diff --git a/docker-compose.minimal.yml b/docker-compose.minimal.yml
new file mode 100644
index 000000000..5fabd0108
--- /dev/null
+++ b/docker-compose.minimal.yml
@@ -0,0 +1,96 @@
+version: '3.8'
+
+services:
+  # --- GATEKEEPER (NGINX) ---
+  nginx:
+    image: nginx:alpine
+    container_name: gateway_proxy
+    restart: unless-stopped
+    ports:
+      - "8090:80"
+    volumes:
+      - ./nginx-proxy.minimal.conf:/etc/nginx/nginx.conf:ro
+      - ./.htpasswd:/etc/nginx/.htpasswd:ro
+    depends_on:
+      company-explorer:
+        condition: service_healthy
+      lead-engine:
+        condition: service_started
+      transcription-tool:
+        condition: service_started
+
+  # --- APPS ---
+  company-explorer:
+    build:
+      context: ./company-explorer
+      dockerfile: Dockerfile
+    container_name: company-explorer
+    restart: unless-stopped
+    ports:
+      - "8000:8000"
+    environment:
+      API_USER: "admin"
+      API_PASSWORD: "gemini"
+      PYTHONUNBUFFERED: "1"
+      DATABASE_URL: "sqlite:////data/companies_v3_fixed_2.db"
+      GEMINI_API_KEY: "${GEMINI_API_KEY}"
+      SERP_API_KEY: "${SERP_API}"
+      NOTION_TOKEN: "${NOTION_API_KEY}"
+    volumes:
+      - ./company-explorer:/app
+      - explorer_db_data:/data
+      - ./Log_from_docker:/app/logs_debug
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8000/docs"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 30s
+
+  lead-engine:
+    build:
+      context: ./lead-engine
+      dockerfile: Dockerfile
+    container_name: lead-engine
+    restart: unless-stopped
+    ports:
+      - "8501:8501" # UI (Streamlit)
+      - "8004:8004" # API / Monitor
+      - "8099:8004" # Direct Test Port
+    environment:
+      PYTHONUNBUFFERED: "1"
+      GEMINI_API_KEY: "${GEMINI_API_KEY}"
+      SERP_API: "${SERP_API}"
+      INFO_Application_ID: "${INFO_Application_ID}"
+      INFO_Tenant_ID: "${INFO_Tenant_ID}"
+      INFO_Secret: "${INFO_Secret}"
+      CAL_APPID: "${CAL_APPID}"
+      CAL_SECRET: "${CAL_SECRET}"
+      CAL_TENNANT_ID: "${CAL_TENNANT_ID}"
+      TEAMS_WEBHOOK_URL: "${TEAMS_WEBHOOK_URL}"
+      FEEDBACK_SERVER_BASE_URL: "${FEEDBACK_SERVER_BASE_URL}"
+      WORDPRESS_BOOKING_URL: "${WORDPRESS_BOOKING_URL}"
+      MS_BOOKINGS_URL: "${MS_BOOKINGS_URL}"
+    volumes:
+      - ./lead-engine:/app
+      - lead_engine_data:/app/data
+
+  transcription-tool:
+    build:
+      context: ./transcription-tool
+      dockerfile: Dockerfile
+    container_name: transcription-tool
+    restart: unless-stopped
+    ports:
+      - "8001:8001"
+    environment:
+      GEMINI_API_KEY: "${GEMINI_API_KEY}"
+      UPLOAD_DIR: "/app/uploads"
+    volumes:
+      - transcription_uploads:/app/uploads
+      - ./Log_from_docker:/app/logs_debug
+
+volumes:
+  explorer_db_data: {}
+  lead_engine_data: {}
+  transcription_uploads: {}
diff --git a/nginx-proxy.minimal.conf b/nginx-proxy.minimal.conf
new file mode 100644
index 000000000..3a52cc578
--- /dev/null
+++ b/nginx-proxy.minimal.conf
@@ -0,0 +1,77 @@
+events {
+    worker_connections 1024;
+}
+
+http {
+    include       mime.types;
+    default_type  application/octet-stream;
+    
+    access_log /dev/stdout;
+    error_log /dev/stderr;
+
+    client_max_body_size 50M;
+    proxy_read_timeout 1200s;
+    proxy_connect_timeout 1200s;
+    proxy_send_timeout 1200s;
+    send_timeout 1200s;
+
+    resolver 127.0.0.11 valid=30s ipv6=off;
+
+    server {
+        listen 80;
+
+        # Default catch-all
+        location / {
+            auth_basic "Restricted Access - Local AI Suite";
+            auth_basic_user_file /etc/nginx/.htpasswd;
+            # Redirect to Company Explorer as a sensible default
+            return 302 /ce/; 
+        }
+
+        location /ce/ {
+            auth_basic "Restricted Access - Local AI Suite";
+            auth_basic_user_file /etc/nginx/.htpasswd;
+            proxy_pass http://company-explorer:8000/;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+        }
+
+        location /lead/ {
+            auth_basic "Restricted Access - Local AI Suite";
+            auth_basic_user_file /etc/nginx/.htpasswd;
+            proxy_pass http://lead-engine:8501/;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+            proxy_http_version 1.1; 
+            proxy_read_timeout 86400;
+        }
+
+        location /tr/ {
+            auth_basic "Restricted Access - Local AI Suite";
+            auth_basic_user_file /etc/nginx/.htpasswd;
+            rewrite ^/tr/(.*) /$1 break;
+            proxy_pass http://transcription-tool:8001;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+        }
+        
+        location /feedback/ {
+            auth_basic off;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+            rewrite ^/feedback/(.*)$ /$1 break;
+            proxy_pass http://lead-engine:8004;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+}