diff --git a/ansible/group_vars/all/docker b/ansible/group_vars/all/docker
index 901590a..a373aca 100644
--- a/ansible/group_vars/all/docker
+++ b/ansible/group_vars/all/docker
@@ -3,3 +3,5 @@ docker_daemon_config:
     - 172.17.0.1
     - 192.168.1.5
   mtu: 1420
+  insecure-registries:
+    - 192.168.1.0/24
diff --git a/nomad-job/MQTT.nomad b/nomad-job/MQTT.nomad
index 23d7ce6..a409f12 100644
--- a/nomad-job/MQTT.nomad
+++ b/nomad-job/MQTT.nomad
@@ -35,7 +35,7 @@ job "MQTT" {
         ]
       }
       config {
-        image = "eclipse-mosquitto"
+        image = "docker.service.consul:5000/library/eclipse-mosquitto"
         ports = ["mosquittoWS", "mosquittoMQTT"]
         volumes = [
           "/mnt/diskstation/nomad/mosquitto:/mosquitto/data",
diff --git a/nomad-job/actualbudget.nomad b/nomad-job/actualbudget.nomad
index d9caddd..0cb95d8 100644
--- a/nomad-job/actualbudget.nomad
+++ b/nomad-job/actualbudget.nomad
@@ -43,7 +43,7 @@ job "actualbudget" {
         ]
       }
       config {
-        image = "ghcr.io/actualbudget/actual-server:latest"
+        image = "ghcr.service.consul:5000/actualbudget/actual-server:latest"
         ports = ["http"]
         volumes = [
           "/mnt/diskstation/nomad/actualbudget:/data"
diff --git a/nomad-job/alertmanager.nomad b/nomad-job/alertmanager.nomad
index 1c54b14..0dc5499 100644
--- a/nomad-job/alertmanager.nomad
+++ b/nomad-job/alertmanager.nomad
@@ -45,7 +45,7 @@ job "alertmanager" {
       }
 
       config {
-        image = "prom/alertmanager"
+        image = "docker.service.consul:5000/prom/alertmanager"
         args= ["--log.level=debug", "--config.file=/etc/alertmanager/alertmanager.yml"]
         ports = ["http"]
         volumes = [
diff --git a/nomad-job/backup-consul.nomad b/nomad-job/backup-consul.nomad
index d26ad86..e16c934 100644
--- a/nomad-job/backup-consul.nomad
+++ b/nomad-job/backup-consul.nomad
@@ -26,7 +26,7 @@ job "backup-consul" {
     task "consul-backup" {
       driver = "docker"
       config {
-        image = "ducampsv/docker-consul-backup:latest"
+        image = "docker.service.consul:5000/ducampsv/docker-consul-backup:latest"
         volumes = [
           "/mnt/diskstation/nomad/backup/consul:/backup"
         ]
diff --git a/nomad-job/backup-postgress.nomad b/nomad-job/backup-postgress.nomad
index e3bc2f7..2c02424 100644
--- a/nomad-job/backup-postgress.nomad
+++ b/nomad-job/backup-postgress.nomad
@@ -32,7 +32,7 @@ job "backup-postgress" {
         name = "backup-postgress"
       }
       config {
-        image = "ducampsv/docker-backup-postgres:latest"
+        image = "docker.service.consul:5000/ducampsv/docker-backup-postgres:latest"
         volumes = [
           "/mnt/diskstation/nomad/backup/postgres:/backup"
         ]
diff --git a/nomad-job/backup-vault.nomad b/nomad-job/backup-vault.nomad
index 4e47764..7e71cb6 100644
--- a/nomad-job/backup-vault.nomad
+++ b/nomad-job/backup-vault.nomad
@@ -29,7 +29,7 @@ job "backup-vault" {
     task "backup-vault" {
       driver = "docker"
       config {
-        image = "ducampsv/docker-vault-backup:latest"
+        image = "docker.service.consul:5000/ducampsv/docker-vault-backup:latest"
         volumes = [
           "/mnt/diskstation/nomad/backup/vault:/backup"
         ]
diff --git a/nomad-job/batch-rutorrent.nomad b/nomad-job/batch-rutorrent.nomad
index 8a89d7a..f5a2c6a 100644
--- a/nomad-job/batch-rutorrent.nomad
+++ b/nomad-job/batch-rutorrent.nomad
@@ -13,7 +13,7 @@ job "batch-rutorrent" {
     task "cleanForwardFolder" {
       driver= "docker"
       config {
-        image = "alpine"
+        image = "docker.service.consul:5000/library/alpine"
         volumes = [
           "/mnt/hetzner/storagebox/file/forward:/file"
         ]
diff --git a/nomad-job/batch-seedboxsync.nomad b/nomad-job/batch-seedboxsync.nomad
index 1a758a7..f6c0753 100644
--- a/nomad-job/batch-seedboxsync.nomad
+++ b/nomad-job/batch-seedboxsync.nomad
@@ -32,7 +32,7 @@ job "batch-seedboxsync" {
         name = "seedboxsync"
       }
       config {
-        image = "ducampsv/rsync:latest"
+        image = "docker.service.consul:5000/ducampsv/rsync:latest"
         volumes = [
           "/mnt/diskstation/download:/media",
           "local/id_rsa:/home/rsyncuser/.ssh/id_rsa"
diff --git a/nomad-job/borgmatic.nomad b/nomad-job/borgmatic.nomad
index c30e104..e9fcdeb 100644
--- a/nomad-job/borgmatic.nomad
+++ b/nomad-job/borgmatic.nomad
@@ -20,7 +20,7 @@ job "borgmatic" {
     task "borgmatic" {
       driver = "docker"
       config {
-        image = "ghcr.io/borgmatic-collective/borgmatic"
+        image = "ghcr.service.consul:5000/borgmatic-collective/borgmatic"
         volumes = [
           "/exports:/exports",
           "local/borgmatic.d:/etc/borgmatic.d",
diff --git a/nomad-job/chainetv.nomad b/nomad-job/chainetv.nomad
index 5b4057c..1f63443 100644
--- a/nomad-job/chainetv.nomad
+++ b/nomad-job/chainetv.nomad
@@ -39,7 +39,7 @@ job "chainetv" {
         ]
       }
       config {
-        image = "ducampsv/chainetv:latest"
+        image = "docker.service.consul:5000/ducampsv/chainetv:latest"
         ports = ["http"]
       }
       resources {
diff --git a/nomad-job/crowdsec-agent.nomad b/nomad-job/crowdsec-agent.nomad
index a4353dc..e777cc6 100644
--- a/nomad-job/crowdsec-agent.nomad
+++ b/nomad-job/crowdsec-agent.nomad
@@ -27,7 +27,7 @@ job "crowdsec-agent" {
       }
       driver = "docker"
       config {
-        image = "crowdsecurity/crowdsec"
+        image = "docker.service.consul:5000/crowdsecurity/crowdsec"
         ports = ["metric"]
         volumes = [
           "/var/run/docker.sock:/var/run/docker.sock",
diff --git a/nomad-job/crowdsec-api.nomad b/nomad-job/crowdsec-api.nomad
index 56921fa..97efb7e 100644
--- a/nomad-job/crowdsec-api.nomad
+++ b/nomad-job/crowdsec-api.nomad
@@ -41,7 +41,7 @@ job "crowdsec-api" {
         ]
       }
       config {
-        image = "crowdsecurity/crowdsec"
+        image = "docker.service.consul:5000/crowdsecurity/crowdsec"
         ports = ["http", "metric"]
         volumes = [
           "/mnt/diskstation/nomad/crowdsec/db:/var/lib/crowdsec/data",
diff --git a/nomad-job/dashboard.nomad b/nomad-job/dashboard.nomad
index af6de93..d2c33ef 100644
--- a/nomad-job/dashboard.nomad
+++ b/nomad-job/dashboard.nomad
@@ -33,7 +33,7 @@ job "dashboard" {
         ]
       }
       config {
-        image = "b4bz/homer"
+        image = "docker.service.consul:5000/b4bz/homer"
         ports = ["http"]
         volumes = [
           "/mnt/diskstation/nomad/homer:/www/assets"
diff --git a/nomad-job/dockermailserver.nomad b/nomad-job/dockermailserver.nomad
index 02be84d..751ff7f 100644
--- a/nomad-job/dockermailserver.nomad
+++ b/nomad-job/dockermailserver.nomad
@@ -119,7 +119,7 @@ job "dockermailserver" {
     task "docker-mailserver" {
       driver = "docker"
       config {
-        image = "ghcr.io/docker-mailserver/docker-mailserver:latest"
+        image = "ghcr.service.consul:5000/docker-mailserver/docker-mailserver:latest"
         ports = ["smtp", "esmtp", "imap","rspamd"]
         volumes = [
           "/mnt/diskstation/nomad/dms/mail-data:/var/mail",
