - ${IRYO_WWM_DIR}\.data\localAuth:/data
+    - ${IRYO_WWM_DIR}\bin\tls:/certs:ro
+    - ${IRYO_WWM_DIR}\bin/tls\ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - ${IRYO_WWM_DIR}\cmd\localAuth\serviceCertsAndPaths.yml:/serviceCertsAndPaths.yml:ro
+    environment:
+    - DOMAIN_TYPE=clinic
+    - DOMAIN_ID=${CLINIC_ID}
+    - KEY_PATH=/certs/localAuth-key.pem
+    - CERT_PATH=/certs/localAuth.pem
+    - AUTH_SYNC_KEY_PATH=/certs/localAuthSync-key.pem
+    - AUTH_SYNC_CERT_PATH=/certs/localAuthSync.pem
+    - STORAGE_ENCRYPTION_KEY=${AUTH_STORAGE_ENCRYPTION_KEY}
+    - CLOUD_AUTH_HOST=${CLOUD_AUTH_HOST}
+    - BOLT_DB_FILEPATH=/data/auth.db
+
+  localStorage:
+    image: iryo/localstorage:${IRYO_TAG}
+    command:
+    - ./localStorage
+    volumes:
+    - ${IRYO_WWM_DIR}\bin\tls:/certs:ro
+    - ${IRYO_WWM_DIR}\bin\tls\ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    environment:
+    - DOMAIN_TYPE=clinic
+    - DOMAIN_ID=${CLINIC_ID}
+    - KEY_PATH=/certs/localStorage-key.pem
+    - CERT_PATH=/certs/localStorage.pem
+    - S3_SECRET=${LOCAL_STORAGE_S3_SECRET}
+    - STORAGE_ENCRYPTION_KEY=${LOCAL_STORAGE_ENCRYPTION_KEY}
+    - NATS_SECRET=${LOCAL_NATS_SECRET}
+
+  localMinio:
+    image: minio/minio
+    command:
+    - server
+    - /data
+    environment:
+    - MINIO_ACCESS_KEY=${LOCAL_MINIO_ACCESS_KEY}
+    - MINIO_SECRET_KEY=${LOCAL_MINIO_SECRET_KEY}
+    ports:
+    - 9000:9000
+    volumes:
+    - ${IRYO_WWM_DIR}\bin/tls/localMinio-key.pem:/root/.minio/certs/private.key
+    - ${IRYO_WWM_DIR}\bin/tls/localMinio.pem:/root/.minio/certs/public.crt
+    - ${IRYO_WWM_DIR}\.data\localMinio:/data
+
+  localNats:
+    image: nats-streaming
+    ports:
+    - 4242:4242
+    - 8282:8282
+    command:
+    - --stan_config=/etc/nats/config.conf
+    volumes:
+    - ${IRYO_WWM_DIR}\services\localNats\config.conf:/etc/nats/config.conf:ro
+    - ${IRYO_WWM_DIR}\bin\tls:/certs:ro
+    - ${IRYO_WWM_DIR}\bin\tls\ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - ${IRYO_WWM_DIR}\.data\localNats:/data
+
+  storageSync:
+    image: iryo/storagesync:${IRYO_TAG}
+    command:
+    - ./storageSync
+    volumes:
+    - ${IRYO_WWM_DIR}\bin\tls:/certs:ro
+    - ${IRYO_WWM_DIR}\bin\tls\ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    environment:
+    - KEY_PATH=/certs/storageSync-key.pem
+    - CERT_PATH=/certs/storageSync.pem
+    - NATS_SECRET=${LOCAL_NATS_SECRET}
+    - CLOUD_STORAGE_HOST=${CLOUD_STORAGE_HOST}
+
+  localPrometheus:
+    image: prom/prometheus
+    command:
+    - --config.file=/etc/prometheus/config.yml
+    - --storage.tsdb.path=/data
+    user: root:root
+    volumes:
+    - ${IRYO_WWM_DIR}\services\localPrometheus\config.yml:/etc/prometheus/config.yml:ro
+    - ${IRYO_WWM_DIR}\services\localPrometheus\rules.yml:/etc/prometheus/rules.yml:ro
+    - ${IRYO_WWM_DIR}\bin\tls:/certs:ro
+    - ${IRYO_WWM_DIR}\bin\tls\ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - ${IRYO_WWM_DIR}\.data\localPrometheus:/data:rw
+
+  natsStreamingExporter:
+    image: registry.gitlab.com/civist/nats-streaming-exporter
+    command:
+    - /nats-streaming-exporter
+    - -nats-uri=http://localNats:8282/
+    ports:
+    - 9275:9275
+
+  batchStorageSync:
+    image: iryo/batchstoragesync:${IRYO_TAG}
+    command:
+    - ./batchStorageSync
+    volumes:
+    - ${IRYO_WWM_DIR}\bin\tls:/certs:ro
+    - ${IRYO_WWM_DIR}\bin\tls\ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - ${IRYO_WWM_DIR}\.data\batchStorageSync:/data
+    environment:
+    - KEY_PATH=/certs/batchStorageSync-key.pem
+    - CERT_PATH=/certs/batchStorageSync.pem
+    - BOLT_DB_FILEPATH=/batchStorageSync.db
+    - CLOUD_STORAGE_HOST=${CLOUD_STORAGE_HOST}
+
+  localPrometheusPushGateway:
+    image: prom/pushgateway
+
+  waitlist:
+    image: iryo/waitlist:${IRYO_TAG}
+    command:
+    - ./waitlist
+    volumes:
+    - ${IRYO_WWM_DIR}\bin\tls:/certs:ro
+    - ${IRYO_WWM_DIR}\bin\tls\ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - ${IRYO_WWM_DIR}\.data\waitlist:/data
+    environment:
+    - DOMAIN_TYPE=clinic
+    - DOMAIN_ID=${CLINIC_ID}
+    - KEY_PATH=/certs/waitlist-key.pem
+    - CERT_PATH=/certs/waitlist.pem
+    - STORAGE_ENCRYPTION_KEY=${WAITLIST_ENCRYPTION_KEY}
+    - BOLT_DB_FILEPATH=/data/waitlist.db
+
+  localStatusReporter:
+    image: iryo/localstatusreporter:${IRYO_TAG}
+    command:
+    - ./localStatusReporter
+    volumes:
+    - ${IRYO_WWM_DIR}\bin\tls:/certs:ro
+    - ${IRYO_WWM_DIR}\bin\tls\ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    - ${IRYO_WWM_DIR}\docs\windowsClinic\statusReporterComponents.yml:/components.yml:ro
+    environment:
+    - DOMAIN_TYPE=clinic
+    - DOMAIN_ID=${CLINIC_ID}
+    - KEY_PATH=/certs/localStatusReporter-key.pem
+    - CERT_PATH=/certs/localStatusReporter.pem
+
+  postgres:
+    build:
+      context: ../../../
+      dockerfile: services/postgres/Dockerfile
+    volumes:
+    - ${IRYO_WWM_DIR}\services\postgres:/docker-entrypoint-initdb.d
+    - ${IRYO_WWM_DIR}\bin\tls:/certs:ro
+    ports:
+    - 5432:5432
+    environment:
+    - POSTGRES_USER=${LOCAL_POSTGRES_USER}
+    - POSTGRES_PASSWORD=${LOCAL_POSTGRES_PASSWORD}
+
+  localDiscovery:
+    image: iryo/localdiscovery:${IRYO_TAG}
+    command:
+    - ./localDiscovery
+    volumes:
+    - ${IRYO_WWM_DIR}\.data\localDiscovery:/var/data
+    - ${IRYO_WWM_DIR}\bin\tls:/certs:ro
+    - ${IRYO_WWM_DIR}\bin\tls\ca.pem:/etc/ssl/certs/ca-iryo.pem:ro
+    environment:
+    - DOMAIN_TYPE=clinic
+    - DOMAIN_ID=${CLINIC_ID}
+    - KEY_PATH=/certs/localDiscovery-key.pem
+    - CERT_PATH=/certs/localDiscovery.pem
+    - DB_USERNAME=${LOCAL_DISCOVERY_DB_USERNAME}
+    - DB_PASSWORD=${LOCAL_DISCOVERY_DB_PASSWORD}
+    depends_on:
+    - postgres
+
+  localSymmetric:
+    image: iryo/symmetric
+    command:
+    - bash
+    - /opt/symmetric/local/local.sh
+    volumes:
+    - ${IRYO_WWM_DIR}\services\symmetric\engines:/opt/symmetric/enginesTemplates:ro
+    - ${IRYO_WWM_DIR}\services\symmetric\samples:/opt/symmetric/samples:ro
+    - ${IRYO_WWM_DIR}\services\symmetric\bin:/opt/symmetric/local:ro
+    environment:
+    - LOCATION_ID=${LOCATION_ID}
+    - DB_URL=jdbc:postgresql://postgres/localdiscovery
+    - DB_USER=${LOCAL_SYMMETRIC_DB_USERNAME}
+    - DB_PASSWORD=${LOCAL_SYMMETRIC_DB_PASSWORD}
+    - REGISTRATION_URL=${SYMMETRIC_REGISTRATION_URL}
+    - CLOUD_SYMMETRIC_BASIC_AUTH_ENABLED=${CLOUD_SYMMETRIC_BASIC_AUTH_ENABLED}
+    - CLOUD_SYMMETRIC_BASIC_AUTH_USERNAME=${CLOUD_SYMMETRIC_BASIC_AUTH_USERNAME}
+    - CLOUD_SYMMETRIC_BASIC_AUTH_PASSWORD=${CLOUD_SYMMETRIC_BASIC_AUTH_PASSWORD}
+    depends_on:
+    - postgres
+
+  avahi:
+    image: iryo/avahi
+    network_mode: host
+    environment:
+    - AVAHI_HOST=iryo
+    - AVAHI_DOMAIN=local
diff --git a/docs/windowsClinic/statusReporterComponents.yml b/docs/windowsClinic/statusReporterComponents.yml
new file mode 100755
index 00000000..2608a843
--- /dev/null
+++ b/docs/windowsClinic/statusReporterComponents.yml
@@ -0,0 +1,24 @@
+Local:
+  storage:
+    urlType: Internal
+    url: https://localStorage:4433/status
+  auth:
+    urlType: Internal
+    url: https://localAuth:4433/status
+  discovery:
+    urlType: Internal
+    url: https://localDiscovery:4433/status
+  waitlist:
+    urlType: Internal
+    url: https://waitlist:4433/status
+Cloud:
+  cloud:
+    urlType: Internal
+    url: https://cloud.stg.iryo.io/api/v1/status
+External:
+  Lebanese National News Agency:
+    urlType: External
+    url: http://nna-leb.gov.lb
+  Google:
+    urlType: External
+    url: https://www.google.com
diff --git a/docs/windowsClinic/traefik.toml b/docs/windowsClinic/traefik.toml
new file mode 100755
index 00000000..2d970a32
--- /dev/null
+++ b/docs/windowsClinic/traefik.toml
@@ -0,0 +1,143 @@
+defaultEntryPoints = ["http","https"]
+RootCAs = [ "/certs/ca.pem" ]
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+    [entryPoints.http.redirect]
+      entryPoint = "https"
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+      [[entryPoints.https.tls.certificates]]
+      CertFile = "/certs/traefik.pem"
+      KeyFile = "/certs/traefik-key.pem"
+
+[web]
+address = ":8080"
+
+[file]
+
+[backends]
+  [backends.localfrontend]
+    [backends.localfrontend.servers.server1]
+    url = "http://localFrontend"
+
+  [backends.localauth]
+    [backends.localauth.servers.server1]
+    url = "https://localAuth"
+
+  [backends.localauthMetrics]
+    [backends.localauthMetrics.servers.server1]
+    url = "http://localAuth:9090"
+
+  [backends.localauthStatus]
+    [backends.localauthStatus.servers.server1]
