diff --git a/.gitea/workflows/build-and-deploy.yml b/.gitea/workflows/build-and-deploy.yml
index 0f50725..6ea7a2a 100644
--- a/.gitea/workflows/build-and-deploy.yml
+++ b/.gitea/workflows/build-and-deploy.yml
@@ -5,10 +5,15 @@ on:
     branches: [ main ]
 
 jobs:
+#───────────────── build, push & deploy (unified) ─────────────────
   build-and-deploy:
     runs-on: docker
     env:
-      REG: ${{ vars.REGISTRY_URL }}/${{ github.repository_owner }}
+      REG: ${{ vars.REGISTRY_URL }}
+      REPO_OWNER: ${{ github.repository_owner }}
+      APP_NAME: radiusnucleo
+      APP_DOMAIN: wifi.nucleoriofrio.com
+      # Variables sensibles de entorno desde secrets
       RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
       RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
     steps:
@@ -22,15 +27,23 @@ jobs:
 
       - name: Build+push radiusnucleo (with SPA)
         run: |
-          docker build -t $REG/radiusnucleo:${{ github.sha }} -t $REG/radiusnucleo:latest -f node-api/Dockerfile .
-          docker push $REG/radiusnucleo:${{ github.sha }}
-          docker push $REG/radiusnucleo:latest
+          docker build -t $REG/$REPO_OWNER/radiusnucleo:${{ github.sha }} -t $REG/$REPO_OWNER/radiusnucleo:latest -f node-api/Dockerfile .
+          docker push $REG/$REPO_OWNER/radiusnucleo:${{ github.sha }}
+          docker push $REG/$REPO_OWNER/radiusnucleo:latest
 
       - name: Build+push radiusnucleo-freeradius
         run: |
-          docker build -t $REG/radiusnucleo-freeradius:${{ github.sha }} -t $REG/radiusnucleo-freeradius:latest ./freeradius
-          docker push $REG/radiusnucleo-freeradius:${{ github.sha }}
-          docker push $REG/radiusnucleo-freeradius:latest
+          docker build -t $REG/$REPO_OWNER/radiusnucleo-freeradius:${{ github.sha }} -t $REG/$REPO_OWNER/radiusnucleo-freeradius:latest ./freeradius
+          docker push $REG/$REPO_OWNER/radiusnucleo-freeradius:${{ github.sha }}
+          docker push $REG/$REPO_OWNER/radiusnucleo-freeradius:latest
+
+      - name: Info about environment
+        run: |
+          echo "ℹ️  Deploying $APP_NAME"
+          echo "   Domain: $APP_DOMAIN"
+          echo "   Image Node: $REG/$REPO_OWNER/radiusnucleo:latest"
+          echo "   Image FreeRADIUS: $REG/$REPO_OWNER/radiusnucleo-freeradius:latest"
+          echo "   Networks: principal, radiusnucleo_radius_net"
 
       - name: Ensure external docker networks exist
         run: |
@@ -38,13 +51,19 @@ jobs:
           docker network inspect radiusnucleo_radius_net >/dev/null 2>&1 || docker network create radiusnucleo_radius_net
 
       - name: Pull fresh images used in compose
-        run: docker compose -f docker-compose.yml pull
+        env:
+          RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
+          RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
+        run: docker compose pull
 
       - name: Clean up stack
-        run: docker compose -f docker-compose.yml --project-name radiusnucleo down
+        env:
+          RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
+          RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
+        run: docker compose --project-name $APP_NAME down
 
       - name: Update stack
-        run: docker compose -f docker-compose.yml --project-name radiusnucleo up -d --remove-orphans
-
-      - name: Show service status
-        run: docker compose -f docker-compose.yml --project-name radiusnucleo ps
+        env:
+          RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
+          RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
+        run: docker compose --project-name $APP_NAME up -d --remove-orphans --wait
diff --git a/docker-compose.yml b/docker-compose.yml
index bced0a5..eb0ec4c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,14 +1,13 @@
+version: "3.9"
 
-  version: "3.9"
-
-  services:
-    radiusnucleo-node:
-      build:
-        context: .
-        dockerfile: node-api/Dockerfile
-      image: gitea.nucleoriofrio.com/nucleo000/radiusnucleo:latest
-      container_name: radiusnucleo-node-1
-      environment:
+services:
+  radiusnucleo-node:
+    build:
+      context: .
+      dockerfile: node-api/Dockerfile
+    image: ${REG}/${REPO_OWNER}/radiusnucleo:latest
+    container_name: radiusnucleo-node-1
+    environment:
         - VLAN_ID=2
         - MAX_UP=10000000
         - MAX_DOWN=10000000
@@ -20,12 +19,12 @@
         - PGDATABASE=radius
         - PGUSER=radius
         - PGPASSWORD=radius
-      networks:
+    networks:
         principal:
         radiusnucleo_radius_net:
           aliases:
             - node
-      labels:
+    labels:
         # Habilitar Traefik
         - "traefik.enable=true"
         - "traefik.docker.network=principal"
@@ -59,7 +58,7 @@
 
     freeradius:
       build: ./freeradius
-      image: gitea.nucleoriofrio.com/nucleo000/radiusnucleo-freeradius:latest
+      image: ${REG}/${REPO_OWNER}/radiusnucleo-freeradius:latest
       depends_on:
         - radiusnucleo-node
         - postgres
@@ -88,11 +87,11 @@
         - radiusnucleo_radius_net
         - principal
 
-  networks:
-    principal:
-      external: true
-    radiusnucleo_radius_net:
-      external: true
+networks:
+  principal:
+    external: true
+  radiusnucleo_radius_net:
+    external: true
 
-  volumes:
-    postgres_data:
\ No newline at end of file
+volumes:
+  postgres_data:
\ No newline at end of file