diff --git a/host_vars/sapt-labn-prx01.yml b/host_vars/sapt-labn-prx01.yml
deleted file mode 100644
index 69c5e8e..0000000
--- a/host_vars/sapt-labn-prx01.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-# vim: ft=yaml.ansible
-# code: language=ansible
----
-proxy_mode: global
diff --git a/host_vars/sapt-labn-prx02.yml b/host_vars/sapt-labn-prx02.yml
deleted file mode 100644
index 8b8a290..0000000
--- a/host_vars/sapt-labn-prx02.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-# vim: ft=yaml.ansible
-# code: language=ansible
----
-proxy_mode: local
diff --git a/inventory.ini b/inventory.ini
index 78f25b8..4403425 100644
--- a/inventory.ini
+++ b/inventory.ini
@@ -14,7 +14,6 @@ sapt-labs-db01      ansible_host=sapt-labs-db01.servers.local.sapti.me
 
 [proxy_shd]
 sapt-labn-prx01     ansible_host=sapt-labn-prx01.servers.local.sapti.me
-sapt-labn-prx02     ansible_host=sapt-labn-prx02.servers.local.sapti.me
 
 [monitoring_shd]
 sapt-labn-mon01     ansible_host=sapt-labn-mon01.servers.local.sapti.me
diff --git a/roles/apps/defaults/main.yml b/roles/apps/defaults/main.yml
index 0390146..930fa5d 100644
--- a/roles/apps/defaults/main.yml
+++ b/roles/apps/defaults/main.yml
@@ -1,8 +1,8 @@
 # vim: ft=yaml.ansible
 # code: language=ansible
 ---
-apps_base_domain: "example.com"
-apps_local_domain: "local.{{ apps_base_domain }}"
+apps_base_domain: example.com
+apps_local_domain: local.{{ apps_base_domain }}
 apps_data_root: /apps
 apps_shared_docker_network: apps_network
 apps_postfix_docker_network: postfix_network
@@ -10,56 +10,48 @@ apps_postfix_docker_network: postfix_network
 apps_vars:
   postfix:
     domain: smtp.{{ apps_base_domain }}
-    volume: "{{ apps_data_root }}/postfix"
-    extra_tasks: true
+    backup: true
+    extra_tasks: false
     version: latest-alpine
 
-  emby:
-    domain: watch.{{ apps_base_domain }}
-    volume: "{{ apps_data_root }}/emby"
-    extra_tasks: true
-    version: latest
-
   ipfs:
     domain: ipfs.{{ apps_local_domain }}
     gateway_domain: ipfs-gateway.{{ apps_base_domain }}
-    volume: "{{ apps_data_root }}/ipfs"
+    backup: false
     extra_tasks: true
     version: v0.23.0
 
   monerod:
     domain: xmr.{{ apps_base_domain }}
-    volume: "{{ apps_data_root }}/monerod"
-    extra_tasks: true
+    backup: false
+    extra_tasks: false
     version: latest
 
   nextcloud:
     domain: cloud.{{ apps_base_domain }}
-    volume: "{{ apps_data_root }}/nextcloud"
+    backup: true
     extra_tasks: true
     version: 27-apache
     postgres_version: 14-alpine
     redis_version: 7-alpine
 
   snowflake:
+    backup: false
     extra_tasks: false
     version: latest
 
   restic:
+    backup: false
     extra_tasks: false
     version: '1.7.0'
 
   watchtower:
+    backup: false
     extra_tasks: false
     version: '1.6.0'
 
 apps_include: "{{ apps_vars | dict2items | map(attribute='key') | list }}"
-
-apps_restic_volumes: |
-  - "/var/run/docker.sock:/var/run/docker.sock:rw"
-  - "{{ apps_vars.postfix.volume }}:/mnt/volumes/postfix:ro"
-  - "{{ apps_vars.emby.volume }}:/mnt/volumes/emby:ro"
-  - "{{ apps_vars.nextcloud.volume }}:/mnt/volumes/nextcloud:ro"
+apps_backup: "{{ apps_vars | dict2items | selectattr('value.backup', 'true') | map(attribute='key') | list }}"
 
 apps_sender_domains:
   - "{{ apps_vars.nextcloud.domain }}"
diff --git a/roles/apps/tasks/configure_app.yml b/roles/apps/tasks/configure_app.yml
index 51e9594..8756313 100644
--- a/roles/apps/tasks/configure_app.yml
+++ b/roles/apps/tasks/configure_app.yml
@@ -1,20 +1,27 @@
 # vim: ft=yaml.ansible
 # code: language=ansible
 ---
-- name: Create volume folder for app {{ app_name }}
+- name: Create app folder for {{ app_name }}
   ansible.builtin.file:
-    name: "{{ app_vars.volume }}"
+    name: "{{ apps_data_root }}/{{ app_name }}"
     owner: root
     mode: u=rwx,go=
     state: directory
 