+    url = "http://localAuth:4433"
+
+  [backends.localstorage]
+    [backends.localstorage.servers.server1]
+    url = "https://localStorage"
+
+  [backends.localstorageMetrics]
+    [backends.localstorageMetrics.servers.server1]
+    url = "http://localStorage:9090"
+
+  [backends.localstorageStatus]
+    [backends.localstorageStatus.servers.server1]
+    url = "https://localStorage:4433"
+
+  [backends.waitlist]
+    [backends.waitlist.servers.server1]
+    url = "https://waitlist"
+
+  [backends.waitlistMetrics]
+    [backends.waitlistMetrics.servers.server1]
+    url = "https://waitlist:9090"
+
+  [backends.waitlistStatus]
+    [backends.waitlistStatus.servers.server1]
+    url = "https://waitlist:4433"
+
+  [backends.localMinio]
+    [backends.localMinio.servers.server1]
+    url = "https://localMinio:9000"
+
+  [backends.cloudstorage]
+    [backends.cloudstorage.servers.server1]
+    url = "https://cloudStorage"
+
+  [backends.localNats]
+    [backends.localNats.servers.server1]
+    url = "http://localNats:4242"
+
+  [backends.localNatsMonitor]
+    [backends.localNatsMonitor.servers.server1]
+    url = "http://localNats:8282"
+
+  [backends.localPrometheus]
+    [backends.localPrometheus.servers.server1]
+    url = "http://localPrometheus:9090"
+
+  [backends.natsStreamingMetricsExporter]
+    [backends.natsStreamingMetricsExporter.servers.server1]
+    url = "http://natsStreamingExporter:9275"
+
+  [backends.storagesyncMetrics]
+    [backends.storagesyncMetrics.servers.server1]
+    url = "http://storageSync:9090"
+
+  [backends.storagesyncStatus]
+    [backends.storagesyncStatus.servers.server1]
+    url = "http://storageSync:4433"
+
+  [backends.localPrometheusPushGateway]
+    [backends.localPrometheusPushGateway.servers.server1]
+    url = "http://localPrometheusPushGateway:9091"
+
+  [backends.localStatusReporter]
+    [backends.localStatusReporter.servers.server1]
+    url = "https://localStatusReporter"
+
+  [backends.localStatusReporterMetrics]
+    [backends.localStatusReporterMetrics.servers.server1]
+    url = "http://localStatusReporterMetrics:9090"
+
+  [backends.localdiscovery]
+    [backends.localdiscovery.servers.server1]
+    url = "https://localDiscovery"
+
+  [backends.localdiscoveryMetrics]
+    [backends.localdiscoveryMetrics.servers.server1]
+    url = "https://localDiscovery:9090"
+
+[frontends]
+  [frontends.localauth]
+  backend = "localauth"
+    [frontends.localauth.routes.route1]
+    rule = "Host:iryo.local;PathPrefixStrip:/api/v1/auth;AddPrefix:/auth"
+
+  [frontends.localstorage]
+  backend = "localstorage"
+    [frontends.localstorage.routes.route1]
+    rule = "Host:iryo.local;PathPrefixStrip:/api/v1/storage;AddPrefix:/storage"
+
+  [frontends.waitlist]
+  backend = "waitlist"
+    [frontends.waitlist.routes.route1]
+    rule = "Host:iryo.local;PathPrefixStrip:/api/v1/waitlist;AddPrefix:/waitlist"
+
+  [frontends.localStatus]
+  backend = "localStatusReporter"
+    [frontends.localStatus.routes.route1]
+    rule = "Host:iryo.local;PathPrefixStrip:/api/v1/status;AddPrefix:/status"
+
+  [frontends.localdiscovery]
+  backend = "localdiscovery"
+    [frontends.localdiscovery.routes.route1]
+    rule = "Host:iryo.local;PathPrefixStrip:/api/v1/discovery;AddPrefix:/discovery"
+
+  [frontends.localfrontend]
+  backend = "localfrontend"
+    [frontends.localfrontend.routes.route1]
+    rule = "Host:iryo.local"
diff --git a/services/avahi/Dockerfile b/services/avahi/Dockerfile
new file mode 100755
index 00000000..47697b54
--- /dev/null
+++ b/services/avahi/Dockerfile
@@ -0,0 +1,13 @@
+FROM alpine:3.8
+
+ARG AVAHI_VERSION=0.7
+ARG AVAHI_RELEASE=r1
+
+RUN env && apk add --no-cache \
+    avahi=$AVAHI_VERSION-$AVAHI_RELEASE \
+    avahi-tools=$AVAHI_VERSION-$AVAHI_RELEASE 
+
+ADD avahi-daemon.conf /etc/avahi/avahi-daemon.conf
+ADD entrypoint.sh /opt/entrypoint.sh
+
+ENTRYPOINT /opt/entrypoint.sh
diff --git a/services/avahi/avahi-daemon.conf b/services/avahi/avahi-daemon.conf
new file mode 100755
index 00000000..e4779607
--- /dev/null
+++ b/services/avahi/avahi-daemon.conf
@@ -0,0 +1,48 @@
+[server]
+host-name=iryo
+domain-name=local
+#browse-domains=0pointer.de, zeroconf.org
+use-ipv4=yes
+use-ipv6=yes
+#allow-interfaces=eth0
+#deny-interfaces=eth1
+#check-response-ttl=no
+#use-iff-running=no
+enable-dbus=no
+#disallow-other-stacks=no
+#allow-point-to-point=no
+#cache-entries-max=4096
+#clients-max=4096
+#objects-per-client-max=1024
+#entries-per-entry-group-max=32
+ratelimit-interval-usec=1000000
+ratelimit-burst=1000
+
+[wide-area]
+enable-wide-area=yes
+
+[publish]
+#disable-publishing=yes
+#disable-user-service-publishing=no
+#add-service-cookie=no
+#publish-addresses=yes
+#publish-hinfo=no
+#publish-workstation=no
+#publish-domain=yes
+#publish-dns-servers=192.168.50.1, 192.168.50.2
+#publish-resolv-conf-dns-servers=yes
+#publish-aaaa-on-ipv4=yes
+#publish-a-on-ipv6=no
+
+[reflector]
+#enable-reflector=no
+#reflect-ipv=no
+
+[rlimits]
+#rlimit-as=
+rlimit-core=0
+rlimit-data=4194304
+rlimit-fsize=0
+rlimit-nofile=768
+rlimit-stack=4194304
+rlimit-nproc=3
\ No newline at end of file
diff --git a/services/avahi/entrypoint.sh b/services/avahi/entrypoint.sh
new file mode 100755
index 00000000..3db8c760
--- /dev/null
+++ b/services/avahi/entrypoint.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+set -e
+
+# replace host variables
+AVAHI_HOST=${AVAHI_HOST:-"iryo"}
+AVAHI_DOMAIN=${AVAHI_DOMAIN:-"local"}
+sed -i -e "s/^host-name=.*/host-name=${AVAHI_HOST}/" /etc/avahi/avahi-daemon.conf
+sed -i -e "s/^domain-name=.*/domain-name=${AVAHI_DOMAIN}/" /etc/avahi/avahi-daemon.conf
+
+# remove junk from previous run
+rm -r /var/run/avahi-daemon
+
+avahi-daemon
