diff --git a/.gitea/workflows/build-and-deploy.yml b/.gitea/workflows/build-and-deploy.yml
index 56dba9f..74dda25 100644
--- a/.gitea/workflows/build-and-deploy.yml
+++ b/.gitea/workflows/build-and-deploy.yml
@@ -25,39 +25,32 @@ jobs:
           echo "   Container: ${{ vars.APP_NAME }}"
           echo "   Network: principal"
 
-      - name: Create required directories
-        run: |
-          mkdir -p meshcentral-data
-          mkdir -p meshcentral-files
-          mkdir -p meshcentral-backup
-          mkdir -p meshcentral-config
-
-      - name: Pull latest MeshCentral image
-        run: docker pull ghcr.io/ylianst/meshcentral:latest
-
-      - name: Pull fresh images used in compose
-        run: docker compose pull
-
       - name: Clean up existing stack
-        run: docker compose --project-name $APP_NAME down
+        run: docker compose --project-name $APP_NAME down || true
 
-      - name: Remove old config to force regeneration
+      - name: Create and clean MeshCentral directories
         run: |
-          # SOLO borrar config.json para regenerar configuración
-          # NUNCA borrar *.db (bases de datos), *.crt/*.key (certificados de agentes)
-          rm -f meshcentral-data/config.json
+          # Crear directorios fijos en /srv/meshcentral
+          sudo mkdir -p /srv/meshcentral/data
+          sudo mkdir -p /srv/meshcentral/files
+          sudo mkdir -p /srv/meshcentral/backup
+          sudo mkdir -p /srv/meshcentral/config
+
+          # Limpiar SOLO el config.json (empezar de cero según el usuario)
+          sudo rm -rf /srv/meshcentral/data/*
+          sudo rm -rf /srv/meshcentral/files/*
 
       - name: Generate MeshCentral config.json
         run: |
-          cat > meshcentral-data/config.json <<'EOF'
+          sudo tee /srv/meshcentral/data/config.json > /dev/null <<'EOF'
           {
             "settings": {
               "cert": "${{ vars.APP_DOMAIN }}",
-              "port": 4430,
+              "port": 443,
               "aliasPort": 443,
-              "redirPort": 0,
+              "redirPort": 80,
               "AgentPong": 300,
-              "TlsOffload": "127.0.0.1",
+              "TlsOffload": false,
               "SelfUpdate": false,
               "AllowFraming": false,
               "WebRTC": true,
@@ -100,10 +93,10 @@ jobs:
 
       - name: Set correct permissions
         run: |
-          chmod -R 755 meshcentral-data
-          chmod -R 755 meshcentral-files
-          chmod -R 755 meshcentral-backup
-          chmod -R 755 meshcentral-config
+          sudo chmod -R 755 /srv/meshcentral/data
+          sudo chmod -R 755 /srv/meshcentral/files
+          sudo chmod -R 755 /srv/meshcentral/backup
+          sudo chmod -R 755 /srv/meshcentral/config
 
       - name: Start MeshCentral stack
         run: docker compose --project-name $APP_NAME up -d --remove-orphans --wait
diff --git a/docker-compose.yml b/docker-compose.yml
index 8be6f20..c6c3208 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -8,10 +8,10 @@ services:
     ports:
       - "${MESH_PORT:-4430}:4430"
     volumes:
-      - ./meshcentral-data:/opt/meshcentral/meshcentral-data
-      - ./meshcentral-files:/opt/meshcentral/meshcentral-files
-      - ./meshcentral-backup:/opt/meshcentral/meshcentral-backup
-      - ./meshcentral-config:/opt/meshcentral/meshcentral-config
+      - /srv/meshcentral/data:/opt/meshcentral/meshcentral-data
+      - /srv/meshcentral/files:/opt/meshcentral/meshcentral-files
+      - /srv/meshcentral/backup:/opt/meshcentral/meshcentral-backup
+      - /srv/meshcentral/config:/opt/meshcentral/meshcentral-config
     environment:
       - HOSTNAME=${APP_DOMAIN}
       - REVERSE_PROXY=traefik