diff --git a/.env b/.env
index 2741026..4a4fc47 100644
--- a/.env
+++ b/.env
@@ -4,4 +4,6 @@ ALFRESCO_LICENSE_DIR=~/alfresco/license
 PROXY_PROTOCOL=http
 PROXY_HOST=localhost
 PROXY_PORT=8080
-IDENTITY_SERVICE_BASEURL=http://auth.example.org:8080
+IDENTITY_SERVICE_PROTOCOL=http
+IDENTITY_SERVICE_HOST=auth.example.org
+IDENTITY_SERVICE_PORT=8080
diff --git a/docker-compose.yml b/docker-compose.yml
index 8213c45..d11751a 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,7 +1,7 @@
 # Sourced from https://github.com/Alfresco/acs-deployment/blob/4.0.3/docker-compose/docker-compose.yml
 #
 # Using version 2 as 3 does not support resource constraint options (cpu_*, mem_* limits) for non swarm mode in Compose
-version: "2"
+version: "2.1"
 
 services:
     platform:
@@ -50,16 +50,21 @@ services:
 
                 -Dauthentication.chain=aims:identity-service,builtin:alfrescoNtlm
                 -Didentity-service.authentication.defaultAdministratorUserNames=admin.1
-                -Didentity-service.auth-server-url=${IDENTITY_SERVICE_BASEURL}/auth
+                -Didentity-service.auth-server-url=${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth
                 
                 -Dsystem.content.eagerOrphanCleanup=true
                 -Dsystem.content.orphanProtectDays=0
                 -Djodconverter.enabled=false
                 "
         depends_on:
-            - postgres-acs
-            - activemq
-            - shared-file-store
+            postgres-acs:
+                condition: service_started
+            activemq:
+                condition: service_started
+            shared-file-store:
+                condition: service_started
+            identity:
+                condition: service_healthy
         volumes:
             - "$ALFRESCO_LICENSE_DIR/acs:/usr/local/tomcat/shared/classes/alfresco/extension/license:ro"
             - acsbin-volume:/usr/local/tomcat/alf_data:rw
@@ -105,7 +110,7 @@ services:
                 -Daims.enabled=true
                 -Daims.realm=alfresco
                 -Daims.resource=acs-share
-                -Daims.authServerUrl=${IDENTITY_SERVICE_BASEURL}/auth
+                -Daims.authServerUrl=${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth
                 -Daims.sslRequired=none
                 -Daims.publicClient=true
                 -Daims.autodetectBearerOnly=true
@@ -158,7 +163,7 @@ services:
                 -Drepo.port=8080
                 -Ddw.server.applicationConnectors[0].type=http
                 -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80
-                -Didentity-service.auth-server-url=${IDENTITY_SERVICE_BASEURL}/auth
+                -Didentity-service.auth-server-url=${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth
                 -Didentity-service.resource=acs-sync
                 "
         depends_on:
@@ -171,9 +176,13 @@ services:
         environment:
             BASE_PATH: ./
             APP_CONFIG_ECM_HOST: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}"
-            APP_BASE_SHARE_URL: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}/#/preview/s"
+            APP_CONFIG_BPM_HOST: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}"
+            APP_BASE_SHARE_URL: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}/workspace/#/preview/s"
+            APP_CONFIG_PROVIDER: "ALL"
+            APP_CONFIG_PLUGIN_PROCESS_SERVICE: "true"
+            #APP_CONFIG_PLUGIN_PROCESS_AUTOMATION: "true"
             APP_CONFIG_AUTH_TYPE: OAUTH
-            APP_CONFIG_OAUTH2_HOST: "${IDENTITY_SERVICE_BASEURL}/auth/realms/alfresco"
+            APP_CONFIG_OAUTH2_HOST: "${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth/realms/alfresco"
             APP_CONFIG_OAUTH2_CLIENTID: alfresco
             APP_CONFIG_OAUTH2_IMPLICIT_FLOW: "true"
             APP_CONFIG_OAUTH2_REDIRECT_LOGIN: "/workspace/"
@@ -193,7 +202,7 @@ services:
             ACTIVITI_ES_REST_CLIENT_PORT: 9200
             ACTIVITI_ES_REST_CLIENT_SCHEMA: http
             IDENTITY_SERVICE_ENABLED: "true"
-            IDENTITY_SERVICE_AUTH: $IDENTITY_SERVICE_BASEURL/auth
+            IDENTITY_SERVICE_AUTH: ${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth
             JAVA_OPTS: "-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"
         depends_on:
             - postgres-aps
@@ -260,13 +269,19 @@ services:
         environment:
             KEYCLOAK_USER: admin
             KEYCLOAK_PASSWORD: admin
-            KEYCLOAK_HOSTNAME: auth.example.org
+            KEYCLOAK_HOSTNAME: ${IDENTITY_SERVICE_HOST}
             KEYCLOAK_IMPORT: /tmp/keycloak-alfresco-realm.json
             KEYCLOAK_STATISTICS: enabled
         networks:
             default:
                 aliases:
-                    - "auth.example.org"
+                    - "${IDENTITY_SERVICE_HOST}"
+        healthcheck:
+            test: ["CMD", "curl", "-f", "http://localhost:8080/auth"]
+            interval: 10s
+            timeout: 10s
+            # Really long startup times on Windows
+            retries: 18
         volumes:
             - ./keycloak-alfresco-realm.json:/tmp/keycloak-alfresco-realm.json:ro
             - keycloak-volume:/opt/jboss/keycloak/standalone/data:rw