diff --git a/base.yml b/base.yml
index 035a6e8..76a5f39 100644
--- a/base.yml
+++ b/base.yml
@@ -84,6 +84,40 @@ services:
       #- --serversTransport.insecureSkipVerify=true
     restart: unless-stopped
 
+  portal:
+    build:
+      context: ./compose/production/portal/
+      dockerfile: Dockerfile
+    image: mistborn_production_portal
+    container_name: mistborn_production_portal
+    ports:
+      - "10.2.3.1:5001:80"
+    environment:
+      - SERVER_REDIRECT=home.mistborn
+    # optionally define path to redirect all requests
+    # if not set nginx var $request_uri is used
+    #- SERVER_REDIRECT_PATH=/landingpage
+    # optionally define schema to redirect all requests
+    # if not set but X-Forwarded-Proto is send as request header with value 'https' this will be used.
+    # In all other cases nginx var `$scheme` is used
+    #- SERVER_REDIRECT_SCHEME=https
+    # optionally define the http code to use for redirection
+    # allowed Codes are: 301, 302, 303, 307, 308, default is 301
+    #- SERVER_REDIRECT_CODE=301
+    # optionally define the http code to redirect POST requests
+    # if not set or not in allowed Codes, SERVER_REDIRECT_CODE will be used
+    #- SERVER_REDIRECT_POST_CODE=
+    # optionally define the http code to redirect PUT, PATCH and DELETE requests
+    # if not set or not in allowed Codes, SERVER_REDIRECT_CODE will be used
+    #- SERVER_REDIRECT_PUT_PATCH_DELETE_CODE=
+    # optionally define the location for the nginx access log
+    # if not set /dev/stdout is used
+    #- SERVER_ACCESS_LOG=/dev/null
+    # optionally define the location for the nginx error log
+    # if not set /dev/stderr is used
+    #- SERVER_ERROR_LOG=/dev/null
+    restart: unless-stopped
+  
   redis:
     image: redis:5.0
     container_name: mistborn_production_redis
diff --git a/compose/production/portal/Dockerfile b/compose/production/portal/Dockerfile
new file mode 100644
index 0000000..99a9b76
--- /dev/null
+++ b/compose/production/portal/Dockerfile
@@ -0,0 +1,8 @@
+FROM nginx:alpine
+
+ADD run.sh /run.sh
+ADD default.conf /etc/nginx/conf.d/default.conf
+
+RUN chmod +x /run.sh
+
+CMD ["/run.sh"]
\ No newline at end of file
diff --git a/compose/production/portal/default.conf b/compose/production/portal/default.conf
new file mode 100644
index 0000000..be0b82b
--- /dev/null
+++ b/compose/production/portal/default.conf
@@ -0,0 +1,29 @@
+map $http_x_forwarded_proto $redirect_scheme {
+    default $scheme;
+    https https;
+}
+
+server {
+    listen       80;
+    listen       [::]:80;
+    server_name  ${SERVER_NAME};
+
+    # cherry picked from https://github.com/schmunk42/docker-nginx-redirect/pull/8
+    if ($request_method = POST) {
+        return ${SERVER_REDIRECT_POST_CODE} ${SERVER_REDIRECT_SCHEME}://${SERVER_REDIRECT}${SERVER_REDIRECT_PATH};
+    }
+
+    if ($request_method ~ PUT|PATCH|DELETE) {
+        return ${SERVER_REDIRECT_PUT_PATCH_DELETE_CODE} ${SERVER_REDIRECT_SCHEME}://${SERVER_REDIRECT}${SERVER_REDIRECT_PATH};
+    }
+
+    return ${SERVER_REDIRECT_CODE} ${SERVER_REDIRECT_SCHEME}://${SERVER_REDIRECT}${SERVER_REDIRECT_PATH};
+
+    # redirect server error pages to the static page /50x.html
+    #
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+
+}
\ No newline at end of file
diff --git a/compose/production/portal/run.sh b/compose/production/portal/run.sh
new file mode 100755
index 0000000..6ff495a
--- /dev/null
+++ b/compose/production/portal/run.sh
@@ -0,0 +1,54 @@
+#!/usr/bin/env sh
+
+if [ ! -n "$SERVER_REDIRECT" ] ; then
+    echo "Environment variable SERVER_REDIRECT is not set, exiting."
+    exit 1
+fi
+
+# set server name from optional ENV var
+if [ ! -n "$SERVER_NAME" ] ; then
+    SERVER_NAME='localhost'
+fi
+
+# set redirect code from optional ENV var
+# allowed Status Codes are: 301, 302, 303, 307, 308
+expr match "$SERVER_REDIRECT_CODE" '30[12378]$' > /dev/null || SERVER_REDIRECT_CODE='301'
+
+# set redirect code from optional ENV var for POST requests
+expr match "$SERVER_REDIRECT_POST_CODE" '30[12378]$' > /dev/null || SERVER_REDIRECT_POST_CODE=$SERVER_REDIRECT_CODE
+
+# set redirect code from optional ENV var for PUT, PATCH and DELETE requests
+expr match "$SERVER_REDIRECT_PUT_PATCH_DELETE_CODE" '30[12378]$' > /dev/null || SERVER_REDIRECT_PUT_PATCH_DELETE_CODE=$SERVER_REDIRECT_CODE
+
+# set redirect path from optional ENV var
+if [ ! -n "$SERVER_REDIRECT_PATH" ] ; then
+    SERVER_REDIRECT_PATH='$request_uri'
+fi
+
+# set redirect scheme from optional ENV var
+if [ ! -n "$SERVER_REDIRECT_SCHEME" ] ; then
+    SERVER_REDIRECT_SCHEME='$redirect_scheme'
+fi
+
+# set access log location from optional ENV var
+if [ ! -n "$SERVER_ACCESS_LOG" ] ; then
+    SERVER_ACCESS_LOG='/dev/stdout'
+fi
+
+# set error log location from optional ENV var
+if [ ! -n "$SERVER_ERROR_LOG" ] ; then
+    SERVER_ERROR_LOG='/dev/stderr'
+fi
+
+sed -i "s|\${SERVER_REDIRECT}|${SERVER_REDIRECT}|" /etc/nginx/conf.d/default.conf
+sed -i "s|\${SERVER_NAME}|${SERVER_NAME}|" /etc/nginx/conf.d/default.conf
+sed -i "s|\${SERVER_REDIRECT_CODE}|${SERVER_REDIRECT_CODE}|" /etc/nginx/conf.d/default.conf
+sed -i "s|\${SERVER_REDIRECT_POST_CODE}|${SERVER_REDIRECT_POST_CODE}|" /etc/nginx/conf.d/default.conf
+sed -i "s|\${SERVER_REDIRECT_PUT_PATCH_DELETE_CODE}|${SERVER_REDIRECT_PUT_PATCH_DELETE_CODE}|" /etc/nginx/conf.d/default.conf
+sed -i "s|\${SERVER_REDIRECT_PATH}|${SERVER_REDIRECT_PATH}|" /etc/nginx/conf.d/default.conf
+sed -i "s|\${SERVER_REDIRECT_SCHEME}|${SERVER_REDIRECT_SCHEME}|" /etc/nginx/conf.d/default.conf
+
+ln -sfT "$SERVER_ACCESS_LOG" /var/log/nginx/access.log
+ln -sfT "$SERVER_ERROR_LOG" /var/log/nginx/error.log
+
+exec nginx -g 'daemon off;'
\ No newline at end of file