diff --git a/services/cojedzie-next/stack.yml b/services/cojedzie-next/stack.yml
index 2208703..a646045 100644
--- a/services/cojedzie-next/stack.yml
+++ b/services/cojedzie-next/stack.yml
@@ -1,17 +1,18 @@
-version: '{{ compose_version }}'
+version: "{{ compose_version }}"
 
 services:
   api:
-    image: registry.kadet.net/cojedzie/api:next
-    networks: 
+    image: {{ cojedzie_image_base }}/api:{{ cojedzie_version }}
+    networks:
       - "{{ ingress_network }}"
       - default
-    volumes: 
+    volumes:
       - db_data:/var/db
     environment:
       - TRUSTED_PROXIES=10.0.0.0/8
     env_file:
-      - ./environment
+      - ./api.env
+      - ./sentry.env
     deploy:
       mode: replicated
       replicas: 1
@@ -20,40 +21,42 @@ services:
         order: start-first
       labels:
         - traefik.enable=true
-        - traefik.http.routers.{{ service }}-api.rule=Host(`{{ cojedzie_domain }}`) && PathPrefix(`/api/`)
+        - traefik.http.routers.{{ service }}-api.rule=({{ traefik_routing_rule }}) && (PathPrefix(`/api/`) || PathPrefix(`/bundles/`))
         - traefik.http.routers.{{ service }}-api.priority=100
         - traefik.http.routers.{{ service }}-api.tls=true
         - traefik.http.routers.{{ service }}-api.tls.certresolver=lets-encrypt
         - traefik.http.services.{{ service }}-api.loadbalancer.server.port=8080
-  
+
   cron:
-    image: registry.kadet.net/cojedzie/cron:next
+    image: {{ cojedzie_image_base }}/cron:{{ cojedzie_version }}
     env_file:
-      - ./environment
-    volumes: 
+      - ./api.env
+      - ./sentry.env
+    volumes:
       - db_data:/var/db
     depends_on:
       - api
-  
+
   worker:
-    image: registry.kadet.net/cojedzie/worker:next
+    image: {{ cojedzie_image_base }}/worker:{{ cojedzie_version }}
     env_file:
-      - ./environment
-    volumes: 
+      - ./api.env
+      - ./sentry.env
+    volumes:
       - db_data:/var/db
     depends_on:
       - api
 
   mercure:
-    image: dunglas/mercure
-    networks: 
+    image: dunglas/mercure:{{ cojedzie_mercure_version|default('latest') }}
+    networks:
       - "{{ ingress_network }}"
       - default
     environment:
-      SERVER_NAME: ':80'
+      SERVER_NAME: ":80"
       USE_FORWARDED_HEADERS: 1
-      MERCURE_PUBLISHER_JWT_KEY: '{{ cojedzie_mercure_jwt_key }}'
-      MERCURE_SUBSCRIBER_JWT_KEY: '{{ cojedzie_mercure_jwt_key }}'
+      MERCURE_PUBLISHER_JWT_KEY: "{{ cojedzie_mercure_jwt_key }}"
+      MERCURE_SUBSCRIBER_JWT_KEY: "{{ cojedzie_mercure_jwt_key }}"
     volumes:
       - mercure_data:/data
       - mercure_config:/config
@@ -62,21 +65,21 @@ services:
       replicas: 1
       labels:
         - traefik.enable=true
-        - traefik.http.routers.{{ service }}-mercure.rule=Host(`{{ cojedzie_domain }}`) && PathPrefix(`/.well-known/mercure`)
+        - traefik.http.routers.{{ service }}-mercure.rule=({{ traefik_routing_rule }}) && PathPrefix(`/.well-known/mercure`)
         - traefik.http.routers.{{ service }}-mercure.tls=true
         - traefik.http.routers.{{ service }}-mercure.tls.certresolver=lets-encrypt
         - traefik.http.services.{{ service }}-mercure.loadbalancer.server.port=80
 
