diff --git a/setup.sh b/setup.sh
index 32d6507..4471482 100644
--- a/setup.sh
+++ b/setup.sh
@@ -363,7 +363,21 @@ EOF
 
 
 
-# === NPM конфиг с безопасными паролями ===
+# Генерация паролей и .env
+safe_mkdir "/opt/npm"
+cat <<EOF > /opt/npm/.env
+# =========================
+# Database Configuration
+# =========================
+DB_ROOT_PASSWORD=$(generate_password 16)
+DB_NAME=npm_db_1
+DB_USER=db_admin_user_npm_db
+DB_USER_PASSWORD=$(generate_password 16)
+EOF
+chmod 600 /opt/npm/.env
+log_success "NPM .env файл сгенерирован"
+
+# Генерация docker-compose.yml для NPM
 cat <<EOF > /opt/npm/docker-compose.yml
 services:
   app:
@@ -374,12 +388,8 @@ services:
       - "80:80"
       - "443:443"
       - "8181:81"
-    environment:
-      DB_MYSQL_HOST: "db"
-      DB_MYSQL_PORT: "3306"
-      DB_MYSQL_USER: "${DB_USER}"
-      DB_MYSQL_PASSWORD: "${DB_USER_PASSWORD}"
-      DB_MYSQL_NAME: "${DB_NAME}"
+    env_file:
+      - .env
     volumes:
       - "./data:/data"
       - "./letsencrypt:/etc/letsencrypt"
@@ -393,11 +403,8 @@ services:
     image: jc21/mariadb-aria:latest
     container_name: npm_db
     restart: unless-stopped
-    environment:
-      MYSQL_ROOT_PASSWORD: "${DB_ROOT_PASSWORD}"
-      MYSQL_DATABASE: "${DB_NAME}"
-      MYSQL_USER: "${DB_USER}"
-      MYSQL_PASSWORD: "${DB_USER_PASSWORD}"
+    env_file:
+      - .env
     volumes:
       - "./mysql:/var/lib/mysql"
     networks:
@@ -410,6 +417,7 @@ networks:
     external: true
 EOF
 
+
 # Сохраняем пароли в защищенный файл
 cat <<EOF > /opt/npm/.env
 # =========================