diff --git a/nomad-job/drone-runner.nomad b/nomad-job/drone-runner.nomad
index bbf58dd..506f6e2 100644
--- a/nomad-job/drone-runner.nomad
+++ b/nomad-job/drone-runner.nomad
@@ -16,7 +16,7 @@ job "drone-runner" {
     task "drone-runner" {
       driver = "docker"
       config {
-        image = "drone/drone-runner-docker:latest"
+        image = "docker.service.consul:5000/drone/drone-runner-docker:latest"
         volumes = [
           "/var/run/docker.sock:/var/run/docker.sock",
         ]
diff --git a/nomad-job/drone.nomad b/nomad-job/drone.nomad
index 9fa31bd..c47d815 100644
--- a/nomad-job/drone.nomad
+++ b/nomad-job/drone.nomad
@@ -45,7 +45,7 @@ job "drone" {
         ]
       }
       config {
-        image = "drone/drone:latest"
+        image = "docker.service.consul:5000/drone/drone:latest"
         ports = [
           "http"
         ]
diff --git a/nomad-job/filestash.nomad b/nomad-job/filestash.nomad
index 59358cd..dca4893 100644
--- a/nomad-job/filestash.nomad
+++ b/nomad-job/filestash.nomad
@@ -48,7 +48,7 @@ job "filestash" {
         ]
       }
       config {
-        image = "machines/filestash"
+        image = "docker.service.consul:5000/machines/filestash"
         ports = ["http"]
         volumes = [
           "/mnt/diskstation/nomad/filestash:/app/data/state"
diff --git a/nomad-job/ghostfolio.nomad b/nomad-job/ghostfolio.nomad
index e37118e..c183660 100644
--- a/nomad-job/ghostfolio.nomad
+++ b/nomad-job/ghostfolio.nomad
@@ -27,7 +27,7 @@ job "ghostfolio" {
     task "redis" {
         driver = "docker"
         config {
-            image = "redis"
+            image = "docker.service.consul:5000/library/redis"
             ports = ["redis"]
         }
         resources {
@@ -51,7 +51,7 @@ job "ghostfolio" {
         ]
       }
       config {
-        image = "ghostfolio/ghostfolio:latest"
+        image = "docker.service.consul:5000/ghostfolio/ghostfolio:latest"
         ports = ["http"]
         volumes = [
         ]
diff --git a/nomad-job/gitea.nomad b/nomad-job/gitea.nomad
index fb2e82c..d02cec2 100644
--- a/nomad-job/gitea.nomad
+++ b/nomad-job/gitea.nomad
@@ -59,7 +59,7 @@ job "git" {
         ]
       }
       config {
-        image = "gitea/gitea:latest"
+        image = "docker.service.consul:5000/gitea/gitea:latest"
         ports = [
           "http",
           "ssh"
diff --git a/nomad-job/grafana.nomad b/nomad-job/grafana.nomad
index 73915b6..3929658 100644
--- a/nomad-job/grafana.nomad
+++ b/nomad-job/grafana.nomad
@@ -16,12 +16,6 @@ job "grafana" {
         to = 3000
       }
     }
-    volume "grafana" {
-      type = "csi"
-      source = "grafana"
-      access_mode = "multi-node-multi-writer"
-      attachment_mode = "file-system"
-    }
     service {
       name = "grafana"
       port = "http"
@@ -44,17 +38,13 @@ job "grafana" {
     }
 
     task "dashboard" {
-      volume_mount {
-        volume = "grafana"
-        destination = "/grafana"
-      }
       driver = "docker"
       config {
-        image = "grafana/grafana"
+        image = "docker.service.consul:5000/grafana/grafana"
         ports = ["http"]
         volumes = [
-          "grafana:/etc/grafana",
-          "grafana:/var/lib/grafana"
+          "/mnt/diskstation/nomad/grafana/config:/etc/grafana",
+          "/mnt/diskstation/nomad/grafana/lib:/var/lib/grafana"
         ]
       }
       resources {
diff --git a/nomad-job/homeassistant.nomad b/nomad-job/homeassistant.nomad
index b5699d1..eaf36ab 100644
--- a/nomad-job/homeassistant.nomad
+++ b/nomad-job/homeassistant.nomad
@@ -57,7 +57,7 @@ job "homeassistant" {
         }
       }
       config {
-        image        = "homeassistant/home-assistant:stable"
+        image        = "docker.service.consul:5000/homeassistant/home-assistant:stable"
         ports        = ["http", "coap"]
         privileged   = "true"
         network_mode = "host"
diff --git a/nomad-job/jellyfin.nomad b/nomad-job/jellyfin.nomad
index ab183f1..c7d2601 100644
--- a/nomad-job/jellyfin.nomad
+++ b/nomad-job/jellyfin.nomad
@@ -43,7 +43,7 @@ job "jellyfin" {
 
       }
       config {
-        image = "ghcr.io/jellyfin/jellyfin-vue:unstable"
+        image = "ghcr.service.consul:5000/jellyfin/jellyfin-vue:unstable"
         ports = ["http"]
       }
       env {
@@ -88,7 +88,7 @@ job "jellyfin" {
         ]
       }
       config {
-        image = "jellyfin/jellyfin"
+        image = "docker.service.consul:5000/jellyfin/jellyfin"
         ports = ["http"]
         volumes = [
           "/mnt/diskstation/nomad/jellyfin/config:/config",
diff --git a/nomad-job/lldap.nomad b/nomad-job/lldap.nomad
index eb66cc3..7b9429b 100644
--- a/nomad-job/lldap.nomad
+++ b/nomad-job/lldap.nomad
@@ -41,7 +41,7 @@ job "lldap" {
     task "lldap" {
       driver = "docker"
       config {
-        image = "ducampsv/lldap:latest"
+        image = "docker.service.consul:5000/ducampsv/lldap:latest"
         ports = ["ldap","http"]
         volumes = [
           "/mnt/diskstation/nomad/lldap:/data"
diff --git a/nomad-job/loki.nomad b/nomad-job/loki.nomad
index 0cec304..67488b4 100644
--- a/nomad-job/loki.nomad
+++ b/nomad-job/loki.nomad
@@ -38,7 +38,7 @@ job "loki" {
         }
       }
       config {
-        image = "grafana/loki"
+        image = "docker.service.consul:5000/grafana/loki"
         ports = ["http"]
         args = [
           "-config.file",
diff --git a/nomad-job/node-exporter.nomad b/nomad-job/node-exporter.nomad
index 646af33..227325e 100644
--- a/nomad-job/node-exporter.nomad
+++ b/nomad-job/node-exporter.nomad
@@ -32,7 +32,7 @@ job "node-exporter" {
     task "node-exporter" {
       driver = "docker"
       config {
-        image = "prom/node-exporter"
+        image = "docker.service.consul:5000/prom/node-exporter"
         ports = ["http"]
         args = [
           "--web.listen-address=:${NOMAD_PORT_http}",
diff --git a/nomad-job/nut_exporter.nomad b/nomad-job/nut_exporter.nomad
index 2475f33..c53e712 100644
--- a/nomad-job/nut_exporter.nomad
+++ b/nomad-job/nut_exporter.nomad
@@ -29,7 +29,7 @@ job "nut_exporter" {
     task "nut_exporter" {
       driver = "docker"
       config {
-        image = "ghcr.io/druggeri/nut_exporter"
+        image = "ghcr.service.consul:5000/druggeri/nut_exporter"
         ports = ["http"]
       }
       env {
diff --git a/nomad-job/pacoloco.nomad b/nomad-job/pacoloco.nomad
index 84bca0e..d041b34 100644
--- a/nomad-job/pacoloco.nomad
+++ b/nomad-job/pacoloco.nomad
@@ -32,7 +32,7 @@ job "pacoloco" {
         ]
       }
       config {
-        image = "ducampsv/pacoloco"
+        image = "docker.service.consul:5000/ducampsv/pacoloco"
         ports = ["http"]
         volumes = [
           "/mnt/diskstation/nomad/pacoloco:/var/cache/pacoloco",
diff --git a/nomad-job/paperless-ng.nomad b/nomad-job/paperless-ng.nomad
index 11a157c..f0a59b6 100644
--- a/nomad-job/paperless-ng.nomad
+++ b/nomad-job/paperless-ng.nomad
@@ -33,7 +33,7 @@ job "paperless-ng" {
     task "redis" {
       driver = "docker"
       config {
-        image = "redis"
+        image = "docker.service.consul:5000/library/redis"
         ports = ["redis"]
       }
       resources {
@@ -67,7 +67,7 @@ job "paperless-ng" {
         }
       }
       config {
-        image = "ghcr.io/paperless-ngx/paperless-ngx"
+        image = "ghcr.service.consul:5000/paperless-ngx/paperless-ngx"
         ports = ["http"]
         volumes = [
           "/mnt/diskstation/nomad/paperless-ng/media:/usr/src/paperless/media",
diff --git a/nomad-job/pdns-auth.nomad b/nomad-job/pdns-auth.nomad
index 583fc67..2f721ff 100644
--- a/nomad-job/pdns-auth.nomad
+++ b/nomad-job/pdns-auth.nomad
@@ -39,7 +39,7 @@ job "pdns-auth" {
 
       }
       config {
-        image = "powerdns/pdns-auth-master:latest"        
+        image = "docker.service.consul:5000/powerdns/pdns-auth-master:latest"        
         network_mode = "host"
         privileged=true
         cap_add= ["net_bind_service"]
@@ -102,7 +102,7 @@ include-dir=/etc/powerdns/pdns.d
     }
     driver = "docker"
     config {
-     image = "powerdnsadmin/pda-legacy:latest"        
+     image = "docker.service.consul:5000/powerdnsadmin/pda-legacy:latest"        
      ports= ["pdnsadmin"]  
       volumes = [
         "/mnt/diskstation/nomad/pdns-admin/:/data/node_module/",
@@ -131,7 +131,7 @@ SQLALCHEMY_DATABASE_URI=postgresql://pdns-admin:{{ .Data.data.pdnsadmin }}@activ
 
     driver = "docker"
     config {
-     image = "powerdns/pdns-recursor-master:latest"        
+     image = "docker.service.consul:5000/powerdns/pdns-recursor-master:latest"        
     network_mode = "host"
       volumes = [
         "local/recursor.conf:/etc/powerdns/recursor.conf",
@@ -172,7 +172,7 @@ local-address=192.168.1.6
         EOH
       }
       config {
-        image        = "osixia/keepalived:2.0.20"
+        image        = "docker.service.consul:5000/osixia/keepalived:2.0.20"
         network_mode = "host"
         cap_add = [
           "NET_ADMIN",
diff --git a/nomad-job/pihole.nomad b/nomad-job/pihole.nomad
index 9497d5b..371763c 100644
--- a/nomad-job/pihole.nomad
+++ b/nomad-job/pihole.nomad
@@ -45,7 +45,7 @@ job "pihole" {
 
       }
       config {
-        image = "pihole/pihole:2023.10.0"
+        image = "docker.service.consul:5000/pihole/pihole:2023.10.0"
         network_mode = "host"
         volumes = [
           "local/dnsmasq.d/02-localresolver.conf:/etc/dnsmasq.d/02-localresolver.conf",
diff --git a/nomad-job/prometheus.nomad b/nomad-job/prometheus.nomad
index bc29755..4c62c9e 100644
--- a/nomad-job/prometheus.nomad
+++ b/nomad-job/prometheus.nomad
@@ -250,7 +250,7 @@ EOH
       driver = "docker"
 
       config {
-        image = "prom/prometheus:latest"
+        image = "docker.service.consul:5000/prom/prometheus:latest"
         args = [
           "--config.file=/etc/prometheus/prometheus.yml",
           "--storage.tsdb.path=/prometheus",
diff --git a/nomad-job/radicale.nomad b/nomad-job/radicale.nomad
index a77086e..1645518 100644
--- a/nomad-job/radicale.nomad
+++ b/nomad-job/radicale.nomad
@@ -44,7 +44,7 @@ job "radicale" {
         ]
       }
       config {
-        image = "tomsquest/docker-radicale"
+        image = "docker.service.consul:5000/tomsquest/docker-radicale"
         ports = ["http"]
         volumes = [
           "local/config:/config/config",
diff --git a/nomad-job/registry.nomad.hcl b/nomad-job/registry.nomad.hcl
new file mode 100644
index 0000000..6c041ef
--- /dev/null
+++ b/nomad-job/registry.nomad.hcl
@@ -0,0 +1,219 @@
+job "registry" {
+  datacenters = ["homelab"]
+  priority    = 100
+  type        = "service"
+  meta {
+    forcedeploy = "0"
+  }
+  constraint {
+    attribute = "${attr.cpu.arch}"
+    value     = "amd64"
+  }
+
+  group "registry" {
+    network {
+      mode = "host"
+      port "docker_registry" {
+        to = 5000
+      }
+      port "ghcr_registry" {
+        to = 5000
+      }
+      port "traefik" {
+        to     = 5000
+        static = 5000
+      }
+      port "redis" {
+        to = 6379
+      }
+      port "admin" {
+        to = 8080
+      }
+    }
+    volume "registry-docker" {
+      type            = "csi"
+      source          = "registry-docker"
+      access_mode     = "multi-node-multi-writer"
+      attachment_mode = "file-system"
+    }
+    volume "registry-ghcr" {
+      type            = "csi"
+      source          = "registry-ghcr"
+      access_mode     = "multi-node-multi-writer"
+      attachment_mode = "file-system"
+    }
+    service {
+      name = "docker"
+      port = "traefik"
+    }
+    service {
+      name = "ghcr"
+      port = "traefik"
+    }
+    task "docker-registry" {
+      driver = "docker"
+      config {
+        image = "registry:2"
+        ports = ["docker_registry"]
+        volumes = [
+          "local/dockerhub.yaml:/etc/docker/registry/config.yml"
+        ]
+
+      }
+      env {
+      }
+      volume_mount {
+        volume      = "registry-docker"
+        destination = "/var/lib/registry"
+      }
+      template {
+        data        = <<EOH
+http:
+  addr: :5000
+log:
+  fields:
+      service: registry
+proxy:
+    remoteurl: https://registry-1.docker.io
+redis:
+  addr:  {{env "NOMAD_ADDR_redis"}}
+  db: 0
+storage:
+  cache:
+    blobdescriptor: redis
+  filesystem:
+    rootdirectory: /var/lib/registry
+version: '0.1'
+
+          EOH
+        destination = "local/dockerhub.yaml"
+      }
+      resources {
+        memory = 150
+        max_memory = 300
+      }
+    }
+    task "docker-ghcr" {
+      driver = "docker"
+      config {
+        image = "registry:2"
+        ports = ["ghcr_registry"]
+        volumes = [
+          "local/ghcr.yaml:/etc/docker/registry/config.yml"
+        ]
+
+      }
+      env {
+      }
+      volume_mount {
+        volume      = "registry-ghcr"
+        destination = "/var/lib/registry"
+      }
+      template {
+        data        = <<EOH
+http:
+  addr: :5000
+log:
+  fields:
+      service: registry
+proxy:
+    remoteurl: https://ghcr.io
+redis:
+  addr: {{env "NOMAD_ADDR_redis"}}
+  db: 1
+storage:
+  cache:
+    blobdescriptor: redis
+  filesystem:
+    rootdirectory: /var/lib/registry
+version: '0.1'
+
+          EOH
+        destination = "local/ghcr.yaml"
+      }
+      resources {
+        memory = 150
+        max_memory = 300
+      }
+    }
+
+    task "redis" {
+      driver = "docker"
+      config {
+        command = "redis-server"
+        args = ["/usr/local/etc/redis/redis.conf"]
+        image = "redis"
+        ports = ["redis"]
+        volumes = [
+          "local/redis.conf:/usr/local/etc/redis/redis.conf"
+        ]
+      }
+      template {
+        data        = <<EOH
+databases 2
+
+          EOH
+        destination = "local/redis.conf"
+      }
+      resources {
+        memory = 25
+      }
+    }
+
+    task "traefik" {
+      driver = "docker"
+      config {
+        image = "traefik"
+        ports = ["traefik","admin"]
+        volumes = [
+          "local/traefik.toml:/etc/traefik/traefik.toml"
+        ]
+
+      }
+
+      template {
+        data        = <<EOH
+[accessLog]
+[api]
+  dashboard = true
+  insecure = true
+[entryPoints]
+  [entryPoints.docker]
+    address = ":5000"
+[http]
+  [http.routers]
+    [http.routers.dockerhub]
+      entryPoints = ["docker"]
+      rule = "Host(`docker.service.consul`)"