-- name: Upload Compose file for app {{ app_name }}
+- name: Upload Compose file for {{ app_name }}
   ansible.builtin.template:
     src: compose-files/{{ app_name }}.yml.j2
-    dest: "{{ app_vars.volume }}/docker-compose.yml"
+    dest: "{{ apps_data_root }}/{{ app_name }}/docker-compose.yml"
     owner: root
     mode: u=rw,go=
 
-- name: Run extra configuration tasks for app {{ app_name }}
+- name: Create data folder for {{ app_name }}
+  ansible.builtin.file:
+    name: "{{ apps_data_root }}/{{ app_name }}/data"
+    owner: root
+    mode: u=rwx,g=rx,o=rx
+    state: directory
+
+- name: Run extra configuration tasks for {{ app_name }}
   ansible.builtin.include_tasks: extra_tasks/{{ app_name }}.yml
   when: app_vars.extra_tasks is defined and app_vars.extra_tasks
diff --git a/roles/apps/tasks/extra_tasks/ipfs.yml b/roles/apps/tasks/extra_tasks/ipfs.yml
index 448ba49..89fbd75 100644
--- a/roles/apps/tasks/extra_tasks/ipfs.yml
+++ b/roles/apps/tasks/extra_tasks/ipfs.yml
@@ -8,14 +8,14 @@
     mode: u=rwx,g=rx,o=rx
     state: directory
   loop:
-    - "{{ apps_vars.ipfs.volume }}/data"
-    - "{{ apps_vars.ipfs.volume }}/staging"
+    - "{{ apps_data_root }}/ipfs/data/data"
+    - "{{ apps_data_root }}/ipfs/data/staging"
   loop_control:
     loop_var: dir
 
 - name: Copy ipfs-config.sh
   ansible.builtin.copy:
     src: ipfs/ipfs-config.sh
-    dest: "{{ apps_vars.ipfs.volume }}/ipfs-config.sh"
+    dest: "{{ apps_data_root }}/ipfs/data/ipfs-config.sh"
     owner: root
     mode: u=rwx,g=rx,o=rx
diff --git a/roles/apps/tasks/extra_tasks/monerod.yml b/roles/apps/tasks/extra_tasks/monerod.yml
deleted file mode 100644
index 5f51f50..0000000
--- a/roles/apps/tasks/extra_tasks/monerod.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-# vim: ft=yaml.ansible
-# code: language=ansible
----
-- name: Create subfolder for Monero blockchain
-  ansible.builtin.file:
-    name: "{{ apps_vars.monerod.volume }}/blockchain"
-    owner: '1000'
-    mode: u=rwx,g=rx,o=rx
-    state: directory
diff --git a/roles/apps/tasks/extra_tasks/nextcloud.yml b/roles/apps/tasks/extra_tasks/nextcloud.yml
index 3f50cd8..d1f3e78 100644
--- a/roles/apps/tasks/extra_tasks/nextcloud.yml
+++ b/roles/apps/tasks/extra_tasks/nextcloud.yml
@@ -3,14 +3,14 @@
 ---
 - name: Create subfolder for Nextcloud Apache2 config
   ansible.builtin.file:
-    name: "{{ apps_vars.nextcloud.volume }}/apache2"
+    name: "{{ apps_data_root }}/nextcloud/data/apache2"
     owner: root
     mode: u=rwx,g=rx,o=rx
     state: directory
 
 - name: Create subfolder for Nextcloud data
   ansible.builtin.file:
-    name: "{{ apps_vars.nextcloud.volume }}/app"
+    name: "{{ apps_data_root }}/nextcloud/data/app"
     owner: root
     group: '33'
     mode: u=rwx,g=rx,o=rx
@@ -19,6 +19,6 @@
 - name: Copy Apache2 remoteip config file
   ansible.builtin.template:
     src: nextcloud/remoteip.conf.j2
-    dest: "{{ apps_vars.nextcloud.volume }}/apache2/remoteip.conf"
+    dest: "{{ apps_data_root }}/nextcloud/data/apache2/remoteip.conf"
     owner: root
     mode: u=rw,g=r,o=r
diff --git a/roles/apps/tasks/extra_tasks/postfix.yml b/roles/apps/tasks/extra_tasks/postfix.yml
deleted file mode 100644
index badbfe3..0000000
--- a/roles/apps/tasks/extra_tasks/postfix.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-# vim: ft=yaml.ansible
-# code: language=ansible
----
-- name: Create subfolder for Postfix DKIM keys
-  ansible.builtin.file:
-    name: "{{ apps_vars.postfix.volume }}/dkim"
-    owner: root
-    mode: u=rwx,g=rx,o=rx
-    state: directory
diff --git a/roles/apps/templates/compose-files/ipfs.yml.j2 b/roles/apps/templates/compose-files/ipfs.yml.j2
index 2ea2330..f5be190 100644
--- a/roles/apps/templates/compose-files/ipfs.yml.j2
+++ b/roles/apps/templates/compose-files/ipfs.yml.j2
@@ -17,9 +17,9 @@ services:
       - 4001:4001/tcp
       - 4001:4001/udp
     volumes:
-      - "./ipfs-config.sh:/container-init.d/ipfs-config.sh:ro"
-      - "./data:/data/ipfs:rw"
-      - "./staging:/export:rw"
+      - "./data/ipfs-config.sh:/container-init.d/ipfs-config.sh:ro"
+      - "./data/data:/data/ipfs:rw"
+      - "./data/staging:/export:rw"
 
 networks:
   {{ apps_shared_docker_network }}:
diff --git a/roles/apps/templates/compose-files/monerod.yml.j2 b/roles/apps/templates/compose-files/monerod.yml.j2
index 429d5c0..55d7afc 100644
--- a/roles/apps/templates/compose-files/monerod.yml.j2
+++ b/roles/apps/templates/compose-files/monerod.yml.j2
@@ -12,7 +12,7 @@ services:
     ports:
       - 18080:18080/tcp
     volumes:
-      - "./blockchain:/home/monero/.bitmonero:rw"
+      - "./data:/home/monero/.bitmonero:rw"
 
 networks:
   {{ apps_shared_docker_network }}:
diff --git a/roles/apps/templates/compose-files/nextcloud.yml.j2 b/roles/apps/templates/compose-files/nextcloud.yml.j2
index 24f177c..cf776af 100644
--- a/roles/apps/templates/compose-files/nextcloud.yml.j2
+++ b/roles/apps/templates/compose-files/nextcloud.yml.j2
@@ -38,8 +38,8 @@ services:
         aliases:
           - nextcloud
     volumes:
-      - "./app:/var/www/html:rw"
-      - "./apache2/remoteip.conf:/etc/apache2/conf-enabled/remoteip.conf:ro"
+      - "./data/app:/var/www/html:rw"
+      - "./data/apache2/remoteip.conf:/etc/apache2/conf-enabled/remoteip.conf:ro"
     depends_on:
       - redis
 
@@ -48,7 +48,7 @@ services:
     restart: always
     entrypoint: /cron.sh
     volumes:
-      - "./app:/var/www/html:rw"
+      - "./data/app:/var/www/html:rw"
     depends_on:
       - app
 
diff --git a/roles/apps/templates/compose-files/postfix.yml.j2 b/roles/apps/templates/compose-files/postfix.yml.j2
index 1e8bba6..750b8b3 100644
--- a/roles/apps/templates/compose-files/postfix.yml.j2
+++ b/roles/apps/templates/compose-files/postfix.yml.j2
@@ -12,7 +12,7 @@ services:
     networks:
       - {{ apps_postfix_docker_network }}
     volumes:
-      - "./dkim:/etc/opendkim/keys:rw"
+      - "./data:/etc/opendkim/keys:rw"
 
 networks:
   {{ apps_postfix_docker_network }}:
diff --git a/roles/apps/templates/compose-files/restic.yml.j2 b/roles/apps/templates/compose-files/restic.yml.j2
index f83fda3..476878f 100644
--- a/roles/apps/templates/compose-files/restic.yml.j2
+++ b/roles/apps/templates/compose-files/restic.yml.j2
@@ -12,7 +12,7 @@ services:
       RESTIC_PASSWORD: {{ restic.repo.password }}
       RESTIC_BACKUP_SOURCES: /mnt/volumes
       RESTIC_BACKUP_ARGS: >-
-        --tag docker-volumes
+        --tag data-volumes
         --exclude '*.tmp'
         --verbose
       RESTIC_FORGET_ARGS: >-
@@ -21,14 +21,20 @@ services:
         --keep-weekly 5
         --keep-monthly 12
       PRE_COMMANDS: |-
-        docker exec -u www-data nextcloud_app_1 php occ maintenance:mode --on
+        docker compose -f {{ apps_data_root }}/nextcloud/docker-compose.yml exec -u www-data app php occ maintenance:mode --on
       POST_COMMANDS_EXIT: |-
-        docker exec -u www-data nextcloud_app_1 php occ maintenance:mode --off
+        docker compose -f {{ apps_data_root }}/nextcloud/docker-compose.yml exec -u www-data app php occ maintenance:mode --off
       B2_ACCOUNT_ID: {{ restic.b2.id }}
       B2_ACCOUNT_KEY: {{ restic.b2.key }}
       TZ: {{ timezone }}
     volumes:
-      {{ apps_restic_volumes }}
+      - "/var/run/docker.sock:/var/run/docker.sock:rw"
+      - "/usr/libexec/docker/cli-plugins/docker-compose:/usr/libexec/docker/cli-plugins/docker-compose:ro"
+{% for app in apps_backup %}
+{% if app in apps_include %}
+      - "{{ apps_data_root }}/{{ app }}/data:/mnt/volumes/{{ app }}:ro"
+{% endif %}
+{% endfor %}
 
   prune:
     image: mazzolino/restic:{{ apps_vars.restic.version }}