diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..769ff66
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,2 @@
+* @1024pix/team-captains
+* @1024pix/team-secu
\ No newline at end of file
diff --git a/bin/compile b/bin/compile
old mode 100644
new mode 100755
index be75d62..37bfd01
--- a/bin/compile
+++ b/bin/compile
@@ -2,19 +2,29 @@
 
 set -eo pipefail
 
-OAUTH2_PROXY_VERSION="v7.1.2"
-OAUTH2_PROXY_CHECKSUM="8a9c57d0b6c9dbb9b406923b8c9654c459ef85a608a44f10c998dfe0705a3379"
+OAUTH2_PROXY_VERSION="${OAUTH2_PROXY_VERSION:=v7.6.0}"
+OAUTH2_PROXY_CHECKSUM="5e2f84ded61074b5f33eeef2c9f6d2d94294bcc9f9802e78921f02189ece0988"
 
 BP_DIR="$(cd $(dirname "$0"); pwd)"
 BUILD_DIR="$1"
 
+test -z "$tmp_dir" && tmp_dir="$(mktemp -d)"
+mkdir -p "${tmp_dir}"
+tmp_dir="${tmp_dir%/}"
+
 mkdir -p "$BUILD_DIR/bin"
 
 echo "downloading oauth2-proxy..."
-wget --no-verbose "https://github.com/oauth2-proxy/oauth2-proxy/releases/download/${OAUTH2_PROXY_VERSION}/oauth2-proxy-${OAUTH2_PROXY_VERSION}.linux-amd64.tar.gz" -O oauth2-proxy.tar.gz
-echo "$OAUTH2_PROXY_CHECKSUM  oauth2-proxy.tar.gz" | sha256sum -c -
-tar -xzf oauth2-proxy.tar.gz -C "$BUILD_DIR/bin" --strip-components=1
-rm oauth2-proxy.tar.gz
+wget --no-verbose "https://github.com/oauth2-proxy/oauth2-proxy/releases/download/${OAUTH2_PROXY_VERSION}/oauth2-proxy-${OAUTH2_PROXY_VERSION}.linux-amd64.tar.gz" -O $tmp_dir/oauth2-proxy.tar.gz
+
+echo "$OAUTH2_PROXY_CHECKSUM  $tmp_dir/oauth2-proxy.tar.gz" | sha256sum -c -
+
+tar -xzf $tmp_dir/oauth2-proxy.tar.gz -C "$BUILD_DIR/bin" --strip-components=1
+
+
+
 
 # write out a start script
 cp "${BP_DIR}"/../scripts/start_*.sh "${BUILD_DIR}/bin"
+
+
diff --git a/scripts/start_static_oauth2_proxy.sh b/scripts/start_static_oauth2_proxy.sh
new file mode 100755
index 0000000..c2da9d5
--- /dev/null
+++ b/scripts/start_static_oauth2_proxy.sh
@@ -0,0 +1,35 @@
+#!/usr/bin/env bash
+
+set -e
+
+cd "$(dirname "$0")"
+
+if [ -z ${PORT+x} ]; then echo "please set PORT"; exit 1; fi
+if [ -z ${OAUTH2_PROXY_PROVIDER+x} ]; then echo "please set OAUTH2_PROXY_PROVIDER"; exit 1; fi
+if [ -z ${OAUTH2_PROXY_CLIENT_ID+x} ]; then echo "please set OAUTH2_PROXY_CLIENT_ID"; exit 1; fi
+if [ -z ${OAUTH2_PROXY_CLIENT_SECRET+x} ]; then echo "please set OAUTH2_PROXY_CLIENT_SECRET"; exit 1; fi
+if [ -z ${OAUTH2_PROXY_COOKIE_SECRET+x} ]; then echo "please set OAUTH2_PROXY_COOKIE_SECRET"; exit 1; fi
+
+OAUTH2_PROXY_SET_XAUTHREQUEST="${OAUTH2_PROXY_SET_XAUTHREQUEST:-true}"
+export OAUTH2_PROXY_SET_XAUTHREQUEST
+
+OAUTH2_PROXY_PASS_ACCESS_TOKEN="${OAUTH2_PROXY_PASS_ACCESS_TOKEN:-true}"
+export OAUTH2_PROXY_PASS_ACCESS_TOKEN
+
+OAUTH2_PROXY_HTTP_ADDRESS="${OAUTH2_PROXY_HTTP_ADDRESS:-http://:$PORT}"
+export OAUTH2_PROXY_HTTP_ADDRESS
+
+if [ -n "${OAUTH2_EMAIL_DOMAIN}" ]; then
+    OAUTH2_PROXY_EMAIL_DOMAINS="${OAUTH2_EMAIL_DOMAIN}"
+else
+    OAUTH2_PROXY_EMAIL_DOMAINS="*"
+fi
+export OAUTH2_PROXY_EMAIL_DOMAINS
+
+if [ -n "${OAUTH2_GITHUB_ORG}" ]; then
+    OAUTH2_PROXY_GITHUB_ORG="${OAUTH2_GITHUB_ORG}"
+    export OAUTH2_PROXY_GITHUB_ORG
+fi
+
+echo "starting oauth2-proxy..."
+exec ./oauth2-proxy --upstream file:///app/dist/#/