   front:
-    image: registry.kadet.net/cojedzie/front:next
-    networks: 
+    image: {{ cojedzie_image_base }}/front:{{ cojedzie_version }}
+    networks:
       - "{{ ingress_network }}"
       - default
     depends_on:
       - api
-    environment:
-      - COJEDZIE_GTM={{ cojedzie_gtm }}
-      - COJEDZIE_MAPTILER_KEY={{ cojedzie_maptiler }}
+    env_file:
+      - ./front.env
+      - ./sentry.env
     deploy:
       mode: replicated
       replicas: 1
@@ -85,7 +88,7 @@ services:
         order: start-first
       labels:
         - traefik.enable=true
-        - traefik.http.routers.{{ service }}-front.rule=Host(`{{ service }}.{{ main_domain }}`) || Host(`{{ cojedzie_domain }}`)
+        - traefik.http.routers.{{ service }}-front.rule={{ traefik_routing_rule }}
         - traefik.http.routers.{{ service }}-front.tls=true
         - traefik.http.routers.{{ service }}-front.tls.certresolver=lets-encrypt
         - traefik.http.routers.{{ service }}-front.middlewares=gzip@file
diff --git a/services/cojedzie-next/tasks/config.yaml b/services/cojedzie-next/tasks/config.yaml
index f2a679a..7480a7d 100644
--- a/services/cojedzie-next/tasks/config.yaml
+++ b/services/cojedzie-next/tasks/config.yaml
@@ -1,7 +1,13 @@
 ---
-- name: 'Generate env_file for "{{ service }}"'
+- name: 'Generate env files for "{{ service }}"'
   template:
-    src: "{{ service_path }}/environment"
-    dest: "{{ remote_service_path }}/environment"
+    src: "{{ service_path }}/templates/{{ file }}"
+    dest: "{{ remote_service_path }}/{{ file }}"
   tags:
     - config
+  loop_control:
+    loop_var: file
+  with_items:
+    - api.env
+    - front.env
+    - sentry.env
diff --git a/services/cojedzie-next/tasks/pre-deploy.yaml b/services/cojedzie-next/tasks/pre-deploy.yaml
index 9da2d01..bffe138 100644
--- a/services/cojedzie-next/tasks/pre-deploy.yaml
+++ b/services/cojedzie-next/tasks/pre-deploy.yaml
@@ -1,14 +1,15 @@
 ---
 - name: 'Pull all images for "{{ service }}"'
+  when: cojedzie_force_pull_images|default(false)
   community.docker.docker_image:
     name: "{{ image }}"
     source: pull
     force_source: yes
   with_items:
-   - registry.kadet.net/cojedzie/front:next
-   - registry.kadet.net/cojedzie/api:next
-   - registry.kadet.net/cojedzie/worker:next
-   - registry.kadet.net/cojedzie/cron:next
+    - "{{ cojedzie_image_base }}/front:{{ cojedzie_version }}"
+    - "{{ cojedzie_image_base }}/api:{{ cojedzie_version }}"
+    - "{{ cojedzie_image_base }}/worker:{{ cojedzie_version }}"
+    - "{{ cojedzie_image_base }}/cron:{{ cojedzie_version }}"
   loop_control:
     loop_var: image
   notify:
diff --git a/services/cojedzie-next/environment b/services/cojedzie-next/templates/api.env
similarity index 80%
rename from services/cojedzie-next/environment
rename to services/cojedzie-next/templates/api.env
index b3fbcd7..707be8f 100644
--- a/services/cojedzie-next/environment
+++ b/services/cojedzie-next/templates/api.env
@@ -3,3 +3,6 @@ MERCURE_PUBLIC_URL=https://{{ cojedzie_domain }}/.well-known/mercure
 MERCURE_JWT_SECRET={{ cojedzie_mercure_jwt_key }}
 
