diff --git a/.drone.yml b/.drone.yml
new file mode 100644
index 0000000..d86fa52
--- /dev/null
+++ b/.drone.yml
@@ -0,0 +1,37 @@
+---
+kind: pipeline
+type: docker
+name: pull_request
+image_pull_secrets:
+  - dockerconfigjson
+steps:
+  - name: lint yaml
+    image: registry.fedy95.com/baseimage-yamllint:latest
+    commands:
+      - yamllint -c /yamllint/relaxed.yaml docker-compose.yml
+    when:
+      event: pull_request
+---
+kind: pipeline
+type: ssh
+name: master_push
+clone:
+  disable: true
+server:
+  host:
+    from_secret: host
+  user:
+    from_secret: user
+  password:
+    from_secret: password
+steps:
+  - name: deploy
+    commands:
+      - cd /home/fedy95/infra/autossl-synology
+      - git pull
+trigger:
+  branch:
+    - master
+  event:
+    - push
+...
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..7eb71ca
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+/env/instance.env
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..2555725
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,20 @@
+FROM scratch
+
+ARG REGISTRY
+ARG REGISTRY_USERNAME
+ARG REGISTRY_PASSWORD
+
+RUN ["docker", "login", "${REGISTRY}", "-u${REGISTRY_USERNAME}", "-p${REGISTRY_PASSWORD}"]
+
+
+FROM registy.fedy95.com/baseimage-autossl:latest
+
+ARG DOMAIN
+ARG GD_Key
+ARG GD_Secret
+
+RUN ["export", "${GD_Key}"]
+RUN ["export", "${GD_Secret}"]
+RUN ["acme.sh", "--issue", "--dns", "dns_gd", "-d", "${DOMAIN}", "--reloadcmd", "'/usr/syno/sbin/synoservicecfg --reload httpd-sys'"]
+
+RUN ["docker", "logout", "${REGISTRY}"]
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..9b51af2
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,15 @@
+MAKEFLAGS += --silent
+.PHONY: *
+
+REGISTRY=registry.fedy95.com
+YAMLLINT_TAG=baseimage-yamllint:latest
+
+lint: lint-yaml
+
+LINT-YAML-CMD=docker run --rm -it -v $(PWD):/data ${REGISTRY}/${YAMLLINT_TAG}
+lint-yaml:
+	docker pull ${REGISTRY}/${YAMLLINT_TAG}
+	$(LINT-YAML-CMD) docker-compose.yml
+
+
+.DEFAULT_GOAL := lint
diff --git a/README.md b/README.md
index 781ca69..0a4dc83 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,12 @@
-### template [![Build Status](https://drone.fedy95.com/api/badges/infra/template/status.svg)](https://drone.fedy95.com/infra/template)
+### autossl-synology [![Build Status](https://drone.fedy95.com/api/badges/infra/autossl-synology/status.svg)](https://drone.fedy95.com/infra/autossl-synology)
 
-Base repository for new infra-repos
+### how it works
+
+- https://github.com/acmesh-official/acme.sh
+- https://github.com/acmesh-official/acme.sh/wiki/dnsapi#4-use-godaddycom-domain-api-to-automatically-issue-cert
+
+---
+
+### services
+
+- https://gitea.fedy95.com/baseimage/autossl
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..2f718ef
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,14 @@
+---
+version: "3"
+services:
+  instance:
+    build:
+      context: .
+    container_name: autossl-synology
+    hostname: autossl-synology
+
+    env_file: env/instance.env
+    volumes:
+      - ./etc/instance/server.crt:/usr/syno/etc/ssl/ssl.crt/server.crt
+      - ./etc/instance/server.key:/usr/syno/etc/ssl/ssl.crt/server.key
+...
diff --git a/env/instance.env-dist b/env/instance.env-dist
new file mode 100644
index 0000000..04a116d
--- /dev/null
+++ b/env/instance.env-dist
@@ -0,0 +1,7 @@
+REGISTRY=
+REGISTRY_USERNAME=
+REGISTRY_PASSWORD=
+
+DOMAIN=
+GD_Key=
+GD_Secret=
diff --git a/etc/instance/.gitignore b/etc/instance/.gitignore
new file mode 100644
index 0000000..d6b7ef3
--- /dev/null
+++ b/etc/instance/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore