diff --git a/reverse-proxy.conf b/reverse-proxy.conf
new file mode 100644
index 0000000..027932f
--- /dev/null
+++ b/reverse-proxy.conf
@@ -0,0 +1,82 @@
+#workadventure
+upstream workadventure {
+ server 172.21.0.1:9999;
+}
+
+# HTTP
+server {
+    
+  listen 80;
+  server_name *.workadventure.domain.tld;
+
+  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
+  location / {
+      proxy_redirect off;
+      proxy_pass http://workadventure;
+  }
+
+  # Add Headers for proxy mode
+  proxy_set_header X-Forwarded-Host $host;
+  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+  proxy_set_header X-Real-IP $remote_addr;
+  proxy_set_header Host $host;
+  proxy_set_header Accept-Encoding "";
+#  add_header Access-Control-Allow-Origin *;
+
+  proxy_set_header Upgrade $http_upgrade;
+  proxy_set_header Connection $http_connection;
+  proxy_http_version 1.1;
+
+}
+
+server {
+  listen 443 ssl;
+  server_name *.workadventure.domain.tld;
+  
+  # Add Headers for proxy mode
+  proxy_set_header X-Forwarded-Host $host;
+  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+#  proxy_set_header X-Forwarded-Proto $scheme;
+  proxy_set_header X-Real-IP $remote_addr;
+  proxy_set_header Host $host;
+  proxy_set_header Accept-Encoding "";
+#  add_header Access-Control-Allow-Origin *;
+
+  proxy_set_header Upgrade $http_upgrade;
+  proxy_set_header Connection $http_connection;
+  proxy_http_version 1.1;
+
+  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
+  # Upload limit and security
+  client_max_body_size 10000m;
+  server_tokens off;
+
+  # Buffer_size
+  proxy_buffer_size 512k;
+  proxy_buffers 4 512k;
+  proxy_busy_buffers_size 512k;
+
+  #fastcgi_buffers 16 32k;
+  #fastcgi_buffer_size 64k;
+  #fastcgi_busy_buffers_size 64k;
+
+  # SSL parameters
+  ssl_session_timeout 30m;
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+
+  # logs
+  access_log /var/log/nginx/workadventure.access.log;
+  error_log /var/log/nginx/workadventure.error.log;
+
+  # Redirect requests to https
+  location / {
+     proxy_redirect off;
+     proxy_pass http://workadventure;
+  }
+
+    ssl_certificate /etc/letsencrypt/live/workadventure.domaine.tld/fullchain.pem; 
+    ssl_certificate_key /etc/letsencrypt/live/workadventure.domaine.tld/privkey.pem;
+}
+