diff --git a/services/postgres/Dockerfile b/services/postgres/Dockerfile
old mode 100644
new mode 100755
index 283d0f52..9a951a84
--- a/services/postgres/Dockerfile
+++ b/services/postgres/Dockerfile
@@ -1,5 +1,5 @@
 FROM postgres:10.1-alpine
 
-ADD ./bin/tls/ca.pem ./bin/tls/postgres.pem ./bin/tls/postgres-key.pem /certs/
-RUN chown -R postgres:postgres /certs && chmod 0600 /certs/*
-CMD ["postgres", "--ssl=true", "--ssl_ca_file=/certs/ca.pem", "--ssl_cert_file=/certs/postgres.pem", "--ssl_key_file=/certs/postgres-key.pem"]
+ADD ./bin/tls/ca.pem ./bin/tls/postgres.pem ./bin/tls/postgres-key.pem /ownCerts/
+RUN chown -R postgres:postgres /ownCerts && chmod 0600 /ownCerts/* && chown -R postgres:postgres /ownCerts/*
+CMD ["postgres", "--ssl=true", "--ssl_ca_file=/ownCerts/ca.pem", "--ssl_cert_file=/ownCerts/postgres.pem", "--ssl_key_file=/ownCerts/postgres-key.pem"]
diff --git a/services/symmetric/bin/local.sh b/services/symmetric/bin/local.sh
index e80b3e28..fb37f794 100755
--- a/services/symmetric/bin/local.sh
+++ b/services/symmetric/bin/local.sh
@@ -2,22 +2,31 @@
 
 SYM_DIR=/opt/symmetric
 
+# Fill-in values in engine file with environment variables
+cp /opt/symmetric/enginesTemplates/* /opt/symmetric/engines
+sed -i -e "s#^engine.name=local-<LOCATION_ID>#engine.name=local-${LOCATION_ID}#" /opt/symmetric/engines/local.properties
+sed -i -e "s#^external.id=<LOCATION_ID>#external.id=${LOCATION_ID}#" /opt/symmetric/engines/local.properties
+sed -i -e "s#^db.url=<DB_URL>#db.url=${DB_URL}#" /opt/symmetric/engines/local.properties
+sed -i -e "s#^db.user=<DB_USER>#db.user=${DB_USER}#" /opt/symmetric/engines/local.properties
+sed -i -e "s#^db.password=<DB_PASSWORD>#db.password=${DB_PASSWORD}#" /opt/symmetric/engines/local.properties
+sed -i -e "s#^registration.url=<REGISTRATION_URL>#registration.url=${REGISTRATION_URL}#" /opt/symmetric/engines/local.properties
+if [ "$CLOUD_SYMMETRIC_BASIC_AUTH_ENABLED" = true ] ; then
+    sed -i -e "s#^http.basic.auth.username=<CLOUD_SYMMETRIC_BASIC_AUTH_USERNAME>#http.basic.auth.username=${CLOUD_SYMMETRIC_BASIC_AUTH_USERNAME}#" /opt/symmetric/engines/local.properties
+    sed -i -e "s#^http.basic.auth.password=<CLOUD_SYMMETRIC_BASIC_AUTH_PASSWORD>#http.basic.auth.password=${CLOUD_SYMMETRIC_BASIC_AUTH_PASSWORD}#" /opt/symmetric/engines/local.properties
+else
+    sed -i -e "s#^http.basic.auth.username=<CLOUD_SYMMETRIC_BASIC_AUTH_USERNAME>##" /opt/symmetric/engines/local.properties
+    sed -i -e "s#^http.basic.auth.password=<CLOUD_SYMMETRIC_BASIC_AUTH_PASSWORD>##" /opt/symmetric/engines/local.properties
+fi
+
 # Create symmetric tables
 # (We need to manually create them to be able to insert our own rules in
 # the next step even though symmetric would create them automatically on
 # first run)
-$SYM_DIR/bin/symadmin --engine local-2d04b22e-1cc3-46b4-96dd-2bee5bad9ffa \
+$SYM_DIR/bin/symadmin --engine local-${LOCATION_ID} \