+      service = "dockerhub"
+      [http.routers.dockerhub.tls]
+
+    [http.routers.ghcr]
+      entryPoints = ["docker"]
+      rule ="host(`ghcr.service.consul`)"
+      service  = "ghcr"
+      [http.routers.ghcr.tls]
+  [http.services]
+    [http.services.dockerhub]
+      [[http.services.dockerhub.loadbalancer.servers]]
+        url = "http://{{env "NOMAD_ADDR_docker_registry" }}"
+    [http.services.ghcr]
+      [[http.services.ghcr.loadbalancer.servers]]
+        url = "http://{{ env "NOMAD_ADDR_ghcr_registry" }}"
+[providers]
+[providers.file]
+    filename= "/etc/traefik/traefik.toml"
+
+[log]
+  level = "DEBUG"
+          EOH
+        destination = "local/traefik.toml"
+      }
+      resources {
+        memory = 75
+      }
+    }
+
+  }
+
+}
diff --git a/nomad-job/rutorrent.nomad b/nomad-job/rutorrent.nomad
index 0e595df..3b02e39 100644
--- a/nomad-job/rutorrent.nomad
+++ b/nomad-job/rutorrent.nomad
@@ -57,7 +57,7 @@ job "torrent" {
       user = "root"
       config {
         
-        image = "docker.io/crazymax/rtorrent-rutorrent:edge"
+        image = "docker.service.consul:5000/crazymax/rtorrent-rutorrent:edge"
         privileged = "true"
         ports = [
           "http",
diff --git a/nomad-job/supysonic.nomad b/nomad-job/supysonic.nomad
index e8e313e..77707dc 100644
--- a/nomad-job/supysonic.nomad
+++ b/nomad-job/supysonic.nomad
@@ -53,7 +53,7 @@ job "supysonic" {
     task "supysonic-frontend" {
       driver = "docker"
       config {
-        image = "nginx:alpine"
+        image = "docker.service.consul:5000/library/nginx:alpine"
         ports = [
           "http"
         ]
@@ -96,7 +96,7 @@ http {
     task "supysonic-server" {
       driver = "docker"
       config {
-        image      = "ducampsv/supysonic:latest"
+        image      = "docker.service.consul:5000/ducampsv/supysonic:latest"
         ports      = ["fcgi"]
         force_pull = true
         volumes = [
diff --git a/nomad-job/syncthing.nomad b/nomad-job/syncthing.nomad
index 40d15e3..fccac87 100644
--- a/nomad-job/syncthing.nomad
+++ b/nomad-job/syncthing.nomad
@@ -44,7 +44,7 @@ job "syncthing" {
         ]
       }
       config {
-        image = "linuxserver/syncthing"
+        image = "docker.service.consul:5000/linuxserver/syncthing"
         ports = ["http"]
         volumes = [
           "/mnt/diskstation/nomad/syncthing/config:/config",
diff --git a/nomad-job/traefik-ingress.nomad b/nomad-job/traefik-ingress.nomad
index 10d15fc..8300efd 100644
--- a/nomad-job/traefik-ingress.nomad
+++ b/nomad-job/traefik-ingress.nomad
@@ -67,7 +67,7 @@ job "traefik-ingress" {
       }
 
       config {
-        image = "traefik"
+        image = "docker.service.consul:5000/library/traefik"
         ports = [
           "http",
           "https",
diff --git a/nomad-job/traefik-local.nomad b/nomad-job/traefik-local.nomad
index 3cfa754..bb7d287 100644
--- a/nomad-job/traefik-local.nomad
+++ b/nomad-job/traefik-local.nomad
@@ -29,7 +29,7 @@ job "traefik-local" {
         static= 993
       }
       port "admin" {
-        static = 9080
+        static = 8080
       }
     }
     vault {
@@ -62,7 +62,7 @@ job "traefik-local" {
       }
 
       config {
-        image = "traefik"
+        image = "docker.service.consul:5000/library/traefik"
         ports = [
           "http",
           "https",
diff --git a/nomad-job/tt-rss.nomad b/nomad-job/tt-rss.nomad
index 54a1984..fe4a8fb 100644
--- a/nomad-job/tt-rss.nomad
+++ b/nomad-job/tt-rss.nomad
@@ -50,7 +50,7 @@ job "tt-rss" {
     task "ttrss-app" {
       driver = "docker"
       config {
