From 7fe633c47647f1d08cc5960cfc665e3635e1a9f9 Mon Sep 17 00:00:00 2001
From: tuanvu <tuan-minh.vu@univ-rennes1.fr>
Date: Fri, 13 Feb 2026 16:04:25 +0100
Subject: [PATCH] add certbot but have to re-see because need to specify domain
 and email

---
 dockercompose/docker-compose.yml | 13 ++++++++++++-
 nginx.conf                       | 12 ++++++++++++
 2 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/dockercompose/docker-compose.yml b/dockercompose/docker-compose.yml
index b79e99b..981c221 100644
--- a/dockercompose/docker-compose.yml
+++ b/dockercompose/docker-compose.yml
@@ -1,5 +1,4 @@
 services:
-
   front:
     build:
       context: ..
@@ -8,6 +7,8 @@ services:
       - "80:80"
     volumes:
       - ../doodlestudent/front:/app
+      - ./certbot/www:/var/www/certbot:ro
+      - ./certbot/conf:/etc/letsencrypt:ro
     environment:
       - FLASK_ENV=development
     depends_on:
@@ -18,6 +19,16 @@ services:
     networks:
       - app-network
 
+# https://stackoverflow.com/questions/57591868/how-correctly-install-ssl-certificate-using-certbot-in-docker
+  certbot:
+    image: certbot/certbot:latest
+    container_name: certbot
+    depends_on:
+      - front
+    volumes:
+      - ./certbot/www/:/var/www/certbot/:rw
+      - ./certbot/conf/:/etc/letsencrypt/:rw
+
   back:
     build:
       context: ..
diff --git a/nginx.conf b/nginx.conf
index d3203f0..b7010ce 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -2,10 +2,19 @@ server {
     listen 80;
     listen [::]:80;
     server_name _;
+    #    server_name subdomain.your-domain.com;
+    #     server_tokens off;
 
     root /usr/share/nginx/html;
     index index.html;
 
+    ##########################
+    # Lets enkript
+    ##########################
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;  # Root directory for Certbot challenges
+    }
+
     ##########################
     # API
     ##########################
@@ -34,6 +43,9 @@ server {
     ##########################
     location / {
         try_files $uri $uri/ /index.html;
+        # proxy_pass http://subdomain.your-domain.com:3000;
+        # Proxy requests to backend application running on port
+        # A revoir dans lets encrypt
     }
 
     error_page   500 502 503 504  /50x.html;