     create-sym-tables
 
-# Register the local node on the cloud node
-$SYM_DIR/bin/symadmin open-registration \
-    --engine cloud-f7e41e48-ec79-4c78-9db6-37c0c4f78326 \
-    local 2d04b22e-1cc3-46b4-96dd-2bee5bad9ffa
-
-# Trigger the full reload of the local node
-$SYM_DIR/bin/symadmin reload-node \
-    --engine cloud-f7e41e48-ec79-4c78-9db6-37c0c4f78326 \
-    2d04b22e-1cc3-46b4-96dd-2bee5bad9ffa
+$SYM_DIR/bin/dbimport --engine local-${LOCATION_ID} \
+    $SYM_DIR/samples/clean.sql
 
 # Start the tool
-$SYM_DIR/bin/sym --engine local-2d04b22e-1cc3-46b4-96dd-2bee5bad9ffa
+$SYM_DIR/bin/sym --engine local-${LOCATION_ID}
diff --git a/services/symmetric/engines/local.properties b/services/symmetric/engines/local.properties
old mode 100644
new mode 100755
index 5d499c16..c7f048ce
--- a/services/symmetric/engines/local.properties
+++ b/services/symmetric/engines/local.properties
@@ -1,15 +1,18 @@
-engine.name=local-2d04b22e-1cc3-46b4-96dd-2bee5bad9ffa
+engine.name=local-<LOCATION_ID>
 db.driver=org.postgresql.Driver
-db.url=jdbc:postgresql://postgres/localdiscovery
-db.user=localsymmetric
-db.password=symmetric
+db.url=<DB_URL>
+db.user=<DB_USER>
+db.password=<DB_PASSWORD>
 db.init.sql=set role localdiscoveryservice
 
-registration.url=http://cloudSymmetric:31415/sync/cloud-f7e41e48-ec79-4c78-9db6-37c0c4f78326
+sync.url=
+registration.url=<REGISTRATION_URL>
+http.basic.auth.username=<CLOUD_SYMMETRIC_BASIC_AUTH_USERNAME>
+http.basic.auth.password=<CLOUD_SYMMETRIC_BASIC_AUTH_PASSWORD>
 
 # Do not change these for running the demo
 group.id=local
-external.id=2d04b22e-1cc3-46b4-96dd-2bee5bad9ffa
+external.id=<LOCATION_ID>
 
 # This is how often the routing job will be run in milliseconds
 job.routing.period.time.ms=5000
diff --git a/services/symmetric/samples/clean.sql b/services/symmetric/samples/clean.sql
new file mode 100755
index 00000000..b90476e4
--- /dev/null
+++ b/services/symmetric/samples/clean.sql
@@ -0,0 +1,10 @@
+delete from sym_trigger_router;
+delete from sym_trigger;
+delete from sym_router;
+delete from sym_channel where channel_id in ('discovery', 'codes');
+delete from sym_node_group_link;
+delete from sym_node_group;
+delete from sym_node_host;
+delete from sym_node_identity;
+delete from sym_node_security;
+delete from sym_node;
diff --git a/services/symmetric/samples/initial.sql b/services/symmetric/samples/initial.sql
old mode 100644
new mode 100755
index 520cbab9..dd9a9c60
--- a/services/symmetric/samples/initial.sql
+++ b/services/symmetric/samples/initial.sql
@@ -1,7 +1,7 @@
 delete from sym_trigger_router;
 delete from sym_trigger;
 delete from sym_router;
-delete from sym_channel where channel_id in ('discovery');
+delete from sym_channel where channel_id in ('discovery', 'codes');
 delete from sym_node_group_link;
 delete from sym_node_group;
 delete from sym_node_host;