-        image = "cthulhoo/ttrss-fpm-pgsql-static"
+        image = "docker.service.consul:5000/cthulhoo/ttrss-fpm-pgsql-static"
         ports = [
           "appPort"
         ]
@@ -83,7 +83,7 @@ job "tt-rss" {
     task "ttrss-updater" {
       driver = "docker"
       config {
-        image = "cthulhoo/ttrss-fpm-pgsql-static"
+        image = "docker.service.consul:5000/cthulhoo/ttrss-fpm-pgsql-static"
         volumes = [
           "${NOMAD_ALLOC_DIR}/data:/var/www/html"
         ]
@@ -115,7 +115,7 @@ job "tt-rss" {
     task "ttrss-frontend" {
       driver = "docker"
       config {
-        image = "nginx:alpine"
+        image = "docker.service.consul:5000/library/nginx:alpine"
         ports = [
           "http"
         ]
diff --git a/nomad-job/vaultwarden.nomad b/nomad-job/vaultwarden.nomad
index 105074c..b5b351b 100644
--- a/nomad-job/vaultwarden.nomad
+++ b/nomad-job/vaultwarden.nomad
@@ -54,7 +54,7 @@ job "vaultwarden" {
         }
       }
       config {
-        image = "vaultwarden/server"
+        image = "docker.service.consul:5000/vaultwarden/server"
         ports = ["http"]
         volumes = [
           "/mnt/diskstation/nomad/vaultwarden:/data"
diff --git a/nomad-job/vector.nomad b/nomad-job/vector.nomad
index 34fb44a..7eb19ac 100644
--- a/nomad-job/vector.nomad
+++ b/nomad-job/vector.nomad
@@ -15,7 +15,7 @@ job "vector" {
     task "vector" {
       driver = "docker"
       config {
-        image = "timberio/vector:0.34.1-alpine"
+        image = "docker.service.consul:5000/timberio/vector:0.34.1-alpine"
         ports = ["api"]
         volumes = [
           "/var/run/docker.sock:/var/run/docker.sock",
diff --git a/nomad-job/vikunja.nomad b/nomad-job/vikunja.nomad
index 4d3b1bf..6685f9b 100644
--- a/nomad-job/vikunja.nomad
+++ b/nomad-job/vikunja.nomad
@@ -41,7 +41,7 @@ job "vikunja" {
         ]
       }
       config {
-        image = "vikunja/vikunja"
+        image = "docker.service.consul:5000/vikunja/vikunja"
         ports = ["api","front"]
       }
       env {
diff --git a/nomad-job/volume/registry-docker.hcl b/nomad-job/volume/registry-docker.hcl
new file mode 100644
index 0000000..4c3f7c7
--- /dev/null
+++ b/nomad-job/volume/registry-docker.hcl
@@ -0,0 +1,17 @@
+type = "csi"
+id = "registry-docker"
+name = "registry-docker"
+plugin_id = "nfs"
+capability {
+	access_mode = "multi-node-multi-writer"
+	attachment_mode = "file-system"
+}
+context {
+  server = "nfs.service.consul"
+  share = "/exports/nomad/registry/docker"
+  mountPermissions = "0"  
+}
+mount_options {
+  fs_type = "nfs"
+  mount_flags = [ "timeo=30", "intr", "vers=3", "_netdev" , "nolock" ]
+}
diff --git a/nomad-job/volume/registry-ghcr.hcl b/nomad-job/volume/registry-ghcr.hcl
new file mode 100644
index 0000000..66540dd
--- /dev/null
+++ b/nomad-job/volume/registry-ghcr.hcl
@@ -0,0 +1,17 @@
+type = "csi"
+id = "registry-ghcr"
+name = "registry-ghcr"
+plugin_id = "nfs"
+capability {
+	access_mode = "multi-node-multi-writer"
+	attachment_mode = "file-system"
+}
+context {
+  server = "nfs.service.consul"
+  share = "/exports/nomad/registry/ghcr"
+  mountPermissions = "0"  
+}
+mount_options {
+  fs_type = "nfs"
+  mount_flags = [ "timeo=30", "intr", "vers=3", "_netdev" , "nolock" ]
+}
diff --git a/nomad-job/www.nomad b/nomad-job/www.nomad
index 93698c8..ee4bddc 100644
--- a/nomad-job/www.nomad
+++ b/nomad-job/www.nomad
@@ -36,7 +36,7 @@ job "www" {
     task "server" {
       driver = "docker"
       config {
-        image = "nginx"
+        image = "docker.service.consul:5000/library/nginx"
         ports = [
           "http"
         ]