 DATABASE_URL=mysql://{{ cojedzie_database.user }}:{{ cojedzie_database.password }}@{{ database_mysql_host }}/{{ cojedzie_database.name }}?serverVersion=mariadb-10.7.1
+
+SENTRY_DSN={{ sentry_dsn_api }}
+SENTRY_SAMPLE_RATE={{ sentry_sample_rate_api }}
diff --git a/services/cojedzie-next/templates/front.env b/services/cojedzie-next/templates/front.env
new file mode 100644
index 0000000..99cca6f
--- /dev/null
+++ b/services/cojedzie-next/templates/front.env
@@ -0,0 +1,9 @@
+COJEDZIE_GTM={{ cojedzie_gtm }}
+COJEDZIE_MAPTILER_KEY={{ cojedzie_maptiler }}
+COJEDZIE_API=http://api:8080
+COJEDZIE_API_HUB=https://{{ cojedzie_domain }}
+
+SENTRY_DSN={{ sentry_dsn_front }}
+SENTRY_SAMPLE_RATE={{ sentry_sample_rate_front }}
+SENTRY_TRACE_RATE={{ sentry_trace_rate|default(0.1) }}
+SENTRY_SESSION_RATE={{ sentry_session_rate|default(0.1) }}
diff --git a/services/cojedzie-next/templates/sentry.env b/services/cojedzie-next/templates/sentry.env
new file mode 100644
index 0000000..df7bc9f
--- /dev/null
+++ b/services/cojedzie-next/templates/sentry.env
@@ -0,0 +1 @@
+SENTRY_ENVIRONMENT={{ sentry_environment }}
diff --git a/services/cojedzie-next/vars/main.yml b/services/cojedzie-next/vars/main.yml
index bd02a4b..a5acc2a 100644
--- a/services/cojedzie-next/vars/main.yml
+++ b/services/cojedzie-next/vars/main.yml
@@ -1,13 +1,23 @@
 ---
 cojedzie_domain: next.cojedzie.pl
-cojedzie_update_cron: 0 0 4 * * * 
+cojedzie_update_cron: 0 0 4 * * *
 cojedzie_gtm: ""
 cojedzie_mercure_jwt_key: !vault |
-          $ANSIBLE_VAULT;1.1;AES256
-          63343966303066626336623630636330363437646133393865303933613337336362343638363862
-          6438346633663334626136353033663536633937623239660a303032306564323462626638616534
-          39373765623739623134336332326537613338353936376434353263616630393062613365613638
-          3739383365353837310a613931333264386365663730646163383639383563313066643438326465
-          30633666343736323539326133626664356462356466323366633738613436636535353963663536
-          3837383838613130646365633232613530303863393866613830
+  $ANSIBLE_VAULT;1.1;AES256
+  63343966303066626336623630636330363437646133393865303933613337336362343638363862
+  6438346633663334626136353033663536633937623239660a303032306564323462626638616534
+  39373765623739623134336332326537613338353936376434353263616630393062613365613638
+  3739383365353837310a613931333264386365663730646163383639383563313066643438326465
+  30633666343736323539326133626664356462356466323366633738613436636535353963663536
+  3837383838613130646365633232613530303863393866613830
 cojedzie_maptiler: 1gwEkcI3lbNcEb0MOoOu
+cojedzie_image_base: registry.kadet.net/cojedzie
+cojedzie_version: next
+sentry_dsn_api: https://fd114053dd724e0eb16011ac0da16ba1@o4505224124891136.ingest.sentry.io/4505224126332928
+sentry_dsn_front: https://2815d4e0251240fcb9cd8c81c31e86fe@o4505224124891136.ingest.sentry.io/4505224128233472
+sentry_sample_rate_api: 0.005
+sentry_sample_rate_front: 0.05
+sentry_session_replay_rate: 0.01
+sentry_error_replay_rate: 0.25
+sentry_environment: next
+traefik_routing_rule: "Host(`{{ cojedzie_domain }}`) || Host(`{{ service }}.{{ main_domain }}`)"