diff --git a/bridgehead b/bridgehead
index fe4bb19..e1e1d0b 100755
--- a/bridgehead
+++ b/bridgehead
@@ -52,10 +52,10 @@ fetchVarsFromVaultByFile /etc/bridgehead/$PROJECT.conf || fail_and_report 1 "Una
 [ -e ./$PROJECT/vars ] && source ./$PROJECT/vars
 set +a
 
-OVERRIDE=""
+OVERRIDE=${OVERRIDE:=""}
 if [ -f "$PROJECT/docker-compose.override.yml" ]; then
 	log INFO "Applying $PROJECT/docker-compose.override.yml"
-	OVERRIDE+="-f ./$PROJECT/docker-compose.override.yml"
+	OVERRIDE+=" -f ./$PROJECT/docker-compose.override.yml"
 fi
 
 case "$ACTION" in
diff --git a/ccp/nngm-compose.yml b/ccp/nngm-compose.yml
new file mode 100644
index 0000000..c212fed
--- /dev/null
+++ b/ccp/nngm-compose.yml
@@ -0,0 +1,32 @@
+version: "3.7"
+
+services:
+  connector:
+    container_name: bridgehead-connector
+    image: docker.verbis.dkfz.de/ccp/connector:bk2
+    environment:
+      POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASSWORD}
+      NNGM_MAGICPL_APIKEY: ${NNGM_MAGICPL_APIKEY}
+      NNGM_MAINZELLISTE_APIKEY: ${NNGM_MAINZELLISTE_APIKEY}
+      NNGM_CTS_APIKEY: ${NNGM_CTS_APIKEY}
+      NNGM_CRYPTKEY: ${NNGM_CRYPTKEY}
+    restart: always
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.connector.rule=PathPrefix(`/ccp-connector`)"
+      - "traefik.http.services.connector.loadbalancer.server.port=8080"
+      - "traefik.http.routers.connector.tls=true"
+
+  connector_db:
+    image: postgres:9.5-alpine
+    container_name: bridgehead-ccp-connector-db
+    volumes:
+      - "connector_db_data:/var/lib/postgresql/data"
+    environment:
+      POSTGRES_DB: "samplyconnector"
+      POSTGRES_USER: "samplyconnector"
+      POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASSWORD}
+    restart: always
+
+volumes:
+  connector_db_data:
diff --git a/ccp/nngm-setup.sh b/ccp/nngm-setup.sh
new file mode 100644
index 0000000..08a6d43
--- /dev/null
+++ b/ccp/nngm-setup.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+function nngmSetup() {
+	if [ -n "$NNGM_CTS_APIKEY" ]; then
+		log INFO "nNGM setup detected -- will start nNGM Connector."
+		OVERRIDE+="-f ./$PROJECT/nngm-compose.yml"
+	fi
+}
+
+CONNECTOR_POSTGRES_PASSWORD="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
diff --git a/ccp/vars b/ccp/vars
index ce12d1a..f5f734e 100644
--- a/ccp/vars
+++ b/ccp/vars
@@ -7,3 +7,7 @@ REPORTHUB_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g'
 REPORTHUB_BEAM_SECRET_LONG="ApiKey report-hub.${PROXY_ID} ${REPORTHUB_BEAM_SECRET_SHORT}"
 SUPPORT_EMAIL=support-ccp@dkfz-heidelberg.de
 PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem
+
+# This will load nngm setup. Effective only if nngm configuration is defined.
+source $PROJECT/nngm-setup.sh
+nngmSetup
diff --git a/nngm/docker-compose.yml b/nngm/docker-compose.yml
deleted file mode 100644
index 3b28580..0000000
--- a/nngm/docker-compose.yml
+++ /dev/null
@@ -1,86 +0,0 @@
-version: "3.7"
-
-services:
-  traefik:
-    container_name: bridgehead-traefik
-    image: traefik:2.4
-    command:
-      - --api.insecure=true
-      - --entrypoints.web.address=:80
-      - --entrypoints.websecure.address=:443
-      - --providers.docker=true
-      - --entrypoints.web.http.redirections.entrypoint.to=websecure
-      - --entrypoints.web.http.redirections.entrypoint.scheme=https
-    ports:
-      - 80:80
-      - 443:443
-      - 8080:8080
-    volumes:
-      - ../certs:/tools/certs
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    extra_hosts:
-      - "host.docker.internal:host-gateway"
-
-  ### Does need to know the outside proxy to connect central components
-  forward_proxy:
-    container_name: bridgehead-squid
-    image: ubuntu/squid
-    environment:
-      http_proxy: ${http_proxy}
-      https_proxy: ${https_proxy}
-    volumes:
-      - "bridgehead-proxy:/var/log/squid"
-    
-## Needs internal proxy config
-  landing:
-    container_name: bridgehead-landingpage
-    image: samply/bridgehead-landingpage
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.landing.rule=PathPrefix(`/`)"
-      - "traefik.http.services.landing.loadbalancer.server.port=80"
-      - "traefik.http.routers.landing.tls=true"
-    environment:
-      HOST: ${HOST}
-      PROJECT: ${PROJECT}
-      SITE_NAME: ${SITE_NAME}
-
-  nngm-connector:
-      container_name: bridgehead-nngm-connector
-      image: "samply/share-client:nngm-feature-environmentPreconfiguration"
-      environment:
-        POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
-        NNGM_MAGICPL_APIKEY: ${NNGM_MAGICPL_APIKEY}
-        NNGM_MAINZELLISTE_APIKEY: ${NNGM_MAINZELLISTE_APIKEY}
-        NNGM_CTS_APIKEY: ${NNGM_CTS_APIKEY}
-        NNGM_CRYPTKEY: ${NNGM_CRYPTKEY}
-      volumes:
-        - "nngm-connector-logs:/usr/local/tomcat/logs"
-      labels:
-        - "traefik.enable=true"
-        - "traefik.http.routers.nngm_connector.rule=PathPrefix(`/nngm-connector`)"
-        - "traefik.http.services.nngm_connector.loadbalancer.server.port=8080"
-        - "traefik.http.routers.nngm_connector.tls=true"
-
-      depends_on:
-        - "nngm-connector-db"
-        - "forward_proxy"
-      ports:
-      - 5005:5005
-      restart: "always"
-
-  nngm-connector-db:
-      container_name: bridgehead-nngm-connector-db
-      image: "postgres:10.17"
-      environment:
-        POSTGRES_DB: "share_v2"
-        POSTGRES_USER: "samplyweb"
-        POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
-      volumes:
-        - "nngm-connector-db-data:/var/lib/postgresql/data"
-      restart: "always"
-
-volumes:
-  nngm-connector-db-data:
-  nngm-connector-logs:
-  bridgehead-proxy: